GUACAMOLE-1479: Switch JDBC module to use disabled methods instead of attributes.

Author: necouchman

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/sharing/user/SharedUser.java

@@ -78,6 +78,28 @@ public String getIdentifier() {
     public void setIdentifier(String identifier) {
         throw new UnsupportedOperationException("Users authenticated via share keys are immutable.");
     }
+    
+    /**
+     * {@inheritDoc}
+     * 
+     * <p>SharedUser accounts are always enabled, as access is controlled via
+     * the shared token.
+     */
+    @Override
+    public boolean isDisabled() {
+        return false;
+    }
+    
+    /**
+     * {@inheritDoc}
+     * 
+     * <p>This method silently ignores the value passed in the disabled parameter,
+     * as disabling the account is done by invalidating the sharing token.
+     */
+    @Override
+    public void setDisabled(boolean disabled) {
+        // Silently ignore the parameter
+    }
 
     @Override
     public Map<String, String> getAttributes() {

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/user/ModeledUser.java

@@ -63,12 +63,6 @@ public class ModeledUser extends ModeledPermissions<UserModel> implements User {
      */
     private static final Logger logger = LoggerFactory.getLogger(ModeledUser.class);
 
-    /**
-     * The name of the attribute which controls whether a user account is
-     * disabled.
-     */
-    public static final String DISABLED_ATTRIBUTE_NAME = "disabled";
-
     /**
      * The name of the attribute which controls whether a user's password is
      * expired and must be reset upon login.
@@ -121,7 +115,6 @@ public class ModeledUser extends ModeledPermissions<UserModel> implements User {
      * form.
      */
     public static final Form ACCOUNT_RESTRICTIONS = new Form("restrictions", Arrays.<Field>asList(
-        new BooleanField(DISABLED_ATTRIBUTE_NAME, "true"),
         new BooleanField(EXPIRED_ATTRIBUTE_NAME, "true"),
         new TimeField(ACCESS_WINDOW_START_ATTRIBUTE_NAME),
         new TimeField(ACCESS_WINDOW_END_ATTRIBUTE_NAME),
@@ -149,7 +142,6 @@ public class ModeledUser extends ModeledPermissions<UserModel> implements User {
                 User.Attribute.EMAIL_ADDRESS,
                 User.Attribute.ORGANIZATION,
                 User.Attribute.ORGANIZATIONAL_ROLE,
-                DISABLED_ATTRIBUTE_NAME,
                 EXPIRED_ATTRIBUTE_NAME,
                 ACCESS_WINDOW_START_ATTRIBUTE_NAME,
                 ACCESS_WINDOW_END_ATTRIBUTE_NAME,
@@ -281,6 +273,16 @@ public void setPassword(String password) {
         userModel.setPasswordDate(new Timestamp(System.currentTimeMillis()));
 
     }
+    
+    @Override
+    public boolean isDisabled() {
+        return getModel().isDisabled();
+    }
+    
+    @Override
+    public void setDisabled(boolean disabled) {
+        getModel().setDisabled(disabled);
+    }
 
     /**
      * Returns the this user's current password record. If the user is new, this
@@ -309,9 +311,6 @@ public PasswordRecordModel getPasswordRecord() {
      */
     private void putRestrictedAttributes(Map<String, String> attributes) {
 
-        // Set disabled attribute
-        attributes.put(DISABLED_ATTRIBUTE_NAME, getModel().isDisabled() ? "true" : null);
-
         // Set password expired attribute
         attributes.put(EXPIRED_ATTRIBUTE_NAME, getModel().isExpired() ? "true" : null);
 
@@ -424,10 +423,6 @@ private Time parseTime(String timeString)
      */
     private void setRestrictedAttributes(Map<String, String> attributes) {
 
-        // Translate disabled attribute
-        if (attributes.containsKey(DISABLED_ATTRIBUTE_NAME))
-            getModel().setDisabled("true".equals(attributes.get(DISABLED_ATTRIBUTE_NAME)));
-
         // Translate password expired attribute
         if (attributes.containsKey(EXPIRED_ATTRIBUTE_NAME))
             getModel().setExpired("true".equals(attributes.get(EXPIRED_ATTRIBUTE_NAME)));
@@ -737,19 +732,6 @@ public boolean isAccountAccessible() {
         return isActive(getAccessWindowStart(), getAccessWindowEnd());
     }
 
-    /**
-     * Returns whether this user account has been disabled. The credentials of
-     * disabled user accounts are treated as invalid, effectively disabling
-     * that user's access to data for which they would otherwise have
-     * permission.
-     *
-     * @return
-     *     true if this user account has been disabled, false otherwise.
-     */
-    public boolean isDisabled() {
-        return getModel().isDisabled();
-    }
-
     /**
      * Returns whether this user's password has expired. If a user's password
      * is expired, it must be immediately changed upon login. A user account

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/usergroup/ModeledUserGroup.java

@@ -42,36 +42,17 @@
 public class ModeledUserGroup extends ModeledPermissions<UserGroupModel>
         implements UserGroup {
 
-    /**
-     * The name of the attribute which controls whether a user group is
-     * disabled.
-     */
-    public static final String DISABLED_ATTRIBUTE_NAME = "disabled";
-
-    /**
-     * All attributes related to restricting user groups, within a logical
-     * form.
-     */
-    public static final Form ACCOUNT_RESTRICTIONS = new Form("restrictions", Arrays.<Field>asList(
-        new BooleanField(DISABLED_ATTRIBUTE_NAME, "true")
-    ));
-
     /**
      * All possible attributes of user groups organized as individual,
      * logical forms.
      */
-    public static final Collection<Form> ATTRIBUTES = Collections.unmodifiableCollection(Arrays.asList(
-        ACCOUNT_RESTRICTIONS
-    ));
-
+    public static final Collection<Form> ATTRIBUTES = Collections.emptyList();
+    
     /**
      * The names of all attributes which are explicitly supported by this
      * extension's UserGroup objects.
      */
-    public static final Set<String> ATTRIBUTE_NAMES =
-            Collections.unmodifiableSet(new HashSet<String>(Arrays.asList(
-                DISABLED_ATTRIBUTE_NAME
-            )));
+    public static final Set<String> ATTRIBUTE_NAMES = Collections.emptySet();
 
     /**
      * Provider for RelatedObjectSets containing the user groups of which this
@@ -121,6 +102,16 @@ public void init(ModeledAuthenticatedUser currentUser, UserGroupModel model,
         super.init(currentUser, model);
         this.exposeRestrictedAttributes = exposeRestrictedAttributes;
     }
+    
+    @Override
+    public boolean isDisabled() {
+        return getModel().isDisabled();
+    }
+    
+    @Override
+    public void setDisabled(boolean disabled) {
+        getModel().setDisabled(disabled);
+    }
 
     /**
      * Stores all restricted (privileged) attributes within the given Map,
@@ -133,9 +124,6 @@ public void init(ModeledAuthenticatedUser currentUser, UserGroupModel model,
      */
     private void putRestrictedAttributes(Map<String, String> attributes) {
 
-        // Set disabled attribute
-        attributes.put(DISABLED_ATTRIBUTE_NAME, getModel().isDisabled() ? "true" : null);
-
     }
 
     /**
@@ -147,9 +135,6 @@ private void putRestrictedAttributes(Map<String, String> attributes) {
      */
     private void setRestrictedAttributes(Map<String, String> attributes) {
 
-        // Translate disabled attribute
-        getModel().setDisabled("true".equals(attributes.get(DISABLED_ATTRIBUTE_NAME)));
-
     }
 
     @Override