package c.v.swms.server.service.security.pojo;
import java.util.Date;
import java.util.List;
import java.util.Locale;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import org.apache.commons.codec.digest.DigestUtils;
import org.apache.commons.lang.StringUtils;
import c.v.swms.server.model.base.pass.PasswordRule;
import c.v.swms.server.utils.DateUtil;
import c.v.swms.server.web.filter.WarehouseHolder;
import c.v.thorn.server.exception.BusinessException;
import c.v.thorn.server.model.security.User;
import c.v.thorn.server.service.security.pojo.DefaultUserManager;
import c.v.thorn.server.util.LocalizedMessage;
import c.v.thorn.server.web.security.UserHolder;
public class DefaultSwmsUserManager extends DefaultUserManager {
//密码策略返回消息
public String message;
public void saveUser(User user, Locale locale) {
if (this.retrieve(user.getLoginName()) != null && user.isNew()) {
throw new BusinessException("user.already.exsits",
new String[] { user.getLoginName() });
}
PasswordRule rule = getPasswordRule();
User dbuser;
if (user.isNew()) {
dbuser = user;
dbuser.setEnabled(true);
dbuser.setLocked(false);
} else {
dbuser = load(User.class, user.getId());
}
if (user.getFirstPage() != null &&
user.getFirstPage().getId() != null) {
dbuser.setFirstPage(user.getFirstPage());
} else {
dbuser.setFirstPage(null);
}
//密码规则校验
verifyPassByRule(dbuser, rule, user.getPassword());
dbuser.setPassword(
DigestUtils.shaHex(user.getPassword()));
dbuser.setStrExtend1(user.getStrExtend1());
dbuser.setStrExtend2(user.getStrExtend2());
dbuser.setStrExtend3(user.getStrExtend3());
dbuser.setStrExtend4(user.getStrExtend4());
dbuser.setLocale(locale);
dbuser.setExpiryDate(user.getExpiryDate());
dbuser.setEmail(user.getEmail());
dbuser.setLoginName(user.getLoginName());
dbuser.setName(user.getName());
dbuser.setReferenceModel(
user.getReferenceModel()==null?WarehouseHolder.getWarehouse().
getReferenceModel():user.getReferenceModel());
this.commonDao.store(dbuser);
}
/**
* 用户修改密码
*/
public void modifyPassword(String oldPassword,
String newPassword, String confirmPassword) {
User user = commonDao.load(User.class,
UserHolder.getUser().getId());
PasswordRule rule = getPasswordRule();
//新密码一致性验证
if(!(newPassword.trim()).equals(confirmPassword.trim())){
throw new BusinessException("newPassword.notsame");
}
//原密码验证
String oldPass = DigestUtils.shaHex(oldPassword);
if (!oldPass.equals(user.getPassword())) {
throw new BusinessException("password.notCorrect");
}
verifyPassByRule(user, rule, newPassword);
String newPass = DigestUtils.shaHex(newPassword);
user.setPassword(newPass);
commonDao.store(user);
LocalizedMessage.addMessage("password.Change.success");
}
private void verifyPassByRule(User user, PasswordRule rule,
String newPassword) {
if (rule == null) {
return;
}
//新密码规则验证
if (this.isPass(rule, newPassword, user) == false) {
throw new BusinessException(message);
}
//当不区分大小写时把修改的密码转换成小写的存到数据库
if(!rule.getCaseSensitive()){
newPassword = newPassword.toLowerCase();
}
String newPass = DigestUtils.shaHex(newPassword);
user.setPassword(newPass);
//当密码重复周期为0时把用户的历史密码清空
if(rule.getRepeatCycle() == 0){
user.setStrExtend5("");
} else {
//新密码重复性验证
if (!StringUtils.isEmpty(user.getStrExtend5())
&& user.getStrExtend5().indexOf(newPass) >= 0) {
throw new BusinessException("password.history.dupicate");
}
//将新密码加入历史密码组,
//如果历史密码超过重复周期,去掉前面的历史密码
user.setStrExtend5(user.getStrExtend5() + newPass + ",");
int times = StringUtils.countMatches(user.getStrExtend5(), ",");
while (times > rule.getRepeatCycle()) {
user.setStrExtend5(StringUtils.substring(user.getStrExtend5(),
user.getStrExtend5().indexOf(",")+1));
times = StringUtils.countMatches(user.getStrExtend5(), ",");
}
}
//当策略的密码有效期为0时,则修改用户的有效期为null即永不过期
if(rule.getPeriod() == 0){
user.setPasswordExpiryDate(null);
} else {
user.setPasswordExpiryDate(
DateUtil.addDayToDate(new Date(), rule.getPeriod()));
}
}
@SuppressWarnings("unchecked")
private PasswordRule getPasswordRule() {
PasswordRule pass=null;
List<PasswordRule> rules = commonDao.findByQuery(
"from PasswordRule pr where pr.isDisable = false");
if (rules == null || rules.size() < 1) {
return null;
}
pass = rules.get(0);
return pass;
}
/**
* 密码策略判断
* @param password
* @param user
* @return
*/
private boolean isPass(PasswordRule pass,
String password, User user) {
if (pass == null) {
return true;
}
//长度不足
if (pass.getPwdLength() > password.length()) {
message = "connot.length.shot";
return false;
}
//无特殊符号
if (pass.getNeedSymbol()) {
Pattern p = Pattern.compile("(.*[^a-zA-z0-9].*)");
Matcher m = p.matcher(password);
if (!m.matches()) {
message = "connot.needSymbol";
return false;
}
}
//无字母
if(pass.getNeedLetter()) {
Pattern p = Pattern.compile("(.*[a-zA-z].*)");
Matcher m = p.matcher(password);
if (!m.matches()) {
message = "connot.needLetter";
return false;
}
}
//无数字
if (pass.getNeedNumber()) {
Pattern p = Pattern.compile("(.*[0-9].*)");
Matcher m = p.matcher(password);
if (!m.matches()) {
message = "connot.needNumber";
return false;
}
}
return true;
}
private String shaEncodePassword(String painPwd) {
painPwd = painPwd == null ? "" : painPwd;
if (painPwd.length() == 40) {
return painPwd;
}
return DigestUtils.shaHex(painPwd);
}
}