- static Logfile theLog;
-
- // Kontruktor
-
- public ModuleUsers(StorageObject theStorage)
- {
-
- if (theLog == null) theLog = Logfile.getInstance(MirConfig.getProp("Home") + MirConfig.getProp("Module.Users.Logfile"));
- if (theStorage == null) theLog.printWarning("StorageObject was null!");
- this.theStorage = theStorage;
-
- }
-
- /**
- * login method
- */
-
- public EntityUsers getUserForLogin(String user, String password) throws ModuleException
- {
- String whereString = "login='" +user + "' and password='"+ password + "' and is_admin='1'";
- EntityList userList = getByWhereClause(whereString, -1);
- if (userList != null && userList.getCount()==1)
- return (EntityUsers)userList.elementAt(0);
- else return null;
- }
-
-
-
- public EntityList getUsers(String whereClause, int offset, int limit)
- throws ModuleException
- {
- try {
- return theStorage.selectByWhereClause(whereClause, null, offset, limit);
- }
- catch (StorageObjectException e){
- throw new ModuleException(e.toString());
- }
- }
-
- public SimpleList getUsersAsSimpleList() {
- // String sql = "select id, name from Users order by name";
- return ((DatabaseUsers)theStorage).getPopupData();
- }
-
-}
+ static LoggerWrapper logger = new LoggerWrapper("Module.Users");
+
+ public ModuleUsers(StorageObject aStorage)
+ {
+ if (aStorage == null)
+ logger.warn("ModuleUsers(): StorageObject was null!");
+
+ storage = aStorage;
+ }
+
+ /**
+ * Authenticate and lookup a user
+ *
+ * @param user The user to lookup
+ * @param password The password
+ * @return The authenticated user, or <code>null</code> if the user
+ * doesn't exist, or the supplied password is invalid.
+ * @throws ModuleExc
+ */
+
+ public EntityUsers getUserForLogin(String user, String password) throws ModuleExc, ModuleFailure {
+ try {
+ String whereString =
+ "login='" + JDBCStringRoutines.escapeStringLiteral(user) + "' " +
+ "and password='" + JDBCStringRoutines.escapeStringLiteral(
+ MirGlobal.localizer().adminInterface().makePasswordDigest(password)) +
+ "' " +
+ "and is_admin='1'";
+
+ EntityList userList = getByWhereClause(whereString, -1);
+
+ if (userList != null && userList.getCount() == 1) {
+ EntityUsers result = (EntityUsers) userList.elementAt(0);
+
+ if (result.getFieldValue("is_disabled") == null ||
+ result.getFieldValue("is_disabled").equals("0"))
+ return result;
+ }
+
+ return null;
+ }
+ catch (Throwable t) {
+ throw new ModuleFailure(t);
+ }
+ }
+
+ public boolean checkUserPassword(EntityUsers aUser, String aPassword) throws ModuleExc, ModuleFailure {
+ try {
+ return aUser.getFieldValue("password").equals(MirGlobal.localizer().adminInterface().makePasswordDigest(aPassword));
+ }
+ catch (Throwable t) {
+ throw new ModuleFailure(t);
+ }
+ }
+
+ private Map digestPassword(Map aValues) throws ModuleExc, ModuleFailure {
+ Map result = aValues;
+
+ try {
+ if (aValues.containsKey("password")) {
+ result = new HashMap();
+ result.putAll(aValues);
+ result.put("password",
+ MirGlobal.localizer().adminInterface().
+ makePasswordDigest( (String) aValues.get("password")));
+ }
+ }
+ catch (Throwable t) {
+ throw new ModuleFailure("ModuleUsers.add: " + t.getMessage(), t);
+ }
+
+ return result;
+ }
+
+ /**
+ *
+ * @param theValues
+ * @return
+ * @throws ModuleExc
+ * @throws ModuleFailure
+ */
+
+ public String add (Map theValues) throws ModuleExc, ModuleFailure {
+ try {
+ return super.add(digestPassword(theValues));
+ }
+ catch (Throwable t) {
+ throw new ModuleFailure(t);
+ }
+ }
+
+ /**
+ *
+ * @param theValues
+ * @return
+ * @throws ModuleExc
+ * @throws ModuleFailure
+ */
+ public String set (Map theValues) throws ModuleExc, ModuleFailure {
+ try {
+ return super.set(digestPassword(theValues));
+ }
+ catch (Throwable t) {
+ throw new ModuleFailure(t);
+ }
+ }
+
+ public void recordLogin(EntityUsers aUser) throws ModuleExc, ModuleFailure {
+ try {
+ String sql = "update webdb_users set lastlogin=now() where id = " + aUser.getId();
+
+ storage.executeUpdate(sql);
+ }
+ catch (Throwable t) {
+// no propagation of this error for now, to allow mir to still function
+// with older db schemas
+// throw new ModuleFailure(t);
+ }
+ }
+}
\ No newline at end of file