UserValidator.java

/*******************************************************************************
 * Copyright (c) 2012-2017 Codenvy, S.A.
 * All rights reserved. This program and the accompanying materials
 * are made available under the terms of the Eclipse Public License v1.0
 * which accompanies this distribution, and is available at
 * http://www.eclipse.org/legal/epl-v10.html
 *
 * Contributors:
 *   Codenvy, S.A. - initial API and implementation
 *******************************************************************************/
package org.eclipse.che.api.user.server;

import com.google.common.annotations.VisibleForTesting;

import org.eclipse.che.account.spi.AccountValidator;
import org.eclipse.che.api.core.BadRequestException;
import org.eclipse.che.api.core.ServerException;
import org.eclipse.che.api.core.model.user.User;

import javax.inject.Inject;

import static com.google.common.base.Strings.isNullOrEmpty;

/**
 * Utils for username validation and normalization.
 *
 * @author Mihail Kuznyetsov
 * @author Yevhenii Voevodin
 * @author Sergii Leschenko
 */
public class UserValidator {
    @VisibleForTesting
    final static String GENERATED_NAME_PREFIX = "username";

    private final AccountValidator accountValidator;

    @Inject
    public UserValidator(AccountValidator accountValidator) {
        this.accountValidator = accountValidator;
    }

    /**
     * Checks whether given user is valid.
     *
     * @param user
     *         user to check
     * @throws BadRequestException
     *         when user is not valid
     */
    public void checkUser(User user) throws BadRequestException {
        if (user == null) {
            throw new BadRequestException("User required");
        }
        if (isNullOrEmpty(user.getName())) {
            throw new BadRequestException("User name required");
        }
        if (!isValidName(user.getName())) {
            throw new BadRequestException("Username may only contain alphanumeric characters or single hyphens inside");
        }
        if (isNullOrEmpty(user.getEmail())) {
            throw new BadRequestException("User email required");
        }
        if (user.getPassword() != null) {
            checkPassword(user.getPassword());
        }
    }

    /**
     * Checks whether password is ok.
     *
     * @param password
     *         password to check
     * @throws BadRequestException
     *         when password is not valid
     */
    public void checkPassword(String password) throws BadRequestException {
        if (password == null) {
            throw new BadRequestException("Password required");
        }
        if (password.length() < 8) {
            throw new BadRequestException("Password should contain at least 8 characters");
        }
        int numOfLetters = 0;
        int numOfDigits = 0;
        for (char passwordChar : password.toCharArray()) {
            if (Character.isDigit(passwordChar)) {
                numOfDigits++;
            } else if (Character.isLetter(passwordChar)) {
                numOfLetters++;
            }
        }
        if (numOfDigits == 0 || numOfLetters == 0) {
            throw new BadRequestException("Password should contain letters and digits");
        }
    }

    /**
     * Validate name, if it doesn't contain illegal characters
     *
     * @param name
     *         username
     * @return true if valid name, false otherwise
     */
    public boolean isValidName(String name) {
        return accountValidator.isValidName(name);
    }

    /**
     * Remove illegal characters from username, to make it URL-friendly.
     * If all characters are illegal, return automatically generated username.
     * Also ensures username is unique, if not, adds digits to it's end.
     *
     * @param name
     *         username
     * @return username without illegal characters
     */
    public String normalizeUserName(String name) throws ServerException {
        return accountValidator.normalizeAccountName(name, GENERATED_NAME_PREFIX);
    }
}