Examples of org.exist.security.internal.aider.UserAider

• org.exist.security.internal.aider.UserAider
  Account details. @author Dmitriy Shabanov

    private void createAdminAndGuestIfNotExist(final DBBroker broker) throws EXistException, PermissionDeniedException {

        //Admin account
        if(getSecurityManager().getAccount(ADMIN_ACCOUNT_ID) == null) {
            //AccountImpl actAdmin = new AccountImpl(broker, this, ADMIN_ACCOUNT_ID, SecurityManager.DBA_USER, "", GROUP_DBA, true);
            final UserAider actAdmin = new UserAider(ADMIN_ACCOUNT_ID, getId(), SecurityManager.DBA_USER);
            actAdmin.setPassword(DEFAULT_ADMIN_PASSWORD);
            actAdmin.setMetadataValue(AXSchemaType.FULLNAME, SecurityManager.DBA_USER);
            actAdmin.setMetadataValue(EXistSchemaType.DESCRIPTION, "System Administrator");
            actAdmin.addGroup(SecurityManager.DBA_GROUP);
            getSecurityManager().addAccount(broker, actAdmin);
        }

        //Guest account
        if(getSecurityManager().getAccount(GUEST_ACCOUNT_ID) == null) {
            //AccountImpl actGuest = new AccountImpl(broker, this, GUEST_ACCOUNT_ID, SecurityManager.GUEST_USER, SecurityManager.GUEST_USER, GROUP_GUEST, false);
            final UserAider actGuest = new UserAider(GUEST_ACCOUNT_ID, getId(), SecurityManager.GUEST_USER);
            actGuest.setMetadataValue(AXSchemaType.FULLNAME, SecurityManager.GUEST_USER);
            actGuest.setMetadataValue(EXistSchemaType.DESCRIPTION, "Anonymous User");
            actGuest.setPassword(DEFAULT_GUEST_PASSWORD);
            actGuest.addGroup(SecurityManager.GUEST_GROUP);
            getSecurityManager().addAccount(broker, actGuest);
        }
    }

    home = homeAttr == null ? null : XmldbURI.create(homeAttr.getValue());

    //TODO: workaround for 'null' admin's password. It should be removed after 6 months (@ 10 July 2010)
    if (id == 1 && password == null) {password = "";}

    final Account new_account = new UserAider(RealmImpl.ID, name);
    new_account.setPassword(password);

    final NodeList gl = node.getChildNodes();
    Node group;
    for (int i = 0; i < gl.getLength(); i++) {
      group = gl.item(i);
      if (group.getNodeType() == Node.ELEMENT_NODE && group.getLocalName().equals(GROUP))
        {new_account.addGroup(group.getFirstChild().getNodeValue());}
    }

    return new_account;
  }

                return;
            }
        }

        //2 - create the user
        final UserAider userAider = new UserAider(txtUsername.getText());
        userAider.setMetadataValue(AXSchemaType.FULLNAME, txtFullName.getText());
        userAider.setMetadataValue(EXistSchemaType.DESCRIPTION, txtDescription.getText());
        userAider.setPassword(txtPassword.getText());
        userAider.setEnabled(!cbDisabled.isSelected());
        userAider.setUserMask(UmaskSpinnerModel.octalUmaskToInt((String)spnUmask.getValue()));

        //add the personal group to the user
        if(cbPersonalGroup.isSelected()) {
            userAider.addGroup(txtUsername.getText());
        }

        //add any other groups to the user
        final Iterator<String> itMemberOfGroups = memberOfGroupsModel.iterator();
        while(itMemberOfGroups.hasNext()) {
            final String memberOfGroup = itMemberOfGroups.next();
            userAider.addGroup(memberOfGroup);
        }

        //set the primary group
        try {
            userAider.setPrimaryGroup(new GroupAider(getPrimaryGroup()));
        } catch(final PermissionDeniedException pde) {
            JOptionPane.showMessageDialog(this, "Could not set primary group '" + getPrimaryGroup() + "' of user '" + txtUsername.getText() + "': " + pde.getMessage(), "Create User Error", JOptionPane.ERROR_MESSAGE);
            return;
        }

                            break;
                        }
                        System.out.println(EOL + "entered passwords differ. Try again...");

                    }
                    final UserAider user = new UserAider(args[1]);
                    user.setPassword(p1);
                    final String groups = console.readLine("enter groups: ");
                    final StringTokenizer tok = new StringTokenizer(groups, " ,");
                    while (tok.hasMoreTokens()) {
                        final String group = tok.nextToken();
                        if (group.length() > 0) {
                            user.addGroup(group);
                        }
                    }

                    mgtService.addAccount(user);
                    System.out.println("user " + user + " created.");
                } catch (final Exception e) {
                    System.out.println("ERROR: " + e.getMessage());
                    e.printStackTrace();
                }
            } else if (args[0].equalsIgnoreCase("users")) {
                final UserManagementService mgtService = (UserManagementService) current
                        .getService("UserManagementService", "1.0");
                final Account users[] = mgtService.getAccounts();
                System.out.println("User\t\tGroups");
                System.out.println("-----------------------------------------");
                for (int i = 0; i < users.length; i++) {
                    System.out.print(users[i].getName() + "\t\t");
                    final String[] groups = users[i].getGroups();
                    for (int j = 0; j < groups.length; j++) {
                        System.out.print(groups[j]);
                        if (j + 1< groups.length) {
                            System.out.print(", ");
                        }
                    }
                    System.out.println();
                }
            } else if (args[0].equalsIgnoreCase("passwd")) {
                if (startGUI) {
                    messageln("command not supported in GUI mode. Please use the \"Edit users\" menu option.");
                    return true;
                }
                if (args.length < 2) {
                    System.out.println("Usage: passwd username");
                    return true;
                }
                try {
                    final UserManagementService mgtService = (UserManagementService) current
                            .getService("UserManagementService", "1.0");
                    final Account user = mgtService.getAccount(args[1]);
                    if (user == null) {
                        System.out.println("no such user.");
                        return true;
                    }
                    String p1;
                    String p2;
                    while (true) {
                        p1 = console.readLine("password: ", Character.valueOf('*'));
                        p2 = console.readLine("re-enter password: ", Character.valueOf('*'));
                        if (p1.equals(p2)) {
                            break;
                        }
                        System.out.println(EOL + "entered passwords differ. Try again...");
                    }
                    user.setPassword(p1);
                    mgtService.updateAccount(user);
                    properties.setProperty("password", p1);
                } catch (final Exception e) {
                    System.err.println("ERROR: " + e.getMessage());
                }

            if (group != null && !secman.hasGroup(group)) {
                final GroupAider aider = new GroupAider(group);
                secman.addGroup(aider);
            }
            if (user != null && !secman.hasAccount(user)) {
                final UserAider aider = new UserAider(user);
                aider.setPassword(password);
                if (group != null)
                    {aider.addGroup(group);}

                secman.addAccount(aider);
            }
        } catch (final ConfigurationException e) {
            throw new PackageException("Failed to create user: " + user, e);

        if( name == null ) {
            throw( new BuildException( "Must specify at leat a user name" ) );
        }

        try {
            final UserAider usr = new UserAider( name );

            if( secret != null ) {
                usr.setPassword( secret );
            }

            if( primaryGroup != null ) {
                usr.addGroup( primaryGroup );
            }

            log( "Adding user " + name, Project.MSG_INFO );
            service.addAccount( usr );

            hasDbaRole = user.hasDbaRole;

            _cred = user._cred;
        } else if(from_user instanceof UserAider) {
            final UserAider user = (UserAider) from_user;

            final String[] gl = user.getGroups();
            for(int i = 0; i < gl.length; i++) {
                addGroup(gl[i]);
            }

            setPassword(user.getPassword());
            digestPassword = user.getDigestPassword();
        } else {
            addGroup(from_user.getDefaultGroup());
            //TODO: groups
        }
    }

        if(!manager.hasAccount(name)) {
            if(!manager.hasAdminPrivileges(user)) {
                throw new RemoteException("not allowed to create user");
            }

            u = new UserAider(name);
            ((UserAider)u).setPasswordDigest(password);
        } else {
            u = manager.getAccount(name);
            if(!(u.getName().equals(user.getName()) || manager.hasAdminPrivileges(user))) {
                throw new RemoteException("you are not allowed to change this user");

        try {
            return executeAsSystemUser(new Unit<Account>(){
                @Override
                public Account execute(DBBroker broker) throws EXistException, PermissionDeniedException {
                    //create the user account
                    UserAider userAider = new UserAider(ID, username, getPrimaryGroup());

                    //store any requested metadata
                    for(Entry<SchemaType, String> entry : metadata.entrySet())
                        userAider.setMetadataValue(entry.getKey(), entry.getValue());

                    Account account = getSecurityManager().addAccount(userAider);

                    return account;
                }

          try {
            db.setSubject(db.getSecurityManager().getSystemSubject());

            //XXX: set OpenID group by default
            account = (AbstractAccount) OpenIDRealm.instance.addAccount(
                new UserAider(OpenIDRealm.instance.getId(), accountName)
              );
          } finally {
            db.setSubject(currentSubject);
          }
        }