Class User


public class User extends StorableObject
A system user.
Version:
1.0
  • Field Details

    • DEFAULT_REALM

      public static final String DEFAULT_REALM
      The default user realm.
      See Also:
    • KEY_NAME

      public static final String KEY_NAME
      The dictionary key for the user name.
      See Also:
    • KEY_EMAIL

      public static final String KEY_EMAIL
      The dictionary key for the user email address.
      See Also:
    • KEY_DESCRIPTION

      public static final String KEY_DESCRIPTION
      The dictionary key for the user description.
      See Also:
    • KEY_ENABLED

      public static final String KEY_ENABLED
      The dictionary key for the user enabled flag.
      See Also:
    • KEY_REALM

      public static final String KEY_REALM
      The dictionary key for the user realm.
      See Also:
    • KEY_PASSWORD

      public static final String KEY_PASSWORD
      The dictionary key for the user password hash.
      See Also:
    • KEY_ROLE

      public static final String KEY_ROLE
      The dictionary key for the user role array.
      See Also:
    • KEY_AUTHORIZED_TIME

      public static final String KEY_AUTHORIZED_TIME
      The dictionary key for the oldest valid authentication timestamp.
      See Also:
    • KEY_SETTINGS

      public static final String KEY_SETTINGS
      The dictionary key for the user settings dictionary.
      See Also:
    • PATH

      public static final Path PATH
      The user object storage path.
  • Constructor Details

    • User

      public User(String id, String type, Dict dict)
      Creates a new user from a serialized representation.
      Parameters:
      id - the object identifier
      type - the object type name
      dict - the serialized representation
    • User

      public User(String id)
      Creates a new user with the specified user identifier. The user will be created with a blank password.
      Parameters:
      id - the user identifier
  • Method Details

    • find

      public static User find(Storage storage, String id)
      Searches for a specific user in the storage.
      Parameters:
      storage - the storage to search in
      id - the user identifier
      Returns:
      the user found, or null if not found
    • store

      public static void store(Storage storage, User user) throws StorageException
      Stores the specified used in the provided storage.
      Parameters:
      storage - the storage to use
      user - the user to store
      Throws:
      StorageException - if the user couldn't be stored
    • normalize

      public static Dict normalize(String id, Dict dict)
      Normalizes a user data object if needed. This method will modify legacy data into the proper keys and values.
      Parameters:
      id - the object identifier
      dict - the storage data
      Returns:
      the storage data (possibly modified)
    • decodeAuthToken

      public static String[] decodeAuthToken(String token)
      Decodes a user authentication token. If the token isn't valid, the missing parts will be filled with empty values.
      Parameters:
      token - the token string
      Returns:
      the array of user id, expiry time and validation hash
    • encodeAuthToken

      public static String encodeAuthToken(String id, long expiry, String hash)
      Encodes a user authentication token.
      Parameters:
      id - the user id
      expiry - the expire timestamp (in millis)
      hash - the data validation hash
      Returns:
      the authentication token to be used for login
    • name

      public String name()
      Returns the user name.
      Returns:
      the user name.
    • setName

      public void setName(String name)
      Sets the user name.
      Parameters:
      name - the user full name
    • email

      public String email()
      Returns the user email address.
      Returns:
      the user email address.
    • setEmail

      public void setEmail(String email)
      Sets the user email address.
      Parameters:
      email - the user email address
    • description

      public String description()
      Returns the user description.
      Returns:
      the user description.
    • setDescription

      public void setDescription(String descr)
      Sets the user description.
      Parameters:
      descr - the user description
    • isEnabled

      public boolean isEnabled()
      Checks if the user is enabled.
      Returns:
      true if the user is enabled, or false otherwise
    • setEnabled

      public void setEnabled(boolean enabled)
      Sets the user enabled flag.
      Parameters:
      enabled - the enabled flag
    • realm

      public String realm()
      Returns the user realm.
      Returns:
      the user realm.
    • setRealm

      public void setRealm(String realm)
      Sets the user realm. Note that this method will make the old password impossible to use, since the password hash contains the old realm name. A new password has should be calculated.
      Parameters:
      realm - the new user realm
    • passwordHash

      public String passwordHash()
      Returns the user password MD5 hash, encoded as a hexadecimal string. Avoid using this method to verify the current user password, since it may be blank (any password) or the user might be disabled. Use verifyPasswordHash() instead.
      Returns:
      the user password hash
      See Also:
    • setPasswordHash

      public void setPasswordHash(String passwordHash)
      Sets the user password MD5 hash. The password hash should be created from the string "id:realm:password" and converted to a lower-case hexadecimal string before being sent to this method.
      Parameters:
      passwordHash - the new user password MD5 hash
      See Also:
    • setPassword

      public void setPassword(String password)
      Sets the user password. This method will create a password MD5 hash from the string "id:realm:password" and store that result in the password field. This is an irreversible process, so the original password cannot be retrieved from the object.
      Parameters:
      password - the new user password (in clear text)
      See Also:
    • verifyPasswordHash

      public boolean verifyPasswordHash(String passwordHash)
      Verifies that the specified password MD5 hash is a match. This method checks that the user is enabled and that the current user password hash is identical to the specified one. If the current password hash is blank, this method will also return true.
      Parameters:
      passwordHash - the password hash to check
      Returns:
      true if the password hashes are identical, or false otherwise
    • createAuthToken

      public String createAuthToken(long expiryTime)
      Creates an authentication token for this user. The token contains the user id, an expire timestamp and a validation hash containing both these values and the current user password. The authentication token can be used for password recovery via email or some other out-of-band delivery mechanism.
      Parameters:
      expiryTime - the authentication token expire time (in millis)
      Returns:
      the authentication token
    • verifyAuthToken

      public boolean verifyAuthToken(String token)
      Verifies that the specified authentication token is valid for this user.
      Parameters:
      token - the authentication token
      Returns:
      true if the token is valid, or false otherwise
    • hasRole

      public boolean hasRole(String name)
      Checks if the user has the specified role. Note that this method doesn't check for automatic roles.
      Parameters:
      name - the role name
      Returns:
      true if the user has the role, or false otherwise
      See Also:
    • roles

      public String[] roles()
      Returns an array with all the roles for the user.
      Returns:
      an array with all the roles
    • setRoles

      public void setRoles(String[] roles)
      Sets all the all the roles for the user.
      Parameters:
      roles - the array with all roles
    • authorizedTime

      public Date authorizedTime()
      Returns the oldest valid authentication timestamp. Any session, auth token or similar created prior is considered invalid.
      Returns:
      the oldest valid authentication timestamp
    • settings

      public Dict settings()
      Returns the user settings dictionary.
      Returns:
      a dictionary with user settings, or a new empty dictionary if not set
    • updateSettings

      public void updateSettings(Dict updates)
      Merges updates into the user settings dictionary. Keys with null values will be removed from settings and other keys will be overwritten. Any key not listed in the updates will remain unmodified.
      Parameters:
      updates - the dictionary with updates