/**
SpagoBI - The Business Intelligence Free Platform
Copyright (C) 2005-2009 Engineering Ingegneria Informatica S.p.A.
This library is free software; you can redistribute it and/or
modify it under the terms of the GNU Lesser General Public
License as published by the Free Software Foundation; either
version 2.1 of the License, or (at your option) any later version.
This library is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
Lesser General Public License for more details.
You should have received a copy of the GNU Lesser General Public
License along with this library; if not, write to the Free Software
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
**/
package it.eng.spagobi.security;
import it.eng.spago.base.RequestContainer;
import it.eng.spago.error.EMFUserError;
import it.eng.spagobi.commons.dao.DAOFactory;
import it.eng.spagobi.commons.dao.IRoleDAO;
import it.eng.spagobi.commons.metadata.SbiExtRoles;
import it.eng.spagobi.profiling.bean.SbiUser;
import it.eng.spagobi.profiling.bean.SbiUserAttributes;
import it.eng.spagobi.services.security.bo.SpagoBIUserProfile;
import it.eng.spagobi.services.security.service.ISecurityServiceSupplier;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import org.apache.log4j.Logger;
public class InternalSecurityServiceSupplierImpl implements
ISecurityServiceSupplier {
static private Logger logger = Logger.getLogger(InternalSecurityServiceSupplierImpl.class);
public SpagoBIUserProfile checkAuthentication(String userId, String psw) {
logger.debug("IN - userId: " + userId);
if (userId==null) return null;
// get request container
RequestContainer reqCont = RequestContainer.getRequestContainer();
// get user name
String userName = userId;
// get user from database
try {
SbiUser user = DAOFactory.getSbiUserDAO().loadSbiUserByUserId(userId);
if(user == null){
logger.error("UserName not found into database");
return null;
}
String password = user.getPassword();
String encrPass = Password.encriptPassword(psw);
if (password == null || password.length() == 0) {
logger.error("UserName/pws not defined into database");
return null;
}else if(password.equals(encrPass)){
logger.debug("Logged in with SHA pass");
}else if(!password.equals(encrPass)){
logger.error("UserName/pws not found into database");
return null;
}
SpagoBIUserProfile obj=new SpagoBIUserProfile();
obj.setUniqueIdentifier(userId);
obj.setUserId(userId);
obj.setUserName(userId);
logger.debug("OUT");
return obj;
} catch (EMFUserError e) {
logger.error(e.getMessage(), e);
} catch (Exception e) {
logger.error("PASS decrypt error:"+e.getMessage(), e);
}
return null;
}
public SpagoBIUserProfile checkAuthenticationWithToken(String userId,
String token) {
// TODO Auto-generated method stub
return null;
}
public boolean checkAuthorization(String userId, String function) {
// TODO Auto-generated method stub
return false;
}
public SpagoBIUserProfile createUserProfile(String userId) {
logger.debug("IN - userId: " + userId);
SpagoBIUserProfile profile = null;
try {
SbiUser user = DAOFactory.getSbiUserDAO().loadSbiUserByUserId(userId);
if (user == null) {
logger.error("UserName [" + userId + "] not found!!");
return null;
}
profile = new SpagoBIUserProfile();
profile.setUniqueIdentifier(userId);
profile.setUserId(userId);
profile.setUserName(user.getFullName());
// get user name
String userName = userId;
// get roles of the user
ArrayList<SbiExtRoles> rolesSB = DAOFactory.getSbiUserDAO().loadSbiUserRolesById(user.getId());
List roles = new ArrayList();
Iterator iterRolesSB = rolesSB.iterator();
IRoleDAO roleDAO = DAOFactory.getRoleDAO();
while (iterRolesSB.hasNext()) {
SbiExtRoles roleSB = (SbiExtRoles) iterRolesSB.next();
roles.add(roleSB.getName());
}
HashMap attributes = new HashMap();
ArrayList<SbiUserAttributes> attribs = DAOFactory.getSbiUserDAO().loadSbiUserAttributesById(user.getId());
if(attribs != null){
Iterator iterAttrs = attribs.iterator();
while(iterAttrs.hasNext()){
// Attribute to lookup
SbiUserAttributes attribute = (SbiUserAttributes) iterAttrs.next();
String attributeName = attribute.getSbiAttribute().getAttributeName();
String attributeValue = attribute.getAttributeValue();
if (attributeValue != null) {
logger.debug("Add attribute. " + attributeName + "=" + attributeName + " to the user"
+ userName);
attributes.put(attributeName, attributeValue);
}
}
}
logger.debug("Attributes load into SpagoBI profile: " + attributes);
// end load profile attributes
String[] roleStr = new String[roles.size()];
for (int i = 0; i < roles.size(); i++) {
roleStr[i] = (String) roles.get(i);
}
profile.setRoles(roleStr);
profile.setAttributes(attributes);
} catch (EMFUserError e) {
logger.error(e.getMessage(), e);
return null;
}
logger.debug("OUT");
return profile;
}
}