Ajout des fonction de hashage de mot de passe

Ajout d'une méthode getRolesForUser dans UserManager, pour éviter les lazyInitializationException.
Ajout de la contrainte d'unicité des email, et levage des exceptions correspondantes.

YACOSCore/ejbModule/org/yacos/core/article/ArticleManagerBean.java

@@ -64,6 +64,9 @@ public class ArticleManagerBean implements IArticleManager, Serializable {
 	
 	@SuppressWarnings("unchecked")
 	public List<Article> getArticles(Integer confId) throws ConferenceDoesntExistException {
+		if(confId == null){
+			throw new ConferenceDoesntExistException(confId);
+		}
 		Conference conf = em.find(Conference.class, confId);
 		if(conf == null){
 			throw new ConferenceDoesntExistException(confId);

YACOSCore/ejbModule/org/yacos/core/exceptions/UserEMailAlreadyExistsException.java

@@ -0,0 +1,25 @@
+package org.yacos.core.exceptions;
+
+import java.io.Serializable;
+
+public class UserEMailAlreadyExistsException extends Exception implements
+		Serializable {
+	private static final long serialVersionUID = -8724478998471890281L;
+	
+	private String email;
+	
+	public UserEMailAlreadyExistsException() {
+	}
+	
+	public UserEMailAlreadyExistsException(String email){
+		this.email = email;
+	}
+	
+	public String getEmail(){
+		return email;
+	}
+	
+	public void setEmail(String email){
+		this.email = email;
+	}
+}

YACOSCore/ejbModule/org/yacos/core/users/IUserManager.java

@@ -6,6 +6,7 @@ import javax.ejb.Remote;
 
 import org.yacos.core.conferences.Conference;
 import org.yacos.core.exceptions.PKAlreadyUsedException;
+import org.yacos.core.exceptions.UserEMailAlreadyExistsException;
 import org.yacos.core.system.InvitationToken;
 import org.yacos.core.system.InvitationTokenPK;
 import org.yacos.core.users.Role.RoleType;
@@ -19,7 +20,8 @@ public interface IUserManager {
 	
 	// crud methods
 	public User addUser(String login, String password, String firstName,
-			String lastName, String organization, String email) throws PKAlreadyUsedException;
+			String lastName, String organization, String email)
+			throws PKAlreadyUsedException, UserEMailAlreadyExistsException;
 	public void removeUser(String login);
 	public User getUser(String login);
 	public void UpdateUser(User user);
@@ -44,6 +46,7 @@ public interface IUserManager {
 	 */
 	public void removeRole(String userLogin, RoleType roleType, int conferenceId);
 	public boolean hasRoleForConference(String userLogin, RoleType roleType, Integer conferenceId);
+	public List<Role> getRolesForUser(String userLogin);
 	
 	// InvitationToken handling methods
 	public List<InvitationToken> getInvitationTokensForEmail(String email);

YACOSCore/ejbModule/org/yacos/core/users/User.java

@@ -1,6 +1,8 @@
 package org.yacos.core.users;
 
 import java.io.Serializable;
+import java.security.MessageDigest;
+import java.security.NoSuchAlgorithmException;
 import java.util.ArrayList;
 import java.util.List;
 import javax.persistence.CascadeType;
@@ -8,6 +10,9 @@ import javax.persistence.Column;
 import javax.persistence.Entity;
 import javax.persistence.Id;
 import javax.persistence.OneToMany;
+import javax.persistence.Table;
+import javax.persistence.UniqueConstraint;
+
 import org.yacos.core.article.Article;
 import org.yacos.core.conferences.Conference;
 
@@ -20,6 +25,9 @@ import org.yacos.core.conferences.Conference;
  *
  */
 @Entity
+@Table(
+		name="user",
+		uniqueConstraints=@UniqueConstraint(columnNames={"login","email"}))
 public class User implements Serializable{
 	/**
 	 * 
@@ -34,7 +42,10 @@ public class User implements Serializable{
 	private String login;
 	/**
 	 * Password : used for authentication purpose only, is only writable
+	 * Should be stored Hashed using SHA-256 algorithm.
+	 * Thus the size should always be 64 characters long
 	 */
+	@Column(name="password",length=64)
 	private String password;
 	/**
 	 * First Name of the user
@@ -131,11 +142,6 @@ public class User implements Serializable{
 			// TODO : declare and throw an exception
 		}
 	}*/
-	
-	public boolean hasRoleForConference(Role.RoleType roleType, Conference conference){
-		// TODO
-		return false;
-	}
 
 	//@OneToMany(targetEntity=Role.class,mappedBy="user",fetch=FetchType.EAGER)
 	@OneToMany(cascade=CascadeType.ALL, targetEntity=Role.class,mappedBy="user")
@@ -179,4 +185,27 @@ public class User implements Serializable{
 		this.articles = articles;
 	}
 	
+	public static String hashPassword(String password){
+		try {
+			MessageDigest algorithm = MessageDigest.getInstance("SHA-256");
+			algorithm.update(password.getBytes());
+			byte digest[] = algorithm.digest();
+			StringBuffer hexString = new StringBuffer();
+
+			// String to hex conversion
+			for (int i = 0; i < digest.length; i++){
+				String hex = Integer.toHexString(0xFF & digest[i]);
+				if (hex.length() == 1)
+				{
+					hexString.append('0');
+				}
+				hexString.append(hex);
+			}
+			
+			return hexString.toString();
+		} catch (NoSuchAlgorithmException e) {
+			// Should never happen, SHA-256 support is built in Java
+		}
+		return null;
+	}
 }

YACOSCore/ejbModule/org/yacos/core/users/UserManagerBean.java

@@ -4,15 +4,19 @@
 package org.yacos.core.users;
 
 
+import java.security.MessageDigest;
+import java.security.NoSuchAlgorithmException;
 import java.util.List;
 
 import javax.ejb.Stateless;
 import javax.persistence.EntityManager;
+import javax.persistence.NoResultException;
 import javax.persistence.PersistenceContext;
 import javax.persistence.Query;
 
 import org.yacos.core.conferences.Conference;
 import org.yacos.core.exceptions.PKAlreadyUsedException;
+import org.yacos.core.exceptions.UserEMailAlreadyExistsException;
 import org.yacos.core.system.InvitationToken;
 import org.yacos.core.system.InvitationTokenPK;
 import org.yacos.core.users.Role.RoleType;
@@ -38,9 +42,14 @@ public class UserManagerBean implements IUserManager{
 	 * @param user
 	 */
 	public User addUser(String login, String password, String firstName,
-			String lastName, String organization, String email) throws PKAlreadyUsedException{
+			String lastName, String organization, String email)
+				throws PKAlreadyUsedException,UserEMailAlreadyExistsException{
 		
 		if (!this.exists(login)){
+			if(this.getByEmail(email) != null){
+				throw new UserEMailAlreadyExistsException(email);
+			}
+			
 			User user = new User(login, password, firstName, lastName, organization, email);
 			em.persist(user);
 			em.flush();
@@ -69,6 +78,16 @@ public class UserManagerBean implements IUserManager{
 		return em.find(User.class, login);
 	}
 	
+	public User getByEmail(String email){
+		try {
+			Query query = em.createQuery("from User where email=?");
+			query.setParameter(1, email);
+			return (User) query.getSingleResult();
+		} catch (NoResultException e) {
+			return null;
+		}
+	}
+	
 	public void UpdateUser(User user){
 		em.merge(user);
 	}
@@ -139,5 +158,13 @@ public class UserManagerBean implements IUserManager{
 		Role role = em.find(Role.class, pk);
 		return role != null;
 	}
+
+	@SuppressWarnings("unchecked")
+	public List<Role> getRolesForUser(String userLogin) {
+		User user = getUser(userLogin);
+		Query aQuery = em.createQuery("from Role where user=?");
+		aQuery.setParameter(1, user);
+		return aQuery.getResultList();
+	}
 	
 }