1/* 2 * Copyright 2008 the original author or authors. 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16package org.mockftpserver.fake; 17 18import org.mockftpserver.core.util.Assert; 19import org.mockftpserver.fake.filesystem.FileSystemEntry; 20import org.mockftpserver.fake.filesystem.Permissions; 21 22import java.util.List; 23 24/** 25 * Represents a single user account on the server, including the username, password and home 26 * directory. The <code>username</code> and <code>homeDirectory</code> property must be non-null 27 * and non-empty. The <code>homeDirectory</code> property must also match the name of an existing 28 * directory within the file system configured for the <code>FakeFtpServer</code>/ 29 * <p/> 30 * This class also includes several configuration flags, described below. 31 * <p/> 32 * The <code>isValidPassword()</code> method returns true if the specified password matches 33 * the password value configured for this user account. This implementation uses the 34 * <code>isEquals()</code> method to compare passwords. 35 * <p/> 36 * If you want to provide a custom comparison, for instance using encrypted passwords, you can 37 * subclass this class and override the <code>comparePassword()</code> method to provide your own 38 * custom implementation. 39 * <p/> 40 * If the <code>passwordCheckedDuringValidation</code> property is set to false, then the password 41 * value is ignored, and the <code>isValidPassword()</code> method just returns <code<true</code>. 42 * <p/> 43 * The <code>accountRequiredForLogin</code> property defaults to false. If it is set to true, then 44 * it is expected that the login for this account will require an ACCOUNT (ACCT) command after the 45 * PASSWORD (PASS) command is completed. 46 */ 47public class UserAccount { 48 49 public static final String DEFAULT_USER = "system"; 50 public static final String DEFAULT_GROUP = "users"; 51 public static final Permissions DEFAULT_PERMISSIONS_FOR_NEW_FILE = new Permissions("rw-rw-rw-"); 52 public static final Permissions DEFAULT_PERMISSIONS_FOR_NEW_DIRECTORY = Permissions.ALL; 53 54 private String username; 55 private String password; 56 private String homeDirectory; 57 private List groups; 58 private boolean passwordRequiredForLogin = true; 59 private boolean passwordCheckedDuringValidation = true; 60 private boolean accountRequiredForLogin = false; 61 private Permissions defaultPermissionsForNewFile = DEFAULT_PERMISSIONS_FOR_NEW_FILE; 62 63 /** 64 * Construct a new uninitialized instance. 65 */ 66 public UserAccount() { 67 } 68 69 /** 70 * Construct a new initialized instance. 71 * 72 * @param username - the user name 73 * @param password - the password 74 * @param homeDirectory - the home directory 75 */ 76 public UserAccount(String username, String password, String homeDirectory) { 77 setUsername(username); 78 setPassword(password); 79 setHomeDirectory(homeDirectory); 80 } 81 82 public String getUsername() { 83 return username; 84 } 85 86 public void setUsername(String username) { 87 this.username = username; 88 } 89 90 public String getPassword() { 91 return password; 92 } 93 94 public void setPassword(String password) { 95 this.password = password; 96 } 97 98 public String getHomeDirectory() { 99 return homeDirectory; 100 } 101 102 public void setHomeDirectory(String homeDirectory) { 103 this.homeDirectory = homeDirectory; 104 } 105 106 public List getGroups() { 107 return groups; 108 } 109 110 public void setGroups(List groups) { 111 this.groups = groups; 112 } 113 114 public boolean isPasswordRequiredForLogin() { 115 return passwordRequiredForLogin; 116 } 117 118 public void setPasswordRequiredForLogin(boolean passwordRequiredForLogin) { 119 this.passwordRequiredForLogin = passwordRequiredForLogin; 120 } 121 122 public boolean isPasswordCheckedDuringValidation() { 123 return passwordCheckedDuringValidation; 124 } 125 126 public void setPasswordCheckedDuringValidation(boolean passwordCheckedDuringValidation) { 127 this.passwordCheckedDuringValidation = passwordCheckedDuringValidation; 128 } 129 130 public boolean isAccountRequiredForLogin() { 131 return accountRequiredForLogin; 132 } 133 134 public void setAccountRequiredForLogin(boolean accountRequiredForLogin) { 135 this.accountRequiredForLogin = accountRequiredForLogin; 136 } 137 138 public Permissions getDefaultPermissionsForNewFile() { 139 return defaultPermissionsForNewFile; 140 } 141 142 public void setDefaultPermissionsForNewFile(Permissions defaultPermissionsForNewFile) { 143 this.defaultPermissionsForNewFile = defaultPermissionsForNewFile; 144 } 145 146 public Permissions getDefaultPermissionsForNewDirectory() { 147 return defaultPermissionsForNewDirectory; 148 } 149 150 public void setDefaultPermissionsForNewDirectory(Permissions defaultPermissionsForNewDirectory) { 151 this.defaultPermissionsForNewDirectory = defaultPermissionsForNewDirectory; 152 } 153 154 private Permissions defaultPermissionsForNewDirectory = DEFAULT_PERMISSIONS_FOR_NEW_DIRECTORY; 155 156 /** 157 * Return the name of the primary group to which this user belongs. If this account has no associated 158 * groups set, then this method returns the <code>DEFAULT_GROUP</code>. Otherwise, this method 159 * returns the first group name in the <code>groups</code> list. 160 * 161 * @return the name of the primary group for this user 162 */ 163 public String getPrimaryGroup() { 164 return (groups == null || groups.isEmpty()) ? DEFAULT_GROUP : (String) groups.get(0); 165 } 166 167 /** 168 * Return true if the specified password is the correct, valid password for this user account. 169 * This implementation uses standard (case-sensitive) String comparison. Subclasses can provide 170 * custom comparison behavior, for instance using encrypted password values, by overriding this 171 * method. 172 * 173 * @param password - the password to compare against the configured value 174 * @return true if the password is correct and valid 175 * @throws org.mockftpserver.core.util.AssertFailedException 176 * - if the username property is null 177 */ 178 public boolean isValidPassword(String password) { 179 Assert.notNullOrEmpty(username, "username"); 180 return passwordCheckedDuringValidation ? comparePassword(password) : true; 181 } 182 183 /** 184 * @return true if this UserAccount object is valid; i.e. if the homeDirectory is non-null and non-empty. 185 */ 186 public boolean isValid() { 187 return homeDirectory != null && homeDirectory.length() > 0; 188 } 189 190 /** 191 * @return the String representation of this object 192 */ 193 public String toString() { 194 return "UserAccount[username=" + username + "; password=" + password + "; homeDirectory=" 195 + homeDirectory + "; passwordRequiredForLogin=" + passwordRequiredForLogin + "]"; 196 } 197 198 /** 199 * Return true if this user has read access to the file/directory represented by the specified FileSystemEntry object. 200 * 201 * @param entry - the FileSystemEntry representing the file or directory 202 * @return true if this use has read access 203 */ 204 public boolean canRead(FileSystemEntry entry) { 205 Permissions permissions = entry.getPermissions(); 206 if (permissions == null) { 207 return true; 208 } 209 210 if (username == entry.getOwner()) { 211 return permissions.canUserRead(); 212 } 213 if (groups != null && groups.contains(entry.getGroup())) { 214 return permissions.canGroupRead(); 215 } 216 return permissions.canWorldRead(); 217 } 218 219 /** 220 * Return true if this user has write access to the file/directory represented by the specified FileSystemEntry object. 221 * 222 * @param entry - the FileSystemEntry representing the file or directory 223 * @return true if this use has write access 224 */ 225 public boolean canWrite(FileSystemEntry entry) { 226 Permissions permissions = entry.getPermissions(); 227 if (permissions == null) { 228 return true; 229 } 230 231 if (username == entry.getOwner()) { 232 return permissions.canUserWrite(); 233 } 234 if (groups != null && groups.contains(entry.getGroup())) { 235 return permissions.canGroupWrite(); 236 } 237 return permissions.canWorldWrite(); 238 } 239 240 /** 241 * Return true if this user has execute access to the file/directory represented by the specified FileSystemEntry object. 242 * 243 * @param entry - the FileSystemEntry representing the file or directory 244 * @return true if this use has execute access 245 */ 246 public boolean canExecute(FileSystemEntry entry) { 247 Permissions permissions = entry.getPermissions(); 248 if (permissions == null) { 249 return true; 250 } 251 252 if (username == entry.getOwner()) { 253 return permissions.canUserExecute(); 254 } 255 if (groups != null && groups.contains(entry.getGroup())) { 256 return permissions.canGroupExecute(); 257 } 258 return permissions.canWorldExecute(); 259 } 260 261 /** 262 * Return true if the specified password matches the password configured for this user account. 263 * This implementation uses standard (case-sensitive) String comparison. Subclasses can provide 264 * custom comparison behavior, for instance using encrypted password values, by overriding this 265 * method. 266 * 267 * @param password - the password to compare against the configured value 268 * @return true if the passwords match 269 */ 270 protected boolean comparePassword(String password) { 271 return password != null && password.equals(this.password); 272 } 273 274}