UserContextImpl.java

/*******************************************************************************
 * Open Behavioral Health Information Technology Architecture (OBHITA.org)
 * 
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions are met:
 *     * Redistributions of source code must retain the above copyright
 *       notice, this list of conditions and the following disclaimer.
 *     * Redistributions in binary form must reproduce the above copyright
 *       notice, this list of conditions and the following disclaimer in the
 *       documentation and/or other materials provided with the distribution.
 *     * Neither the name of the <organization> nor the
 *       names of its contributors may be used to endorse or promote products
 *       derived from this software without specific prior written permission.
 * 
 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
 * DISCLAIMED. IN NO EVENT SHALL <COPYRIGHT HOLDER> BE LIABLE FOR ANY
 * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 ******************************************************************************/
package gov.samhsa.consent2share.infrastructure.security;

import gov.samhsa.consent2share.common.AuthenticatedUser;
import gov.samhsa.consent2share.common.UserContext;
import gov.samhsa.consent2share.domain.account.Users;
import gov.samhsa.consent2share.domain.account.UsersRepository;
import gov.samhsa.consent2share.domain.patient.Patient;
import gov.samhsa.consent2share.domain.patient.PatientRepository;
import gov.samhsa.consent2share.domain.staff.Staff;
import gov.samhsa.consent2share.domain.staff.StaffRepository;

import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.context.SecurityContext;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;

/**
 * The Class UserContextImpl.
 */
public class UserContextImpl implements UserContext {

	/** The users repository. */
	private UsersRepository usersRepository;

	/** The patient repository. */
	private PatientRepository patientRepository;

	/** The provider admin repository. */
	private StaffRepository providerAdminRepository;

	/** The user details service. */
	private UserDetailsService userDetailsService;

	/**
	 * Instantiates a new user context impl.
	 *
	 * @param usersRepository
	 *            the users repository
	 * @param patientRepository
	 *            the patient repository
	 * @param providerAdminRepository
	 *            the provider admin repository
	 * @param userDetailsService
	 *            the user details service
	 */
	public UserContextImpl(UsersRepository usersRepository,
			PatientRepository patientRepository,
			StaffRepository providerAdminRepository,
			UserDetailsService userDetailsService) {
		super();
		this.usersRepository = usersRepository;
		this.patientRepository = patientRepository;
		this.providerAdminRepository = providerAdminRepository;
		this.userDetailsService = userDetailsService;
	}

	/*
	 * (non-Javadoc)
	 * 
	 * @see
	 * gov.samhsa.consent2share.infrastructure.security.UserContext#getCurrentUser
	 * ()
	 */
	@Override
	public AuthenticatedUser getCurrentUser() {
		SecurityContext context = SecurityContextHolder.getContext();
		Authentication authentication = context.getAuthentication();
		if (authentication == null) {
			return null;
		}

		String username = authentication.getName();

		// Load generic user object from user repository by username
		Users users = usersRepository.loadUserByUsername(username);

		// Initialize patient variable to null
		Patient patient = null;
		// Initialize providerAdmin variable to null
		Staff providerAdmin = null;

		if (users != null) {
			// Check if user is an admin or regular user
			if (users.getAuthorities().contains(
					new SimpleGrantedAuthority("ROLE_ADMIN"))) {
				// If user is an admin, then find providerAdmin by username from
				// the providerAdminRepository
				providerAdmin = providerAdminRepository
						.findByUsername(username);
				patient = null;
			} else if (users.getAuthorities().contains(
					new SimpleGrantedAuthority("ROLE_USER"))) {
				// If user is a regular user (i.e. patient), then find patient
				// by username from the patientRepository
				patient = patientRepository.findByUsername(username);
				providerAdmin = null;
			}
		}

		// Initialize new AuthenticatedUser
		AuthenticatedUser authenticatedUser = new AuthenticatedUser();
		authenticatedUser.setUsername(username);

		/*
		 * Set data for authenticatedUser based on user role (providerAdmin or
		 * patient)
		 * 
		 * patient != null --- user is a patient providerAdmin != null --- user
		 * is a providerAdmin
		 */
		if (patient != null) {
			// Set authenticatedUser data based on data from patient variable
			// (user is a patient)
			authenticatedUser.setFirstName(patient.getFirstName());
			authenticatedUser.setLastName(patient.getLastName());
			authenticatedUser.setBirthDate(patient.getBirthDay());
			authenticatedUser.setGenderDisplayName(patient
					.getAdministrativeGenderCode().getDisplayName());
			authenticatedUser.setIsProviderAdmin(false);
		} else if (providerAdmin != null) {
			// Set authenticatedUser data based on data from providerAdmin
			// variable (user is a providerAdmin)
			authenticatedUser.setFirstName(providerAdmin.getFirstName());
			authenticatedUser.setLastName(providerAdmin.getLastName());
			authenticatedUser.setGenderDisplayName(providerAdmin
					.getAdministrativeGenderCode().getDisplayName());
			authenticatedUser.setIsProviderAdmin(true);
		}

		return authenticatedUser;
	}

	/*
	 * (non-Javadoc)
	 * 
	 * @see
	 * gov.samhsa.consent2share.infrastructure.security.UserContext#setCurrentUser
	 * (java.lang.String)
	 */
	@Override
	public void setCurrentUser(String username) {

		UserDetails userDetails = null;
		try {
			userDetails = userDetailsService.loadUserByUsername(username);
		} catch (UsernameNotFoundException e) {

		}

		if (userDetails != null) {
			Authentication authentication = new UsernamePasswordAuthenticationToken(
					userDetails, "", userDetails.getAuthorities());
			SecurityContextHolder.getContext()
					.setAuthentication(authentication);
		}
	}
}