2 * Copyright (C) 2016, 2017 Roland Häder
4 * This program is free software: you can redistribute it and/or modify
5 * it under the terms of the GNU Affero General Public License as
6 * published by the Free Software Foundation, either version 3 of the
7 * License, or (at your option) any later version.
9 * This program is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 * GNU Affero General Public License for more details.
14 * You should have received a copy of the GNU Affero General Public License
15 * along with this program. If not, see <http://www.gnu.org/licenses/>.
17 package org.mxchange.jjobs.beans.user;
19 import java.text.MessageFormat;
20 import java.util.Locale;
21 import java.util.Objects;
23 import javax.enterprise.context.RequestScoped;
24 import javax.enterprise.event.Event;
25 import javax.enterprise.event.Observes;
26 import javax.enterprise.inject.Any;
27 import javax.faces.FacesException;
28 import javax.faces.context.FacesContext;
29 import javax.faces.view.facelets.FaceletException;
30 import javax.inject.Inject;
31 import javax.inject.Named;
32 import org.mxchange.jcontacts.model.contact.Contact;
33 import org.mxchange.jcoreee.utils.FacesUtils;
34 import org.mxchange.jjobs.beans.BaseJobsController;
35 import org.mxchange.jjobs.beans.contact.JobsAdminContactWebRequestController;
36 import org.mxchange.jjobs.beans.contact.JobsContactWebRequestController;
37 import org.mxchange.jjobs.beans.localization.JobsLocalizationSessionController;
38 import org.mxchange.jusercore.events.user.add.AdminAddedUserEvent;
39 import org.mxchange.jusercore.events.user.add.ObservableAdminAddedUserEvent;
40 import org.mxchange.jusercore.events.user.created.ObservableCreatedUserEvent;
41 import org.mxchange.jusercore.events.user.delete.AdminDeletedUserEvent;
42 import org.mxchange.jusercore.events.user.delete.ObservableAdminDeletedUserEvent;
43 import org.mxchange.jusercore.events.user.linked.AdminLinkedUserEvent;
44 import org.mxchange.jusercore.events.user.linked.ObservableAdminLinkedUserEvent;
45 import org.mxchange.jusercore.events.user.locked.AdminLockedUserEvent;
46 import org.mxchange.jusercore.events.user.locked.ObservableAdminLockedUserEvent;
47 import org.mxchange.jusercore.events.user.unlocked.AdminUnlockedUserEvent;
48 import org.mxchange.jusercore.events.user.unlocked.ObservableAdminUnlockedUserEvent;
49 import org.mxchange.jusercore.events.user.update.AdminUpdatedUserDataEvent;
50 import org.mxchange.jusercore.events.user.update.ObservableAdminUpdatedUserDataEvent;
51 import org.mxchange.jusercore.exceptions.EmailAddressAlreadyRegisteredException;
52 import org.mxchange.jusercore.exceptions.UserNameAlreadyRegisteredException;
53 import org.mxchange.jusercore.exceptions.UserNotFoundException;
54 import org.mxchange.jusercore.exceptions.UserStatusConfirmedException;
55 import org.mxchange.jusercore.exceptions.UserStatusLockedException;
56 import org.mxchange.jusercore.exceptions.UserStatusUnconfirmedException;
57 import org.mxchange.jusercore.model.user.AdminUserSessionBeanRemote;
58 import org.mxchange.jusercore.model.user.LoginUser;
59 import org.mxchange.jusercore.model.user.User;
60 import org.mxchange.jusercore.model.user.UserSessionBeanRemote;
61 import org.mxchange.jusercore.model.user.profilemodes.ProfileMode;
62 import org.mxchange.jusercore.model.user.status.UserAccountStatus;
63 import org.mxchange.juserlogincore.container.login.UserLoginContainer;
64 import org.mxchange.juserlogincore.events.registration.ObservableUserRegisteredEvent;
65 import org.mxchange.juserlogincore.exceptions.UserPasswordRepeatMismatchException;
66 import org.mxchange.juserlogincore.login.UserLoginUtils;
69 * A user controller (bean)
71 * @author Roland Häder<roland@mxchange.org>
73 @Named ("adminUserController")
75 public class JobsAdminUserWebRequestBean extends BaseJobsController implements JobsAdminUserWebRequestController {
80 private static final long serialVersionUID = 542_145_347_916L;
83 * An event fired when the administrator has added a new user
87 private Event<ObservableAdminAddedUserEvent> addedUserEvent;
90 * Regular contact controller
93 private JobsAdminContactWebRequestController adminContactController;
96 * Administrative user EJB
98 @EJB (lookup = "java:global/jjobs-ejb/adminUser!org.mxchange.jusercore.model.user.AdminUserSessionBeanRemote")
99 private AdminUserSessionBeanRemote adminUserBean;
104 private Contact contact;
107 * Regular contact controller
110 private JobsContactWebRequestController contactController;
113 * Event being fired when admin has deleted user
117 private Event<ObservableAdminDeletedUserEvent> deleteUserEvent;
120 * Localization controller
123 private JobsLocalizationSessionController localizationController;
126 * An event fired when the administrator has updated a new user
130 private Event<ObservableAdminUpdatedUserDataEvent> updatedUserDataEvent;
140 @EJB (lookup = "java:global/jjobs-ejb/user!org.mxchange.jusercore.model.user.UserSessionBeanRemote")
141 private UserSessionBeanRemote userBean;
144 * Regular user controller
147 private JobsUserWebRequestController userController;
152 private String userDeleteReason;
155 * An event fired when the administrator has linked a user with existing
160 private Event<ObservableAdminLinkedUserEvent> userLinkedEvent;
165 private String userLockReason;
168 * Event being fired when an administrator has locked a user
172 private Event<ObservableAdminLockedUserEvent> userLockedEvent;
175 * Flag whether user must change password after login
177 private Boolean userMustChangePassword;
182 private String userName;
185 * User password (clear-text from web form)
187 private String userPassword;
190 * User password repeated (clear-text from web form)
192 private String userPasswordRepeat;
195 * Event being fired when administrator unlocks an account
199 private Event<ObservableAdminUnlockedUserEvent> userUnlockedEvent;
202 * Default constructor
204 public JobsAdminUserWebRequestBean () {
205 // Call super constructor
210 * Adds user instance to database by preparing a complete user instance and
211 * sending it to the EJB. The data set in the controller is being verified,
212 * e.g. if the user name or email address is not used yet.
214 * @return Redirect outcome
216 public String addUser () {
217 // As the form cannot validate the data (required="true"), check it here
218 if (this.getUserName() == null) {
220 throw new NullPointerException("userName is null"); //NOI18N
221 } else if (this.getUserName().isEmpty()) {
223 throw new IllegalArgumentException("userName is null"); //NOI18N
224 } else if (this.getContact() == null) {
225 // No contact instance set, so test required fields: gender, first name and family name
226 this.adminContactController.validateContactData();
229 // Create new user instance
230 final User newUser = new LoginUser();
232 // Set user name, CONFIRMED and INVISIBLE
233 newUser.setUserName(this.getUserName());
234 newUser.setUserMustChangePassword(this.getUserMustChangePassword());
235 newUser.setUserAccountStatus(UserAccountStatus.CONFIRMED);
236 newUser.setUserProfileMode(ProfileMode.INVISIBLE);
238 // Get locale from view-root
239 final Locale locale = FacesContext.getCurrentInstance().getViewRoot().getLocale();
242 newUser.setUserLocale(locale);
247 // Is a contact instance in helper set?
248 if (this.getContact() instanceof Contact) {
249 // Then use it for contact linking
250 userContact = this.getContact();
252 // Create contact instance
253 userContact = this.contactController.createContactInstance();
256 // Set contact in user
257 newUser.setUserContact(userContact);
259 // Init variable for password
260 String password = null;
262 // Is the user name or email address used already?
263 // @TODO Add password length check
264 if (this.userController.isUserNameRegistered(newUser)) {
265 // User name is already used
266 throw new FaceletException(new UserNameAlreadyRegisteredException(newUser));
267 } else if ((this.getContact() == null) && (this.contactController.isEmailAddressRegistered(newUser.getUserContact()))) {
268 // Email address is already used
269 this.showFacesMessage("admin_add_user:emailAddress", "ERROR_EMAIL_ADDRESS_ALREADY_USED"); //NOI18N
271 // Always clear password
272 this.setUserPassword(null);
273 this.setUserPasswordRepeat(null);
277 } else if ((this.getUserPassword() == null && (this.getUserPasswordRepeat() == null)) || ((this.getUserPassword().isEmpty()) && (this.getUserPasswordRepeat().isEmpty()))) {
278 // Empty password entered, then generate one
279 password = UserLoginUtils.createRandomPassword(JobsUserWebRequestController.MINIMUM_PASSWORD_LENGTH);
280 } else if (!this.isSamePasswordEntered()) {
281 // Both passwords don't match
282 throw new FaceletException(new UserPasswordRepeatMismatchException(newUser));
284 // Both match, so get it from this bean
285 password = this.getUserPassword();
288 // The password should not be null and at least 5 characters long
289 assert (password != null) : "password is null"; //NOI18N
290 assert (password.length() >= JobsUserWebRequestController.MINIMUM_PASSWORD_LENGTH) : "Password is not long enough."; //NOI18N
292 // Encrypt password and set it
293 newUser.setUserEncryptedPassword(UserLoginUtils.encryptPassword(password));
296 // Now, that all is set, call EJB
297 if (this.getContact() instanceof Contact) {
298 // Link contact with this user
299 final User updatedUser = this.adminUserBean.linkUser(newUser);
302 this.userLinkedEvent.fire(new AdminLinkedUserEvent(updatedUser));
305 final User updatedUser = this.adminUserBean.addUser(newUser);
308 this.addedUserEvent.fire(new AdminAddedUserEvent(updatedUser));
310 } catch (final UserNameAlreadyRegisteredException | EmailAddressAlreadyRegisteredException ex) {
312 throw new FaceletException(ex);
316 this.setContact(null);
321 // Return to user list (for now)
322 return "admin_list_user"; //NOI18N
326 * Event observer for when a bean helper has successfully created a user
327 * instance, means the user exists. If the user does not exist, this event
328 * should not fire but instead a proper exception must be thrown.
330 * @param event User created event
332 public void afterCreatedUserEvent (@Observes final ObservableCreatedUserEvent event) {
333 // Is the instance valid?
336 throw new NullPointerException("event is null"); //NOI18N
337 } else if (event.getCreatedUser() == null) {
339 throw new NullPointerException("event.createdUser is null"); //NOI18N
340 } else if (event.getCreatedUser().getUserId() == null) {
342 throw new NullPointerException("event.createdUser.userId is null"); //NOI18N
343 } else if (event.getCreatedUser().getUserId() < 1) {
345 throw new NullPointerException(MessageFormat.format("event.createdUser.userId={0} is not valid", event.getCreatedUser().getUserId())); //NOI18N
349 this.setUser(event.getCreatedUser());
353 * Event observer for new user registrations
355 * @param event User registration event
357 public void afterUserRegistrationEvent (@Observes final ObservableUserRegisteredEvent event) {
358 // event should not be null
361 throw new NullPointerException("event is null"); //NOI18N
362 } else if (event.getRegisteredUser() == null) {
364 throw new NullPointerException("event.user is null"); //NOI18N
365 } else if (event.getRegisteredUser().getUserId() == null) {
367 throw new NullPointerException("event.user.userId is null"); //NOI18N
368 } else if (event.getRegisteredUser().getUserId() < 1) {
370 throw new IllegalArgumentException(MessageFormat.format("userId of user={0} is not valid: {1}", event.getRegisteredUser(), event.getRegisteredUser().getUserId())); //NOI18N
374 final User registeredUser = event.getRegisteredUser();
376 // @TODO Nothing to do with the user here?
382 * Deletes given user account
384 * @return Redirect outcome
386 public String deleteUserData () {
387 // Is the user instance valid and CONFIRMED?
388 if (this.getUser() == null) {
390 throw new NullPointerException("user is null"); //NOI18N
391 } else if (this.getUser().getUserId() == null) {
393 throw new NullPointerException("user.userId is null"); //NOI18N
394 } else if (this.getUser().getUserId() < 1) {
396 throw new IllegalArgumentException(MessageFormat.format("user.userId={0} is not valid", this.getUser().getUserId())); //NOI18N
400 // All fine, delete it
401 this.adminUserBean.deleteUser(this.getUser(), this.getUserDeleteReason());
402 } catch (final UserNotFoundException ex) {
403 // Should not happen, so throw again
404 throw new FaceletException(ex);
408 this.deleteUserEvent.fire(new AdminDeletedUserEvent(this.getUser(), this.getUserDeleteReason()));
411 return "admin_list_user"; //NOI18N
415 * Edits currently loaded user's data in database.
417 * @return Redirect outcome
419 public String editUserData () {
420 // Null password means not setting it
421 String encryptedPassword = null;
423 // Check if user instance is in helper and valid
424 if (this.getUser() == null) {
426 throw new NullPointerException("beanHelper.user is null"); //NOI18N
427 } else if (this.getUser().getUserId() == null) {
429 throw new NullPointerException("beanHelper.user.userId is null"); //NOI18N
430 } else if (this.getUser().getUserId() < 1) {
432 throw new IllegalStateException(MessageFormat.format("beanHelper.user.userId={0} is invalid", this.getUser().getUserId())); //NOI18N
433 } else if (this.getUserName() == null) {
434 // Not all required fields are set
435 throw new NullPointerException("this.userName is null"); //NOI18N
436 } else if (this.getUserName().isEmpty()) {
437 // Not all required fields are set
438 throw new IllegalArgumentException("this.userName is empty"); //NOI18N
439 } else if (((!this.getUserPassword().isEmpty()) || (!this.getUserPasswordRepeat().isEmpty())) && (!this.isSamePasswordEntered())) {
440 // Clear password fields
441 this.setUserPassword(null);
442 this.setUserPasswordRepeat(null);
444 // Not same password entered
445 this.showFacesMessage("form_edit_user:userPassword", "ADMIN_USER_PASSWORD_REPEAT_DIFFERENT"); //NOI18N
447 } else if ((!Objects.equals(this.getUser().getUserName(), this.getUserName())) && (this.userBean.ifUserNameExists(this.getUserName()))) {
451 // User name already exists
452 this.showFacesMessage("form_edit_user:userName", "ADMIN_USER_NAME_ALREADY_EXISTS"); //NOI18N
454 } else if (this.isSamePasswordEntered()) {
455 // Same password entered, create container
456 if ((Objects.equals(this.getUser().getUserMustChangePassword(), this.getUserMustChangePassword())) && (UserLoginUtils.ifPasswordMatches(new UserLoginContainer(this.getUser(), this.getUserPassword())))) {
457 // Clear password fields
458 this.setUserPassword(null);
459 this.setUserPasswordRepeat(null);
461 // Same password entered
462 this.showFacesMessage("form_edit_user:userPassword", "ADMIN_USER_ENTERED_SAME_AS_OLD_PASSWORD"); //NOI18N
467 encryptedPassword = UserLoginUtils.encryptPassword(this.getUserPassword());
470 // Set user name and flag
471 this.getUser().setUserName(this.getUserName());
472 this.getUser().setUserMustChangePassword(this.getUserMustChangePassword());
474 // Is a password set?
475 if (encryptedPassword != null) {
477 this.getUser().setUserEncryptedPassword(encryptedPassword);
480 // Call EJB for updating user data
481 final User updatedUser = this.userBean.updateUserData(this.getUser());
484 this.updatedUserDataEvent.fire(new AdminUpdatedUserDataEvent(updatedUser));
486 // Return to user list (for now)
487 return "admin_list_user"; //NOI18N
491 * Getter for contact instance
493 * @return Contact instance
495 public Contact getContact () {
500 * Setter for contact instance
502 * @param contact Contact instance
504 public void setContact (final Contact contact) {
505 this.contact = contact;
509 * Getter for user instance
511 * @return User instance
513 public User getUser () {
518 * Setter for user instance
520 * @param user User instance
522 public void setUser (final User user) {
527 * Getter for user delete reason
529 * @return User delete reason
531 public String getUserDeleteReason () {
532 return this.userDeleteReason;
536 * Setter for user delete reason
538 * @param userDeleteReason User delete reason
540 public void setUserDeleteReason (final String userDeleteReason) {
541 this.userDeleteReason = userDeleteReason;
545 * Getter for user lock reason
547 * @return User lock reason
549 public String getUserLockReason () {
550 return this.userLockReason;
554 * Setter for user lock reason
556 * @param userLockReason User lock reason
558 public void setUserLockReason (final String userLockReason) {
559 this.userLockReason = userLockReason;
563 * Getter for flag if user needs to change password
565 * @return Flag if user needs to change password
567 public Boolean getUserMustChangePassword () {
568 return this.userMustChangePassword;
572 * Setter for flag if user needs to change password
574 * @param userMustChangePassword Flag if user needs to change password
576 public void setUserMustChangePassword (final Boolean userMustChangePassword) {
577 this.userMustChangePassword = userMustChangePassword;
581 * Getter for user name
585 public String getUserName () {
586 return this.userName;
590 * Setter for user name
592 * @param userName User name
594 public void setUserName (final String userName) {
595 this.userName = userName;
599 * Getter for clear-text user password
601 * @return Clear-text user password
603 public String getUserPassword () {
604 return this.userPassword;
608 * Setter for clear-text user password
610 * @param userPassword Clear-text user password
612 public void setUserPassword (final String userPassword) {
613 this.userPassword = userPassword;
617 * Getter for clear-text user password repeated
619 * @return Clear-text user password repeated
621 public String getUserPasswordRepeat () {
622 return this.userPasswordRepeat;
626 * Setter for clear-text user password repeated
628 * @param userPasswordRepeat Clear-text user password repeated
630 public void setUserPasswordRepeat (final String userPasswordRepeat) {
631 this.userPasswordRepeat = userPasswordRepeat;
635 * Locks selected user's account. This method makes sure that a lock reason
636 * is provided that th user later can read on login attempts.
638 * @return Redirect outcome
640 public String lockUserAccount () {
641 // Is the user instance valid and CONFIRMED?
642 if (this.getUser() == null) {
644 throw new NullPointerException("this.user is null"); //NOI18N
645 } else if (this.getUser().getUserId() == null) {
647 throw new NullPointerException("this.user.userId is null"); //NOI18N
648 } else if (this.getUser().getUserId() < 1) {
650 throw new IllegalArgumentException(MessageFormat.format("this.user.userId={0} is not valid", this.getUser().getUserId())); //NOI18N
651 } else if (this.getUser().getUserAccountStatus() == UserAccountStatus.LOCKED) {
652 // User account is locked
653 throw new FacesException(new UserStatusLockedException(this.getUser()));
654 } else if (this.getUser().getUserAccountStatus() == UserAccountStatus.UNCONFIRMED) {
655 // User account is locked
656 throw new FaceletException(new UserStatusUnconfirmedException(this.getUser()));
657 } else if (this.getUserLockReason() == null) {
659 throw new NullPointerException("this.userLockReason is null"); //NOI18N
660 } else if (this.getUserLockReason().isEmpty()) {
662 throw new IllegalArgumentException("this.userLockReason is empty"); //NOI18N
665 // Init updated user instance
666 final User updatedUser;
670 final String baseUrl = FacesUtils.generateBaseUrl();
672 // Call EJB to lock account
673 updatedUser = this.adminUserBean.lockUserAccount(this.getUser(), this.getUserLockReason(), baseUrl);
674 } catch (final UserStatusLockedException | UserStatusUnconfirmedException | UserNotFoundException ex) {
676 throw new FaceletException(ex);
680 this.userLockedEvent.fire(new AdminLockedUserEvent(updatedUser));
685 // Should go fine at this point, redirect to user profile
686 return "admin_show_user"; //NOI18N
690 * Unlocks selected user's account. This method makes sure that the account
693 * @return Redirect outcome
695 public String unlockUserAccount () {
696 // Is the user instance valid and CONFIRMED?
697 if (this.getUser() == null) {
699 throw new NullPointerException("this.user is null"); //NOI18N
700 } else if (this.getUser().getUserId() == null) {
702 throw new NullPointerException("this.user.userId is null"); //NOI18N
703 } else if (this.getUser().getUserId() < 1) {
705 throw new IllegalArgumentException(MessageFormat.format("this.user.userId={0} is not valid", this.getUser().getUserId())); //NOI18N
706 } else if (this.getUser().getUserAccountStatus() == UserAccountStatus.CONFIRMED) {
707 // User account is locked
708 throw new FacesException(new UserStatusConfirmedException(this.getUser()));
709 } else if (this.getUser().getUserAccountStatus() == UserAccountStatus.UNCONFIRMED) {
710 // User account is locked
711 throw new FaceletException(new UserStatusUnconfirmedException(this.getUser()));
714 // Init updated user instance
715 final User updatedUser;
719 final String baseUrl = FacesUtils.generateBaseUrl();
721 // Call EJB to unlock account
722 updatedUser = this.adminUserBean.unlockUserAccount(this.getUser(), baseUrl);
723 } catch (final UserStatusConfirmedException | UserStatusUnconfirmedException | UserNotFoundException ex) {
725 throw new FaceletException(ex);
729 this.userUnlockedEvent.fire(new AdminUnlockedUserEvent(updatedUser));
734 // Should go fine at this point, redirect to user profile
735 return "admin_show_user"; //NOI18N
741 private void clear () {
743 this.setContact(null);
744 this.setUserLockReason(null);
745 this.setUserMustChangePassword(null);
746 this.setUserName(null);
750 * Checks if same password is entered and that they are not empty.
752 * @return Whether the same password was entered
754 private boolean isSamePasswordEntered () {
755 return ((!this.getUserPassword().isEmpty()) && (Objects.equals(this.getUserPassword(), this.getUserPasswordRepeat())));