| | |
|---|
| | | import de.uhilger.baselink.GenericRecord; |
|---|
| | | import de.uhilger.baselink.PersistenceManager; |
|---|
| | | import de.uhilger.baselink.Record; |
|---|
| | | import de.uhilger.transit.web.RequestKontext; |
|---|
| | | import de.uhilger.transit.web.WebKontext; |
|---|
| | | import de.uhilger.um.Digester; |
|---|
| | | import de.uhilger.um.daten.User; |
|---|
| | | import de.uhilger.um.daten.UserData; |
|---|
| | | import de.uhilger.um.daten.UserRole; |
|---|
| | | import java.sql.Connection; |
|---|
| | | import java.util.List; |
|---|
| | | import java.util.Properties; |
|---|
| | | import java.util.logging.Logger; |
|---|
| | | import javax.servlet.ServletContext; |
|---|
| | | import javax.servlet.http.HttpServletRequest; |
|---|
| | | |
|---|
| | | /** |
|---|
| | | * <p>Die Methoden der Klasse UserMgr sind |
|---|
| | |
|---|
| | | * |
|---|
| | | * @version 2, December 27, 2016 |
|---|
| | | */ |
|---|
| | | public class UserMgr implements WebKontext { |
|---|
| | | public class UserMgr implements WebKontext, RequestKontext { |
|---|
| | | |
|---|
| | | private static final Logger logger = Logger.getLogger(UserMgr.class.getName()); |
|---|
| | | |
|---|
| | | /** Zeiger zum Servlet-Kontext dieser Anwendung */ |
|---|
| | | private ServletContext ctx; |
|---|
| | | |
|---|
| | | private HttpServletRequest request; |
|---|
| | | |
|---|
| | | /** Name, unter dem das Properties-Objekt mit den SQL-Befehlen im ServletContext hinterlegt ist */ |
|---|
| | | public static final String UM_SQL_PROPERTIES = "umSqlProperties"; |
|---|
| | |
|---|
| | | |
|---|
| | | /** Mapper-Objekt fuer Benutzer */ |
|---|
| | | private static final Record UserMapper = new GenericRecord(User.class); |
|---|
| | | /** Mapper-Objekt fuer Benutzerdaten */ |
|---|
| | | //private static final Record UserDataMapper = new GenericRecord(UserData.class); |
|---|
| | | /** Mapper-Objekt fuer Benutzerrollen */ |
|---|
| | | private static final Record UserRoleMapper = new GenericRecord(UserRole.class); |
|---|
| | | |
|---|
| | |
|---|
| | | String kw = user.getPw(); |
|---|
| | | String digesterClassName = ctx.getInitParameter(P_DIGESTER); |
|---|
| | | Digester digester = (Digester) Class.forName(digesterClassName).newInstance(); |
|---|
| | | String digestedPw = digester.digest(kw, Digester.MD5, null); |
|---|
| | | /* |
|---|
| | | MD5 geht nicht mehr, |
|---|
| | | vgl. http://stackoverflow.com/questions/39967289/how-to-use-digest-authentication-in-tomcat-8-5 |
|---|
| | | */ |
|---|
| | | String digestedPw = digester.digest(kw, Digester.SHA256, null); |
|---|
| | | user.setPw(digestedPw); |
|---|
| | | getDb().insert(user, UserMapper); |
|---|
| | | return user; |
|---|
| | | } |
|---|
| | | |
|---|
| | | public List getUserNameList() { |
|---|
| | | return getDb().select(getSql(SQL_GET_USER_NAME_LIST), WITHOUT_BLOBS); |
|---|
| | | return removeHeadline(getDb().select(getSql(SQL_GET_USER_NAME_LIST), WITHOUT_BLOBS)); |
|---|
| | | } |
|---|
| | | |
|---|
| | | public User deleteUser(User user) { |
|---|
| | |
|---|
| | | return deletedUser; |
|---|
| | | } |
|---|
| | | |
|---|
| | | /* ------------ Rollen ------------------ */ |
|---|
| | | |
|---|
| | | public UserRole grantRole(String userId, String roleName) { |
|---|
| | | UserRole ur = new UserRole(); |
|---|
| | | ur.setRole(roleName); |
|---|
| | | ur.setUser(userId); |
|---|
| | | getDb().insert(ur, UserRoleMapper); |
|---|
| | | return ur; |
|---|
| | | public String logout() { |
|---|
| | | getRequest().getSession().invalidate(); |
|---|
| | | return "logged out"; |
|---|
| | | } |
|---|
| | | |
|---|
| | | public UserRole revokeRole(String userId, String roleName) { |
|---|
| | | UserRole ur = new UserRole(); |
|---|
| | | ur.setRole(roleName); |
|---|
| | | ur.setUser(userId); |
|---|
| | | getDb().delete(ur, UserRoleMapper); |
|---|
| | | return ur; |
|---|
| | | /* ------------ Rollen ------------------ */ |
|---|
| | | |
|---|
| | | public UserRole grantRole(UserRole role) { |
|---|
| | | getDb().insert(role, UserRoleMapper); |
|---|
| | | return role; |
|---|
| | | } |
|---|
| | | |
|---|
| | | public UserRole revokeRole(UserRole role) { |
|---|
| | | getDb().delete(role, UserRoleMapper); |
|---|
| | | return role; |
|---|
| | | } |
|---|
| | | |
|---|
| | | public List getRoleNamesGranted() { |
|---|
| | | return getDb().select(getSql(SQL_GET_ROLE_LIST), WITHOUT_BLOBS); |
|---|
| | | return removeHeadline(getDb().select(getSql(SQL_GET_ROLE_LIST), WITHOUT_BLOBS)); |
|---|
| | | } |
|---|
| | | |
|---|
| | | public List getUserRoleNames(String userId) { |
|---|
| | | return getDb().select(getSql(SQL_GET_USER_ROLES), WITHOUT_BLOBS, userId); |
|---|
| | | return removeHeadline(getDb().select(getSql(SQL_GET_USER_ROLES), WITHOUT_BLOBS, userId)); |
|---|
| | | } |
|---|
| | | |
|---|
| | | /* ----------- Helfer ---- */ |
|---|
| | | |
|---|
| | | private List removeHeadline(List list) { |
|---|
| | | if(list != null && list.size() > 0) { |
|---|
| | | list.remove(0); |
|---|
| | | } |
|---|
| | | return list; |
|---|
| | | } |
|---|
| | | |
|---|
| | | /** |
|---|
| | | * Ein benanntes SQL-Kommando ermitteln |
|---|
| | |
|---|
| | | this.ctx = servletContext; |
|---|
| | | } |
|---|
| | | |
|---|
| | | /* ------------- Implementierung RequestKontext ------------- */ |
|---|
| | | |
|---|
| | | @Override |
|---|
| | | public HttpServletRequest getRequest() { |
|---|
| | | return request; |
|---|
| | | } |
|---|
| | | |
|---|
| | | @Override |
|---|
| | | public void setRequest(HttpServletRequest r) { |
|---|
| | | this.request = r; |
|---|
| | | } |
|---|
| | | |
|---|
| | | |
|---|
| | | } |
|---|
