Examples of tifauv.jplop.core.auth.User

• tifauv.jplop.core.auth.User
  The description of a user. A user has a login, email, password and roles. @version 1.0 @author Olivier Serve

  @Override
  protected void doGet(HttpServletRequest p_request, HttpServletResponse p_response)
  throws IOException,
  ServletException {
    m_logger.info("New GET logout request from [" + p_request.getRemoteAddr() + "].");
    User user = (User)p_request.getSession().getAttribute(CommonConstants.USER_SESSION_ATTR);
    if (user != null) {
      p_request.getSession().removeAttribute(CommonConstants.USER_SESSION_ATTR);
      p_request.getSession().invalidate();
      m_logger.info("User '" + user.getLogin() + "' logged out.");
    }
    else
      m_logger.warn("No user to logout.");

    getServletContext().getRequestDispatcher(SUCCESS_PAGE).forward(p_request, p_response);

      // Cannot happen
      m_logger.warn("Cannot decode the request as UTF-8 !");
    }

    // Check whether we are already logged on
    User currentUser = (User)p_request.getSession().getAttribute(CommonConstants.USER_SESSION_ATTR);
    if (currentUser != null) {
      m_logger.warn("The user [" + currentUser.getLogin() + "] tried to logon but he is already authenticated.");
      p_response.addHeader(CommonConstants.ERROR_HDR, "Already authenticated");
      getServletContext().getRequestDispatcher(FAILURE_PAGE).forward(p_request, p_response);
      currentUser = null;
      return;
    }

    message = message.trim();

    // Get the login of the logged user if any
    String login = null;
    String userAgent = p_request.getHeader(CommonConstants.USER_AGENT_HDR);
    User currentUser = (User)p_request.getSession().getAttribute(CommonConstants.USER_SESSION_ATTR);
    if (currentUser != null) {
      login = currentUser.getLogin();
      if (currentUser.getNick() != null)
        userAgent = currentUser.getNick();
      m_logger.info("Message is '" + message + "' from '" + login + "'.");
    }
    else {
      String nick = (String)p_request.getSession().getAttribute(CommonConstants.NICK_SESSION_ATTR);
      if (nick != null) {
        userAgent = nick;
        m_logger.info("Message is '" + message + "' from an anonymous [" + nick + "].");
      }
      else
        m_logger.info("Message is '" + message + "' from an anonymous coward.");
    }

    // Check if the message is a known command
    boolean addMessage = true;
    if (message.length() > 1 && message.charAt(0) == '/') {
      if (message.startsWith("/nick ")) {
        String nick = message.substring("/nick ".length());
        if (currentUser != null)
          currentUser.setNick(nick);
        else
          p_request.getSession().setAttribute(CommonConstants.NICK_SESSION_ATTR, nick);

        addMessage = false;
      }

    NodeList users = p_users.getElementsByTagName(USER_TAG);
    for (int i=0; i<users.getLength(); ++i) {
      Element userEl = (Element)users.item(i);
      if (userEl.hasAttribute(USER_NAME_ATTR)) {
        try {
          User user = new User();
          user.setLogin(userEl.getAttribute(USER_NAME_ATTR));
          if (userEl.hasAttribute(USER_NICK_ATTR))
            user.setNick(userEl.getAttribute(USER_NICK_ATTR));
          user.setPassword(userEl.getAttribute(USER_PSW_ATTR));
          user.setEmail(userEl.getAttribute(USER_EMAIL_ATTR));
          user.setRoles(userEl.getAttribute(USER_ROLES_ATTR));
          getObject().addUser(user);
        } catch (Exception e) {
          m_logger.error("Could not load a user", e);
        }
      }

   *
   * @param p_request
   * @return
   */
  private String getSettings(HttpServletRequest p_request) {
    User user = (User)p_request.getSession().getAttribute(CommonConstants.USER_SESSION_ATTR);
    String login = null;
    String nick;
    String userAgent = p_request.getHeader(CommonConstants.USER_AGENT_HDR);

    // Compute the buffer's needed length
    int length = 89 + userAgent.length();
    if (user != null) {
      login = user.getLogin();
      length += 28 + login.length();
    }
    if (user != null && user.getNick() != null)
      nick = user.getNick();
    else
      nick = (String)p_request.getSession().getAttribute(CommonConstants.NICK_SESSION_ATTR);
    if (nick != null)
      length += 27 + nick.length();

      // Cannot happen
      m_logger.warn("Cannot decode the request as UTF-8 !");
    }

    // Check whether we are already logged on
    User currentUser = (User)p_request.getSession().getAttribute(CommonConstants.USER_SESSION_ATTR);
    if (currentUser != null) {
      m_logger.warn("The user '" + currentUser.getLogin() + "' tried to logon but he is already authenticated.");
      p_response.setStatus(HttpServletResponse.SC_CONFLICT);
      p_response.addHeader(CommonConstants.ERROR_HDR, "Already authenticated");
      getServletContext().getRequestDispatcher(FAILURE_PAGE).forward(p_request, p_response);
      currentUser = null;
      return;
    }

    UserBase users = Main.get().getUserBase();
    if (users != null) {
      // Check the parameters are all there
      String username = p_request.getParameter(CommonConstants.LOGIN_PARAM);
      if (username == null || username.trim().length() == 0) {
        m_logger.warn("The '" + CommonConstants.LOGIN_PARAM + "' is null or empty.");
        p_request.setAttribute(CommonConstants.ERROR_REQUEST_ATTR, "Le login est obligatoire.");
        p_response.setStatus(HttpServletResponse.SC_BAD_REQUEST);
        p_response.addHeader(CommonConstants.ERROR_HDR, "Missing " + CommonConstants.LOGIN_PARAM + " parameter");
        getServletContext().getRequestDispatcher(FAILURE_PAGE).forward(p_request, p_response);
        return;
      }

      String password = p_request.getParameter(CommonConstants.PASSWORD_PARAM);
      if (password == null || password.length() == 0) {
        m_logger.warn("The '" + CommonConstants.PASSWORD_PARAM + "' is null or empty.");
        p_request.setAttribute(CommonConstants.ERROR_REQUEST_ATTR, "Le mot de passe est obligatoire.");
        p_response.setStatus(HttpServletResponse.SC_BAD_REQUEST);
        p_response.addHeader(CommonConstants.ERROR_HDR, "Missing " + CommonConstants.PASSWORD_PARAM + " parameter");
        getServletContext().getRequestDispatcher(FAILURE_PAGE).forward(p_request, p_response);
        return;
      }

      String confirm  = p_request.getParameter(CommonConstants.PASSWORD_CONFIRM_PARAM);
      if (confirm == null || confirm.length() == 0) {
        m_logger.warn("The '" + CommonConstants.PASSWORD_CONFIRM_PARAM + "' is null or empty.");
        p_request.setAttribute(CommonConstants.ERROR_REQUEST_ATTR, "La confirmation du mot de passe est obligatoire.");
        p_response.setStatus(HttpServletResponse.SC_BAD_REQUEST);
        p_response.addHeader(CommonConstants.ERROR_HDR, "Missing " + CommonConstants.PASSWORD_CONFIRM_PARAM + " parameter");
        getServletContext().getRequestDispatcher(FAILURE_PAGE).forward(p_request, p_response);
        return;
      }

      // OK, now we are sure we got all the required fields
      m_logger.info("Account creation request for user '" + username + "'.");

      // Fail if the password and confirmation don't match
      if (!password.equals(confirm)) {
        m_logger.warn("The password and confirmation for user '" + username + "' don't match.");
        p_request.setAttribute(CommonConstants.ERROR_REQUEST_ATTR, "Le mot de passe et sa confirmation ne correspondent pas, veuillez réessayer.");
        p_response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
        p_response.addHeader(CommonConstants.ERROR_HDR, "Password confirmation failed");
        getServletContext().getRequestDispatcher(FAILURE_PAGE).forward(p_request, p_response);
        return;
      }

      synchronized (users) {
        // Fail if there is already an account for that username
        if (users.containsUser(username)) {
          m_logger.warn("There is already an account for user '" + username + "'.");
          p_request.setAttribute(CommonConstants.ERROR_REQUEST_ATTR, "Le compte \"" + username + "\" existe déjà, veuillez choisir un autre login.");
          p_response.setStatus(HttpServletResponse.SC_CONFLICT);
          p_response.addHeader(CommonConstants.ERROR_HDR, "Account already exists");
          getServletContext().getRequestDispatcher(FAILURE_PAGE).forward(p_request, p_response);
          return;
        }

        // Create the user
        User user = new User();
        try {
          user.setLogin(username);
          user.setPassword(password);
          user.setRoles(users.getDefaultRoles());
        } catch (PasswordException e) {
          user = null;
          m_logger.warn("Could not create the user '" + username + "' : " + e.getMessage());
          p_request.setAttribute(CommonConstants.ERROR_REQUEST_ATTR, "Le mot de passe ne correspond pas aux critères exigés.");
          p_response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);

  /**
   * Test method for {@link tifauv.jplop.core.auth.User#User()}.
   */
  public void testUser() {
    User user = new User();
    assertNull(user.getLogin());
    assertEquals("", user.getEmail());
    assertNull(user.getPassword());
    assertEquals("", user.getRoles());
  }

    assertEquals("", user.getRoles());
  }


  public void testSetLogin() {
    User user = new User();
    assertNull(user.getLogin());
    user.setLogin("tramo-p");
    assertEquals("tramo-p", user.getLogin());
  }

    assertEquals("tramo-p", user.getLogin());
  }


  public void testSetEmail() {
    User user = new User();
    assertEquals("", user.getEmail());
    user.setEmail("tramo-p@plop.org");
    assertEquals("tramo-p@plop.org", user.getEmail());
  }

    assertEquals("tramo-p@plop.org", user.getEmail());
  }


  public void testSetPassword() {
    User user = new User();
    assertNull(user.getPassword());

    try {
      user.setPassword(null);
      assertNull(user.getPassword());

      user.setPassword("");
      assertNull(user.getPassword());

      user.setPassword("pikaron");
      assertNotNull(user.getPassword());
    } catch (PasswordException e) {
      fail(e.getMessage());
    }
  }