1 /***
2 * The contents of this file are subject to the Mozilla Public
3 * License Version 1.1 (the "License"); you may not use this file
4 * except in compliance with the License. You may obtain a copy of
5 * the License at http://www.mozilla.org/MPL/
6 *
7 * Software distributed under the License is distributed on an "AS
8 * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
9 * implied. See the License for the specific language governing
10 * rights and limitations under the License.
11 *
12 * The Original Code is pow2toolkit library.
13 *
14 * The Initial Owner of the Original Code is
15 * Power Of Two S.R.L. (www.pow2.com)
16 *
17 * Portions created by Power Of Two S.R.L. are
18 * Copyright (C) Power Of Two S.R.L.
19 * All Rights Reserved.
20 *
21 * Contributor(s):
22 *
23 * Dennis Carroll <Dennis.Carroll@dot.state.mn.us>
24 * - fixed a typo error in isNewAuthentication()
25 */
26
27 package com.pow2.user;
28
29
30 import javax.servlet.http.HttpServletRequest;
31 import javax.servlet.http.HttpSession;
32
33 import org.apache.log4j.Category;
34
35 import com.pow2.struts.forms.RegistrationForm;
36
37 import com.pow2.user.dao.UserDAO;
38 import com.pow2.user.dao.UserDAOFactory;
39 import com.pow2.util.Util;
40
41
42 /***
43 * Manage the User entities.
44 * <br>
45 * This class is a facade to the user package functions.
46 *
47 * @author Luca Fossato
48 * @created 22 aprile 2002
49 */
50 public class UserManager
51 {
52 /*** Session User key */
53 public final static String USER_KEY = "com.pow2.user";
54
55 /*** Log4j category */
56 private Category cat = Category.getInstance(this.getClass());
57
58 /*** an handle to the unique UserManager instance. */
59 private static UserManager instance = null;
60
61
62 /***
63 * Default private constructor.
64 */
65 private UserManager()
66 {
67 }
68
69
70 /***
71 * Get the unique instance of UserManager class.
72 *
73 * @return the instance of UserManager class
74 */
75 public static synchronized UserManager instance()
76 {
77 if (instance == null)
78 instance = new UserManager();
79
80 return instance;
81 }
82
83
84 /***
85 * Retrieve the User object from the Session context.
86 *
87 * @param request Description of the Parameter
88 * @return the retrieved User object, or null if the Session context
89 * does not have any User reference
90 */
91 public User getUser(HttpServletRequest request)
92 {
93 HttpSession session = null;
94 User user = null;
95
96 if ((session = request.getSession()) != null)
97 {
98 user = (User)session.getAttribute(USER_KEY);
99
100
101
102
103
104
105
106 }
107
108 if (user == null)
109 {
110 cat.warn("::getUser - user retrieved from the session context is null");
111 }
112
113 return user;
114 }
115
116
117 /***
118 * Retrieve a registered User object from the database.
119 *
120 * @param login the user login
121 * @param passwd the user password
122 * @return the registered user object, or null if:<br>
123 * <ul>
124 * <li>
125 * the input login and passwd attributes don't match
126 * any user profile
127 * </li>
128 * <li>
129 * the validation process fails
130 * </li>
131 * </ul>
132 */
133 public User getUser(String login, String passwd) throws Exception
134 {
135 return UserDAOFactory.instance().getUserDAO().getUser(login, passwd);
136 }
137
138
139 /***
140 * Get the User object.
141 * <br>
142 * Retrieve the User object from the Session context; <b>if it does not exists,
143 * create a new one</b>.
144 * <br>
145 * If <code>authenticate</code> is true:
146 * <ul>
147 * <li>
148 * if request object has got non-empty <code>login</code> and <code>passwd</code>
149 * parameters, update the <code>login</code> and <code>passwd</code>
150 * user properties with that values.
151 * </li>
152 * <li>
153 * authenticate the user and update its informations using
154 * {@link com.pow2.user.User#getProfile() getProfile}.
155 * </li>
156 * </ul>
157 * Else return the retrieved user (or the new instance) without execute the
158 * authentication process.<br>
159 *
160 * @param request the HttpServletRequest object
161 * @param authenticate true if the user must be authenticated versus the user database;
162 * false otherwise.
163 * @return the User object
164 */
165 public User getUser(HttpServletRequest request, boolean authenticate) throws Exception
166 {
167 UserDAO dao = UserDAOFactory.instance().getUserDAO();
168 User user = null;
169
170
171
172 if ((user = getUser(request)) == null)
173 user = new User();
174
175
176 if (authenticate)
177 {
178
179
180 if (isNewAuthentication(request))
181 {
182 user.setLogin(request.getParameter("login"));
183 user.setPasswd(request.getParameter("passwd"));
184 }
185
186
187 user.getProfile();
188 }
189
190 return user;
191 }
192
193
194 /***
195 * Remove the current user from the Session context.
196 *
197 * @param request Description of the Parameter
198 */
199 public void deleteUser(HttpServletRequest request)
200 {
201 HttpSession session = null;
202
203 if ((session = request.getSession()) != null)
204 session.removeAttribute(USER_KEY);
205 }
206
207
208 /***
209 * Remove the User entry having the input identifier
210 * from the database.
211 *
212 * @param id the identifier of the User entry to remove
213 * from the database
214 */
215 public void deleteUser(String id)
216 {
217 UserDAO dao = UserDAOFactory.instance().getUserDAO();
218
219 try
220 {
221 dao.deleteUser(id);
222 }
223 catch(Exception e)
224 {
225 cat.error("::deleteUser - cannot delete this user", e);
226 }
227 }
228
229
230 /***
231 * Set a guest user into the session context.
232 * <br>
233 * This method first checks for an existant user object into the
234 * session context.
235 * If the user reference does not exist, <code>setGuestUser</code>
236 * creates and place the new not-authenticated user into the session context.
237 *
238 * @param request the HttpServletRequest object
239 * @exception Exception if any error occurs
240 */
241 public void setGuestUser(HttpServletRequest request) throws Exception
242 {
243 setGuestUser(request, User.class);
244 }
245
246
247 /***
248 * Set a guest user into the session context.
249 * <br>
250 * This method first checks for an existant user object into the
251 * session context.
252 * If the user reference does not exist, <code>setGuestUser</code>
253 * creates and place the new not-authenticated user into the session context.
254 *
255 * @param request the HttpServletRequest object
256 * @param userClass the class of the User object to store into the session context.
257 * The class MUST extends <code>com.pow2.user.User</code>.
258 * @exception Exception if any error occurs
259 */
260 public void setGuestUser(HttpServletRequest request, Class userClass) throws Exception
261 {
262 User user;
263
264 if ((user = getUser(request)) == null)
265 {
266 Object userObj = null;
267
268 try
269 {
270 userObj = Class.forName(userClass.getName()).newInstance();
271 }
272 catch(Exception e)
273 {
274 cat.error("::setGuestUser - cannot instance [" + userClass.getName() + "] class", e);
275 throw e;
276 }
277
278
279 if (!(userObj instanceof User))
280 {
281 String err = ("[" + userObj.getClass().getName() + "] does NOT extend " + User.class.getName() + "]");
282 cat.error("::setGuestUser - " + err);
283 throw new Exception(err);
284 }
285
286 user = (User)userObj;
287 setUser(request, user);
288 }
289 }
290
291
292 /***
293 * Store the input User object into the session context.
294 *
295 * @param request the HttpServletRequest request used to retrieve the current
296 * Session object or to create a new one
297 * @param user the user object to store into the Session context
298 */
299 public void setUser(HttpServletRequest request, User user)
300 {
301 if (user != null)
302 {
303 deleteUser(request);
304 request.getSession(true).setAttribute(USER_KEY, user);
305 }
306 }
307
308
309 /***
310 * Persist the user informations into the database.
311 * <br>
312 * This method updates or insert a new User entry into the database
313 * depending on the user id value.
314 *
315 * @param user the user object to persist into the database
316 */
317 public void setUser(User user)
318 {
319 if (user != null)
320 {
321 try
322 {
323 UserDAO dao = UserDAOFactory.instance().getUserDAO();
324 dao.setUser(user);
325 }
326 catch (Exception e)
327 {
328 cat.error("::setUser - cannot set the user data into the database", e);
329 }
330 }
331 }
332
333 /***
334 *
335 * @param user
336 */
337 public void setUser(User user, RegistrationForm form, boolean update)
338 {
339 user.setLogin (form.getLogin());
340 user.setPasswd (form.getPasswd());
341 user.setFirstName (form.getFirstName());
342 user.setLastName (form.getLastName());
343 user.setEmail (form.getEmail());
344 user.setStreet (form.getStreet());
345 user.setZipCode (form.getZipCode());
346 user.setState (form.getState());
347 user.setCity (form.getCity());
348 user.setPhone (form.getPhone());
349 user.setMobile (form.getMobile());
350 user.setFax (form.getFax());
351
352
353 if (update)
354 {
355 user.setAuthentication(true);
356 setUser(user);
357 }
358 }
359
360
361 /***
362 * PRIVATE METHODS HERE
363 *
364 * @param request Description of the Parameter
365 * @return The newAuthentication value
366 */
367
368 /***
369 * Check if the request object contains new non-empty
370 * <code>login</code> and <code>passwd</code> parameters.
371 *
372 * @param request Description of the Parameter
373 * @return true if if the request object contains new non-empty
374 * <code>login</code> and <code>passwd</code> parameters;
375 * false otherwise.
376 */
377 private boolean isNewAuthentication(HttpServletRequest request)
378 {
379 return (Util.isNull(request.getParameter("login")) &&
380 Util.isNull(request.getParameter("passwd"))) ? false : true;
381 }
382 }