UserGroupService.java example

Explorer

imixs-marty-master
- imixs-marty-ejb
  - src
    - main
      - java
        org
        imixs
        marty
        dms
        DmsSchedulerService.java
        ejb
        ConfigService.java
        ImageInterceptor.java
        ProcessService.java
        ProfileService.java
        PropertyInterceptor.java
        SequenceService.java
        SetupService.java
        SystemWorkitemService.java
        WorkitemService.java
        security
        Crypter.java
        UserGroup.java
        UserGroupPlugin.java
        UserGroupService.java
        UserId.java
        plugins
        ApplicationPlugin.java
        ApproverPlugin.java
        ArchivePlugin.java
        BlobWorkitemHandler.java
        CommentPlugin.java
        DMSPlugin.java
        DMSSplitPlugin.java
        DeputyPlugin.java
        MailPlugin.java
        ProfilePlugin.java
        SequenceNumberPlugin.java
        SpacePlugin.java
        TeamPlugin.java
        minutes
        MinutePlugin.java
        util
        WorkitemHelper.java
    - test
      - java
        org
        imixs
        marty
        plugins
        DMSImportTest.java
        TestApproverPlugin.java
        TestCommentPlugin.java
        TestDeputyPlugin.java
        TestRegex.java
        TestTeamPlugin.java
        rest
        StressTest.java
        workflow
        engine
        AbstractWorkflowEnvironment.java
- imixs-marty-util
  - src
    - main
      - java
        org
        imixs
        marty
        config
        ConfigController.java
        ConfigMultiController.java
        InitController.java
        PropertyController.java
        SetupController.java
        model
        ModelController.java
        ProcessController.java
        ReportController.java
        profile
        FavoritesViewController.java
        UserController.java
        UserInputController.java
        util
        Cache.java
        ErrorHandler.java
        ValidationException.java
        ViewExpiredExceptionExceptionHandler.java
        ViewExpiredExceptionExceptionHandlerFactory.java
        view
        SearchController.java
        workflow
        ChildItemController.java
        ChildWorkitemController.java
        DmsController.java
        EditorSection.java
        HistoryController.java
        WorkflowController.java
        WorkflowEvent.java
        WorkflowSchedulerController.java
        WorkflowSchedulerServlet.java
        WorkitemLinkController.java

/*******************************************************************************
 *  Imixs IX Workflow Technology
 *  Copyright (C) 2001, 2008 Imixs Software Solutions GmbH,  
 *  http://www.imixs.com
 *  
 *  This program is free software; you can redistribute it and/or 
 *  modify it under the terms of the GNU General Public License 
 *  as published by the Free Software Foundation; either version 2 
 *  of the License, or (at your option) any later version.
 *  
 *  This program is distributed in the hope that it will be useful, 
 *  but WITHOUT ANY WARRANTY; without even the implied warranty of 
 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 
 *  General Public License for more details.
 *  
 *  You can receive a copy of the GNU General Public
 *  License at http://www.gnu.org/licenses/gpl.html
 *  
 *  Contributors:  
 *  	Imixs Software Solutions GmbH - initial API and implementation
 *  	Ralph Soika
 *******************************************************************************/
package org.imixs.marty.ejb.security;

import java.util.Collection;
import java.util.HashSet;
import java.util.Set;
import java.util.logging.Logger;

import javax.annotation.Resource;
import javax.annotation.security.DeclareRoles;
import javax.annotation.security.RunAs;
import javax.ejb.EJB;
import javax.ejb.LocalBean;
import javax.ejb.SessionContext;
import javax.ejb.Stateless;
import javax.persistence.EntityManager;
import javax.persistence.PersistenceContext;
import javax.persistence.Query;

import org.imixs.workflow.ItemCollection;
import org.imixs.workflow.engine.DocumentService;
import org.imixs.workflow.exceptions.AccessDeniedException;

/**
 * user Group service to provide method for managing user and groups settings.
 * 
 * @author rsoika
 * 
 */
@DeclareRoles({ "org.imixs.ACCESSLEVEL.MANAGERACCESS" })
@Stateless
@RunAs("org.imixs.ACCESSLEVEL.MANAGERACCESS")
@LocalBean
public class UserGroupService {

	@PersistenceContext(unitName = "org.imixs.workflow.jpa")
	private EntityManager manager;

	@Resource
	SessionContext ctx;

	@EJB
	DocumentService documentService;

	private static Logger logger = Logger.getLogger(UserGroupService.class.getName());

	/**
	 * This method verifies the profile data and creates or update the
	 * corresponding user entries in the user tables.
	 * 
	 * NOTE: this method did not change a userid. To do this use the method
	 * changeUser!
	 * 
	 * @param profile
	 */
	@SuppressWarnings("unchecked")
	public void updateUser(ItemCollection profile) {

		String sType = profile.getItemValueString("Type");
		if (!("profile".equals(sType)))
			return;

		String sID = profile.getItemValueString("txtName");
		String sPassword = profile.getItemValueString("txtPassword");
		Collection<String> groups = profile.getItemValue("txtGroups");

		UserId user = null;
		user = manager.find(UserId.class, sID);
		if (user == null) {
			user = new UserId(sID);
			manager.persist(user);
		}

		// encrypt and update password
		if (sPassword != null && !"".equals(sPassword)) {
			String sEncryptedPasswort = Crypter.crypt(sPassword);
			user.setPassword(sEncryptedPasswort);
			// remove password....
			profile.removeItem("txtPassword");
			logger.info("password change for userid '" + sID + "' by '" + ctx.getCallerPrincipal().getName() + "'");

		}

		// find group relation ships
		Set<UserGroup> groupList = new HashSet<UserGroup>();
		for (String aGroup : groups) {
			UserGroup group = manager.find(UserGroup.class, aGroup);
			// if group dos not exist - create it...
			if (group == null) {
				group = new UserGroup(aGroup);
				manager.persist(group);
			}
			groupList.add(group);
		}

		// update groups
		user.setUserGroups(groupList);

		// create Log
		logger.info("updateUser '" + sID + "' by '" + ctx.getCallerPrincipal().getName() + "', GroupList=");
		groups.forEach(n -> logger.info(n));

	}

	/**
	 * This method changes the userID of an existing user entry and updates the
	 * userGroup table entries.
	 * 
	 * @param oldID
	 *            - the existing userEntry
	 * @param newID
	 *            - the name of the new id
	 */
	public void changeUserId(String oldID, String newID) {
		UserId user = null;

		// test if new userid still exits
		user = manager.find(UserId.class, newID);
		if (user != null) {
			logger.warning("changeUser - new userId '" + newID + "'is still in Use!");
			return;
		}

		// find old user entry....
		user = manager.find(UserId.class, oldID);
		if (user == null) {
			logger.warning("changeUser - UserID '" + oldID + "' not found!");
			return;
		}

		// change id
		UserId newUser = new UserId(newID);
		newUser.setPassword(user.getPassword());
		newUser.setUserGroups(user.getUserGroups());
		manager.persist(newUser);

		// remove old
		manager.remove(user);

		// log
		logger.info("changeUserId '" + oldID + "' to '" + newID + "' by '" + ctx.getCallerPrincipal().getName());

	}

	/**
	 * This method deletes the userID of an existing user entry and also the
	 * userGroup table entries.
	 * 
	 * @param userID
	 *            - the existing userEntry
	 */
	public void removeUserId(String userID) {
		UserId user = null;

		// test if userid exits
		user = manager.find(UserId.class, userID);
		if (user == null) {
			logger.warning("removeUserId - userId '" + userID + "' did not exist!");
			return;
		}

		// remove old
		manager.remove(user);

		// log
		logger.info("removeUserId '" + userID + "' by '" + ctx.getCallerPrincipal().getName());
	}

	/**
	 * This method verifies if a default user id already exists. If no userID
	 * exists the method generates a default account 'admin' with password
	 * 'adminadmin'
	 * 
	 * @throws AccessDeniedException
	 */
	@SuppressWarnings("unchecked")
	public void initUserIDs() {

		String sQuery = "SELECT user FROM UserId AS user ";

		Query q = manager.createQuery(sQuery);
		q.setFirstResult(0);
		q.setMaxResults(1);

		Collection<UserId> entityList = q.getResultList();

		if (entityList == null || entityList.size() == 0) {
			logger.info("Create default admin account");
			// create a default account
			ItemCollection profile = new ItemCollection();
			profile.replaceItemValue("type", "profile");
			profile.replaceItemValue("txtName", "admin");
			profile.replaceItemValue("txtPassword", "adminadmin");
			profile.replaceItemValue("txtWorkflowGroup", "Profile");
			profile.replaceItemValue("txtGroups", "IMIXS-WORKFLOW-Manager");

			// hard coded version nummer!
			profile.replaceItemValue("$modelversion", "system-de-0.0.1");
			profile.replaceItemValue("$workflowgroup", "Profil");
			profile.replaceItemValue("$processid", 210);

			try {
				updateUser(profile);
				documentService.save(profile);
			} catch (AccessDeniedException e) {
				logger.warning("UserGroupService - unable to initialize default admin account");
				logger.severe(e.getMessage());
				// throw new RuntimeException(e);
				return;
			}

		}

	}

}