src/main/java/com/enterprisepasswordsafe/database/actions/password/ExpiringAccessiblePasswordsAction.java from alsutton/enterprisepasswordsafe

src/main/java/com/enterprisepasswordsafe/database/actions/password/ExpiringAccessiblePasswordsAction.java
Summary

Maintainability

2 hrs
Test Coverage

Issues
Coverage
/*
 * Copyright (c) 2017 Carbon Security Ltd. <opensource@carbonsecurity.co.uk>
 *
 * Permission to use, copy, modify, and distribute this software for any
 * purpose with or without fee is hereby granted, provided that the above
 * copyright notice and this permission notice appear in all copies.
 *
 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 */

package com.enterprisepasswordsafe.database.actions.password;

import com.enterprisepasswordsafe.database.*;
import com.enterprisepasswordsafe.database.actions.PasswordAction;
import com.enterprisepasswordsafe.database.derived.ExpiringAccessiblePasswords;
import com.enterprisepasswordsafe.engine.accesscontrol.AccessControl;

import java.io.UnsupportedEncodingException;
import java.security.GeneralSecurityException;
import java.sql.SQLException;
import java.util.Calendar;
import java.util.HashSet;
import java.util.Set;


/**
 * Class used to filter expiring passwords.
 */

public class ExpiringAccessiblePasswordsAction implements PasswordAction
{
    /**
     * The default number of days before expiry when a warning is produced.
     */

    private static final int DEFAULT_PASSWORD_EXPIRY_WARNING_DAYS = 7;

    /**
     * The current date.
     */

    private final long now;

    /**
     * The date for expiry warnings.
     */

    private final long expiryWarning;

    /**
     * The user involved.
     */

    private final User user;

    /**
     * The node id for the users password id.
     */

    private String personalNodeId;

    /**
     * The expiring accessible passwords
     */

    private Set<Password> expired = new HashSet<>();

    /**
     * The expired accessible passwords
     */

    private Set<Password> expiring = new HashSet<>();

    public ExpiringAccessiblePasswordsAction(final User user)
            throws SQLException {
        super();

        this.user = user;

        Calendar cal = Calendar.getInstance();
        now = cal.getTimeInMillis();

        Calendar expiryCal = Calendar.getInstance();
        String warningPeriod = ConfigurationDAO.getValue(ConfigurationOption.DAYS_BEFORE_EXPIRY_TO_WARN);
        if (warningPeriod != null && warningPeriod.length() > 0) {
            try {
                expiryCal.add(Calendar.DAY_OF_MONTH, Integer.parseInt(warningPeriod));
            } catch (NumberFormatException ex) {
                ConfigurationDAO.getInstance().delete(ConfigurationOption.DAYS_BEFORE_EXPIRY_TO_WARN);
            }
        } else {
            expiryCal.add(Calendar.DAY_OF_MONTH, DEFAULT_PASSWORD_EXPIRY_WARNING_DAYS);
        }
        expiryWarning = expiryCal.getTimeInMillis();

        HierarchyNode personalNode = HierarchyNodeDAO.getInstance().getPersonalNodeForUser(user);
        if( personalNode != null ) {
            personalNodeId = personalNode.getNodeId();
        }
    }

    /**
     * Analyse a specific password and handle its expiry state.
     *
     * @param testPassword
     *            The password to analyse
     *
     *
     * @throws GeneralSecurityException Thrown if there is a problm accessing the data.
     * @throws SQLException Thrown if there is a problem accessing the database.
     * @throws UnsupportedEncodingException
     */
    @Override
    public void process(final HierarchyNode node, final Password testPassword)
        throws  GeneralSecurityException, SQLException, UnsupportedEncodingException {
        if (testPassword == null || !testPassword.expires()) {
            return;
        }

        AccessControl ac = AccessControlDAO.getInstance().getReadAccessControl(user,testPassword.getId());
        if (ac == null) {
            return;
        }

        // Check that the password is not a personal password
        HierarchyNodeDAO hnDAO = HierarchyNodeDAO.getInstance();
        String ultimateParentId = hnDAO.getByName(testPassword.getId()).getNodeId();
        if(personalNodeId == null) {
            while( ultimateParentId != null && !ultimateParentId.equals(HierarchyNode.ROOT_NODE_ID)) {
                ultimateParentId = hnDAO.getParentIdById(ultimateParentId);
            }
        } else {
            while(    ultimateParentId != null
            &&        !ultimateParentId.equals(personalNodeId)
            &&        !ultimateParentId.equals(HierarchyNode.ROOT_NODE_ID)) {
                ultimateParentId = hnDAO.getParentIdById(ultimateParentId);
            }

        }
        if(ultimateParentId == null) {
            return;
        }

        testPassword.decrypt(ac);
        long expiryDate = testPassword.getExpiry();
        if (expiryDate < now) {
            expired.add(testPassword);
        } else if (expiryDate < expiryWarning) {
            expiring.add(testPassword);
        }
    }

    public Set<Password> getExpired() {
        return expired;
    }

    public Set<Password> getExpiring() {
        return expiring;
    }
}