package org.cbir.retrieval.service;
import org.cbir.retrieval.domain.Authority;
import org.cbir.retrieval.domain.PersistentToken;
import org.cbir.retrieval.domain.User;
import org.cbir.retrieval.repository.AuthorityRepository;
import org.cbir.retrieval.repository.PersistentTokenRepository;
import org.cbir.retrieval.repository.UserRepository;
import org.cbir.retrieval.security.SecurityUtils;
import org.cbir.retrieval.service.util.RandomUtil;
import org.joda.time.DateTime;
import org.joda.time.LocalDate;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.scheduling.annotation.Scheduled;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import javax.inject.Inject;
import java.util.HashSet;
import java.util.List;
import java.util.Optional;
import java.util.Set;
/**
* Service class for managing users.
*/
@Service
@Transactional
public class UserService {
private final Logger log = LoggerFactory.getLogger(UserService.class);
@Inject
private PasswordEncoder passwordEncoder;
@Inject
private UserRepository userRepository;
@Inject
private PersistentTokenRepository persistentTokenRepository;
@Inject
private AuthorityRepository authorityRepository;
public User activateRegistration(String key) {
log.debug("Activating user for activation key {}", key);
return Optional.ofNullable(userRepository.getUserByActivationKey(key))
.map(user -> {
// activate given user for the registration key.
user.setActivated(true);
user.setActivationKey(null);
userRepository.save(user);
log.debug("Activated user: {}", user);
return user;
})
.orElse(null);
}
public User createUserInformation(String login, String password, String firstName, String lastName, String email,
String langKey) {
return createUserInformation(login,password,firstName,lastName,email,langKey,"ROLE_USER");
}
public User createUserInformation(String login, String password, String firstName, String lastName, String email,
String langKey, String role) {
User newUser = new User();
Set<Authority> authorities = new HashSet<>();
String encryptedPassword = passwordEncoder.encode(password);
newUser.setLogin(login);
// new user gets initially a generated password
newUser.setPassword(encryptedPassword);
newUser.setFirstName(firstName);
newUser.setLastName(lastName);
newUser.setEmail(email);
newUser.setLangKey(langKey);
// new user is not active
newUser.setActivated(false);
// new user gets registration key
newUser.setActivationKey(RandomUtil.generateActivationKey());
if(role.equals("ROLE_ADMIN")) {
authorities.add(authorityRepository.findOne("ROLE_ADMIN")) ;
authorities.add(authorityRepository.findOne("ROLE_USER")) ;
} else {
authorities.add(authorityRepository.findOne("ROLE_USER")) ;
}
newUser.setAuthorities(authorities);
userRepository.save(newUser);
log.debug("Created Information for User: {}", newUser);
return newUser;
}
public void updateUserInformation(String firstName, String lastName, String email) {
User currentUser = userRepository.findOne(SecurityUtils.getCurrentLogin());
currentUser.setFirstName(firstName);
currentUser.setLastName(lastName);
currentUser.setEmail(email);
userRepository.save(currentUser);
log.debug("Changed Information for User: {}", currentUser);
}
public void changePassword(String password) {
changePassword(userRepository.findOne(SecurityUtils.getCurrentLogin()), password);
}
public void changePassword(User user, String password) {
String encryptedPassword = passwordEncoder.encode(password);
user.setPassword(encryptedPassword);
userRepository.save(user);
log.debug("Changed password for User: {}", user);
}
@Transactional(readOnly = true)
public User getUserWithAuthorities() {
User currentUser = userRepository.findOne(SecurityUtils.getCurrentLogin());
currentUser.getAuthorities().size(); // eagerly load the association
return currentUser;
}
public User getUser(String username) {
return userRepository.findOne(username);
}
/**
* Persistent Token are used for providing automatic authentication, they should be automatically deleted after
* 30 days.
* <p/>
* <p>
* This is scheduled to get fired everyday, at midnight.
* </p>
*/
@Scheduled(cron = "0 0 0 * * ?")
public void removeOldPersistentTokens() {
LocalDate now = new LocalDate();
List<PersistentToken> tokens = persistentTokenRepository.findByTokenDateBefore(now.minusMonths(1));
for (PersistentToken token : tokens) {
log.debug("Deleting token {}", token.getSeries());
User user = token.getUser();
user.getPersistentTokens().remove(token);
persistentTokenRepository.delete(token);
}
}
/**
* Not activated users should be automatically deleted after 3 days.
* <p/>
* <p>
* This is scheduled to get fired everyday, at 01:00 (am).
* </p>
*/
@Scheduled(cron = "0 0 1 * * ?")
public void removeNotActivatedUsers() {
DateTime now = new DateTime();
List<User> users = userRepository.findNotActivatedUsersByCreationDateBefore(now.minusDays(3));
for (User user : users) {
log.debug("Deleting not activated user {}", user.getLogin());
userRepository.delete(user);
}
}
}