EDIT

// $Id$

/**

* Copyright (C) 2007 EDIT

* European Distributed Institute of Taxonomy 

* http://www.e-taxonomy.eu

* 

* The contents of this file are subject to the Mozilla Public License Version 1.1

* See LICENSE.TXT at the top of this package for the full license terms.

*/

package eu.etaxonomy.taxeditor.store;

import java.util.Observable;

import org.springframework.security.authentication.BadCredentialsException;

import org.springframework.security.authentication.LockedException;

import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;

import org.springframework.security.core.Authentication;

import org.springframework.security.core.context.SecurityContextHolder;

import eu.etaxonomy.cdm.api.conversation.ConversationHolder;

import eu.etaxonomy.cdm.api.conversation.IConversationEnabled;

import eu.etaxonomy.cdm.model.common.User;

import eu.etaxonomy.cdm.persistence.hibernate.CdmDataChangeMap;

/**

 * <p>LoginManager class.</p>

 *

 * @author n.hoffmann

 * @created 03.07.2009

 * @version 1.0

 */

public class LoginManager extends Observable implements IConversationEnabled{

	private ConversationHolder conversation;

	/**

	 * <p>authenticate</p>

	 *

	 * @param token a {@link org.springframework.security.authentication.UsernamePasswordAuthenticationToken} object.

	 */

	public boolean authenticate(String username, String password){		

		try{

			getConversationHolder().bind();

			UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(username, password); 

			SecurityContextHolder.clearContext();

			Authentication authentication = CdmStore.getAuthenticationManager().authenticate(token);		

			SecurityContextHolder.getContext().setAuthentication(authentication);

			this.setChanged();

			this.notifyObservers();

			return true;

		}

		catch(BadCredentialsException e){

			StoreUtil.warningDialog("Could not authenticate", this, "Could not authenticate. Reason: Bad Credentials.");

		}

		catch(LockedException e){

			StoreUtil.warningDialog("Could not authenticate", this, "Could not authenticate. Reason: Account is locked.");

		}

		catch(IllegalArgumentException e){

			StoreUtil.warningDialog("Could not authenticate", this, "Could not authenticate. Reason: Username and/or Password empty.");

		}

		return false;

	}

	/**

	 * <p>getAuthenticatedUser</p>

	 *

	 * @return a {@link eu.etaxonomy.cdm.model.common.User} object.

	 */

	public User getAuthenticatedUser(){

		Authentication authentication = SecurityContextHolder.getContext().getAuthentication();

		if(authentication != null 

				&& authentication.getPrincipal() != null 

				&& authentication.getPrincipal() instanceof User){

			return (User)authentication.getPrincipal();

		}

		return null;

	}

	public void logoutAll(){

		SecurityContextHolder.clearContext();

		notifyObservers();		

	}

	/* (non-Javadoc)

	 * @see eu.etaxonomy.cdm.persistence.hibernate.ICdmPostDataChangeObserver#update(eu.etaxonomy.cdm.persistence.hibernate.CdmDataChangeMap)

	 */

	@Override

	public void update(CdmDataChangeMap arg) {}

	/* (non-Javadoc)

	 * @see eu.etaxonomy.cdm.api.conversation.IConversationEnabled#getConversationHolder()

	 */

	@Override

	public ConversationHolder getConversationHolder() {

		if(conversation == null){

			conversation = CdmStore.createConversation();

		}

		return conversation;

	}

	/**

	 * Whether the current user has the role admin

	 * 

	 * @return

	 */

	public boolean isAdmin() {

		// FIXME until we have rights implemented properly we do this

		// by a simple string check. This has to change 

		return "admin".equals(getAuthenticatedUser().getUsername());

	}

}