0001: package org.manentia.kasai;
0002:
0003: import java.text.DateFormat;
0004: import java.text.SimpleDateFormat;
0005: import java.util.ArrayList;
0006: import java.util.Collection;
0007: import java.util.HashMap;
0008: import java.util.Iterator;
0009: import java.util.List;
0010: import java.util.ResourceBundle;
0011:
0012: import org.apache.commons.lang.StringUtils;
0013: import org.manentia.kasai.audit.AuditHandler;
0014: import org.manentia.kasai.authobject.AuthObjectHandler;
0015: import org.manentia.kasai.exceptions.AlreadyExistsException;
0016: import org.manentia.kasai.exceptions.CannotAuditException;
0017: import org.manentia.kasai.exceptions.DataAccessException;
0018: import org.manentia.kasai.exceptions.DoesntExistsException;
0019: import org.manentia.kasai.exceptions.InvalidAttributesException;
0020: import org.manentia.kasai.exceptions.InvalidPasswordException;
0021: import org.manentia.kasai.exceptions.NotEnoughPermissionException;
0022: import org.manentia.kasai.exceptions.NotFoundException;
0023: import org.manentia.kasai.exceptions.ServiceException;
0024: import org.manentia.kasai.exceptions.ServiceNotAvailableException;
0025: import org.manentia.kasai.exceptions.UserBlockedException;
0026: import org.manentia.kasai.group.GroupHandler;
0027: import org.manentia.kasai.operative.OperativeHandler;
0028: import org.manentia.kasai.role.RoleHandler;
0029: import org.manentia.kasai.user.UserHandler;
0030: import org.w3c.dom.Document;
0031:
0032: import com.manentia.commons.CriticalException;
0033: import com.manentia.commons.NonCriticalException;
0034: import com.manentia.commons.audit.AuditBean;
0035: import com.manentia.commons.log.Log;
0036: import com.manentia.commons.xml.XMLBean;
0037: import com.manentia.commons.xml.XMLException;
0038:
0039: /**
0040: * Class to provide authority and authorization functionalities
0041: *
0042: * @author fpena
0043: *
0044: * (c) 2004 Koala Developers S.R.L.
0045: */
0046: public class KasaiFacade {
0047:
0048: //~ Static variables / initialization ---------------------------------------------------------------------------
0049:
0050: /** Permission to read a group */
0051: static final String READ_GROUP = "kasai.group.read";
0052:
0053: /** Permission to delete a user from a group */
0054: static final String DELETE_USER_GROUP = "kasai.group.user.delete";
0055:
0056: /** Permission to add users to a group */
0057: static final String ADD_USER_TO_GROUP = "kasai.group.user.add";
0058:
0059: /** Permission to delete a group */
0060: static final String DELETE_GROUP = "kasai.group.delete";
0061:
0062: /** Permission to modify a group */
0063: static final String COMMIT_GROUP = "kasai.group.commit";
0064:
0065: /** Permission to block a group */
0066: static final String BLOCK_GROUP = "kasai.group.block";
0067:
0068: /** Permission to unblock a group */
0069: static final String UNBLOCK_GROUP = "kasai.group.unblock";
0070:
0071: /** Permission to read a user */
0072: static final String READ_USER = "kasai.user.read";
0073:
0074: /** Permission to delete a user */
0075: static final String DELETE_USER = "kasai.user.delete";
0076:
0077: /** Permission to modify a user */
0078: static final String COMMIT_USER = "kasai.user.commit";
0079:
0080: /** Permission to reset a user password*/
0081: static final String RESET_PASSWORD_USER = "kasai.user.resetpassword";
0082:
0083: /** Permission to block a user */
0084: static final String BLOCK_USER = "kasai.user.block";
0085:
0086: /** Permission to unblock a user */
0087: static final String UNBLOCK_USER = "kasai.user.unblock";
0088:
0089: /** Permission to modify a role */
0090: static final String COMMIT_ROLE = "kasai.role.commit";
0091:
0092: /** Permission to read a role */
0093: static final String READ_ROLE = "kasai.role.read";
0094:
0095: /** Permission to delete a role */
0096: static final String DELETE_ROLE = "kasai.role.delete";
0097:
0098: /** Permission to modify permissions of a object */
0099: static final String MODIFY_ACCESS = "kasai.object.modifyaccess";
0100:
0101: static final String LIST_AUDIT_ENTRIES = "kasai.audit.list";
0102:
0103: /** Singleton instance */
0104: private static KasaiFacade instance = null;
0105:
0106: //~ Constructors --------------------------------------------------------------------------------------------------
0107:
0108: /**
0109: * Returns an instance of KasaiFacade
0110: *
0111: * @return Instance of KasaiFacade
0112: *
0113: */
0114: public static synchronized KasaiFacade getInstance() {
0115: if (instance == null) {
0116: instance = new KasaiFacade();
0117: }
0118:
0119: return instance;
0120: }
0121:
0122: //~ Methods --------------------------------------------------------------------------------------------------------
0123:
0124: /**
0125: * Creates a new KasaiFacade object.
0126: */
0127: private KasaiFacade() {
0128: Log.write("Enter", Log.INFO, "init", KasaiFacade.class);
0129: Log.write("Exit", Log.INFO, "init", KasaiFacade.class);
0130: }
0131:
0132: /**
0133: * Add one operative to a specific role.
0134: *
0135: * @param loginUser User who is making the request
0136: * @param idOperative Operative identifier
0137: * @param role Role identifier
0138: * @param clientIP IP Address of whom is making the request Client IP address
0139: *
0140: * @throws DataAccessException Severe errors like SQL error, IO Error, etc
0141: * @throws DoesntExistsException The operative or role does not exist
0142: * @throws NotEnoughPermissionException The user cannot perform this operation
0143: * @throws CannotAuditException Error auditing operation
0144: */
0145: public void addOperativeToRole(String loginUser,
0146: String idOperative, int role, String clientIP)
0147: throws DataAccessException, DoesntExistsException,
0148: NotEnoughPermissionException, CannotAuditException {
0149:
0150: Log.write("Enter (loginUser="
0151: + StringUtils.defaultString(loginUser, "<null>")
0152: + ",idOperative="
0153: + StringUtils.defaultString(idOperative, "<null>")
0154: + ",role=" + role, Log.INFO, "addOperativeToRole",
0155: KasaiFacade.class);
0156:
0157: long startTime = System.currentTimeMillis();
0158: String raisedError = null;
0159: int returnCode = 0;
0160:
0161: try {
0162: this .validateOperative(loginUser, KasaiFacade.COMMIT_ROLE,
0163: "/kasai/role/" + role);
0164: RoleHandler.getInstance().addOperativeToRole(idOperative,
0165: role);
0166: } catch (DataAccessException e) {
0167: raisedError = KasaiFacade.class.getName() + ".sqlError";
0168: returnCode = 1;
0169: throw e;
0170: } catch (DoesntExistsException deE) {
0171: raisedError = deE.getMessage();
0172: returnCode = 2;
0173: throw deE;
0174: } catch (NotEnoughPermissionException nep) {
0175: raisedError = nep.getMessage();
0176: returnCode = 3;
0177: throw nep;
0178: } finally {
0179:
0180: HashMap<String, String> transactionData = new HashMap<String, String>();
0181:
0182: transactionData.put("idOperative", idOperative);
0183: transactionData.put("role", String.valueOf(role));
0184:
0185: createAuditEntry(
0186: loginUser,
0187: returnCode,
0188: raisedError,
0189: (System.currentTimeMillis() - startTime),
0190: clientIP,
0191: KasaiFacade.class.getName() + ".addOperativeToRole",
0192: "/kasai/role/" + role, transactionData);
0193: }
0194:
0195: Log.write("Exit", Log.INFO, "addOperativeToRole",
0196: KasaiFacade.class);
0197: }
0198:
0199: /**
0200: * Add a user to a specific group
0201: *
0202: * @param loginUser User who is making the request
0203: * @param idGroup Destination group identifier
0204: * @param idUserToAdd User identifier
0205: * @param clientIP IP Address of whom is making the request IP Address of whom is making the request
0206: *
0207: * @throws DataAccessException Severe errors like SQL error, IO Error, etc
0208: * @throws DoesntExistsException The user or group does not exist
0209: * @throws NotEnoughPermissionException The user cannot perform this operation
0210: * @throws CannotAuditException Errors auditing operation
0211: * @throws XMLException
0212: */
0213: public void addUserToGroup(String loginUser, String idGroup,
0214: String idUserToAdd, String clientIP)
0215: throws DataAccessException, DoesntExistsException,
0216: NotEnoughPermissionException, CannotAuditException,
0217: XMLException {
0218:
0219: Log.write("Enter(loginUser="
0220: + StringUtils.defaultString(loginUser, "<null>")
0221: + ",idGroup="
0222: + StringUtils.defaultString(idGroup, "<null>")
0223: + ",idUserToAdd="
0224: + StringUtils.defaultString(idUserToAdd, "<null>")
0225: + ",clientIP="
0226: + StringUtils.defaultString(clientIP, "<null>"),
0227: Log.INFO, "addUserToGroup", KasaiFacade.class);
0228:
0229: long startTime = System.currentTimeMillis();
0230: String raisedError = null;
0231: int returnCode = 0;
0232:
0233: try {
0234: this .validateOperative(loginUser, ADD_USER_TO_GROUP,
0235: "/kasai/group/" + idGroup);
0236:
0237: GroupHandler.getInstance().addUserToGroup(idUserToAdd,
0238: idGroup);
0239: } catch (DataAccessException e) {
0240: raisedError = KasaiFacade.class.getName() + ".sqlErrror";
0241: returnCode = 1;
0242: throw e;
0243: } catch (DoesntExistsException deE) {
0244: raisedError = deE.getMessage();
0245: returnCode = 2;
0246: throw deE;
0247: } catch (NotEnoughPermissionException nep) {
0248: raisedError = nep.getMessage();
0249: returnCode = 3;
0250: throw nep;
0251: } finally {
0252:
0253: HashMap<String, String> transactionData = new HashMap<String, String>();
0254:
0255: transactionData.put("idGroup", idGroup);
0256: transactionData.put("idUserToAdd", idUserToAdd);
0257:
0258: createAuditEntry(loginUser, returnCode, raisedError,
0259: (System.currentTimeMillis() - startTime), clientIP,
0260: KasaiFacade.class.getName() + ".addUserToGroup",
0261: "/kasai/group/" + idGroup, transactionData);
0262: }
0263:
0264: Log
0265: .write("Exit", Log.INFO, "addUserToGroup",
0266: KasaiFacade.class);
0267:
0268: }
0269:
0270: /**
0271: * Method to block just the group, not the users. Users lost permissions assigned to them through the group.
0272: *
0273: * @param loginUser User who is making the request
0274: * @param idGroup Group identifier
0275: * @param clientIP IP Address of whom is making the request
0276: *
0277: * @throws DataAccessException Severe errors like SQL error, IO Error, etc
0278: * @throws InvalidAttributesException Group existing attributes are not correct
0279: * @throws NotEnoughPermissionException The user cannot execute this operative
0280: * @throws DoesntExistsException The group does not exist
0281: * @throws CannotAuditException Error auditing transaction
0282: * @throws XMLException
0283: */
0284: public void blockGroup(String loginUser, String idGroup,
0285: String clientIP) throws DataAccessException,
0286: InvalidAttributesException, NotEnoughPermissionException,
0287: DoesntExistsException, CannotAuditException, XMLException {
0288:
0289: Log.write("Enter", Log.INFO, "blockGroup", KasaiFacade.class);
0290:
0291: long startTime = System.currentTimeMillis();
0292: String raisedError = null;
0293: int returnCode = 0;
0294:
0295: try {
0296: this .validateOperative(loginUser, KasaiFacade.BLOCK_GROUP,
0297: "/kasai/group/" + idGroup);
0298:
0299: Group group = GroupHandler.getInstance().read(idGroup);
0300:
0301: if (group == null) {
0302: Log.write("Group doesn't exist (" + idGroup + ")",
0303: Log.WARN, "blockGroup", KasaiFacade.class);
0304:
0305: throw new DoesntExistsException(KasaiFacade.class
0306: .getName()
0307: + "groupDoesntExist");
0308: }
0309:
0310: group.setBlocked(true);
0311:
0312: GroupHandler.getInstance().update(group);
0313: } catch (DataAccessException e) {
0314: raisedError = KasaiFacade.class.getName() + ".sqlError";
0315: returnCode = 1;
0316: throw e;
0317: } catch (InvalidAttributesException iaE) {
0318: raisedError = iaE.getMessage();
0319: returnCode = 2;
0320: throw iaE;
0321: } catch (NotEnoughPermissionException nep) {
0322: raisedError = nep.getMessage();
0323: returnCode = 3;
0324: throw nep;
0325: } catch (DoesntExistsException deE) {
0326: raisedError = deE.getMessage();
0327: returnCode = 4;
0328: throw deE;
0329: } finally {
0330:
0331: HashMap<String, String> transactionData = new HashMap<String, String>();
0332:
0333: transactionData.put("idGroup", idGroup);
0334:
0335: createAuditEntry(loginUser, returnCode, raisedError,
0336: (System.currentTimeMillis() - startTime), clientIP,
0337: KasaiFacade.class.getName() + ".blockGroup",
0338: "/kasai/group/" + idGroup, transactionData);
0339: }
0340:
0341: Log.write("Exit", Log.INFO, "blockGroup", KasaiFacade.class);
0342: }
0343:
0344: /**
0345: * Method to block a specific user. After this, user is disabled to use the application.
0346: *
0347: * @param loginUser User who is making the request
0348: * @param idUserToBlock User identifier
0349: * @param clientIP IP Address of whom is making the request
0350: *
0351: * @throws DataAccessException Severe errors like SQL error, IO Error, etc
0352: * @throws InvalidAttributesException Existing user information is invalid
0353: * @throws NotEnoughPermissionException The user cannot perform this operation
0354: * @throws DoesntExistsException The selected user does not exist
0355: * @throws CannotAuditException Error auditing transaction
0356: * @throws XMLException
0357: */
0358: public void blockUser(String loginUser, String idUserToBlock,
0359: String clientIP) throws DataAccessException,
0360: InvalidAttributesException, NotEnoughPermissionException,
0361: DoesntExistsException, CannotAuditException, XMLException {
0362:
0363: Log.write("Enter", Log.INFO, "blockUser", KasaiFacade.class);
0364:
0365: long startTime = System.currentTimeMillis();
0366: String raisedError = null;
0367: int returnCode = 0;
0368:
0369: try {
0370: this .validateOperative(loginUser, KasaiFacade.BLOCK_USER,
0371: "/kasai/user/" + idUserToBlock);
0372:
0373: User user = UserHandler.getInstance().read(idUserToBlock,
0374: true);
0375:
0376: if (user == null) {
0377: Log.write("User doesn't exist (" + idUserToBlock + ")",
0378: Log.WARN, "blockUser", KasaiFacade.class);
0379:
0380: throw new DoesntExistsException(KasaiFacade.class
0381: .getName()
0382: + "userDoesntExist");
0383: }
0384:
0385: user.setBlocked(true);
0386:
0387: UserHandler.getInstance().update(user);
0388: } catch (DataAccessException e) {
0389: raisedError = KasaiFacade.class.getName() + ".sqlError";
0390: returnCode = 1;
0391: throw e;
0392: } catch (InvalidAttributesException iaE) {
0393: raisedError = iaE.getMessage();
0394: returnCode = 2;
0395: throw iaE;
0396: } catch (NotEnoughPermissionException nep) {
0397: raisedError = nep.getMessage();
0398: returnCode = 3;
0399: throw nep;
0400: } catch (DoesntExistsException deE) {
0401: raisedError = deE.getMessage();
0402: returnCode = 4;
0403: throw deE;
0404: } finally {
0405:
0406: HashMap<String, String> transactionData = new HashMap<String, String>();
0407:
0408: transactionData.put("idUserToBlock", idUserToBlock);
0409:
0410: createAuditEntry(loginUser, returnCode, raisedError,
0411: (System.currentTimeMillis() - startTime), clientIP,
0412: KasaiFacade.class.getName() + ".blockUser",
0413: "/kasai/user/" + idUserToBlock, transactionData);
0414: }
0415:
0416: Log.write("Exit", Log.INFO, "blockUser", KasaiFacade.class);
0417: }
0418:
0419: /**
0420: * Method to change the user's password
0421: *
0422: * @param login User who is making the request
0423: * @param oldPassword Actual password
0424: * @param newPassword New password
0425: * @param confirmation Confirmation password
0426: * @param clientIP IP Address of whom is making the request
0427: *
0428: * @throws DataAccessException Severe errors like SQL error, IO Error, etc
0429: * @throws InvalidAttributesException Existing user info or new password are not valid
0430: * @throws ServiceException Error changing password at the authentication service level
0431: * @throws ServiceNotAvailableException The authentication service is not available
0432: * @throws DoesntExistsException The user does not exists
0433: * @throws CannotAuditException Error auditing operation
0434: * @throws InvalidPasswordException The old password is not valid
0435: * @throws XMLException
0436: */
0437: public void changePasswordUser(String login, String oldPassword,
0438: String newPassword, String confirmation, String clientIP)
0439: throws DataAccessException, InvalidAttributesException,
0440: ServiceException, ServiceNotAvailableException,
0441: DoesntExistsException, CannotAuditException,
0442: InvalidPasswordException, XMLException {
0443:
0444: Log.write("Enter", Log.INFO, "changePasswordUser",
0445: KasaiFacade.class);
0446:
0447: long startTime = System.currentTimeMillis();
0448: String raisedError = null;
0449: int returnCode = 0;
0450:
0451: try {
0452:
0453: User user = UserHandler.getInstance().read(login, true);
0454:
0455: if (user == null) {
0456: Log.write("User doesn't exist (" + login + ")",
0457: Log.WARN, "changePasswordUser",
0458: KasaiFacade.class);
0459:
0460: throw new DoesntExistsException(KasaiFacade.class
0461: .getName()
0462: + "userDoesntExist");
0463: }
0464:
0465: user.changePassword(oldPassword, newPassword, confirmation);
0466: } catch (DataAccessException e) {
0467: raisedError = KasaiFacade.class.getName() + ".sqlError";
0468: returnCode = 1;
0469: throw e;
0470: } catch (InvalidAttributesException iaE) {
0471: raisedError = iaE.getMessage();
0472: returnCode = 2;
0473: throw iaE;
0474: } catch (ServiceException e) {
0475: raisedError = e.getMessage();
0476: returnCode = 3;
0477: throw e;
0478: } catch (ServiceNotAvailableException e) {
0479: raisedError = e.getMessage();
0480: returnCode = 4;
0481:
0482: throw e;
0483: } catch (DoesntExistsException deE) {
0484: raisedError = deE.getMessage();
0485: returnCode = 5;
0486: throw deE;
0487: } catch (InvalidPasswordException ipe) {
0488: raisedError = ipe.getMessage();
0489: returnCode = 6;
0490: throw ipe;
0491: } finally {
0492:
0493: HashMap<String, String> transactionData = new HashMap<String, String>();
0494:
0495: createAuditEntry(
0496: login,
0497: returnCode,
0498: raisedError,
0499: (System.currentTimeMillis() - startTime),
0500: clientIP,
0501: KasaiFacade.class.getName() + ".changePasswordUser",
0502: "/kasai/user/" + login, transactionData);
0503: }
0504:
0505: Log.write("Exit", Log.INFO, "changePasswordUser",
0506: KasaiFacade.class);
0507: }
0508:
0509: /**
0510: * Method to verify if a user can do a specific operative over the object identified by object parameter
0511: *
0512: * @param login User who is making the request
0513: * @param operative Operative to run over the object
0514: * @param object Id of the object
0515: *
0516: * @return True if the user can do the operative over this object, false in other case
0517: *
0518: */
0519: public boolean checkOperative(String login, String operative,
0520: String object) {
0521:
0522: return UserHandler.getInstance().checkOperative(login,
0523: operative, object);
0524: }
0525:
0526: /**
0527: * Method to verify user's password
0528: *
0529: * @param login User who is making the request
0530: * @param password User password
0531: * @param clientIP IP Address of whom is making the request
0532: *
0533: * @throws DataAccessException Severe errors like SQL error, IO Error, etc
0534: * @throws NotFoundException The user does not exist
0535: * @throws UserBlockedException The user is blocked
0536: * @throws InvalidPasswordException The password is not valid
0537: * @throws ServiceException The authentication service raised an error while validating the password
0538: * @throws ServiceNotAvailableException The authentication service is not available
0539: * @throws CannotAuditException Error auditing operation
0540: * @throws XMLException
0541: */
0542: public void checkPasswordUser(String login, String password,
0543: String clientIP) throws DataAccessException,
0544: NotFoundException, UserBlockedException,
0545: InvalidPasswordException, ServiceException,
0546: ServiceNotAvailableException, CannotAuditException,
0547: XMLException {
0548:
0549: Log.write("Enter(login="
0550: + StringUtils.defaultString(login, "<null>")
0551: + ", password="
0552: + ((password == null) ? "<null>" : "******")
0553: + ", clientIP="
0554: + StringUtils.defaultString(clientIP, "<null>") + ")",
0555: Log.INFO, "checkPasswordUser", KasaiFacade.class);
0556:
0557: long startTime = System.currentTimeMillis();
0558: String raisedError = null;
0559: int returnCode = 0;
0560:
0561: try {
0562: UserHandler.getInstance().checkPassword(login, password);
0563:
0564: Log.write("Exit", Log.INFO, "checkPasswordUser",
0565: KasaiFacade.class);
0566: } catch (DataAccessException e) {
0567: raisedError = KasaiFacade.class.getName() + ".sqlError";
0568: returnCode = 1;
0569: throw e;
0570: } catch (NotFoundException nfe) {
0571: raisedError = nfe.getMessage();
0572: returnCode = 2;
0573: throw nfe;
0574: } catch (UserBlockedException ube) {
0575: raisedError = ube.getMessage();
0576: returnCode = 3;
0577: throw ube;
0578: } catch (InvalidPasswordException ipe) {
0579: raisedError = ipe.getMessage();
0580: returnCode = 5;
0581: throw ipe;
0582: } catch (ServiceException se) {
0583: raisedError = se.getMessage();
0584: returnCode = 7;
0585: throw se;
0586: } catch (ServiceNotAvailableException snae) {
0587: Log.write("Error verifing user password", snae, Log.ERROR,
0588: "checkPasswordUser", KasaiFacade.class);
0589:
0590: raisedError = snae.getMessage();
0591: returnCode = 8;
0592: throw snae;
0593: } finally {
0594:
0595: login = StringUtils.isEmpty(login) ? "guest" : login;
0596:
0597: HashMap<String, String> transactionData = new HashMap<String, String>();
0598:
0599: transactionData.put("login", login);
0600:
0601: createAuditEntry(login, returnCode, raisedError, (System
0602: .currentTimeMillis() - startTime), clientIP,
0603: KasaiFacade.class.getName() + ".checkPasswordUser",
0604: "/kasai/user/" + login, transactionData);
0605: }
0606: }
0607:
0608: /**
0609: * Copy all permissions from one object to another.
0610: *
0611: * @param loginUser User who is making the request
0612: * @param sourceObject
0613: * @param destinationObject
0614: *
0615: * @throws DataAccessException Severe errors like SQL error, IO Error, etc
0616: * @throws DoesntExistsException One (or both) of the objects does not exist
0617: */
0618: public void copyObjectRoles(String loginUser, String sourceObject,
0619: String destinationObject) throws DataAccessException,
0620: DoesntExistsException {
0621:
0622: Log.write("Enter", Log.INFO, "copyObjectRoles",
0623: KasaiFacade.class);
0624:
0625: try {
0626: AuthObjectHandler.getInstance().copyPermissionsFromObject(
0627: sourceObject, destinationObject);
0628: } catch (DataAccessException e) {
0629: throw e;
0630: } catch (DoesntExistsException deE) {
0631: throw deE;
0632: }
0633:
0634: Log.write("Exit", Log.INFO, "copyObjectRoles",
0635: KasaiFacade.class);
0636: }
0637:
0638: /**
0639: * Audit an operation
0640: *
0641: * @param userId User who is making the request
0642: * @param returnCode Return code
0643: * @param errorDescription Error description
0644: * @param duration Duration in milliseconds
0645: * @param clientIP IP Address of whom is making the request
0646: * @param operation Operation executed
0647: * @param objectID Object involved in the operation
0648: * @param transactionData Extra data
0649: *
0650: * @throws CannotAuditException A severe error ocurred while writing the audit entry
0651: */
0652: public void createAuditEntry(String userId, int returnCode,
0653: String errorDescription, long duration, String clientIP,
0654: String operation, String objectID, Document transactionData)
0655: throws CannotAuditException {
0656:
0657: ResourceBundle res = ResourceBundle
0658: .getBundle(Constants.CONFIG_PROPERTY_FILE);
0659: boolean auditIsEnabled = res.getString("kasai.audit.enabled")
0660: .equalsIgnoreCase("yes");
0661:
0662: if (auditIsEnabled) {
0663: Log.write(
0664: "Enter (userId="
0665: + StringUtils.defaultString(userId,
0666: "<null>")
0667: + ", returnCode="
0668: + returnCode
0669: + ", errorDescription="
0670: + StringUtils.defaultString(
0671: errorDescription, "<null>")
0672: + ", duration="
0673: + duration
0674: + ", clientIP="
0675: + StringUtils.defaultString(clientIP,
0676: "<null>")
0677: + ", operation="
0678: + StringUtils.defaultString(operation,
0679: "<null>")
0680: + ", objectID="
0681: + StringUtils.defaultString(objectID,
0682: "<null>")
0683: + ", transactionData="
0684: + ((transactionData == null) ? "<null>"
0685: : "<data>"), Log.INFO,
0686: "createAuditEntry", KasaiFacade.class);
0687:
0688: AuditHandler.createEntry(userId, returnCode,
0689: errorDescription, duration, clientIP, operation,
0690: objectID, transactionData);
0691:
0692: Log.write("Exit", Log.INFO, "createAuditEntry",
0693: KasaiFacade.class);
0694: }
0695: }
0696:
0697: /**
0698: * Audits an operation
0699: *
0700: * @param userId User who is making the request
0701: * @param returnCode Return code
0702: * @param errorDescription Error description
0703: * @param duration Duration in milliseconds
0704: * @param clientIP IP Address of whom is making the request
0705: * @param operation Operation executed
0706: * @param objectID Object involved in the operation
0707: * @param transactionData Extra data
0708: *
0709: * @throws CannotAuditException A severe error ocurred while writing the audit entry
0710: */
0711: public void createAuditEntry(String userId, int returnCode,
0712: String errorDescription, long duration, String clientIP,
0713: String operation, String objectID,
0714: HashMap<String, String> transactionData)
0715: throws CannotAuditException {
0716:
0717: ResourceBundle res = ResourceBundle
0718: .getBundle(Constants.CONFIG_PROPERTY_FILE);
0719: boolean auditIsEnabled = res.getString("kasai.audit.enabled")
0720: .equalsIgnoreCase("yes");
0721:
0722: if (auditIsEnabled) {
0723: Log.write("Enter", Log.INFO, "createAuditEntry",
0724: KasaiFacade.class);
0725:
0726: Document transactionDoc = null;
0727:
0728: try {
0729:
0730: XMLBean auditXML = new XMLBean("TransactionData");
0731: String key;
0732: String value;
0733:
0734: for (Iterator<String> iter = transactionData.keySet()
0735: .iterator(); iter.hasNext();) {
0736: key = (String) iter.next();
0737: value = (String) transactionData.get(key);
0738: auditXML.setString(key, value);
0739: }
0740:
0741: transactionDoc = auditXML.getXML();
0742: } catch (XMLException xmlE) {
0743: Log.write("XML error", xmlE, Log.ERROR,
0744: "createAuditEntry", KasaiFacade.class);
0745:
0746: throw new CannotAuditException(KasaiFacade.class
0747: .getName()
0748: + ".xmlError", xmlE);
0749: }
0750:
0751: createAuditEntry(userId, returnCode, errorDescription,
0752: duration, clientIP, operation, objectID,
0753: transactionDoc);
0754:
0755: Log.write("Exit", Log.INFO, "createAuditEntry",
0756: KasaiFacade.class);
0757: }
0758:
0759: }
0760:
0761: public void createGroup(String loginUser, Group group,
0762: String clientIP) throws DataAccessException,
0763: AlreadyExistsException, InvalidAttributesException,
0764: NotEnoughPermissionException, CannotAuditException,
0765: CriticalException {
0766:
0767: Log.write("Enter", Log.INFO, "createGroup", KasaiFacade.class);
0768:
0769: long startTime = System.currentTimeMillis();
0770: String raisedError = null;
0771: int returnCode = 0;
0772:
0773: try {
0774: this .validateOperative(loginUser, KasaiFacade.COMMIT_GROUP,
0775: "/kasai/group/");
0776:
0777: GroupHandler.getInstance().create(group);
0778:
0779: this .createObject(loginUser, "/kasai/group/"
0780: + group.getId());
0781: } catch (DataAccessException e) {
0782: raisedError = KasaiFacade.class.getName() + ".sqlError";
0783: returnCode = 1;
0784:
0785: throw e;
0786: } catch (AlreadyExistsException aeE) {
0787: raisedError = aeE.getMessage();
0788: returnCode = 2;
0789:
0790: throw aeE;
0791: } catch (InvalidAttributesException e) {
0792: raisedError = e.getMessage();
0793: returnCode = 3;
0794:
0795: throw e;
0796: } catch (NotEnoughPermissionException nep) {
0797: raisedError = nep.getMessage();
0798: returnCode = 4;
0799:
0800: throw nep;
0801: } catch (CriticalException ce) {
0802: raisedError = ce.getMessage();
0803: returnCode = 5;
0804:
0805: throw ce;
0806: } finally {
0807:
0808: HashMap<String, String> transactionData = new HashMap<String, String>();
0809:
0810: transactionData.put("id", group.getId());
0811: transactionData.put("description", group.getDescription());
0812: transactionData.put("blocked", String.valueOf(group
0813: .getBlocked()));
0814:
0815: createAuditEntry(loginUser, returnCode, raisedError,
0816: (System.currentTimeMillis() - startTime), clientIP,
0817: KasaiFacade.class.getName() + ".createGroup",
0818: "/kasai/group/" + group.getId(), transactionData);
0819: }
0820:
0821: Log.write("Exit", Log.INFO, "createGroup", KasaiFacade.class);
0822: }
0823:
0824: /**
0825: * Method to create a group
0826: *
0827: * @param loginUser User who is making the request
0828: * @param id Group Group Identifier
0829: * @param description Group description
0830: * @param blocked Specify if the group must be blocked or not
0831: * @param clientIP IP Address of whom is making the request
0832: *
0833: * @throws DataAccessException Severe errors like SQL error, IO Error, etc
0834: * @throws AlreadyExistsException A group with the given ID already exists
0835: * @throws InvalidAttributesException The attributes are not valid for a group
0836: * @throws NotEnoughPermissionException The user does not have enough permission to execute this operation
0837: * @throws CannotAuditException Error auditing transaction
0838: * @throws CriticalException Severe error creating group
0839: */
0840: public void createGroup(String loginUser, String id,
0841: String description, boolean blocked, String clientIP)
0842: throws DataAccessException, AlreadyExistsException,
0843: InvalidAttributesException, NotEnoughPermissionException,
0844: CannotAuditException, CriticalException {
0845:
0846: Group group = new Group();
0847: group.setId(id);
0848: group.setDescription(description);
0849: group.setBlocked(blocked);
0850:
0851: createGroup(loginUser, group, clientIP);
0852: }
0853:
0854: /**
0855: * Method to register a new object in kasai. It Method assign to the loginUser the role specified in the properties file
0856: * with the property kasai.default.role
0857: *
0858: * @param loginUser User who is making the request
0859: * @param objectId Object identifier
0860: *
0861: * @throws DataAccessException Severe errors like SQL error, IO Error, etc
0862: * @throws CriticalException The object could be created but not its default permissions
0863: */
0864: public void createObject(String loginUser, String objectId)
0865: throws DataAccessException, CriticalException {
0866:
0867: Log.write("Enter", Log.INFO, "createObject", KasaiFacade.class);
0868:
0869: ResourceBundle res = ResourceBundle
0870: .getBundle(Constants.CONFIG_PROPERTY_FILE);
0871:
0872: try {
0873: AuthObjectHandler.getInstance().create(objectId);
0874: AuthObjectHandler.getInstance().createObjectUserRole(
0875: objectId,
0876: loginUser,
0877: Integer.parseInt(res
0878: .getString("kasai.default.role")));
0879: } catch (DataAccessException e) {
0880: throw e;
0881: } catch (DoesntExistsException deE) {
0882: throw new CriticalException(deE);
0883: }
0884:
0885: Log.write("Exit", Log.INFO, "createObject", KasaiFacade.class);
0886: }
0887:
0888: /**
0889: * Method to assign permissions. This assign the role specified to the group over the object identified by objectId
0890: *
0891: * @param loginUser User who is making the request
0892: * @param objectId Object identifier
0893: * @param group Group identifier
0894: * @param role Role identifier
0895: * @param clientIP IP Address of whom is making the request
0896: *
0897: * @throws DataAccessException Severe errors like SQL error, IO Error, etc
0898: * @throws DoesntExistsException The object, group or role doesnt exists
0899: * @throws NotEnoughPermissionException The user cannot perform this operation
0900: * @throws CannotAuditException Error auditing transaction
0901: * @throws XMLException
0902: */
0903: public void createObjectGroupRole(String loginUser,
0904: String objectId, String group, int role, String clientIP)
0905: throws DataAccessException, DoesntExistsException,
0906: NotEnoughPermissionException, CannotAuditException,
0907: XMLException {
0908:
0909: Log.write("Enter (" + loginUser + "," + objectId + "," + group
0910: + "," + role + ")", Log.INFO, "createObjectGroupRole",
0911: KasaiFacade.class);
0912:
0913: long startTime = System.currentTimeMillis();
0914: String raisedError = null;
0915: int returnCode = 0;
0916:
0917: try {
0918: this .validateOperative(loginUser, MODIFY_ACCESS, objectId);
0919:
0920: AuthObjectHandler.getInstance().createObjectGroupRole(
0921: objectId, group, role);
0922: } catch (DataAccessException e) {
0923: raisedError = KasaiFacade.class.getName() + ".sqlError";
0924: returnCode = 1;
0925:
0926: throw e;
0927: } catch (DoesntExistsException deE) {
0928: raisedError = deE.getMessage();
0929: returnCode = 2;
0930:
0931: throw deE;
0932: } catch (NotEnoughPermissionException nep) {
0933: raisedError = nep.getMessage();
0934: returnCode = 3;
0935:
0936: throw nep;
0937: } finally {
0938:
0939: HashMap<String, String> transactionData = new HashMap<String, String>();
0940:
0941: transactionData.put("group", group);
0942: transactionData.put("role", String.valueOf(role));
0943:
0944: createAuditEntry(loginUser, returnCode, raisedError,
0945: (System.currentTimeMillis() - startTime), clientIP,
0946: KasaiFacade.class.getName()
0947: + ".createObjectGroupRole", objectId,
0948: transactionData);
0949: }
0950:
0951: Log.write("Exit", Log.INFO, "createObjectGroupRole",
0952: KasaiFacade.class);
0953: }
0954:
0955: /**
0956: * Method to assign permissions. This assign the role specified to the user over the object identified by objectId
0957: *
0958: * @param objectId User who is making the request
0959: * @param user User identifier
0960: * @param role Role identifier
0961: *
0962: * @throws DataAccessException Severe errors like SQL error, IO Error, etc
0963: * @throws DoesntExistsException The object, user or role doesnt exist
0964: * @throws XMLException
0965: */
0966: public void createObjectUserRole(String objectId, String user,
0967: int role) throws DataAccessException,
0968: DoesntExistsException, XMLException {
0969:
0970: Log.write("Enter", Log.INFO, "createObjectUserRole",
0971: KasaiFacade.class);
0972:
0973: try {
0974: AuthObjectHandler.getInstance().createObjectUserRole(
0975: objectId, user, role);
0976: } catch (DataAccessException e) {
0977: throw e;
0978: } catch (DoesntExistsException deE) {
0979: throw deE;
0980: }
0981:
0982: Log.write("Exit", Log.INFO, "createObjectUserRole",
0983: KasaiFacade.class);
0984: }
0985:
0986: /**
0987: * Method to assign permissions. This assign the role specified to the user over the object identified by objectId
0988: *
0989: * @param loginUser User who is making the request
0990: * @param objectId Object identifier
0991: * @param user User identifier
0992: * @param role Role identifier
0993: * @param clientIP IP Address of whom is making the request
0994: *
0995: * @throws DataAccessException Severe errors like SQL error, IO Error, etc
0996: * @throws DoesntExistsException The user, object or role doesnt exist
0997: * @throws NotEnoughPermissionException The user cannot perform this operation
0998: * @throws CannotAuditException Error auditing transaction
0999: * @throws XMLException
1000: */
1001: public void createObjectUserRole(String loginUser, String objectId,
1002: String user, int role, String clientIP)
1003: throws DataAccessException, DoesntExistsException,
1004: NotEnoughPermissionException, CannotAuditException,
1005: XMLException {
1006:
1007: Log.write("Enter", Log.INFO, "createObjectUserRole",
1008: KasaiFacade.class);
1009:
1010: long startTime = System.currentTimeMillis();
1011: String raisedError = null;
1012: int returnCode = 0;
1013:
1014: try {
1015: this .validateOperative(loginUser, MODIFY_ACCESS, objectId);
1016:
1017: AuthObjectHandler.getInstance().createObjectUserRole(
1018: objectId, user, role);
1019: } catch (DataAccessException e) {
1020: raisedError = KasaiFacade.class.getName() + ".sqlError";
1021: returnCode = 1;
1022: throw e;
1023: } catch (DoesntExistsException deE) {
1024: raisedError = deE.getMessage();
1025: returnCode = 2;
1026: throw deE;
1027: } catch (NotEnoughPermissionException nep) {
1028: raisedError = nep.getMessage();
1029: returnCode = 3;
1030: throw nep;
1031: } finally {
1032:
1033: HashMap<String, String> transactionData = new HashMap<String, String>();
1034:
1035: transactionData.put("user", user);
1036: transactionData.put("role", String.valueOf(role));
1037:
1038: createAuditEntry(loginUser, returnCode, raisedError,
1039: (System.currentTimeMillis() - startTime), clientIP,
1040: KasaiFacade.class.getName()
1041: + ".createObjectUserRole", objectId,
1042: transactionData);
1043: }
1044:
1045: Log.write("Exit", Log.INFO, "createObjectUserRole",
1046: KasaiFacade.class);
1047: }
1048:
1049: /**
1050: * Register an object in Kasai, and assign to the user the specified role (roleId) over an object (objectId)
1051: *
1052: * @param loginUser User who is making the request
1053: * @param objectId Object Identifier
1054: * @param roleId Role identifier
1055: *
1056: * @throws DataAccessException Severe errors like SQL error, IO Error, etc
1057: * @throws DoesntExistsException The user, object or role doesnt exist
1058: * @throws XMLException
1059: */
1060: public void createObjectWithRole(String loginUser, String objectId,
1061: int roleId) throws DataAccessException,
1062: DoesntExistsException, XMLException {
1063:
1064: Log.write("Enter", Log.INFO, "createObjectWithRole",
1065: KasaiFacade.class);
1066:
1067: try {
1068: AuthObjectHandler.getInstance().create(objectId);
1069: if (roleId != -1) {
1070: AuthObjectHandler.getInstance().createObjectUserRole(
1071: objectId, loginUser, roleId);
1072: }
1073: } catch (DataAccessException e) {
1074: throw e;
1075: } catch (DoesntExistsException deE) {
1076: throw deE;
1077: }
1078:
1079: Log.write("Exit", Log.INFO, "createObjectWithRole",
1080: KasaiFacade.class);
1081: }
1082:
1083: /**
1084: * Creates a role
1085: *
1086: * @param loginUser User who is making the request
1087: * @param name Name of the role to be created
1088: * @param description Description of the role to be created
1089: * @param operatives Operatives of the role to be created
1090: * @param clientIP IP Address of whom is making the request
1091: *
1092: * @throws DataAccessException Severe errors like SQL error, IO Error, etc
1093: * @throws CriticalException Severe errors like SQL error, IO Error, etc
1094: * @throws AlreadyExistsException A role with the given name already exists
1095: * @throws DoesntExistsException One of the given operatives does not exist
1096: * @throws InvalidAttributesException The attributes are not valid for a role
1097: * @throws NotEnoughPermissionException The user cannot perform this operation
1098: * @throws CannotAuditException Error auditing transaction
1099: */
1100: public int createRole(String loginUser, String name,
1101: String description, String[] operatives, String clientIP)
1102: throws AlreadyExistsException, DoesntExistsException,
1103: DataAccessException, InvalidAttributesException,
1104: NotEnoughPermissionException, CannotAuditException,
1105: CriticalException {
1106:
1107: Log.write("Enter (name=" + name + ")", Log.INFO, "createRole",
1108: KasaiFacade.class);
1109:
1110: long startTime = System.currentTimeMillis();
1111: String raisedError = null;
1112: int returnCode = 0;
1113: int roleId = -1;
1114:
1115: try {
1116: this .validateOperative(loginUser, KasaiFacade.COMMIT_ROLE,
1117: "/kasai/role/");
1118:
1119: roleId = RoleHandler.getInstance().create(name,
1120: description, operatives);
1121:
1122: this .createObject(loginUser, "/kasai/role/" + roleId);
1123:
1124: } catch (AlreadyExistsException aeE) {
1125: raisedError = aeE.getMessage();
1126: returnCode = 1;
1127:
1128: throw aeE;
1129: } catch (DoesntExistsException deE) {
1130: raisedError = deE.getMessage();
1131: returnCode = 2;
1132:
1133: throw deE;
1134: } catch (DataAccessException e) {
1135: raisedError = KasaiFacade.class.getName() + ".sqlError";
1136: returnCode = 3;
1137:
1138: throw e;
1139: } catch (InvalidAttributesException e) {
1140: raisedError = e.getMessage();
1141: returnCode = 4;
1142:
1143: throw e;
1144: } catch (NotEnoughPermissionException nep) {
1145: raisedError = nep.getMessage();
1146: returnCode = 5;
1147:
1148: throw nep;
1149: } catch (CriticalException ce) {
1150: raisedError = ce.getMessage();
1151: returnCode = 6;
1152:
1153: throw ce;
1154: } finally {
1155:
1156: HashMap<String, String> transactionData = new HashMap<String, String>();
1157:
1158: transactionData.put("name", name);
1159: transactionData.put("description", description);
1160:
1161: createAuditEntry(loginUser, returnCode, raisedError,
1162: (System.currentTimeMillis() - startTime), clientIP,
1163: KasaiFacade.class.getName() + ".createRole",
1164: "/kasai/role/" + roleId, transactionData);
1165: }
1166:
1167: Log.write("Exit", Log.INFO, "createRole", KasaiFacade.class);
1168:
1169: return roleId;
1170: }
1171:
1172: /**
1173: * Creates a user
1174: *
1175: * @param loginUser User who is making the request
1176: * @param idUser Identifier of the user to be created
1177: * @param firstName First Name of the user to be created
1178: * @param lastName Last Name of the user to be created
1179: * @param email Email of the user to be created
1180: * @param blocked Specifies if the user must be blocked or not
1181: * @param description Description of the user to be created
1182: * @param superUser Specifies if the user must be superUser or not
1183: * @param clientIP IP Address of whom is making the request
1184: *
1185: * @throws DataAccessException Severe errors like SQL error, IO Error, etc
1186: * @throws CriticalException Severe errors like SQL error, IO Error, etc
1187: * @throws AlreadyExistsException A user with the given id already exists
1188: * @throws InvalidAttributesException The attributes are not valid for a user
1189: * @throws DoesntExistsException The user executing the transaction does not exist
1190: * @throws NotEnoughPermissionException The user cannot perform this operation
1191: * @throws CannotAuditException Error auditing transaction
1192: * @throws InvalidPasswordException
1193: */
1194: public void createUser(String loginUser, String idUser,
1195: String firstName, String lastName, String email,
1196: boolean blocked, String description, boolean super User,
1197: String clientIP) throws DataAccessException,
1198: AlreadyExistsException, InvalidAttributesException,
1199: DoesntExistsException, NotEnoughPermissionException,
1200: CannotAuditException, CriticalException,
1201: InvalidPasswordException {
1202:
1203: User user = new User();
1204: user.setLogin(idUser);
1205: user.setFirstName(firstName);
1206: user.setLastName(lastName);
1207: user.setEmail(email);
1208: user.setBlocked(blocked);
1209: user.setDescription(description);
1210: user.setSuperUser(super User);
1211:
1212: createUser(loginUser, user, null, clientIP);
1213: }
1214:
1215: /**
1216: * Creates a user
1217: *
1218: * @param loginUser User who is making the request
1219: * @param idUser Identifier of the user to be created
1220: * @param firstName First Name of the user to be created
1221: * @param lastName Last Name of the user to be created
1222: * @param email Email of the user to be created
1223: * @param blocked Specifies if the user must be blocked or not
1224: * @param description Description of the user to be created
1225: * @param superUser Specifies if the user must be superUser or not
1226: * @param password Password to assign to the user
1227: * @param clientIP IP Address of whom is making the request
1228: *
1229: * @throws DataAccessException Severe errors like SQL error, IO Error, etc
1230: * @throws CriticalException Severe errors like SQL error, IO Error, etc
1231: * @throws AlreadyExistsException A user with the given id already exists
1232: * @throws InvalidAttributesException The attributes are not valid for a user
1233: * @throws DoesntExistsException The user executing the transaction does not exist
1234: * @throws NotEnoughPermissionException The user cannot perform this operation
1235: * @throws CannotAuditException Error auditing transaction
1236: */
1237: public void createUser(String loginUser, String idUser,
1238: String firstName, String lastName, String email,
1239: boolean blocked, String description, boolean super User,
1240: String password, String clientIP)
1241: throws DataAccessException, AlreadyExistsException,
1242: InvalidAttributesException, DoesntExistsException,
1243: NotEnoughPermissionException, CannotAuditException,
1244: CriticalException, InvalidPasswordException {
1245:
1246: User user = new User();
1247: user.setLogin(idUser);
1248: user.setFirstName(firstName);
1249: user.setLastName(lastName);
1250: user.setEmail(email);
1251: user.setBlocked(blocked);
1252: user.setDescription(description);
1253: user.setSuperUser(super User);
1254:
1255: createUser(loginUser, user, password, clientIP);
1256: }
1257:
1258: public void createUser(String loginUser, User user,
1259: String password, String clientIP)
1260: throws DataAccessException, AlreadyExistsException,
1261: InvalidAttributesException, DoesntExistsException,
1262: NotEnoughPermissionException, CannotAuditException,
1263: CriticalException, InvalidPasswordException {
1264:
1265: Log.write("Enter", Log.INFO, "createUser", KasaiFacade.class);
1266:
1267: long startTime = System.currentTimeMillis();
1268: String raisedError = null;
1269: int returnCode = 0;
1270:
1271: try {
1272: this .validateOperative(loginUser, KasaiFacade.COMMIT_USER,
1273: "/kasai/user/");
1274:
1275: boolean sU = this .readUser(loginUser).getSuperUser();
1276:
1277: if (!sU) {
1278: user.setSuperUser(false);
1279: }
1280:
1281: if (password == null) {
1282: UserHandler.getInstance().create(user);
1283: } else {
1284: UserHandler.getInstance().create(user, password);
1285: }
1286:
1287: ResourceBundle res = ResourceBundle
1288: .getBundle(Constants.CONFIG_PROPERTY_FILE);
1289: String group = res.getString("kasai.group.all");
1290:
1291: GroupHandler.getInstance().addUserToGroup(user.getLogin(),
1292: group);
1293: this .createObject(loginUser, "/kasai/user/"
1294: + user.getLogin());
1295: } catch (DataAccessException e) {
1296: raisedError = KasaiFacade.class.getName() + ".sqlError";
1297: returnCode = 1;
1298:
1299: throw e;
1300: } catch (AlreadyExistsException aeE) {
1301: raisedError = aeE.getMessage();
1302: returnCode = 2;
1303:
1304: throw aeE;
1305: } catch (InvalidAttributesException e) {
1306: raisedError = e.getMessage();
1307: returnCode = 3;
1308:
1309: throw e;
1310: } catch (DoesntExistsException deE) {
1311: raisedError = deE.getMessage();
1312: returnCode = 4;
1313:
1314: throw deE;
1315: } catch (NotEnoughPermissionException nep) {
1316: raisedError = nep.getMessage();
1317: returnCode = 5;
1318:
1319: throw nep;
1320: } catch (CriticalException ce) {
1321: raisedError = ce.getMessage();
1322: returnCode = 6;
1323:
1324: throw ce;
1325: } finally {
1326:
1327: HashMap<String, String> transactionData = new HashMap<String, String>();
1328:
1329: transactionData.put("idUser", user.getLogin());
1330: transactionData.put("firstName", user.getFirstName());
1331: transactionData.put("lastName", user.getLastName());
1332: transactionData.put("email", user.getEmail());
1333: transactionData.put("blocked", String.valueOf(user
1334: .getBlocked()));
1335: transactionData.put("description", user.getDescription());
1336: transactionData.put("superUser", String.valueOf(user
1337: .getSuperUser()));
1338:
1339: createAuditEntry(loginUser, returnCode, raisedError,
1340: (System.currentTimeMillis() - startTime), clientIP,
1341: KasaiFacade.class.getName() + ".createUser",
1342: "/kasai/user/" + user.getLogin(), transactionData);
1343: }
1344:
1345: Log.write("Exit", Log.INFO, "createUser", KasaiFacade.class);
1346: }
1347:
1348: /**
1349: * Deletes a group
1350: *
1351: * @param loginUser User who is making the request
1352: * @param group Group identifier to be deleted
1353: * @param clientIP IP Address of whom is making the request
1354: *
1355: * @throws DataAccessException Severe errors like SQL error, IO Error, etc
1356: * @throws NotEnoughPermissionException The user cannot perform this operation
1357: * @throws CannotAuditException Error auditing transaction
1358: */
1359: public void deleteGroup(String loginUser, String group,
1360: String clientIP) throws DataAccessException,
1361: NotEnoughPermissionException, CannotAuditException {
1362:
1363: Log.write("Enter", Log.INFO, "deleteGroup", KasaiFacade.class);
1364:
1365: long startTime = System.currentTimeMillis();
1366: String raisedError = null;
1367: int returnCode = 0;
1368:
1369: try {
1370: this .validateOperative(loginUser, DELETE_GROUP,
1371: "/kasai/group/" + group);
1372:
1373: GroupHandler.getInstance().delete(group);
1374:
1375: deleteObject("/kasai/group/" + group);
1376: } catch (DataAccessException e) {
1377: raisedError = KasaiFacade.class.getName() + ".sqlError";
1378: returnCode = 1;
1379:
1380: throw e;
1381: } catch (NotEnoughPermissionException nep) {
1382: raisedError = nep.getMessage();
1383: returnCode = 2;
1384:
1385: throw nep;
1386: } finally {
1387:
1388: HashMap<String, String> transactionData = new HashMap<String, String>();
1389:
1390: transactionData.put("group", group);
1391:
1392: createAuditEntry(loginUser, returnCode, raisedError,
1393: (System.currentTimeMillis() - startTime), clientIP,
1394: KasaiFacade.class.getName() + ".deleteGroup",
1395: "/kasai/group/" + group, transactionData);
1396: }
1397:
1398: Log.write("Exit", Log.INFO, "deleteGroup", KasaiFacade.class);
1399: }
1400:
1401: /**
1402: * Unregister an object from Kasai
1403: *
1404: * @param objectId Object identifier to be deleted
1405: *
1406: * @throws DataAccessException Severe errors like SQL error, IO Error, etc
1407: */
1408: public void deleteObject(String objectId)
1409: throws DataAccessException {
1410: Log.write("Enter", Log.INFO, "deleteObject", KasaiFacade.class);
1411:
1412: try {
1413: AuthObjectHandler.getInstance().delete(objectId);
1414: } catch (DataAccessException e) {
1415: throw e;
1416: }
1417:
1418: Log.write("Exit", Log.INFO, "deleteObject", KasaiFacade.class);
1419: }
1420:
1421: /**
1422: * Remove an assigned role to the group over an object
1423: *
1424: * @param loginUser User who is making the request
1425: * @param id Identifier
1426: * @param clientIP IP Address of whom is making the request
1427: *
1428: * @throws DataAccessException Severe errors like SQL error, IO Error, etc
1429: * @throws CannotAuditException Error auditing transaction
1430: */
1431: public void deleteObjectGroupRole(String loginUser, int id,
1432: String clientIP) throws DataAccessException,
1433: CannotAuditException {
1434:
1435: Log.write("Enter", Log.INFO, "deleteObjectGroupRole",
1436: KasaiFacade.class);
1437:
1438: long startTime = System.currentTimeMillis();
1439: String raisedError = null;
1440: int returnCode = 0;
1441:
1442: try {
1443: AuthObjectHandler.getInstance().deleteObjectGroupRole(id);
1444: } catch (DataAccessException e) {
1445: raisedError = KasaiFacade.class.getName() + ".sqlError";
1446: returnCode = 1;
1447:
1448: throw e;
1449: } finally {
1450:
1451: HashMap<String, String> transactionData = new HashMap<String, String>();
1452:
1453: transactionData.put("id", String.valueOf(id));
1454:
1455: createAuditEntry(loginUser, returnCode, raisedError,
1456: (System.currentTimeMillis() - startTime), clientIP,
1457: KasaiFacade.class.getName()
1458: + ".deleteObjectGroupRole", "",
1459: transactionData);
1460: }
1461:
1462: Log.write("Exit", Log.INFO, "deleteObjectGroupRole",
1463: KasaiFacade.class);
1464: }
1465:
1466: /**
1467: * Remove all assigned roles to the user over an object
1468: *
1469: * @param loginUser User who is making the request
1470: * @param id Relation identifier to be deleted
1471: * @param clientIP IP Address of whom is making the request
1472: *
1473: * @throws DataAccessException Severe errors like SQL error, IO Error, etc
1474: * @throws CannotAuditException Error auditing transaction
1475: */
1476: public void deleteObjectUserRole(String loginUser, int id,
1477: String clientIP) throws DataAccessException,
1478: CannotAuditException {
1479:
1480: Log.write("Enter", Log.INFO, "deleteObjectUserRole",
1481: KasaiFacade.class);
1482:
1483: long startTime = System.currentTimeMillis();
1484: String raisedError = null;
1485: int returnCode = 0;
1486:
1487: try {
1488: AuthObjectHandler.getInstance().deleteObjectUserRole(id);
1489: } finally {
1490:
1491: HashMap<String, String> transactionData = new HashMap<String, String>();
1492:
1493: transactionData.put("id", String.valueOf(id));
1494:
1495: createAuditEntry(loginUser, returnCode, raisedError,
1496: (System.currentTimeMillis() - startTime), clientIP,
1497: KasaiFacade.class.getName()
1498: + ".deleteObjectUserRole", "",
1499: transactionData);
1500: }
1501:
1502: Log.write("Exit", Log.INFO, "deleteObjectUserRole",
1503: KasaiFacade.class);
1504: }
1505:
1506: /**
1507: * Remove all assigned roles to the user over an object
1508: *
1509: * @param user User who is making the request
1510: * @param idObject Object identifier
1511: *
1512: * @throws DataAccessException Severe errors like SQL error, IO Error, etc
1513: */
1514: public void deleteObjectUserRole(String user, String idObject)
1515: throws DataAccessException {
1516:
1517: Log.write("Enter", Log.INFO, "deleteObjectUserRole",
1518: KasaiFacade.class);
1519:
1520: AuthObjectHandler.getInstance().deleteObjectUserRole(user,
1521: idObject);
1522:
1523: Log.write("Exit", Log.INFO, "deleteObjectUserRole",
1524: KasaiFacade.class);
1525: }
1526:
1527: /**
1528: * Remove an assigned role to the user over an object
1529: *
1530: * @param loginUser User who is making the request
1531: * @param user User identifier
1532: * @param idObject Object identifier
1533: * @param role Role identifier
1534: * @param clientIP IP Address of whom is making the request
1535: *
1536: * @throws DataAccessException Severe errors like SQL error, IO Error, etc
1537: * @throws NotEnoughPermissionException The user cannot perform this operation
1538: * @throws CannotAuditException Error auditing transaction
1539: */
1540: public void deleteObjectUserRole(String loginUser, String user,
1541: String idObject, int role, String clientIP)
1542: throws DataAccessException, NotEnoughPermissionException,
1543: CannotAuditException {
1544:
1545: Log.write("Enter", Log.INFO, "deleteObjectUserRole",
1546: KasaiFacade.class);
1547:
1548: long startTime = System.currentTimeMillis();
1549: String raisedError = null;
1550: int returnCode = 0;
1551:
1552: try {
1553: this .validateOperative(loginUser, MODIFY_ACCESS, idObject);
1554:
1555: AuthObjectHandler.getInstance().deleteObjectUserRole(user,
1556: idObject, role);
1557: } catch (DataAccessException e) {
1558: raisedError = KasaiFacade.class.getName() + ".sqlError";
1559: returnCode = 1;
1560:
1561: throw e;
1562: } catch (NotEnoughPermissionException nep) {
1563: raisedError = nep.getMessage();
1564: returnCode = 2;
1565:
1566: throw nep;
1567: } finally {
1568:
1569: HashMap<String, String> transactionData = new HashMap<String, String>();
1570:
1571: transactionData.put("user", user);
1572: transactionData.put("role", String.valueOf(role));
1573:
1574: createAuditEntry(loginUser, returnCode, raisedError,
1575: (System.currentTimeMillis() - startTime), clientIP,
1576: KasaiFacade.class.getName()
1577: + ".deleteObjectUserRole", idObject,
1578: transactionData);
1579: }
1580:
1581: Log.write("Exit", Log.INFO, "deleteObjectUserRole",
1582: KasaiFacade.class);
1583: }
1584:
1585: /**
1586: * Remove all assigned roles to the user over an object
1587: *
1588: * @param loginUser User who is making the request
1589: * @param user User identifier
1590: * @param idObject Object identifier
1591: * @param clientIP IP Address of whom is making the request
1592: *
1593: * @throws DataAccessException Severe errors like SQL error, IO Error, etc
1594: * @throws NotEnoughPermissionException The user cannot perform this operation
1595: * @throws CannotAuditException Error auditing transaction
1596: */
1597: public void deleteObjectUserRole(String loginUser, String user,
1598: String idObject, String clientIP)
1599: throws DataAccessException, NotEnoughPermissionException,
1600: CannotAuditException {
1601:
1602: Log.write("Enter", Log.INFO, "deleteObjectUserRole",
1603: KasaiFacade.class);
1604:
1605: long startTime = System.currentTimeMillis();
1606: String raisedError = null;
1607: int returnCode = 0;
1608:
1609: try {
1610: this .validateOperative(loginUser, MODIFY_ACCESS, idObject);
1611:
1612: AuthObjectHandler.getInstance().deleteObjectUserRole(user,
1613: idObject);
1614: } catch (DataAccessException e) {
1615: raisedError = KasaiFacade.class.getName() + ".sqlError";
1616: returnCode = 1;
1617:
1618: throw e;
1619: } catch (NotEnoughPermissionException nep) {
1620: raisedError = nep.getMessage();
1621: returnCode = 2;
1622:
1623: throw nep;
1624: } finally {
1625:
1626: HashMap<String, String> transactionData = new HashMap<String, String>();
1627:
1628: transactionData.put("user", user);
1629:
1630: createAuditEntry(loginUser, returnCode, raisedError,
1631: (System.currentTimeMillis() - startTime), clientIP,
1632: KasaiFacade.class.getName()
1633: + ".deleteObjectUserRole", idObject,
1634: transactionData);
1635: }
1636:
1637: Log.write("Exit", Log.INFO, "deleteObjectUserRole",
1638: KasaiFacade.class);
1639: }
1640:
1641: /**
1642: * Delete a role
1643: *
1644: * @param loginUser User who is making the request
1645: * @param role Role identifier to be deleted
1646: * @param clientIP IP Address of whom is making the request
1647: *
1648: * @throws DataAccessException Severe errors like SQL error, IO Error, etc
1649: * @throws NotEnoughPermissionException The user cannot perform this operation
1650: * @throws CannotAuditException Error auditing transaction
1651: */
1652: public void deleteRole(String loginUser, int role, String clientIP)
1653: throws DataAccessException, NotEnoughPermissionException,
1654: CannotAuditException {
1655:
1656: Log.write("Enter", Log.INFO, "deleteRole", KasaiFacade.class);
1657:
1658: long startTime = System.currentTimeMillis();
1659: String raisedError = null;
1660: int returnCode = 0;
1661:
1662: try {
1663: this .validateOperative(loginUser, DELETE_ROLE,
1664: "/kasai/role/" + role);
1665:
1666: this .deleteObject("/kasai/role/" + role);
1667: RoleHandler.getInstance().delete(role);
1668: } catch (DataAccessException e) {
1669: raisedError = KasaiFacade.class.getName() + ".sqlError";
1670: returnCode = 1;
1671:
1672: throw e;
1673: } catch (NotEnoughPermissionException nep) {
1674: raisedError = nep.getMessage();
1675: returnCode = 2;
1676:
1677: throw nep;
1678: } finally {
1679:
1680: HashMap<String, String> transactionData = new HashMap<String, String>();
1681:
1682: transactionData.put("role", String.valueOf(role));
1683:
1684: createAuditEntry(loginUser, returnCode, raisedError,
1685: (System.currentTimeMillis() - startTime), clientIP,
1686: KasaiFacade.class.getName()
1687: + ".deleteObjectUserRole", "/kasai/role/"
1688: + role, transactionData);
1689: }
1690:
1691: Log.write("Exit", Log.INFO, "deleteRole", KasaiFacade.class);
1692: }
1693:
1694: /**
1695: * Delete a user
1696: *
1697: * @param loginUser User who is making the request
1698: * @param idUserToDelete User identifier to be deleted
1699: * @param clientIP IP Address of whom is making the request
1700: *
1701: * @throws DataAccessException Severe errors like SQL error, IO Error, etc
1702: * @throws NotEnoughPermissionException The user cannot perform this operation
1703: * @throws CannotAuditException Error auditing transaction
1704: */
1705: public void deleteUser(String loginUser, String idUserToDelete,
1706: String clientIP) throws DataAccessException,
1707: NotEnoughPermissionException, CannotAuditException {
1708:
1709: Log.write("Enter", Log.INFO, "deleteUser", KasaiFacade.class);
1710:
1711: long startTime = System.currentTimeMillis();
1712: String raisedError = null;
1713: int returnCode = 0;
1714:
1715: try {
1716: this .validateOperative(loginUser, DELETE_USER,
1717: "/kasai/user/" + idUserToDelete);
1718:
1719: UserHandler.getInstance().delete(idUserToDelete);
1720:
1721: this .deleteObject("/kasai/user/" + idUserToDelete);
1722: } catch (DataAccessException e) {
1723: raisedError = KasaiFacade.class.getName() + ".sqlError";
1724: returnCode = 1;
1725:
1726: throw e;
1727: } catch (NotEnoughPermissionException nep) {
1728: raisedError = nep.getMessage();
1729: returnCode = 2;
1730:
1731: throw nep;
1732: } finally {
1733:
1734: HashMap<String, String> transactionData = new HashMap<String, String>();
1735:
1736: transactionData.put("idUserToDelete", idUserToDelete);
1737:
1738: createAuditEntry(loginUser, returnCode, raisedError,
1739: (System.currentTimeMillis() - startTime), clientIP,
1740: KasaiFacade.class.getName() + ".deleteUser",
1741: "/kasai/user/" + idUserToDelete, transactionData);
1742: }
1743:
1744: Log.write("Exit", Log.INFO, "deleteUser", KasaiFacade.class);
1745: }
1746:
1747: /**
1748: * Method to verify if a specific user is part of a specific group
1749: *
1750: * @param login User who is making the request
1751: * @param userId Specific user
1752: * @param groupId Specific group
1753: *
1754: * @return true if the userId is part of a groupId
1755: *
1756: * @throws DataAccessException Severe errors like SQL error, IO Error, etc Severe error (SQL errors, IO errors, etc)
1757: * @throws XMLException
1758: */
1759: public boolean isUserInGroup(String login, String userId,
1760: String groupId) throws DataAccessException, XMLException {
1761:
1762: Log
1763: .write("Enter", Log.INFO, "isUserInGroup",
1764: KasaiFacade.class);
1765:
1766: boolean result = false;
1767: Collection<User> users = null;
1768:
1769: if ((StringUtils.isNotEmpty(userId))
1770: && (StringUtils.isNotEmpty(groupId))) {
1771: users = UserHandler.getInstance().list(userId, null, null,
1772: null, -1, null, groupId);
1773: }
1774:
1775: result = (users != null) && (users.size() > 0);
1776:
1777: Log.write("Exit", Log.INFO, "isUserInGroup", KasaiFacade.class);
1778:
1779: return result;
1780: }
1781:
1782: public Collection<AuditBean> listAuditEntries(String loginUser,
1783: java.util.Date dateFrom, java.util.Date dateTo,
1784: java.lang.String user, java.lang.String operation,
1785: String clientIP) throws DataAccessException,
1786: NonCriticalException, CannotAuditException {
1787:
1788: Log.write("Enter", Log.INFO, "listAuditEntries",
1789: KasaiFacade.class);
1790:
1791: long startTime = System.currentTimeMillis();
1792: String raisedError = null;
1793: int returnCode = 0;
1794: Collection<AuditBean> result = null;
1795:
1796: try {
1797: this .validateOperative(loginUser,
1798: KasaiFacade.LIST_AUDIT_ENTRIES, "/kasai");
1799:
1800: result = AuditHandler.listEntries(dateFrom, dateTo, user,
1801: operation);
1802: } catch (DataAccessException e) {
1803: raisedError = KasaiFacade.class.getName() + ".sqlError";
1804: returnCode = 1;
1805:
1806: throw e;
1807: } catch (InvalidAttributesException iaE) {
1808: raisedError = iaE.getMessage();
1809: returnCode = 2;
1810:
1811: throw iaE;
1812: } catch (NotEnoughPermissionException nep) {
1813: raisedError = nep.getMessage();
1814: returnCode = 3;
1815:
1816: throw nep;
1817: } catch (DoesntExistsException dee) {
1818: raisedError = dee.getMessage();
1819: returnCode = 4;
1820:
1821: throw dee;
1822: } catch (NonCriticalException e) {
1823: raisedError = e.getMessage();
1824: returnCode = 5;
1825:
1826: throw e;
1827: } finally {
1828:
1829: HashMap<String, String> transactionData = new HashMap<String, String>();
1830: DateFormat format = new SimpleDateFormat(
1831: "yyyy-MM-dd HH:mm:ss.SSS");
1832:
1833: if (dateFrom != null) {
1834: transactionData
1835: .put("dateFrom", format.format(dateFrom));
1836: }
1837: if (dateTo != null) {
1838: transactionData.put("dateTo", format.format(dateTo));
1839: }
1840: transactionData.put("user", user);
1841: transactionData.put("operation", operation);
1842:
1843: createAuditEntry(loginUser, returnCode, raisedError,
1844: (System.currentTimeMillis() - startTime), clientIP,
1845: KasaiFacade.class.getName() + ".listAuditEntries",
1846: "/kasai", transactionData);
1847: }
1848:
1849: Log.write("Exit", Log.INFO, "listAuditEntries",
1850: KasaiFacade.class);
1851:
1852: return result;
1853: }
1854:
1855: public String[] listGroupMembers(String groupId)
1856: throws DataAccessException {
1857: String[] members = null;
1858:
1859: Log.write("Enter", Log.INFO, "listGroupMembers",
1860: KasaiFacade.class);
1861:
1862: members = UserHandler.getInstance().listUsernames(groupId);
1863:
1864: Log.write("Exit", Log.INFO, "listGroupMembers",
1865: KasaiFacade.class);
1866:
1867: return members;
1868: }
1869:
1870: /**
1871: * List groups
1872: *
1873: * @param actualUser User making the request
1874: * @param idGroup It filters the list by group identifier
1875: * @param description It filters the list by group description
1876: * @param blocked It filters the list by blocked attribute
1877: * @param system It filters the list by system attribute
1878: *
1879: * @return Groups that satisfy given filters.
1880: *
1881: * @throws DataAccessException Severe errors like SQL error, IO Error, etc
1882: * @throws XMLException
1883: */
1884: public List<Group> listGroups(String actualUser, String idGroup,
1885: String description, int blocked, int system)
1886: throws DataAccessException, XMLException {
1887:
1888: List<Group> groups = null;
1889:
1890: Log.write("Enter", Log.INFO, "listGroups", KasaiFacade.class);
1891:
1892: groups = GroupHandler.getInstance().list(idGroup, description,
1893: blocked, system, null);
1894:
1895: Log.write("Exit", Log.INFO, "listGroups", KasaiFacade.class);
1896:
1897: return groups;
1898: }
1899:
1900: /**
1901: * List all the groups a user is member of
1902: *
1903: * @param user user identifier
1904: *
1905: * @return A collection containing the groups
1906: *
1907: * @throws DataAccessException Severe errors like SQL error, IO Error, etc
1908: * @throws XMLException
1909: */
1910: public Collection<Group> listGroupsFromUser(String user)
1911: throws DataAccessException, XMLException {
1912:
1913: Collection<Group> groups = new ArrayList();
1914:
1915: Log.write("Enter", Log.INFO, "listGroupsFromUser",
1916: KasaiFacade.class);
1917:
1918: groups = GroupHandler.getInstance().list(null, null, -1, -1,
1919: user);
1920:
1921: Log.write("Exit", Log.INFO, "listGroupsFromUser",
1922: KasaiFacade.class);
1923:
1924: return groups;
1925: }
1926:
1927: /**
1928: * List all the groups a user is member of
1929: *
1930: * @param loginUser User who is making the request
1931: * @param user User identifier
1932: *
1933: * @return A collection containing groups
1934: *
1935: * @throws DataAccessException Severe errors like SQL error, IO Error, etc
1936: * @throws NotEnoughPermissionException The user cannot perform this operation
1937: * @throws XMLException
1938: */
1939: public Collection<Group> listGroupsFromUser(String loginUser,
1940: String user) throws DataAccessException,
1941: NotEnoughPermissionException, XMLException {
1942:
1943: Collection<Group> groups = new ArrayList();
1944:
1945: Log.write("Enter", Log.INFO, "listGroupsFromUser",
1946: KasaiFacade.class);
1947:
1948: if (!user.equals(loginUser)) {
1949: this .validateOperative(loginUser, KasaiFacade.READ_USER,
1950: "/kasai/user/" + user);
1951: }
1952:
1953: groups = GroupHandler.getInstance().list(null, null, -1, -1,
1954: user);
1955:
1956: Log.write("Exit", Log.INFO, "listGroupsFromUser",
1957: KasaiFacade.class);
1958:
1959: return groups;
1960: }
1961:
1962: /**
1963: * List groups that have a given operative assigned over a specific object.
1964: *
1965: * @param operative Operative
1966: * @param object Object identifier
1967: *
1968: * @return A collection of groups
1969: *
1970: * @throws DataAccessException Severe errors like SQL error, IO Error, etc
1971: * @throws XMLException
1972: */
1973: public Collection<Group> listGroupsOperativeCollection(
1974: String operative, String object)
1975: throws DataAccessException, XMLException {
1976:
1977: Collection<Group> groups = null;
1978:
1979: Log.write("Enter", Log.INFO, "listGroupsOperativeCollection",
1980: KasaiFacade.class);
1981:
1982: groups = OperativeHandler.getInstance().listGroupsOperative(
1983: operative, object);
1984:
1985: Log.write("Exit", Log.INFO, "listGroupsOperativeCollection",
1986: KasaiFacade.class);
1987:
1988: return groups;
1989: }
1990:
1991: /**
1992: * List assigned permissions over a given object
1993: *
1994: * @param loginUser User who is making the request
1995: * @param idObject Object identifier
1996: *
1997: * @return
1998: *
1999: * @throws DataAccessException Severe errors like SQL error, IO Error, etc
2000: */
2001: public Collection listObjectRoles(String loginUser, String idObject)
2002: throws DataAccessException {
2003:
2004: Log.write("Enter", Log.INFO, "listObjectRoles",
2005: KasaiFacade.class);
2006:
2007: Collection list = new ArrayList();
2008:
2009: list.addAll(AuthObjectHandler.getInstance()
2010: .listObjectGroupsRoles(idObject));
2011: list.addAll(AuthObjectHandler.getInstance()
2012: .listObjectUsersRoles(idObject));
2013:
2014: Log.write("Exit", Log.INFO, "listObjectRoles",
2015: KasaiFacade.class);
2016:
2017: return list;
2018: }
2019:
2020: /**
2021: * List all operatives
2022: *
2023: * @param loginUser User who is making the request
2024: *
2025: * @return Operatives
2026: *
2027: * @throws DataAccessException Severe errors like SQL error, IO Error, etc
2028: */
2029: public Collection<Operative> listOperatives(String loginUser)
2030: throws DataAccessException {
2031:
2032: Log.write("Enter", Log.INFO, "listOperatives",
2033: KasaiFacade.class);
2034:
2035: Collection<Operative> operatives = null;
2036:
2037: operatives = OperativeHandler.getInstance().list(null);
2038:
2039: Log
2040: .write("Exit", Log.INFO, "listOperatives",
2041: KasaiFacade.class);
2042:
2043: return operatives;
2044: }
2045:
2046: /**
2047: * List all operatives for a given role
2048: *
2049: * @param loginUser User who is making the request
2050: * @param role Role Identifier
2051: *
2052: * @return
2053: *
2054: * @throws DataAccessException Severe errors like SQL error, IO Error, etc
2055: */
2056: public Collection<Operative> listOperativesFromRole(
2057: String loginUser, int role) throws DataAccessException {
2058:
2059: Log.write("Enter", Log.INFO, "listOperativesFromRole",
2060: KasaiFacade.class);
2061:
2062: Collection<Operative> list = new ArrayList<Operative>();
2063:
2064: list = RoleHandler.getInstance().listOperativesFromRole(role,
2065: "");
2066:
2067: Log.write("Exit", Log.INFO, "listOperativesFromRole",
2068: KasaiFacade.class);
2069:
2070: return list;
2071: }
2072:
2073: /**
2074: * List operatives that are not part of the role
2075: *
2076: * @param loginUser User who is making the request
2077: * @param role Role identifier
2078: *
2079: * @return
2080: *
2081: * @throws DataAccessException Severe errors like SQL error, IO Error, etc
2082: */
2083: public Collection<Operative> listOperativesNotInRole(
2084: String loginUser, int role) throws DataAccessException {
2085:
2086: Log.write("Enter", Log.INFO, "listOperativesNotInRole",
2087: KasaiFacade.class);
2088:
2089: Collection<Operative> list = new ArrayList<Operative>();
2090:
2091: list = RoleHandler.getInstance().listOperativesNotInRole(role);
2092:
2093: Log.write("Exit", Log.INFO, "listOperativesNotInRole",
2094: KasaiFacade.class);
2095:
2096: return list;
2097: }
2098:
2099: /**
2100: * List all roles
2101: *
2102: * @param loginUser User who is making the request
2103: * @param name It filters the list by the role name
2104: *
2105: * @return List of roles
2106: *
2107: * @throws DataAccessException Severe errors like SQL error, IO Error, etc
2108: */
2109: public List<Role> listRoles(String loginUser, String name)
2110: throws DataAccessException {
2111:
2112: Log.write("Enter", Log.INFO, "listRoles", KasaiFacade.class);
2113:
2114: List<Role> roles = null;
2115:
2116: roles = RoleHandler.getInstance().list(name, false);
2117:
2118: Log.write("Exit", Log.INFO, "listRoles", KasaiFacade.class);
2119:
2120: return roles;
2121: }
2122:
2123: public String[] listUsernames() throws DataAccessException {
2124: Log
2125: .write("Enter", Log.INFO, "listUsernames",
2126: KasaiFacade.class);
2127:
2128: String[] users = UserHandler.getInstance().listUsernames();
2129:
2130: Log.write("Exit", Log.INFO, "listUsernames", KasaiFacade.class);
2131:
2132: return users;
2133: }
2134:
2135: /**
2136: * List users
2137: *
2138: * @param loginUser User who is making the request
2139: * @param login It filters the list by the user login
2140: * @param firstName It filters the list by the user first name
2141: * @param lastName It filters the list by the user last name
2142: * @param email It filters the list by the user email
2143: * @param blocked It filters the list by the block attribute
2144: * @param description It filters the list by the user description
2145: * @param group It filters the list by a specific group that the user has to belong to
2146: *
2147: * @return List of users
2148: *
2149: * @throws DataAccessException Severe errors like SQL error, IO Error, etc
2150: * @throws XMLException
2151: */
2152: public List<User> listUsers(String loginUser, String login,
2153: String firstName, String lastName, String email,
2154: int blocked, String description, String group)
2155: throws DataAccessException, XMLException {
2156:
2157: List<User> users = null;
2158:
2159: Log.write("Enter", Log.INFO, "listUsers", KasaiFacade.class);
2160:
2161: users = UserHandler.getInstance().list(login, firstName,
2162: lastName, email, blocked, description, group);
2163:
2164: Log.write("Exit", Log.INFO, "listUsers", KasaiFacade.class);
2165:
2166: return users;
2167: }
2168:
2169: /**
2170: * List group's users without checking permission
2171: *
2172: * @param group Group Identifier
2173: *
2174: * @return List of users
2175: *
2176: * @throws DataAccessException Severe errors like SQL error, IO Error, etc
2177: * @throws XMLException
2178: */
2179: public Collection<User> listUsersFromGroup(String group)
2180: throws DataAccessException, XMLException {
2181:
2182: Collection<User> users = null;
2183:
2184: Log.write("Enter", Log.INFO, "listUsersFromGroup",
2185: KasaiFacade.class);
2186:
2187: users = UserHandler.getInstance().list(null, null, null, null,
2188: -1, null, group);
2189:
2190: Log.write("Exit", Log.INFO, "listUsersFromGroup",
2191: KasaiFacade.class);
2192:
2193: return users;
2194: }
2195:
2196: /**
2197: * List group's users checking permission
2198: *
2199: * @param loginUser User who is making the request
2200: * @param group Group identifier
2201: *
2202: * @return List of users
2203: *
2204: * @throws DataAccessException Severe errors like SQL error, IO Error, etc
2205: * @throws XMLException
2206: */
2207: public Collection<User> listUsersFromGroup(String loginUser,
2208: String group) throws DataAccessException, XMLException {
2209:
2210: Collection<User> users = null;
2211:
2212: Log.write("Enter", Log.INFO, "listUsersFromGroup",
2213: KasaiFacade.class);
2214:
2215: users = UserHandler.getInstance().list(null, null, null, null,
2216: -1, null, group);
2217:
2218: Log.write("Exit", Log.INFO, "listUsersFromGroup",
2219: KasaiFacade.class);
2220:
2221: return users;
2222: }
2223:
2224: /**
2225: * List users that aren't part of a group
2226: *
2227: * @param loginUser User who is making the request
2228: * @param group Group identifier
2229: *
2230: * @return List of users
2231: *
2232: * @throws DataAccessException Severe errors like SQL error, IO Error, etc
2233: * @throws XMLException
2234: */
2235: public Collection<User> listUsersNotInGroup(String loginUser,
2236: String group) throws DataAccessException, XMLException {
2237:
2238: Collection<User> aux = null;
2239:
2240: Log.write("Enter", Log.INFO, "listUsersNotInGroup",
2241: KasaiFacade.class);
2242:
2243: ArrayList<User> users = new ArrayList<User>();
2244:
2245: aux = GroupHandler.getInstance().listUsersNotInGroup(group);
2246:
2247: for (Iterator<User> iter = aux.iterator(); iter.hasNext();) {
2248:
2249: User u = (User) iter.next();
2250:
2251: try {
2252: this .validateOperative(loginUser,
2253: KasaiFacade.READ_USER, "/kasai/user/"
2254: + u.getLogin());
2255: users.add(u);
2256: } catch (Exception e) {
2257: }
2258: }
2259:
2260: Log.write("Exit", Log.INFO, "listUsersNotInGroup",
2261: KasaiFacade.class);
2262:
2263: return users;
2264: }
2265:
2266: /**
2267: * List users that have a given operative assigned over a specific object.
2268: *
2269: * @param operative Operative identifier
2270: * @param object Object identifier
2271: *
2272: * @return A collection of users
2273: *
2274: * @throws DataAccessException Severe errors like SQL error, IO Error, etc
2275: * @throws XMLException
2276: */
2277: public Collection<User> listUsersOperative(String operative,
2278: String object) throws DataAccessException, XMLException {
2279:
2280: Collection<User> users = null;
2281:
2282: Log.write("Enter", Log.INFO, "listUsersOperative",
2283: KasaiFacade.class);
2284:
2285: users = OperativeHandler.getInstance().listUsersOperative(
2286: operative, object);
2287:
2288: Log.write("Exit", Log.INFO, "listUsersOperative",
2289: KasaiFacade.class);
2290:
2291: return users;
2292: }
2293:
2294: /**
2295: * Modify a role
2296: *
2297: * @param loginUser User who is making the request
2298: * @param role Role identifier
2299: * @param name New name of the role to be modified
2300: * @param description New description of the role to be modified
2301: * @param operatives New operatives of the role to be modified
2302: * @param clientIP IP Address of whom is making the request
2303: *
2304: * @throws DataAccessException Severe errors like SQL error, IO Error, etc
2305: * @throws InvalidAttributesException The new attributes are not valid for a role
2306: * @throws NotEnoughPermissionException The user cannot perform this operation
2307: * @throws CannotAuditException Error auditing transaction
2308: */
2309: public void modifyRole(String loginUser, int role, String name,
2310: String description, String[] operatives, String clientIP)
2311: throws DataAccessException, InvalidAttributesException,
2312: NotEnoughPermissionException, CannotAuditException {
2313:
2314: Log.write("Enter", Log.INFO, "modifyRole", KasaiFacade.class);
2315:
2316: long startTime = System.currentTimeMillis();
2317: String raisedError = null;
2318: int returnCode = 0;
2319:
2320: try {
2321: this .validateOperative(loginUser, KasaiFacade.COMMIT_ROLE,
2322: "/kasai/role/" + role);
2323:
2324: RoleHandler.getInstance().update(role, name, description,
2325: operatives);
2326: } catch (DataAccessException e) {
2327: raisedError = KasaiFacade.class.getName() + ".sqlError";
2328: returnCode = 1;
2329:
2330: throw e;
2331: } catch (InvalidAttributesException e) {
2332: raisedError = e.getMessage();
2333: returnCode = 2;
2334:
2335: throw e;
2336: } catch (NotEnoughPermissionException nep) {
2337: raisedError = nep.getMessage();
2338: returnCode = 3;
2339:
2340: throw nep;
2341: } finally {
2342:
2343: HashMap<String, String> transactionData = new HashMap<String, String>();
2344:
2345: transactionData.put("role", String.valueOf(role));
2346: transactionData.put("name", name);
2347: transactionData.put("description", description);
2348:
2349: createAuditEntry(loginUser, returnCode, raisedError,
2350: (System.currentTimeMillis() - startTime), clientIP,
2351: KasaiFacade.class.getName() + ".modifyRole",
2352: "/kasai/role/" + role, transactionData);
2353: }
2354:
2355: Log.write("Exit", Log.INFO, "modifyRole", KasaiFacade.class);
2356: }
2357:
2358: /**
2359: * Read a group without checking permission
2360: *
2361: * @param group Group identifier
2362: *
2363: * @return Group identified by group parameter
2364: *
2365: * @throws DataAccessException Severe errors like SQL error, IO Error, etc
2366: * @throws DoesntExistsException The group doesnt exist
2367: * @throws XMLException
2368: */
2369: public Group readGroup(String group) throws DataAccessException,
2370: DoesntExistsException, XMLException {
2371:
2372: Group g = null;
2373:
2374: Log.write("Enter", Log.INFO, "readGroup", KasaiFacade.class);
2375:
2376: g = GroupHandler.getInstance().read(group);
2377:
2378: if (g == null) {
2379: Log.write("Group doesn't exist", Log.WARN, "readGroup",
2380: KasaiFacade.class);
2381:
2382: throw new DoesntExistsException(KasaiFacade.class.getName()
2383: + ".groupDoesntExist");
2384: }
2385:
2386: Log.write("Exit", Log.INFO, "readGroup", KasaiFacade.class);
2387:
2388: return g;
2389: }
2390:
2391: /**
2392: * Read a group checking permission and auditing the transaction
2393: *
2394: * @param loginUser User who is making the request
2395: * @param group Group identifier to be readed
2396: * @param clientIP IP Address of whom is making the request
2397: *
2398: * @return Group indentified by group parameter or null if it doesn't exist
2399: *
2400: * @throws DataAccessException Severe errors like SQL error, IO Error, etc
2401: * @throws NotEnoughPermissionException The user cannot perform this operation
2402: * @throws CannotAuditException Error auditing transaction
2403: * @throws DoesntExistsException The group does not exist
2404: * @throws XMLException
2405: */
2406: public Group readGroup(String loginUser, String group,
2407: String clientIP) throws NotEnoughPermissionException,
2408: CannotAuditException, DataAccessException,
2409: DoesntExistsException, XMLException {
2410:
2411: Log.write("Enter", Log.INFO, "readGroup", KasaiFacade.class);
2412:
2413: long startTime = System.currentTimeMillis();
2414: String raisedError = null;
2415: int returnCode = 0;
2416:
2417: Group g = null;
2418:
2419: try {
2420: this .validateOperative(loginUser, KasaiFacade.READ_GROUP,
2421: "/kasai/group/" + group);
2422:
2423: g = this .readGroup(group);
2424: } catch (NotEnoughPermissionException nep) {
2425: raisedError = nep.getMessage();
2426: returnCode = 3;
2427:
2428: throw nep;
2429: } catch (DoesntExistsException deE) {
2430: raisedError = deE.getMessage();
2431: returnCode = 4;
2432:
2433: throw deE;
2434: } finally {
2435:
2436: HashMap<String, String> transactionData = new HashMap<String, String>();
2437:
2438: createAuditEntry(loginUser, returnCode, raisedError,
2439: (System.currentTimeMillis() - startTime), clientIP,
2440: KasaiFacade.class.getName() + ".readGroup",
2441: "/kasai/group/" + group, transactionData);
2442: }
2443:
2444: Log.write("Exit", Log.INFO, "readGroup", KasaiFacade.class);
2445:
2446: return g;
2447: }
2448:
2449: /**
2450: * Reads a role without checking permission
2451: *
2452: * @param role Role identifier
2453: *
2454: * @return An Object Role object representing the object role with the given role id
2455: *
2456: * @throws DataAccessException Severe errors like SQL error, IO Error, etc
2457: */
2458: public Role readRole(int role) throws DataAccessException {
2459:
2460: Role r = null;
2461:
2462: Log.write("Enter", Log.INFO, "readRole", KasaiFacade.class);
2463:
2464: r = RoleHandler.getInstance().read(role);
2465:
2466: Log.write("Exit", Log.INFO, "readRole", KasaiFacade.class);
2467:
2468: return r;
2469: }
2470:
2471: /**
2472: * Read a role
2473: *
2474: * @param loginUser User who is making the request
2475: * @param role Role identifier
2476: *
2477: * @return Role identified by role parameter or null if the role doesnt' exist
2478: *
2479: * @throws DataAccessException Severe errors like SQL error, IO Error, etc
2480: */
2481: public Role readRole(String loginUser, int role)
2482: throws DataAccessException {
2483:
2484: Role r;
2485:
2486: Log.write("Enter", Log.INFO, "readRole", KasaiFacade.class);
2487:
2488: r = readRole(role);
2489:
2490: Log.write("Exit", Log.INFO, "readRole", KasaiFacade.class);
2491:
2492: return r;
2493: }
2494:
2495: /**
2496: * Read a user without checking permission
2497: *
2498: * @param login User who is making the request
2499: *
2500: * @return User identified by login parameter or null if the user doesn't exist
2501: *
2502: * @throws DataAccessException Severe errors like SQL error, IO Error, etc
2503: * @throws DoesntExistsException The user doesnt exist
2504: * @throws XMLException
2505: */
2506: public User readUser(String login) throws DataAccessException,
2507: DoesntExistsException, XMLException {
2508:
2509: User user = null;
2510:
2511: Log.write("Enter", Log.INFO, "readUser", KasaiFacade.class);
2512:
2513: user = UserHandler.getInstance().read(login, true);
2514:
2515: if (user == null) {
2516: Log.write("User doesn't exist", Log.WARN, "readUser",
2517: KasaiFacade.class);
2518:
2519: throw new DoesntExistsException(KasaiFacade.class.getName()
2520: + ".userDoesntExist");
2521: }
2522:
2523: Log.write("Exit", Log.INFO, "readUser", KasaiFacade.class);
2524:
2525: return user;
2526: }
2527:
2528: /**
2529: * Read a user checking permission and auditing the transaction.
2530: *
2531: * @param loginUser User who is making the request
2532: * @param login User login
2533: * @param clientIP IP Address of whom is making the request
2534: *
2535: * @return User identified by login parameter or null if the user doesn't exist
2536: *
2537: * @throws DataAccessException Severe errors like SQL error, IO Error, etc
2538: * @throws NotEnoughPermissionException The user cannot perform this operation
2539: * @throws CannotAuditException Error auditing transaction
2540: * @throws DoesntExistsException The user doesnt exist
2541: * @throws XMLException
2542: */
2543: public User readUser(String loginUser, String login, String clientIP)
2544: throws NotEnoughPermissionException, CannotAuditException,
2545: DataAccessException, DoesntExistsException, XMLException {
2546:
2547: Log.write("Enter", Log.INFO, "readUser", KasaiFacade.class);
2548:
2549: long startTime = System.currentTimeMillis();
2550: String raisedError = null;
2551: int returnCode = 0;
2552:
2553: User user = null;
2554:
2555: if (!loginUser.equals(login)) {
2556: try {
2557: this .validateOperative(loginUser,
2558: KasaiFacade.READ_USER, "/kasai/user/" + login);
2559:
2560: user = this .readUser(login);
2561: } catch (NotEnoughPermissionException nep) {
2562: raisedError = nep.getMessage();
2563: returnCode = 3;
2564:
2565: throw nep;
2566: } catch (DoesntExistsException dee) {
2567: raisedError = dee.getMessage();
2568: returnCode = 4;
2569:
2570: throw dee;
2571: } finally {
2572:
2573: HashMap<String, String> transactionData = new HashMap<String, String>();
2574:
2575: createAuditEntry(loginUser, returnCode, raisedError,
2576: (System.currentTimeMillis() - startTime),
2577: clientIP, KasaiFacade.class.getName()
2578: + ".readUser", "/kasai/user/" + login,
2579: transactionData);
2580: }
2581: } else {
2582: user = this .readUser(login);
2583: }
2584:
2585: Log.write("Exit", Log.INFO, "readUser", KasaiFacade.class);
2586:
2587: return user;
2588: }
2589:
2590: /**
2591: * Reset the user password and send it to his email.
2592: *
2593: * @param loginUser User who is making the request
2594: * @param clientIP IP Address of whom is making the request
2595: *
2596: * @throws DataAccessException Severe errors like SQL error, IO Error, etc
2597: * @throws ServiceException Severe error returned from the authentication service
2598: * @throws ServiceNotAvailableException The configured authentication service is not available
2599: * @throws DoesntExistsException The user doesnt exist
2600: * @throws CannotAuditException Error auditing transaction
2601: * @throws XMLException
2602: */
2603: public void remindPasswordUser(String loginUser, String clientIP)
2604: throws ServiceException, ServiceNotAvailableException,
2605: DataAccessException, DoesntExistsException,
2606: CannotAuditException, XMLException {
2607:
2608: Log.write("Enter", Log.INFO, "remindPasswordUser",
2609: KasaiFacade.class);
2610:
2611: long startTime = System.currentTimeMillis();
2612: String raisedError = null;
2613: int returnCode = 0;
2614:
2615: try {
2616: User user = this .readUser(loginUser);
2617:
2618: user.resetPassword();
2619: } catch (ServiceException e) {
2620: raisedError = e.getMessage();
2621: returnCode = 1;
2622:
2623: throw e;
2624: } catch (DoesntExistsException e) {
2625: raisedError = e.getMessage();
2626: returnCode = 3;
2627:
2628: throw e;
2629: } catch (ServiceNotAvailableException e) {
2630: raisedError = e.getMessage();
2631: returnCode = 2;
2632:
2633: throw e;
2634: } finally {
2635:
2636: HashMap<String, String> transactionData = new HashMap<String, String>();
2637:
2638: createAuditEntry(
2639: loginUser,
2640: returnCode,
2641: raisedError,
2642: (System.currentTimeMillis() - startTime),
2643: clientIP,
2644: KasaiFacade.class.getName() + ".remindPasswordUser",
2645: "/kasai/user/" + loginUser, transactionData);
2646: }
2647:
2648: Log.write("Exit", Log.INFO, "remindPasswordUser",
2649: KasaiFacade.class);
2650: }
2651:
2652: /**
2653: * Remove an operative from a role
2654: *
2655: * @param loginUser User who is making the request
2656: * @param idOperative Operative identifier
2657: * @param role Role identifier
2658: * @param clientIP IP Address of whom is making the request
2659: *
2660: * @throws DataAccessException Severe errors like SQL error, IO Error, etc
2661: * @throws NotEnoughPermissionException The user cannot perform this operation
2662: * @throws CannotAuditException Error auditing transaction
2663: */
2664: public void removeOperativeFromRole(String loginUser,
2665: String idOperative, int role, String clientIP)
2666: throws DataAccessException, NotEnoughPermissionException,
2667: CannotAuditException {
2668:
2669: Log.write("Enter", Log.INFO, "removeOperativeToRole",
2670: KasaiFacade.class);
2671:
2672: long startTime = System.currentTimeMillis();
2673: String raisedError = null;
2674: int returnCode = 0;
2675:
2676: try {
2677: this .validateOperative(loginUser, KasaiFacade.COMMIT_ROLE,
2678: "/kasai/role/" + role);
2679:
2680: RoleHandler.getInstance().deleteOperativeFromRole(
2681: idOperative, role);
2682: } catch (DataAccessException e) {
2683: raisedError = KasaiFacade.class.getName() + ".sqlError";
2684: returnCode = 1;
2685:
2686: throw e;
2687: } catch (NotEnoughPermissionException nep) {
2688: raisedError = nep.getMessage();
2689: returnCode = 2;
2690:
2691: throw nep;
2692: } finally {
2693:
2694: HashMap<String, String> transactionData = new HashMap<String, String>();
2695:
2696: transactionData.put("idOperative", idOperative);
2697: transactionData.put("role", String.valueOf(role));
2698:
2699: createAuditEntry(loginUser, returnCode, raisedError,
2700: (System.currentTimeMillis() - startTime), clientIP,
2701: KasaiFacade.class.getName()
2702: + ".removeOperativeFromRole",
2703: "/kasai/role/" + role, transactionData);
2704: }
2705:
2706: Log.write("Exit", Log.INFO, "removeOperativeToRole",
2707: KasaiFacade.class);
2708: }
2709:
2710: /**
2711: * Remove a user from a group
2712: *
2713: * @param loginUser User who is making the request
2714: * @param idGroup Group identifier
2715: * @param login User login to be removed
2716: * @param clientIP IP Address of whom is making the request
2717: *
2718: * @throws DataAccessException Severe errors like SQL error, IO Error, etc
2719: * @throws NotEnoughPermissionException The user cannot perform this operation
2720: * @throws CannotAuditException Error auditing transaction
2721: */
2722: public void removeUserFromGroup(String loginUser, String idGroup,
2723: String login, String clientIP) throws DataAccessException,
2724: NotEnoughPermissionException, CannotAuditException {
2725:
2726: Log.write("Enter", Log.INFO, "removeUserFromGroup",
2727: KasaiFacade.class);
2728:
2729: long startTime = System.currentTimeMillis();
2730: String raisedError = null;
2731: int returnCode = 0;
2732:
2733: try {
2734: this .validateOperative(loginUser,
2735: KasaiFacade.DELETE_USER_GROUP, "/kasai/group/"
2736: + idGroup);
2737:
2738: GroupHandler.getInstance().deleteUserFromGroup(login,
2739: idGroup);
2740: } catch (DataAccessException e) {
2741: raisedError = KasaiFacade.class.getName() + ".sqlError";
2742: returnCode = 1;
2743:
2744: throw e;
2745: } catch (NotEnoughPermissionException nep) {
2746: raisedError = nep.getMessage();
2747: returnCode = 2;
2748:
2749: throw nep;
2750: } finally {
2751:
2752: HashMap<String, String> transactionData = new HashMap<String, String>();
2753:
2754: transactionData.put("idGroup", idGroup);
2755: transactionData.put("login", login);
2756:
2757: createAuditEntry(loginUser, returnCode, raisedError,
2758: (System.currentTimeMillis() - startTime), clientIP,
2759: KasaiFacade.class.getName()
2760: + ".removeUserFromGroup", "/kasai/group/"
2761: + idGroup, transactionData);
2762: }
2763:
2764: Log.write("Exit", Log.INFO, "removeUserFromGroup",
2765: KasaiFacade.class);
2766: }
2767:
2768: /**
2769: * Reset the user account password
2770: *
2771: * @param actualUser User who is making the request
2772: * @param login is the login
2773: * @param clientIP IP Address of whom is making the request
2774: *
2775: * @throws DataAccessException Severe errors like SQL error, IO Error, etc
2776: * @throws ServiceException Severe error returned from the authentication service
2777: * @throws ServiceNotAvailableException The configured authentication service is not available
2778: * @throws NotEnoughPermissionException The user cannot perform this operation
2779: * @throws CannotAuditException Error auditing transaction
2780: * @throws DoesntExistsException The user doesnt exist
2781: * @throws XMLException
2782: */
2783: public void resetPasswordUser(String actualUser, String login,
2784: String clientIP) throws ServiceException,
2785: ServiceNotAvailableException, NotEnoughPermissionException,
2786: CannotAuditException, DataAccessException,
2787: DoesntExistsException, XMLException {
2788:
2789: Log.write("Enter", Log.INFO, "resetPasswordUser",
2790: KasaiFacade.class);
2791:
2792: long startTime = System.currentTimeMillis();
2793: String raisedError = null;
2794: int returnCode = 0;
2795:
2796: try {
2797: this .validateOperative(actualUser, RESET_PASSWORD_USER,
2798: "/kasai/user/" + login);
2799:
2800: User user = this .readUser(login);
2801:
2802: user.resetPassword();
2803: } catch (ServiceException e) {
2804: raisedError = e.getMessage();
2805: returnCode = 1;
2806:
2807: throw e;
2808: } catch (ServiceNotAvailableException e) {
2809: raisedError = e.getMessage();
2810: returnCode = 2;
2811:
2812: throw e;
2813: } catch (NotEnoughPermissionException nep) {
2814: raisedError = nep.getMessage();
2815: returnCode = 3;
2816:
2817: throw nep;
2818: } catch (DataAccessException dae) {
2819: raisedError = dae.getMessage();
2820: returnCode = 4;
2821:
2822: throw dae;
2823: } catch (DoesntExistsException dee) {
2824: raisedError = dee.getMessage();
2825: returnCode = 5;
2826:
2827: throw dee;
2828: } finally {
2829:
2830: HashMap<String, String> transactionData = new HashMap<String, String>();
2831:
2832: transactionData.put("login", login);
2833:
2834: createAuditEntry(actualUser, returnCode, raisedError,
2835: (System.currentTimeMillis() - startTime), clientIP,
2836: KasaiFacade.class.getName() + ".resetPasswordUser",
2837: "/kasai/user/" + login, transactionData);
2838: }
2839:
2840: Log.write("Exit", Log.INFO, "resetPasswordUser",
2841: KasaiFacade.class);
2842: }
2843:
2844: /**
2845: * Unblock a group
2846: *
2847: * @param loginUser User who is making the request
2848: * @param idGroup group identifier
2849: * @param clientIP IP Address of whom is making the request
2850: *
2851: * @throws DataAccessException Severe errors like SQL error, IO Error, etc
2852: * @throws InvalidAttributesException The existing group attributes are not valid
2853: * @throws NotEnoughPermissionException The user cannot perform this operation
2854: * @throws CannotAuditException Error auditing transaction
2855: * @throws DoesntExistsException The group does not exist
2856: * @throws XMLException
2857: */
2858: public void unblockGroup(String loginUser, String idGroup,
2859: String clientIP) throws DataAccessException,
2860: InvalidAttributesException, NotEnoughPermissionException,
2861: CannotAuditException, DoesntExistsException, XMLException {
2862:
2863: Log.write("Enter", Log.INFO, "blockGroup", KasaiFacade.class);
2864:
2865: long startTime = System.currentTimeMillis();
2866: String raisedError = null;
2867: int returnCode = 0;
2868:
2869: try {
2870: this .validateOperative(loginUser,
2871: KasaiFacade.UNBLOCK_GROUP, "/kasai/group/"
2872: + idGroup);
2873:
2874: Group group = this .readGroup(idGroup);
2875: group.setBlocked(false);
2876:
2877: GroupHandler.getInstance().update(group);
2878: } catch (DataAccessException e) {
2879: raisedError = KasaiFacade.class.getName() + ".sqlError";
2880: returnCode = 1;
2881:
2882: throw e;
2883: } catch (InvalidAttributesException iaE) {
2884: raisedError = iaE.getMessage();
2885: returnCode = 2;
2886:
2887: throw iaE;
2888: } catch (NotEnoughPermissionException nep) {
2889: raisedError = nep.getMessage();
2890: returnCode = 3;
2891:
2892: throw nep;
2893: } catch (DoesntExistsException e) {
2894: raisedError = e.getMessage(0);
2895: returnCode = 4;
2896:
2897: throw e;
2898: } finally {
2899:
2900: HashMap<String, String> transactionData = new HashMap<String, String>();
2901:
2902: transactionData.put("idGroup", idGroup);
2903:
2904: createAuditEntry(loginUser, returnCode, raisedError,
2905: (System.currentTimeMillis() - startTime), clientIP,
2906: KasaiFacade.class.getName() + ".unblockGroup",
2907: "/kasai/group/" + idGroup, transactionData);
2908: }
2909:
2910: Log.write("Exit", Log.INFO, "blockGroup", KasaiFacade.class);
2911: }
2912:
2913: /**
2914: * Unblock a user
2915: *
2916: * @param loginUser User who is making the request
2917: * @param login user identifier to unblock
2918: * @param clientIP IP Address of whom is making the request
2919: *
2920: * @throws DataAccessException Severe errors like SQL error, IO Error, etc
2921: * @throws InvalidAttributesException The existing user attributes are not valid
2922: * @throws NotEnoughPermissionException The user cannot perform this operation
2923: * @throws CannotAuditException Error auditing transaction
2924: * @throws DoesntExistsException The user does not exist
2925: * @throws XMLException
2926: */
2927: public void unblockUser(String loginUser, String login,
2928: String clientIP) throws DataAccessException,
2929: InvalidAttributesException, NotEnoughPermissionException,
2930: CannotAuditException, DoesntExistsException, XMLException {
2931:
2932: Log.write("Enter", Log.INFO, "unblockUser", KasaiFacade.class);
2933:
2934: long startTime = System.currentTimeMillis();
2935: String raisedError = null;
2936: int returnCode = 0;
2937:
2938: try {
2939: this .validateOperative(loginUser, KasaiFacade.UNBLOCK_USER,
2940: "/kasai/user/" + login);
2941:
2942: User user = this .readUser(login);
2943: user.setBlocked(false);
2944:
2945: UserHandler.getInstance().update(user);
2946: } catch (DataAccessException e) {
2947: raisedError = KasaiFacade.class.getName() + ".sqlError";
2948: returnCode = 1;
2949:
2950: throw e;
2951: } catch (InvalidAttributesException iaE) {
2952: raisedError = iaE.getMessage();
2953: returnCode = 2;
2954:
2955: throw iaE;
2956: } catch (NotEnoughPermissionException nep) {
2957: raisedError = nep.getMessage();
2958: returnCode = 3;
2959:
2960: throw nep;
2961: } catch (DoesntExistsException dee) {
2962: raisedError = dee.getMessage();
2963: returnCode = 4;
2964:
2965: throw dee;
2966: } finally {
2967:
2968: HashMap<String, String> transactionData = new HashMap<String, String>();
2969:
2970: transactionData.put("login", login);
2971:
2972: createAuditEntry(loginUser, returnCode, raisedError,
2973: (System.currentTimeMillis() - startTime), clientIP,
2974: KasaiFacade.class.getName() + ".unblockUser",
2975: "/kasai/user/" + login, transactionData);
2976: }
2977:
2978: Log.write("Exit", Log.INFO, "unblockUser", KasaiFacade.class);
2979: }
2980:
2981: public void updateGroup(String loginUser, Group group,
2982: String[] members, String clientIP)
2983: throws DataAccessException, InvalidAttributesException,
2984: NotEnoughPermissionException, CannotAuditException,
2985: DoesntExistsException, XMLException {
2986:
2987: Log.write("Enter", Log.INFO, "updateGroup", KasaiFacade.class);
2988:
2989: long startTime = System.currentTimeMillis();
2990: String raisedError = null;
2991: int returnCode = 0;
2992:
2993: try {
2994: this .validateOperative(loginUser, KasaiFacade.COMMIT_GROUP,
2995: "/kasai/group/" + group.getId());
2996:
2997: GroupHandler.getInstance().update(group, members);
2998: } catch (DataAccessException e) {
2999: raisedError = KasaiFacade.class.getName() + ".sqlError";
3000: returnCode = 1;
3001:
3002: throw e;
3003: } catch (InvalidAttributesException iaE) {
3004: raisedError = iaE.getMessage();
3005: returnCode = 2;
3006:
3007: throw iaE;
3008: } catch (NotEnoughPermissionException nep) {
3009: raisedError = nep.getMessage();
3010: returnCode = 3;
3011:
3012: throw nep;
3013: } finally {
3014:
3015: HashMap<String, String> transactionData = new HashMap<String, String>();
3016:
3017: transactionData.put("id", group.getId());
3018: transactionData.put("description", group.getDescription());
3019: transactionData.put("blocked", String.valueOf(group
3020: .getBlocked()));
3021:
3022: createAuditEntry(loginUser, returnCode, raisedError,
3023: (System.currentTimeMillis() - startTime), clientIP,
3024: KasaiFacade.class.getName() + ".updateGroup",
3025: "/kasai/group/" + group.getId(), transactionData);
3026: }
3027:
3028: Log.write("Exit", Log.INFO, "updateGroup", KasaiFacade.class);
3029: }
3030:
3031: /**
3032: * Modify a group
3033: *
3034: * @param loginUser User who is making the request
3035: * @param id group identifier
3036: * @param description description group
3037: * @param blocked Specifies if the group must be blocked or not
3038: * @param members Members of the group
3039: * @param clientIP IP Address of whom is making the request
3040: *
3041: * @throws DataAccessException Severe errors like SQL error, IO Error, etc
3042: * @throws InvalidAttributesException The new group attributes are not valid
3043: * @throws NotEnoughPermissionException The user cannot perform this operation
3044: * @throws CannotAuditException Error auditing transaction
3045: * @throws XMLException
3046: * @throws DoesntExistsException
3047: */
3048: public void updateGroup(String loginUser, String id,
3049: String description, boolean blocked, String[] members,
3050: String clientIP) throws DataAccessException,
3051: InvalidAttributesException, NotEnoughPermissionException,
3052: CannotAuditException, DoesntExistsException, XMLException {
3053:
3054: Group group = this .readGroup(id);
3055:
3056: group.setDescription(description);
3057: group.setBlocked(blocked);
3058:
3059: updateGroup(loginUser, group, members, clientIP);
3060: }
3061:
3062: /**
3063: * Update User Information
3064: *
3065: * @param loginUser User who is making the request
3066: * @param login identifier of the user
3067: * @param firstName First Name of the user
3068: * @param lastName Last Name of the user
3069: * @param email email of the user
3070: * @param blocked Specify if the user must be blocked or not
3071: * @param description User description
3072: * @param superUser Specify if the user is super user.
3073: * @param clientIP IP Address of whom is making the request
3074: *
3075: * @throws DataAccessException Severe errors like SQL error, IO Error, etc
3076: * @throws InvalidAttributesException The new user attributes are not valid
3077: * @throws NotEnoughPermissionException The user cannot perform this operation
3078: * @throws CannotAuditException Error auditing transaction
3079: * @throws DoesntExistsException The user does not exist
3080: * @throws XMLException
3081: */
3082: public void updateUser(String loginUser, String login,
3083: String firstName, String lastName, String email,
3084: boolean blocked, String description, boolean super User,
3085: String clientIP) throws DataAccessException,
3086: InvalidAttributesException, NotEnoughPermissionException,
3087: CannotAuditException, DoesntExistsException, XMLException {
3088:
3089: User user = this .readUser(login);
3090: user.setLogin(login);
3091: user.setFirstName(firstName);
3092: user.setLastName(lastName);
3093: user.setEmail(email);
3094: user.setBlocked(blocked);
3095: user.setDescription(description);
3096: user.setSuperUser(super User);
3097:
3098: updateUser(loginUser, user, clientIP);
3099: }
3100:
3101: public void updateUser(String loginUser, User user, String clientIP)
3102: throws DataAccessException, InvalidAttributesException,
3103: NotEnoughPermissionException, CannotAuditException,
3104: DoesntExistsException, XMLException {
3105:
3106: Log.write("Enter", Log.INFO, "updateUser", KasaiFacade.class);
3107:
3108: long startTime = System.currentTimeMillis();
3109: String raisedError = null;
3110: int returnCode = 0;
3111:
3112: try {
3113: this .validateOperative(loginUser, KasaiFacade.COMMIT_USER,
3114: "/kasai/user/" + user.getLogin());
3115:
3116: boolean sU = this .readUser(loginUser).getSuperUser();
3117:
3118: if (!sU) {
3119: if (user.getSuperUser()) {
3120: user.setSuperUser(this .readUser(user.getLogin())
3121: .getSuperUser());
3122: }
3123: }
3124:
3125: UserHandler.getInstance().update(user);
3126: } catch (DataAccessException e) {
3127: raisedError = KasaiFacade.class.getName() + ".sqlError";
3128: returnCode = 1;
3129:
3130: throw e;
3131: } catch (InvalidAttributesException iaE) {
3132: raisedError = iaE.getMessage();
3133: returnCode = 2;
3134:
3135: throw iaE;
3136: } catch (NotEnoughPermissionException nep) {
3137: raisedError = nep.getMessage();
3138: returnCode = 3;
3139:
3140: throw nep;
3141: } catch (DoesntExistsException dee) {
3142: raisedError = dee.getMessage();
3143: returnCode = 4;
3144:
3145: throw dee;
3146: } finally {
3147:
3148: HashMap<String, String> transactionData = new HashMap<String, String>();
3149:
3150: transactionData.put("login", user.getLogin());
3151: transactionData.put("firstName", user.getFirstName());
3152: transactionData.put("lastName", user.getLastName());
3153: transactionData.put("email", user.getEmail());
3154: transactionData.put("blocked", String.valueOf(user
3155: .getBlocked()));
3156: transactionData.put("description", user.getDescription());
3157: transactionData.put("superUser", String.valueOf(user
3158: .getSuperUser()));
3159:
3160: createAuditEntry(loginUser, returnCode, raisedError,
3161: (System.currentTimeMillis() - startTime), clientIP,
3162: KasaiFacade.class.getName() + ".updateUser",
3163: "/kasai/user/" + user.getLogin(), transactionData);
3164: }
3165:
3166: Log.write("Exit", Log.INFO, "updateUser", KasaiFacade.class);
3167: }
3168:
3169: /**
3170: * Verify if the user can execute the operative over the obejct
3171: *
3172: * @param user User who is making the request
3173: * @param operative Operative identifier
3174: * @param object Object identifier
3175: *
3176: * @throws NotEnoughPermissionException The user cannot execute the operation
3177: */
3178: public void validateOperative(String user, String operative,
3179: String object) throws NotEnoughPermissionException {
3180:
3181: Log.write("Enter (user=" + user + ", operative=" + operative
3182: + ", object=" + object + ")", Log.INFO,
3183: "validateOperative", KasaiFacade.class);
3184:
3185: if (!UserHandler.getInstance().checkOperative(user, operative,
3186: object)) {
3187: Log.write("Request was denied(User=" + user
3188: + ", operative=" + operative + ", object=" + object
3189: + ")", Log.WARN, "validateOperative",
3190: KasaiFacade.class);
3191:
3192: throw new NotEnoughPermissionException(KasaiFacade.class
3193: .getName()
3194: + ".deny");
3195: }
3196:
3197: Log.write("Exit", Log.INFO, "validateOperative",
3198: KasaiFacade.class);
3199: }
3200: }
|