org.rapidcontext.core.type

Class User

java.lang.Object

org.rapidcontext.core.storage.StorableObject

org.rapidcontext.core.type.User

public class User
extends StorableObject

A system user.

Version:

1.0

Author:

Per Cederberg

Field Summary

Fields

Modifier and Type	Field and Description
static java.lang.String	DEFAULT_REALM The default user realm.
static java.lang.String	KEY_DESCRIPTION The dictionary key for the user description.
static java.lang.String	KEY_EMAIL The dictionary key for the user email address.
static java.lang.String	KEY_ENABLED The dictionary key for the user enabled flag.
static java.lang.String	KEY_NAME The dictionary key for the user name.
static java.lang.String	KEY_PASSWORD The dictionary key for the user password hash.
static java.lang.String	KEY_REALM The dictionary key for the user realm.
static java.lang.String	KEY_ROLE The dictionary key for the user role array.
static Path	PATH The user object storage path.

Fields inherited from class org.rapidcontext.core.storage.StorableObject

dict, KEY_CLASSNAME, KEY_ID, KEY_TYPE

Constructor Summary

Constructors

Constructor and Description
User(java.lang.String id) Creates a new user with the specified user identifier.
User(java.lang.String id, java.lang.String type, Dict dict) Creates a new user from a serialized representation.

Method Summary

Modifier and Type	Method and Description
java.lang.String	createAuthToken(long expiryTime) Creates an authentication token for this user.
static java.lang.String[]	decodeAuthToken(java.lang.String token) Decodes a user authentication token.
java.lang.String	description() Returns the user description.
java.lang.String	email() Returns the user email address.
static java.lang.String	encodeAuthToken(java.lang.String id, long expiry, java.lang.String hash) Encodes a user authentication token.
static User	find(Storage storage, java.lang.String id) Searches for a specific user in the storage.
boolean	hasRole(java.lang.String name) Checks if the user has the specified role.
boolean	isEnabled() Checks if the user is enabled.
java.lang.String	name() Returns the user name.
java.lang.String	passwordHash() Returns the user password MD5 hash, encoded as a hexadecimal string.
java.lang.String	realm() Returns the user realm.
java.lang.String[]	roles() Returns an array with all the roles for the user.
void	setDescription(java.lang.String descr) Sets the user description.
void	setEmail(java.lang.String email) Sets the user email address.
void	setEnabled(boolean enabled) Sets the user enabled flag.
void	setName(java.lang.String name) Sets the user name.
void	setPassword(java.lang.String password) Sets the user password.
void	setPasswordHash(java.lang.String passwordHash) Sets the user password MD5 hash.
void	setRealm(java.lang.String realm) Sets the user realm.
void	setRoles(java.lang.String[] roles) Sets all the all the roles for the user.
static void	store(Storage storage, User user) Stores the specified used in the provided storage.
boolean	verifyAuthToken(java.lang.String token) Verifies that the specified authentication token is valid for this user.
boolean	verifyPasswordHash(java.lang.String passwordHash) Verifies that the specified password MD5 hash is a match.

Methods inherited from class org.rapidcontext.core.storage.StorableObject

activate, destroy, id, init, isActive, isModified, passivate, path, serialize, toString, type

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Field Detail

DEFAULT_REALM

public static final java.lang.String DEFAULT_REALM

The default user realm.

See Also:

Constant Field Values

KEY_NAME

public static final java.lang.String KEY_NAME

The dictionary key for the user name.

See Also:

Constant Field Values

KEY_EMAIL

public static final java.lang.String KEY_EMAIL

The dictionary key for the user email address.

See Also:

Constant Field Values

KEY_DESCRIPTION

public static final java.lang.String KEY_DESCRIPTION

The dictionary key for the user description.

See Also:

Constant Field Values

KEY_ENABLED

public static final java.lang.String KEY_ENABLED

The dictionary key for the user enabled flag.

See Also:

Constant Field Values

KEY_REALM

public static final java.lang.String KEY_REALM

The dictionary key for the user realm.

See Also:

Constant Field Values

KEY_PASSWORD

public static final java.lang.String KEY_PASSWORD

The dictionary key for the user password hash.

See Also:

Constant Field Values

KEY_ROLE

public static final java.lang.String KEY_ROLE

The dictionary key for the user role array.

See Also:

Constant Field Values

PATH

public static final Path PATH

The user object storage path.

Constructor Detail

User

public User(java.lang.String id,
            java.lang.String type,
            Dict dict)

Creates a new user from a serialized representation.

Parameters:

id - the object identifier

type - the object type name

dict - the serialized representation

User

public User(java.lang.String id)

Creates a new user with the specified user identifier. The user will be created with a blank password.

Parameters:

id - the user identifier

Method Detail

find

public static User find(Storage storage,
                        java.lang.String id)

Searches for a specific user in the storage.

Parameters:

storage - the storage to search in

id - the user identifier

Returns:

the user found, or null if not found

store

public static void store(Storage storage,
                         User user)
                  throws StorageException

Stores the specified used in the provided storage.

Parameters:

storage - the storage to use

user - the user to store

Throws:

StorageException - if the user couldn't be stored

decodeAuthToken

public static java.lang.String[] decodeAuthToken(java.lang.String token)

Decodes a user authentication token.

Parameters:

token - the token string

Returns:

the array of user id, expiry time and validation hash

encodeAuthToken

public static java.lang.String encodeAuthToken(java.lang.String id,
                                               long expiry,
                                               java.lang.String hash)

Encodes a user authentication token.

Parameters:

id - the user id

expiry - the expire timestamp (in millis)

hash - the data validation hash

Returns:

the authentication token to be used for login

name

public java.lang.String name()

Returns the user name.

Returns:

the user name.

setName

public void setName(java.lang.String name)

Sets the user name.

Parameters:

name - the user full name

email

public java.lang.String email()

Returns the user email address.

Returns:

the user email address.

setEmail

public void setEmail(java.lang.String email)

Sets the user email address.

Parameters:

email - the user email address

description

public java.lang.String description()

Returns the user description.

Returns:

the user description.

setDescription

public void setDescription(java.lang.String descr)

Sets the user description.

Parameters:

descr - the user description

isEnabled

public boolean isEnabled()

Checks if the user is enabled.

Returns:

true if the user is enabled, or false otherwise

setEnabled

public void setEnabled(boolean enabled)

Sets the user enabled flag.

Parameters:

enabled - the enabled flag

realm

public java.lang.String realm()

Returns the user realm.

Returns:

the user realm.

setRealm

public void setRealm(java.lang.String realm)

Sets the user realm. Note that this method will make the old password impossible to use, since the password hash contains the old realm name. A new password has should be calculated.

Parameters:

realm - the new user realm

passwordHash

public java.lang.String passwordHash()

Returns the user password MD5 hash, encoded as a hexadecimal string. Avoid using this method to verify the current user password, since it may be blank (any password) or the user might be disabled. Use verifyPasswordHash() instead.

Returns:

the user password hash

See Also:

verifyPasswordHash(String)

setPasswordHash

public void setPasswordHash(java.lang.String passwordHash)

Sets the user password MD5 hash. The password hash should be created from the string "id:realm:password" and converted to a lower-case hexadecimal string before being sent to this method.

Parameters:

passwordHash - the new user password MD5 hash

See Also:

setPassword(String)

setPassword

public void setPassword(java.lang.String password)

Sets the user password. This method will create a password MD5 hash from the string "id:realm:password" and store that result in the password field. This is an irreversible process, so the original password cannot be retrieved from the object.

Parameters:

password - the new user password (in clear text)

See Also:

setPasswordHash(String)

verifyPasswordHash

public boolean verifyPasswordHash(java.lang.String passwordHash)

Verifies that the specified password MD5 hash is a match. This method checks that the user is enabled and that the current user password hash is identical to the specified one. If the current password hash is blank, this method will also return true.

Parameters:

passwordHash - the password hash to check

Returns:

true if the password hashes are identical, or false otherwise

createAuthToken

public java.lang.String createAuthToken(long expiryTime)

Creates an authentication token for this user. The token contains the user id, an expire timestamp and a validation hash containing both these values and the current user password. The authentication token can be used for password recovery via email or some other out-of-band delivery mechanism.

Parameters:

expiryTime - the authentication token expire time (in millis)

Returns:

the authentication token

verifyAuthToken

public boolean verifyAuthToken(java.lang.String token)

Verifies that the specified authentication token is valid for this user.

Parameters:

token - the authentication token

Returns:

true if the token is valid, or false otherwise

hasRole

public boolean hasRole(java.lang.String name)

Checks if the user has the specified role.

Parameters:

name - the role name

Returns:

true if the user has the role, or false otherwise

roles

public java.lang.String[] roles()

Returns an array with all the roles for the user.

Returns:

an array with all the roles

setRoles

public void setRoles(java.lang.String[] roles)

Sets all the all the roles for the user.

Parameters:

roles - the array with all roles