package de.superx.common; import static de.superx.servlet.SxSQL_Server.DEFAULT_MANDANTEN_ID; import java.io.Serializable; import java.sql.SQLException; import java.util.ArrayList; import java.util.Collection; import java.util.HashMap; import java.util.Iterator; import java.util.LinkedList; import java.util.List; import java.util.Map; import java.util.Set; import java.util.TreeSet; import java.util.UUID; import javax.xml.transform.TransformerException; import org.apache.commons.lang.StringUtils; import org.springframework.security.core.GrantedAuthority; import org.springframework.security.core.authority.AuthorityUtils; import org.springframework.security.core.authority.GrantedAuthoritiesContainer; import org.springframework.security.core.userdetails.UserDetails; import com.google.common.base.Predicate; import com.google.common.collect.Sets; import de.memtext.baseobjects.User; import de.memtext.db.NichtAngemeldetException; import de.memtext.rights.Rights; import de.memtext.util.CryptUtils; import de.memtext.util.DateUtils; import de.superx.servlet.ServletUtils; import de.superx.servlet.Themenbaum; import freemarker.template.TemplateBooleanModel; public class SxUser extends User implements Serializable, UserDetails, GrantedAuthoritiesContainer { public static final String USER_ROLE_PLACEHOLDER = "UserRole"; public static final String USER_ROLE_ID_PLACEHOLDER = "UserRoleId"; public static final String USER_HISINONE_ORGUNIT_LID_PLACEHOLDER = "UserHISinOneOrgunitLid"; private final UUID uuid = UUID.randomUUID(); private Themenbaum themenbaum = new Themenbaum(); private String mandantenID = DEFAULT_MANDANTEN_ID; private Sichten sichten = new Sichten(); private List erlaubteMaskenTids = new ArrayList<>(); private Collection groups = new LinkedList(); private Collection groupnames = new LinkedList(); private Collection sachgebiete = new LinkedList(); private String[] oldShas = new String[7]; private String currentSha=""; private SxFinRechte finRechte = new SxFinRechte(); private HashMap basicMap = new HashMap(); private SelectionBuffer sb = new SelectionBuffer(); // private Set maskenEditRights = new HashSet<>(); private boolean hasMaskenEditRights = false; private Collection hiddenFields = new LinkedList(); private Map> rightsMap = new HashMap>(); private String role=""; private Integer roleId; private Integer hisInOneOrgUnitLidOfRole; private Set allowedOrgUnits = new TreeSet(); private Set implicitlyAllowedOrgUnits = new TreeSet(); private SxKontierungsrechte sxKontierungsrechte = new SxKontierungsrechte(); private static final long serialVersionUID = 7; public SxUser() { init(); } /** * Aufruf aus dem XML-Frontend * * @param username * @param userid * @throws SQLException * @throws DBServletException * @throws TransformerException */ public SxUser(String username, Integer userid) throws SQLException, DBServletException, TransformerException { super(username, userid); init(); } public SxUser(String username, Integer userid, String mandantenId) throws SQLException, DBServletException, TransformerException { super(username, userid); this.mandantenID = mandantenId; init(); } /** * Nur für Testfälle - bei Echtbetrieb wird ID benötigt!! * * @param username */ public SxUser(String username) { super(username); } public void init() { sichten.setUser(this); basicMap.put("SxFinRechte", finRechte); basicMap.put("SxKontierungsrechte", sxKontierungsrechte); basicMap.put("Username", getName()); basicMap.put("today", DateUtils.getTodayString()); basicMap.put("yeartoday", DateUtils.getYear(new java.sql.Date(new java.util.Date().getTime()))); // wird in setDatabaseVersion überschrieben basicMap.put("databaseMajorVersion", Integer.valueOf(0)); basicMap.put("databaseMinorVersion", Integer.valueOf(0)); basicMap.put("DatenblattTables", new DatenblattTables(getMandantenID())); basicMap.put("DatenblattFields", new DatenblattFields()); basicMap.put("TableFieldExists", new TableFieldExists(getMandantenID())); } public void addImplicitlyAllowedOrgUnit(OrgUnit ou) { implicitlyAllowedOrgUnits.add(ou); } public Set getImplicitlyAllowedOrgUnits() { return implicitlyAllowedOrgUnits; } public int getUserIdAsInt() { return ((Integer) getId()).intValue(); } public SelectionBuffer getSelectionBuffer() { return sb; } @Override public void setAdmin(boolean isAdmin) { super.setAdmin(isAdmin); basicMap.put("UserIsAdmin", isAdmin() ? TemplateBooleanModel.TRUE : TemplateBooleanModel.FALSE); finRechte.setHasAllRights(isAdmin); sxKontierungsrechte.setHasAllRights(true); } /** * extra FreeMarker-Entries (SxFinRechte) * * @return */ public HashMap getBasicMap() { return basicMap; } public Themenbaum getThemenbaum() { return themenbaum; } public Sichten getSichten() { return sichten; } public void setUserid(Integer id) { super.setId(id); } public void setRoleId(Integer id) { this.roleId = id; basicMap.put(USER_ROLE_ID_PLACEHOLDER, roleId); } public String getRole() { return role != null ? role : ""; } public Integer getRoleId() { return roleId != null ? roleId : Integer.valueOf(-1); } /** * Derzeit noch nicht aufgerufen * */ public void clearCache() { sichten.clear(); } public void initErlaubteMasken(List maskenTids) { erlaubteMaskenTids.addAll(maskenTids); basicMap.put("UserMaskRights", getMaskRights()); basicMap.put("UserHasMaskRight", new UserHasMaskRight(this)); } public String getMaskRights() { StringBuffer result = new StringBuffer(","); for (Iterator it = erlaubteMaskenTids.iterator(); it.hasNext();) { result.append(it.next() + ","); } return result.toString(); } /** * Prüft, ob User eine Maske sehen darf, wenn nicht wird * IllegalArgumentException bzw. bei null parameter IllegalstateException * geworfen */ public void checkAuthentificationForMask(String tidStr) { if (tidStr == null) throw new IllegalStateException("Kann Maske nicht öffnen DETAILS:tid parameter war null"); if (!isMaskAllowed(tidStr)) throw new IllegalArgumentException("Sie haben keine Berechtigung für Maske mit ID-Nummer " + tidStr); } boolean isMaskAllowed(String tidStr) { boolean result = false; if (isAdmin()) result = true; else try { result = erlaubteMaskenTids.contains(Integer.valueOf(tidStr)); } catch (Exception e) { } return result; } public boolean hasRightsOnReport(int tid) { return erlaubteMaskenTids.contains(Integer.valueOf(tid)); } public boolean isPWUsedBefore(String check) { boolean result = false; String sha1 = CryptUtils.encodeSHA(check); String sha2 = CryptUtils.encodeSHA(check + CryptUtils.geheimnis1); for (int i = 0; i < 7; i++) { if (oldShas[i] != null && (sha1.equals(oldShas[i]) || sha2.equals(oldShas[i]))) result = true; } return result; } public boolean isPWSHAUsedBefore(String sha) { boolean result = false; for (int i = 0; i < 7; i++) { if (oldShas[i] != null && sha.equals(oldShas[i])) result = true; } return result; } public void setOldSha(int pos, String oldsha) { oldShas[pos] = oldsha; } /** * @return Returns the mandantenID. */ public String getMandantenID() { return mandantenID; } /** * @param mandantenID The mandantenID to set. */ public void setMandantenID(String mandantenID) { this.mandantenID = mandantenID; } public void rememberOldSHA(String oldsha) { for (int i = 6; i > 0; i--) oldShas[i] = oldShas[i - 1]; oldShas[0] = oldsha; } public String getUser_PW_Command(int gueltigkeit) { String gueltig = "'1.1.3000'"; if (gueltigkeit > 0) { gueltig = "'" + DateUtils.formatGerman(DateUtils.makeFutureDate(new java.sql.Date(new java.util.Date().getTime()), gueltigkeit)) + "'"; } String result = "delete from user_pw where userinfo_id='" + this.getId() + "'; insert into user_pw (userinfo_id,pw_gueltig_bis,old_sha1,old_sha2,old_sha3,old_sha4,old_sha5,old_sha6,old_sha7) values ('" + getId() + "',date_val(" + gueltig + ")"; for (int i = 0; i < 7; i++) if (oldShas[i] == null) result += ",null"; else result += ",'" + oldShas[i] + "'"; result += ")"; return result; } public String getCurrentSha() { return currentSha; } public void setCurrentSha(String sha) { this.currentSha = sha; } public void initFinRechte(SxResultSet rs, int finRightVariant, SxResultSet rsProjToInst, boolean is0FINJoker, HashMap repository) { finRechte.setVariant(finRightVariant); finRechte.setRepository(repository); finRechte.set0FINJoker(is0FINJoker); if (isAdmin()) finRechte.setHasAllRights(true); for (Iterator it = rs.iterator(); it.hasNext();) { SxResultRow row = (SxResultRow) it.next(); finRechte.createAndAddEntry(row); } for (Iterator it = rsProjToInst.iterator(); it.hasNext();) { SxResultRow row = (SxResultRow) it.next(); finRechte.addProj((String) row.get(0)); } } public void addGruppe(String groupid, String groupname) { groups.add(groupid); groupnames.add(groupname); updateFreemarkerBasicMap(); } public void updateFreemarkerBasicMap() { basicMap.put("UserIsAdmin", isAdmin() ? TemplateBooleanModel.TRUE : TemplateBooleanModel.FALSE); basicMap.put("UserGroups", getGroups()); basicMap.put("UserSachgebiete", getSachgebiete()); basicMap.put("UserGroupnames", getGroupnames()); basicMap.put("IsUserInGroup", new IsUserInGroup(this)); basicMap.put("IsUserInGroupWithName", new IsUserInGroupWithName(this)); basicMap.put("IsUserInAtLeastOneGroup", new IsUserInAtLeastOneGroup(this)); } public String getSachgebiete() { StringBuffer result = new StringBuffer(","); for (Iterator it = sachgebiete.iterator(); it.hasNext();) { result.append(it.next() + ","); } return result.toString(); } public String getSachgebieteIn() { StringBuffer result = new StringBuffer(); for (Iterator it = sachgebiete.iterator(); it.hasNext();) { result.append(it.next()); if (it.hasNext()) { result.append(','); } } return result.toString(); } public String getGroups() { StringBuffer result = new StringBuffer(","); for (Iterator it = groups.iterator(); it.hasNext();) { result.append(it.next() + ","); } return result.toString(); } public String getGroupnames() { StringBuffer result = new StringBuffer(","); for (Iterator it = groupnames.iterator(); it.hasNext();) { result.append(it.next() + ","); } return result.toString(); } public boolean isInGroup(String group) { return groups.contains(group); } public boolean isInGroupWithName(String group) { return groupnames.contains(group); } public void setDBVersion(int databaseMajorVersion, int databaseMinorVersion) { basicMap.put("databaseMajorVersion", Integer.valueOf(databaseMajorVersion)); basicMap.put("databaseMinorVersion", Integer.valueOf(databaseMinorVersion)); } public void setHiddenFields(SxResultSet rs) { for (Iterator it = rs.iterator(); it.hasNext();) { SxResultRow row = (SxResultRow) it.next(); hiddenFields.add(row.get(0)); } } public void setMaskenEditRights(SxResultSet rs) { // for (Iterator it = rs.iterator(); it.hasNext();) { // SxResultRow row = (SxResultRow) it.next(); // maskenEditRights.add((String)row.get(0)); // } Iterator it = rs.iterator(); if (it.hasNext()) { SxResultRow row = (SxResultRow) it.next(); Object o = row.get(0); this.hasMaskenEditRights = ((Number)o).intValue() > 0; } } public boolean isFieldHidingWanted(Object id) { // System.out.println(id+":"+hiddenFields.contains(id)); return hiddenFields.contains(id); } public void setSachgebiete(SxResultSet rs) { for (Iterator it = rs.iterator(); it.hasNext();) { SxResultRow row = (SxResultRow) it.next(); sachgebiete.add(row.get(0).toString()); basicMap.put("UserHasSachgebRight", new UserHasSachgebRight(sachgebiete)); } } public Map> getRightsMap() { return rightsMap; } public void setRights(Map> rightsMap, String role) { if (role != null) { this.role = role; basicMap.put(USER_ROLE_PLACEHOLDER, role); } if (rightsMap != null) { this.rightsMap = rightsMap; } } @Override public Collection getAuthorities() { return getGrantedAuthorities(); } @Override public String getPassword() { return "not_important"; } @Override public String getUsername() { return getName(); } @Override public boolean isAccountNonExpired() { return true; } @Override public boolean isAccountNonLocked() { return true; } @Override public boolean isCredentialsNonExpired() { return true; } @Override public boolean isEnabled() { return true; } public Set getHis1Rights() { Set all = rightsMap.keySet(); return Sets.filter(all, new Predicate() { @Override public boolean apply(String arg0) { return arg0.startsWith("RIGHT_"); } }); } @Override public List getGrantedAuthorities() { List authorities = AuthorityUtils.createAuthorityList(getRoles().toArray(new String[0])); // add his1 role authorities.add(new GrantedAuthority() { @Override public String getAuthority() { return SxUser.this.role; } }); // add rights for (String right : rightsMap.keySet()) { authorities.add(new GrantedAuthority() { @Override public String getAuthority() { return right; } }); } return authorities; } private Set getRoles() { Set all = rightsMap.keySet(); return Sets.filter(all, new Predicate() { @Override public boolean apply(String arg0) { return arg0.startsWith("ROLE_"); } }); } private String getRoleString() { String rolle="standard"; //ohne HisInOne if (getRoles().size()>0) rolle=StringUtils.join(this.getRoles(), ", "); return rolle; } public void initKontierungsrechte() throws SQLException, DBServletException { if (isAdmin()) sxKontierungsrechte.setHasAllRights(true); else { sxKontierungsrechte.clearAll(); SxResultSet rs = ServletUtils .executeALL_el(null, null, "Einlesen von Kontierungsrechten für Benutzer " + getId(), SxKontierungsrechte.readingSQL + getId(), getMandantenID(), true) .getResultSet(); for (Iterator it = rs.iterator(); it.hasNext();) { SxResultRow row = (SxResultRow) it.next(); sxKontierungsrechte.createAndAddEntry(row); } } } public Integer getHisInOneOrgUnitLidOfRole() { return hisInOneOrgUnitLidOfRole != null ? hisInOneOrgUnitLidOfRole : Integer.valueOf(-1); } public void setHisInOneOrgUnitLidOfRole(Integer lid) { this.hisInOneOrgUnitLidOfRole = lid; // remove if 'null': behaves as if 'unset' in Freemarker an homebrew variable replacement basicMap.remove(USER_HISINONE_ORGUNIT_LID_PLACEHOLDER); if (lid != null) { basicMap.put(USER_HISINONE_ORGUNIT_LID_PLACEHOLDER, lid.toString()); } } public void addStandardOrgUnitRight(OrgUnit eineOrgUnit) { allowedOrgUnits.add(eineOrgUnit); } /** * Saiku braucht alle Schlüssel einzeln sowie explizit Unbekannt und Leer falls Berechtigung da * @return */ public Set getAllAllowedOrgUnitsForSaiku() { Rights orgUnitRights = new Rights(); StringBuffer optionalLogMessages = new StringBuffer(); orgUnitRights.add(getAllowedOrgUnitApnrs()); orgUnitRights.addOrgUnitRights(optionalLogMessages, getImplicitlyAllowedOrgUnits()); orgUnitRights.addLiveMappingRights(optionalLogMessages, mandantenID); if (hasAllOrgUnitRights()) { // Berechtigung auf alle orgunits -> Leer/Unbekannt hinzufügen siehe #121106 orgUnitRights.add("Unbekannt"); orgUnitRights.add("-999990"); //"Leer" } return orgUnitRights.getAllRightKeys(); } public String getUUID() { return uuid.toString(); } @Override public int hashCode() { return uuid.hashCode(); } @Override public boolean equals(Object o) { return hashCode()==o.hashCode(); } @Override public String toString() { return super.toString() + " (" + getRoleString() + ")"; } public Set getAllowedOrgUnitApnrs() { Set orgUnitApnrs = new TreeSet(); for (OrgUnit ou : allowedOrgUnits) { orgUnitApnrs.add(ou.getApnr()); } return orgUnitApnrs; } public String getAllowedOrgUnitApnrsString() { StringBuffer liste = new StringBuffer(); for (OrgUnit ou : allowedOrgUnits) { liste.append(ou.getApnr() + ","); } return liste.toString(); } public Set getAllowedOrgUnits() { return allowedOrgUnits; } public boolean hasAllOrgUnitRights() { boolean result = false; if (isAdmin()) result = true; else { for (OrgUnit ou : allowedOrgUnits) { if (ou.getApnr().contentEquals("0")) result = true; } } return result; } public boolean hasDbFormRight(String dbFormName) { if (!isAdmin()) { // return maskenEditRights.contains(dbFormName); return hasMaskenEditRights; } return true; } public void initThemenbaum() throws SQLException, DBServletException, TransformerException, NichtAngemeldetException { themenbaum.init((Integer) getId(), getName(), this.isAdmin(), getMandantenID()); } } // Created on 06.12.2004 at 14:48:11