package art.servers.transactionsserver.model.access;
|
|
import art.library.interop.InteropParameter;
|
import art.library.interop.InteropParameters;
|
import art.library.interop.InteropResponse;
|
import art.library.interop.serialization.Serialization;
|
import art.library.interop.serialization.SerializationException;
|
import art.library.model.devices.DeviceAction;
|
import art.library.model.devices.DeviceActionResult;
|
import art.library.model.devices.DevicePersistenceAction;
|
import art.library.model.devices.user.User;
|
import art.library.model.devices.user.UserAlarmConfiguration;
|
import art.library.model.devices.user.UserIdentification;
|
import art.library.model.devices.user.UserInformation;
|
import art.library.model.devices.user.UserPermission;
|
import art.library.model.devices.user.UserPrivileges;
|
import art.library.model.devices.user.UserProperties;
|
import art.library.model.transactions.sessions.Session;
|
import art.library.model.transactions.sessions.SessionConfiguration;
|
import art.library.model.transactions.sessions.SessionIdentification;
|
import art.library.model.transactions.sessions.SessionWebProperties;
|
import art.library.utils.licence.Licence;
|
import art.servers.transactionsserver.Shared;
|
import java.util.ArrayList;
|
import java.util.Arrays;
|
import java.util.Iterator;
|
import java.util.List;
|
import java.util.logging.Level;
|
import java.util.logging.Logger;
|
|
public class ModelSessions
|
{
|
|
public ModelSessions() throws Exception
|
{
|
}
|
|
//<editor-fold defaultstate="collapsed" desc="Sessions">
|
/**
|
* @param parameters <code>InteropParameters</code>
|
* <p>name: "language" class: <code>String</code>
|
* <p>name: "identification" class: <code>SessionIdentification</code>
|
* <p>name: "lUserIdentification" class: <code>UserIdentification[]</code>
|
* @return <code>InteropResponse</code>
|
* <code>Session</code>
|
* @throws SerializationException
|
*/
|
public InteropResponse startSession(InteropParameters parameters) throws SerializationException
|
{
|
String language = (String)parameters.getParameterValue("language");
|
|
try
|
{
|
createRootUserIfExistsInParameters(parameters);
|
InteropResponse response = createSessionAndAddUsersIntoIt(parameters);
|
return response;
|
}
|
catch (SerializationException exception)
|
{
|
exception.printStackTrace();
|
String errorMessage = exception.getMessage();
|
|
if ((errorMessage.equals("invalid user")) || (errorMessage.equals("invalid password")))
|
{
|
throw new SerializationException(Shared.getMessage(language, "The provided user or password are not valid"));
|
}
|
else
|
{
|
throw new SerializationException(Shared.getMessage(language, exception.getMessage()));
|
}
|
}
|
catch (Exception exception)
|
{
|
exception.printStackTrace();
|
throw new SerializationException(Shared.getMessage(language, exception.getMessage()));
|
}
|
}
|
|
private void createRootUserIfExistsInParameters(InteropParameters parameters) throws Exception
|
{
|
UserIdentification[] luserIdentification = (UserIdentification[]) parameters.getBodyContentValue(UserIdentification[].class);
|
//IF EXIST ROOT IDENTIFICATION UPDATE ROOT USER
|
int indexRootIdentification = Arrays.binarySearch(luserIdentification, new UserIdentification("Administrator", Licence.encrypt("root"), ""),
|
(UserIdentification o1, UserIdentification o2) -> (o1.username.compareTo(o2.username)));
|
if (indexRootIdentification >= 0)
|
{
|
Shared.getModel().initializeRootUser();
|
}
|
}
|
|
private InteropResponse createSessionAndAddUsersIntoIt(InteropParameters parameters) throws SerializationException
|
{
|
Session session = new Session();
|
session.identification =(parameters.hasParameter("identification") == true) ? (SessionIdentification) parameters.getParameterValue("identification"): new SessionIdentification();
|
parameters.addParameter("session", session);
|
InteropResponse response = addUsersSession(parameters);
|
return response;
|
}
|
|
/**
|
* @param parameters <code>InteropParameters</code>
|
* <p>name: "language" class: <code>String</code>
|
* <p>name: "session" class: <code>Session</code>
|
* <p>name: "lUserIdentification" class: <code>UserIdentification[]</code>
|
* @return <code>InteropResponse</code>
|
* <code>Session</code>
|
* @throws SerializationException
|
*/
|
@SuppressWarnings("unchecked")
|
public InteropResponse addUsersSession(InteropParameters parameters) throws SerializationException
|
{
|
String language = (String)parameters.getParameterValue("language");
|
|
try
|
{
|
String computerAction = parameters.getParameterValue("computer");
|
Session session = (Session) parameters.getParameterValue("session");
|
UserIdentification[] luserIdentification = (UserIdentification[]) parameters.getBodyContentValue(UserIdentification[].class);
|
String usernameAction = luserIdentification[0].username;
|
boolean secureUser = (parameters.hasParameter("secureUser")) ? Boolean.valueOf((String) parameters.getParameterValue("secureUser")) : true;
|
|
session = checkSessionAndAddAllowedUsers(session, luserIdentification, secureUser, usernameAction, computerAction);
|
updateSessionConfiguration(session);
|
session.token = Long.toHexString(Double.doubleToLongBits(Math.random())) + Long.toHexString(Double.doubleToLongBits(Math.random()));
|
if (!secureUser)
|
{
|
for (UserIdentification userIdentification : session.identification.luser)
|
{
|
userIdentification.username = Licence.decrypt(userIdentification.username);
|
}
|
}
|
return new InteropResponse(session);
|
} catch (SerializationException e)
|
{
|
e.printStackTrace();
|
throw new SerializationException(e.getMessage());
|
} catch (Exception e)
|
{
|
e.printStackTrace();
|
throw new SerializationException(e.getMessage());
|
}
|
}
|
|
/**
|
* @param parameters <code>InteropParameters</code>
|
* <p>name: "language" class: <code>String</code>
|
* <p>name: "session" class: <code>Session</code>
|
* <p>name: "lusername" class: <code>String[]</code>
|
* @return <code>InteropResponse</code>
|
* <code>Session</code>
|
* @throws SerializationException
|
*/
|
@SuppressWarnings("unchecked")
|
public InteropResponse removeUsersSession(InteropParameters parameters) throws SerializationException
|
{
|
String language = (String)parameters.getParameterValue("language");
|
try
|
{
|
String usernameAction = parameters.getParameterValue("username");
|
String computerAction = parameters.getParameterValue("computer");
|
|
Session session = (Session) parameters.getParameterValue("session");
|
String bodyContent = (String) parameters.getParameterValue("body-content");
|
String[] lusername = (String[]) Serialization.deserialize(String[].class, bodyContent);
|
|
//REMOVE USERS
|
for (String username : lusername)
|
{
|
//CREATE AND SAVE ACCTION
|
User userAction = new User();
|
userAction.information = new UserInformation();
|
try
|
{
|
userAction.information.setIdentifier(Licence.decrypt(username));
|
} catch (Exception e)
|
{
|
userAction.information.setIdentifier(username);
|
}
|
|
Session sessionAction = new Session();
|
sessionAction.identification = session.identification;
|
sessionAction.token = session.token;
|
sessionAction.role = session.role;
|
|
DeviceAction action = new DeviceAction(userAction, parameters);
|
DeviceActionResult actionResult = new DeviceActionResult(DeviceActionResult.RESULT_CORRECT, Shared.getMessage("log out"));
|
action.setResult(actionResult);
|
Shared.model.addAction(action);
|
|
session.removeUserIdentification(username);
|
}
|
|
//UPDATE SESSION PERMISSIONS
|
updateSessionConfiguration(session);
|
|
return new InteropResponse(session);
|
} catch (SerializationException e)
|
{
|
throw new SerializationException(e.getMessage());
|
}
|
}
|
|
/**
|
* @param parameters <code>InteropParameters</code>
|
* <p>name: "language" class: <code>String</code>
|
* <p>name: "identification" class: <code>SessionIdentification</code>
|
* @return <code>InteropResponse</code>
|
* <code>Boolean</code>
|
* @throws SerializationException
|
*/
|
public InteropResponse endSession(InteropParameters parameters) throws SerializationException
|
{
|
String language = (String)parameters.getParameterValue("language");
|
SessionIdentification identification = (SessionIdentification)parameters.getParameterValue("identification");
|
String[] lusername;
|
//FOR ARTIC WEB
|
if (identification == null)
|
{
|
lusername = (String[]) Serialization.deserialize(String[].class, (String) parameters.getParameterValue("body-content"));
|
identification = new SessionIdentification();
|
} else
|
{
|
lusername = new String[identification.luser.size()];
|
for (int i = 0; i < lusername.length; i++)
|
{
|
try
|
{
|
lusername[i] = Licence.decrypt(identification.luser.get(i).username);
|
} catch (Exception ex)
|
{
|
lusername[i] = identification.luser.get(i).username;
|
Logger.getLogger(ModelSessions.class.getName()).log(Level.SEVERE, null, ex);
|
}
|
}
|
}
|
|
identification.timestampEnd = System.currentTimeMillis();
|
|
String usernameAction = parameters.getParameterValue("username")!=null?parameters.getParameterValue("username"):lusername[0];
|
String computerAction = parameters.getParameterValue("computer");
|
Session session = new Session();
|
for (String username : lusername)
|
{
|
//CREATE AND SAVE ACCTION
|
User userAction = new User();
|
userAction.information = new UserInformation();
|
try
|
{
|
userAction.information.setIdentifier(Licence.decrypt(username));
|
} catch (Exception e)
|
{
|
userAction.information.setIdentifier(username);
|
}
|
|
Session sessionAction = new Session();
|
sessionAction.identification = session.identification;
|
sessionAction.token = session.token;
|
sessionAction.role = session.role;
|
|
DeviceAction action = new DeviceAction(userAction, parameters);
|
DeviceActionResult actionResult = new DeviceActionResult(DeviceActionResult.RESULT_CORRECT, Shared.getMessage("log out"));
|
action.setResult(actionResult);
|
Shared.model.addAction(action);
|
}
|
|
return new InteropResponse(true);
|
}
|
|
public boolean updateSessionConfiguration(Session session) throws SerializationException
|
{
|
boolean updated = false;
|
if (session.identification.luser.size() > 0)
|
{
|
if (session.configuration == null)
|
{
|
session.configuration = new SessionConfiguration();
|
updated = true;
|
}
|
updated = updateSessionPermissions(session, updated);
|
updateSessionRole(session);
|
updateSessionWebProperties(session);
|
updateSessionAlarms(session);
|
}
|
return updated;
|
}
|
|
private boolean updateSessionPermissions(Session session, boolean updated) throws SerializationException
|
{
|
try
|
{
|
InteropParameters parametersGetUserPermission = new InteropParameters();
|
parametersGetUserPermission.addParameter(new InteropParameter("language", Shared.configuration.general.language));
|
parametersGetUserPermission.addBodycontent(session.getUsernames());
|
parametersGetUserPermission.addParameter(new InteropParameter("timestamp", String.valueOf(session.configuration.timestamp)));
|
InteropResponse response = Shared.getModel().modelPermissions.getUserPermission(parametersGetUserPermission);
|
UserPermission newPermissions = (UserPermission) response.getValue()[0];
|
|
if (!Serialization.equals(session.configuration.permissions, newPermissions))
|
{
|
session.configuration.permissions = newPermissions;
|
session.configuration.timestamp = System.currentTimeMillis();
|
updated = true;
|
}
|
} catch (Exception ex)
|
{
|
Logger.getLogger(ModelSessions.class.getName()).log(Level.INFO, "", ex);
|
}
|
return updated;
|
}
|
|
private void updateSessionRole(Session session) throws SerializationException
|
{
|
String role = "";
|
for (UserIdentification userIdentification : session.identification.luser)
|
{
|
if (userIdentification.role != null)
|
{
|
if (userIdentification.role.equals("Administrator"))
|
{
|
role = userIdentification.role;
|
} else if (userIdentification.equals("Write") && !role.equals("Administrator"))
|
{
|
role = userIdentification.role;
|
} else if (userIdentification.role.equals("Read") && !role.equals("Administrator") && !role.equals("Write"))
|
{
|
role = userIdentification.role;
|
}
|
}
|
}
|
session.role = role;
|
}
|
|
private void updateSessionAlarms(Session session) throws SerializationException
|
{
|
try
|
{
|
InteropParameters parametersGetUserPermission = new InteropParameters();
|
parametersGetUserPermission.addParameter(new InteropParameter("language", Shared.configuration.general.language));
|
parametersGetUserPermission.addBodycontent(session.getUsernames());
|
parametersGetUserPermission.addParameter(new InteropParameter("timestamp", String.valueOf(session.configuration.timestamp)));
|
InteropResponse response = Shared.getModel().modelAlarms.getAlarmsUserConfiguration(
|
parametersGetUserPermission);
|
session.configuration.lalarmConfiguration = Arrays.asList(Arrays.copyOf(response.getValue(), response.getValue().length, UserAlarmConfiguration[].class));
|
} catch (Exception e)
|
{
|
e.printStackTrace();
|
}
|
}
|
//</editor-fold>
|
|
//<editor-fold defaultstate="collapsed" desc="Utils">
|
|
/**
|
* Check UserIdentification[]
|
* add to the session all Users with valid UserIdentification user-password
|
* @param session
|
* @param usersIdentification
|
* @return
|
* @throws SerializationException
|
* @throws Exception
|
*/
|
|
@SuppressWarnings("unchecked")
|
private Session checkSessionAndAddAllowedUsers(Session session, UserIdentification[] usersIdentification,
|
boolean secureUser, String usernameAction, String computerAction) throws SerializationException
|
{
|
String resultMessage = "invalid user";
|
try
|
{
|
//CHECK USER PASSWORD
|
byte resultType = DeviceActionResult.RESULT_ERROR;
|
for (UserIdentification userIdentification : usersIdentification)
|
{
|
|
if (!secureUser){
|
userIdentification.username = Licence.encrypt(userIdentification.username);
|
userIdentification.password = Licence.encrypt(userIdentification.password);
|
}
|
|
User user = new User(userIdentification.username);
|
user.username = userIdentification.username;
|
user.getDeviceInformation().password = userIdentification.password;
|
|
User nextUser = (User) Shared.getModel().getDevice(user.getIdentifier());
|
if (user.username.equals(nextUser.username))
|
{
|
resultType = DeviceActionResult.RESULT_CORRECT;
|
if ((nextUser.alarms != null) && (nextUser.alarms.alarm_disabled > 0))
|
{
|
continue;
|
}
|
if (user.getDeviceInformation().password.equals(nextUser.getDeviceInformation().password))
|
{
|
userIdentification.group = nextUser.information.group;
|
userIdentification.name = nextUser.information.name;
|
userIdentification.role = nextUser.getDeviceInformation().role;
|
userIdentification.console = session.identification.console;
|
userIdentification.timestampStart = System.currentTimeMillis();
|
session.addUserIdentification(userIdentification);
|
resultMessage = "log in";
|
} else
|
{
|
resultMessage = "invalid password";
|
resultType = DeviceActionResult.RESULT_ERROR;
|
}
|
}
|
|
addActionCheckSessionAndAddAllowedUsers(user, session, computerAction, resultMessage, resultType);
|
|
if (resultType != DeviceActionResult.RESULT_CORRECT)
|
{
|
throw new SerializationException(resultMessage);
|
} else
|
{
|
if (Shared.getModel().loginBlockedManager
|
.isAddressLoginBlocked(computerAction))
|
{
|
resultMessage = "blocked address";
|
throw new SerializationException(resultMessage);
|
}
|
if (Shared.getModel().loginBlockedManager
|
.isUserBlocked(user.username))
|
{
|
resultMessage = "blocked user";
|
throw new SerializationException(resultMessage);
|
}
|
}
|
}
|
|
addUsersGenericIntoSession(session, Shared.getModel().getDevicesUserGenericGroup());
|
Shared.getModel().loginBlockedManager.addCorrectLoginAttempt(usersIdentification, computerAction, session.identification.timestampStart);
|
return session;
|
} catch (Exception exception)
|
{
|
try
|
{
|
exception.printStackTrace();
|
Shared.getModel().loginBlockedManager
|
.addFailedLoginAttempt(usersIdentification, computerAction, session.identification.timestampStart);
|
throw new SerializationException(resultMessage, exception);
|
} catch (Exception exceptionLoginBlockedManager)
|
{
|
exceptionLoginBlockedManager.printStackTrace();
|
throw new SerializationException(resultMessage, exceptionLoginBlockedManager);
|
}
|
}
|
}
|
//</editor-fold>
|
|
private void addActionCheckSessionAndAddAllowedUsers(User user, Session session, String computerAction, String resultMessage, byte resultType) throws Exception
|
{
|
try
|
{
|
User userAction = new User();
|
userAction.information = new UserInformation();
|
userAction.information.setIdentifier(Licence.decrypt(user.username));
|
|
Session sessionAction = new Session();
|
sessionAction.identification = session.identification;
|
sessionAction.token = session.token;
|
sessionAction.role = session.role;
|
|
InteropParameters parameters = new InteropParameters();
|
parameters.addParameter("username", Licence.decrypt(user.username));
|
parameters.addParameter("computer", computerAction);
|
parameters.addParameter("operation", Shared.getMessage(resultMessage));
|
DeviceAction action = new DeviceAction(userAction, parameters);
|
DeviceActionResult actionResult = new DeviceActionResult(resultType, Shared.getMessage(resultMessage));
|
action.setResult(actionResult);
|
DevicePersistenceAction persistenceAction = new DevicePersistenceAction(action);
|
Shared.model.addAction(action);
|
}
|
catch (Exception e)
|
{
|
e.printStackTrace();
|
throw e;
|
}
|
}
|
|
public void addUsersGenericIntoSession(Session session, List<User> luserGeneric)
|
{
|
try
|
{
|
List<UserIdentification> luserIdentificationGeneric = new ArrayList<>();
|
for (User userGeneric : luserGeneric)
|
{
|
addUserGenericIntoSession(session, userGeneric, luserIdentificationGeneric);
|
}
|
session.identification.luser.addAll(luserIdentificationGeneric);
|
} catch (Exception e)
|
{
|
e.printStackTrace();
|
}
|
}
|
|
/**
|
* It adds into the session the user generic given when any user.information.group in the session has the user generic given
|
* @param session
|
* @param userGeneric
|
*/
|
private void addUserGenericIntoSession(Session session, User userGeneric, List<UserIdentification> luserIdentificationGeneric)
|
{
|
boolean foundUserGeneric = false;
|
try
|
{
|
Iterator<UserIdentification> iterator = session.identification.luser.iterator();
|
while (!foundUserGeneric && iterator.hasNext())
|
{
|
UserIdentification nextUserIdentification = iterator.next();
|
if ((nextUserIdentification.group.equals(userGeneric.getDeviceInformation().group))
|
&& userGeneric.getDeviceInformation().groupManager == true)
|
{
|
foundUserGeneric = true;
|
luserIdentificationGeneric.add(new UserIdentification(userGeneric.getDeviceInformation().group, userGeneric.username, userGeneric.getDeviceInformation().password));
|
}
|
}
|
} catch (Exception e)
|
{
|
}
|
}
|
|
private void updateSessionWebProperties(Session session) throws SerializationException
|
{
|
if (session.configuration == null) session.configuration = new SessionConfiguration();
|
SessionWebProperties sessionWebProperties = new SessionWebProperties();
|
sessionWebProperties.userPrivileges = new UserPrivileges();
|
|
User[] luser = Shared.getModel().getDevices(session.getUsernames(), 0);
|
if (luser.length > 0)
|
{
|
User user = luser[0];
|
UserProperties properties = user.getDeviceInformation().properties;
|
session.configuration.sessionWebProperties = getSessionWebPropertiesFrom(properties);
|
}else new SerializationException("");
|
}
|
|
private SessionWebProperties getSessionWebPropertiesFrom(UserProperties properties)
|
{
|
if (properties==null) return null;
|
SessionWebProperties sessionWebProperties = new SessionWebProperties();
|
if (properties.alarms == null)
|
sessionWebProperties.alarms = new String[0];
|
else
|
sessionWebProperties.alarms = properties.alarms.toArray(new String[0]);
|
|
if (properties.weatherNotifications == null)
|
sessionWebProperties.weatherNotifcations = new String[0];
|
else
|
sessionWebProperties.weatherNotifcations = properties.weatherNotifications.toArray(new String[0]);
|
|
sessionWebProperties.userDisplayList = properties.userDisplayList;
|
sessionWebProperties.userPrivileges = properties.userPrivileges;
|
|
return sessionWebProperties;
|
}
|
|
|
|
|
}
|
