Added removeUserRole method to UserRoleManager

Added new userHasPermissions method overload to AuthManager
Added new userHasPermissions method overload to Subject
Fixed bugs and missing methods in Subject
Fixed deprecated methods in NativeMethods
Fixed other small bugs
Updated JavaDoc

Signed-off-by: Joshua Gager <[email protected]>

Author: jlgager24

src/main/java/com/jgcomptech/tools/NativeMethods.java

@@ -39,7 +39,7 @@ public static int getProductInfo(final int major, final int minor) {
 
     /** Interface object to hold all the Kernel32 Instances. */
     public interface Kernel32 extends com.sun.jna.platform.win32.Kernel32 {
-        Kernel32 INSTANCE = Native.loadLibrary("kernel32", Kernel32.class, W32APIOptions.DEFAULT_OPTIONS);
+        Kernel32 INSTANCE = Native.load("kernel32", Kernel32.class, W32APIOptions.DEFAULT_OPTIONS);
 
         boolean GetProductInfo(
                 int dwOSMajorVersion,
@@ -53,7 +53,7 @@ boolean GetProductInfo(
 
     /** Interface object to hold all the Shell32 Instances. */
     public interface Shell32 extends com.sun.jna.platform.win32.Shell32 {
-        Shell32 INSTANCE = Native.loadLibrary("shell32", Shell32.class, W32APIOptions.DEFAULT_OPTIONS);
+        Shell32 INSTANCE = Native.load("shell32", Shell32.class, W32APIOptions.DEFAULT_OPTIONS);
 
         WinDef.HINSTANCE ShellExecuteW(WinDef.HWND hwnd,
                                        String lpOperation,
@@ -65,7 +65,7 @@ WinDef.HINSTANCE ShellExecuteW(WinDef.HWND hwnd,
 
     /** Interface object to hold all the Secur32 Instances. */
     public interface Secur32 extends com.sun.jna.platform.win32.Secur32 {
-        Secur32 INSTANCE = Native.loadLibrary("secur32", Secur32.class, W32APIOptions.DEFAULT_OPTIONS);
+        Secur32 INSTANCE = Native.load("secur32", Secur32.class, W32APIOptions.DEFAULT_OPTIONS);
     }
 
     /** Prevents instantiation of this utility class. */

src/main/java/com/jgcomptech/tools/authc/AuthManager.java

@@ -11,7 +11,7 @@
 
 import java.time.LocalDateTime;
 import java.time.format.DateTimeFormatter;
-import java.util.HashMap;
+import java.util.Arrays;
 import java.util.HashSet;
 import java.util.Map;
 
@@ -691,6 +691,17 @@ public boolean userHasPermission(final String username, final String permissionN
         return getUserRole(username).hasPermission(permissionName);
     }
 
+    /**
+     * Checks if the specified username has ALL the specified permissions.
+     * @param username the username to check
+     * @param permissionNames a list of all the names of the permissions to check
+     * @return true if the currently assigned username has ALL the specified permissions
+     * @since 1.5.1 new overload
+     */
+    public boolean userHasPermissions(final String username, final String... permissionNames) {
+        return Arrays.stream(permissionNames).allMatch(permissionName -> userHasPermission(username, permissionName));
+    }
+
     /**
      * Checks if the specified username has ALL the specified permissions.
      * @param username the username to check

src/main/java/com/jgcomptech/tools/authc/SessionManager.java

@@ -8,6 +8,7 @@
 import org.jetbrains.annotations.Contract;
 import org.jetbrains.annotations.Nullable;
 
+import java.util.Collections;
 import java.util.HashMap;
 import java.util.Map;
 import java.util.Objects;
@@ -571,7 +572,7 @@ public SessionEvent getEventMultiSessionClosed() {
      * Returns the current logged in sessions under the multi session context.
      * @return the current logged in sessions under the multi session context
      */
-    public Map<String, Session> getSessions() { return multiUserSessions; }
+    public Map<String, Session> getSessions() { return Collections.unmodifiableMap(multiUserSessions); }
 
     /** Returns the username of the currently logged in user under the single session context.
      * @return the username of the currently logged in user under the single session context

src/main/java/com/jgcomptech/tools/authc/Subject.java

@@ -27,21 +27,44 @@ public Subject(final AuthManager authManager) {
      * Attempts to login the specified user account from the specified token under the single-session context.
      * @param token the username and password token to use for login
      * @return true if login succeeds, false if login fails
+     * @throws CredentialsException if the token is null, if the username or password in the specified token are null
+     * or if the username in the specified token is an empty string
+     * @throws ConcurrentAccessException if user is already logged in under the specified context
      */
     @Contract("null -> fail")
-    public boolean login(final UsernamePasswordToken token) { return login(token, false); }
+    public boolean login(final UsernamePasswordToken token)
+            throws CredentialsException, ConcurrentAccessException { return login(token, false); }
 
     /**
      * Attempts to login the specified user account from the previously saved token under the single-session context.
      * The token is only saved if the previously supplied token had rememberMe set to true.
      * @return true if login succeeds, false if login fails
-     * @throws CredentialsException if no token was previously saved
+     * @throws CredentialsException if no token was previously saved, if the token is null,
+     * if the username or password in the specified token are null
+     * or if the username in the specified token is an empty string
+     * @throws ConcurrentAccessException if user is already logged in under the specified context
      */
-    public boolean login() {
+    public boolean login() throws CredentialsException, ConcurrentAccessException {
+        return login(false);
+    }
+
+    /**
+     * Attempts to login the specified user account from the previously saved token under the single-session context.
+     * The token is only saved if the previously supplied token had rememberMe set to true.
+     * @param multiSession if true, logs in the user under the multi-session context,
+     *                     or if false, under the single-session context
+     * @return true if login succeeds, false if login fails
+     * @throws CredentialsException if no token was previously saved, if the token is null,
+     * if the username or password in the specified token are null
+     * or if the username in the specified token is an empty string
+     * @throws ConcurrentAccessException if user is already logged in under the specified context
+     * @since 1.5.1 new overload
+     */
+    public boolean login(final boolean multiSession) throws CredentialsException, ConcurrentAccessException {
         if(token == null || token.getUsername() == null || token.getPassword() == null) {
             throw new CredentialsException("Subject Credential Token Not Saved!");
         }
-        return login(token, false);
+        return login(token, multiSession);
     }
 
     /**
@@ -50,20 +73,27 @@ public boolean login() {
      * @param multiSession if true, logs in the user under the multi-session context,
      *                     or if false, under the single-session context
      * @return true if login succeeds, false if login fails
+     * @throws CredentialsException if the token is null, if the username or password in the specified token are null
+     * or if the username in the specified token is an empty string
+     * @throws ConcurrentAccessException if user is already logged in under the specified context
      */
     @Contract("null, _ -> fail")
-    public boolean login(final UsernamePasswordToken token, final boolean multiSession) {
+    public boolean login(final UsernamePasswordToken token, final boolean multiSession)
+            throws CredentialsException, ConcurrentAccessException {
         if(token == null) throw new CredentialsException("Login Token cannot be null!");
         if(token.getUsername() == null || token.getPassword() == null) {
             throw new CredentialsException("Login Token Username and Password cannot be null!");
         }
+        if(token.getUsername().trim().isEmpty()) {
+            throw new CredentialsException("Login Token Username cannot be empty!");
+        }
         if(authManager.userExists(token.getUsername())) {
             final var account = authManager.getUser(token.getUsername());
             username = token.getUsername();
             final var password = token.getPassword();
             if (getSession(multiSession) == null) {
                 if (authManager.checkPasswordMatches(username, new String(password))
-                        && authManager.loginUser(username)) {
+                        && authManager.loginUser(username, multiSession)) {
                     if(token.isRememberMe()) {
                         remembered = true;
                         this.token = new UsernamePasswordToken(username, password);
@@ -166,7 +196,7 @@ public String getLastSessionDurationStringFull() {
      * Checks if the subject's assigned username is currently logged in.
      * @return true if the subject's assigned username is currently logged in
      */
-    public boolean isAuthenticated() { return username != null && getSession() != null; }
+    public boolean isAuthenticated() { return !isAnonymous() && getSession() != null; }
 
     /**
      * Checks if the subject's assigned username is currently logged in.
@@ -215,7 +245,7 @@ public Session getSession(final boolean multiSession) {
      * @return true if password is changed successfully
      */
     public boolean setPassword(final String password) {
-        assertAuthenticated();
+        assertNotAnonymous();
         if (password == null) {
             throw new IllegalArgumentException("Password cannot be null!");
         }
@@ -247,6 +277,18 @@ public boolean hasPermission(final String permissionName) {
      * @return true if the currently assigned username has ALL the specified permissions
      */
     public boolean hasPermissions(final HashSet<String> permissionNames) {
+        assertNotAnonymous();
+        return authManager.userHasPermissions(username, permissionNames);
+    }
+
+    /**
+     * Checks if the currently assigned username has ALL the specified permissions.
+     * @param permissionNames a list of all the names of the permissions to check
+     * @return true if the currently assigned username has ALL the specified permissions
+     * @since 1.5.1 new overload
+     */
+    public boolean hasPermissions(final String... permissionNames) {
+        assertNotAnonymous();
         return authManager.userHasPermissions(username, permissionNames);
     }
 
@@ -383,10 +425,12 @@ public boolean checkPasswordMatches(final String password)  {
     }
 
     /** Throws an UnknownAccountException if the Subject is anonymous. */
-    private void assertNotAnonymous() { if(isAnonymous()) throw new UnknownAccountException("Subject is anonymous!"); }
+    private void assertNotAnonymous() throws UnknownAccountException {
+        if(isAnonymous()) throw new UnknownAccountException("Subject is anonymous!");
+    }
 
     /** Throws an UnauthenticatedException if the Subject is not authenticated. */
-    private void assertAuthenticated() {
+    private void assertAuthenticated() throws UnauthenticatedException {
         if(!isAuthenticated(false) && !isAuthenticated(true)) {
             throw new UnauthenticatedException("Subject is not authenticated!");
         }

src/main/java/com/jgcomptech/tools/authc/UserRole.java

@@ -6,7 +6,9 @@
 import org.apache.commons.lang3.builder.ToStringBuilder;
 
 import java.util.Arrays;
+import java.util.Collections;
 import java.util.HashSet;
+import java.util.Set;
 
 /**
  * An object representing a user account role.
@@ -59,7 +61,7 @@ public void disable() {
      * Returns a list of permissions assigned to the user role.
      * @return a list of permissions assigned to the user role
      */
-    public HashSet<String> getPermissions() { return permissions; }
+    public Set<String> getPermissions() { return Collections.unmodifiableSet(permissions); }
 
     /**
      * Checks if the user role has the specified permission.
@@ -209,7 +211,7 @@ public Builder add(final String name) {
             final var result = role.addPermission(name);
             if(!result) throw new IllegalStateException(
                     "Modification Failed! Could Not Add Permission \""
-                            + name + "\" to user role \"" + role.name + "\"!");
+                            + name + "\" to user role \"" + role.getName() + "\"!");
             return this;
         }
 
@@ -224,7 +226,7 @@ public Builder add(final String... names) {
             final var result = Arrays.stream(names).allMatch(role::addPermission);
             if(!result) throw new IllegalStateException(
                     "Modification Failed! Could Not Add Permissions \""
-                            + name + "\" to user role \"" + role.name + "\"!");
+                            + name + "\" to user role \"" + role.getName() + "\"!");
             return this;
         }
 
@@ -240,7 +242,7 @@ public Builder addImplicit(final String name) {
             final var result = role.addImplicitPermission(name);
             if(!result) throw new IllegalStateException(
                     "Modification Failed! Could Not Add Implicit Permission \""
-                            + name + "\" to user role \"" + role.name + "\"!");
+                            + name + "\" to user role \"" + role.getName() + "\"!");
             return this;
         }
 
@@ -256,7 +258,7 @@ public Builder addImplicit(final String... names) {
             final var result = Arrays.stream(names).allMatch(role::addImplicitPermission);
             if(!result) throw new IllegalStateException(
                     "Modification Failed! Could Not Add Implicit Permissions \""
-                            + name + "\" to user role \"" + role.name + "\"!");
+                            + name + "\" to user role \"" + role.getName() + "\"!");
             return this;
         }
 
@@ -270,7 +272,7 @@ public Builder remove(final String name) {
             final var result = role.removePermission(name);
             if(!result) throw new IllegalStateException(
                     "Modification Failed! Could Not Remove Permission \""
-                            + name + "\" from user role \"" + role.name + "\"!");
+                            + name + "\" from user role \"" + role.getName() + "\"!");
             return this;
         }
 
@@ -284,7 +286,7 @@ public Builder remove(final String... names) {
             final var result = Arrays.stream(names).allMatch(role::removePermission);
             if (!result) throw new IllegalStateException(
                     "Modification Failed! Could Not Remove Permissions \""
-                            + name + "\" from user role \"" + role.name + "\"!");
+                            + name + "\" from user role \"" + role.getName() + "\"!");
             return this;
         }
 

src/main/java/com/jgcomptech/tools/authc/UserRoleManager.java

@@ -78,7 +78,7 @@ public static HashSet<String> getRoles() {
      * @return the new role as a UserRole object
      */
     public UserRole createUserRole(final String name) {
-        if(name == null || name.trim().trim().isEmpty()) {
+        if(name == null || name.trim().isEmpty()) {
             throw new IllegalArgumentException("Name Cannot Be Empty!");
         }
 
@@ -115,4 +115,25 @@ public void addExistingUserRole(final UserRole role) {
      * @return the specified user role
      */
     public UserRole getUserRole(final String name) { return userRoles.get(name); }
+
+    /**
+     * Removes the specified user role.
+     * @param name the name of the user role to remove
+     * @return true if no errors occurred
+     * @since 1.5.1
+     */
+    public boolean removeUserRole(final String name) {
+        if(name == null || name.trim().isEmpty()) {
+            throw new IllegalArgumentException("Name Cannot Be Empty!");
+        }
+
+        if(SystemUserRoles.getRoles().contains(name)) {
+            throw new IllegalArgumentException(name + " Is A System Role And Cannot Be Removed!");
+        }
+
+        if(userRoles.containsKey(name)) {
+            userRoles.remove(name);
+            return true;
+        } else return false;
+    }
 }

src/main/java/com/jgcomptech/tools/authz/Permission.java

@@ -12,6 +12,7 @@
 import java.io.Serializable;
 import java.util.HashSet;
 import java.util.Objects;
+import java.util.Set;
 
 /**
  * An object representing a permission.
@@ -169,7 +170,7 @@ public void setEnabled(final boolean enabled) {
      * Returns a list of child permissions.
      * @return a list of child permissions
      */
-    public HashSet<String> getChildPermissions() { return childPermissions; }
+    public Set<String> getChildPermissions() { return childPermissions; }
 
     /**
      * Checks if the permission has the specified child permission.
@@ -242,8 +243,8 @@ public boolean copyToNewParent(final String newParentName) {
     }
 
     private void copyChildPermissions(final String newParentName,
-                                      final HashSet<String> oldL,
-                                      final HashSet<String> newL) {
+                                      final Set<String> oldL,
+                                      final Set<String> newL) {
         if(!oldL.isEmpty()) {
             for (final var permission : oldL) {
                 newL.add(newParentName + ":" + getBaseName(permission));

src/main/java/com/jgcomptech/tools/authz/PermissionManager.java

@@ -228,7 +228,7 @@ public void setReadPermission(final boolean value) {
      * Returns a HashMap of all existing permission objects.
      * @return a HashMap of all existing permission objects
      */
-    public Map<String, Permission> getPermissions() { return permissions; }
+    public Map<String, Permission> getPermissions() { return Collections.unmodifiableMap(permissions); }
 
     /**
      * Returns a list of names of existing permissions.
@@ -248,7 +248,7 @@ public Permission getPermission(final String name) {
 
     /**
      * Checks if the specified permission exists.
-     * @param name the name of the permisssion to check
+     * @param name the name of the permission to check
      * @return true if the specified permission exists
      * @since 1.5.0
      */
@@ -322,7 +322,7 @@ public boolean isPermissionDisabled(final String name) {
      * @return a list of child permissions of the specified permission.
      * Returns null if the permission does not exist.
      */
-    public HashSet<String> getPermissionChildren(final String name) {
+    public Set<String> getPermissionChildren(final String name) {
         return permissions.containsKey(name) ? permissions.get(name).getChildPermissions() : null;
     }
 
@@ -332,6 +332,7 @@ public HashSet<String> getPermissionChildren(final String name) {
      * @param parentName the name of the parent permission, null or empty string if none
      * @return false if permission already exists
      */
+    //TODO: Add root permission overload
     public boolean addCustomPermission(final String name, final String parentName) {
         if(name.equals(parentName)) return false;
         else if(parentName == null || parentName.trim().isEmpty()) {
@@ -361,6 +362,7 @@ else if(parentName == null || parentName.trim().isEmpty()) {
      * @param parentName the name of the parent permission, null or empty string if none
      * @return false if permission already exists
      */
+    //TODO: Add root permission overload
     public boolean addAndEnableCustomPermission(final String name, final String parentName) {
         if(addCustomPermission(name, parentName)) {
             return parentName == null || parentName.trim().isEmpty()

src/main/java/com/jgcomptech/tools/authz/SimpleAuthorizationInfo.java

@@ -4,6 +4,7 @@
 import org.apache.commons.lang3.builder.HashCodeBuilder;
 import org.apache.commons.lang3.builder.ToStringBuilder;
 
+import java.util.Collections;
 import java.util.HashSet;
 import java.util.Set;
 
@@ -49,7 +50,7 @@ public SimpleAuthorizationInfo(final Set<String> roles) {
     @Override
     public Set<String> getRoles() {
         if (roles == null) roles = new HashSet<>();
-        return roles;
+        return Collections.unmodifiableSet(roles);
     }
 
 //    /**