2,6 → 2,7 |
|
import java.util.Collection; |
import java.util.Collections; |
import java.util.HashSet; |
import java.util.Locale; |
import java.util.StringTokenizer; |
|
22,11 → 23,37 |
private Boolean superuser; |
private Locale locale = Locale.getDefault(); |
private Collection loginHistory; |
private User origin; // save original object state before any changes |
|
protected User() |
{ |
} |
|
protected User(User origin) |
{ |
super(origin); |
this.login = origin.login; |
this.password = origin.password; |
this.boss = origin.boss; |
this.superuser = origin.superuser; |
this.locale = origin.locale; |
if(origin.loginHistory == null) |
this.loginHistory = null; |
else |
this.loginHistory = new HashSet(origin.loginHistory); |
} |
|
protected User getOrigin() |
{ |
return origin; |
} |
|
protected void backupMe() |
{ |
if(origin == null) |
origin = new User(this); |
} |
|
/** |
* |
* @hibernate.property |
47,6 → 74,10 |
if(!editableBy(editor)) |
throw new ModelSecurityException(); |
|
// FIXME: domain owner is allowed to change user login |
// with some patern only, e.g. user@domain.com |
|
backupMe(); |
this.login = login; |
} |
|
73,6 → 104,7 |
if(password == null) |
throw new NullPointerException("Null password"); |
|
backupMe(); |
this.password = Digest.encode(password); |
} |
|
106,9 → 138,10 |
public void setBoss(User editor, User boss) |
throws ModelException |
{ |
if(!editableBy(editor)) |
if(!mayChangeBoss(editor)) |
throw new ModelSecurityException(); |
|
backupMe(); |
this.boss = boss; |
} |
|
137,6 → 170,7 |
if(!mayChangeSuperuser(editor)) |
throw new ModelSecurityException(); |
|
backupMe(); |
this.superuser = superuser; |
} |
|
174,6 → 208,7 |
if(!partEditableBy(editor)) |
throw new ModelSecurityException(); |
|
backupMe(); |
setLocaleName(localeName); |
} |
|
188,6 → 223,7 |
if(!partEditableBy(editor)) |
throw new ModelSecurityException(); |
|
backupMe(); |
this.locale = locale; |
} |
|
272,6 → 308,11 |
return user.isSuperuser() || user.equals(boss) || user.equals(this); |
} |
|
public boolean mayChangeBoss(User user) |
{ |
return user.isSuperuser(); |
} |
|
public boolean mayChangeSuperuser(User user) |
{ |
return user.isSuperuser() && !user.equals(this); |
285,7 → 326,9 |
protected static boolean allowedToCreate(UserManager manager, User editor) |
throws ModelException |
{ |
return editor.isSuperuser(); |
return editor.isSuperuser() |
|| InetDomainManager.getInstance().areInetDomainsAvailable(editor); |
// FIXME: or allow any user to create "subusers"? |
} |
|
protected static User createLimitedCopy(User origin) |
294,4 → 337,9 |
u.setLogin(origin.getLogin()); |
return u; |
} |
|
public String toString() |
{ |
return getClass().getName() + " [" + getId() + "] [" + getLogin() + "]"; |
} |
} |