UserManager.java

/*
 * The CroudTrip! application aims at revolutionizing the car-ride-sharing market with its easy,
 * user-friendly and highly automated way of organizing shared Trips. Copyright (C) 2015  Nazeeh Ammari,
 *  Philipp Eichhorn, Ricarda Hohn, Vanessa Lange, Alexander Popp, Frederik Simon, Michael Weber
 * This program is free software: you can redistribute it and/or modify  it under the terms of the GNU
 *  Affero General Public License as published by the Free Software Foundation, either version 3 of the
 *   License, or (at your option) any later version.
 *  This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without
 *  even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 *   GNU Affero General Public License for more details.
 *  You should have received a copy of the GNU Affero General Public License along with this program.
 *    If not, see http://www.gnu.org/licenses/.
 */

package org.croudtrip.account;


import com.google.common.base.Optional;

import org.croudtrip.api.account.User;
import org.croudtrip.api.account.UserDescription;
import org.croudtrip.auth.BasicAuthenticationUtils;
import org.croudtrip.auth.BasicCredentials;
import org.croudtrip.db.BasicCredentialsDAO;
import org.croudtrip.db.UserDAO;
import org.croudtrip.utils.Assert;

import java.util.List;

import javax.inject.Inject;
import javax.inject.Singleton;

/**
 * Creates, stores and finds registered users.
 */
@Singleton
public class UserManager {

	private final UserDAO userDAO;

	// basic authentication
	private final BasicCredentialsDAO credentialsDAO;
	private final BasicAuthenticationUtils authenticationUtils;

	@Inject
	UserManager(UserDAO userDAO, BasicCredentialsDAO credentialsDAO, BasicAuthenticationUtils authenticationUtils) {
		this.userDAO = userDAO;
		this.credentialsDAO = credentialsDAO;
		this.authenticationUtils = authenticationUtils;
	}


	public User addUser(UserDescription userDescription) {
		//  email, first name, last name and password cannot be null
		Assert.assertNotNull(userDescription.getEmail(), userDescription.getFirstName(), userDescription.getLastName(), userDescription.getPassword());
		// email must be unique
		Assert.assertFalse(
				findUserByEmail(userDescription.getEmail()).isPresent(),
				"user with email " + userDescription.getEmail() + " already registered");

		// store new user
		long lastModified = System.currentTimeMillis() / 1000;
		User user = new User(0, userDescription.getEmail(), userDescription.getFirstName(), userDescription.getLastName(), null, null, null, null, null, lastModified);
		userDAO.save(user);

		// store credentials
		byte[] salt = authenticationUtils.generateSalt();
		byte[] encryptedPassword = authenticationUtils.getEncryptedPassword(userDescription.getPassword(), salt);
		BasicCredentials credentials = new BasicCredentials(0, user, encryptedPassword, salt);
		credentialsDAO.save(credentials);

		return user;
	}


	public User updateUser(User user, UserDescription userDescription) {
		// email must be unique
		Optional<User> oldUser = findUserByEmail(userDescription.getEmail());
		Assert.assertFalse(oldUser.isPresent() && oldUser.get().getId() != user.getId(),
				"user with email " + userDescription.getEmail() + " already registered");

		// update user
		User updatedUser = new User(user.getId(),
				getNonNull(userDescription.getEmail(), user.getEmail()),
				getNonNull(userDescription.getFirstName(), user.getFirstName()),
				getNonNull(userDescription.getLastName(), user.getLastName()),
				getNonNull(userDescription.getPhoneNumber(), user.getPhoneNumber()),
				getNonNull(userDescription.getIsMale(), user.getIsMale()),
				getNonNull(userDescription.getBirthday(), user.getBirthday()),
				getNonNull(userDescription.getAddress(), user.getAddress()),
				getNonNull(userDescription.getAvatarUrl(), user.getAvatarUrl()),
				System.currentTimeMillis() / 1000);
		userDAO.update(updatedUser);

		// update password
		if (userDescription.getPassword() != null) {
			byte[] salt = authenticationUtils.generateSalt();
			byte[] encryptedPassword = authenticationUtils.getEncryptedPassword(userDescription.getPassword(), salt);
			BasicCredentials credentials = credentialsDAO.findByUserId(user.getId()).get();
			BasicCredentials updatedCredentials = new BasicCredentials(credentials.getId(), updatedUser, encryptedPassword, salt);
			credentialsDAO.update(updatedCredentials);
		}

		return updatedUser;
	}


	public Optional<User> findUserById(long userId) {
		return userDAO.findById(userId);
	}


	public List<User> findAllUsers() {
		return userDAO.findAll();
	}


	public Optional<User> findUserByEmail(String email) {
		return userDAO.findByEmail(email);
	}


	public void deleteUser(User user) {
		credentialsDAO.delete(credentialsDAO.findByUserId(user.getId()).get());
		userDAO.delete(user);
	}


	public Optional<BasicCredentials> findCredentialsByUserId(long userId) {
		return credentialsDAO.findByUserId(userId);
	}


	private <T> T getNonNull(T value, T defaultValue) {
		if (value == null) return defaultValue;
		return value;
	}

}