001// -------------------------------------------------------------------------------- 002// Copyright 2002-2024 Echo Three, LLC 003// 004// Licensed under the Apache License, Version 2.0 (the "License"); 005// you may not use this file except in compliance with the License. 006// You may obtain a copy of the License at 007// 008// http://www.apache.org/licenses/LICENSE-2.0 009// 010// Unless required by applicable law or agreed to in writing, software 011// distributed under the License is distributed on an "AS IS" BASIS, 012// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 013// See the License for the specific language governing permissions and 014// limitations under the License. 015// -------------------------------------------------------------------------------- 016 017package com.echothree.control.user.authentication.server.command; 018 019import com.echothree.control.user.authentication.common.form.EmployeeLoginForm; 020import com.echothree.model.control.employee.common.workflow.EmployeeStatusConstants; 021import com.echothree.model.control.party.common.PartyRelationshipTypes; 022import com.echothree.model.control.party.common.PartyTypes; 023import com.echothree.model.control.party.common.RoleTypes; 024import com.echothree.model.control.party.server.control.PartyControl; 025import com.echothree.model.control.party.server.logic.LockoutPolicyLogic; 026import com.echothree.model.control.party.server.logic.PartyLogic; 027import com.echothree.model.control.user.server.logic.UserLoginLogic; 028import com.echothree.model.control.workflow.server.logic.WorkflowStepLogic; 029import com.echothree.model.data.user.common.pk.UserVisitPK; 030import com.echothree.util.common.command.BaseResult; 031import com.echothree.util.common.message.ExecutionErrors; 032import com.echothree.util.common.validation.FieldDefinition; 033import com.echothree.util.common.validation.FieldType; 034import com.echothree.util.server.persistence.Session; 035import java.util.Arrays; 036import java.util.Collections; 037import java.util.List; 038 039public class EmployeeLoginCommand 040 extends BaseLoginCommand<EmployeeLoginForm> { 041 042 // No COMMAND_SECURITY_DEFINITION, anyone may execute this command. 043 private final static List<FieldDefinition> FORM_FIELD_DEFINITIONS; 044 045 static { 046 FORM_FIELD_DEFINITIONS = Collections.unmodifiableList(Arrays.asList( 047 new FieldDefinition("Username", FieldType.STRING, true, 1L, 80L), 048 new FieldDefinition("Password", FieldType.STRING, true, 1L, 40L), 049 new FieldDefinition("RemoteInet4Address", FieldType.INET_4_ADDRESS, false, null, null), 050 new FieldDefinition("CompanyName", FieldType.ENTITY_NAME, true, null, null) 051 )); 052 } 053 054 /** Creates a new instance of EmployeeLoginCommand */ 055 public EmployeeLoginCommand(UserVisitPK userVisitPK, EmployeeLoginForm form) { 056 super(userVisitPK, form, null, FORM_FIELD_DEFINITIONS); 057 } 058 059 @Override 060 protected BaseResult execute() { 061 var userLogin = UserLoginLogic.getInstance().getUserLoginByUsername(this, form.getUsername()); 062 063 if(!hasExecutionErrors()) { 064 var party = userLogin.getParty(); 065 var partyDetail = party.getLastDetail(); 066 067 PartyLogic.getInstance().checkPartyType(this, party, PartyTypes.EMPLOYEE.name()); 068 069 if(!hasExecutionErrors()) { 070 var userControl = getUserControl(); 071 var userLoginStatus = userControl.getUserLoginStatusForUpdate(party); 072 073 if(!WorkflowStepLogic.getInstance().isEntityInWorkflowSteps(this, EmployeeStatusConstants.Workflow_EMPLOYEE_STATUS, party, 074 EmployeeStatusConstants.WorkflowStep_ACTIVE).isEmpty()) { 075 LockoutPolicyLogic.getInstance().checkUserLogin(session, this, party, userLoginStatus); 076 077 if(!hasExecutionErrors()) { 078 var partyControl = Session.getModelController(PartyControl.class); 079 080 if(checkPasswords(userLoginStatus, form.getPassword(), party, true)) { 081 var partyCompanyName = form.getCompanyName(); 082 var partyCompany = partyControl.getPartyCompanyByName(partyCompanyName); 083 084 if(partyCompany != null) { 085 var partyCompanyParty = partyCompany.getParty(); 086 var partyRelationshipType = partyControl.getPartyRelationshipTypeByName(PartyRelationshipTypes.EMPLOYMENT.name()); 087 var fromRoleType = partyControl.getRoleTypeByName(RoleTypes.EMPLOYER.name()); 088 var toRoleType = partyControl.getRoleTypeByName(RoleTypes.EMPLOYEE.name()); 089 var partyRelationship = partyControl.getPartyRelationship(partyRelationshipType, partyCompanyParty, 090 fromRoleType, party, toRoleType); 091 092 if(partyRelationship != null) { 093 var strRemoteInet4Address = form.getRemoteInet4Address(); 094 var remoteInet4Address = strRemoteInet4Address == null ? null : Integer.valueOf(form.getRemoteInet4Address()); 095 096 successfulLogin(userLoginStatus, party, partyRelationship, remoteInet4Address); 097 } else { 098 addExecutionError(ExecutionErrors.UnknownPartyRelationship.name(), PartyRelationshipTypes.EMPLOYMENT.name(), 099 partyCompanyParty.getLastDetail().getPartyName(), RoleTypes.EMPLOYER.name(), partyDetail.getPartyName(), 100 RoleTypes.EMPLOYEE.name()); 101 } 102 } else { 103 addExecutionError(ExecutionErrors.UnknownPartyCompanyName.name(), partyCompanyName); 104 } 105 } 106 } 107 } else { 108 addExecutionError(ExecutionErrors.EmployeeNotActive.name(), partyDetail.getPartyName()); 109 } 110 111 if(hasExecutionErrors()) { 112 unsuccessfulLogin(userLoginStatus); 113 } 114 } 115 } 116 117 return null; 118 } 119 120}