/*
- * Copyright (C) 2001, 2002 The Mir-coders group
+ * Copyright (C) 2001, 2002 The Mir-coders group
*
* This file is part of Mir.
*
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*
* In addition, as a special exception, The Mir-coders gives permission to link
- * the code of this program with the com.oreilly.servlet library, any library
- * licensed under the Apache Software License, The Sun (tm) Java Advanced
- * Imaging library (JAI), The Sun JIMI library (or with modified versions of
- * the above that use the same license as the above), and distribute linked
- * combinations including the two. You must obey the GNU General Public
- * License in all respects for all of the code used other than the above
- * mentioned libraries. If you modify this file, you may extend this exception
- * to your version of the file, but you are not obligated to do so. If you do
- * not wish to do so, delete this exception statement from your version.
+ * the code of this program with any library licensed under the Apache Software License,
+ * The Sun (tm) Java Advanced Imaging library (JAI), The Sun JIMI library
+ * (or with modified versions of the above that use the same license as the above),
+ * and distribute linked combinations including the two. You must obey the
+ * GNU General Public License in all respects for all of the code used other than
+ * the above mentioned libraries. If you modify this file, you may extend this
+ * exception to your version of the file, but you are not obligated to do so.
+ * If you do not wish to do so, delete this exception statement from your version.
*/
package mircoders.module;
import mir.entity.EntityList;
import mir.log.LoggerWrapper;
import mir.module.AbstractModule;
-import mir.module.ModuleException;
-import mir.storage.StorageObject;
-import mir.storage.StorageObjectFailure;
+import mir.module.ModuleExc;
+import mir.module.ModuleFailure;
+import mir.util.JDBCStringRoutines;
import mircoders.entity.EntityUsers;
+import mircoders.global.MirGlobal;
import mircoders.storage.DatabaseUsers;
-import freemarker.template.SimpleList;
+
+import java.util.HashMap;
+import java.util.Map;
/*
{
static LoggerWrapper logger = new LoggerWrapper("Module.Users");
- public ModuleUsers(StorageObject theStorage)
- {
- if (theStorage == null)
- logger.warn("StorageObject was null!");
-
- this.theStorage = theStorage;
+ public ModuleUsers() {
+ super(DatabaseUsers.getInstance());
}
/**
- * login method
+ * Authenticate and lookup a user
+ *
+ * @param user The user to lookup
+ * @param password The password
+ * @return The authenticated user, or <code>null</code> if the user
+ * doesn't exist, or the supplied password is invalid.
+ * @throws ModuleExc
*/
- public EntityUsers getUserForLogin(String user, String password) throws ModuleException
- {
- String whereString = "login='" +user + "' and password='"+ password + "' and is_admin='1'";
- EntityList userList = getByWhereClause(whereString, -1);
- if (userList != null && userList.getCount()==1)
- return (EntityUsers)userList.elementAt(0);
- else
+ public EntityUsers getUserForLogin(String user, String password) throws ModuleExc, ModuleFailure {
+ try {
+ String whereString =
+ "login='" + JDBCStringRoutines.escapeStringLiteral(user) + "' " +
+ "and password='" + JDBCStringRoutines.escapeStringLiteral(
+ MirGlobal.localizer().adminInterface().makePasswordDigest(password)) +
+ "' " +
+ "and is_admin='1'";
+
+ EntityList userList = getByWhereClause(whereString, -1);
+
+ if (userList != null && userList.getCount() == 1) {
+ EntityUsers result = (EntityUsers) userList.elementAt(0);
+
+ if (result.getFieldValue("is_disabled") == null ||
+ result.getFieldValue("is_disabled").equals("0"))
+ return result;
+ }
+
return null;
+ }
+ catch (Throwable t) {
+ throw new ModuleFailure(t);
+ }
+ }
+
+ public boolean checkUserPassword(EntityUsers aUser, String aPassword) throws ModuleExc, ModuleFailure {
+ try {
+ return aUser.getFieldValue("password").equals(MirGlobal.localizer().adminInterface().makePasswordDigest(aPassword));
+ }
+ catch (Throwable t) {
+ throw new ModuleFailure(t);
+ }
+ }
+
+ private Map digestPassword(Map aValues) throws ModuleFailure {
+ Map result = aValues;
+
+ try {
+ if (aValues.containsKey("password")) {
+ result = new HashMap();
+ result.putAll(aValues);
+ result.put("password",
+ MirGlobal.localizer().adminInterface().
+ makePasswordDigest( (String) aValues.get("password")));
+ }
+ }
+ catch (Throwable t) {
+ throw new ModuleFailure("ModuleUsers.add: " + t.getMessage(), t);
+ }
+
+ return result;
+ }
+
+ /**
+ *
+ * @param theValues
+ * @return
+ * @throws ModuleExc
+ * @throws ModuleFailure
+ */
+
+ public String add (Map theValues) throws ModuleExc, ModuleFailure {
+ try {
+ return super.add(digestPassword(theValues));
+ }
+ catch (Throwable t) {
+ throw new ModuleFailure(t);
+ }
}
- public EntityList getUsers(String whereClause, int offset, int limit) throws ModuleException
- {
+ /**
+ *
+ * @param theValues
+ * @return
+ * @throws ModuleExc
+ * @throws ModuleFailure
+ */
+ public String set (Map theValues) throws ModuleExc, ModuleFailure {
try {
- return theStorage.selectByWhereClause(whereClause, null, offset, limit);
+ return super.set(digestPassword(theValues));
}
- catch (StorageObjectFailure e){
- throw new ModuleException(e.toString());
+ catch (Throwable t) {
+ throw new ModuleFailure(t);
}
}
- public SimpleList getUsersAsSimpleList() throws ModuleException {
+ public void recordLogin(EntityUsers aUser) throws ModuleExc, ModuleFailure {
try {
- return ((DatabaseUsers)theStorage).getPopupData();
+ String sql = "update webdb_users set lastlogin=now() where id = " + aUser.getId();
+
+ storage.executeUpdate(sql);
}
- catch(StorageObjectFailure e) {
- throw new ModuleException(e.toString());
+ catch (Throwable t) {
+// no propagation of this error for now, to allow mir to still function
+// with older db schemas
+// throw new ModuleFailure(t);
}
}
}
\ No newline at end of file