/*
 * Copyright (C) 2005-2007 Alfresco Software Limited.
 *
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public License
 * as published by the Free Software Foundation; either version 2
 * of the License, or (at your option) any later version.

 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.

 * You should have received a copy of the GNU General Public License
 * along with this program; if not, write to the Free Software
 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.

 * As a special exception to the terms and conditions of version 2.0 of 
 * the GPL, you may redistribute this Program in connection with Free/Libre 
 * and Open Source Software ("FLOSS") applications as described in Alfresco's 
 * FLOSS exception.  You should have recieved a copy of the text describing 
 * the FLOSS exception, and it is also available here: 
 * http://www.alfresco.com/legal/licensing"
 */
package org.alfresco.repo.security.authentication;

import java.util.Date;

import net.sf.acegisecurity.UserDetails;
import net.sf.acegisecurity.providers.dao.UsernameNotFoundException;

import org.alfresco.error.AlfrescoRuntimeException;
import org.springframework.dao.DataAccessException;

/**
 * An authority DAO that has no implementation.
 * 
 * By default it will throw an exception if any method is called.
 * 
 * Any of the getter/setter methods can be enabled with a no action implementation.
 * 
 * This can support deleting users via the UI for LDAP and NTLM. The Alfresco person object is deleted from the UI.
 * The call to delete the user will return with no action. 
 * 
 * The following methods will always fail.
 * 
 * getMD4HashedPassword(String userName)
 * loadUserByUsername(String arg0) 
 * getSalt(UserDetails user)
 * 
 * @author Andy Hind
 */
public class DefaultMutableAuthenticationDao implements MutableAuthenticationDao
{
    private boolean allowCreateUser = false;

    private boolean allowUpdateUser = false;

    private boolean allowDeleteUser = false;

    private boolean allowSetEnabled = false;

    private boolean allowGetEnabled = false;

    private boolean allowSetAccountExpires = false;

    private boolean allowGetAccountHasExpired = false;

    private boolean allowSetCredentialsExpire = false;

    private boolean allowGetCredentialsExpire = false;

    private boolean allowGetCredentialsHaveExpired = false;

    private boolean allowSetAccountLocked = false;

    private boolean allowGetAccountLocked = false;

    private boolean allowSetAccountExpiryDate = false;

    private boolean allowGetAccountExpiryDate = false;

    private boolean allowSetCredentialsExpiryDate = false;

    private boolean allowGetCredentialsExpiryDate = false;
    
    /**
     * Create a user with the given userName and password
     * 
     * If enabled does nothing.
     * 
     * @param userName
     * @param rawPassword
     * @throws AuthenticationException
     */
    public void createUser(String userName, char[] rawPassword) throws AuthenticationException
    {
        if (!allowCreateUser)
        {
            throw new AlfrescoRuntimeException("Create User is not supported");
        }
    }

    /**
     * Update a user's password.
     * 
     * If enabled does nothing.
     * 
     * @param userName
     * @param rawPassword
     * @throws AuthenticationException
     */
    public void updateUser(String userName, char[] rawPassword) throws AuthenticationException
    {
        if (!allowUpdateUser)
        {
            throw new AlfrescoRuntimeException("Update user is not supported");
        }
    }

    /**
     * Delete a user.
     * 
     * If enabled does nothing.
     * 
     * @param userName
     * @throws AuthenticationException
     */
    public void deleteUser(String userName) throws AuthenticationException
    {
        if (!allowDeleteUser)
        {
            throw new AlfrescoRuntimeException("Delete user is not supported");
        }
    }

    /**
     * Check is a user exists.
     * 
     * If enabled returns true.
     * 
     * @param userName
     * @return
     */
    public boolean userExists(String userName)
    {
        // All users may exist
        return true;
    }

    /**
     * Enable/disable a user.
     * 
     * If enabled does nothing.
     * 
     * @param userName
     * @param enabled
     */
    public void setEnabled(String userName, boolean enabled)
    {
        if (!allowSetEnabled)
        {
            throw new AlfrescoRuntimeException("Set enabled is not supported");
        }
    }

    /**
     * Getter for user enabled
     * 
     * If enabled returns true.
     * 
     * @param userName
     * @return
     */
    public boolean getEnabled(String userName)
    {
        if (!allowGetEnabled)
        {
            throw new AlfrescoRuntimeException("Get enabled is not supported");
        }
        return true;
    }

    /**
     * Set if the account should expire
     * 
     * If enabled does nothing.
     * 
     * @param userName
     * @param expires
     */
    public void setAccountExpires(String userName, boolean expires)
    {
        if (!allowSetAccountExpires)
        {
            throw new AlfrescoRuntimeException("Set account expires is not supported");
        }
    }

    /**
     * Does the account expire?
     * 
     * If enabled returns false.
     * 
     * @param userName
     * @return
     */

    public boolean getAccountExpires(String userName)
    {
        if (!allowSetAccountExpires)
        {
            throw new AlfrescoRuntimeException("Get account expires is not supported");
        }
        return false;
    }

    /**
     * Has the account expired?
     * 
     * If enabled returns false.
     * 
     * @param userName
     * @return
     */
    public boolean getAccountHasExpired(String userName)
    {
        if (!allowGetAccountHasExpired)
        {
            throw new AlfrescoRuntimeException("Get account has expired is not supported");
        }
        return false;
    }

    /**
     * Set if the password expires.
     * 
     * If enabled does nothing.
     * 
     * @param userName
     * @param expires
     */
    public void setCredentialsExpire(String userName, boolean expires)
    {
        if (!allowSetCredentialsExpire)
        {
            throw new AlfrescoRuntimeException("Set credentials expire is not supported");
        }
    }

    /**
     * Do the credentials for the user expire?
     * 
     * If enabled returns false.
     * 
     * @param userName
     * @return
     */
    public boolean getCredentialsExpire(String userName)
    {
        if (!allowGetCredentialsExpire)
        {
            throw new AlfrescoRuntimeException("Get credentials expire is not supported");
        }
        return false;
    }

    /**
     * Have the credentials for the user expired?
     * 
     * If enabled returns false.
     * 
     * @param userName
     * @return
     */
    public boolean getCredentialsHaveExpired(String userName)
    {
        if (!allowGetCredentialsHaveExpired)
        {
            throw new AlfrescoRuntimeException("Get credentials have expired is not supported");
        }
        return false;
    }

    /**
     * Set if the account is locked.
     * 
     * If enabled does nothing.
     * 
     * @param userName
     * @param locked
     */
    public void setLocked(String userName, boolean locked)
    {
        if (!allowSetAccountLocked)
        {
            throw new AlfrescoRuntimeException("Set account locked is not supported");
        }
    }

    /**
     * Is the account locked?
     * 
     * If enabled returns false.
     * 
     * @param userName
     * @return
     */
    public boolean getAccountlocked(String userName)
    {
        if (!allowGetAccountLocked)
        {
            throw new AlfrescoRuntimeException("Get account locked is not supported");
        }
        return false;
    }

    /**
     * Set the date on which the account expires
     * 
     * If enabled does nothing.
     * 
     * @param userName
     * @param exipryDate
     */
    public void setAccountExpiryDate(String userName, Date exipryDate)
    {
        if (!allowSetAccountExpiryDate)
        {
            throw new AlfrescoRuntimeException("Set account expiry date is not supported");
        }
    }

    /**
     * Get the date when this account expires.
     * 
     * If enabled returns null.
     * 
     * @param userName
     * @return
     */
    public Date getAccountExpiryDate(String userName)
    {
        if (!allowGetAccountExpiryDate)
        {
            throw new AlfrescoRuntimeException("Get account expiry date is not supported");
        }
        return null;
    }

    /**
     * Set the date when credentials expire.
     * 
     * If enabled does nothing.
     * 
     * @param userName
     * @param exipryDate
     */
    public void setCredentialsExpiryDate(String userName, Date exipryDate)
    {
        if (!allowSetCredentialsExpiryDate)
        {
            throw new AlfrescoRuntimeException("Set credentials expiry date is not supported");
        }
    }

    /**
     * Get the date when the credentials/password expire.
     * 
     * If enabled returns null.
     * 
     * @param userName
     * @return
     */
    public Date getCredentialsExpiryDate(String userName)
    {
        if (!allowGetCredentialsExpiryDate)
        {
            throw new AlfrescoRuntimeException("Get credentials expiry date is not supported");
        }
        return null;
    }

    /**
     * Get the MD4 password hash
     * 
     * Always throws an exception.
     * 
     * @param userName
     * @return
     */
    public String getMD4HashedPassword(String userName)
    {
        throw new AlfrescoRuntimeException("Not implemented");
    }

    /**
     * Return the user details for the specified user
     * 
     *  Always throws an exception.
     * 
     * @param user
     *            String
     * @return UserDetails
     * @exception UsernameNotFoundException
     * @exception DataAccessException
     */
    public UserDetails loadUserByUsername(String arg0) throws UsernameNotFoundException, DataAccessException
    {
        throw new AlfrescoRuntimeException("Not implemented");
    }

    /**
     * Return salt for user
     * 
     * Always throws an exception.
     * 
     * @param user
     *            UserDetails
     * @return Object
     */
    public Object getSalt(UserDetails user)
    {
        throw new AlfrescoRuntimeException("Not implemented");
    }

    
    // -------- //
    // Bean IOC //
    // -------- //
    
    public void setAllowCreateUser(boolean allowCreateUser)
    {
        this.allowCreateUser = allowCreateUser;
    }

    public void setAllowDeleteUser(boolean allowDeleteUser)
    {
        this.allowDeleteUser = allowDeleteUser;
    }

    public void setAllowGetAccountExpiryDate(boolean allowGetAccountExpiryDate)
    {
        this.allowGetAccountExpiryDate = allowGetAccountExpiryDate;
    }

    public void setAllowGetAccountHasExpired(boolean allowGetAccountHasExpired)
    {
        this.allowGetAccountHasExpired = allowGetAccountHasExpired;
    }

    public void setAllowGetAccountLocked(boolean allowGetAccountLocked)
    {
        this.allowGetAccountLocked = allowGetAccountLocked;
    }

    public void setAllowGetCredentialsExpire(boolean allowGetCredentialsExpire)
    {
        this.allowGetCredentialsExpire = allowGetCredentialsExpire;
    }

    public void setAllowGetCredentialsExpiryDate(boolean allowGetCredentialsExpiryDate)
    {
        this.allowGetCredentialsExpiryDate = allowGetCredentialsExpiryDate;
    }

    public void setAllowGetCredentialsHaveExpired(boolean allowGetCredentialsHaveExpired)
    {
        this.allowGetCredentialsHaveExpired = allowGetCredentialsHaveExpired;
    }

    public void setAllowGetEnabled(boolean allowGetEnabled)
    {
        this.allowGetEnabled = allowGetEnabled;
    }

    public void setAllowSetAccountExpires(boolean allowSetAccountExpires)
    {
        this.allowSetAccountExpires = allowSetAccountExpires;
    }

    public void setAllowSetAccountExpiryDate(boolean allowSetAccountExpiryDate)
    {
        this.allowSetAccountExpiryDate = allowSetAccountExpiryDate;
    }

    public void setAllowSetAccountLocked(boolean allowSetAccountLocked)
    {
        this.allowSetAccountLocked = allowSetAccountLocked;
    }

    public void setAllowSetCredentialsExpire(boolean allowSetCredentialsExpire)
    {
        this.allowSetCredentialsExpire = allowSetCredentialsExpire;
    }

    public void setAllowSetCredentialsExpiryDate(boolean allowSetCredentialsExpiryDate)
    {
        this.allowSetCredentialsExpiryDate = allowSetCredentialsExpiryDate;
    }

    public void setAllowSetEnabled(boolean allowSetEnabled)
    {
        this.allowSetEnabled = allowSetEnabled;
    }

    public void setAllowUpdateUser(boolean allowUpdateUser)
    {
        this.allowUpdateUser = allowUpdateUser;
    }
}