1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
|
package org.openslx.imagemaster.db;
import java.util.List;
import org.apache.log4j.Logger;
import org.openslx.imagemaster.session.User;
import org.openslx.imagemaster.thrift.iface.UserInfo;
import org.openslx.imagemaster.util.Sha512Crypt;
/**
* Represents a user that can login against the masterserver.
*/
public class DbUser extends User
{
private static Logger log = Logger.getLogger( DbUser.class );
public DbUser( int userId, String login, String password, String organizationId,
String firstName, String lastName, String eMail,
String satelliteAddress )
{
super( userId, login, password, organizationId, firstName, lastName, eMail,
satelliteAddress );
}
/**
* Query database for user with given login
*
* @param login
* (user@organizationSuffix)
* @return instance of DbUser for matching entry from DB, or null if not
* found
*/
public static DbUser forLogin( final String login )
{
return MySQL
.findUniqueOrNull(
DbUser.class,
"SELECT user.userid, user.login, user.password, user.organizationid, user.firstname, user.lastname, user.email, satellite.address FROM user"
+ " LEFT JOIN satellite USING (organizationid)"
+ " WHERE user.login = ? LIMIT 1",
login );
}
/**
* Query database for user with given userId
*
* @param userid
* @return instance of DbUser for matching entry from DB, or null if not
* found
*/
public static DbUser forLogin( final int userid )
{
return MySQL
.findUniqueOrNull(
DbUser.class,
"SELECT user.userid, user.login, user.password, user.organizationid, user.firstname, user.lastname, user.email, satellite.address FROM user"
+ " LEFT JOIN satellite USING (organizationid)"
+ " WHERE user.userid = ? LIMIT 1",
userid );
}
public static boolean exists( final String login )
{
return forLogin( login ) != null;
}
public static DbUser forLogin( String login, String password )
{
DbUser user = forLogin( login );
if ( user == null || !Sha512Crypt.verifyPassword( password, user.password ) )
return null;
return user;
}
public static boolean insertOrUpdate( User user )
{
log.debug( "Inserted user '" + user.login + "' into db." );
MySQL.update(
"INSERT INTO user (login, password, organizationid, firstname, lastname, email) VALUES (?, ?, ?, ?, ?, ?) ON DUPLICATE KEY UPDATE password=VALUES(password), organizationid=VALUES(organizationid), firstname=VALUES(firstname), lastname=VALUES(lastname), email=VALUES(email)",
user.login, user.password, user.organizationId, user.firstName, user.lastName, user.eMail );
return false;
}
public static List<UserInfo> findUser( String organizationId, String searchTerm )
{
final String str = "%" + searchTerm + "%"; // TODO: Better handling, escape LIKE chars, or even make this use REGEXP
if ( organizationId == null )
return MySQL.findAll( UserInfo.class, "SELECT login, firstname, lastname, email, organizationid"
+ " FROM user"
+ " WHERE login LIKE ? OR firstname LIKE ? OR lastname LIKE ? OR email LIKE ?"
+ " LIMIT 100", str, str, str );
return MySQL.findAll( UserInfo.class, "SELECT login, firstname, lastname, email, organizationid"
+ " FROM user"
+ " WHERE organizationid = ? AND (login LIKE ? OR firstname LIKE ? OR lastname LIKE ? OR email LIKE ?)"
+ " LIMIT 100", organizationId, str, str, str );
}
}
|
