/**
    * Copyright 2005-2006 the original author or authors.
    *
    * Licensed under the Gnu General Pubic License, Version 2.0 (the
    * "License"); you may not use this file except in compliance with
    * the License. You may obtain a copy of the License at
    *
    *      http://www.opensource.org/licenses/gpl-license.php
    *
   * This program is distributed in the hope that it will be useful,
   * but WITHOUT ANY WARRANTY; without even the implied warranty of
   * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
   * See the Gnu General Public License for more details.
   */
  package org.figure8.join.businessfacades.security;
  
  import org.figure8.join.core.DuplicateEntityException;
  import org.figure8.join.businessobjects.security.User;
  import org.figure8.join.businessobjects.security.persistence.UserDao;
  import org.figure8.join.services.security.PasswordEncoder;
  import org.figure8.join.services.security.InvalidLoginException;
  import org.figure8.join.view.UserView;
  import org.figure8.join.util.LogUtil;
  
  import org.apache.commons.logging.Log;
  
  import java.util.List;
  /**
   * Default implementation of <code>UserManager</code>.
   * @author <a href="mailto:laurent.broudoux@free.fr">Laurent Broudoux</a>
   * @version $Revision: 1.2 $
   */
  public class DefaultUserManager implements UserManager{
  
     // Static -------------------------------------------------------------------
  
     /** Get a commons logger. */
     private static Log log = LogUtil.getLog(DefaultUserManager.class);
  
  
     // Attributes ---------------------------------------------------------------
  
     /** User data access object */
     protected UserDao dao = null;
     /** Password encryption and check helper object */
     protected PasswordEncoder passwordEncoder = null;
     /** Permission manager for retrieving security rghts */
     protected PermissionManager permissionManager = null;
  
  
     // Constructors -------------------------------------------------------------
  
     /** Creates a new instance of DefaultUserManager */
     public DefaultUserManager(){
     }
  
  
     // Public -------------------------------------------------------------------
  
     /** @param dao A User data access object */
     public void setUserDao(UserDao dao){
        this.dao = dao;
     }
  
  
     // Implementation of UserManager --------------------------------------------
  
     /**
      * The setPasswordEncoder() method must be called during the implementation
      * initialization phase. It must allowed the registration of a PasswordEncoder
      * for the deployed Join application.
      * @param encoder Implementation of PaswordEncoder to check and encode users password
      */
     public void setPasswordEncoder(PasswordEncoder encoder){
        this.passwordEncoder = encoder;
     }
  
     /**
      * The setPermissionManager() method must be called during the implementation
      * initilization phase. It must allowed the registration of a PermissionManager
      * useful for retrieving security permissions acquired by a user.
      * @param manager Implementation of PermissionManager to retrieve security rights
      */
     public void setPermissionManager(PermissionManager manager){
        this.permissionManager = manager;
     }
  
     /**
      * The login method is called when a user wishes to login to the Join application.
      * This method <code>should</code> use the PasswordEncoder validatePassword() method for
      * user's credential validation.
      * @param userId The user identifier.
      * @param userCredential The user credential.
      * @return A ValueHolder object representing the user's view (data + permissions).
      * @throws InvalidLoginException if the credentials are invalid.
      */
     public UserView login(String userId, String userCredential) throws InvalidLoginException{
        if (log.isInfoEnabled())
           log.info("Trying to login user with id: " + userId);
 
       // Retrieve user corresponding to identifier.
       User foundUser = dao.getUser(userId);
       if (foundUser != null){
          // Check its credential using the password encoder.
          if (passwordEncoder.validatePassword(userId, userCredential, foundUser.getPassword())){
             // Build a view corresponding to user and containing its permissions.
             List permissions = permissionManager.getUserPermissions(foundUser);
             UserView view = new UserView(foundUser, permissions);
             return view;
          }
          else{
             // Throw an InvalidLoginException.
             log.warn("Credential conflict for user with id:" + userId);
             throw new InvalidLoginException("Credential conflict");
          }
       }
       else{
          // Throw an InvalidLoginException.
          log.warn("Unkown user trying to loggin with id: " + userId);
          throw new InvalidLoginException("Unknow user");
       }
    }
 
    /**
     * Save or update a given <b>user</b> into datastore.<br/>
     * Warning: this method should be used when first creating a user or
     * when updating a user. In this 2 use-cases, password validation is required
     * so password should be in clear text within the User object.
     * @param user User object to save within datastore
     * @throws org.figure8.join.core.DuplicateEntityException if a user with this login already exists.
     */
    public void saveUser(User user) throws DuplicateEntityException{
       if (log.isDebugEnabled())
          log.debug("Saving user with login: " + user.getLogin());
       // Encode password before saving user.
       String encodedPwd = passwordEncoder.encodePassword(user.getLogin(), user.getPassword(), null);
       user.setPassword(encodedPwd);
       
       // If creation, check user with same login.
       if (user.isTransient()){
          User other = dao.getUser(user.getLogin());
          if (other != null){
             log.error("A User with same login already exists: " + other.getLogin());
             throw new DuplicateEntityException("A User with same login already exists", other);
          }
          log.info("Creating a new user with login: " + user.getLogin() + ". Welcome !");
       }
       // Save it to datastore.
       dao.save(user);
    }
 
    /**
     * Retrieves a specific User using its login identifier
     * @param login The user to retrieve unique login
     * @return The user having this specified login
     */
    public User getUser(String login){
       if (log.isDebugEnabled())
          log.debug("Retrieving user with login: " + login);
       return dao.getUser(login);
    }
 
    /**
     * The getUsers method must be used when you want to list all users.
     * @return List of <code>org.figure8.join.businessobjects.security.User</code>.
     */
    public List getUsers(){
       // Call findAll() on dao.
       List result = dao.findAll();
       if (log.isDebugEnabled())
          log.debug("Found " + result.size() + " users");
       return result;
    }
 
    /**
     * The getUsers method must be used when you want to list users using lastname
     * criterion. Users have their lastname "LIKE" given arguments.
     * @param lastname String to use as criterion for user's lastname
     * @return List of <code>org.figure8.join.businessobjects.security.User</code>.
     */
    public List getUsers(String lastname){
       // Call findAll() if no lastname is specified.
       List result = null;
       if (lastname == null || lastname.trim().length() == 0)
          result = dao.findAllSorted("lastname");
       else
          result = dao.getUsersWithLastnameLike(lastname);
       if (log.isDebugEnabled())
          log.debug("Found " + result.size() + " users with lastname like '" + lastname + "'");
       return result;
    }
 }