From 7f7bd651122754a3df47894b64ddb0456561bbe7 Mon Sep 17 00:00:00 2001
From: vlad <vlad@driver.xyz>
Date: Thu, 13 Jul 2017 02:27:55 -0700
Subject: Updates for authentication

---
 .../driver/pdsuicommon/domain/PasswordHash.scala   | 36 ---------
 .../scala/xyz/driver/pdsuicommon/domain/User.scala | 88 ++++++++++++++++++++--
 2 files changed, 83 insertions(+), 41 deletions(-)
 delete mode 100644 src/main/scala/xyz/driver/pdsuicommon/domain/PasswordHash.scala

(limited to 'src/main/scala/xyz/driver/pdsuicommon/domain')

diff --git a/src/main/scala/xyz/driver/pdsuicommon/domain/PasswordHash.scala b/src/main/scala/xyz/driver/pdsuicommon/domain/PasswordHash.scala
deleted file mode 100644
index 337d925..0000000
--- a/src/main/scala/xyz/driver/pdsuicommon/domain/PasswordHash.scala
+++ /dev/null
@@ -1,36 +0,0 @@
-package xyz.driver.pdsuicommon.domain
-
-import java.nio.charset.Charset
-
-import org.mindrot.jbcrypt.BCrypt
-
-final case class PasswordHash(value: Array[Byte]) {
-
-  lazy val hashString: String = new String(value, Charset.forName("UTF-8"))
-
-  override def toString: String = {
-    s"${this.getClass.getSimpleName}($hashString)"
-  }
-
-  override def equals(that: Any): Boolean = {
-    that match {
-      case thatHash: PasswordHash => java.util.Arrays.equals(this.value, thatHash.value)
-      case _                      => false
-    }
-  }
-
-  override def hashCode(): Int =
-    42 + java.util.Arrays.hashCode(this.value)
-
-  def is(password: String): Boolean =
-    BCrypt.checkpw(password, hashString)
-}
-
-object PasswordHash {
-
-  def apply(password: String): PasswordHash =
-    new PasswordHash(getHash(password))
-
-  private def getHash(str: String): Array[Byte] =
-    BCrypt.hashpw(str, BCrypt.gensalt()).getBytes(Charset.forName("UTF-8"))
-}
diff --git a/src/main/scala/xyz/driver/pdsuicommon/domain/User.scala b/src/main/scala/xyz/driver/pdsuicommon/domain/User.scala
index 4920176..654af1a 100644
--- a/src/main/scala/xyz/driver/pdsuicommon/domain/User.scala
+++ b/src/main/scala/xyz/driver/pdsuicommon/domain/User.scala
@@ -2,7 +2,7 @@ package xyz.driver.pdsuicommon.domain
 
 import java.math.BigInteger
 import java.security.SecureRandom
-import java.time.LocalDateTime
+import java.time.{Instant, LocalDateTime, ZoneId}
 
 import xyz.driver.pdsuicommon.logging._
 import xyz.driver.pdsuicommon.domain.User.Role
@@ -11,10 +11,22 @@ import xyz.driver.pdsuicommon.utils.Utils
 final case class User(id: StringId[User],
                       email: Email,
                       name: String,
-                      role: Role,
-                      passwordHash: PasswordHash,
+                      roles: Set[Role],
                       latestActivity: Option[LocalDateTime],
-                      deleted: Option[LocalDateTime])
+                      deleted: Option[LocalDateTime]) {
+
+  def this(driverUser: xyz.driver.entities.users.UserInfo) {
+    this(
+      id = StringId[xyz.driver.pdsuicommon.domain.User](driverUser.id.value),
+      email = Email(driverUser.email.toString),
+      name = driverUser.name.toString,
+      roles = driverUser.roles.flatMap(User.mapRoles),
+      latestActivity =
+        driverUser.lastLoginTime.map(t => Instant.ofEpochMilli(t.millis).atZone(ZoneId.of("Z")).toLocalDateTime),
+      deleted = Option.empty[LocalDateTime]
+    )
+  }
+}
 
 object User {
 
@@ -74,7 +86,7 @@ object User {
 
   implicit def toPhiString(x: User): PhiString = {
     import x._
-    phi"User(id=$id, role=$role)"
+    phi"User(id=$id, roles=${Unsafe(roles.map(_.toString).mkString(", "))})"
   }
 
   // SecureRandom is thread-safe, see the implementation
@@ -82,4 +94,70 @@ object User {
 
   def createPassword: String = new BigInteger(240, random).toString(32)
 
+  def mapRoles(coreRole: xyz.driver.core.auth.Role): Set[xyz.driver.pdsuicommon.domain.User.Role] = {
+    coreRole match {
+      case xyz.driver.entities.auth.AdministratorRole =>
+        Set(
+          xyz.driver.pdsuicommon.domain.User.Role.SystemUser,
+          xyz.driver.pdsuicommon.domain.User.Role.RecordAdmin,
+          xyz.driver.pdsuicommon.domain.User.Role.TrialAdmin,
+          xyz.driver.pdsuicommon.domain.User.Role.TreatmentMatchingAdmin
+        )
+      case xyz.driver.entities.auth.RecordAdmin =>
+        Set(xyz.driver.pdsuicommon.domain.User.Role.RecordAdmin)
+      case xyz.driver.entities.auth.RecordCleaner =>
+        Set(xyz.driver.pdsuicommon.domain.User.Role.RecordCleaner)
+      case xyz.driver.entities.auth.RecordOrganizer =>
+        Set(xyz.driver.pdsuicommon.domain.User.Role.RecordOrganizer)
+      case xyz.driver.entities.auth.DocumentExtractor =>
+        Set(xyz.driver.pdsuicommon.domain.User.Role.DocumentExtractor)
+      case xyz.driver.entities.auth.TrialSummarizer =>
+        Set(xyz.driver.pdsuicommon.domain.User.Role.TrialSummarizer)
+      case xyz.driver.entities.auth.CriteriaCurator =>
+        Set(xyz.driver.pdsuicommon.domain.User.Role.CriteriaCurator)
+      case xyz.driver.entities.auth.TrialAdmin =>
+        Set(xyz.driver.pdsuicommon.domain.User.Role.TrialAdmin)
+      case xyz.driver.entities.auth.EligibilityVerifier =>
+        Set(xyz.driver.pdsuicommon.domain.User.Role.EligibilityVerifier)
+      case xyz.driver.entities.auth.TreatmentMatchingAdmin =>
+        Set(xyz.driver.pdsuicommon.domain.User.Role.TreatmentMatchingAdmin)
+      case xyz.driver.entities.auth.RoutesCurator =>
+        Set(xyz.driver.pdsuicommon.domain.User.Role.RoutesCurator)
+      case xyz.driver.entities.auth.ResearchOncologist =>
+        Set(xyz.driver.pdsuicommon.domain.User.Role.ResearchOncologist)
+      case _ =>
+        Set.empty[xyz.driver.pdsuicommon.domain.User.Role]
+    }
+  }
+
+  def mapRolesToDriver(pdsuiRole: xyz.driver.pdsuicommon.domain.User.Role): Set[xyz.driver.core.auth.Role] = {
+    pdsuiRole match {
+      case xyz.driver.pdsuicommon.domain.User.Role.SystemUser =>
+        Set(xyz.driver.entities.auth.AdministratorRole)
+      case xyz.driver.pdsuicommon.domain.User.Role.RecordAdmin =>
+        Set(xyz.driver.entities.auth.RecordAdmin)
+      case xyz.driver.pdsuicommon.domain.User.Role.RecordCleaner =>
+        Set(xyz.driver.entities.auth.RecordCleaner)
+      case xyz.driver.pdsuicommon.domain.User.Role.RecordOrganizer =>
+        Set(xyz.driver.entities.auth.RecordOrganizer)
+      case xyz.driver.pdsuicommon.domain.User.Role.DocumentExtractor =>
+        Set(xyz.driver.entities.auth.DocumentExtractor)
+      case xyz.driver.pdsuicommon.domain.User.Role.TrialSummarizer =>
+        Set(xyz.driver.entities.auth.TrialSummarizer)
+      case xyz.driver.pdsuicommon.domain.User.Role.CriteriaCurator =>
+        Set(xyz.driver.entities.auth.CriteriaCurator)
+      case xyz.driver.pdsuicommon.domain.User.Role.TrialAdmin =>
+        Set(xyz.driver.entities.auth.TrialAdmin)
+      case xyz.driver.pdsuicommon.domain.User.Role.EligibilityVerifier =>
+        Set(xyz.driver.entities.auth.EligibilityVerifier)
+      case xyz.driver.pdsuicommon.domain.User.Role.TreatmentMatchingAdmin =>
+        Set(xyz.driver.entities.auth.TreatmentMatchingAdmin)
+      case xyz.driver.pdsuicommon.domain.User.Role.RoutesCurator =>
+        Set(xyz.driver.entities.auth.RoutesCurator)
+      case xyz.driver.pdsuicommon.domain.User.Role.ResearchOncologist =>
+        Set(xyz.driver.entities.auth.ResearchOncologist)
+      case _ =>
+        Set.empty[xyz.driver.core.auth.Role]
+    }
+  }
 }
-- 
cgit v1.2.3