PageRenderTime 57ms CodeModel.GetById 27ms RepoModel.GetById 0ms app.codeStats 1ms

/projects/compiere-330/base/src/org/compiere/model/MLdapProcessor.java

https://gitlab.com/essere.lab.public/qualitas.class-corpus
Java | 718 lines | 523 code | 43 blank | 152 comment | 95 complexity | 0869054f336e83c7c58a099012da2590 MD5 | raw file
  1. /******************************************************************************
  2. * Product: Compiere ERP & CRM Smart Business Solution *
  3. * Copyright (C) 1999-2007 ComPiere, Inc. All Rights Reserved. *
  4. * This program is free software, you can redistribute it and/or modify it *
  5. * under the terms version 2 of the GNU General Public License as published *
  6. * by the Free Software Foundation. This program is distributed in the hope *
  7. * that it will be useful, but WITHOUT ANY WARRANTY, without even the implied *
  8. * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. *
  9. * See the GNU General Public License for more details. *
  10. * You should have received a copy of the GNU General Public License along *
  11. * with this program, if not, write to the Free Software Foundation, Inc., *
  12. * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA. *
  13. * For the text or an alternative of this public license, you may reach us *
  14. * ComPiere, Inc., 3600 Bridge Parkway #102, Redwood City, CA 94065, USA *
  15. * or via info@compiere.org or http://www.compiere.org/license.html *
  16. *****************************************************************************/
  17. package org.compiere.model;
  18. import java.sql.*;
  19. import java.util.*;
  20. import java.util.logging.*;
  21. import org.compiere.util.*;
  22. /**
  23. * LDAP Server Model
  24. *
  25. * @author Jorg Janke
  26. * @version $Id$
  27. */
  28. public class MLdapProcessor extends X_AD_LdapProcessor implements CompiereProcessor
  29. {
  30. /**
  31. *
  32. */
  33. private static final long serialVersionUID = 1L;
  34. /**
  35. * Get Active LDAP Server
  36. * @return array of Servers
  37. */
  38. public static MLdapProcessor[] getActive(Ctx ctx)
  39. {
  40. ArrayList<MLdapProcessor> list = new ArrayList<MLdapProcessor>();
  41. String sql = "SELECT * FROM AD_LdapProcessor WHERE IsActive='Y'";
  42. PreparedStatement pstmt = null;
  43. try
  44. {
  45. pstmt = DB.prepareStatement(sql, (Trx) null);
  46. ResultSet rs = pstmt.executeQuery ();
  47. while (rs.next ())
  48. list.add (new MLdapProcessor (ctx, rs, null));
  49. rs.close ();
  50. pstmt.close ();
  51. pstmt = null;
  52. }
  53. catch (Exception e)
  54. {
  55. s_log.log (Level.SEVERE, sql, e);
  56. }
  57. try
  58. {
  59. if (pstmt != null)
  60. pstmt.close ();
  61. pstmt = null;
  62. }
  63. catch (Exception e)
  64. {
  65. pstmt = null;
  66. }
  67. MLdapProcessor[] retValue = new MLdapProcessor[list.size()];
  68. list.toArray(retValue);
  69. return retValue;
  70. } // getActive
  71. /** Logger */
  72. private static CLogger s_log = CLogger.getCLogger (MLdapProcessor.class);
  73. /**************************************************************************
  74. * Ldap Processor
  75. * @param ctx context
  76. * @param AD_LdapProcessor_ID id
  77. * @param trx transaction
  78. */
  79. public MLdapProcessor(Ctx ctx, int AD_LdapProcessor_ID, Trx trx)
  80. {
  81. super (ctx, AD_LdapProcessor_ID, trx);
  82. } // MLdapProcessor
  83. /**
  84. * Ldap Processor
  85. * @param ctx context
  86. * @param rs result set
  87. * @param trx transaction
  88. */
  89. public MLdapProcessor(Ctx ctx, ResultSet rs, Trx trx)
  90. {
  91. super (ctx, rs, trx);
  92. } // MLdapProcessor
  93. /** Array of Clients */
  94. private MClient[] m_clients = null;
  95. /** Array of Interest Areas */
  96. private MInterestArea[] m_interests = null;
  97. private int m_auth = 0;
  98. private int m_ok = 0;
  99. private int m_error = 0;
  100. /**
  101. * Get Server ID
  102. * @return id
  103. */
  104. public String getServerID ()
  105. {
  106. return "Ldap" + get_ID();
  107. } // getServerID
  108. /**
  109. * Get Info
  110. * @return info
  111. */
  112. public String getInfo()
  113. {
  114. return "Auth=" + m_auth
  115. + ", OK=" + m_ok + ", Error=" + m_error;
  116. } // getInfo
  117. /**
  118. * Get Date Next Run
  119. * @param requery requery
  120. * @return date next run
  121. */
  122. public Timestamp getDateNextRun (boolean requery)
  123. {
  124. if (requery)
  125. load(get_Trx());
  126. return getDateNextRun();
  127. } // getDateNextRun
  128. /**
  129. * Get Logs
  130. * @return logs
  131. */
  132. public CompiereProcessorLog[] getLogs ()
  133. {
  134. ArrayList<MLdapProcessorLog> list = new ArrayList<MLdapProcessorLog>();
  135. String sql = "SELECT * "
  136. + "FROM AD_LdapProcessorLog "
  137. + "WHERE AD_LdapProcessor_ID=? "
  138. + "ORDER BY Created DESC";
  139. PreparedStatement pstmt = null;
  140. try
  141. {
  142. pstmt = DB.prepareStatement (sql, get_Trx());
  143. pstmt.setInt (1, getAD_LdapProcessor_ID());
  144. ResultSet rs = pstmt.executeQuery ();
  145. while (rs.next ())
  146. list.add (new MLdapProcessorLog (getCtx(), rs, get_Trx()));
  147. rs.close ();
  148. pstmt.close ();
  149. pstmt = null;
  150. }
  151. catch (Exception e)
  152. {
  153. log.log(Level.SEVERE, sql, e);
  154. }
  155. try
  156. {
  157. if (pstmt != null)
  158. pstmt.close ();
  159. pstmt = null;
  160. }
  161. catch (Exception e)
  162. {
  163. pstmt = null;
  164. }
  165. MLdapProcessorLog[] retValue = new MLdapProcessorLog[list.size ()];
  166. list.toArray (retValue);
  167. return retValue;
  168. } // getLogs
  169. /**
  170. * Delete old Request Log
  171. * @return number of records
  172. */
  173. public int deleteLog()
  174. {
  175. if (getKeepLogDays() < 1)
  176. return 0;
  177. String sql = "DELETE FROM AD_LdapProcessorLog "
  178. + "WHERE AD_LdapProcessor_ID=" + getAD_LdapProcessor_ID()
  179. //jz + " AND (Created+" + getKeepLogDays() + ") < SysDate";
  180. + " AND addDays(Created," + getKeepLogDays() + ") < SysDate";
  181. int no = DB.executeUpdate(sql, get_Trx());
  182. return no;
  183. } // deleteLog
  184. /**
  185. * Get Frequency (n/a)
  186. * @return 1
  187. */
  188. public int getFrequency()
  189. {
  190. return 1;
  191. } // getFrequency
  192. /**
  193. * Get Frequency Type (n/a)
  194. * @return minute
  195. */
  196. public String getFrequencyType()
  197. {
  198. return X_R_RequestProcessor.FREQUENCYTYPE_Minute;
  199. } // getFrequencyType
  200. /**
  201. * Get AD_Schedule_ID
  202. * @return 0
  203. */
  204. public int getAD_Schedule_ID()
  205. {
  206. return 0;
  207. } // getAD_Schedule_ID
  208. /**
  209. * String Representation
  210. * @return info
  211. */
  212. @Override
  213. public String toString()
  214. {
  215. StringBuffer sb = new StringBuffer ("MLdapProcessor[");
  216. sb.append (get_ID()).append ("-").append (getName())
  217. .append (",Port=").append (getLdapPort())
  218. .append ("]");
  219. return sb.toString ();
  220. } // toString
  221. /**************************************************************************
  222. * Authenticate and Authorize
  223. * @param ldapUser MLdapUser object
  224. * @param usr user name
  225. * @param o organization = Client Name
  226. * @param ou optional organization unit = Interest Group Value
  227. * or Aa<M_Product_ID>aA = Active Asset of Product of user
  228. * @param remoteHost remote host name
  229. * @param remoteAddr remote host ip address
  230. * @return ldapUser MLdapUser with updated information
  231. */
  232. public MLdapUser authenticate (MLdapUser ldapUser, String usr, String o, String ou,
  233. String remoteHost, String remoteAddr)
  234. {
  235. // Ensure something to return
  236. if (ldapUser == null)
  237. ldapUser = new MLdapUser();
  238. String error = null;
  239. String info = null;
  240. // User
  241. if (usr == null || usr.trim().length () == 0)
  242. {
  243. error = "@NotFound@: User (empty)";
  244. ldapUser.setErrorString(error);
  245. m_error++;
  246. log.warning (error);
  247. return ldapUser;
  248. }
  249. usr = usr.trim();
  250. // Client
  251. if (o == null || o.length () == 0)
  252. {
  253. error = "@NotFound@: O (Tenant Key missing)";
  254. ldapUser.setErrorString(error);
  255. m_error++;
  256. log.warning (error);
  257. return ldapUser;
  258. }
  259. int AD_Client_ID = findClient(o);
  260. if (AD_Client_ID == 0)
  261. {
  262. error = "@NotFound@: O=" + o + " (Tenant Key)";
  263. ldapUser.setErrorString(error);
  264. m_error++;
  265. log.config (error);
  266. return ldapUser;
  267. }
  268. // Optional Interest Area or Asset
  269. int R_InterestArea_ID = 0;
  270. int M_Product_ID = 0; // Product of Asset
  271. if (ou != null && ou.length () > 0)
  272. {
  273. if (ou.startsWith("Aa") && ou.endsWith("aA"))
  274. {
  275. try
  276. {
  277. String s = ou.substring(2,ou.length()-2);
  278. M_Product_ID = Integer.parseInt(s);
  279. }
  280. catch (Exception e)
  281. {
  282. }
  283. }
  284. else
  285. R_InterestArea_ID = findInterestArea (AD_Client_ID, ou);
  286. if (R_InterestArea_ID == 0 && M_Product_ID == 0)
  287. {
  288. error = "@NotFound@ OU=" + ou;
  289. ldapUser.setErrorString(error);
  290. m_error++;
  291. log.config (error);
  292. return ldapUser;
  293. }
  294. }
  295. m_auth++;
  296. // Query 1 - Validate User
  297. int AD_User_ID = 0;
  298. String Value = null;
  299. String LdapUser = null;
  300. String EMail = null;
  301. String Name = null;
  302. String Password = null;
  303. boolean isActive = false;
  304. String EMailVerify = null; // is timestamp
  305. boolean isUnique = false;
  306. //
  307. String sql = "SELECT AD_User_ID, Value, LdapUser, EMail," // 1..4
  308. + " Name, Password, IsActive, EMailVerify "
  309. + "FROM AD_User "
  310. + "WHERE AD_Client_ID=? AND (EMail=? OR Value=? OR LdapUser=?)";
  311. PreparedStatement pstmt = null;
  312. try
  313. {
  314. pstmt = DB.prepareStatement(sql, (Trx) null);
  315. pstmt.setInt (1, AD_Client_ID);
  316. pstmt.setString (2, usr);
  317. pstmt.setString (3, usr);
  318. pstmt.setString (4, usr);
  319. ResultSet rs = pstmt.executeQuery ();
  320. if (rs.next())
  321. {
  322. AD_User_ID = rs.getInt (1);
  323. Value = rs.getString (2);
  324. LdapUser = rs.getString (3);
  325. EMail = rs.getString (4);
  326. //
  327. Name = rs.getString (5);
  328. Password = rs.getString (6);
  329. isActive = "Y".equals (rs.getString (7));
  330. EMailVerify = rs.getString (8);
  331. isUnique = rs.next();
  332. }
  333. rs.close ();
  334. pstmt.close ();
  335. pstmt = null;
  336. }
  337. catch (Exception e)
  338. {
  339. log.log (Level.SEVERE, sql, e);
  340. error = "System Error";
  341. }
  342. try
  343. {
  344. if (pstmt != null)
  345. pstmt.close ();
  346. pstmt = null;
  347. }
  348. catch (Exception e)
  349. {
  350. pstmt = null;
  351. }
  352. if (error != null)
  353. {
  354. m_error++;
  355. ldapUser.setErrorString(error);
  356. return ldapUser;
  357. }
  358. //
  359. if (AD_User_ID == 0)
  360. {
  361. error = "@NotFound@ User=" + usr;
  362. info = "User not found - " + usr;
  363. }
  364. else if (!isActive)
  365. {
  366. error = "@NotFound@ User=" + usr;
  367. info = "User not active - " + usr;
  368. }
  369. else if (EMailVerify == null)
  370. {
  371. error = "@UserNotVerified@ User=" + usr;
  372. info = "User EMail not verified - " + usr;
  373. }
  374. else if (usr.equalsIgnoreCase(LdapUser))
  375. info = "User verified - Ldap=" + usr
  376. + (isUnique ? "" : " - Not Unique");
  377. else if (usr.equalsIgnoreCase(Value))
  378. info = "User verified - Value=" + usr
  379. + (isUnique ? "" : " - Not Unique");
  380. else if (usr.equalsIgnoreCase(EMail))
  381. info = "User verified - EMail=" + usr
  382. + (isUnique ? "" : " - Not Unique");
  383. else
  384. info = "User verified ?? " + usr
  385. + " - Name=" + Name
  386. + ", Ldap=" + LdapUser + ", Value=" + Value
  387. + (isUnique ? "" : " - Not Unique");
  388. // Error
  389. if (error != null) // should use Language of the User
  390. {
  391. logAccess (AD_Client_ID, AD_User_ID, R_InterestArea_ID, 0, info, error,
  392. remoteHost, remoteAddr);
  393. ldapUser.setErrorString(Msg.translate (getCtx(), error));
  394. return ldapUser;
  395. }
  396. // User Info
  397. ldapUser.setOrg(o);
  398. ldapUser.setOrgUnit(ou);
  399. ldapUser.setUserId(usr);
  400. ldapUser.setPassword(Password);
  401. // Done
  402. if (R_InterestArea_ID == 0 && M_Product_ID == 0)
  403. {
  404. logAccess (AD_Client_ID, AD_User_ID, 0, 0, info, null,
  405. remoteHost, remoteAddr);
  406. return ldapUser;
  407. }
  408. if (M_Product_ID != 0)
  409. return authenticateAsset (ldapUser,
  410. AD_User_ID, usr, M_Product_ID,
  411. AD_Client_ID, remoteHost, remoteAddr);
  412. return authenticateSubscription(ldapUser,
  413. AD_User_ID, usr, R_InterestArea_ID,
  414. AD_Client_ID, remoteHost, remoteAddr);
  415. } // authenticate
  416. /**
  417. * Authenticate Subscription
  418. * @param ldapUser user
  419. * @param AD_User_ID user id
  420. * @param usr user authentification (email, ...)
  421. * @param R_InterestArea_ID interest area
  422. * @param AD_Client_ID client
  423. * @param remoteHost remote info
  424. * @param remoteAddr remote info
  425. * @return user with error message set if error
  426. */
  427. private MLdapUser authenticateSubscription(MLdapUser ldapUser,
  428. int AD_User_ID, String usr, int R_InterestArea_ID,
  429. int AD_Client_ID, String remoteHost, String remoteAddr)
  430. {
  431. String error = null;
  432. String info = null;
  433. // Query 2 - Validate Subscription
  434. String OptOutDate = null;
  435. boolean found = false;
  436. boolean isActive = false;
  437. String sql = "SELECT IsActive, OptOutDate "
  438. + "FROM R_ContactInterest "
  439. + "WHERE R_InterestArea_ID=? AND AD_User_ID=?";
  440. PreparedStatement pstmt = null;
  441. try
  442. {
  443. pstmt = DB.prepareStatement(sql, (Trx) null);
  444. pstmt.setInt (1, R_InterestArea_ID);
  445. pstmt.setInt (2, AD_User_ID);
  446. ResultSet rs = pstmt.executeQuery ();
  447. if (rs.next())
  448. {
  449. found = true;
  450. isActive = "Y".equals (rs.getString (1));
  451. OptOutDate = rs.getString (2);
  452. }
  453. rs.close ();
  454. pstmt.close ();
  455. pstmt = null;
  456. }
  457. catch (Exception e)
  458. {
  459. log.log (Level.SEVERE, sql, e);
  460. error = "System Error (2)";
  461. }
  462. try
  463. {
  464. if (pstmt != null)
  465. pstmt.close ();
  466. pstmt = null;
  467. }
  468. catch (Exception e)
  469. {
  470. pstmt = null;
  471. }
  472. // System Error
  473. if (error != null)
  474. {
  475. m_error++;
  476. ldapUser.setErrorString(error);
  477. return ldapUser;
  478. }
  479. if (!found)
  480. {
  481. error = "@UserNotSubscribed@ User=" + usr;
  482. info = "No User Interest - " + usr
  483. + " - R_InterestArea_ID=" + R_InterestArea_ID;
  484. }
  485. else if (OptOutDate != null)
  486. {
  487. error = "@UserNotSubscribed@ User=" + usr + " @OptOutDate@=" + OptOutDate;
  488. info = "Opted out - " + usr + " - OptOutDate=" + OptOutDate;
  489. }
  490. else if (!isActive)
  491. {
  492. error = "@UserNotSubscribed@ User=" + usr;
  493. info = "User Interest Not Active - " + usr;
  494. }
  495. else
  496. info = "User subscribed - " + usr;
  497. if (error != null) // should use Language of the User
  498. {
  499. logAccess (AD_Client_ID, AD_User_ID, R_InterestArea_ID, 0, info, error,
  500. remoteHost, remoteAddr);
  501. ldapUser.setErrorString(Msg.translate (getCtx(), error));
  502. return ldapUser;
  503. }
  504. // Done
  505. logAccess (AD_Client_ID, AD_User_ID, R_InterestArea_ID, 0, info, null,
  506. remoteHost, remoteAddr);
  507. return ldapUser;
  508. } // authenticateSubscription
  509. /**
  510. * Authenticate Product Asset
  511. * @param ldapUser user
  512. * @param AD_User_ID user id
  513. * @param usr user authentification (email, ...)
  514. * @param M_Product_ID product
  515. * @param AD_Client_ID client
  516. * @param remoteHost remote info
  517. * @param remoteAddr remote info
  518. * @return user with error message set if error
  519. */
  520. private MLdapUser authenticateAsset(MLdapUser ldapUser,
  521. int AD_User_ID, String usr, int M_Product_ID,
  522. int AD_Client_ID, String remoteHost, String remoteAddr)
  523. {
  524. String error = null;
  525. String info = null;
  526. // Query 2 - Validate Asset
  527. MAsset asset = null;
  528. String sql = "SELECT * "
  529. + "FROM A_Asset "
  530. + "WHERE M_Product_ID=?"
  531. + " AND AD_User_ID=?"; // only specific user
  532. // Will have problems with multiple assets
  533. PreparedStatement pstmt = null;
  534. try
  535. {
  536. pstmt = DB.prepareStatement(sql, (Trx) null);
  537. pstmt.setInt (1, M_Product_ID);
  538. pstmt.setInt (2, AD_User_ID);
  539. ResultSet rs = pstmt.executeQuery ();
  540. if (rs.next())
  541. {
  542. asset = new MAsset(getCtx(), rs, null);
  543. }
  544. rs.close ();
  545. pstmt.close ();
  546. pstmt = null;
  547. }
  548. catch (Exception e)
  549. {
  550. log.log (Level.SEVERE, sql, e);
  551. error = "System Error (3)";
  552. }
  553. try
  554. {
  555. if (pstmt != null)
  556. pstmt.close ();
  557. pstmt = null;
  558. }
  559. catch (Exception e)
  560. {
  561. pstmt = null;
  562. }
  563. // System Error
  564. if (error != null)
  565. {
  566. m_error++;
  567. ldapUser.setErrorString(error);
  568. return ldapUser;
  569. }
  570. int A_Asset_ID = 0;
  571. if (asset == null)
  572. {
  573. error = "@UserNoAsset@ User=" + usr;
  574. info = "No Asset - " + usr + " - " + M_Product_ID;
  575. }
  576. else if (!asset.isActive())
  577. {
  578. A_Asset_ID = asset.getA_Asset_ID();
  579. error = "@UserNoAsset@ User=" + usr;
  580. info = "Asset not active - " + usr;
  581. }
  582. else if (!asset.isActive(true))
  583. {
  584. A_Asset_ID = asset.getA_Asset_ID();
  585. error = "@UserNoAsset@ User=" + usr + " @GuaranteeDate@=" + asset.getGuaranteeDate();
  586. info = "Expired - " + usr + " - GuaranteeDate=" + asset.getGuaranteeDate();
  587. }
  588. else
  589. info = "Asset - " + usr;
  590. if (error != null) // should use Language of the User
  591. {
  592. logAccess (AD_Client_ID, AD_User_ID, 0, A_Asset_ID, info, error,
  593. remoteHost, remoteAddr);
  594. ldapUser.setErrorString(Msg.translate (getCtx(), error));
  595. return ldapUser;
  596. }
  597. // Done OK
  598. MLdapAccess log = logAccess (AD_Client_ID, AD_User_ID, 0, asset.getA_Asset_ID(), info, null,
  599. remoteHost, remoteAddr);
  600. MAssetDelivery ad = new MAssetDelivery(asset, null, log.toString(), AD_User_ID);
  601. ad.setRemote_Host(remoteHost);
  602. ad.setRemote_Addr(remoteAddr);
  603. ad.save();
  604. return ldapUser;
  605. } // authenticateAsset
  606. /**
  607. * Find Client
  608. * @param client client name
  609. * @return AD_Client_ID
  610. */
  611. private int findClient (String client)
  612. {
  613. if (m_clients == null)
  614. m_clients = MClient.getAll(getCtx());
  615. for (MClient element : m_clients) {
  616. if ((client.equalsIgnoreCase (element.getValue())))
  617. return element.getAD_Client_ID ();
  618. }
  619. return 0;
  620. } // findClient
  621. /**
  622. * Find Interest Area
  623. * @param interset Name client name
  624. * @return AD_Client_ID
  625. */
  626. private int findInterestArea (int AD_Client_ID, String interestArea)
  627. {
  628. if (m_interests == null)
  629. m_interests = MInterestArea.getAll(getCtx());
  630. for (MInterestArea element : m_interests) {
  631. if (AD_Client_ID == element.getAD_Client_ID()
  632. && interestArea.equalsIgnoreCase (element.getValue ()))
  633. return element.getR_InterestArea_ID();
  634. }
  635. return 0;
  636. } // findInterestArea
  637. /**
  638. * Log Access
  639. * @param AD_Client_ID client
  640. * @param AD_User_ID user
  641. * @param R_InterestArea_ID interest area
  642. * @param info info
  643. * @param error error
  644. */
  645. private MLdapAccess logAccess (int AD_Client_ID,
  646. int AD_User_ID, int R_InterestArea_ID, int A_Asset_ID,
  647. String info, String error,
  648. String remoteHost, String remoteAddr)
  649. {
  650. if (error != null)
  651. {
  652. log.log (Level.CONFIG, info);
  653. m_error++;
  654. }
  655. else
  656. {
  657. log.log (Level.INFO, info);
  658. m_ok++;
  659. }
  660. //
  661. MLdapAccess access = new MLdapAccess (getCtx(), 0, null);
  662. access.setAD_Client_ID (AD_Client_ID);
  663. access.setAD_Org_ID(0);
  664. access.setAD_LdapProcessor_ID(getAD_LdapProcessor_ID());
  665. access.setAD_User_ID (AD_User_ID);
  666. access.setR_InterestArea_ID (R_InterestArea_ID);
  667. access.setA_Asset_ID(A_Asset_ID);
  668. access.setRemote_Host(remoteHost);
  669. access.setRemote_Addr(remoteAddr);
  670. access.setIsError (error != null);
  671. access.setSummary (info);
  672. access.save();
  673. return access;
  674. } // logAccess
  675. } // MLdapProcessor