Source Code Cross Referenced for KasaiFacade.java in  » Authentication-Authorization » kasai-2.0.0 » org » manentia » kasai » Java Source Code / Java DocumentationJava Source Code and Java Documentation

Java Source Code / Java Documentation
1. 6.0 JDK Core
2. 6.0 JDK Modules
3. 6.0 JDK Modules com.sun
4. 6.0 JDK Modules com.sun.java
5. 6.0 JDK Modules sun
6. 6.0 JDK Platform
7. Ajax
8. Apache Harmony Java SE
9. Aspect oriented
10. Authentication Authorization
11. Blogger System
12. Build
13. Byte Code
14. Cache
15. Chart
16. Chat
17. Code Analyzer
18. Collaboration
19. Content Management System
20. Database Client
21. Database DBMS
22. Database JDBC Connection Pool
23. Database ORM
24. Development
25. EJB Server geronimo
26. EJB Server GlassFish
27. EJB Server JBoss 4.2.1
28. EJB Server resin 3.1.5
29. ERP CRM Financial
30. ESB
31. Forum
32. GIS
33. Graphic Library
34. Groupware
35. HTML Parser
36. IDE
37. IDE Eclipse
38. IDE Netbeans
39. Installer
40. Internationalization Localization
41. Inversion of Control
42. Issue Tracking
43. J2EE
44. JBoss
45. JMS
46. JMX
47. Library
48. Mail Clients
49. Net
50. Parser
51. PDF
52. Portal
53. Profiler
54. Project Management
55. Report
56. RSS RDF
57. Rule Engine
58. Science
59. Scripting
60. Search Engine
61. Security
62. Sevlet Container
63. Source Control
64. Swing Library
65. Template Engine
66. Test Coverage
67. Testing
68. UML
69. Web Crawler
70. Web Framework
71. Web Mail
72. Web Server
73. Web Services
74. Web Services apache cxf 2.0.1
75. Web Services AXIS2
76. Wiki Engine
77. Workflow Engines
78. XML
79. XML UI
Java
Java Tutorial
Java Open Source
Jar File Download
Java Articles
Java Products
Java by API
Photoshop Tutorials
Maya Tutorials
Flash Tutorials
3ds-Max Tutorials
Illustrator Tutorials
GIMP Tutorials
C# / C Sharp
C# / CSharp Tutorial
C# / CSharp Open Source
ASP.Net
ASP.NET Tutorial
JavaScript DHTML
JavaScript Tutorial
JavaScript Reference
HTML / CSS
HTML CSS Reference
C / ANSI-C
C Tutorial
C++
C++ Tutorial
Ruby
PHP
Python
Python Tutorial
Python Open Source
SQL Server / T-SQL
SQL Server / T-SQL Tutorial
Oracle PL / SQL
Oracle PL/SQL Tutorial
PostgreSQL
SQL / MySQL
MySQL Tutorial
VB.Net
VB.Net Tutorial
Flash / Flex / ActionScript
VBA / Excel / Access / Word
XML
XML Tutorial
Microsoft Office PowerPoint 2007 Tutorial
Microsoft Office Excel 2007 Tutorial
Microsoft Office Word 2007 Tutorial
Java Source Code / Java Documentation » Authentication Authorization » kasai 2.0.0 » org.manentia.kasai 
Source Cross Referenced  Class Diagram Java Document (Java Doc) 


0001:        package org.manentia.kasai;
0002:
0003:        import java.text.DateFormat;
0004:        import java.text.SimpleDateFormat;
0005:        import java.util.ArrayList;
0006:        import java.util.Collection;
0007:        import java.util.HashMap;
0008:        import java.util.Iterator;
0009:        import java.util.List;
0010:        import java.util.ResourceBundle;
0011:
0012:        import org.apache.commons.lang.StringUtils;
0013:        import org.manentia.kasai.audit.AuditHandler;
0014:        import org.manentia.kasai.authobject.AuthObjectHandler;
0015:        import org.manentia.kasai.exceptions.AlreadyExistsException;
0016:        import org.manentia.kasai.exceptions.CannotAuditException;
0017:        import org.manentia.kasai.exceptions.DataAccessException;
0018:        import org.manentia.kasai.exceptions.DoesntExistsException;
0019:        import org.manentia.kasai.exceptions.InvalidAttributesException;
0020:        import org.manentia.kasai.exceptions.InvalidPasswordException;
0021:        import org.manentia.kasai.exceptions.NotEnoughPermissionException;
0022:        import org.manentia.kasai.exceptions.NotFoundException;
0023:        import org.manentia.kasai.exceptions.ServiceException;
0024:        import org.manentia.kasai.exceptions.ServiceNotAvailableException;
0025:        import org.manentia.kasai.exceptions.UserBlockedException;
0026:        import org.manentia.kasai.group.GroupHandler;
0027:        import org.manentia.kasai.operative.OperativeHandler;
0028:        import org.manentia.kasai.role.RoleHandler;
0029:        import org.manentia.kasai.user.UserHandler;
0030:        import org.w3c.dom.Document;
0031:
0032:        import com.manentia.commons.CriticalException;
0033:        import com.manentia.commons.NonCriticalException;
0034:        import com.manentia.commons.audit.AuditBean;
0035:        import com.manentia.commons.log.Log;
0036:        import com.manentia.commons.xml.XMLBean;
0037:        import com.manentia.commons.xml.XMLException;
0038:
0039:        /**
0040:         * Class to provide authority and authorization functionalities
0041:         *
0042:         * @author fpena
0043:         * 
0044:         * (c) 2004 Koala Developers S.R.L.
0045:         */
0046:        public class KasaiFacade {
0047:
0048:            //~ Static variables / initialization ---------------------------------------------------------------------------
0049:
0050:            /** Permission to read a group */
0051:            static final String READ_GROUP = "kasai.group.read";
0052:
0053:            /** Permission to delete a user from a group */
0054:            static final String DELETE_USER_GROUP = "kasai.group.user.delete";
0055:
0056:            /** Permission to add users to a group */
0057:            static final String ADD_USER_TO_GROUP = "kasai.group.user.add";
0058:
0059:            /** Permission to delete a group */
0060:            static final String DELETE_GROUP = "kasai.group.delete";
0061:
0062:            /** Permission to modify a group */
0063:            static final String COMMIT_GROUP = "kasai.group.commit";
0064:
0065:            /** Permission to block a group */
0066:            static final String BLOCK_GROUP = "kasai.group.block";
0067:
0068:            /** Permission to unblock a group */
0069:            static final String UNBLOCK_GROUP = "kasai.group.unblock";
0070:
0071:            /** Permission to read a user */
0072:            static final String READ_USER = "kasai.user.read";
0073:
0074:            /** Permission to delete a user */
0075:            static final String DELETE_USER = "kasai.user.delete";
0076:
0077:            /** Permission to modify a user */
0078:            static final String COMMIT_USER = "kasai.user.commit";
0079:
0080:            /** Permission to reset a user password*/
0081:            static final String RESET_PASSWORD_USER = "kasai.user.resetpassword";
0082:
0083:            /** Permission to block a user */
0084:            static final String BLOCK_USER = "kasai.user.block";
0085:
0086:            /** Permission to unblock a user */
0087:            static final String UNBLOCK_USER = "kasai.user.unblock";
0088:
0089:            /** Permission to modify a role */
0090:            static final String COMMIT_ROLE = "kasai.role.commit";
0091:
0092:            /** Permission to read a role */
0093:            static final String READ_ROLE = "kasai.role.read";
0094:
0095:            /** Permission to delete a role */
0096:            static final String DELETE_ROLE = "kasai.role.delete";
0097:
0098:            /** Permission to modify permissions of a object */
0099:            static final String MODIFY_ACCESS = "kasai.object.modifyaccess";
0100:
0101:            static final String LIST_AUDIT_ENTRIES = "kasai.audit.list";
0102:
0103:            /** Singleton instance */
0104:            private static KasaiFacade instance = null;
0105:
0106:            //~ Constructors --------------------------------------------------------------------------------------------------
0107:
0108:            /**
0109:             * Returns an instance of KasaiFacade
0110:             *
0111:             * @return Instance of KasaiFacade
0112:             *
0113:             */
0114:            public static synchronized KasaiFacade getInstance() {
0115:                if (instance == null) {
0116:                    instance = new KasaiFacade();
0117:                }
0118:
0119:                return instance;
0120:            }
0121:
0122:            //~ Methods --------------------------------------------------------------------------------------------------------
0123:
0124:            /**
0125:             * Creates a new KasaiFacade object.
0126:             */
0127:            private KasaiFacade() {
0128:                Log.write("Enter", Log.INFO, "init", KasaiFacade.class);
0129:                Log.write("Exit", Log.INFO, "init", KasaiFacade.class);
0130:            }
0131:
0132:            /**
0133:             * Add one operative to a specific role.
0134:             *
0135:             * @param loginUser User who is making the request
0136:             * @param idOperative Operative identifier
0137:             * @param role Role identifier
0138:             * @param clientIP IP Address of whom is making the request Client IP address
0139:             *
0140:             * @throws DataAccessException Severe errors like SQL error, IO Error, etc
0141:             * @throws DoesntExistsException The operative or role does not exist
0142:             * @throws NotEnoughPermissionException The user cannot perform this operation
0143:             * @throws CannotAuditException Error auditing operation
0144:             */
0145:            public void addOperativeToRole(String loginUser,
0146:                    String idOperative, int role, String clientIP)
0147:                    throws DataAccessException, DoesntExistsException,
0148:                    NotEnoughPermissionException, CannotAuditException {
0149:
0150:                Log.write("Enter (loginUser="
0151:                        + StringUtils.defaultString(loginUser, "<null>")
0152:                        + ",idOperative="
0153:                        + StringUtils.defaultString(idOperative, "<null>")
0154:                        + ",role=" + role, Log.INFO, "addOperativeToRole",
0155:                        KasaiFacade.class);
0156:
0157:                long startTime = System.currentTimeMillis();
0158:                String raisedError = null;
0159:                int returnCode = 0;
0160:
0161:                try {
0162:                    this .validateOperative(loginUser, KasaiFacade.COMMIT_ROLE,
0163:                            "/kasai/role/" + role);
0164:                    RoleHandler.getInstance().addOperativeToRole(idOperative,
0165:                            role);
0166:                } catch (DataAccessException e) {
0167:                    raisedError = KasaiFacade.class.getName() + ".sqlError";
0168:                    returnCode = 1;
0169:                    throw e;
0170:                } catch (DoesntExistsException deE) {
0171:                    raisedError = deE.getMessage();
0172:                    returnCode = 2;
0173:                    throw deE;
0174:                } catch (NotEnoughPermissionException nep) {
0175:                    raisedError = nep.getMessage();
0176:                    returnCode = 3;
0177:                    throw nep;
0178:                } finally {
0179:
0180:                    HashMap<String, String> transactionData = new HashMap<String, String>();
0181:
0182:                    transactionData.put("idOperative", idOperative);
0183:                    transactionData.put("role", String.valueOf(role));
0184:
0185:                    createAuditEntry(
0186:                            loginUser,
0187:                            returnCode,
0188:                            raisedError,
0189:                            (System.currentTimeMillis() - startTime),
0190:                            clientIP,
0191:                            KasaiFacade.class.getName() + ".addOperativeToRole",
0192:                            "/kasai/role/" + role, transactionData);
0193:                }
0194:
0195:                Log.write("Exit", Log.INFO, "addOperativeToRole",
0196:                        KasaiFacade.class);
0197:            }
0198:
0199:            /**
0200:             * Add a user to a specific group
0201:             *
0202:             * @param loginUser User who is making the request
0203:             * @param idGroup Destination group identifier
0204:             * @param idUserToAdd User identifier
0205:             * @param clientIP IP Address of whom is making the request IP Address of whom is making the request
0206:             *
0207:             * @throws DataAccessException Severe errors like SQL error, IO Error, etc
0208:             * @throws DoesntExistsException The user or group does not exist
0209:             * @throws NotEnoughPermissionException The user cannot perform this operation
0210:             * @throws CannotAuditException Errors auditing operation
0211:             * @throws XMLException 
0212:             */
0213:            public void addUserToGroup(String loginUser, String idGroup,
0214:                    String idUserToAdd, String clientIP)
0215:                    throws DataAccessException, DoesntExistsException,
0216:                    NotEnoughPermissionException, CannotAuditException,
0217:                    XMLException {
0218:
0219:                Log.write("Enter(loginUser="
0220:                        + StringUtils.defaultString(loginUser, "<null>")
0221:                        + ",idGroup="
0222:                        + StringUtils.defaultString(idGroup, "<null>")
0223:                        + ",idUserToAdd="
0224:                        + StringUtils.defaultString(idUserToAdd, "<null>")
0225:                        + ",clientIP="
0226:                        + StringUtils.defaultString(clientIP, "<null>"),
0227:                        Log.INFO, "addUserToGroup", KasaiFacade.class);
0228:
0229:                long startTime = System.currentTimeMillis();
0230:                String raisedError = null;
0231:                int returnCode = 0;
0232:
0233:                try {
0234:                    this .validateOperative(loginUser, ADD_USER_TO_GROUP,
0235:                            "/kasai/group/" + idGroup);
0236:
0237:                    GroupHandler.getInstance().addUserToGroup(idUserToAdd,
0238:                            idGroup);
0239:                } catch (DataAccessException e) {
0240:                    raisedError = KasaiFacade.class.getName() + ".sqlErrror";
0241:                    returnCode = 1;
0242:                    throw e;
0243:                } catch (DoesntExistsException deE) {
0244:                    raisedError = deE.getMessage();
0245:                    returnCode = 2;
0246:                    throw deE;
0247:                } catch (NotEnoughPermissionException nep) {
0248:                    raisedError = nep.getMessage();
0249:                    returnCode = 3;
0250:                    throw nep;
0251:                } finally {
0252:
0253:                    HashMap<String, String> transactionData = new HashMap<String, String>();
0254:
0255:                    transactionData.put("idGroup", idGroup);
0256:                    transactionData.put("idUserToAdd", idUserToAdd);
0257:
0258:                    createAuditEntry(loginUser, returnCode, raisedError,
0259:                            (System.currentTimeMillis() - startTime), clientIP,
0260:                            KasaiFacade.class.getName() + ".addUserToGroup",
0261:                            "/kasai/group/" + idGroup, transactionData);
0262:                }
0263:
0264:                Log
0265:                        .write("Exit", Log.INFO, "addUserToGroup",
0266:                                KasaiFacade.class);
0267:
0268:            }
0269:
0270:            /**
0271:             * Method to block just the group, not the users. Users lost permissions assigned to them through the group.
0272:             *
0273:             * @param loginUser User who is making the request
0274:             * @param idGroup Group identifier
0275:             * @param clientIP IP Address of whom is making the request
0276:             *
0277:             * @throws DataAccessException Severe errors like SQL error, IO Error, etc
0278:             * @throws InvalidAttributesException Group existing attributes are not correct
0279:             * @throws NotEnoughPermissionException The user cannot execute this operative
0280:             * @throws DoesntExistsException The group does not exist
0281:             * @throws CannotAuditException Error auditing transaction
0282:             * @throws XMLException 
0283:             */
0284:            public void blockGroup(String loginUser, String idGroup,
0285:                    String clientIP) throws DataAccessException,
0286:                    InvalidAttributesException, NotEnoughPermissionException,
0287:                    DoesntExistsException, CannotAuditException, XMLException {
0288:
0289:                Log.write("Enter", Log.INFO, "blockGroup", KasaiFacade.class);
0290:
0291:                long startTime = System.currentTimeMillis();
0292:                String raisedError = null;
0293:                int returnCode = 0;
0294:
0295:                try {
0296:                    this .validateOperative(loginUser, KasaiFacade.BLOCK_GROUP,
0297:                            "/kasai/group/" + idGroup);
0298:
0299:                    Group group = GroupHandler.getInstance().read(idGroup);
0300:
0301:                    if (group == null) {
0302:                        Log.write("Group doesn't exist (" + idGroup + ")",
0303:                                Log.WARN, "blockGroup", KasaiFacade.class);
0304:
0305:                        throw new DoesntExistsException(KasaiFacade.class
0306:                                .getName()
0307:                                + "groupDoesntExist");
0308:                    }
0309:
0310:                    group.setBlocked(true);
0311:
0312:                    GroupHandler.getInstance().update(group);
0313:                } catch (DataAccessException e) {
0314:                    raisedError = KasaiFacade.class.getName() + ".sqlError";
0315:                    returnCode = 1;
0316:                    throw e;
0317:                } catch (InvalidAttributesException iaE) {
0318:                    raisedError = iaE.getMessage();
0319:                    returnCode = 2;
0320:                    throw iaE;
0321:                } catch (NotEnoughPermissionException nep) {
0322:                    raisedError = nep.getMessage();
0323:                    returnCode = 3;
0324:                    throw nep;
0325:                } catch (DoesntExistsException deE) {
0326:                    raisedError = deE.getMessage();
0327:                    returnCode = 4;
0328:                    throw deE;
0329:                } finally {
0330:
0331:                    HashMap<String, String> transactionData = new HashMap<String, String>();
0332:
0333:                    transactionData.put("idGroup", idGroup);
0334:
0335:                    createAuditEntry(loginUser, returnCode, raisedError,
0336:                            (System.currentTimeMillis() - startTime), clientIP,
0337:                            KasaiFacade.class.getName() + ".blockGroup",
0338:                            "/kasai/group/" + idGroup, transactionData);
0339:                }
0340:
0341:                Log.write("Exit", Log.INFO, "blockGroup", KasaiFacade.class);
0342:            }
0343:
0344:            /**
0345:             * Method to block a specific user. After this, user is disabled to use the application.
0346:             *
0347:             * @param loginUser User who is making the request
0348:             * @param idUserToBlock User identifier
0349:             * @param clientIP IP Address of whom is making the request
0350:             *
0351:             * @throws DataAccessException Severe errors like SQL error, IO Error, etc
0352:             * @throws InvalidAttributesException Existing user information is invalid
0353:             * @throws NotEnoughPermissionException The user cannot perform this operation
0354:             * @throws DoesntExistsException The selected user does not exist
0355:             * @throws CannotAuditException Error auditing transaction
0356:             * @throws XMLException 
0357:             */
0358:            public void blockUser(String loginUser, String idUserToBlock,
0359:                    String clientIP) throws DataAccessException,
0360:                    InvalidAttributesException, NotEnoughPermissionException,
0361:                    DoesntExistsException, CannotAuditException, XMLException {
0362:
0363:                Log.write("Enter", Log.INFO, "blockUser", KasaiFacade.class);
0364:
0365:                long startTime = System.currentTimeMillis();
0366:                String raisedError = null;
0367:                int returnCode = 0;
0368:
0369:                try {
0370:                    this .validateOperative(loginUser, KasaiFacade.BLOCK_USER,
0371:                            "/kasai/user/" + idUserToBlock);
0372:
0373:                    User user = UserHandler.getInstance().read(idUserToBlock,
0374:                            true);
0375:
0376:                    if (user == null) {
0377:                        Log.write("User doesn't exist (" + idUserToBlock + ")",
0378:                                Log.WARN, "blockUser", KasaiFacade.class);
0379:
0380:                        throw new DoesntExistsException(KasaiFacade.class
0381:                                .getName()
0382:                                + "userDoesntExist");
0383:                    }
0384:
0385:                    user.setBlocked(true);
0386:
0387:                    UserHandler.getInstance().update(user);
0388:                } catch (DataAccessException e) {
0389:                    raisedError = KasaiFacade.class.getName() + ".sqlError";
0390:                    returnCode = 1;
0391:                    throw e;
0392:                } catch (InvalidAttributesException iaE) {
0393:                    raisedError = iaE.getMessage();
0394:                    returnCode = 2;
0395:                    throw iaE;
0396:                } catch (NotEnoughPermissionException nep) {
0397:                    raisedError = nep.getMessage();
0398:                    returnCode = 3;
0399:                    throw nep;
0400:                } catch (DoesntExistsException deE) {
0401:                    raisedError = deE.getMessage();
0402:                    returnCode = 4;
0403:                    throw deE;
0404:                } finally {
0405:
0406:                    HashMap<String, String> transactionData = new HashMap<String, String>();
0407:
0408:                    transactionData.put("idUserToBlock", idUserToBlock);
0409:
0410:                    createAuditEntry(loginUser, returnCode, raisedError,
0411:                            (System.currentTimeMillis() - startTime), clientIP,
0412:                            KasaiFacade.class.getName() + ".blockUser",
0413:                            "/kasai/user/" + idUserToBlock, transactionData);
0414:                }
0415:
0416:                Log.write("Exit", Log.INFO, "blockUser", KasaiFacade.class);
0417:            }
0418:
0419:            /**
0420:             * Method to change the user's password
0421:             *
0422:             * @param login User who is making the request
0423:             * @param oldPassword Actual password
0424:             * @param newPassword New password
0425:             * @param confirmation Confirmation password
0426:             * @param clientIP IP Address of whom is making the request
0427:             *
0428:             * @throws DataAccessException Severe errors like SQL error, IO Error, etc
0429:             * @throws InvalidAttributesException Existing user info or new password are not valid
0430:             * @throws ServiceException Error changing password at the authentication service level
0431:             * @throws ServiceNotAvailableException The authentication service is not available
0432:             * @throws DoesntExistsException The user does not exists
0433:             * @throws CannotAuditException Error auditing operation
0434:             * @throws InvalidPasswordException The old password is not valid
0435:             * @throws XMLException 
0436:             */
0437:            public void changePasswordUser(String login, String oldPassword,
0438:                    String newPassword, String confirmation, String clientIP)
0439:                    throws DataAccessException, InvalidAttributesException,
0440:                    ServiceException, ServiceNotAvailableException,
0441:                    DoesntExistsException, CannotAuditException,
0442:                    InvalidPasswordException, XMLException {
0443:
0444:                Log.write("Enter", Log.INFO, "changePasswordUser",
0445:                        KasaiFacade.class);
0446:
0447:                long startTime = System.currentTimeMillis();
0448:                String raisedError = null;
0449:                int returnCode = 0;
0450:
0451:                try {
0452:
0453:                    User user = UserHandler.getInstance().read(login, true);
0454:
0455:                    if (user == null) {
0456:                        Log.write("User doesn't exist (" + login + ")",
0457:                                Log.WARN, "changePasswordUser",
0458:                                KasaiFacade.class);
0459:
0460:                        throw new DoesntExistsException(KasaiFacade.class
0461:                                .getName()
0462:                                + "userDoesntExist");
0463:                    }
0464:
0465:                    user.changePassword(oldPassword, newPassword, confirmation);
0466:                } catch (DataAccessException e) {
0467:                    raisedError = KasaiFacade.class.getName() + ".sqlError";
0468:                    returnCode = 1;
0469:                    throw e;
0470:                } catch (InvalidAttributesException iaE) {
0471:                    raisedError = iaE.getMessage();
0472:                    returnCode = 2;
0473:                    throw iaE;
0474:                } catch (ServiceException e) {
0475:                    raisedError = e.getMessage();
0476:                    returnCode = 3;
0477:                    throw e;
0478:                } catch (ServiceNotAvailableException e) {
0479:                    raisedError = e.getMessage();
0480:                    returnCode = 4;
0481:
0482:                    throw e;
0483:                } catch (DoesntExistsException deE) {
0484:                    raisedError = deE.getMessage();
0485:                    returnCode = 5;
0486:                    throw deE;
0487:                } catch (InvalidPasswordException ipe) {
0488:                    raisedError = ipe.getMessage();
0489:                    returnCode = 6;
0490:                    throw ipe;
0491:                } finally {
0492:
0493:                    HashMap<String, String> transactionData = new HashMap<String, String>();
0494:
0495:                    createAuditEntry(
0496:                            login,
0497:                            returnCode,
0498:                            raisedError,
0499:                            (System.currentTimeMillis() - startTime),
0500:                            clientIP,
0501:                            KasaiFacade.class.getName() + ".changePasswordUser",
0502:                            "/kasai/user/" + login, transactionData);
0503:                }
0504:
0505:                Log.write("Exit", Log.INFO, "changePasswordUser",
0506:                        KasaiFacade.class);
0507:            }
0508:
0509:            /**
0510:             * Method to verify if a user can do a specific operative over the object identified by object parameter
0511:             *
0512:             * @param login User who is making the request
0513:             * @param operative Operative to run over the object
0514:             * @param object Id of the object
0515:             *
0516:             * @return True if the user can do the operative over this object, false in other case
0517:             *
0518:             */
0519:            public boolean checkOperative(String login, String operative,
0520:                    String object) {
0521:
0522:                return UserHandler.getInstance().checkOperative(login,
0523:                        operative, object);
0524:            }
0525:
0526:            /**
0527:             * Method to verify user's password
0528:             *
0529:             * @param login User who is making the request
0530:             * @param password User password
0531:             * @param clientIP IP Address of whom is making the request
0532:             *
0533:             * @throws DataAccessException Severe errors like SQL error, IO Error, etc
0534:             * @throws NotFoundException The user does not exist
0535:             * @throws UserBlockedException The user is blocked
0536:             * @throws InvalidPasswordException The password is not valid
0537:             * @throws ServiceException The authentication service raised an error while validating the password
0538:             * @throws ServiceNotAvailableException The authentication service is not available
0539:             * @throws CannotAuditException Error auditing operation
0540:             * @throws XMLException 
0541:             */
0542:            public void checkPasswordUser(String login, String password,
0543:                    String clientIP) throws DataAccessException,
0544:                    NotFoundException, UserBlockedException,
0545:                    InvalidPasswordException, ServiceException,
0546:                    ServiceNotAvailableException, CannotAuditException,
0547:                    XMLException {
0548:
0549:                Log.write("Enter(login="
0550:                        + StringUtils.defaultString(login, "<null>")
0551:                        + ", password="
0552:                        + ((password == null) ? "<null>" : "******")
0553:                        + ", clientIP="
0554:                        + StringUtils.defaultString(clientIP, "<null>") + ")",
0555:                        Log.INFO, "checkPasswordUser", KasaiFacade.class);
0556:
0557:                long startTime = System.currentTimeMillis();
0558:                String raisedError = null;
0559:                int returnCode = 0;
0560:
0561:                try {
0562:                    UserHandler.getInstance().checkPassword(login, password);
0563:
0564:                    Log.write("Exit", Log.INFO, "checkPasswordUser",
0565:                            KasaiFacade.class);
0566:                } catch (DataAccessException e) {
0567:                    raisedError = KasaiFacade.class.getName() + ".sqlError";
0568:                    returnCode = 1;
0569:                    throw e;
0570:                } catch (NotFoundException nfe) {
0571:                    raisedError = nfe.getMessage();
0572:                    returnCode = 2;
0573:                    throw nfe;
0574:                } catch (UserBlockedException ube) {
0575:                    raisedError = ube.getMessage();
0576:                    returnCode = 3;
0577:                    throw ube;
0578:                } catch (InvalidPasswordException ipe) {
0579:                    raisedError = ipe.getMessage();
0580:                    returnCode = 5;
0581:                    throw ipe;
0582:                } catch (ServiceException se) {
0583:                    raisedError = se.getMessage();
0584:                    returnCode = 7;
0585:                    throw se;
0586:                } catch (ServiceNotAvailableException snae) {
0587:                    Log.write("Error verifing user password", snae, Log.ERROR,
0588:                            "checkPasswordUser", KasaiFacade.class);
0589:
0590:                    raisedError = snae.getMessage();
0591:                    returnCode = 8;
0592:                    throw snae;
0593:                } finally {
0594:
0595:                    login = StringUtils.isEmpty(login) ? "guest" : login;
0596:
0597:                    HashMap<String, String> transactionData = new HashMap<String, String>();
0598:
0599:                    transactionData.put("login", login);
0600:
0601:                    createAuditEntry(login, returnCode, raisedError, (System
0602:                            .currentTimeMillis() - startTime), clientIP,
0603:                            KasaiFacade.class.getName() + ".checkPasswordUser",
0604:                            "/kasai/user/" + login, transactionData);
0605:                }
0606:            }
0607:
0608:            /**
0609:             * Copy all permissions from one object to another.
0610:             *
0611:             * @param loginUser User who is making the request
0612:             * @param sourceObject 
0613:             * @param destinationObject
0614:             *
0615:             * @throws DataAccessException Severe errors like SQL error, IO Error, etc
0616:             * @throws DoesntExistsException One (or both) of the objects does not exist
0617:             */
0618:            public void copyObjectRoles(String loginUser, String sourceObject,
0619:                    String destinationObject) throws DataAccessException,
0620:                    DoesntExistsException {
0621:
0622:                Log.write("Enter", Log.INFO, "copyObjectRoles",
0623:                        KasaiFacade.class);
0624:
0625:                try {
0626:                    AuthObjectHandler.getInstance().copyPermissionsFromObject(
0627:                            sourceObject, destinationObject);
0628:                } catch (DataAccessException e) {
0629:                    throw e;
0630:                } catch (DoesntExistsException deE) {
0631:                    throw deE;
0632:                }
0633:
0634:                Log.write("Exit", Log.INFO, "copyObjectRoles",
0635:                        KasaiFacade.class);
0636:            }
0637:
0638:            /**
0639:             * Audit an operation
0640:             *
0641:             * @param userId User who is making the request
0642:             * @param returnCode Return code
0643:             * @param errorDescription Error description
0644:             * @param duration Duration in milliseconds
0645:             * @param clientIP IP Address of whom is making the request
0646:             * @param operation Operation executed
0647:             * @param objectID Object involved in the operation
0648:             * @param transactionData Extra data
0649:             *
0650:             * @throws CannotAuditException A severe error ocurred while writing the audit entry
0651:             */
0652:            public void createAuditEntry(String userId, int returnCode,
0653:                    String errorDescription, long duration, String clientIP,
0654:                    String operation, String objectID, Document transactionData)
0655:                    throws CannotAuditException {
0656:
0657:                ResourceBundle res = ResourceBundle
0658:                        .getBundle(Constants.CONFIG_PROPERTY_FILE);
0659:                boolean auditIsEnabled = res.getString("kasai.audit.enabled")
0660:                        .equalsIgnoreCase("yes");
0661:
0662:                if (auditIsEnabled) {
0663:                    Log.write(
0664:                            "Enter (userId="
0665:                                    + StringUtils.defaultString(userId,
0666:                                            "<null>")
0667:                                    + ", returnCode="
0668:                                    + returnCode
0669:                                    + ", errorDescription="
0670:                                    + StringUtils.defaultString(
0671:                                            errorDescription, "<null>")
0672:                                    + ", duration="
0673:                                    + duration
0674:                                    + ", clientIP="
0675:                                    + StringUtils.defaultString(clientIP,
0676:                                            "<null>")
0677:                                    + ", operation="
0678:                                    + StringUtils.defaultString(operation,
0679:                                            "<null>")
0680:                                    + ", objectID="
0681:                                    + StringUtils.defaultString(objectID,
0682:                                            "<null>")
0683:                                    + ", transactionData="
0684:                                    + ((transactionData == null) ? "<null>"
0685:                                            : "<data>"), Log.INFO,
0686:                            "createAuditEntry", KasaiFacade.class);
0687:
0688:                    AuditHandler.createEntry(userId, returnCode,
0689:                            errorDescription, duration, clientIP, operation,
0690:                            objectID, transactionData);
0691:
0692:                    Log.write("Exit", Log.INFO, "createAuditEntry",
0693:                            KasaiFacade.class);
0694:                }
0695:            }
0696:
0697:            /**
0698:             * Audits an operation
0699:             *
0700:             * @param userId User who is making the request
0701:             * @param returnCode Return code
0702:             * @param errorDescription Error description
0703:             * @param duration Duration in milliseconds
0704:             * @param clientIP IP Address of whom is making the request
0705:             * @param operation Operation executed
0706:             * @param objectID Object involved in the operation
0707:             * @param transactionData Extra data
0708:             *
0709:             * @throws CannotAuditException A severe error ocurred while writing the audit entry
0710:             */
0711:            public void createAuditEntry(String userId, int returnCode,
0712:                    String errorDescription, long duration, String clientIP,
0713:                    String operation, String objectID,
0714:                    HashMap<String, String> transactionData)
0715:                    throws CannotAuditException {
0716:
0717:                ResourceBundle res = ResourceBundle
0718:                        .getBundle(Constants.CONFIG_PROPERTY_FILE);
0719:                boolean auditIsEnabled = res.getString("kasai.audit.enabled")
0720:                        .equalsIgnoreCase("yes");
0721:
0722:                if (auditIsEnabled) {
0723:                    Log.write("Enter", Log.INFO, "createAuditEntry",
0724:                            KasaiFacade.class);
0725:
0726:                    Document transactionDoc = null;
0727:
0728:                    try {
0729:
0730:                        XMLBean auditXML = new XMLBean("TransactionData");
0731:                        String key;
0732:                        String value;
0733:
0734:                        for (Iterator<String> iter = transactionData.keySet()
0735:                                .iterator(); iter.hasNext();) {
0736:                            key = (String) iter.next();
0737:                            value = (String) transactionData.get(key);
0738:                            auditXML.setString(key, value);
0739:                        }
0740:
0741:                        transactionDoc = auditXML.getXML();
0742:                    } catch (XMLException xmlE) {
0743:                        Log.write("XML error", xmlE, Log.ERROR,
0744:                                "createAuditEntry", KasaiFacade.class);
0745:
0746:                        throw new CannotAuditException(KasaiFacade.class
0747:                                .getName()
0748:                                + ".xmlError", xmlE);
0749:                    }
0750:
0751:                    createAuditEntry(userId, returnCode, errorDescription,
0752:                            duration, clientIP, operation, objectID,
0753:                            transactionDoc);
0754:
0755:                    Log.write("Exit", Log.INFO, "createAuditEntry",
0756:                            KasaiFacade.class);
0757:                }
0758:
0759:            }
0760:
0761:            public void createGroup(String loginUser, Group group,
0762:                    String clientIP) throws DataAccessException,
0763:                    AlreadyExistsException, InvalidAttributesException,
0764:                    NotEnoughPermissionException, CannotAuditException,
0765:                    CriticalException {
0766:
0767:                Log.write("Enter", Log.INFO, "createGroup", KasaiFacade.class);
0768:
0769:                long startTime = System.currentTimeMillis();
0770:                String raisedError = null;
0771:                int returnCode = 0;
0772:
0773:                try {
0774:                    this .validateOperative(loginUser, KasaiFacade.COMMIT_GROUP,
0775:                            "/kasai/group/");
0776:
0777:                    GroupHandler.getInstance().create(group);
0778:
0779:                    this .createObject(loginUser, "/kasai/group/"
0780:                            + group.getId());
0781:                } catch (DataAccessException e) {
0782:                    raisedError = KasaiFacade.class.getName() + ".sqlError";
0783:                    returnCode = 1;
0784:
0785:                    throw e;
0786:                } catch (AlreadyExistsException aeE) {
0787:                    raisedError = aeE.getMessage();
0788:                    returnCode = 2;
0789:
0790:                    throw aeE;
0791:                } catch (InvalidAttributesException e) {
0792:                    raisedError = e.getMessage();
0793:                    returnCode = 3;
0794:
0795:                    throw e;
0796:                } catch (NotEnoughPermissionException nep) {
0797:                    raisedError = nep.getMessage();
0798:                    returnCode = 4;
0799:
0800:                    throw nep;
0801:                } catch (CriticalException ce) {
0802:                    raisedError = ce.getMessage();
0803:                    returnCode = 5;
0804:
0805:                    throw ce;
0806:                } finally {
0807:
0808:                    HashMap<String, String> transactionData = new HashMap<String, String>();
0809:
0810:                    transactionData.put("id", group.getId());
0811:                    transactionData.put("description", group.getDescription());
0812:                    transactionData.put("blocked", String.valueOf(group
0813:                            .getBlocked()));
0814:
0815:                    createAuditEntry(loginUser, returnCode, raisedError,
0816:                            (System.currentTimeMillis() - startTime), clientIP,
0817:                            KasaiFacade.class.getName() + ".createGroup",
0818:                            "/kasai/group/" + group.getId(), transactionData);
0819:                }
0820:
0821:                Log.write("Exit", Log.INFO, "createGroup", KasaiFacade.class);
0822:            }
0823:
0824:            /**
0825:             * Method to create a group
0826:             *
0827:             * @param loginUser User who is making the request
0828:             * @param id Group Group Identifier
0829:             * @param description Group description
0830:             * @param blocked Specify if the group must be blocked or not
0831:             * @param clientIP IP Address of whom is making the request
0832:             *
0833:             * @throws DataAccessException Severe errors like SQL error, IO Error, etc
0834:             * @throws AlreadyExistsException A group with the given ID already exists
0835:             * @throws InvalidAttributesException The attributes are not valid for a group
0836:             * @throws NotEnoughPermissionException The user does not have enough permission to execute this operation
0837:             * @throws CannotAuditException Error auditing transaction
0838:             * @throws CriticalException Severe error creating group
0839:             */
0840:            public void createGroup(String loginUser, String id,
0841:                    String description, boolean blocked, String clientIP)
0842:                    throws DataAccessException, AlreadyExistsException,
0843:                    InvalidAttributesException, NotEnoughPermissionException,
0844:                    CannotAuditException, CriticalException {
0845:
0846:                Group group = new Group();
0847:                group.setId(id);
0848:                group.setDescription(description);
0849:                group.setBlocked(blocked);
0850:
0851:                createGroup(loginUser, group, clientIP);
0852:            }
0853:
0854:            /**
0855:             * Method to register a new object in kasai. It Method assign to the loginUser the role specified in the properties file
0856:             * with the property kasai.default.role
0857:             *
0858:             * @param loginUser User who is making the request
0859:             * @param objectId Object identifier
0860:             *
0861:             * @throws DataAccessException Severe errors like SQL error, IO Error, etc
0862:             * @throws CriticalException The object could be created but not its default permissions
0863:             */
0864:            public void createObject(String loginUser, String objectId)
0865:                    throws DataAccessException, CriticalException {
0866:
0867:                Log.write("Enter", Log.INFO, "createObject", KasaiFacade.class);
0868:
0869:                ResourceBundle res = ResourceBundle
0870:                        .getBundle(Constants.CONFIG_PROPERTY_FILE);
0871:
0872:                try {
0873:                    AuthObjectHandler.getInstance().create(objectId);
0874:                    AuthObjectHandler.getInstance().createObjectUserRole(
0875:                            objectId,
0876:                            loginUser,
0877:                            Integer.parseInt(res
0878:                                    .getString("kasai.default.role")));
0879:                } catch (DataAccessException e) {
0880:                    throw e;
0881:                } catch (DoesntExistsException deE) {
0882:                    throw new CriticalException(deE);
0883:                }
0884:
0885:                Log.write("Exit", Log.INFO, "createObject", KasaiFacade.class);
0886:            }
0887:
0888:            /**
0889:             * Method to assign permissions. This assign the role specified to the group over the object identified by objectId
0890:             *
0891:             * @param loginUser User who is making the request
0892:             * @param objectId Object identifier
0893:             * @param group Group identifier
0894:             * @param role Role identifier
0895:             * @param clientIP IP Address of whom is making the request
0896:             *
0897:             * @throws DataAccessException Severe errors like SQL error, IO Error, etc
0898:             * @throws DoesntExistsException The object, group or role doesnt exists
0899:             * @throws NotEnoughPermissionException The user cannot perform this operation
0900:             * @throws CannotAuditException Error auditing transaction
0901:             * @throws XMLException 
0902:             */
0903:            public void createObjectGroupRole(String loginUser,
0904:                    String objectId, String group, int role, String clientIP)
0905:                    throws DataAccessException, DoesntExistsException,
0906:                    NotEnoughPermissionException, CannotAuditException,
0907:                    XMLException {
0908:
0909:                Log.write("Enter (" + loginUser + "," + objectId + "," + group
0910:                        + "," + role + ")", Log.INFO, "createObjectGroupRole",
0911:                        KasaiFacade.class);
0912:
0913:                long startTime = System.currentTimeMillis();
0914:                String raisedError = null;
0915:                int returnCode = 0;
0916:
0917:                try {
0918:                    this .validateOperative(loginUser, MODIFY_ACCESS, objectId);
0919:
0920:                    AuthObjectHandler.getInstance().createObjectGroupRole(
0921:                            objectId, group, role);
0922:                } catch (DataAccessException e) {
0923:                    raisedError = KasaiFacade.class.getName() + ".sqlError";
0924:                    returnCode = 1;
0925:
0926:                    throw e;
0927:                } catch (DoesntExistsException deE) {
0928:                    raisedError = deE.getMessage();
0929:                    returnCode = 2;
0930:
0931:                    throw deE;
0932:                } catch (NotEnoughPermissionException nep) {
0933:                    raisedError = nep.getMessage();
0934:                    returnCode = 3;
0935:
0936:                    throw nep;
0937:                } finally {
0938:
0939:                    HashMap<String, String> transactionData = new HashMap<String, String>();
0940:
0941:                    transactionData.put("group", group);
0942:                    transactionData.put("role", String.valueOf(role));
0943:
0944:                    createAuditEntry(loginUser, returnCode, raisedError,
0945:                            (System.currentTimeMillis() - startTime), clientIP,
0946:                            KasaiFacade.class.getName()
0947:                                    + ".createObjectGroupRole", objectId,
0948:                            transactionData);
0949:                }
0950:
0951:                Log.write("Exit", Log.INFO, "createObjectGroupRole",
0952:                        KasaiFacade.class);
0953:            }
0954:
0955:            /**
0956:             * Method to assign permissions. This assign the role specified to the user over the object identified by objectId
0957:             *
0958:             * @param objectId User who is making the request
0959:             * @param user User identifier
0960:             * @param role Role identifier
0961:             *
0962:             * @throws DataAccessException Severe errors like SQL error, IO Error, etc
0963:             * @throws DoesntExistsException The object, user or role doesnt exist
0964:             * @throws XMLException 
0965:             */
0966:            public void createObjectUserRole(String objectId, String user,
0967:                    int role) throws DataAccessException,
0968:                    DoesntExistsException, XMLException {
0969:
0970:                Log.write("Enter", Log.INFO, "createObjectUserRole",
0971:                        KasaiFacade.class);
0972:
0973:                try {
0974:                    AuthObjectHandler.getInstance().createObjectUserRole(
0975:                            objectId, user, role);
0976:                } catch (DataAccessException e) {
0977:                    throw e;
0978:                } catch (DoesntExistsException deE) {
0979:                    throw deE;
0980:                }
0981:
0982:                Log.write("Exit", Log.INFO, "createObjectUserRole",
0983:                        KasaiFacade.class);
0984:            }
0985:
0986:            /**
0987:             * Method to assign permissions. This assign the role specified to the user over the object identified by objectId
0988:             *
0989:             * @param loginUser User who is making the request
0990:             * @param objectId Object identifier
0991:             * @param user User identifier
0992:             * @param role Role identifier
0993:             * @param clientIP IP Address of whom is making the request
0994:             *
0995:             * @throws DataAccessException Severe errors like SQL error, IO Error, etc
0996:             * @throws DoesntExistsException The user, object or role doesnt exist
0997:             * @throws NotEnoughPermissionException The user cannot perform this operation
0998:             * @throws CannotAuditException Error auditing transaction
0999:             * @throws XMLException 
1000:             */
1001:            public void createObjectUserRole(String loginUser, String objectId,
1002:                    String user, int role, String clientIP)
1003:                    throws DataAccessException, DoesntExistsException,
1004:                    NotEnoughPermissionException, CannotAuditException,
1005:                    XMLException {
1006:
1007:                Log.write("Enter", Log.INFO, "createObjectUserRole",
1008:                        KasaiFacade.class);
1009:
1010:                long startTime = System.currentTimeMillis();
1011:                String raisedError = null;
1012:                int returnCode = 0;
1013:
1014:                try {
1015:                    this .validateOperative(loginUser, MODIFY_ACCESS, objectId);
1016:
1017:                    AuthObjectHandler.getInstance().createObjectUserRole(
1018:                            objectId, user, role);
1019:                } catch (DataAccessException e) {
1020:                    raisedError = KasaiFacade.class.getName() + ".sqlError";
1021:                    returnCode = 1;
1022:                    throw e;
1023:                } catch (DoesntExistsException deE) {
1024:                    raisedError = deE.getMessage();
1025:                    returnCode = 2;
1026:                    throw deE;
1027:                } catch (NotEnoughPermissionException nep) {
1028:                    raisedError = nep.getMessage();
1029:                    returnCode = 3;
1030:                    throw nep;
1031:                } finally {
1032:
1033:                    HashMap<String, String> transactionData = new HashMap<String, String>();
1034:
1035:                    transactionData.put("user", user);
1036:                    transactionData.put("role", String.valueOf(role));
1037:
1038:                    createAuditEntry(loginUser, returnCode, raisedError,
1039:                            (System.currentTimeMillis() - startTime), clientIP,
1040:                            KasaiFacade.class.getName()
1041:                                    + ".createObjectUserRole", objectId,
1042:                            transactionData);
1043:                }
1044:
1045:                Log.write("Exit", Log.INFO, "createObjectUserRole",
1046:                        KasaiFacade.class);
1047:            }
1048:
1049:            /**
1050:             * Register an object in Kasai, and assign to the user the specified role (roleId) over an object (objectId)
1051:             *
1052:             * @param loginUser User who is making the request
1053:             * @param objectId Object Identifier
1054:             * @param roleId Role identifier
1055:             *
1056:             * @throws DataAccessException Severe errors like SQL error, IO Error, etc
1057:             * @throws DoesntExistsException The user, object or role doesnt exist
1058:             * @throws XMLException 
1059:             */
1060:            public void createObjectWithRole(String loginUser, String objectId,
1061:                    int roleId) throws DataAccessException,
1062:                    DoesntExistsException, XMLException {
1063:
1064:                Log.write("Enter", Log.INFO, "createObjectWithRole",
1065:                        KasaiFacade.class);
1066:
1067:                try {
1068:                    AuthObjectHandler.getInstance().create(objectId);
1069:                    if (roleId != -1) {
1070:                        AuthObjectHandler.getInstance().createObjectUserRole(
1071:                                objectId, loginUser, roleId);
1072:                    }
1073:                } catch (DataAccessException e) {
1074:                    throw e;
1075:                } catch (DoesntExistsException deE) {
1076:                    throw deE;
1077:                }
1078:
1079:                Log.write("Exit", Log.INFO, "createObjectWithRole",
1080:                        KasaiFacade.class);
1081:            }
1082:
1083:            /**
1084:             * Creates a role
1085:             *
1086:             * @param loginUser User who is making the request
1087:             * @param name Name of the role to be created
1088:             * @param description Description of the role to be created
1089:             * @param operatives Operatives of the role to be created
1090:             * @param clientIP IP Address of whom is making the request
1091:             *
1092:             * @throws DataAccessException Severe errors like SQL error, IO Error, etc
1093:             * @throws CriticalException Severe errors like SQL error, IO Error, etc
1094:             * @throws AlreadyExistsException A role with the given name already exists
1095:             * @throws DoesntExistsException One of the given operatives does not exist
1096:             * @throws InvalidAttributesException The attributes are not valid for a role
1097:             * @throws NotEnoughPermissionException The user cannot perform this operation
1098:             * @throws CannotAuditException Error auditing transaction
1099:             */
1100:            public int createRole(String loginUser, String name,
1101:                    String description, String[] operatives, String clientIP)
1102:                    throws AlreadyExistsException, DoesntExistsException,
1103:                    DataAccessException, InvalidAttributesException,
1104:                    NotEnoughPermissionException, CannotAuditException,
1105:                    CriticalException {
1106:
1107:                Log.write("Enter (name=" + name + ")", Log.INFO, "createRole",
1108:                        KasaiFacade.class);
1109:
1110:                long startTime = System.currentTimeMillis();
1111:                String raisedError = null;
1112:                int returnCode = 0;
1113:                int roleId = -1;
1114:
1115:                try {
1116:                    this .validateOperative(loginUser, KasaiFacade.COMMIT_ROLE,
1117:                            "/kasai/role/");
1118:
1119:                    roleId = RoleHandler.getInstance().create(name,
1120:                            description, operatives);
1121:
1122:                    this .createObject(loginUser, "/kasai/role/" + roleId);
1123:
1124:                } catch (AlreadyExistsException aeE) {
1125:                    raisedError = aeE.getMessage();
1126:                    returnCode = 1;
1127:
1128:                    throw aeE;
1129:                } catch (DoesntExistsException deE) {
1130:                    raisedError = deE.getMessage();
1131:                    returnCode = 2;
1132:
1133:                    throw deE;
1134:                } catch (DataAccessException e) {
1135:                    raisedError = KasaiFacade.class.getName() + ".sqlError";
1136:                    returnCode = 3;
1137:
1138:                    throw e;
1139:                } catch (InvalidAttributesException e) {
1140:                    raisedError = e.getMessage();
1141:                    returnCode = 4;
1142:
1143:                    throw e;
1144:                } catch (NotEnoughPermissionException nep) {
1145:                    raisedError = nep.getMessage();
1146:                    returnCode = 5;
1147:
1148:                    throw nep;
1149:                } catch (CriticalException ce) {
1150:                    raisedError = ce.getMessage();
1151:                    returnCode = 6;
1152:
1153:                    throw ce;
1154:                } finally {
1155:
1156:                    HashMap<String, String> transactionData = new HashMap<String, String>();
1157:
1158:                    transactionData.put("name", name);
1159:                    transactionData.put("description", description);
1160:
1161:                    createAuditEntry(loginUser, returnCode, raisedError,
1162:                            (System.currentTimeMillis() - startTime), clientIP,
1163:                            KasaiFacade.class.getName() + ".createRole",
1164:                            "/kasai/role/" + roleId, transactionData);
1165:                }
1166:
1167:                Log.write("Exit", Log.INFO, "createRole", KasaiFacade.class);
1168:
1169:                return roleId;
1170:            }
1171:
1172:            /**
1173:             * Creates a user
1174:             *
1175:             * @param loginUser User who is making the request
1176:             * @param idUser Identifier of the user to be created
1177:             * @param firstName First Name of the user to be created
1178:             * @param lastName Last Name of the user to be created
1179:             * @param email Email of the user to be created
1180:             * @param blocked Specifies if the user must be blocked or not
1181:             * @param description Description of the user to be created
1182:             * @param superUser Specifies if the user must be superUser or not
1183:             * @param clientIP IP Address of whom is making the request
1184:             *
1185:             * @throws DataAccessException Severe errors like SQL error, IO Error, etc
1186:             * @throws CriticalException Severe errors like SQL error, IO Error, etc
1187:             * @throws AlreadyExistsException A user with the given id already exists
1188:             * @throws InvalidAttributesException The attributes are not valid for a user
1189:             * @throws DoesntExistsException The user executing the transaction does not exist
1190:             * @throws NotEnoughPermissionException The user cannot perform this operation
1191:             * @throws CannotAuditException Error auditing transaction
1192:             * @throws InvalidPasswordException 
1193:             */
1194:            public void createUser(String loginUser, String idUser,
1195:                    String firstName, String lastName, String email,
1196:                    boolean blocked, String description, boolean super User,
1197:                    String clientIP) throws DataAccessException,
1198:                    AlreadyExistsException, InvalidAttributesException,
1199:                    DoesntExistsException, NotEnoughPermissionException,
1200:                    CannotAuditException, CriticalException,
1201:                    InvalidPasswordException {
1202:
1203:                User user = new User();
1204:                user.setLogin(idUser);
1205:                user.setFirstName(firstName);
1206:                user.setLastName(lastName);
1207:                user.setEmail(email);
1208:                user.setBlocked(blocked);
1209:                user.setDescription(description);
1210:                user.setSuperUser(super User);
1211:
1212:                createUser(loginUser, user, null, clientIP);
1213:            }
1214:
1215:            /**
1216:             * Creates a user
1217:             *
1218:             * @param loginUser User who is making the request
1219:             * @param idUser Identifier of the user to be created
1220:             * @param firstName First Name of the user to be created
1221:             * @param lastName Last Name of the user to be created
1222:             * @param email Email of the user to be created
1223:             * @param blocked Specifies if the user must be blocked or not
1224:             * @param description Description of the user to be created
1225:             * @param superUser Specifies if the user must be superUser or not
1226:             * @param password Password to assign to the user
1227:             * @param clientIP IP Address of whom is making the request
1228:             *
1229:             * @throws DataAccessException Severe errors like SQL error, IO Error, etc
1230:             * @throws CriticalException Severe errors like SQL error, IO Error, etc
1231:             * @throws AlreadyExistsException A user with the given id already exists
1232:             * @throws InvalidAttributesException The attributes are not valid for a user
1233:             * @throws DoesntExistsException The user executing the transaction does not exist
1234:             * @throws NotEnoughPermissionException The user cannot perform this operation
1235:             * @throws CannotAuditException Error auditing transaction
1236:             */
1237:            public void createUser(String loginUser, String idUser,
1238:                    String firstName, String lastName, String email,
1239:                    boolean blocked, String description, boolean super User,
1240:                    String password, String clientIP)
1241:                    throws DataAccessException, AlreadyExistsException,
1242:                    InvalidAttributesException, DoesntExistsException,
1243:                    NotEnoughPermissionException, CannotAuditException,
1244:                    CriticalException, InvalidPasswordException {
1245:
1246:                User user = new User();
1247:                user.setLogin(idUser);
1248:                user.setFirstName(firstName);
1249:                user.setLastName(lastName);
1250:                user.setEmail(email);
1251:                user.setBlocked(blocked);
1252:                user.setDescription(description);
1253:                user.setSuperUser(super User);
1254:
1255:                createUser(loginUser, user, password, clientIP);
1256:            }
1257:
1258:            public void createUser(String loginUser, User user,
1259:                    String password, String clientIP)
1260:                    throws DataAccessException, AlreadyExistsException,
1261:                    InvalidAttributesException, DoesntExistsException,
1262:                    NotEnoughPermissionException, CannotAuditException,
1263:                    CriticalException, InvalidPasswordException {
1264:
1265:                Log.write("Enter", Log.INFO, "createUser", KasaiFacade.class);
1266:
1267:                long startTime = System.currentTimeMillis();
1268:                String raisedError = null;
1269:                int returnCode = 0;
1270:
1271:                try {
1272:                    this .validateOperative(loginUser, KasaiFacade.COMMIT_USER,
1273:                            "/kasai/user/");
1274:
1275:                    boolean sU = this .readUser(loginUser).getSuperUser();
1276:
1277:                    if (!sU) {
1278:                        user.setSuperUser(false);
1279:                    }
1280:
1281:                    if (password == null) {
1282:                        UserHandler.getInstance().create(user);
1283:                    } else {
1284:                        UserHandler.getInstance().create(user, password);
1285:                    }
1286:
1287:                    ResourceBundle res = ResourceBundle
1288:                            .getBundle(Constants.CONFIG_PROPERTY_FILE);
1289:                    String group = res.getString("kasai.group.all");
1290:
1291:                    GroupHandler.getInstance().addUserToGroup(user.getLogin(),
1292:                            group);
1293:                    this .createObject(loginUser, "/kasai/user/"
1294:                            + user.getLogin());
1295:                } catch (DataAccessException e) {
1296:                    raisedError = KasaiFacade.class.getName() + ".sqlError";
1297:                    returnCode = 1;
1298:
1299:                    throw e;
1300:                } catch (AlreadyExistsException aeE) {
1301:                    raisedError = aeE.getMessage();
1302:                    returnCode = 2;
1303:
1304:                    throw aeE;
1305:                } catch (InvalidAttributesException e) {
1306:                    raisedError = e.getMessage();
1307:                    returnCode = 3;
1308:
1309:                    throw e;
1310:                } catch (DoesntExistsException deE) {
1311:                    raisedError = deE.getMessage();
1312:                    returnCode = 4;
1313:
1314:                    throw deE;
1315:                } catch (NotEnoughPermissionException nep) {
1316:                    raisedError = nep.getMessage();
1317:                    returnCode = 5;
1318:
1319:                    throw nep;
1320:                } catch (CriticalException ce) {
1321:                    raisedError = ce.getMessage();
1322:                    returnCode = 6;
1323:
1324:                    throw ce;
1325:                } finally {
1326:
1327:                    HashMap<String, String> transactionData = new HashMap<String, String>();
1328:
1329:                    transactionData.put("idUser", user.getLogin());
1330:                    transactionData.put("firstName", user.getFirstName());
1331:                    transactionData.put("lastName", user.getLastName());
1332:                    transactionData.put("email", user.getEmail());
1333:                    transactionData.put("blocked", String.valueOf(user
1334:                            .getBlocked()));
1335:                    transactionData.put("description", user.getDescription());
1336:                    transactionData.put("superUser", String.valueOf(user
1337:                            .getSuperUser()));
1338:
1339:                    createAuditEntry(loginUser, returnCode, raisedError,
1340:                            (System.currentTimeMillis() - startTime), clientIP,
1341:                            KasaiFacade.class.getName() + ".createUser",
1342:                            "/kasai/user/" + user.getLogin(), transactionData);
1343:                }
1344:
1345:                Log.write("Exit", Log.INFO, "createUser", KasaiFacade.class);
1346:            }
1347:
1348:            /**
1349:             * Deletes a group
1350:             *
1351:             * @param loginUser User who is making the request
1352:             * @param group Group identifier to be deleted
1353:             * @param clientIP IP Address of whom is making the request
1354:             *
1355:             * @throws DataAccessException Severe errors like SQL error, IO Error, etc
1356:             * @throws NotEnoughPermissionException The user cannot perform this operation
1357:             * @throws CannotAuditException Error auditing transaction
1358:             */
1359:            public void deleteGroup(String loginUser, String group,
1360:                    String clientIP) throws DataAccessException,
1361:                    NotEnoughPermissionException, CannotAuditException {
1362:
1363:                Log.write("Enter", Log.INFO, "deleteGroup", KasaiFacade.class);
1364:
1365:                long startTime = System.currentTimeMillis();
1366:                String raisedError = null;
1367:                int returnCode = 0;
1368:
1369:                try {
1370:                    this .validateOperative(loginUser, DELETE_GROUP,
1371:                            "/kasai/group/" + group);
1372:
1373:                    GroupHandler.getInstance().delete(group);
1374:
1375:                    deleteObject("/kasai/group/" + group);
1376:                } catch (DataAccessException e) {
1377:                    raisedError = KasaiFacade.class.getName() + ".sqlError";
1378:                    returnCode = 1;
1379:
1380:                    throw e;
1381:                } catch (NotEnoughPermissionException nep) {
1382:                    raisedError = nep.getMessage();
1383:                    returnCode = 2;
1384:
1385:                    throw nep;
1386:                } finally {
1387:
1388:                    HashMap<String, String> transactionData = new HashMap<String, String>();
1389:
1390:                    transactionData.put("group", group);
1391:
1392:                    createAuditEntry(loginUser, returnCode, raisedError,
1393:                            (System.currentTimeMillis() - startTime), clientIP,
1394:                            KasaiFacade.class.getName() + ".deleteGroup",
1395:                            "/kasai/group/" + group, transactionData);
1396:                }
1397:
1398:                Log.write("Exit", Log.INFO, "deleteGroup", KasaiFacade.class);
1399:            }
1400:
1401:            /**
1402:             * Unregister an object from Kasai
1403:             *
1404:             * @param objectId Object identifier to be deleted
1405:             *
1406:             * @throws DataAccessException Severe errors like SQL error, IO Error, etc
1407:             */
1408:            public void deleteObject(String objectId)
1409:                    throws DataAccessException {
1410:                Log.write("Enter", Log.INFO, "deleteObject", KasaiFacade.class);
1411:
1412:                try {
1413:                    AuthObjectHandler.getInstance().delete(objectId);
1414:                } catch (DataAccessException e) {
1415:                    throw e;
1416:                }
1417:
1418:                Log.write("Exit", Log.INFO, "deleteObject", KasaiFacade.class);
1419:            }
1420:
1421:            /**
1422:             * Remove an assigned role to the group over an object
1423:             *
1424:             * @param loginUser User who is making the request
1425:             * @param id Identifier
1426:             * @param clientIP IP Address of whom is making the request
1427:             *
1428:             * @throws DataAccessException Severe errors like SQL error, IO Error, etc
1429:             * @throws CannotAuditException Error auditing transaction
1430:             */
1431:            public void deleteObjectGroupRole(String loginUser, int id,
1432:                    String clientIP) throws DataAccessException,
1433:                    CannotAuditException {
1434:
1435:                Log.write("Enter", Log.INFO, "deleteObjectGroupRole",
1436:                        KasaiFacade.class);
1437:
1438:                long startTime = System.currentTimeMillis();
1439:                String raisedError = null;
1440:                int returnCode = 0;
1441:
1442:                try {
1443:                    AuthObjectHandler.getInstance().deleteObjectGroupRole(id);
1444:                } catch (DataAccessException e) {
1445:                    raisedError = KasaiFacade.class.getName() + ".sqlError";
1446:                    returnCode = 1;
1447:
1448:                    throw e;
1449:                } finally {
1450:
1451:                    HashMap<String, String> transactionData = new HashMap<String, String>();
1452:
1453:                    transactionData.put("id", String.valueOf(id));
1454:
1455:                    createAuditEntry(loginUser, returnCode, raisedError,
1456:                            (System.currentTimeMillis() - startTime), clientIP,
1457:                            KasaiFacade.class.getName()
1458:                                    + ".deleteObjectGroupRole", "",
1459:                            transactionData);
1460:                }
1461:
1462:                Log.write("Exit", Log.INFO, "deleteObjectGroupRole",
1463:                        KasaiFacade.class);
1464:            }
1465:
1466:            /**
1467:             * Remove all assigned roles to the user over an object
1468:             *
1469:             * @param loginUser User who is making the request
1470:             * @param id Relation identifier to be deleted
1471:             * @param clientIP IP Address of whom is making the request
1472:             *
1473:             * @throws DataAccessException Severe errors like SQL error, IO Error, etc
1474:             * @throws CannotAuditException Error auditing transaction
1475:             */
1476:            public void deleteObjectUserRole(String loginUser, int id,
1477:                    String clientIP) throws DataAccessException,
1478:                    CannotAuditException {
1479:
1480:                Log.write("Enter", Log.INFO, "deleteObjectUserRole",
1481:                        KasaiFacade.class);
1482:
1483:                long startTime = System.currentTimeMillis();
1484:                String raisedError = null;
1485:                int returnCode = 0;
1486:
1487:                try {
1488:                    AuthObjectHandler.getInstance().deleteObjectUserRole(id);
1489:                } finally {
1490:
1491:                    HashMap<String, String> transactionData = new HashMap<String, String>();
1492:
1493:                    transactionData.put("id", String.valueOf(id));
1494:
1495:                    createAuditEntry(loginUser, returnCode, raisedError,
1496:                            (System.currentTimeMillis() - startTime), clientIP,
1497:                            KasaiFacade.class.getName()
1498:                                    + ".deleteObjectUserRole", "",
1499:                            transactionData);
1500:                }
1501:
1502:                Log.write("Exit", Log.INFO, "deleteObjectUserRole",
1503:                        KasaiFacade.class);
1504:            }
1505:
1506:            /**
1507:             * Remove all assigned roles to the user over an object
1508:             *
1509:             * @param user User who is making the request
1510:             * @param idObject Object identifier
1511:             *
1512:             * @throws DataAccessException Severe errors like SQL error, IO Error, etc
1513:             */
1514:            public void deleteObjectUserRole(String user, String idObject)
1515:                    throws DataAccessException {
1516:
1517:                Log.write("Enter", Log.INFO, "deleteObjectUserRole",
1518:                        KasaiFacade.class);
1519:
1520:                AuthObjectHandler.getInstance().deleteObjectUserRole(user,
1521:                        idObject);
1522:
1523:                Log.write("Exit", Log.INFO, "deleteObjectUserRole",
1524:                        KasaiFacade.class);
1525:            }
1526:
1527:            /**
1528:             * Remove an assigned role to the user over an object
1529:             *
1530:             * @param loginUser User who is making the request
1531:             * @param user User identifier
1532:             * @param idObject Object identifier
1533:             * @param role Role identifier
1534:             * @param clientIP IP Address of whom is making the request
1535:             *
1536:             * @throws DataAccessException Severe errors like SQL error, IO Error, etc
1537:             * @throws NotEnoughPermissionException The user cannot perform this operation
1538:             * @throws CannotAuditException Error auditing transaction
1539:             */
1540:            public void deleteObjectUserRole(String loginUser, String user,
1541:                    String idObject, int role, String clientIP)
1542:                    throws DataAccessException, NotEnoughPermissionException,
1543:                    CannotAuditException {
1544:
1545:                Log.write("Enter", Log.INFO, "deleteObjectUserRole",
1546:                        KasaiFacade.class);
1547:
1548:                long startTime = System.currentTimeMillis();
1549:                String raisedError = null;
1550:                int returnCode = 0;
1551:
1552:                try {
1553:                    this .validateOperative(loginUser, MODIFY_ACCESS, idObject);
1554:
1555:                    AuthObjectHandler.getInstance().deleteObjectUserRole(user,
1556:                            idObject, role);
1557:                } catch (DataAccessException e) {
1558:                    raisedError = KasaiFacade.class.getName() + ".sqlError";
1559:                    returnCode = 1;
1560:
1561:                    throw e;
1562:                } catch (NotEnoughPermissionException nep) {
1563:                    raisedError = nep.getMessage();
1564:                    returnCode = 2;
1565:
1566:                    throw nep;
1567:                } finally {
1568:
1569:                    HashMap<String, String> transactionData = new HashMap<String, String>();
1570:
1571:                    transactionData.put("user", user);
1572:                    transactionData.put("role", String.valueOf(role));
1573:
1574:                    createAuditEntry(loginUser, returnCode, raisedError,
1575:                            (System.currentTimeMillis() - startTime), clientIP,
1576:                            KasaiFacade.class.getName()
1577:                                    + ".deleteObjectUserRole", idObject,
1578:                            transactionData);
1579:                }
1580:
1581:                Log.write("Exit", Log.INFO, "deleteObjectUserRole",
1582:                        KasaiFacade.class);
1583:            }
1584:
1585:            /**
1586:             * Remove all assigned roles to the user over an object
1587:             *
1588:             * @param loginUser User who is making the request
1589:             * @param user User identifier
1590:             * @param idObject Object identifier
1591:             * @param clientIP IP Address of whom is making the request
1592:             *
1593:             * @throws DataAccessException Severe errors like SQL error, IO Error, etc
1594:             * @throws NotEnoughPermissionException The user cannot perform this operation
1595:             * @throws CannotAuditException Error auditing transaction
1596:             */
1597:            public void deleteObjectUserRole(String loginUser, String user,
1598:                    String idObject, String clientIP)
1599:                    throws DataAccessException, NotEnoughPermissionException,
1600:                    CannotAuditException {
1601:
1602:                Log.write("Enter", Log.INFO, "deleteObjectUserRole",
1603:                        KasaiFacade.class);
1604:
1605:                long startTime = System.currentTimeMillis();
1606:                String raisedError = null;
1607:                int returnCode = 0;
1608:
1609:                try {
1610:                    this .validateOperative(loginUser, MODIFY_ACCESS, idObject);
1611:
1612:                    AuthObjectHandler.getInstance().deleteObjectUserRole(user,
1613:                            idObject);
1614:                } catch (DataAccessException e) {
1615:                    raisedError = KasaiFacade.class.getName() + ".sqlError";
1616:                    returnCode = 1;
1617:
1618:                    throw e;
1619:                } catch (NotEnoughPermissionException nep) {
1620:                    raisedError = nep.getMessage();
1621:                    returnCode = 2;
1622:
1623:                    throw nep;
1624:                } finally {
1625:
1626:                    HashMap<String, String> transactionData = new HashMap<String, String>();
1627:
1628:                    transactionData.put("user", user);
1629:
1630:                    createAuditEntry(loginUser, returnCode, raisedError,
1631:                            (System.currentTimeMillis() - startTime), clientIP,
1632:                            KasaiFacade.class.getName()
1633:                                    + ".deleteObjectUserRole", idObject,
1634:                            transactionData);
1635:                }
1636:
1637:                Log.write("Exit", Log.INFO, "deleteObjectUserRole",
1638:                        KasaiFacade.class);
1639:            }
1640:
1641:            /**
1642:             * Delete a role
1643:             *
1644:             * @param loginUser User who is making the request
1645:             * @param role Role identifier to be deleted
1646:             * @param clientIP IP Address of whom is making the request
1647:             *
1648:             * @throws DataAccessException Severe errors like SQL error, IO Error, etc
1649:             * @throws NotEnoughPermissionException The user cannot perform this operation
1650:             * @throws CannotAuditException Error auditing transaction
1651:             */
1652:            public void deleteRole(String loginUser, int role, String clientIP)
1653:                    throws DataAccessException, NotEnoughPermissionException,
1654:                    CannotAuditException {
1655:
1656:                Log.write("Enter", Log.INFO, "deleteRole", KasaiFacade.class);
1657:
1658:                long startTime = System.currentTimeMillis();
1659:                String raisedError = null;
1660:                int returnCode = 0;
1661:
1662:                try {
1663:                    this .validateOperative(loginUser, DELETE_ROLE,
1664:                            "/kasai/role/" + role);
1665:
1666:                    this .deleteObject("/kasai/role/" + role);
1667:                    RoleHandler.getInstance().delete(role);
1668:                } catch (DataAccessException e) {
1669:                    raisedError = KasaiFacade.class.getName() + ".sqlError";
1670:                    returnCode = 1;
1671:
1672:                    throw e;
1673:                } catch (NotEnoughPermissionException nep) {
1674:                    raisedError = nep.getMessage();
1675:                    returnCode = 2;
1676:
1677:                    throw nep;
1678:                } finally {
1679:
1680:                    HashMap<String, String> transactionData = new HashMap<String, String>();
1681:
1682:                    transactionData.put("role", String.valueOf(role));
1683:
1684:                    createAuditEntry(loginUser, returnCode, raisedError,
1685:                            (System.currentTimeMillis() - startTime), clientIP,
1686:                            KasaiFacade.class.getName()
1687:                                    + ".deleteObjectUserRole", "/kasai/role/"
1688:                                    + role, transactionData);
1689:                }
1690:
1691:                Log.write("Exit", Log.INFO, "deleteRole", KasaiFacade.class);
1692:            }
1693:
1694:            /**
1695:             * Delete a user
1696:             *
1697:             * @param loginUser User who is making the request
1698:             * @param idUserToDelete User identifier to be deleted
1699:             * @param clientIP IP Address of whom is making the request
1700:             *
1701:             * @throws DataAccessException Severe errors like SQL error, IO Error, etc
1702:             * @throws NotEnoughPermissionException The user cannot perform this operation
1703:             * @throws CannotAuditException Error auditing transaction
1704:             */
1705:            public void deleteUser(String loginUser, String idUserToDelete,
1706:                    String clientIP) throws DataAccessException,
1707:                    NotEnoughPermissionException, CannotAuditException {
1708:
1709:                Log.write("Enter", Log.INFO, "deleteUser", KasaiFacade.class);
1710:
1711:                long startTime = System.currentTimeMillis();
1712:                String raisedError = null;
1713:                int returnCode = 0;
1714:
1715:                try {
1716:                    this .validateOperative(loginUser, DELETE_USER,
1717:                            "/kasai/user/" + idUserToDelete);
1718:
1719:                    UserHandler.getInstance().delete(idUserToDelete);
1720:
1721:                    this .deleteObject("/kasai/user/" + idUserToDelete);
1722:                } catch (DataAccessException e) {
1723:                    raisedError = KasaiFacade.class.getName() + ".sqlError";
1724:                    returnCode = 1;
1725:
1726:                    throw e;
1727:                } catch (NotEnoughPermissionException nep) {
1728:                    raisedError = nep.getMessage();
1729:                    returnCode = 2;
1730:
1731:                    throw nep;
1732:                } finally {
1733:
1734:                    HashMap<String, String> transactionData = new HashMap<String, String>();
1735:
1736:                    transactionData.put("idUserToDelete", idUserToDelete);
1737:
1738:                    createAuditEntry(loginUser, returnCode, raisedError,
1739:                            (System.currentTimeMillis() - startTime), clientIP,
1740:                            KasaiFacade.class.getName() + ".deleteUser",
1741:                            "/kasai/user/" + idUserToDelete, transactionData);
1742:                }
1743:
1744:                Log.write("Exit", Log.INFO, "deleteUser", KasaiFacade.class);
1745:            }
1746:
1747:            /**
1748:             * Method to verify if a specific user is part of a specific group
1749:             *
1750:             * @param login User who is making the request 
1751:             * @param userId Specific user
1752:             * @param groupId Specific group
1753:             *
1754:             * @return true if the userId is part of a groupId
1755:             *
1756:             * @throws DataAccessException Severe errors like SQL error, IO Error, etc Severe error (SQL errors, IO errors, etc)
1757:             * @throws XMLException 
1758:             */
1759:            public boolean isUserInGroup(String login, String userId,
1760:                    String groupId) throws DataAccessException, XMLException {
1761:
1762:                Log
1763:                        .write("Enter", Log.INFO, "isUserInGroup",
1764:                                KasaiFacade.class);
1765:
1766:                boolean result = false;
1767:                Collection<User> users = null;
1768:
1769:                if ((StringUtils.isNotEmpty(userId))
1770:                        && (StringUtils.isNotEmpty(groupId))) {
1771:                    users = UserHandler.getInstance().list(userId, null, null,
1772:                            null, -1, null, groupId);
1773:                }
1774:
1775:                result = (users != null) && (users.size() > 0);
1776:
1777:                Log.write("Exit", Log.INFO, "isUserInGroup", KasaiFacade.class);
1778:
1779:                return result;
1780:            }
1781:
1782:            public Collection<AuditBean> listAuditEntries(String loginUser,
1783:                    java.util.Date dateFrom, java.util.Date dateTo,
1784:                    java.lang.String user, java.lang.String operation,
1785:                    String clientIP) throws DataAccessException,
1786:                    NonCriticalException, CannotAuditException {
1787:
1788:                Log.write("Enter", Log.INFO, "listAuditEntries",
1789:                        KasaiFacade.class);
1790:
1791:                long startTime = System.currentTimeMillis();
1792:                String raisedError = null;
1793:                int returnCode = 0;
1794:                Collection<AuditBean> result = null;
1795:
1796:                try {
1797:                    this .validateOperative(loginUser,
1798:                            KasaiFacade.LIST_AUDIT_ENTRIES, "/kasai");
1799:
1800:                    result = AuditHandler.listEntries(dateFrom, dateTo, user,
1801:                            operation);
1802:                } catch (DataAccessException e) {
1803:                    raisedError = KasaiFacade.class.getName() + ".sqlError";
1804:                    returnCode = 1;
1805:
1806:                    throw e;
1807:                } catch (InvalidAttributesException iaE) {
1808:                    raisedError = iaE.getMessage();
1809:                    returnCode = 2;
1810:
1811:                    throw iaE;
1812:                } catch (NotEnoughPermissionException nep) {
1813:                    raisedError = nep.getMessage();
1814:                    returnCode = 3;
1815:
1816:                    throw nep;
1817:                } catch (DoesntExistsException dee) {
1818:                    raisedError = dee.getMessage();
1819:                    returnCode = 4;
1820:
1821:                    throw dee;
1822:                } catch (NonCriticalException e) {
1823:                    raisedError = e.getMessage();
1824:                    returnCode = 5;
1825:
1826:                    throw e;
1827:                } finally {
1828:
1829:                    HashMap<String, String> transactionData = new HashMap<String, String>();
1830:                    DateFormat format = new SimpleDateFormat(
1831:                            "yyyy-MM-dd HH:mm:ss.SSS");
1832:
1833:                    if (dateFrom != null) {
1834:                        transactionData
1835:                                .put("dateFrom", format.format(dateFrom));
1836:                    }
1837:                    if (dateTo != null) {
1838:                        transactionData.put("dateTo", format.format(dateTo));
1839:                    }
1840:                    transactionData.put("user", user);
1841:                    transactionData.put("operation", operation);
1842:
1843:                    createAuditEntry(loginUser, returnCode, raisedError,
1844:                            (System.currentTimeMillis() - startTime), clientIP,
1845:                            KasaiFacade.class.getName() + ".listAuditEntries",
1846:                            "/kasai", transactionData);
1847:                }
1848:
1849:                Log.write("Exit", Log.INFO, "listAuditEntries",
1850:                        KasaiFacade.class);
1851:
1852:                return result;
1853:            }
1854:
1855:            public String[] listGroupMembers(String groupId)
1856:                    throws DataAccessException {
1857:                String[] members = null;
1858:
1859:                Log.write("Enter", Log.INFO, "listGroupMembers",
1860:                        KasaiFacade.class);
1861:
1862:                members = UserHandler.getInstance().listUsernames(groupId);
1863:
1864:                Log.write("Exit", Log.INFO, "listGroupMembers",
1865:                        KasaiFacade.class);
1866:
1867:                return members;
1868:            }
1869:
1870:            /**
1871:             * List groups
1872:             *
1873:             * @param actualUser User making the request
1874:             * @param idGroup It filters the list by group identifier
1875:             * @param description It filters the list by group description
1876:             * @param blocked It filters the list by blocked attribute
1877:             * @param system It filters the list by system attribute
1878:             *
1879:             * @return Groups that satisfy given filters.
1880:             *
1881:             * @throws DataAccessException Severe errors like SQL error, IO Error, etc
1882:             * @throws XMLException 
1883:             */
1884:            public List<Group> listGroups(String actualUser, String idGroup,
1885:                    String description, int blocked, int system)
1886:                    throws DataAccessException, XMLException {
1887:
1888:                List<Group> groups = null;
1889:
1890:                Log.write("Enter", Log.INFO, "listGroups", KasaiFacade.class);
1891:
1892:                groups = GroupHandler.getInstance().list(idGroup, description,
1893:                        blocked, system, null);
1894:
1895:                Log.write("Exit", Log.INFO, "listGroups", KasaiFacade.class);
1896:
1897:                return groups;
1898:            }
1899:
1900:            /**
1901:             * List all the groups a user is member of
1902:             *
1903:             * @param user user identifier
1904:             *
1905:             * @return A collection containing the groups
1906:             *
1907:             * @throws DataAccessException Severe errors like SQL error, IO Error, etc
1908:             * @throws XMLException 
1909:             */
1910:            public Collection<Group> listGroupsFromUser(String user)
1911:                    throws DataAccessException, XMLException {
1912:
1913:                Collection<Group> groups = new ArrayList();
1914:
1915:                Log.write("Enter", Log.INFO, "listGroupsFromUser",
1916:                        KasaiFacade.class);
1917:
1918:                groups = GroupHandler.getInstance().list(null, null, -1, -1,
1919:                        user);
1920:
1921:                Log.write("Exit", Log.INFO, "listGroupsFromUser",
1922:                        KasaiFacade.class);
1923:
1924:                return groups;
1925:            }
1926:
1927:            /**
1928:             * List all the groups a user is member of
1929:             *
1930:             * @param loginUser User who is making the request
1931:             * @param user User identifier
1932:             *
1933:             * @return A collection containing groups
1934:             *
1935:             * @throws DataAccessException Severe errors like SQL error, IO Error, etc
1936:             * @throws NotEnoughPermissionException The user cannot perform this operation
1937:             * @throws XMLException 
1938:             */
1939:            public Collection<Group> listGroupsFromUser(String loginUser,
1940:                    String user) throws DataAccessException,
1941:                    NotEnoughPermissionException, XMLException {
1942:
1943:                Collection<Group> groups = new ArrayList();
1944:
1945:                Log.write("Enter", Log.INFO, "listGroupsFromUser",
1946:                        KasaiFacade.class);
1947:
1948:                if (!user.equals(loginUser)) {
1949:                    this .validateOperative(loginUser, KasaiFacade.READ_USER,
1950:                            "/kasai/user/" + user);
1951:                }
1952:
1953:                groups = GroupHandler.getInstance().list(null, null, -1, -1,
1954:                        user);
1955:
1956:                Log.write("Exit", Log.INFO, "listGroupsFromUser",
1957:                        KasaiFacade.class);
1958:
1959:                return groups;
1960:            }
1961:
1962:            /**
1963:             * List groups that have a given operative assigned over a specific object.
1964:             *
1965:             * @param operative Operative
1966:             * @param object Object identifier
1967:             *
1968:             * @return A collection of groups
1969:             *
1970:             * @throws DataAccessException Severe errors like SQL error, IO Error, etc
1971:             * @throws XMLException 
1972:             */
1973:            public Collection<Group> listGroupsOperativeCollection(
1974:                    String operative, String object)
1975:                    throws DataAccessException, XMLException {
1976:
1977:                Collection<Group> groups = null;
1978:
1979:                Log.write("Enter", Log.INFO, "listGroupsOperativeCollection",
1980:                        KasaiFacade.class);
1981:
1982:                groups = OperativeHandler.getInstance().listGroupsOperative(
1983:                        operative, object);
1984:
1985:                Log.write("Exit", Log.INFO, "listGroupsOperativeCollection",
1986:                        KasaiFacade.class);
1987:
1988:                return groups;
1989:            }
1990:
1991:            /**
1992:             * List assigned permissions over a given object
1993:             *
1994:             * @param loginUser User who is making the request
1995:             * @param idObject Object identifier
1996:             *
1997:             * @return 
1998:             *
1999:             * @throws DataAccessException Severe errors like SQL error, IO Error, etc
2000:             */
2001:            public Collection listObjectRoles(String loginUser, String idObject)
2002:                    throws DataAccessException {
2003:
2004:                Log.write("Enter", Log.INFO, "listObjectRoles",
2005:                        KasaiFacade.class);
2006:
2007:                Collection list = new ArrayList();
2008:
2009:                list.addAll(AuthObjectHandler.getInstance()
2010:                        .listObjectGroupsRoles(idObject));
2011:                list.addAll(AuthObjectHandler.getInstance()
2012:                        .listObjectUsersRoles(idObject));
2013:
2014:                Log.write("Exit", Log.INFO, "listObjectRoles",
2015:                        KasaiFacade.class);
2016:
2017:                return list;
2018:            }
2019:
2020:            /**
2021:             * List all operatives
2022:             *
2023:             * @param loginUser User who is making the request
2024:             *
2025:             * @return Operatives
2026:             *
2027:             * @throws DataAccessException Severe errors like SQL error, IO Error, etc
2028:             */
2029:            public Collection<Operative> listOperatives(String loginUser)
2030:                    throws DataAccessException {
2031:
2032:                Log.write("Enter", Log.INFO, "listOperatives",
2033:                        KasaiFacade.class);
2034:
2035:                Collection<Operative> operatives = null;
2036:
2037:                operatives = OperativeHandler.getInstance().list(null);
2038:
2039:                Log
2040:                        .write("Exit", Log.INFO, "listOperatives",
2041:                                KasaiFacade.class);
2042:
2043:                return operatives;
2044:            }
2045:
2046:            /**
2047:             * List all operatives for a given role
2048:             *
2049:             * @param loginUser User who is making the request
2050:             * @param role Role Identifier
2051:             *
2052:             * @return 
2053:             *
2054:             * @throws DataAccessException Severe errors like SQL error, IO Error, etc
2055:             */
2056:            public Collection<Operative> listOperativesFromRole(
2057:                    String loginUser, int role) throws DataAccessException {
2058:
2059:                Log.write("Enter", Log.INFO, "listOperativesFromRole",
2060:                        KasaiFacade.class);
2061:
2062:                Collection<Operative> list = new ArrayList<Operative>();
2063:
2064:                list = RoleHandler.getInstance().listOperativesFromRole(role,
2065:                        "");
2066:
2067:                Log.write("Exit", Log.INFO, "listOperativesFromRole",
2068:                        KasaiFacade.class);
2069:
2070:                return list;
2071:            }
2072:
2073:            /**
2074:             * List operatives that are not part of the role
2075:             *
2076:             * @param loginUser User who is making the request
2077:             * @param role Role identifier
2078:             *
2079:             * @return
2080:             *
2081:             * @throws DataAccessException Severe errors like SQL error, IO Error, etc
2082:             */
2083:            public Collection<Operative> listOperativesNotInRole(
2084:                    String loginUser, int role) throws DataAccessException {
2085:
2086:                Log.write("Enter", Log.INFO, "listOperativesNotInRole",
2087:                        KasaiFacade.class);
2088:
2089:                Collection<Operative> list = new ArrayList<Operative>();
2090:
2091:                list = RoleHandler.getInstance().listOperativesNotInRole(role);
2092:
2093:                Log.write("Exit", Log.INFO, "listOperativesNotInRole",
2094:                        KasaiFacade.class);
2095:
2096:                return list;
2097:            }
2098:
2099:            /**
2100:             * List all roles
2101:             *
2102:             * @param loginUser User who is making the request
2103:             * @param name It filters the list by the role name
2104:             *
2105:             * @return List of roles
2106:             *
2107:             * @throws DataAccessException Severe errors like SQL error, IO Error, etc
2108:             */
2109:            public List<Role> listRoles(String loginUser, String name)
2110:                    throws DataAccessException {
2111:
2112:                Log.write("Enter", Log.INFO, "listRoles", KasaiFacade.class);
2113:
2114:                List<Role> roles = null;
2115:
2116:                roles = RoleHandler.getInstance().list(name, false);
2117:
2118:                Log.write("Exit", Log.INFO, "listRoles", KasaiFacade.class);
2119:
2120:                return roles;
2121:            }
2122:
2123:            public String[] listUsernames() throws DataAccessException {
2124:                Log
2125:                        .write("Enter", Log.INFO, "listUsernames",
2126:                                KasaiFacade.class);
2127:
2128:                String[] users = UserHandler.getInstance().listUsernames();
2129:
2130:                Log.write("Exit", Log.INFO, "listUsernames", KasaiFacade.class);
2131:
2132:                return users;
2133:            }
2134:
2135:            /**
2136:             * List users
2137:             *
2138:             * @param loginUser User who is making the request
2139:             * @param login It filters the list by the user login
2140:             * @param firstName It filters the list by the user first name
2141:             * @param lastName It filters the list by the user last name
2142:             * @param email It filters the list by the user email
2143:             * @param blocked It filters the list by the block attribute
2144:             * @param description It filters the list by the user description
2145:             * @param group It filters the list by a specific group that the user has to belong to
2146:             *
2147:             * @return List of users
2148:             *
2149:             * @throws DataAccessException Severe errors like SQL error, IO Error, etc
2150:             * @throws XMLException 
2151:             */
2152:            public List<User> listUsers(String loginUser, String login,
2153:                    String firstName, String lastName, String email,
2154:                    int blocked, String description, String group)
2155:                    throws DataAccessException, XMLException {
2156:
2157:                List<User> users = null;
2158:
2159:                Log.write("Enter", Log.INFO, "listUsers", KasaiFacade.class);
2160:
2161:                users = UserHandler.getInstance().list(login, firstName,
2162:                        lastName, email, blocked, description, group);
2163:
2164:                Log.write("Exit", Log.INFO, "listUsers", KasaiFacade.class);
2165:
2166:                return users;
2167:            }
2168:
2169:            /**
2170:             * List group's users without checking permission
2171:             *
2172:             * @param group Group Identifier
2173:             *
2174:             * @return List of users
2175:             *
2176:             * @throws DataAccessException Severe errors like SQL error, IO Error, etc
2177:             * @throws XMLException 
2178:             */
2179:            public Collection<User> listUsersFromGroup(String group)
2180:                    throws DataAccessException, XMLException {
2181:
2182:                Collection<User> users = null;
2183:
2184:                Log.write("Enter", Log.INFO, "listUsersFromGroup",
2185:                        KasaiFacade.class);
2186:
2187:                users = UserHandler.getInstance().list(null, null, null, null,
2188:                        -1, null, group);
2189:
2190:                Log.write("Exit", Log.INFO, "listUsersFromGroup",
2191:                        KasaiFacade.class);
2192:
2193:                return users;
2194:            }
2195:
2196:            /**
2197:             * List group's users checking permission
2198:             *
2199:             * @param loginUser User who is making the request
2200:             * @param group Group identifier
2201:             *
2202:             * @return List of users
2203:             *
2204:             * @throws DataAccessException Severe errors like SQL error, IO Error, etc
2205:             * @throws XMLException 
2206:             */
2207:            public Collection<User> listUsersFromGroup(String loginUser,
2208:                    String group) throws DataAccessException, XMLException {
2209:
2210:                Collection<User> users = null;
2211:
2212:                Log.write("Enter", Log.INFO, "listUsersFromGroup",
2213:                        KasaiFacade.class);
2214:
2215:                users = UserHandler.getInstance().list(null, null, null, null,
2216:                        -1, null, group);
2217:
2218:                Log.write("Exit", Log.INFO, "listUsersFromGroup",
2219:                        KasaiFacade.class);
2220:
2221:                return users;
2222:            }
2223:
2224:            /**
2225:             * List users that aren't part of a group
2226:             *
2227:             * @param loginUser User who is making the request
2228:             * @param group Group identifier
2229:             *
2230:             * @return List of users
2231:             *
2232:             * @throws DataAccessException Severe errors like SQL error, IO Error, etc
2233:             * @throws XMLException 
2234:             */
2235:            public Collection<User> listUsersNotInGroup(String loginUser,
2236:                    String group) throws DataAccessException, XMLException {
2237:
2238:                Collection<User> aux = null;
2239:
2240:                Log.write("Enter", Log.INFO, "listUsersNotInGroup",
2241:                        KasaiFacade.class);
2242:
2243:                ArrayList<User> users = new ArrayList<User>();
2244:
2245:                aux = GroupHandler.getInstance().listUsersNotInGroup(group);
2246:
2247:                for (Iterator<User> iter = aux.iterator(); iter.hasNext();) {
2248:
2249:                    User u = (User) iter.next();
2250:
2251:                    try {
2252:                        this .validateOperative(loginUser,
2253:                                KasaiFacade.READ_USER, "/kasai/user/"
2254:                                        + u.getLogin());
2255:                        users.add(u);
2256:                    } catch (Exception e) {
2257:                    }
2258:                }
2259:
2260:                Log.write("Exit", Log.INFO, "listUsersNotInGroup",
2261:                        KasaiFacade.class);
2262:
2263:                return users;
2264:            }
2265:
2266:            /**
2267:             * List users that have a given operative assigned over a specific object.
2268:             *
2269:             * @param operative Operative identifier
2270:             * @param object Object identifier
2271:             *
2272:             * @return A collection of users
2273:             *
2274:             * @throws DataAccessException Severe errors like SQL error, IO Error, etc
2275:             * @throws XMLException 
2276:             */
2277:            public Collection<User> listUsersOperative(String operative,
2278:                    String object) throws DataAccessException, XMLException {
2279:
2280:                Collection<User> users = null;
2281:
2282:                Log.write("Enter", Log.INFO, "listUsersOperative",
2283:                        KasaiFacade.class);
2284:
2285:                users = OperativeHandler.getInstance().listUsersOperative(
2286:                        operative, object);
2287:
2288:                Log.write("Exit", Log.INFO, "listUsersOperative",
2289:                        KasaiFacade.class);
2290:
2291:                return users;
2292:            }
2293:
2294:            /**
2295:             * Modify a role
2296:             *
2297:             * @param loginUser User who is making the request
2298:             * @param role Role identifier
2299:             * @param name New name of the role to be modified
2300:             * @param description New description of the role to be modified
2301:             * @param operatives New operatives of the role to be modified
2302:             * @param clientIP IP Address of whom is making the request
2303:             *
2304:             * @throws DataAccessException Severe errors like SQL error, IO Error, etc
2305:             * @throws InvalidAttributesException The new attributes are not valid for a role
2306:             * @throws NotEnoughPermissionException The user cannot perform this operation
2307:             * @throws CannotAuditException Error auditing transaction
2308:             */
2309:            public void modifyRole(String loginUser, int role, String name,
2310:                    String description, String[] operatives, String clientIP)
2311:                    throws DataAccessException, InvalidAttributesException,
2312:                    NotEnoughPermissionException, CannotAuditException {
2313:
2314:                Log.write("Enter", Log.INFO, "modifyRole", KasaiFacade.class);
2315:
2316:                long startTime = System.currentTimeMillis();
2317:                String raisedError = null;
2318:                int returnCode = 0;
2319:
2320:                try {
2321:                    this .validateOperative(loginUser, KasaiFacade.COMMIT_ROLE,
2322:                            "/kasai/role/" + role);
2323:
2324:                    RoleHandler.getInstance().update(role, name, description,
2325:                            operatives);
2326:                } catch (DataAccessException e) {
2327:                    raisedError = KasaiFacade.class.getName() + ".sqlError";
2328:                    returnCode = 1;
2329:
2330:                    throw e;
2331:                } catch (InvalidAttributesException e) {
2332:                    raisedError = e.getMessage();
2333:                    returnCode = 2;
2334:
2335:                    throw e;
2336:                } catch (NotEnoughPermissionException nep) {
2337:                    raisedError = nep.getMessage();
2338:                    returnCode = 3;
2339:
2340:                    throw nep;
2341:                } finally {
2342:
2343:                    HashMap<String, String> transactionData = new HashMap<String, String>();
2344:
2345:                    transactionData.put("role", String.valueOf(role));
2346:                    transactionData.put("name", name);
2347:                    transactionData.put("description", description);
2348:
2349:                    createAuditEntry(loginUser, returnCode, raisedError,
2350:                            (System.currentTimeMillis() - startTime), clientIP,
2351:                            KasaiFacade.class.getName() + ".modifyRole",
2352:                            "/kasai/role/" + role, transactionData);
2353:                }
2354:
2355:                Log.write("Exit", Log.INFO, "modifyRole", KasaiFacade.class);
2356:            }
2357:
2358:            /**
2359:             * Read a group without checking permission
2360:             *
2361:             * @param group Group identifier
2362:             *
2363:             * @return Group identified by group parameter
2364:             *
2365:             * @throws DataAccessException Severe errors like SQL error, IO Error, etc
2366:             * @throws DoesntExistsException The group doesnt exist
2367:             * @throws XMLException 
2368:             */
2369:            public Group readGroup(String group) throws DataAccessException,
2370:                    DoesntExistsException, XMLException {
2371:
2372:                Group g = null;
2373:
2374:                Log.write("Enter", Log.INFO, "readGroup", KasaiFacade.class);
2375:
2376:                g = GroupHandler.getInstance().read(group);
2377:
2378:                if (g == null) {
2379:                    Log.write("Group doesn't exist", Log.WARN, "readGroup",
2380:                            KasaiFacade.class);
2381:
2382:                    throw new DoesntExistsException(KasaiFacade.class.getName()
2383:                            + ".groupDoesntExist");
2384:                }
2385:
2386:                Log.write("Exit", Log.INFO, "readGroup", KasaiFacade.class);
2387:
2388:                return g;
2389:            }
2390:
2391:            /**
2392:             * Read a group checking permission and auditing the transaction
2393:             *
2394:             * @param loginUser User who is making the request
2395:             * @param group Group identifier to be readed
2396:             * @param clientIP IP Address of whom is making the request
2397:             *
2398:             * @return Group indentified by group parameter or null if it doesn't exist
2399:             *
2400:             * @throws DataAccessException Severe errors like SQL error, IO Error, etc
2401:             * @throws NotEnoughPermissionException The user cannot perform this operation
2402:             * @throws CannotAuditException Error auditing transaction
2403:             * @throws DoesntExistsException The group does not exist
2404:             * @throws XMLException 
2405:             */
2406:            public Group readGroup(String loginUser, String group,
2407:                    String clientIP) throws NotEnoughPermissionException,
2408:                    CannotAuditException, DataAccessException,
2409:                    DoesntExistsException, XMLException {
2410:
2411:                Log.write("Enter", Log.INFO, "readGroup", KasaiFacade.class);
2412:
2413:                long startTime = System.currentTimeMillis();
2414:                String raisedError = null;
2415:                int returnCode = 0;
2416:
2417:                Group g = null;
2418:
2419:                try {
2420:                    this .validateOperative(loginUser, KasaiFacade.READ_GROUP,
2421:                            "/kasai/group/" + group);
2422:
2423:                    g = this .readGroup(group);
2424:                } catch (NotEnoughPermissionException nep) {
2425:                    raisedError = nep.getMessage();
2426:                    returnCode = 3;
2427:
2428:                    throw nep;
2429:                } catch (DoesntExistsException deE) {
2430:                    raisedError = deE.getMessage();
2431:                    returnCode = 4;
2432:
2433:                    throw deE;
2434:                } finally {
2435:
2436:                    HashMap<String, String> transactionData = new HashMap<String, String>();
2437:
2438:                    createAuditEntry(loginUser, returnCode, raisedError,
2439:                            (System.currentTimeMillis() - startTime), clientIP,
2440:                            KasaiFacade.class.getName() + ".readGroup",
2441:                            "/kasai/group/" + group, transactionData);
2442:                }
2443:
2444:                Log.write("Exit", Log.INFO, "readGroup", KasaiFacade.class);
2445:
2446:                return g;
2447:            }
2448:
2449:            /**
2450:             * Reads a role without checking permission
2451:             * 
2452:             * @param role Role identifier
2453:             *
2454:             * @return An Object Role object representing the object role with the given role id
2455:             *
2456:             * @throws DataAccessException Severe errors like SQL error, IO Error, etc
2457:             */
2458:            public Role readRole(int role) throws DataAccessException {
2459:
2460:                Role r = null;
2461:
2462:                Log.write("Enter", Log.INFO, "readRole", KasaiFacade.class);
2463:
2464:                r = RoleHandler.getInstance().read(role);
2465:
2466:                Log.write("Exit", Log.INFO, "readRole", KasaiFacade.class);
2467:
2468:                return r;
2469:            }
2470:
2471:            /**
2472:             * Read a role
2473:             *
2474:             * @param loginUser User who is making the request
2475:             * @param role Role identifier
2476:             *
2477:             * @return Role identified by role parameter or null if the role doesnt' exist
2478:             *
2479:             * @throws DataAccessException Severe errors like SQL error, IO Error, etc
2480:             */
2481:            public Role readRole(String loginUser, int role)
2482:                    throws DataAccessException {
2483:
2484:                Role r;
2485:
2486:                Log.write("Enter", Log.INFO, "readRole", KasaiFacade.class);
2487:
2488:                r = readRole(role);
2489:
2490:                Log.write("Exit", Log.INFO, "readRole", KasaiFacade.class);
2491:
2492:                return r;
2493:            }
2494:
2495:            /**
2496:             * Read a user without checking permission
2497:             *
2498:             * @param login User who is making the request
2499:             *
2500:             * @return User identified by login parameter or null if the user doesn't exist
2501:             *
2502:             * @throws DataAccessException Severe errors like SQL error, IO Error, etc
2503:             * @throws DoesntExistsException The user doesnt exist
2504:             * @throws XMLException 
2505:             */
2506:            public User readUser(String login) throws DataAccessException,
2507:                    DoesntExistsException, XMLException {
2508:
2509:                User user = null;
2510:
2511:                Log.write("Enter", Log.INFO, "readUser", KasaiFacade.class);
2512:
2513:                user = UserHandler.getInstance().read(login, true);
2514:
2515:                if (user == null) {
2516:                    Log.write("User doesn't exist", Log.WARN, "readUser",
2517:                            KasaiFacade.class);
2518:
2519:                    throw new DoesntExistsException(KasaiFacade.class.getName()
2520:                            + ".userDoesntExist");
2521:                }
2522:
2523:                Log.write("Exit", Log.INFO, "readUser", KasaiFacade.class);
2524:
2525:                return user;
2526:            }
2527:
2528:            /**
2529:             * Read a user checking permission and auditing the transaction.
2530:             *
2531:             * @param loginUser User who is making the request
2532:             * @param login User login
2533:             * @param clientIP IP Address of whom is making the request
2534:             *
2535:             * @return User identified by login parameter or null if the user doesn't exist
2536:             *
2537:             * @throws DataAccessException Severe errors like SQL error, IO Error, etc
2538:             * @throws NotEnoughPermissionException The user cannot perform this operation
2539:             * @throws CannotAuditException Error auditing transaction
2540:             * @throws DoesntExistsException The user doesnt exist
2541:             * @throws XMLException 
2542:             */
2543:            public User readUser(String loginUser, String login, String clientIP)
2544:                    throws NotEnoughPermissionException, CannotAuditException,
2545:                    DataAccessException, DoesntExistsException, XMLException {
2546:
2547:                Log.write("Enter", Log.INFO, "readUser", KasaiFacade.class);
2548:
2549:                long startTime = System.currentTimeMillis();
2550:                String raisedError = null;
2551:                int returnCode = 0;
2552:
2553:                User user = null;
2554:
2555:                if (!loginUser.equals(login)) {
2556:                    try {
2557:                        this .validateOperative(loginUser,
2558:                                KasaiFacade.READ_USER, "/kasai/user/" + login);
2559:
2560:                        user = this .readUser(login);
2561:                    } catch (NotEnoughPermissionException nep) {
2562:                        raisedError = nep.getMessage();
2563:                        returnCode = 3;
2564:
2565:                        throw nep;
2566:                    } catch (DoesntExistsException dee) {
2567:                        raisedError = dee.getMessage();
2568:                        returnCode = 4;
2569:
2570:                        throw dee;
2571:                    } finally {
2572:
2573:                        HashMap<String, String> transactionData = new HashMap<String, String>();
2574:
2575:                        createAuditEntry(loginUser, returnCode, raisedError,
2576:                                (System.currentTimeMillis() - startTime),
2577:                                clientIP, KasaiFacade.class.getName()
2578:                                        + ".readUser", "/kasai/user/" + login,
2579:                                transactionData);
2580:                    }
2581:                } else {
2582:                    user = this .readUser(login);
2583:                }
2584:
2585:                Log.write("Exit", Log.INFO, "readUser", KasaiFacade.class);
2586:
2587:                return user;
2588:            }
2589:
2590:            /**
2591:             * Reset the user password and send it to his email.
2592:             *
2593:             * @param loginUser User who is making the request
2594:             * @param clientIP IP Address of whom is making the request
2595:             *
2596:             * @throws DataAccessException Severe errors like SQL error, IO Error, etc
2597:             * @throws ServiceException Severe error returned from the authentication service
2598:             * @throws ServiceNotAvailableException The configured authentication service is not available
2599:             * @throws DoesntExistsException The user doesnt exist
2600:             * @throws CannotAuditException Error auditing transaction
2601:             * @throws XMLException 
2602:             */
2603:            public void remindPasswordUser(String loginUser, String clientIP)
2604:                    throws ServiceException, ServiceNotAvailableException,
2605:                    DataAccessException, DoesntExistsException,
2606:                    CannotAuditException, XMLException {
2607:
2608:                Log.write("Enter", Log.INFO, "remindPasswordUser",
2609:                        KasaiFacade.class);
2610:
2611:                long startTime = System.currentTimeMillis();
2612:                String raisedError = null;
2613:                int returnCode = 0;
2614:
2615:                try {
2616:                    User user = this .readUser(loginUser);
2617:
2618:                    user.resetPassword();
2619:                } catch (ServiceException e) {
2620:                    raisedError = e.getMessage();
2621:                    returnCode = 1;
2622:
2623:                    throw e;
2624:                } catch (DoesntExistsException e) {
2625:                    raisedError = e.getMessage();
2626:                    returnCode = 3;
2627:
2628:                    throw e;
2629:                } catch (ServiceNotAvailableException e) {
2630:                    raisedError = e.getMessage();
2631:                    returnCode = 2;
2632:
2633:                    throw e;
2634:                } finally {
2635:
2636:                    HashMap<String, String> transactionData = new HashMap<String, String>();
2637:
2638:                    createAuditEntry(
2639:                            loginUser,
2640:                            returnCode,
2641:                            raisedError,
2642:                            (System.currentTimeMillis() - startTime),
2643:                            clientIP,
2644:                            KasaiFacade.class.getName() + ".remindPasswordUser",
2645:                            "/kasai/user/" + loginUser, transactionData);
2646:                }
2647:
2648:                Log.write("Exit", Log.INFO, "remindPasswordUser",
2649:                        KasaiFacade.class);
2650:            }
2651:
2652:            /**
2653:             * Remove an operative from a role
2654:             *
2655:             * @param loginUser User who is making the request
2656:             * @param idOperative Operative identifier
2657:             * @param role Role identifier
2658:             * @param clientIP IP Address of whom is making the request
2659:             *
2660:             * @throws DataAccessException Severe errors like SQL error, IO Error, etc
2661:             * @throws NotEnoughPermissionException The user cannot perform this operation
2662:             * @throws CannotAuditException Error auditing transaction
2663:             */
2664:            public void removeOperativeFromRole(String loginUser,
2665:                    String idOperative, int role, String clientIP)
2666:                    throws DataAccessException, NotEnoughPermissionException,
2667:                    CannotAuditException {
2668:
2669:                Log.write("Enter", Log.INFO, "removeOperativeToRole",
2670:                        KasaiFacade.class);
2671:
2672:                long startTime = System.currentTimeMillis();
2673:                String raisedError = null;
2674:                int returnCode = 0;
2675:
2676:                try {
2677:                    this .validateOperative(loginUser, KasaiFacade.COMMIT_ROLE,
2678:                            "/kasai/role/" + role);
2679:
2680:                    RoleHandler.getInstance().deleteOperativeFromRole(
2681:                            idOperative, role);
2682:                } catch (DataAccessException e) {
2683:                    raisedError = KasaiFacade.class.getName() + ".sqlError";
2684:                    returnCode = 1;
2685:
2686:                    throw e;
2687:                } catch (NotEnoughPermissionException nep) {
2688:                    raisedError = nep.getMessage();
2689:                    returnCode = 2;
2690:
2691:                    throw nep;
2692:                } finally {
2693:
2694:                    HashMap<String, String> transactionData = new HashMap<String, String>();
2695:
2696:                    transactionData.put("idOperative", idOperative);
2697:                    transactionData.put("role", String.valueOf(role));
2698:
2699:                    createAuditEntry(loginUser, returnCode, raisedError,
2700:                            (System.currentTimeMillis() - startTime), clientIP,
2701:                            KasaiFacade.class.getName()
2702:                                    + ".removeOperativeFromRole",
2703:                            "/kasai/role/" + role, transactionData);
2704:                }
2705:
2706:                Log.write("Exit", Log.INFO, "removeOperativeToRole",
2707:                        KasaiFacade.class);
2708:            }
2709:
2710:            /**
2711:             * Remove a user from a group
2712:             *
2713:             * @param loginUser User who is making the request
2714:             * @param idGroup Group identifier
2715:             * @param login User login to be removed
2716:             * @param clientIP IP Address of whom is making the request
2717:             *
2718:             * @throws DataAccessException Severe errors like SQL error, IO Error, etc
2719:             * @throws NotEnoughPermissionException The user cannot perform this operation
2720:             * @throws CannotAuditException Error auditing transaction
2721:             */
2722:            public void removeUserFromGroup(String loginUser, String idGroup,
2723:                    String login, String clientIP) throws DataAccessException,
2724:                    NotEnoughPermissionException, CannotAuditException {
2725:
2726:                Log.write("Enter", Log.INFO, "removeUserFromGroup",
2727:                        KasaiFacade.class);
2728:
2729:                long startTime = System.currentTimeMillis();
2730:                String raisedError = null;
2731:                int returnCode = 0;
2732:
2733:                try {
2734:                    this .validateOperative(loginUser,
2735:                            KasaiFacade.DELETE_USER_GROUP, "/kasai/group/"
2736:                                    + idGroup);
2737:
2738:                    GroupHandler.getInstance().deleteUserFromGroup(login,
2739:                            idGroup);
2740:                } catch (DataAccessException e) {
2741:                    raisedError = KasaiFacade.class.getName() + ".sqlError";
2742:                    returnCode = 1;
2743:
2744:                    throw e;
2745:                } catch (NotEnoughPermissionException nep) {
2746:                    raisedError = nep.getMessage();
2747:                    returnCode = 2;
2748:
2749:                    throw nep;
2750:                } finally {
2751:
2752:                    HashMap<String, String> transactionData = new HashMap<String, String>();
2753:
2754:                    transactionData.put("idGroup", idGroup);
2755:                    transactionData.put("login", login);
2756:
2757:                    createAuditEntry(loginUser, returnCode, raisedError,
2758:                            (System.currentTimeMillis() - startTime), clientIP,
2759:                            KasaiFacade.class.getName()
2760:                                    + ".removeUserFromGroup", "/kasai/group/"
2761:                                    + idGroup, transactionData);
2762:                }
2763:
2764:                Log.write("Exit", Log.INFO, "removeUserFromGroup",
2765:                        KasaiFacade.class);
2766:            }
2767:
2768:            /**
2769:             * Reset the user account password
2770:             *
2771:             * @param actualUser User who is making the request
2772:             * @param login is the login
2773:             * @param clientIP IP Address of whom is making the request
2774:             *
2775:             * @throws DataAccessException Severe errors like SQL error, IO Error, etc
2776:             * @throws ServiceException Severe error returned from the authentication service
2777:             * @throws ServiceNotAvailableException The configured authentication service is not available
2778:             * @throws NotEnoughPermissionException The user cannot perform this operation
2779:             * @throws CannotAuditException Error auditing transaction
2780:             * @throws DoesntExistsException The user doesnt exist
2781:             * @throws XMLException 
2782:             */
2783:            public void resetPasswordUser(String actualUser, String login,
2784:                    String clientIP) throws ServiceException,
2785:                    ServiceNotAvailableException, NotEnoughPermissionException,
2786:                    CannotAuditException, DataAccessException,
2787:                    DoesntExistsException, XMLException {
2788:
2789:                Log.write("Enter", Log.INFO, "resetPasswordUser",
2790:                        KasaiFacade.class);
2791:
2792:                long startTime = System.currentTimeMillis();
2793:                String raisedError = null;
2794:                int returnCode = 0;
2795:
2796:                try {
2797:                    this .validateOperative(actualUser, RESET_PASSWORD_USER,
2798:                            "/kasai/user/" + login);
2799:
2800:                    User user = this .readUser(login);
2801:
2802:                    user.resetPassword();
2803:                } catch (ServiceException e) {
2804:                    raisedError = e.getMessage();
2805:                    returnCode = 1;
2806:
2807:                    throw e;
2808:                } catch (ServiceNotAvailableException e) {
2809:                    raisedError = e.getMessage();
2810:                    returnCode = 2;
2811:
2812:                    throw e;
2813:                } catch (NotEnoughPermissionException nep) {
2814:                    raisedError = nep.getMessage();
2815:                    returnCode = 3;
2816:
2817:                    throw nep;
2818:                } catch (DataAccessException dae) {
2819:                    raisedError = dae.getMessage();
2820:                    returnCode = 4;
2821:
2822:                    throw dae;
2823:                } catch (DoesntExistsException dee) {
2824:                    raisedError = dee.getMessage();
2825:                    returnCode = 5;
2826:
2827:                    throw dee;
2828:                } finally {
2829:
2830:                    HashMap<String, String> transactionData = new HashMap<String, String>();
2831:
2832:                    transactionData.put("login", login);
2833:
2834:                    createAuditEntry(actualUser, returnCode, raisedError,
2835:                            (System.currentTimeMillis() - startTime), clientIP,
2836:                            KasaiFacade.class.getName() + ".resetPasswordUser",
2837:                            "/kasai/user/" + login, transactionData);
2838:                }
2839:
2840:                Log.write("Exit", Log.INFO, "resetPasswordUser",
2841:                        KasaiFacade.class);
2842:            }
2843:
2844:            /**
2845:             * Unblock a group
2846:             *
2847:             * @param loginUser User who is making the request
2848:             * @param idGroup group identifier
2849:             * @param clientIP IP Address of whom is making the request
2850:             *
2851:             * @throws DataAccessException Severe errors like SQL error, IO Error, etc
2852:             * @throws InvalidAttributesException The existing group attributes are not valid
2853:             * @throws NotEnoughPermissionException The user cannot perform this operation
2854:             * @throws CannotAuditException Error auditing transaction
2855:             * @throws DoesntExistsException The group does not exist
2856:             * @throws XMLException 
2857:             */
2858:            public void unblockGroup(String loginUser, String idGroup,
2859:                    String clientIP) throws DataAccessException,
2860:                    InvalidAttributesException, NotEnoughPermissionException,
2861:                    CannotAuditException, DoesntExistsException, XMLException {
2862:
2863:                Log.write("Enter", Log.INFO, "blockGroup", KasaiFacade.class);
2864:
2865:                long startTime = System.currentTimeMillis();
2866:                String raisedError = null;
2867:                int returnCode = 0;
2868:
2869:                try {
2870:                    this .validateOperative(loginUser,
2871:                            KasaiFacade.UNBLOCK_GROUP, "/kasai/group/"
2872:                                    + idGroup);
2873:
2874:                    Group group = this .readGroup(idGroup);
2875:                    group.setBlocked(false);
2876:
2877:                    GroupHandler.getInstance().update(group);
2878:                } catch (DataAccessException e) {
2879:                    raisedError = KasaiFacade.class.getName() + ".sqlError";
2880:                    returnCode = 1;
2881:
2882:                    throw e;
2883:                } catch (InvalidAttributesException iaE) {
2884:                    raisedError = iaE.getMessage();
2885:                    returnCode = 2;
2886:
2887:                    throw iaE;
2888:                } catch (NotEnoughPermissionException nep) {
2889:                    raisedError = nep.getMessage();
2890:                    returnCode = 3;
2891:
2892:                    throw nep;
2893:                } catch (DoesntExistsException e) {
2894:                    raisedError = e.getMessage(0);
2895:                    returnCode = 4;
2896:
2897:                    throw e;
2898:                } finally {
2899:
2900:                    HashMap<String, String> transactionData = new HashMap<String, String>();
2901:
2902:                    transactionData.put("idGroup", idGroup);
2903:
2904:                    createAuditEntry(loginUser, returnCode, raisedError,
2905:                            (System.currentTimeMillis() - startTime), clientIP,
2906:                            KasaiFacade.class.getName() + ".unblockGroup",
2907:                            "/kasai/group/" + idGroup, transactionData);
2908:                }
2909:
2910:                Log.write("Exit", Log.INFO, "blockGroup", KasaiFacade.class);
2911:            }
2912:
2913:            /**
2914:             * Unblock a user
2915:             *
2916:             * @param loginUser User who is making the request
2917:             * @param login user identifier to unblock
2918:             * @param clientIP IP Address of whom is making the request
2919:             *
2920:             * @throws DataAccessException Severe errors like SQL error, IO Error, etc
2921:             * @throws InvalidAttributesException The existing user attributes are not valid
2922:             * @throws NotEnoughPermissionException The user cannot perform this operation
2923:             * @throws CannotAuditException Error auditing transaction
2924:             * @throws DoesntExistsException The user does not exist
2925:             * @throws XMLException 
2926:             */
2927:            public void unblockUser(String loginUser, String login,
2928:                    String clientIP) throws DataAccessException,
2929:                    InvalidAttributesException, NotEnoughPermissionException,
2930:                    CannotAuditException, DoesntExistsException, XMLException {
2931:
2932:                Log.write("Enter", Log.INFO, "unblockUser", KasaiFacade.class);
2933:
2934:                long startTime = System.currentTimeMillis();
2935:                String raisedError = null;
2936:                int returnCode = 0;
2937:
2938:                try {
2939:                    this .validateOperative(loginUser, KasaiFacade.UNBLOCK_USER,
2940:                            "/kasai/user/" + login);
2941:
2942:                    User user = this .readUser(login);
2943:                    user.setBlocked(false);
2944:
2945:                    UserHandler.getInstance().update(user);
2946:                } catch (DataAccessException e) {
2947:                    raisedError = KasaiFacade.class.getName() + ".sqlError";
2948:                    returnCode = 1;
2949:
2950:                    throw e;
2951:                } catch (InvalidAttributesException iaE) {
2952:                    raisedError = iaE.getMessage();
2953:                    returnCode = 2;
2954:
2955:                    throw iaE;
2956:                } catch (NotEnoughPermissionException nep) {
2957:                    raisedError = nep.getMessage();
2958:                    returnCode = 3;
2959:
2960:                    throw nep;
2961:                } catch (DoesntExistsException dee) {
2962:                    raisedError = dee.getMessage();
2963:                    returnCode = 4;
2964:
2965:                    throw dee;
2966:                } finally {
2967:
2968:                    HashMap<String, String> transactionData = new HashMap<String, String>();
2969:
2970:                    transactionData.put("login", login);
2971:
2972:                    createAuditEntry(loginUser, returnCode, raisedError,
2973:                            (System.currentTimeMillis() - startTime), clientIP,
2974:                            KasaiFacade.class.getName() + ".unblockUser",
2975:                            "/kasai/user/" + login, transactionData);
2976:                }
2977:
2978:                Log.write("Exit", Log.INFO, "unblockUser", KasaiFacade.class);
2979:            }
2980:
2981:            public void updateGroup(String loginUser, Group group,
2982:                    String[] members, String clientIP)
2983:                    throws DataAccessException, InvalidAttributesException,
2984:                    NotEnoughPermissionException, CannotAuditException,
2985:                    DoesntExistsException, XMLException {
2986:
2987:                Log.write("Enter", Log.INFO, "updateGroup", KasaiFacade.class);
2988:
2989:                long startTime = System.currentTimeMillis();
2990:                String raisedError = null;
2991:                int returnCode = 0;
2992:
2993:                try {
2994:                    this .validateOperative(loginUser, KasaiFacade.COMMIT_GROUP,
2995:                            "/kasai/group/" + group.getId());
2996:
2997:                    GroupHandler.getInstance().update(group, members);
2998:                } catch (DataAccessException e) {
2999:                    raisedError = KasaiFacade.class.getName() + ".sqlError";
3000:                    returnCode = 1;
3001:
3002:                    throw e;
3003:                } catch (InvalidAttributesException iaE) {
3004:                    raisedError = iaE.getMessage();
3005:                    returnCode = 2;
3006:
3007:                    throw iaE;
3008:                } catch (NotEnoughPermissionException nep) {
3009:                    raisedError = nep.getMessage();
3010:                    returnCode = 3;
3011:
3012:                    throw nep;
3013:                } finally {
3014:
3015:                    HashMap<String, String> transactionData = new HashMap<String, String>();
3016:
3017:                    transactionData.put("id", group.getId());
3018:                    transactionData.put("description", group.getDescription());
3019:                    transactionData.put("blocked", String.valueOf(group
3020:                            .getBlocked()));
3021:
3022:                    createAuditEntry(loginUser, returnCode, raisedError,
3023:                            (System.currentTimeMillis() - startTime), clientIP,
3024:                            KasaiFacade.class.getName() + ".updateGroup",
3025:                            "/kasai/group/" + group.getId(), transactionData);
3026:                }
3027:
3028:                Log.write("Exit", Log.INFO, "updateGroup", KasaiFacade.class);
3029:            }
3030:
3031:            /**
3032:             * Modify a group
3033:             *
3034:             * @param loginUser User who is making the request
3035:             * @param id group identifier
3036:             * @param description description group
3037:             * @param blocked Specifies if the group must be blocked or not
3038:             * @param members Members of the group
3039:             * @param clientIP IP Address of whom is making the request
3040:             *
3041:             * @throws DataAccessException Severe errors like SQL error, IO Error, etc
3042:             * @throws InvalidAttributesException The new group attributes are not valid
3043:             * @throws NotEnoughPermissionException The user cannot perform this operation
3044:             * @throws CannotAuditException Error auditing transaction
3045:             * @throws XMLException 
3046:             * @throws DoesntExistsException 
3047:             */
3048:            public void updateGroup(String loginUser, String id,
3049:                    String description, boolean blocked, String[] members,
3050:                    String clientIP) throws DataAccessException,
3051:                    InvalidAttributesException, NotEnoughPermissionException,
3052:                    CannotAuditException, DoesntExistsException, XMLException {
3053:
3054:                Group group = this .readGroup(id);
3055:
3056:                group.setDescription(description);
3057:                group.setBlocked(blocked);
3058:
3059:                updateGroup(loginUser, group, members, clientIP);
3060:            }
3061:
3062:            /**
3063:             * Update User Information
3064:             *
3065:             * @param loginUser User who is making the request
3066:             * @param login identifier of the user
3067:             * @param firstName First Name of the user
3068:             * @param lastName Last Name of the user
3069:             * @param email email of the user
3070:             * @param blocked Specify if the user must be blocked or not
3071:             * @param description User description
3072:             * @param superUser Specify if the user is super user.
3073:             * @param clientIP IP Address of whom is making the request
3074:             *
3075:             * @throws DataAccessException Severe errors like SQL error, IO Error, etc
3076:             * @throws InvalidAttributesException The new user attributes are not valid
3077:             * @throws NotEnoughPermissionException The user cannot perform this operation
3078:             * @throws CannotAuditException Error auditing transaction
3079:             * @throws DoesntExistsException The user does not exist
3080:             * @throws XMLException 
3081:             */
3082:            public void updateUser(String loginUser, String login,
3083:                    String firstName, String lastName, String email,
3084:                    boolean blocked, String description, boolean super User,
3085:                    String clientIP) throws DataAccessException,
3086:                    InvalidAttributesException, NotEnoughPermissionException,
3087:                    CannotAuditException, DoesntExistsException, XMLException {
3088:
3089:                User user = this .readUser(login);
3090:                user.setLogin(login);
3091:                user.setFirstName(firstName);
3092:                user.setLastName(lastName);
3093:                user.setEmail(email);
3094:                user.setBlocked(blocked);
3095:                user.setDescription(description);
3096:                user.setSuperUser(super User);
3097:
3098:                updateUser(loginUser, user, clientIP);
3099:            }
3100:
3101:            public void updateUser(String loginUser, User user, String clientIP)
3102:                    throws DataAccessException, InvalidAttributesException,
3103:                    NotEnoughPermissionException, CannotAuditException,
3104:                    DoesntExistsException, XMLException {
3105:
3106:                Log.write("Enter", Log.INFO, "updateUser", KasaiFacade.class);
3107:
3108:                long startTime = System.currentTimeMillis();
3109:                String raisedError = null;
3110:                int returnCode = 0;
3111:
3112:                try {
3113:                    this .validateOperative(loginUser, KasaiFacade.COMMIT_USER,
3114:                            "/kasai/user/" + user.getLogin());
3115:
3116:                    boolean sU = this .readUser(loginUser).getSuperUser();
3117:
3118:                    if (!sU) {
3119:                        if (user.getSuperUser()) {
3120:                            user.setSuperUser(this .readUser(user.getLogin())
3121:                                    .getSuperUser());
3122:                        }
3123:                    }
3124:
3125:                    UserHandler.getInstance().update(user);
3126:                } catch (DataAccessException e) {
3127:                    raisedError = KasaiFacade.class.getName() + ".sqlError";
3128:                    returnCode = 1;
3129:
3130:                    throw e;
3131:                } catch (InvalidAttributesException iaE) {
3132:                    raisedError = iaE.getMessage();
3133:                    returnCode = 2;
3134:
3135:                    throw iaE;
3136:                } catch (NotEnoughPermissionException nep) {
3137:                    raisedError = nep.getMessage();
3138:                    returnCode = 3;
3139:
3140:                    throw nep;
3141:                } catch (DoesntExistsException dee) {
3142:                    raisedError = dee.getMessage();
3143:                    returnCode = 4;
3144:
3145:                    throw dee;
3146:                } finally {
3147:
3148:                    HashMap<String, String> transactionData = new HashMap<String, String>();
3149:
3150:                    transactionData.put("login", user.getLogin());
3151:                    transactionData.put("firstName", user.getFirstName());
3152:                    transactionData.put("lastName", user.getLastName());
3153:                    transactionData.put("email", user.getEmail());
3154:                    transactionData.put("blocked", String.valueOf(user
3155:                            .getBlocked()));
3156:                    transactionData.put("description", user.getDescription());
3157:                    transactionData.put("superUser", String.valueOf(user
3158:                            .getSuperUser()));
3159:
3160:                    createAuditEntry(loginUser, returnCode, raisedError,
3161:                            (System.currentTimeMillis() - startTime), clientIP,
3162:                            KasaiFacade.class.getName() + ".updateUser",
3163:                            "/kasai/user/" + user.getLogin(), transactionData);
3164:                }
3165:
3166:                Log.write("Exit", Log.INFO, "updateUser", KasaiFacade.class);
3167:            }
3168:
3169:            /**
3170:             * Verify if the user can execute the operative over the obejct
3171:             *
3172:             * @param user User who is making the request
3173:             * @param operative Operative identifier
3174:             * @param object Object identifier
3175:             *
3176:             * @throws NotEnoughPermissionException The user cannot execute the operation 
3177:             */
3178:            public void validateOperative(String user, String operative,
3179:                    String object) throws NotEnoughPermissionException {
3180:
3181:                Log.write("Enter (user=" + user + ", operative=" + operative
3182:                        + ", object=" + object + ")", Log.INFO,
3183:                        "validateOperative", KasaiFacade.class);
3184:
3185:                if (!UserHandler.getInstance().checkOperative(user, operative,
3186:                        object)) {
3187:                    Log.write("Request was denied(User=" + user
3188:                            + ", operative=" + operative + ", object=" + object
3189:                            + ")", Log.WARN, "validateOperative",
3190:                            KasaiFacade.class);
3191:
3192:                    throw new NotEnoughPermissionException(KasaiFacade.class
3193:                            .getName()
3194:                            + ".deny");
3195:                }
3196:
3197:                Log.write("Exit", Log.INFO, "validateOperative",
3198:                        KasaiFacade.class);
3199:            }
3200:        }
www.java2java.com | Contact Us
Copyright 2009 - 12 Demo Source and Support. All rights reserved.
All other trademarks are property of their respective owners.