diff options
Diffstat (limited to 'odl-aaa-moon/aaa-h2-store/src/main/java/org/opendaylight/aaa/h2/persistence/UserStore.java')
-rw-r--r-- | odl-aaa-moon/aaa-h2-store/src/main/java/org/opendaylight/aaa/h2/persistence/UserStore.java | 202 |
1 files changed, 202 insertions, 0 deletions
diff --git a/odl-aaa-moon/aaa-h2-store/src/main/java/org/opendaylight/aaa/h2/persistence/UserStore.java b/odl-aaa-moon/aaa-h2-store/src/main/java/org/opendaylight/aaa/h2/persistence/UserStore.java new file mode 100644 index 00000000..96b8013f --- /dev/null +++ b/odl-aaa-moon/aaa-h2-store/src/main/java/org/opendaylight/aaa/h2/persistence/UserStore.java @@ -0,0 +1,202 @@ +/* + * Copyright (c) 2014, 2016 Hewlett-Packard Development Company, L.P. and others. All rights reserved. + * + * This program and the accompanying materials are made available under the + * terms of the Eclipse Public License v1.0 which accompanies this distribution, + * and is available at http://www.eclipse.org/legal/epl-v10.html + */ + +package org.opendaylight.aaa.h2.persistence; + +import com.google.common.base.Preconditions; + +import java.sql.Connection; +import java.sql.PreparedStatement; +import java.sql.ResultSet; +import java.sql.SQLException; +import java.sql.Statement; + +import org.apache.commons.lang3.StringEscapeUtils; +import org.opendaylight.aaa.api.IDMStoreUtil; +import org.opendaylight.aaa.api.SHA256Calculator; +import org.opendaylight.aaa.api.model.User; +import org.opendaylight.aaa.api.model.Users; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +/** + * + * @author peter.mellquist@hp.com + * + */ +public class UserStore extends AbstractStore<User> { + private static final Logger LOG = LoggerFactory.getLogger(UserStore.class); + + protected final static String SQL_ID = "userid"; + protected final static String SQL_DOMAIN_ID = "domainid"; + protected final static String SQL_NAME = "name"; + protected final static String SQL_EMAIL = "email"; + protected final static String SQL_PASSWORD = "password"; + protected final static String SQL_DESCR = "description"; + protected final static String SQL_ENABLED = "enabled"; + protected final static String SQL_SALT = "salt"; + private static final String TABLE_NAME = "USERS"; + + protected UserStore() { + super(TABLE_NAME); + } + + @Override + protected String getTableCreationStatement() { + return "CREATE TABLE users " + + "(userid VARCHAR(128) PRIMARY KEY," + + "name VARCHAR(128) NOT NULL, " + + "domainid VARCHAR(128) NOT NULL, " + + "email VARCHAR(128) NOT NULL, " + + "password VARCHAR(128) NOT NULL, " + + "description VARCHAR(128) NOT NULL, " + + "salt VARCHAR(15) NOT NULL, " + + "enabled INTEGER NOT NULL)"; + } + + @Override + protected User fromResultSet(ResultSet rs) throws SQLException { + User user = new User(); + try { + user.setUserid(rs.getString(SQL_ID)); + user.setDomainid(rs.getString(SQL_DOMAIN_ID)); + user.setName(rs.getString(SQL_NAME)); + user.setEmail(rs.getString(SQL_EMAIL)); + user.setPassword(rs.getString(SQL_PASSWORD)); + user.setDescription(rs.getString(SQL_DESCR)); + user.setEnabled(rs.getInt(SQL_ENABLED) == 1); + user.setSalt(rs.getString(SQL_SALT)); + } catch (SQLException sqle) { + LOG.error("SQL Exception: ", sqle); + throw sqle; + } + return user; + } + + protected Users getUsers() throws StoreException { + Users users = new Users(); + users.setUsers(listAll()); + return users; + } + + protected Users getUsers(String username, String domain) throws StoreException { + LOG.debug("getUsers for: {} in domain {}", username, domain); + + Users users = new Users(); + try (Connection conn = dbConnect(); + PreparedStatement pstmt = conn.prepareStatement("SELECT * FROM USERS WHERE userid = ? ")) { + pstmt.setString(1, IDMStoreUtil.createUserid(username, domain)); + LOG.debug("query string: {}", pstmt.toString()); + users.setUsers(listFromStatement(pstmt)); + } catch (SQLException s) { + throw new StoreException("SQL Exception : " + s); + } + return users; + } + + protected User getUser(String id) throws StoreException { + try (Connection conn = dbConnect(); + PreparedStatement pstmt = conn.prepareStatement("SELECT * FROM USERS WHERE userid = ? ")) { + pstmt.setString(1, id); + LOG.debug("query string: {}", pstmt.toString()); + return firstFromStatement(pstmt); + } catch (SQLException s) { + throw new StoreException("SQL Exception : " + s); + } + } + + protected User createUser(User user) throws StoreException { + Preconditions.checkNotNull(user); + Preconditions.checkNotNull(user.getName()); + Preconditions.checkNotNull(user.getDomainid()); + + user.setSalt(SHA256Calculator.generateSALT()); + String query = "insert into users (userid,domainid,name,email,password,description,enabled,salt) values(?,?,?,?,?,?,?,?)"; + try (Connection conn = dbConnect(); + PreparedStatement statement = conn.prepareStatement(query)) { + user.setUserid(IDMStoreUtil.createUserid(user.getName(), user.getDomainid())); + statement.setString(1, user.getUserid()); + statement.setString(2, user.getDomainid()); + statement.setString(3, user.getName()); + statement.setString(4, user.getEmail()); + statement.setString(5, SHA256Calculator.getSHA256(user.getPassword(), user.getSalt())); + statement.setString(6, user.getDescription()); + statement.setInt(7, user.isEnabled() ? 1 : 0); + statement.setString(8, user.getSalt()); + int affectedRows = statement.executeUpdate(); + if (affectedRows == 0) { + throw new StoreException("Creating user failed, no rows affected."); + } + return user; + } catch (SQLException s) { + throw new StoreException("SQL Exception : " + s); + } + } + + protected User putUser(User user) throws StoreException { + + User savedUser = this.getUser(user.getUserid()); + if (savedUser == null) { + return null; + } + + if (user.getDescription() != null) { + savedUser.setDescription(user.getDescription()); + } + if (user.getName() != null) { + savedUser.setName(user.getName()); + } + if (user.isEnabled() != null) { + savedUser.setEnabled(user.isEnabled()); + } + if (user.getEmail() != null) { + savedUser.setEmail(user.getEmail()); + } + if (user.getPassword() != null) { + // If a new salt is provided, use it. Otherwise, derive salt from existing. + String salt = user.getSalt(); + if (salt == null) { + salt = savedUser.getSalt(); + } + savedUser.setPassword(SHA256Calculator.getSHA256(user.getPassword(), salt)); + } + + String query = "UPDATE users SET email = ?, password = ?, description = ?, enabled = ? WHERE userid = ?"; + try (Connection conn = dbConnect(); + PreparedStatement statement = conn.prepareStatement(query)) { + statement.setString(1, savedUser.getEmail()); + statement.setString(2, savedUser.getPassword()); + statement.setString(3, savedUser.getDescription()); + statement.setInt(4, savedUser.isEnabled() ? 1 : 0); + statement.setString(5, savedUser.getUserid()); + statement.executeUpdate(); + } catch (SQLException s) { + throw new StoreException("SQL Exception : " + s); + } + + return savedUser; + } + + protected User deleteUser(String userid) throws StoreException { + userid = StringEscapeUtils.escapeHtml4(userid); + User savedUser = this.getUser(userid); + if (savedUser == null) { + return null; + } + + String query = String.format("DELETE FROM USERS WHERE userid = '%s'", userid); + try (Connection conn = dbConnect(); + Statement statement = conn.createStatement()) { + int deleteCount = statement.executeUpdate(query); + LOG.debug("deleted {} records", deleteCount); + return savedUser; + } catch (SQLException s) { + throw new StoreException("SQL Exception : " + s); + } + } +} |