/*
|
Nutzerverwaltung - A Generic User Manager
|
Copyright (c) 2016 Ulrich Hilger
|
|
This program is free software: you can redistribute it and/or modify
|
it under the terms of the GNU Affero General Public License as published by
|
the Free Software Foundation, either version 3 of the License, or
|
(at your option) any later version.
|
|
This program is distributed in the hope that it will be useful,
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
GNU Affero General Public License for more details.
|
|
You should have received a copy of the GNU Affero General Public License
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
*/
|
package de.uhilger.um.api;
|
|
import de.uhilger.baselink.GenericRecord;
|
import de.uhilger.baselink.PersistenceManager;
|
import de.uhilger.baselink.Record;
|
import de.uhilger.um.App;
|
import de.uhilger.um.Digester;
|
import de.uhilger.um.daten.User;
|
import de.uhilger.um.daten.UserRole;
|
import java.sql.Connection;
|
import java.util.List;
|
|
/**
|
* Klasse zur Verwaltung von Benutzern und Rollen
|
* in einer Datenbank. Die Datenbankverbindung wird
|
* vom zentralen Anwendungsobjekt bereitgestellt.
|
*
|
* Die SQL-Befehle finden sich in WEB-INF/sql.properties
|
*
|
* @author Copyright (c) Ulrich Hilger, http://uhilger.de
|
* @author Published under the terms and conditions of the
|
* <a href="http://www.gnu.org/licenses/agpl-3.0" target="_blank">GNU Affero
|
* General Public License</a>
|
*
|
* @version 2, December 27, 2016
|
*/
|
public class UserMgr {
|
|
private static final Record UserMapper = new GenericRecord(User.class);
|
private static final Record UserRoleMapper = new GenericRecord(UserRole.class);
|
|
public static final String SQL_GET_USER_LIST = "getUserList";
|
public static final String SQL_GET_USER_NAME_LIST = "getUserNameList";
|
public static final String SQL_GET_ROLE_LIST = "getRoleList";
|
public static final String SQL_GET_USER_ROLES = "getUserRoles";
|
public static final String SQL_DELETE_USER = "deleteUser";
|
public static final String SQL_DELETE_USER_ROLES = "deleteUserRoles";
|
|
/* ----------- Benutzer -------------- */
|
|
public User createUser(User user) {
|
String kw = user.getPw();
|
String digestedPw = App.getDigester().digest(kw, Digester.MD5, null);
|
user.setPw(digestedPw);
|
App.getDatabase().insert(user, UserMapper);
|
return user;
|
}
|
|
public List getUserNameList() {
|
String sql = App.getSqlStatement(SQL_GET_USER_NAME_LIST);
|
List userNames = App.getDatabase().select(sql, App.WITHOUT_BLOBS);
|
return userNames;
|
}
|
|
public User deleteUser(User user) {
|
PersistenceManager pm = App.getDatabase();
|
Connection c = pm.getConnection();
|
pm.startTransaction(c);
|
String sql = App.getSqlStatement(SQL_DELETE_USER_ROLES);
|
pm.execute(c, sql, user.getId());
|
User deletedUser = (User) pm.delete(c, user, UserMapper);
|
pm.commit(c);
|
return deletedUser;
|
}
|
|
/* ------------ Rollen ------------------ */
|
|
public UserRole grantRole(String userId, String roleName) {
|
UserRole ur = new UserRole();
|
ur.setRole(roleName);
|
ur.setUser(userId);
|
App.getDatabase().insert(ur, UserRoleMapper);
|
return ur;
|
}
|
|
public UserRole revokeRole(String userId, String roleName) {
|
UserRole ur = new UserRole();
|
ur.setRole(roleName);
|
ur.setUser(userId);
|
App.getDatabase().delete(ur, UserRoleMapper);
|
return ur;
|
}
|
|
public List getRoleNamesGranted() {
|
String sql = App.getSqlStatement(SQL_GET_ROLE_LIST);
|
List roleNames = App.getDatabase().select(sql, App.WITHOUT_BLOBS);
|
return roleNames;
|
}
|
|
public List getUserRoleNames(String userId) {
|
String sql = App.getSqlStatement(SQL_GET_USER_ROLES);
|
List roleNames = App.getDatabase().select(sql, App.WITHOUT_BLOBS, userId);
|
return roleNames;
|
}
|
|
}
|
