package org.opendaylight.controller.usermanager.internal;
import java.io.Serializable;
+import java.util.regex.Matcher;
+import java.util.regex.Pattern;
import org.apache.commons.lang3.builder.EqualsBuilder;
import org.apache.commons.lang3.builder.HashCodeBuilder;
import org.opendaylight.controller.sal.authorization.AuthResultEnum;
+import org.opendaylight.controller.sal.utils.Status;
+import org.opendaylight.controller.sal.utils.StatusCode;
import org.opendaylight.controller.usermanager.AuthResponse;
/**
- * Configuration Java Object which represents a Local AAA user
- * configuration information for User Manager.
+ * Configuration Java Object which represents a Local AAA user configuration
+ * information for User Manager.
*/
public class UserConfig implements Serializable {
- private static final long serialVersionUID = 1L;
+ private static final long serialVersionUID = 1L;
- /*
- * Clear text password as we are moving to some MD5 digest
- * for when saving configurations
- */
- protected String user;
- protected String role;
- private String password;
+ /*
+ * Clear text password as we are moving to some MD5 digest for when saving
+ * configurations
+ */
+ protected String user;
+ protected String role;
+ private String password;
+ private static final int USERNAME_MAXLENGTH = 32;
+ private static final int PASSWORD_MINLENGTH = 5;
+ private static final int PASSWORD_MAXLENGTH = 256;
+ private static final Pattern INVALID_USERNAME_CHARACTERS = Pattern
+ .compile("([/\\s\\.\\?#%;\\\\]+)");
- public UserConfig() {
- }
+ public UserConfig() {
+ }
- public UserConfig(String user, String password, String role) {
- this.user = user;
- this.password = password;
- this.role = role;
- }
+ public UserConfig(String user, String password, String role) {
+ this.user = user;
+ this.password = password;
+ this.role = role;
+ }
- public String getUser() {
- return user;
- }
+ public String getUser() {
+ return user;
+ }
- public String getPassword() {
- return password;
- }
+ public String getPassword() {
+ return password;
+ }
- public String getRole() {
- return role;
- }
+ public String getRole() {
+ return role;
+ }
@Override
public int hashCode() {
public boolean equals(Object obj) {
return EqualsBuilder.reflectionEquals(this, obj);
}
-
+
@Override
public String toString() {
- return "UserConfig[user="+ user + ", password=" + password + "]";
+ return "UserConfig[user=" + user + ", password=" + password + "]";
+ }
+
+ public Status validate() {
+ Status validCheck = new Status(StatusCode.SUCCESS, null);
+ validCheck = isRoleValid();
+
+ if (validCheck.isSuccess())
+ validCheck = isUsernameValid();
+ if (validCheck.isSuccess())
+ validCheck = isPasswordValid();
+
+ return validCheck;
+ }
+
+ protected Status isUsernameValid() {
+ if (user == null || user.isEmpty()) {
+ return new Status(StatusCode.BADREQUEST, "Username cannot be empty");
+ }
+
+ Matcher mUser = UserConfig.INVALID_USERNAME_CHARACTERS.matcher(user);
+ if (user.length() > UserConfig.USERNAME_MAXLENGTH
+ || mUser.find() == true) {
+ return new Status(StatusCode.BADREQUEST,
+ "Username can have 1-32 non-whitespace "
+ + "alphanumeric characters and any special "
+ + "characters except ./#%;?\\");
+ }
+
+ return new Status(StatusCode.SUCCESS, null);
+ }
+
+ private Status isPasswordValid() {
+ if (password == null || password.isEmpty()) {
+ return new Status(StatusCode.BADREQUEST, "Password cannot be empty");
+ }
+
+ if (password.length() < UserConfig.PASSWORD_MINLENGTH
+ || password.length() > UserConfig.PASSWORD_MAXLENGTH) {
+ return new Status(StatusCode.BADREQUEST,
+ "Password should have 5-256 characters");
+ }
+ return new Status(StatusCode.SUCCESS, null);
}
- public boolean isValid() {
- return (user != null && !user.isEmpty() && role != null
- && !role.isEmpty() && password != null && !password.isEmpty());
- }
-
- public boolean update(String currentPassword, String newPassword,
- String newRole) {
- // To make any changes to a user configured profile, current password
- // must always be provided
- if (!this.password.equals(currentPassword)) {
- return false;
- }
- if (newPassword != null) {
- this.password = newPassword;
- }
- if (newRole != null) {
- this.role = newRole;
- }
- return true;
- }
-
- public AuthResponse authenticate(String clearTextPass) {
- AuthResponse locResponse = new AuthResponse();
- if (password.equals(clearTextPass)) {
- locResponse.setStatus(AuthResultEnum.AUTH_ACCEPT_LOC);
- locResponse.addData(role.replace(",", " "));
- } else {
- locResponse.setStatus(AuthResultEnum.AUTH_REJECT_LOC);
- }
- return locResponse;
- }
+ protected Status isRoleValid() {
+ if (role == null || role.isEmpty()) {
+ return new Status(StatusCode.BADREQUEST,
+ "Role name cannot be empty");
+ }
+ return new Status(StatusCode.SUCCESS, null);
+ }
+
+ public boolean update(String currentPassword, String newPassword,
+ String newRole) {
+ // To make any changes to a user configured profile, current password
+ // must always be provided
+ if (!this.password.equals(currentPassword)) {
+ return false;
+ }
+ if (newPassword != null) {
+ this.password = newPassword;
+ }
+ if (newRole != null) {
+ this.role = newRole;
+ }
+ return true;
+ }
+
+ public AuthResponse authenticate(String clearTextPass) {
+ AuthResponse locResponse = new AuthResponse();
+ if (password.equals(clearTextPass)) {
+ locResponse.setStatus(AuthResultEnum.AUTH_ACCEPT_LOC);
+ locResponse.addData(role.replace(",", " "));
+ } else {
+ locResponse.setStatus(AuthResultEnum.AUTH_REJECT_LOC);
+ }
+ return locResponse;
+ }
}