package cs221.groupk.common;
import java.io.Serializable;
import java.util.Vector;
import cs221.groupk.exceptions.database.*;
import cs221.groupk.exceptions.*;
/**
* UserSet is a container for the system users. Its methods are only accessable
* through those made public in the Disk class. Of the methods available in
* Disk, some are still not accessable without appropriate authorisation.
* All Admin methods can only be executed when an admin user has logged into
* the system.
*
* <P><I>Code spell-checked - Chris Milner - 5th December 2000.</I><P>
*
* @author <A HREF="mailto:[email protected]">Paul Smith</A>
*/
public class UserSet implements Constants, Serializable
{
protected Vector users;
//make sure only admin users can access admin methods.
protected static int validatedUserLevel = ACCESS_LEVEL_NOT_VALIDATED;
public int getCurrentAccessLevel()
{
return validatedUserLevel;
}
/**
* validateUser takes the user and password from a dialog, then checks them
* against known/valid users. The value returned specifies if the validation
* was successfull. The values returned are those specified in Constants.
* @param int error code, or access level.
* @see Constants#VALIDATION_SUCCESFULL_ALL
* @see Constants#VALIDATION_SUCCESFULL_STATIONS
* @see Constants#VALIDATION_SUCCESFULL_BOTTOM_STATION
* @see Constants#VALIDATION_SUCCESFULL_TOP_STATION
* @see Constants#VALIDATION_FAIL_NOT_AUTHORISED
* @see Constants#VALIDATION_FAIL_NO_SUCH_USER
* @see Constants#VALIDATION_FAIL_INVALID_PASSWORD
*/
public int validateUser(String user, String pswd)
{
if (userExists(user) >= 0)//Does uses exist?
{
User validatingUser = new User();
try
{
validatingUser = getUser(user);//if yes, grab a copy.
}
catch(CliffRailwayException cre)
{
validatedUserLevel = VALIDATION_FAIL_NO_SUCH_USER;
return validatedUserLevel;
}
if(validatingUser.getPassword() == pswd)//Is the password correct?
{//yes, now figure out what level of validation.
if (validatingUser.isAdmin())
{
validatedUserLevel = VALIDATION_SUCCESFULL_ALL;
}
else
{
if ((validatingUser.bottomStation()) ^ (validatingUser.topStation()))
{//single station only.
if (validatingUser.bottomStation())
{
validatedUserLevel = VALIDATION_SUCCESFULL_BOTTOM_STATION;
}
else
{
validatedUserLevel = VALIDATION_SUCCESFULL_TOP_STATION;
}
}
else
if((validatingUser.bottomStation()) && (validatingUser.topStation()))
{
validatedUserLevel = VALIDATION_SUCCESFULL_STATIONS;
}
}
validatedUserLevel = VALIDATION_FAIL_NOT_AUTHORISED;
}
else
{//no
validatedUserLevel = VALIDATION_FAIL_INVALID_PASSWORD;
}
}
else
{
validatedUserLevel = VALIDATION_FAIL_NO_SUCH_USER;
}
return validatedUserLevel;
}
/**
* logOffSystem basically sets the validatedUserLevel to undefined, thus
* disabling all the functionality of the program. When this method is
* called all the methods are disabled, so there is no way to read or write
* BoughtItems or any other event or admin task. To cotinue, you must re-
* validate, by calling <A HREF="UserSet.html#validateUser(String,String)"
* >validateUser(String, String)</A>
*/
public boolean logOffSystem()
{
validatedUserLevel = -1;
return true;
}
/**
* getUserAccessLevel returns one of the referenced constant values defining
* the access of this user. If this user has not already been validated then
* the InsufficientAccessPrivilegeException is thrown.
* @throws InsufficientAccessPrivilegeException is thrown when this method
* is executed without first calling <A HREF=
* "UserSet.html#validateUser(String,String)">validateUser(String, String)</A>
* @see Constants#ACCESS_LEVEL_NOT_VALIDATED
* @see Constants#ACCESS_LEVEL_TOP_STATION
* @see Constants#ACCESS_LEVEL_BOTTOM_STATION
* @see Constants#ACCESS_LEVEL_ALL_STATIONS
* @see Constants#ACCESS_LEVEL_ADMIN
*/
public int getUserAccessLevel(String user)
throws InsufficientAccessPrivilegeException,
UserNotFoundException
{
int index = userExists(user);
User userAccessLevelCheck = new User();
switch (index)
{
case -2 : throw new UserNotFoundException("Exception ID: US-003.");
case -1 : throw new UserNotFoundException("Exception ID: US-004.");
default : userAccessLevelCheck = (User) users.elementAt(index);
}
return -1;
}
/**
* addUser adds the specified <I>User</I> to this <I>UserSet</I>.
* @param User user to add.
* @return OPERATION_SUCESS on success, else OPERATION_FAILED.
* @throws InsufficientAccessPrivilegeException is thrown when this method
* is executed without first calling <A HREF=
* "UserSet.html#validateUser(String,String)">validateUser(String, String)</A>
* @see Constants#OPERATION_FAILED
* @see Constants#OPERATION_SUCESS
*/
public int addUser(User user)
throws InsufficientAccessPrivilegeException
{
if(user != null)
{
users.add(user);
return OPERATION_SUCESS;
}
return OPERATION_FAILED;
}
public User getUser(String user)
throws InsufficientAccessPrivilegeException,
UserNotFoundException
{
//figure out what needs to use this method then implement this with the
//relevent security.
//if (validatedUserLevel == )
{
//throw new InsufficientAccessPrivilegeException(Exception ID: US-XXX.");
}
int index = userExists(user);
switch (index)
{
case -2 : throw new UserNotFoundException("Exception ID: US-001.");
case -1 : throw new UserNotFoundException("Exception ID: US-002.");
default : return (User) users.elementAt(index);
}
}
/**
* userExists is internally used to check if a given user id is already in
* use within this <I>UserSet</I>.
* @param String userID of the user to be searched for.
* @return negative error code, or position in users Vector of specified
* <I>User</I>.
* @see Constants#USER_NOT_FOUND
* @see Constants#ERROR_LOCATING_USER
*/
protected int userExists(String userID)
{
try
{
for(int index = 0; users.size() < index; index++)//check each User
{
User tempUser = (User) users.elementAt(index);//get a temp copy
if (tempUser.getUserID() == userID)//is this the specified User?
{
return index;//return the index where the user was found
}
}
return USER_NOT_FOUND;//if code exists loop then User was not in Vector
}
catch(Exception e)//Something went wrong with the getting the User from
{ // the vector =big problems. :-)
return ERROR_LOCATING_USER;
}
}
}
Page automatically generated on: 28/12/00 at: 7:58:14 PM.