/*
* eXist SecurityManager Extension
* Copyright (C) 2010 Adam Retter <adam@existsolutions.com>
* www.adamretter.co.uk
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*
* $Id$
*/
package org.exist.xquery.functions.securitymanager;
import java.util.Collections;
import java.util.List;
import org.exist.dom.QName;
import org.exist.security.SecurityManager;
import org.exist.security.Subject;
import org.exist.storage.DBBroker;
import org.exist.xquery.BasicFunction;
import org.exist.xquery.Cardinality;
import org.exist.xquery.FunctionSignature;
import org.exist.xquery.XPathException;
import org.exist.xquery.XQueryContext;
import org.exist.xquery.value.BooleanValue;
import org.exist.xquery.value.FunctionParameterSequenceType;
import org.exist.xquery.value.FunctionReturnSequenceType;
import org.exist.xquery.value.Sequence;
import org.exist.xquery.value.SequenceType;
import org.exist.xquery.value.StringValue;
import org.exist.xquery.value.Type;
import org.exist.xquery.value.ValueSequence;
/**
*
* @author Adam Retter <adam@existsolutions.com>
*/
public class FindUserFunction extends BasicFunction {
private final static QName qnFindUsersByUsername = new QName("find-users-by-username", SecurityManagerModule.NAMESPACE_URI, SecurityManagerModule.PREFIX);
private final static QName qnFindUsersByName = new QName("find-users-by-name", SecurityManagerModule.NAMESPACE_URI, SecurityManagerModule.PREFIX);
private final static QName qnFindUsersByNamePart = new QName("find-users-by-name-part", SecurityManagerModule.NAMESPACE_URI, SecurityManagerModule.PREFIX);
private final static QName qnListUsers = new QName("list-users", SecurityManagerModule.NAMESPACE_URI, SecurityManagerModule.PREFIX);
private final static QName qnUserExists = new QName("user-exists", SecurityManagerModule.NAMESPACE_URI, SecurityManagerModule.PREFIX);
public final static FunctionSignature FNS_FIND_USERS_BY_USERNAME = new FunctionSignature(
qnFindUsersByUsername,
"Finds users whoose username starts with a matching string",
new SequenceType[] {
new FunctionParameterSequenceType("starts-with", Type.STRING, Cardinality.EXACTLY_ONE, "The starting string against which to match usernames")
},
new FunctionReturnSequenceType(Type.STRING, Cardinality.ZERO_OR_MORE, "The list of matching usernames")
);
public final static FunctionSignature FNS_FIND_USERS_BY_NAME = new FunctionSignature(
qnFindUsersByName,
"Finds users whoose personal name starts with a matching string",
new SequenceType[] {
new FunctionParameterSequenceType("starts-with", Type.STRING, Cardinality.EXACTLY_ONE, "The starting string against which to match a personal name")
},
new FunctionReturnSequenceType(Type.STRING, Cardinality.ZERO_OR_MORE, "The list of matching usernames")
);
public final static FunctionSignature FNS_FIND_USERS_BY_NAME_PART = new FunctionSignature(
qnFindUsersByNamePart,
"Finds users whoose first name or last name starts with a matching string",
new SequenceType[] {
new FunctionParameterSequenceType("starts-with", Type.STRING, Cardinality.EXACTLY_ONE, "The starting string against which to match a first or last name")
},
new FunctionReturnSequenceType(Type.STRING, Cardinality.ZERO_OR_MORE, "The list of matching usernames")
);
public final static FunctionSignature FNS_LIST_USERS = new FunctionSignature(
qnListUsers,
"List all users. You must be a DBA to enumerate all users, if you are not a DBA you will just get the username of the currently logged in user.",
null,
new FunctionReturnSequenceType(Type.STRING, Cardinality.ONE_OR_MORE, "The list of users.")
);
public final static FunctionSignature FNS_USER_EXISTS = new FunctionSignature(
qnUserExists,
"Determines whether a user exists.",
new SequenceType[] {
new FunctionParameterSequenceType("user", Type.STRING, Cardinality.EXACTLY_ONE, "The username to check for existence.")
},
new FunctionReturnSequenceType(Type.BOOLEAN, Cardinality.EXACTLY_ONE, "true if the user account exists, false otherwise.")
);
public FindUserFunction(XQueryContext context, FunctionSignature signature) {
super(context, signature);
}
@Override
public Sequence eval(Sequence[] args, Sequence contextSequence) throws XPathException {
final DBBroker broker = getContext().getBroker();
final Subject currentUser = broker.getSubject();
final SecurityManager securityManager = broker.getBrokerPool().getSecurityManager();
final Sequence result;
if(isCalledAs(qnListUsers.getLocalName())) {
result = new ValueSequence();
if(currentUser.getName().equals(SecurityManager.GUEST_USER)) {
result.add(new StringValue(SecurityManager.GUEST_USER));
} else {
addUserNamesToSequence(securityManager.findAllUserNames(), result);
}
} else {
if(currentUser.getName().equals(SecurityManager.GUEST_USER)) {
throw new XPathException("You must be an authenticated user");
}
if(isCalledAs(qnUserExists.getLocalName())) {
final String username = args[0].getStringValue();
result = BooleanValue.valueOf(securityManager.hasAccount(username));
} else {
result = new ValueSequence();
final String startsWith = args[0].getStringValue();
final List<String> usernames;
if(isCalledAs(qnFindUsersByUsername.getLocalName())) {
usernames = securityManager.findUsernamesWhereUsernameStarts(startsWith);
} else if(isCalledAs(qnFindUsersByName.getLocalName())) {
usernames = securityManager.findUsernamesWhereNameStarts(startsWith);
} else if(isCalledAs(qnFindUsersByNamePart.getLocalName())) {
usernames = securityManager.findUsernamesWhereNamePartStarts(startsWith);
} else {
throw new XPathException("Unknown function");
}
addUserNamesToSequence(usernames, result);
}
}
return result;
}
private void addUserNamesToSequence(final List<String> userNames, final Sequence sequence) throws XPathException {
//order a-z
Collections.sort(userNames);
for(final String userName : userNames) {
sequence.add(new StringValue(userName));
}
}
}