net.sf.basedb.core
Class SessionControl

java.lang.Object
  net.sf.basedb.core.SessionControl

Direct Known Subclasses:

PluginSessionControl

public class SessionControl
extends Object

This class handles user sessions. Each instance is thread-safe and can handle a single user at a time. This class is used to create DbControl objects which are needed to access the database.

Version:

2.0

Author:

Nicklas

See Also:

Application.newSessionControl(String, String, String), Application.getSessionControl(String, String)

Last modified

$Date: 2010-09-16 13:32:06 +0200 (Thu, 16 Sep 2010) $

Nested Class Summary

private static class	SessionControl.LoginInfo Internal class to hold information about the logged in user.
private static class	SessionControl.SettingInfo Internal class to hold information about a setting

Field Summary

private Map<String,SessionControl.SettingInfo>	clientDefaultSettings Stores name and value from ClientDefaultSettingData.
private int	clientId The id of the ClientData. 0 = no client
private boolean	closed If the session control has been closed it can no longer be used.
private Map<ContextKey,ItemContext>	currentContexts Map for storing current contexts.
private Map<DbControl,String>	dbControlCache Holds all created DbControl object, so we can close them if the user logs out.
private String	externalClientId The external id of the ClientData. null = no client
private String	id The id of the object.
private int	jobId
private long	lastAccess The time of the last access to this object.
private String	lastChallenge The last generated challenge for password encryption.
private static Logger	log Log core events.
private SessionControl.LoginInfo	loginInfo Login information for the logged in user.
private int	pluginId
private String	remoteId The remote IP.

Constructor Summary

SessionControl(String id, SessionControl parent, PluginDefinition plugin, Job job)
Create a new session control object using another one as the template.

SessionControl(String id, String externalClientId, boolean failIfNoClient, String remoteId)
Creates a new SessionControl object.

Method Summary

protected void	cleanUp()
protected void	clearDbControlCache()
void	close() Close this session control so it can't be used again.
private SessionControl.LoginInfo	createLoginInfo(org.hibernate.Session session, UserData userData, String comment, boolean impersonated) Create a LoginInfo object and load all information that it needs.
void	deleteContext(int contextId) Delete a context.
int	deleteCurrentContexts(Item itemType, boolean inMemory, boolean inDatabase) Delete all default contexts for the logged in user.
protected void	finalize() Clean up if a bad client application forgets to logout.
int	getActiveProjectId() Get the id of the active project, or 0 if no project is active.
List<ItemContext>	getAllCurrentContexts(boolean inMemory, boolean inDatabase) Get a list with the current default contexts.
(package private) int	getAllPermissions(Item itemType, UserData owner, ItemKeyData itemKey, ProjectKeyData projectKey) Get the combined permissions for an item of the specified type, owned by the specified user and shared with the specified item and project keys.
(package private) int	getAllPermissions(SharedData sharedData) Same as getAllPermissions(Item, UserData, ItemKeyData, ProjectKeyData)
String	getChallenge() Generate a new random string to be used for password encryption in the login method.
String	getClientDefaultSetting(String name) Get the value of the ClientDefaultSetting with the specified name.
int	getClientId() Get the id of the Client application in use.
ItemContext	getContext(int contextId) Load a context without making it the current context.
Enumeration<Integer,String>	getContextNames(Item item) Same as: getContextNames(item, "")
Enumeration<Integer,String>	getContextNames(Item item, String subContext) Get a list with the names of all named contexts for a given item and subcontext.
ItemContext	getCurrentContext(Item item) Same as: getCurrentContext(item, "", null).
ItemContext	getCurrentContext(Item item, ItemContext defaultContext) Same as: getCurrentContext(item, "", defaultContext).
ItemContext	getCurrentContext(Item item, String subContext) Same as: getCurrentContext(item, subContext, null).
ItemContext	getCurrentContext(Item item, String subContext, ItemContext defaultContext) Get the current context.
int	getCurrentSessionId() Get the id of the current user session, or 0 if no user is logged in.
String	getExternalClientId() Get the external id of the Client application in use.
Set<Integer>	getFriends() Get the id of all friends to logged in user.
Set<Integer>	getGroups() Get the id of all groups where the logged in user is a member, directly or indirectly.
String	getId() Get the id of this SessionControl.
int	getItemKeyId() Get the id of the ItemKey that new items should be shared to according to the settings in the currently active project.
Set<Integer>	getItemKeys() Get the id of all item keys where the logged in user has read permission.
Set<Integer>	getItemKeys(Permission permission) Get the id of all item keys where the logged in user has the requested permission.
int	getJobId() Get the id of the job that is currently running with this session control.
long	getLastAccess() Get the time this object last was accessed.
private String	getLastChallenge() Get the last challenge generated.
Locale	getLocale() Get the locale that is curently assigned to this session control.
int	getLoggedInUserId() Get the id of the logged in user, or 0 if no user is logged in.
int	getPluginId() Get the id of the plug-in that is currently running with this session control.
(package private) PluginPermission	getPluginPermissions(Item itemType) Get all plugin-specific permissions for the specified item type.
PluginSessionControl	getPluginSessionControl(PluginDefinition plugin, Job job) Create a new session control for executing a plugin.
int	getProjectKeyId() Get the id of the ProjectKey that can be used to share an item to the active project with full permission, or 0 if no project is active or the logged in user only has read permission to the active project.
Set<Integer>	getProjectKeys() Get the id of all project keys where the logged in user has read permission.
Set<Integer>	getProjectKeys(Permission permission) Get the id of all project keys where the logged in user has the requested permission.
(package private) int	getProjectPermission(Project project)
Set<Integer>	getProjects() Get the id of all projects where the logged in user is a member, directly or indirectly.
(package private) String	getRemoteId() Get the remote id that was passed to the Application.newSessionControl(String,String,String) method when creating this object.
(package private) int	getRolePermissions(Item itemType) Get all role-based permissions for the specified type of items.
Set<Integer>	getRoles() Get the id of all roles where the logged in user is a member.
Object	getSessionSetting(String name) Get the value of a session setting with the specified name.
(package private) int	getSharedPermissions(ShareableData shareableData) Get the shared permissions for a ShareableData object.
String	getUserClientSetting(String name) Get the value of the UserClientSetting with the specified name.
String	getUserDefaultSetting(String name) Get the value of the UserDefaultSetting with the specified name.
boolean	hasPermission(Permission permission, Item itemType) Check if the logged in user has the specfied permission for all item of the specified type.
boolean	hasSystemPermission(Permission permission) Check if the logged in user has the specified system permission.
SessionControl	impersonateLogin(int userId, String comment) Log in as another user.
SessionControl	impersonateLogin(Ownable item, String comment) Log in as the owner of the specified item.
boolean	isClosed() If this session control has been closed or not.
boolean	isDenied(Permission permission, Item itemType) Check if the logged in user has been denied the specified permission for items of the specified type.
boolean	isFriendOf(User user) Check if the logged in user is a friend of of the specified user.
boolean	isImpersonated() Check if the logged in user was impersonated by another user.
boolean	isLoggedIn() Checks if a user is logged in or not.
boolean	isMemberOf(Group group) Check if the logged in user is a member, directly or indirectly, of the specified group.
boolean	isMemberOf(Project project) Check if the logged in user is a member, directly or indirectly, of the specified project.
boolean	isMemberOf(Role role) Check if the logged in user is a member of the specified role.
private Map<String,SessionControl.SettingInfo>	listToMap(List<? extends SettingData> settings) Copy settings from a List to a Map.
private Map<String,SessionControl.SettingInfo>	loadClientDefaultSettings(org.hibernate.Session session, int clientId) Load client applications default settings.
ItemContext	loadContext(int contextId) Load a context and make it the current context.
private ItemContext	loadContextInternal(int contextId) Load a context with the specified ID.
private ItemContext	loadContextInternal(Item item, String subContext, String name) Load a named context.
private Map<String,SessionControl.SettingInfo>	loadUserClientSettings(org.hibernate.Session session, int userId, int clientId) Load users client-specific settings.
private Map<String,SessionControl.SettingInfo>	loadUserDefaultSettings(org.hibernate.Session session, int userId) Load users default settings.
(package private) void	login(Keyring keyring)
void	login(String login, String password, String comment, boolean encryptedPassword) Log in to BASE.
void	logout() Log out of BASE.
DbControl	newDbControl() Create a new DbControl object for this session.
void	reloadPermissions() Tell the core to reload the logged in users permission the next time the client application needs to check the permissions.
void	reloadSettings(boolean onlyClientDefaultSettings, boolean saveCurrentUserSettings) Reloads user- and client-specific settings.
private void	saveAllCurrentContexts(org.hibernate.Session session, UserData userData, ClientData clientData)
private void	saveAllUserSettings(org.hibernate.Session session) Saves all user settings.
int	saveCurrentContextAs(Item item, String name, boolean overwrite, boolean isPublic) Same as: saveCurrentContextAs(item, "", name, overwrite, isPublic).
int	saveCurrentContextAs(Item item, String subContext, String name, boolean overwrite, boolean isPublic) Save the current context as a named context.
private <I extends SettingData> void	saveSettings(org.hibernate.Session session, org.hibernate.Query query, Map<String,SessionControl.SettingInfo> settings, Class<I> dataClass, UserData userData, ClientData clientData) Save settings when a user logs out.
void	setActiveProject(Project project) Set the active project.
Object	setSessionSetting(String name, Object value) Set the value of a session setting.
String	setUserClientSetting(String name, String value) Set the value of a UserClientSetting.
String	setUserDefaultSetting(String name, String value) Set the value of a UserDefaultSetting.
void	updateLastAccess() Update the time this object last was accessed.
private UserData	verifyUserExternal(org.hibernate.Session session, String login, String password) Verify the user with external authentication.
private UserData	verifyUserInternal(org.hibernate.Session session, String login, String password, boolean encryptedPassword) Check that the user exists and verify the password using internal authentication.

Methods inherited from class java.lang.Object

clone, equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

log

private static final Logger log

Log core events.

id

private final String id

The id of the object. Used by Application.getSessionControl(String,String)

clientId

private final int clientId

The id of the ClientData. 0 = no client

externalClientId

private final String externalClientId

The external id of the ClientData. null = no client

remoteId

private final String remoteId

The remote IP.

dbControlCache

private final Map<DbControl,String> dbControlCache

Holds all created DbControl object, so we can close them if the user logs out. We use only the keys of the map since there is no WeakHashSet class.

lastAccess

private long lastAccess

The time of the last access to this object.

closed

private boolean closed

If the session control has been closed it can no longer be used.

clientDefaultSettings

private Map<String,SessionControl.SettingInfo> clientDefaultSettings

Stores name and value from ClientDefaultSettingData.

loginInfo

private SessionControl.LoginInfo loginInfo

Login information for the logged in user.

lastChallenge

private String lastChallenge

The last generated challenge for password encryption.

currentContexts

private final Map<ContextKey,ItemContext> currentContexts

Map for storing current contexts.

pluginId

private int pluginId

jobId

private int jobId

Constructor Detail

SessionControl

SessionControl(String id,
               SessionControl parent,
               PluginDefinition plugin,
               Job job)

Create a new session control object using another one as the template. Permissions and settings are copied/referenced from the parent session control. If the plugin uses permissions those permissions are loaded and used for access control.

Parameters:

id - The ID if the new session control

parent - The parent session control

plugin - The plugin that is executing

SessionControl

SessionControl(String id,
               String externalClientId,
               boolean failIfNoClient,
               String remoteId)
         throws BaseException

Creates a new SessionControl object.

Parameters:

id - The id used in Application.newSessionControl(String,String,String)

externalClientId - Optional external ID of the client application in use

failIfNoClient - If TRUE, an exception is thrown if an external client id has been specified, but not found

remoteId - For example, the IP-address

Throws:

BaseException

Method Detail

getLastAccess

public long getLastAccess()

Get the time this object last was accessed. Used by the cleanup timer in Application.cleanSessionControlCache(boolean)

Returns:

A long object.

Since:

2.4.5

updateLastAccess

public void updateLastAccess()

Update the time this object last was accessed. Used by the cleanup timer in Application.cleanSessionControlCache(boolean)

isClosed

public boolean isClosed()

If this session control has been closed or not. A closed session control can't be used.

Returns:

TRUE if the session control is closed

Since:

2.4.5

close

public void close()

Close this session control so it can't be used again.

Since:

2.4.5

getId

public String getId()

Get the id of this SessionControl. Use this value for retrieving the object from the Application cache.

Returns:

The id

See Also:

Application.getSessionControl(String,String)

getClientId

public int getClientId()

Get the id of the Client application in use. Use Client.getById(DbControl, int) to get the Client object.

Returns:

Client id as an int.

getExternalClientId

public String getExternalClientId()

Get the external id of the Client application in use.

Returns:

A java.lang.String object.

See Also:

getClientId()

getRemoteId

String getRemoteId()

Get the remote id that was passed to the Application.newSessionControl(String,String,String) method when creating this object. This value is checked against the value passed to the Application.getSessionControl(String,String) method.

newDbControl

public DbControl newDbControl()
                       throws BaseException

Create a new DbControl object for this session.

Returns:

A DbControl object

Throws:

BaseException - If there is an error

login

void login(Keyring keyring)

getChallenge

public String getChallenge()

Generate a new random string to be used for password encryption in the login method. Using encryption prevents that user passwords are sent in clear text between client and server (ie. web browser and web server).

The client application should use the challenge as follows:

1. Calculate the MD5 of the real UTF-8 encoded password
2. Concatenate this with the challenge with a colon inbetween: MD5:challenge
3. Calculate the MD5 of the concatenated string. This is the encrypted password, which should be sent to the login method.

Note! This is not intended as a replacement for SSL encrypted communication.

Note! Each call to this method generates a new random challenge.

Returns:

A challenge string used to encrypt the password

See Also:

login(String, String, String, boolean)

getLastChallenge

private String getLastChallenge()

Get the last challenge generated.

login

public void login(String login,
                  String password,
                  String comment,
                  boolean encryptedPassword)
           throws ItemNotFoundException,
                  PermissionDeniedException,
                  InvalidPasswordException,
                  BaseException

Log in to BASE. The method checks that the given login is valid, the password is correct and that the user has USE permission for the client application if one has been specified.

The encryptedPassword parameter is used if the client application sends the password encrypted. See getChallenge() for information about how to encrypt the password.

Parameters:

login - The login of the user

password - The UTF-8 encoded password for the user

comment - A comment for the login, which will show in the Session

encryptedPassword - A flag indicating if the password has been encrypted or not

Throws:

ItemNotFoundException - If a user with the specified username is not found

InvalidPasswordException - If the specified password is incorrect

PermissionDeniedException - If the user doesn't have Permission.USE permission for the current client application or if a user is already logged in

BaseException - If there is any other error

See Also:

logout(), isLoggedIn(), getLoggedInUserId()

verifyUserInternal

private UserData verifyUserInternal(org.hibernate.Session session,
                                    String login,
                                    String password,
                                    boolean encryptedPassword)
                             throws ItemNotFoundException,
                                    InvalidPasswordException,
                                    AccountExpiredException,
                                    BaseException

Check that the user exists and verify the password using internal authentication.

Throws:

ItemNotFoundException

InvalidPasswordException

AccountExpiredException

BaseException

verifyUserExternal

private UserData verifyUserExternal(org.hibernate.Session session,
                                    String login,
                                    String password)
                             throws ItemNotFoundException,
                                    InvalidPasswordException,
                                    BaseException

Verify the user with external authentication.

Throws:

ItemNotFoundException

InvalidPasswordException

BaseException

impersonateLogin

public SessionControl impersonateLogin(int userId,
                                       String comment)
                                throws ItemNotFoundException,
                                       PermissionDeniedException,
                                       BaseException

Log in as another user. If this call is successful, you will get a new SessionControl object which is equivalent to a SessionControl where that user logged in by normal means. This method requires that the logged in user has Permission.ACT_AS_ANOTHER_USER permission.

Parameters:

userId - The id of the user to login as

comment - A comment that will be placed in the Session information

Returns:

A new SessionControl object

Throws:

ItemNotFoundException - If no user with the specified id exists

PermissionDeniedException - If the logged in user doesn't have Permission.ACT_AS_ANOTHER_USER permission

BaseException - If there is another error

impersonateLogin

public SessionControl impersonateLogin(Ownable item,
                                       String comment)

Log in as the owner of the specified item.

Parameters:

item - Login as the owner of this Item. Null is not allowed

comment - A comment that will be placed in the Session information

Returns:

A SessionControl for the created session.

See Also:

impersonateLogin(int, String)

createLoginInfo

private SessionControl.LoginInfo createLoginInfo(org.hibernate.Session session,
                                                 UserData userData,
                                                 String comment,
                                                 boolean impersonated)
                                          throws BaseException

Create a LoginInfo object and load all information that it needs.

Throws:

BaseException

logout

public void logout()
            throws BaseException

Log out of BASE. If the logged in user was impersonated the system will revert to the original user. If no user is logged in this method does nothing. If there are any DbControl objects still open, they will be closed. Changes made to items managed by those DbControl objects will be lost unless the items are connected to a new DbControl object.

Throws:

BaseException - If there is an error

See Also:

login(String, String, String, boolean), isLoggedIn(), impersonateLogin(int, String), isImpersonated()

isLoggedIn

public boolean isLoggedIn()

Checks if a user is logged in or not.

Returns:

TRUE if a user is logged in, FALSE otherwise.

See Also:

login(String, String, String, boolean), logout(), getLoggedInUserId()

getLoggedInUserId

public int getLoggedInUserId()

Get the id of the logged in user, or 0 if no user is logged in. Use User.getById(DbControl, int) to get the User object.

Returns:

User id as an int.

See Also:

login(String, String, String, boolean), logout(), isLoggedIn()

getCurrentSessionId

public int getCurrentSessionId()

Get the id of the current user session, or 0 if no user is logged in. Use Session.getById(DbControl, int) to the Session object.

Returns:

The session id, or 0 if no user is logged in

Since:

2.13

getPluginId

public int getPluginId()

Get the id of the plug-in that is currently running with this session control.

Returns:

The plug-in id, or 0 if not running by a plug-in

Since:

2.13

getJobId

public int getJobId()

Get the id of the job that is currently running with this session control.

Returns:

The job id, or 0 if not running by a job

Since:

2.13

isImpersonated

public boolean isImpersonated()

Check if the logged in user was impersonated by another user.

Returns:

TRUE or FALSE

See Also:

impersonateLogin(int, String)

reloadPermissions

public void reloadPermissions()

Tell the core to reload the logged in users permission the next time the client application needs to check the permissions.

reloadSettings

public void reloadSettings(boolean onlyClientDefaultSettings,
                           boolean saveCurrentUserSettings)
                    throws BaseException

Reloads user- and client-specific settings.

Parameters:

onlyClientDefaultSettings - Setting this to TRUE will only reload ClientDefaultSetting:s

saveCurrentUserSettings - Setting this to TRUE will save the current user-specific settings before reloading them. This parameter is ignored if onlyClientDefaultSettings is true. The settings are never changed if the logged in user is a multi-user account.

Throws:

BaseException - If the settings cannot be reloaded

getActiveProjectId

public int getActiveProjectId()

Get the id of the active project, or 0 if no project is active. Use Project.getById(DbControl, int) to get the Project object.

Returns:

An int.

See Also:

setActiveProject(Project)

setActiveProject

public void setActiveProject(Project project)
                      throws PermissionDeniedException,
                             BaseException

Set the active project. When a project is active queries will by default only load items shared to the that project, and new Shareable items will automatically be shared to the active project with delete permission. The active project doesn't affect already existing items.

Parameters:

project - The project to make active

Throws:

PermissionDeniedException - If the logged in user doesn't have Permission.USE permission for the project

BaseException - If there is another error

See Also:

getActiveProjectId()

getPluginSessionControl

public PluginSessionControl getPluginSessionControl(PluginDefinition plugin,
                                                    Job job)

Create a new session control for executing a plugin.

Parameters:

plugin - The plugin to execute

job - The job that executes the plug-in, or null

Returns:

A plugin session control

Since:

2.15 (was package private before that)

getProjectKeyId

public int getProjectKeyId()

Get the id of the ProjectKey that can be used to share an item to the active project with full permission, or 0 if no project is active or the logged in user only has read permission to the active project. Use ProjectKey.getById(DbControl, int) to get the ProjectKey object.

See Also:

getActiveProjectId(), setActiveProject(Project)

getItemKeyId

public int getItemKeyId()

Get the id of the ItemKey that new items should be shared to according to the settings in the currently active project. If no project is active or if the projects doesn't share to any item key, 0 is returned. Use ItemKey.getById(DbControl, int) to get the ItemKey object.

Since:

2.16

See Also:

getActiveProjectId(), setActiveProject(Project), getProjectKeyId()

hasSystemPermission

public boolean hasSystemPermission(Permission permission)

Check if the logged in user has the specified system permission.

Parameters:

permission - One of the system permission constants defined by the Permission enumeration

Returns:

TRUE if the logged in user has the permission, FALSE otherwise

hasPermission

public boolean hasPermission(Permission permission,
                             Item itemType)

Check if the logged in user has the specfied permission for all item of the specified type. This method checks the permissions given to the roles the user is a member of and, if a plugin is active, the permissions given to the plugin.

Parameters:

permission - One of the permissions constants defined by the Permission enumeration

itemType - One of the item constants defined by the Item enumeration

Returns:

TRUE if the logged in user has the permission, FALSE otherwise

isDenied

public boolean isDenied(Permission permission,
                        Item itemType)

Check if the logged in user has been denied the specified permission for items of the specified type. This method checks the permissions given to the roles the user is a member of and, if a plugin is active, the permissions given to the plugin. Note that this method is not the inverse of the hasPermission(Permission, Item) method. Both methods may return false in which case the system also checks ownership and sharing information to determine if access is granted. If this method return TRUE the hasPermission method always return false.

Parameters:

permission - One of the permissions constants defined by the Permission enumeration

itemType - One of the item constants defined by the Item enumeration

Returns:

TRUE if the logged in user is denied the permission, FALSE otherwise

getRolePermissions

int getRolePermissions(Item itemType)

Get all role-based permissions for the specified type of items.

getPluginPermissions

PluginPermission getPluginPermissions(Item itemType)

Get all plugin-specific permissions for the specified item type.

getSharedPermissions

int getSharedPermissions(ShareableData shareableData)

Get the shared permissions for a ShareableData object.

getAllPermissions

int getAllPermissions(Item itemType,
                      UserData owner,
                      ItemKeyData itemKey,
                      ProjectKeyData projectKey)

Get the combined permissions for an item of the specified type, owned by the specified user and shared with the specified item and project keys.

getAllPermissions

int getAllPermissions(SharedData sharedData)

Same as getAllPermissions(Item, UserData, ItemKeyData, ProjectKeyData)

isMemberOf

public boolean isMemberOf(Group group)

Check if the logged in user is a member, directly or indirectly, of the specified group.

Parameters:

group - The group to check

Returns:

TRUE if the user is a member, FALSE otherwise

isMemberOf

public boolean isMemberOf(Role role)

Check if the logged in user is a member of the specified role.

Parameters:

role - The role to check

Returns:

TRUE if the user is a member, FALSE otherwise

isMemberOf

public boolean isMemberOf(Project project)

Check if the logged in user is a member, directly or indirectly, of the specified project.

Parameters:

project - The project to check

Returns:

TRUE if the user is a member, FALSE otherwise

getProjectPermission

int getProjectPermission(Project project)

isFriendOf

public boolean isFriendOf(User user)

Check if the logged in user is a friend of of the specified user. A users is a friend if the logged in user is a member, directly or indirectly, of a group where the other user is direct member.

Parameters:

user - The user to check

Returns:

TRUE if the user is a friend, FALSE otherwise

getRoles

public Set<Integer> getRoles()

Get the id of all roles where the logged in user is a member.

Returns:

A Set containing role id:s

getGroups

public Set<Integer> getGroups()

Get the id of all groups where the logged in user is a member, directly or indirectly.

Returns:

A Set containing group id:s

getFriends

public Set<Integer> getFriends()

Get the id of all friends to logged in user. A users is a friend if the logged in user is a member, directly or indirectly, of a group where the other user is direct member.

Returns:

A Set containing user id:s

getProjects

public Set<Integer> getProjects()

Get the id of all projects where the logged in user is a member, directly or indirectly.

Returns:

A Set containing project id:s

getItemKeys

public Set<Integer> getItemKeys()

Get the id of all item keys where the logged in user has read permission.

Returns:

A Set containing item key id:s

getItemKeys

public Set<Integer> getItemKeys(Permission permission)

Get the id of all item keys where the logged in user has the requested permission.

Parameters:

permission - Requested permissions.

Returns:

A Set containing item key id:s

getProjectKeys

public Set<Integer> getProjectKeys()

Get the id of all project keys where the logged in user has read permission.

Returns:

A Set containing project key id:s

getProjectKeys

public Set<Integer> getProjectKeys(Permission permission)

Get the id of all project keys where the logged in user has the requested permission.

Parameters:

permission - The requested permissions

Returns:

A Set containing project key id:s

getCurrentContext

public ItemContext getCurrentContext(Item item)

Same as: getCurrentContext(item, "", null).

See Also:

getCurrentContext(Item, String, ItemContext)

getCurrentContext

public ItemContext getCurrentContext(Item item,
                                     String subContext)

Same as: getCurrentContext(item, subContext, null).

See Also:

getCurrentContext(Item, String, ItemContext)

getCurrentContext

public ItemContext getCurrentContext(Item item,
                                     ItemContext defaultContext)

Same as: getCurrentContext(item, "", defaultContext).

Parameters:

item - Type of item for which current context should be returned.

defaultContext - A default context to copy values from if a new context must be created

Returns:

A ItemContext object.

See Also:

getCurrentContext(Item, String, ItemContext)

getCurrentContext

public ItemContext getCurrentContext(Item item,
                                     String subContext,
                                     ItemContext defaultContext)

Get the current context. If no current context exists for the item/subcontext and a user is logged in, the default context will be loaded from the database. If it doesn't exist in the database or no user is logged in a new current context will be created. If a default context is specified the settings will be copied to the new context. The current context is automatically saved in the database when the user logs out.

Parameters:

item - The type of item to get the context for

subContext - Current sub context.

defaultContext - A default context to copy values from if a new context must be created.

Returns:

A ItemContext object.

Throws:

InvalidDataException - If the item is null

BaseException - If there is another error

See Also:

getCurrentContext(Item), loadContextInternal(Item, String, String), saveCurrentContextAs(Item, String, boolean, boolean)

loadContext

public ItemContext loadContext(int contextId)
                        throws NotLoggedInException,
                               BaseException

Load a context and make it the current context. All information in the current context is lost. If a saved context with the specified ID doesn't exists, or if the logged in user does't have permission to read it, null is returned and the current context is left unchanged.

Parameters:

contextId - The ID of the context to load

Returns:

An ItemContext object or null

Throws:

NotLoggedInException - If no user is logged in

BaseException - If there is another error

See Also:

saveCurrentContextAs(Item, String, boolean, boolean), getContextNames(Item)

getContext

public ItemContext getContext(int contextId)

Load a context without making it the current context. If a saved context with the specified ID doesn't exists, or if the logged in user does't have permission to read it, null is returned.

Parameters:

contextId - The ID of the context to load

Returns:

An ItemContext object or null

Throws:

NotLoggedInException - If no user is logged in

BaseException - If there is another error

See Also:

loadContext(int), getContextNames(Item)

saveCurrentContextAs

public int saveCurrentContextAs(Item item,
                                String name,
                                boolean overwrite,
                                boolean isPublic)
                         throws PermissionDeniedException,
                                InvalidDataException,
                                ItemAlreadyExistsException,
                                BaseException

Same as: saveCurrentContextAs(item, "", name, overwrite, isPublic).

Throws:

PermissionDeniedException

InvalidDataException

ItemAlreadyExistsException

BaseException

See Also:

saveCurrentContextAs(Item, String, String, boolean, boolean)

saveCurrentContextAs

public int saveCurrentContextAs(Item item,
                                String subContext,
                                String name,
                                boolean overwrite,
                                boolean isPublic)
                         throws PermissionDeniedException,
                                InvalidDataException,
                                ItemAlreadyExistsException,
                                BaseException

Save the current context as a named context. Named contexts are stored in the database and can be loaded at any time with the loadContext(int) method. If no current context exists, this method does nothing.

Parameters:

item - The type of item to save the current context for

subContext - The name of the sub-context

name - The name of the context

overwrite - If TRUE, an existing context with the same name is overwritten, otherwise an exception is thrown

isPublic - If the saved context should be visible to everyone or not (requires Permission.SHARE_TO_EVERYONE permission)

Returns:

Saved context's id as an int.

Throws:

PermissionDeniedException - If no user is logged in, or if the logged in user is a multi-user account or if the isPublic parameter is true but the logged in user doesn't have SHARE_TO_EVERYONE permission

InvalidDataException - If the item or name parameter is null

ItemAlreadyExistsException - If another context with the same name exists and the overwrite parameter is FALSE

BaseException - If there is another error

deleteContext

public void deleteContext(int contextId)
                   throws PermissionDeniedException,
                          BaseException

Delete a context. If a saved context with the specified id doesn't exists, this method does nothing.

Parameters:

contextId - The id of the context

Throws:

PermissionDeniedException - If no user is logged in, or if he logged in user is a multi-user account or isn't the owner of the context

BaseException - If there is another error

See Also:

getContextNames(Item, String)

getContextNames

public Enumeration<Integer,String> getContextNames(Item item)
                                            throws InvalidDataException,
                                                   BaseException

Same as: getContextNames(item, "")

Throws:

InvalidDataException

BaseException

See Also:

getContextNames(Item, String)

getContextNames

public Enumeration<Integer,String> getContextNames(Item item,
                                                   String subContext)
                                            throws InvalidDataException,
                                                   BaseException

Get a list with the names of all named contexts for a given item and subcontext.

Parameters:

item - Item for which named contexts should be returned

subContext - Certain sub context to return contexts for.

Returns:

A enumeration containing the id and names, the list will be empty if no user is logged in or if no names contexts exists for the specified item type/subcontext

Throws:

InvalidDataException - If the item parameter is null

BaseException - If there is another error

loadContextInternal

private ItemContext loadContextInternal(int contextId)
                                 throws BaseException

Load a context with the specified ID. If no context with that ID exists or if the context belongs to a different client application or user and not is public null is returned.

Throws:

BaseException

loadContextInternal

private ItemContext loadContextInternal(Item item,
                                        String subContext,
                                        String name)
                                 throws BaseException

Load a named context. Returns null if no context with the specified name exists for the specified item type/subcontext.

Throws:

BaseException

saveAllCurrentContexts

private void saveAllCurrentContexts(org.hibernate.Session session,
                                    UserData userData,
                                    ClientData clientData)

getAllCurrentContexts

public List<ItemContext> getAllCurrentContexts(boolean inMemory,
                                               boolean inDatabase)

Get a list with the current default contexts. The list may include, only in-memory contexts, in-database contexts, or both. If both options are enabled and an in-memory context also has a database representation, both are included in the list. Eg. the list may include more than one context were ItemContext.getContextId() returns the same value.

Parameters:

inMemory - If TRUE, the in-memory contexts are included in the list

inDatabase - If TRUE, the in-database contexts are included in the list

Returns:

A list with ItemContext objects

Since:

2.15

deleteCurrentContexts

public int deleteCurrentContexts(Item itemType,
                                 boolean inMemory,
                                 boolean inDatabase)

Delete all default contexts for the logged in user.

Parameters:

itemType - The item type to delete the contexts for, or null to delete all contexts

inMemory - TRUE to delete in-memory contexts

inDatabase - TRUE to delete in-database contexts

Returns:

The number of contexts deleted

Since:

2.8

getLocale

public Locale getLocale()

Get the locale that is curently assigned to this session control.

Returns:

A Locale object

Since:

2.16

getSessionSetting

public Object getSessionSetting(String name)

Get the value of a session setting with the specified name.

Parameters:

name - The name of the setting

Returns:

A object with the value of the setting, or null if no setting is found

setSessionSetting

public Object setSessionSetting(String name,
                                Object value)

Set the value of a session setting.

Parameters:

name - The name of the setting

value - The new value of the setting, or null to remove the setting

Returns:

The old value of the setting, or null if it did not exist

getUserClientSetting

public String getUserClientSetting(String name)

Get the value of the UserClientSetting with the specified name. If no user is logged in null is returned.

Parameters:

name - The name of the setting

Returns:

A string with the value of the setting, or null if no setting is found

setUserClientSetting

public String setUserClientSetting(String name,
                                   String value)

Set the value of a UserClientSetting.

Parameters:

name - The name of the setting

value - The new value of the setting, or null to remove the setting

Returns:

The old value of the setting, or null if it did not exist or no user is logged in

getUserDefaultSetting

public String getUserDefaultSetting(String name)

Get the value of the UserDefaultSetting with the specified name.

Parameters:

name - The name of the setting

Returns:

A string with the value of the setting, or null if no setting is found

setUserDefaultSetting

public String setUserDefaultSetting(String name,
                                    String value)

Set the value of a UserDefaultSetting.

Parameters:

name - The name of the setting

value - The new value of the setting, or null to remove the setting

Returns:

The old value of the setting, or null if it did not exist or no user is logged in

getClientDefaultSetting

public String getClientDefaultSetting(String name)

Get the value of the ClientDefaultSetting with the specified name.

Parameters:

name - The name of the setting

Returns:

A string with the value of the setting, or null if no setting is found

listToMap

private Map<String,SessionControl.SettingInfo> listToMap(List<? extends SettingData> settings)

Copy settings from a List to a Map. The key is the name of the setting (SettingData.getName()) and the value is a SessionControl.SettingInfo object.

loadClientDefaultSettings

private Map<String,SessionControl.SettingInfo> loadClientDefaultSettings(org.hibernate.Session session,
                                                                         int clientId)

Load client applications default settings.

loadUserDefaultSettings

private Map<String,SessionControl.SettingInfo> loadUserDefaultSettings(org.hibernate.Session session,
                                                                       int userId)

Load users default settings.

loadUserClientSettings

private Map<String,SessionControl.SettingInfo> loadUserClientSettings(org.hibernate.Session session,
                                                                      int userId,
                                                                      int clientId)

Load users client-specific settings.

saveAllUserSettings

private void saveAllUserSettings(org.hibernate.Session session)

Saves all user settings.

saveSettings

private <I extends SettingData> void saveSettings(org.hibernate.Session session,
                                                  org.hibernate.Query query,
                                                  Map<String,SessionControl.SettingInfo> settings,
                                                  Class<I> dataClass,
                                                  UserData userData,
                                                  ClientData clientData)
                   throws BaseException

Save settings when a user logs out. This method will delete settings that have been deleted, update changed settings and create new settings.

Parameters:

session - The Hibernate session

query - A Hibernate query to load the settings already in the database

settings - The settings to save

dataClass - The Class of the settings, should be one of UserDefaultSettingData or UserClientSettingData

userData - The UserData object for the logged in user

clientData - The ClientData object for the client application

Throws:

BaseException

clearDbControlCache

protected void clearDbControlCache()

cleanUp

protected void cleanUp()

finalize

protected void finalize()
                 throws Throwable

Clean up if a bad client application forgets to logout.

Overrides:

finalize in class Object

Throws:

Throwable