UserServiceImpl.java

  1. /*
  2.  * This software was designed and created by Jason Carroll.
  3.  * Copyright (c) 2002, 2003, 2004 Jason Carroll.
  4.  * The author can be reached at jcarroll@cowsultants.com
  5.  * ITracker website: http://www.cowsultants.com
  6.  * ITracker forums: http://www.cowsultants.com/phpBB/index.php
  7.  *
  8.  * This program is free software; you can redistribute it and/or modify
  9.  * it only under the terms of the GNU General Public License as published by
  10.  * the Free Software Foundation; either version 2 of the License, or
  11.  * (at your option) any later version.
  12.  *
  13.  * This program is distributed in the hope that it will be useful,
  14.  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  15.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  16.  * GNU General Public License for more details.
  17.  */

  19. package org.itracker.services.implementations;

  21. import org.apache.log4j.Logger;
  22. import org.itracker.PasswordException;
  23. import org.itracker.UserException;
  24. import org.itracker.core.AuthenticationConstants;
  25. import org.itracker.model.*;
  26. import org.itracker.model.util.ProjectUtilities;
  27. import org.itracker.model.util.UserUtilities;
  28. import org.itracker.persistence.dao.*;
  29. import org.itracker.services.ConfigurationService;
  30. import org.itracker.services.ProjectService;
  31. import org.itracker.services.UserService;
  32. import org.itracker.services.authentication.ITrackerUserDetails;
  33. import org.itracker.services.authentication.PluggableAuthenticator;
  34. import org.itracker.services.exceptions.AuthenticatorException;
  35. import org.springframework.security.core.userdetails.UserDetails;
  36. import org.springframework.security.core.userdetails.UsernameNotFoundException;

  38. import java.util.*;

  40. /**
  41.  * Implements the UserService interface. See that interface for method
  42.  * descriptions.
  43.  *
  44.  * @see UserService
  45.  */
  46. public class UserServiceImpl implements UserService {

  48.     private static final String DEFAULT_AUTHENTICATOR =
  49.             "org.itracker.services.authentication.DefaultAuthenticator";


  52.     private String authenticatorClassName = null;
  53.     private Class<?> authenticatorClass = null;
  54.     private boolean allowSelfRegister = false;

  56.     private static final Logger logger = Logger.getLogger(UserServiceImpl.class);

  58.     private PermissionDAO permissionDAO = null;

  60.     private UserDAO userDAO = null;
  61.     private UserPreferencesDAO userPreferencesDAO = null;
  62.     private ProjectService projectService;
  63.     private ConfigurationService configurationService;


  66.     public UserServiceImpl(ConfigurationService configurationService,
  67.                            ProjectService projectService,
  68.                            UserDAO userDAO,
  69.                            PermissionDAO permissionDAO,
  70.                            UserPreferencesDAO userPreferencesDAO) {


  73.         this.configurationService = configurationService;
  74.         this.projectService = projectService;
  75.         this.userDAO = userDAO;
  76.         this.userPreferencesDAO = userPreferencesDAO;
  77.         this.permissionDAO = permissionDAO;

  79.         try {
  80.             allowSelfRegister = configurationService.getBooleanProperty("allow_self_register", false);

  82.             authenticatorClassName = configurationService.getProperty("authenticator_class", DEFAULT_AUTHENTICATOR);
  83.             authenticatorClass = Class.forName(authenticatorClassName);
  84.         } catch (ClassNotFoundException ex) {
  85.             throw new RuntimeException(ex);
  86.         }
  87.     }

  89.     /**
  90.      * @deprecated use constructor without projectDA= und reportDAO instead
  91.      */
  92.     public UserServiceImpl(ConfigurationService configurationService,
  93.                            ProjectService projectService,
  94.                            UserDAO userDAO,
  95.                            ProjectDAO projectDAO,
  96.                            ReportDAO reportDAO,
  97.                            PermissionDAO permissionDAO,
  98.                            UserPreferencesDAO userPreferencesDAO) {
  99.         this(configurationService, projectService, userDAO, permissionDAO, userPreferencesDAO);
  100.     }

  102.     public User getUser(Integer userId) {
  103.         User user = userDAO.findByPrimaryKey(userId);
  104.         return user;
  105.     }

  107.     public User getUserByLogin(String login) throws NoSuchEntityException {
  108.         User user = userDAO.findByLogin(login);
  109.         if (user == null)
  110.             throw new NoSuchEntityException("User " + login + " not found.");
  111.         return user;
  112.     }
  113.     @Override
  114.     public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
  115.         try {
  116.             final User model = getUserByLogin(username);
  117.             return new ITrackerUserDetails(model, getPermissionsByUserId(model.getId()));
  118.         } catch (NoSuchEntityException e) {
  119.             throw new UsernameNotFoundException(username, e);
  120.         }
  121.     }

  123.     public String getUserPasswordByLogin(String login) {
  124.         User user = userDAO.findByLogin(login);
  125.         return user.getPassword();
  126.     }

  128.     public List<User> getAllUsers() {
  129.         List<User> users = userDAO.findAll();

  131.         return users;
  132.     }

  134.     public int getNumberUsers() {
  135.         Collection<User> users = userDAO.findAll();
  136.         return users.size();
  137.     }

  139.     public List<User> getActiveUsers() {
  140.         List<User> users = userDAO.findActive();

  142.         return users;
  143.     }

  145.     public List<User> getSuperUsers() {
  146.         List<User> superUsers = userDAO.findSuperUsers();
  147.         return superUsers;
  148.     }


  151.     public User createUser(User user) throws UserException {
  152.         try {
  153.             if (user == null || user.getLogin() == null || user.getLogin().equals("")) {
  154.                 throw new UserException("User data was null, or login was empty.");
  155.             }

  157.             try {
  158.                 this.getUserByLogin(user.getLogin());
  159.                 throw new UserException("User already exists with login: " + user.getLogin());
  160.             } catch (NoSuchEntityException e) {
  161.                 // doesn't exist, we'll create him
  162.             }

  164.             try {
  165.                 PluggableAuthenticator authenticator = (PluggableAuthenticator) authenticatorClass.newInstance();
  166.                 if (authenticator != null) {
  167.                     HashMap<String, Object> values = new HashMap<String, Object>();
  168.                     values.put("userService", this);
  169.                     values.put("configurationService", configurationService);
  170.                     authenticator.initialize(values);
  171.                     authenticator.createProfile(user, null, AuthenticationConstants.AUTH_TYPE_UNKNOWN,
  172.                             AuthenticationConstants.REQ_SOURCE_UNKNOWN);
  173.                 } else {
  174.                     throw new AuthenticatorException("Unable to create new authenticator.", AuthenticatorException.SYSTEM_ERROR);
  175.                 }
  176.             } catch (IllegalAccessException ex) {
  177.                 throw new AuthenticatorException(
  178.                         "Authenticator class " + authenticatorClassName + " can not be instantiated.",
  179.                         AuthenticatorException.SYSTEM_ERROR, ex);
  180.             } catch (InstantiationException ex) {
  181.                 throw new AuthenticatorException(
  182.                         "Authenticator class " + authenticatorClassName + " can not be instantiated.",
  183.                         AuthenticatorException.SYSTEM_ERROR, ex);
  184.             } catch (ClassCastException ex) {
  185.                 throw new AuthenticatorException("Authenticator class " + authenticatorClassName
  186.                         + " does not extend the PluggableAuthenticator class.",
  187.                         AuthenticatorException.SYSTEM_ERROR, ex);
  188.             }
  189.             user.setStatus(UserUtilities.STATUS_ACTIVE);
  190.             user.setRegistrationType(user.getRegistrationType());
  191.             addPreferences(user);
  192.             userDAO.save(user);
  193.             return user;
  194.         } catch (AuthenticatorException ex) {
  195.             throw new UserException("Could not create user.", ex);
  196.         }

  198.     }

  200.     public User updateUser(User user) throws UserException {
  201.         try {
  202.             PluggableAuthenticator authenticator = (PluggableAuthenticator) authenticatorClass.newInstance();
  203.             if (authenticator != null) {
  204.                 HashMap<String, Object> values = new HashMap<String, Object>();
  205.                 values.put("userService", this);
  206.                 values.put("configurationService", configurationService);
  207.                 authenticator.initialize(values);
  208.                 authenticator.updateProfile(user, AuthenticationConstants.UPDATE_TYPE_CORE, null,
  209.                         AuthenticationConstants.AUTH_TYPE_UNKNOWN, AuthenticationConstants.REQ_SOURCE_UNKNOWN);
  210.             } else {
  211.                 logger.warn("updateUser: no authenticator, throwing AuthenticatorException");
  212.                 throw new AuthenticatorException("Unable to create new authenticator.",
  213.                         AuthenticatorException.SYSTEM_ERROR);
  214.             }
  215.         } catch (IllegalAccessException ex) {
  216.             logger.error("updateUser: IllegalAccessException caught, throwing AuthenticatorException", ex);
  217.             throw new AuthenticatorException(
  218.                     "Authenticator class " + authenticatorClassName + " can not be instantiated.",
  219.                     AuthenticatorException.SYSTEM_ERROR, ex);
  220.         } catch (InstantiationException ex) {
  221.             logger.error("updateUser: InstantiationException caught, throwing AuthenticatorException", ex);
  222.             throw new AuthenticatorException(
  223.                     "Authenticator class " + authenticatorClassName + " can not be instantiated.",
  224.                     AuthenticatorException.SYSTEM_ERROR, ex);
  225.         } catch (ClassCastException ex) {
  226.             logger.error("updateUser: ClassCastException caught, throwing AuthenticatorException", ex);
  227.             throw new AuthenticatorException(
  228.                     "Authenticator class " + authenticatorClassName
  229.                             + " does not extend the PluggableAuthenticator class.",
  230.                     AuthenticatorException.SYSTEM_ERROR, ex);
  231.         } catch (AuthenticatorException ex) {
  232.             logger.error("updateUser: AuthenticatorException caught, throwing AuthenticatorException", ex);
  233.             throw new UserException("Unable to update user.", ex);
  234.         }

  236.         // detach, so we can compare the new loaded with changed user
  237.         Integer id = user.getId();
  238.         userDAO.detach(user);

  240.         User existinguser = userDAO.findByPrimaryKey(id);
  241.         userDAO.refresh(existinguser);

  243.         existinguser.setLogin(user.getLogin());
  244.         existinguser.setFirstName(user.getFirstName());
  245.         existinguser.setLastName(user.getLastName());
  246.         existinguser.setEmail(user.getEmail());
  247.         existinguser.setSuperUser(user.isSuperUser());

  249.         existinguser.setStatus(user.getStatus());

  251.         if (user.getPassword() != null && (!user.getPassword().equals(""))) {
  252.             if (logger.isInfoEnabled()) {
  253.                 logger.info("updateUser: setting new password for " + user.getLogin());
  254.             }
  255.             existinguser.setPassword(user.getPassword());
  256.         }

  258.         if (null == existinguser.getPreferences()) {
  259.             addPreferences(existinguser);
  260.         } else {
  261.             updateUserPreferences(user.getPreferences());
  262.         }

  264.         userDAO.saveOrUpdate(existinguser);
  265.         return existinguser;
  266.     }

  268.     private static void addPreferences(User user) {
  269.         UserPreferences prefs = new UserPreferences();
  270.         prefs.setUser(user);
  271.         user.setPreferences(prefs);
  272.     }

  274.     public String generateUserPassword(User user) throws PasswordException {
  275.         String password = UserUtilities.generatePassword();
  276.         user.setPassword(UserUtilities.encryptPassword(password));
  277.         return password;
  278.         // throw new PasswordException(PasswordException.UNKNOWN_USER);
  279.     }

  281.     public UserPreferences updateUserPreferences(UserPreferences userPrefs) throws UserException {
  282.         UserPreferences newUserPrefs;

  284.         try {
  285.             User user = userPrefs.getUser();

  287.             newUserPrefs = userPreferencesDAO.findByUserId(user.getId());

  289.             if (newUserPrefs == null) {
  290.                 newUserPrefs = new UserPreferences();
  291.             }
  292.             newUserPrefs.setUserLocale(userPrefs.getUserLocale());
  293.             newUserPrefs.setNumItemsOnIndex(userPrefs.getNumItemsOnIndex());
  294.             newUserPrefs.setNumItemsOnIssueList(userPrefs.getNumItemsOnIssueList());
  295.             newUserPrefs.setShowClosedOnIssueList(userPrefs.getShowClosedOnIssueList());
  296.             newUserPrefs.setSortColumnOnIssueList(userPrefs.getSortColumnOnIssueList());
  297.             newUserPrefs.setHiddenIndexSections(userPrefs.getHiddenIndexSections());

  299.             newUserPrefs.setRememberLastSearch(userPrefs.getRememberLastSearch());
  300.             newUserPrefs.setUseTextActions(userPrefs.getUseTextActions());

  302.             newUserPrefs.setUser(user);

  304.             if (userPrefs.isNew()) {
  305.                 newUserPrefs.setCreateDate(new Date());
  306.                 newUserPrefs.setLastModifiedDate(userPrefs.getCreateDate());

  308.                 // first time create UserPreferences
  309.                 user.setPreferences(newUserPrefs);
  310.                 userDAO.saveOrUpdate(user);
  311.             } else {
  312.                 this.userPreferencesDAO.saveOrUpdate(newUserPrefs);
  313.                 newUserPrefs = userPreferencesDAO.findByUserId(user.getId());
  314.                 user.setPreferences(newUserPrefs);
  315.             }

  317.             try {
  318.                 PluggableAuthenticator authenticator =
  319.                         (PluggableAuthenticator) authenticatorClass.newInstance();

  321.                 if (authenticator != null) {
  322.                     HashMap<String, Object> values = new HashMap<String, Object>();
  323.                     values.put("userService", this);
  324.                     values.put("configurationService", configurationService);
  325.                     authenticator.initialize(values);
  326.                     authenticator.updateProfile(user, AuthenticationConstants.UPDATE_TYPE_PREFERENCE, null,
  327.                             AuthenticationConstants.AUTH_TYPE_UNKNOWN, AuthenticationConstants.REQ_SOURCE_UNKNOWN);
  328.                 } else {
  329.                     throw new AuthenticatorException("Unable to create new authenticator.",
  330.                             AuthenticatorException.SYSTEM_ERROR);
  331.                 }
  332.             } catch (IllegalAccessException ex) {
  333.                 throw new AuthenticatorException(
  334.                         "Authenticator class " + authenticatorClassName + " can not be instantiated.",
  335.                         AuthenticatorException.SYSTEM_ERROR, ex);
  336.             } catch (InstantiationException ex) {
  337.                 throw new AuthenticatorException(
  338.                         "Authenticator class " + authenticatorClassName + " can not be instantiated.",
  339.                         AuthenticatorException.SYSTEM_ERROR, ex);
  340.             } catch (ClassCastException ex) {
  341.                 throw new AuthenticatorException(
  342.                         "Authenticator class " + authenticatorClassName
  343.                                 + " does not extend the PluggableAuthenticator class.",
  344.                         AuthenticatorException.SYSTEM_ERROR, ex);
  345.             }

  347.             if (newUserPrefs != null)
  348.                 return newUserPrefs;

  350.         } catch (AuthenticatorException ex) {
  351.             throw new UserException("Unable to create new preferences.", ex);
  352.         }
  353. //        } finally {
  354.         return userPrefs;
  355. //        }
  356.     }

  358.     public void clearOwnedProjects(User user) {
  359.         user.getProjects().clear();
  360.         userDAO.save(user);
  361.     }

  363.     @Override
  364.     public List<User> findUsersForProjectByPermissionTypeList(Integer projectID, PermissionType[] permissionTypes) {
  365.         return userDAO.findUsersForProjectByAllPermissionTypeList(projectID, permissionTypes);
  366.     }

  368.     @Override
  369.     public List<User> getUsersWithPermissionLocal(Integer projectId, PermissionType permissionType) {

  371.         List<User> users = new ArrayList<User>();

  373.         if (projectId != null) {
  374.             List<Permission> permissions = permissionDAO.findByProjectIdAndPermission(
  375.                     projectId, permissionType);

  377.             for (Permission permission : permissions) {
  378.                 users.add(permission.getUser());
  379.             }

  381.         }

  383.         return users;
  384.     }

  386.     public List<User> getUsersWithPermissionLocal(Integer projectId, int permissionType) {
  387.         return getUsersWithPermissionLocal(projectId, PermissionType.valueOf(permissionType));
  388.     }

  390.     public List<Permission> getUserPermissionsLocal(User user) {
  391.         List<Permission> permissions = permissionDAO.findByUserId(user.getId());
  392.         return permissions;
  393.     }

  395.     public List<Permission> getPermissionsByUserId(Integer userId) {
  396.         List<Permission> permissions = new ArrayList<Permission>();

  398.         User user = getUser(userId);
  399.         if (user != null) {
  400.             try {
  401.                 PluggableAuthenticator authenticator = (PluggableAuthenticator) authenticatorClass.newInstance();
  402.                 if (authenticator != null) {
  403.                     HashMap<String, Object> values = new HashMap<String, Object>();
  404.                     values.put("userService", this);
  405.                     values.put("configurationService", configurationService);
  406.                     authenticator.initialize(values);
  407.                     permissions = authenticator.getUserPermissions(user, AuthenticationConstants.REQ_SOURCE_UNKNOWN);
  408.                 }
  409.                 logger.debug("Found " + permissions.size() + " permissions for user " + user.getLogin());
  410.             } catch (IllegalAccessException ex) {
  411.                 throw new RuntimeException("Authenticator class "
  412.                         + authenticatorClassName + " can not be instantiated.", ex);
  413.             } catch (InstantiationException ex) {
  414.                 throw new RuntimeException("Authenticator class "
  415.                         + authenticatorClassName + " can not be instantiated.", ex);
  416.             } catch (ClassCastException ex) {
  417.                 throw new RuntimeException("Authenticator class " + authenticatorClassName
  418.                         + " does not extend the PluggableAuthenticator class.", ex);
  419.             } catch (AuthenticatorException ex) {
  420.                 throw new RuntimeException("Authenticator exception: ", ex);
  421.             }
  422.         }
  423.         return permissions;
  424.     }

  426.     public boolean updateAuthenticator(Integer userId, List<Permission> permissions) {
  427.         boolean successful;

  429.         try {
  430.             User user = userDAO.findByPrimaryKey(userId);
  431.             user.getPermissions().addAll(permissions);
  432.             try {
  433.                 PluggableAuthenticator authenticator = (PluggableAuthenticator) authenticatorClass.newInstance();
  434.                 if (authenticator != null) {
  435.                     HashMap<String, Object> values = new HashMap<String, Object>();
  436.                     values.put("userService", this);
  437.                     values.put("configurationService", configurationService);
  438.                     authenticator.initialize(values);
  439.                     if (authenticator
  440.                             .updateProfile(user, AuthenticationConstants.UPDATE_TYPE_PERMISSION_SET, null,
  441.                                     AuthenticationConstants.AUTH_TYPE_UNKNOWN,
  442.                                     AuthenticationConstants.REQ_SOURCE_UNKNOWN)) {
  443.                     }
  444.                 } else {
  445.                     logger.error("Unable to create new authenticator.");
  446.                     throw new AuthenticatorException(AuthenticatorException.SYSTEM_ERROR);
  447.                 }
  448.                 successful = true;
  449.             } catch (IllegalAccessException | InstantiationException iae) {
  450.                 logger.error("Authenticator class " + authenticatorClassName + " can not be instantiated.");
  451.                 throw new AuthenticatorException(AuthenticatorException.SYSTEM_ERROR);
  452.             } catch (ClassCastException cce) {
  453.                 logger.error("Authenticator class " + authenticatorClassName
  454.                         + " does not extend the PluggableAuthenticator class.");
  455.                 throw new AuthenticatorException(AuthenticatorException.SYSTEM_ERROR);
  456.             }

  458.         } catch (AuthenticatorException ae) {
  459.             logger.warn("Error setting user (" + userId + ") permissions.  AuthenticatorException.", ae);
  460.             successful = false;
  461.         }

  463.         return successful;
  464.     }

  466.     public boolean addUserPermissions(Integer userId, List<Permission> newPermissions) {
  467.         boolean successful = false;
  468.         if (newPermissions == null || newPermissions.size() == 0) {
  469.             return false;
  470.         }

  472.         try {
  473.             newPermissions.addAll(getUserPermissionsLocal(getUser(userId)));
  474.             setUserPermissions(userId, newPermissions);
  475.             successful = true;
  476.         } catch (AuthenticatorException ae) {
  477.             logger.warn("Error setting user (" + userId + ") permissions.  AuthenticatorException.", ae);
  478.             successful = false;
  479.         }

  481.         return successful;
  482.     }

  484.     /**
  485.      * private util for collection searching (contains)
  486.      */
  487.     private static Permission find(Collection<Permission> permissions, Permission permission) {

  489.         for (Permission permission2 : permissions) {
  490.             if (Permission.PERMISSION_PROPERTIES_COMPARATOR.compare(permission, permission2) == 0) {
  491.                 // found in list, return the found object
  492.                 return permission2;
  493.             }
  494.         }
  495.         return null;
  496.     }

  498.     /**
  499.      * @param userId         - id of update-user
  500.      * @param newPermissions - set of new permissions for this user
  501.      */
  502.     @Override
  503.     public boolean setUserPermissions(final Integer userId, final List<Permission> newPermissions) {

  505.         boolean hasChanges = false;
  506.         // rewriting this method

  508.         TreeSet<Permission> pSet = new TreeSet<Permission>(Permission.PERMISSION_PROPERTIES_COMPARATOR);
  509.         pSet.addAll(newPermissions);


  512.         User usermodel = this.getUser(userId);

  514.         Set<Permission> current = new TreeSet<Permission>(Permission.PERMISSION_PROPERTIES_COMPARATOR);

  516.         current.addAll(usermodel.getPermissions());

  518.         // setup permissions to be removed
  519.         Set<Permission> remove = new TreeSet<Permission>(Permission.PERMISSION_PROPERTIES_COMPARATOR);
  520.         remove.addAll(current);
  521.         remove.removeAll(pSet);
  522.         // setup permissions to be added
  523.         Set<Permission> add = new TreeSet<Permission>(Permission.PERMISSION_PROPERTIES_COMPARATOR);
  524.         add.addAll(pSet);
  525.         add.removeAll(current);

  527.         // look permission
  528.         Permission p;
  529.         Iterator<Permission> pIt = remove.iterator();
  530.         while (pIt.hasNext()) {
  531.             p = find(usermodel.getPermissions(), (Permission) pIt.next());
  532.             if (null == p) {
  533.                 continue;
  534.             }
  535.             if (usermodel.getPermissions().contains(p)) {
  536.                 usermodel.getPermissions().remove(p);
  537.                 permissionDAO.delete(p);
  538.                 hasChanges = true;
  539.             }
  540.         }

  542.         pIt = add.iterator();
  543.         while (pIt.hasNext()) {
  544.             p = pIt.next();
  545.             if (null == find(usermodel.getPermissions(), p) && !usermodel.getPermissions().contains(p)) {
  546.                 p.setUser(usermodel);
  547.                 usermodel.getPermissions().add(p);
  548.                 permissionDAO.save(p);
  549.                 hasChanges = true;
  550.             }
  551.         }

  553.         if (hasChanges) {
  554.             userDAO.saveOrUpdate(usermodel);
  555.         }

  557.         return hasChanges;
  558.     }

  560.     @Override
  561.     public boolean removeUserPermissions(Integer userId, List<Permission> newPermissions) {
  562.         boolean successful = false;
  563.         if (newPermissions == null || newPermissions.size() == 0) {
  564.             return successful;
  565.         }

  567.         try {
  568.             for (Iterator<Permission> delIterator = newPermissions.iterator(); delIterator.hasNext(); ) {
  569.                 Permission permission = (Permission) delIterator.next();
  570.                 permissionDAO.delete(permission);
  571.             }

  573.             successful = true;

  575.         } catch (AuthenticatorException ae) {
  576.             logger.warn("Error setting user (" + userId + ") permissions.  AuthenticatorException.", ae);
  577.             successful = false;
  578.         }

  580.         return successful;
  581.     }

  583.     @Override
  584.     @Deprecated
  585.     public Map<Integer, Set<PermissionType>> getUsersMapOfProjectIdsAndSetOfPermissionTypes(User user, int reqSource) {
  586.         Map<Integer, Set<PermissionType>> permissionsMap = new HashMap<Integer, Set<PermissionType>>();

  588.         if (user == null) {
  589.             return permissionsMap;
  590.         }

  592.         List<Permission> permissionList = new ArrayList<Permission>();

  594.         try {
  595.             PluggableAuthenticator authenticator =
  596.                     (PluggableAuthenticator) authenticatorClass.newInstance();

  598.             if (authenticator != null) {
  599.                 HashMap<String, Object> values = new HashMap<String, Object>();
  600.                 values.put("userService", this);
  601.                 values.put("configurationService", configurationService);
  602.                 authenticator.initialize(values);
  603.                 permissionList = authenticator.getUserPermissions(user, (reqSource == 0 ? AuthenticationConstants.REQ_SOURCE_UNKNOWN : reqSource));
  604.             }
  605.             logger.debug("Found " + permissionList.size() + " permissions for user " + user.getLogin());
  606.         } catch (IllegalAccessException iae) {
  607.             logger.error("Authenticator class " + authenticatorClassName + " can not be instantiated.");
  608.         } catch (InstantiationException ie) {
  609.             logger.error("Authenticator class " + authenticatorClassName + " can not be instantiated.");
  610.         } catch (ClassCastException cce) {
  611.             logger.error("Authenticator class " + authenticatorClassName
  612.                     + " does not extend the PluggableAuthenticator class.");
  613.         } catch (AuthenticatorException ae) {
  614.             logger.error("Authenticator exception: " + ae.getMessage());
  615.             logger.debug("Authenticator exception: ", ae);
  616.         }

  618.         permissionsMap = UserUtilities.mapPermissionTypesByProjectId(permissionList);

  620.         if (allowSelfRegister) {
  621.             List<Project> projects = projectService.getAllProjects();

  623.             for (int i = 0; i < projects.size(); i++) {
  624.                 Project project = projects.get(i);

  626.                 if (project.getOptions() >= ProjectUtilities.OPTION_ALLOW_SELF_REGISTERED_CREATE) {
  627.                     Set<PermissionType> projectPermissions = permissionsMap.get(project.getId());

  629.                     if (projectPermissions == null) {
  630.                         projectPermissions = new HashSet<PermissionType>();
  631.                         permissionsMap.put(project.getId(), projectPermissions);
  632.                     }

  634.                     if (ProjectUtilities.hasOption(ProjectUtilities.OPTION_ALLOW_SELF_REGISTERED_CREATE, project.getOptions())) {
  635.                         projectPermissions.add(PermissionType.ISSUE_VIEW_USERS);
  636.                         projectPermissions.add(PermissionType.ISSUE_CREATE);
  637.                     }

  639.                     if (ProjectUtilities.hasOption(ProjectUtilities.OPTION_ALLOW_SELF_REGISTERED_VIEW_ALL, project.getOptions())) {
  640.                         projectPermissions.add(PermissionType.ISSUE_VIEW_ALL);
  641.                     }
  642.                 }
  643.             }
  644.         }

  646.         return permissionsMap;
  647.     }

  649.     @Override
  650.     public List<User> getUsersWithProjectPermission(Integer projectId, PermissionType permission) {
  651.         return getUsersWithProjectPermission(projectId, permission, true);
  652.     }

  654.     @Override
  655.     public List<User> getUsersWithProjectPermission(Integer projectId, int permissionType) {
  656.         return getUsersWithProjectPermission(projectId, PermissionType.valueOf(permissionType), true);
  657.     }

  659.     @Override
  660.     public List<User> getUsersWithProjectPermission(Integer projectId, int permissionType, boolean activeOnly) {
  661.         return getUsersWithProjectPermission(projectId, PermissionType.valueOf(permissionType), activeOnly);
  662.     }

  664.     @Override
  665.     public List<User> getUsersWithProjectPermission(Integer projectId, PermissionType permissionType, boolean activeOnly) {
  666.         return getUsersWithAnyProjectPermission(projectId, new PermissionType[]{permissionType}, activeOnly);
  667.     }

  669.     @Override
  670.     public List<User> getUsersWithAnyProjectPermission(Integer projectId, int[] permissions) {
  671.         return getUsersWithAnyProjectPermission(projectId, PermissionType.valueOf(permissions), true);
  672.     }

  674.     @Override
  675.     public List<User> getUsersWithAnyProjectPermission(Integer projectId, PermissionType[] permissions, boolean activeOnly) {
  676.         return getUsersWithProjectPermission(projectId, permissions, false, activeOnly);
  677.     }

  679.     @Override
  680.     public List<User> getUsersWithAnyProjectPermission(Integer projectId, PermissionType[] permissionTypes) {
  681.         return getUsersWithAnyProjectPermission(projectId, permissionTypes, true);
  682.     }

  684.     @Override
  685.     public List<User> getUsersWithAnyProjectPermission(Integer projectId, int[] permissionTypes, boolean activeOnly) {
  686.         return getUsersWithProjectPermission(projectId, permissionTypes, false, activeOnly);
  687.     }

  689.     @Override
  690.     public List<User> getUsersWithProjectPermission(Integer projectId, int[] permissionTypes, boolean requireAll,
  691.                                                     boolean activeOnly) {
  692.         return getUsersWithProjectPermission(projectId, PermissionType.valueOf(permissionTypes), requireAll, activeOnly);
  693.     }

  695.     @Override
  696.     public List<User> getUsersWithProjectPermission(Integer projectId, PermissionType[] permissionTypes, boolean requireAll,
  697.                                                         boolean activeOnly) {

  699.         List<User> userList = new ArrayList<User>();

  701.         try {
  702.             // TODO: use a factory to hide this.
  703.             PluggableAuthenticator authenticator = (PluggableAuthenticator) authenticatorClass.newInstance();

  705.             if (authenticator != null) {
  706.                 Map<String, Object> values = new HashMap<String, Object>();
  707.                 values.put("userService", this);
  708.                 values.put("configurationService", configurationService);
  709.                 authenticator.initialize(values);

  711.                 userList = authenticator.getUsersWithProjectPermission(projectId, permissionTypes, requireAll, activeOnly,
  712.                         AuthenticationConstants.REQ_SOURCE_UNKNOWN);

  714.             }

  716.             if (logger.isDebugEnabled()) {
  717.                 logger.debug("getUsersWithProjectPermission: Found " + userList.size() + " users with project " + projectId + " permissions "
  718.                         + Arrays.toString(permissionTypes) + (requireAll ? "[AllReq," : "[AnyReq,")
  719.                         + (activeOnly ? "ActiveUsersOnly]" : "AllUsers]"));
  720.             }

  722.             // TODO : don't swallow exceptions!! MUST be propagated to the caller!!
  723.         } catch (IllegalAccessException iae) {
  724.             logger.error("getUsersWithProjectPermission: Authenticator class " + authenticatorClassName + " can not be instantiated.", iae);
  725.         } catch (InstantiationException ie) {
  726.             logger.error("getUsersWithProjectPermission: Authenticator class " + authenticatorClassName + " can not be instantiated.", ie);
  727.         } catch (ClassCastException cce) {
  728.             logger.error("getUsersWithProjectPermission: Authenticator class " + authenticatorClassName
  729.                     + " does not extend the PluggableAuthenticator class.", cce);
  730.         } catch (AuthenticatorException ae) {
  731.             logger.error("getUsersWithProjectPermission: Authenticator exception caught.", ae);
  732.         }
  733.         return userList;
  734.     }

  736.     @Override
  737.     public List<User> getPossibleOwners(Issue issue, Integer projectId, Integer userId) {
  738.         HashSet<User> users = new HashSet<User>();

  740.         List<User> editUsers = getUsersWithProjectPermission(projectId, UserUtilities.PERMISSION_EDIT, true);
  741.         for (User editUser : editUsers) {
  742.             users.add(editUser);
  743.         }
  744.         List<User> otherUsers = getUsersWithProjectPermission(projectId,
  745.                 new int[]{UserUtilities.PERMISSION_EDIT_USERS, UserUtilities.PERMISSION_ASSIGNABLE}, true, true);
  746.         for (User otherUser : otherUsers) {
  747.             users.add(otherUser);
  748.         }

  750.         if (issue != null) {
  751.             // Now add in the creator if the have edit own issues, and always
  752.             // the owner
  753.             User creator = issue.getCreator();

  755.             if (UserUtilities.hasPermission(getUsersMapOfProjectIdsAndSetOfPermissionTypes(creator, 0), projectId,
  756.                     PermissionType.ISSUE_EDIT_USERS)) {
  757.                 users.add(creator);
  758.             }
  759.             if (issue.getOwner() != null) {
  760.                 User owner = issue.getOwner();
  761.                 users.add(owner);
  762.             }
  763.         } else if (userId != null) {
  764.             // New issue, so add in the creator if needed
  765.             User creator = getUser(userId);
  766.             if (UserUtilities.hasPermission(getUsersMapOfProjectIdsAndSetOfPermissionTypes(creator, 0), projectId,
  767.                     PermissionType.ISSUE_EDIT_USERS)) {
  768.                 users.add(creator);
  769.             }
  770.         }

  772.         int i = 0;
  773.         List<User> userList = new ArrayList<User>();
  774.         for (Iterator<User> iter = users.iterator(); iter.hasNext(); i++) {
  775.             userList.add((User) iter.next());
  776.         }
  777.         return userList;
  778.     }

  780.     public User checkLogin(String login, Object authentication, int authType, int reqSource)
  781.             throws AuthenticatorException {
  782.         try {
  783.             PluggableAuthenticator authenticator = (PluggableAuthenticator) authenticatorClass.newInstance();
  784.             if (authenticator != null) {
  785.                 HashMap<String, Object> values = new HashMap<String, Object>();
  786.                 values.put("userService", this);
  787.                 values.put("configurationService", configurationService);
  788.                 authenticator.initialize(values);
  789.                 return authenticator.checkLogin(login, authentication, authType,
  790.                         (reqSource == 0 ? AuthenticationConstants.REQ_SOURCE_UNKNOWN : reqSource));
  791.             }

  793.             logger.error("Unable to create new authenticator.");
  794.             throw new AuthenticatorException(AuthenticatorException.SYSTEM_ERROR);
  795.         } catch (IllegalAccessException iae) {
  796.             logger.error("Authenticator class " + authenticatorClassName + " can not be instantiated.");
  797.             throw new AuthenticatorException(AuthenticatorException.SYSTEM_ERROR);
  798.         } catch (InstantiationException ie) {
  799.             logger.error("Authenticator class " + authenticatorClassName + " can not be instantiated.");
  800.             throw new AuthenticatorException(AuthenticatorException.SYSTEM_ERROR);
  801.         } catch (ClassCastException cce) {
  802.             logger.error("Authenticator class " + authenticatorClassName
  803.                     + " does not extend the PluggableAuthenticator class.");
  804.             throw new AuthenticatorException(AuthenticatorException.SYSTEM_ERROR);
  805.         }
  806.     }

  808.     public boolean allowRegistration(User user, Object authentication, int authType, int reqSource)
  809.             throws AuthenticatorException {
  810.         try {
  811.             PluggableAuthenticator authenticator = (PluggableAuthenticator) authenticatorClass.newInstance();
  812.             if (authenticator != null) {
  813.                 HashMap<String, Object> values = new HashMap<String, Object>();
  814.                 values.put("userService", this);
  815.                 values.put("configurationService", configurationService);
  816.                 authenticator.initialize(values);
  817.                 if (authenticator.allowProfileCreation(user, authentication, authType,
  818.                         (reqSource == 0 ? AuthenticationConstants.REQ_SOURCE_UNKNOWN : reqSource))) {
  819.                     return authenticator.allowRegistration(user, authentication, authType,
  820.                             (reqSource == 0 ? AuthenticationConstants.REQ_SOURCE_UNKNOWN : reqSource));
  821.                 }
  822.                 return false;
  823.             }

  825.             logger.error("Unable to create new authenticator.");
  826.             throw new AuthenticatorException(AuthenticatorException.SYSTEM_ERROR);
  827.         } catch (IllegalAccessException iae) {
  828.             logger.error("Authenticator class " + authenticatorClassName + " can not be instantiated.");
  829.             throw new AuthenticatorException(AuthenticatorException.SYSTEM_ERROR);
  830.         } catch (InstantiationException ie) {
  831.             logger.error("Authenticator class " + authenticatorClassName + " can not be instantiated.");
  832.             throw new AuthenticatorException(AuthenticatorException.SYSTEM_ERROR);
  833.         } catch (ClassCastException cce) {
  834.             logger.error("Authenticator class " + authenticatorClassName
  835.                     + " does not extend the PluggableAuthenticator class.");
  836.             throw new AuthenticatorException(AuthenticatorException.SYSTEM_ERROR);
  837.         }
  838.     }

  840.     public boolean allowProfileCreation(User user, Object authentication, int authType, int reqSource)
  841.             throws AuthenticatorException {
  842.         try {
  843.             PluggableAuthenticator authenticator = (PluggableAuthenticator) authenticatorClass.newInstance();
  844.             if (authenticator != null) {
  845.                 HashMap<String, Object> values = new HashMap<String, Object>();
  846.                 values.put("userService", this);
  847.                 values.put("configurationService", configurationService);
  848.                 authenticator.initialize(values);
  849.                 return authenticator.allowProfileCreation(user, authentication, authType,
  850.                         (reqSource == 0 ? AuthenticationConstants.REQ_SOURCE_UNKNOWN : reqSource));
  851.             }

  853.             logger.error("Unable to create new authenticator.");
  854.             throw new AuthenticatorException(AuthenticatorException.SYSTEM_ERROR);
  855.         } catch (IllegalAccessException iae) {
  856.             logger.error("Authenticator class " + authenticatorClassName + " can not be instantiated.");
  857.             throw new AuthenticatorException(AuthenticatorException.SYSTEM_ERROR);
  858.         } catch (InstantiationException ie) {
  859.             logger.error("Authenticator class " + authenticatorClassName + " can not be instantiated.");
  860.             throw new AuthenticatorException(AuthenticatorException.SYSTEM_ERROR);
  861.         } catch (ClassCastException cce) {
  862.             logger.error("Authenticator class " + authenticatorClassName
  863.                     + " does not extend the PluggableAuthenticator class.");
  864.             throw new AuthenticatorException(AuthenticatorException.SYSTEM_ERROR);
  865.         }
  866.     }

  868.     public boolean allowProfileUpdates(User user, Object authentication, int authType, int reqSource)
  869.             throws AuthenticatorException {
  870.         try {
  871.             PluggableAuthenticator authenticator = (PluggableAuthenticator) authenticatorClass.newInstance();
  872.             if (authenticator != null) {
  873.                 HashMap<String, Object> values = new HashMap<String, Object>();
  874.                 values.put("userService", this);
  875.                 values.put("configurationService", configurationService);
  876.                 authenticator.initialize(values);
  877.                 return authenticator.allowProfileUpdates(user, authentication, authType,
  878.                         (reqSource == 0 ? AuthenticationConstants.REQ_SOURCE_UNKNOWN : reqSource));
  879.             }

  881.             logger.error("Unable to create new authenticator.");
  882.             throw new AuthenticatorException(AuthenticatorException.SYSTEM_ERROR);
  883.         } catch (IllegalAccessException iae) {
  884.             logger.error("Authenticator class " + authenticatorClassName + " can not be instantiated.");
  885.             throw new AuthenticatorException(AuthenticatorException.SYSTEM_ERROR);
  886.         } catch (InstantiationException ie) {
  887.             logger.error("Authenticator class " + authenticatorClassName + " can not be instantiated.");
  888.             throw new AuthenticatorException(AuthenticatorException.SYSTEM_ERROR);
  889.         } catch (ClassCastException cce) {
  890.             logger.error("Authenticator class " + authenticatorClassName
  891.                     + " does not extend the PluggableAuthenticator class.");
  892.             throw new AuthenticatorException(AuthenticatorException.SYSTEM_ERROR);
  893.         }
  894.     }

  896.     public boolean allowPasswordUpdates(User user, Object authentication, int authType, int reqSource)
  897.             throws AuthenticatorException {
  898.         try {
  899.             PluggableAuthenticator authenticator = (PluggableAuthenticator) authenticatorClass.newInstance();
  900.             if (authenticator != null) {
  901.                 HashMap<String, Object> values = new HashMap<String, Object>();
  902.                 values.put("userService", this);
  903.                 values.put("configurationService", configurationService);
  904.                 authenticator.initialize(values);
  905.                 return authenticator.allowPasswordUpdates(user, authentication, authType,
  906.                         (reqSource == 0 ? AuthenticationConstants.REQ_SOURCE_UNKNOWN : reqSource));
  907.             }

  909.             logger.error("Unable to create new authenticator.");
  910.             throw new AuthenticatorException(AuthenticatorException.SYSTEM_ERROR);
  911.         } catch (IllegalAccessException iae) {
  912.             logger.error("Authenticator class " + authenticatorClassName + " can not be instantiated.");
  913.             throw new AuthenticatorException(AuthenticatorException.SYSTEM_ERROR);
  914.         } catch (InstantiationException ie) {
  915.             logger.error("Authenticator class " + authenticatorClassName + " can not be instantiated.");
  916.             throw new AuthenticatorException(AuthenticatorException.SYSTEM_ERROR);
  917.         } catch (ClassCastException cce) {
  918.             logger.error("Authenticator class " + authenticatorClassName
  919.                     + " does not extend the PluggableAuthenticator class.");
  920.             throw new AuthenticatorException(AuthenticatorException.SYSTEM_ERROR);
  921.         }
  922.     }

  924.     public boolean allowPermissionUpdates(User user, Object authentication, int authType, int reqSource)
  925.             throws AuthenticatorException {
  926.         try {
  927.             PluggableAuthenticator authenticator = (PluggableAuthenticator) authenticatorClass.newInstance();
  928.             if (authenticator != null) {
  929.                 HashMap<String, Object> values = new HashMap<String, Object>();
  930.                 values.put("userService", this);
  931.                 values.put("configurationService", configurationService);
  932.                 authenticator.initialize(values);
  933.                 return authenticator.allowPermissionUpdates(user, authentication, authType,
  934.                         (reqSource == 0 ? AuthenticationConstants.REQ_SOURCE_UNKNOWN : reqSource));
  935.             }

  937.             logger.error("Unable to create new authenticator.");
  938.             throw new AuthenticatorException(AuthenticatorException.SYSTEM_ERROR);
  939.         } catch (IllegalAccessException iae) {
  940.             logger.error("Authenticator class " + authenticatorClassName + " can not be instantiated.");
  941.             throw new AuthenticatorException(AuthenticatorException.SYSTEM_ERROR);
  942.         } catch (InstantiationException ie) {
  943.             logger.error("Authenticator class " + authenticatorClassName + " can not be instantiated.");
  944.             throw new AuthenticatorException(AuthenticatorException.SYSTEM_ERROR);
  945.         } catch (ClassCastException cce) {
  946.             logger.error("Authenticator class " + authenticatorClassName
  947.                     + " does not extend the PluggableAuthenticator class.");
  948.             throw new AuthenticatorException(AuthenticatorException.SYSTEM_ERROR);
  949.         }
  950.     }

  952.     public boolean allowPreferenceUpdates(User user, Object authentication, int authType, int reqSource)
  953.             throws AuthenticatorException {
  954.         try {
  955.             PluggableAuthenticator authenticator = (PluggableAuthenticator) authenticatorClass.newInstance();
  956.             if (authenticator != null) {
  957.                 HashMap<String, Object> values = new HashMap<String, Object>();
  958.                 values.put("userService", this);
  959.                 values.put("configurationService", configurationService);
  960.                 authenticator.initialize(values);
  961.                 return authenticator.allowPreferenceUpdates(user, authentication, authType,
  962.                         (reqSource == 0 ? AuthenticationConstants.REQ_SOURCE_UNKNOWN : reqSource));
  963.             }

  965.             logger.error("Unable to create new authenticator.");
  966.             throw new AuthenticatorException(AuthenticatorException.SYSTEM_ERROR);
  967.         } catch (IllegalAccessException iae) {
  968.             logger.error("Authenticator class " + authenticatorClassName + " can not be instantiated.");
  969.             throw new AuthenticatorException(AuthenticatorException.SYSTEM_ERROR);
  970.         } catch (InstantiationException ie) {
  971.             logger.error("Authenticator class " + authenticatorClassName + " can not be instantiated.");
  972.             throw new AuthenticatorException(AuthenticatorException.SYSTEM_ERROR);
  973.         } catch (ClassCastException cce) {
  974.             logger.error("Authenticator class " + authenticatorClassName
  975.                     + " does not extend the PluggableAuthenticator class.");
  976.             throw new AuthenticatorException(AuthenticatorException.SYSTEM_ERROR);
  977.         }
  978.     }


  981. }
Created with JaCoCo 0.8.5.201910111838