Navigation

← Previous Changeset
Next Changeset →

Changeset 17452

Timestamp:

2008-10-02 12:33:02 (3 months ago)

Author:

shaoqun

Message:

few changes to suit ActivityManagement?: send back group info of users and addStudents etc.

Files:

greenstone3/trunk/src/java/org/greenstone/gsdl3/service/Authentication.java (modified) (2 diffs)

Legend:

: Unmodified
: Added
: Removed
: Modified
: Copied
: Moved

greenstone3/trunk/src/java/org/greenstone/gsdl3/service/Authentication.java

r14402	r17452
11	11	import java.util.Vector;
12	12	import java.sql.SQLException;
13		~~import org.apache.log4j.*;~~
14
15	13	import java.util.regex.Pattern;
16	14	import java.io.File;
…	…
18	16
19	17	public class Authentication
20		extends ServiceRack {
21		//the services on offer
22		protected static final String AUTHENTICATION_SERVICE="Authentication";
23
24		/** constructor */
25		public Authentication()
26		{ }
27
28		public boolean configure(Element info, Element extra_info)
29		{
30		logger.info("Configuring Authentication...");
31		this.config_info = info;
32
33		// set up Authentication service info - for now just has name and type
34		Element authentication_service= this.doc.createElement(GSXML.SERVICE_ELEM);
35		authentication_service.setAttribute(GSXML.TYPE_ATT, "authen");
36		authentication_service.setAttribute(GSXML.NAME_ATT, AUTHENTICATION_SERVICE);
37		this.short_service_info.appendChild(authentication_service);
38
39		return true;
40		}
41
42		protected Element getServiceDescription(String service_id, String lang, String subset)
43		{
44
45		Element authen_service=this.doc.createElement(GSXML.SERVICE_ELEM);
46
47		if (service_id.equals(AUTHENTICATION_SERVICE)) {
48		authen_service.setAttribute(GSXML.TYPE_ATT,"authen");
49		authen_service.setAttribute(GSXML.NAME_ATT, AUTHENTICATION_SERVICE);
50		} else {
51		return null;
52		}
53
54		if (subset==null \|\| subset.equals(GSXML.DISPLAY_TEXT_ELEM+GSXML.LIST_MODIFIER)) {
55		authen_service.appendChild(GSXML.createDisplayTextElement(this.doc, GSXML.DISPLAY_TEXT_NAME, getServiceName(service_id, lang) ));
56		authen_service.appendChild(GSXML.createDisplayTextElement(this.doc, GSXML.DISPLAY_TEXT_DESCRIPTION, getServiceDescription(service_id, lang)));
57		}
58		return authen_service;
59		}
60
61		protected String getServiceName(String service_id, String lang) {
62		return getTextString(service_id+".name", lang);
63		}
64
65		protected String getServiceSubmit(String service_id, String lang) {
66		return getTextString(service_id+".submit", lang);
67		}
68
69		protected String getServiceDescription(String service_id, String lang) {
70		return getTextString(service_id+".description", lang);
71		}
72
73		protected void addCustomParams(String service, Element param_list, String lang) {
74		}
75
76		protected void createParameter(String name, Element param_list, String lang) {
77		}
78
79		protected Element processAuthentication(Element request) throws SQLException, UnsupportedEncodingException{
80
81		// Create a new (empty) result message
82		Element result = this.doc.createElement(GSXML.RESPONSE_ELEM);
83
84		result.setAttribute(GSXML.FROM_ATT, AUTHENTICATION_SERVICE);
85		result.setAttribute(GSXML.TYPE_ATT, GSXML.REQUEST_TYPE_PROCESS);
86
87		String lang = request.getAttribute(GSXML.LANG_ATT);
88		// Get the parameters of the request
89		Element param_list = (Element) GSXML.getChildByTagName(request, GSXML.PARAM_ELEM+GSXML.LIST_MODIFIER);
90
91		if (param_list == null) {
92		logger.error("AddUsers request had no paramList.");
93		return result; // Return the empty result
94		}
95
96		String aup=null; //Actions: ListUsers, AddUser, ModifyPassword, DeleteUser, Login
97		String un=""; //login user's name
98		String pw=""; //login user's password
99		String asn=""; //whether a user is authenticated
100		String uan=""; //whether a authentication for a particular action is needed
101		String cm=""; //whether the action is confirmed
102
103		String umun=""; //the new user name
104		String umpw=""; //user's new password
105		String umas=""; //user account status
106		String umgp=""; //user greoups
107		String umc=""; // comments for the user
108
109		String oumun=""; //the original user's name
110		String umpw1=""; //user's new password
111		String umpw2=""; //user's retyped new password
112
113		// get parameters from the request
114		NodeList params = param_list.getElementsByTagName(GSXML.PARAM_ELEM);
115		for (int i=0; i<params.getLength();i++) {
116		Element param = (Element)params.item(i);
117		String p_name = param.getAttribute(GSXML.NAME_ATT);
118		String p_value = GSXML.getValue(param);
119
120		if (p_name.equals("aup")){
121		aup = p_value;
122		}else if (p_name.equals("un")) {
123		un = p_value;
124		}else if(p_name.equals("pw")) {
125		pw = p_value;
126		}else if(p_name.equals("umun")) {
127		umun = p_value;
128		}else if(p_name.equals("umpw")) {
129		umpw = p_value;
130		}else if (p_name.equals("umas")){
131		umas = p_value;
132		}else if (p_name.equals("umgp")){
133		umgp = p_value;
134		}else if (p_name.equals("umc")){
135		umc = p_value;
136		}else if (p_name.equals("asn")){
137		asn = p_value;
138		}else if (p_name.equals("uan")){
139		uan = p_value;
140		}else if (p_name.equals("cm")){
141		cm = p_value;
142		}else if(p_name.equals("umpw1")) {
143		umpw1 = p_value;
144		}else if(p_name.equals("umpw2")) {
145		umpw2 = p_value;
146		}else if(p_name.equals("oumun")) {
147		oumun = p_value;
148		}
149
150		}
151
152		// create a Authentication node put into the result
153		Element authen_node = this.doc.createElement(GSXML.AUTHEN_NODE_ELEM);
154		result.appendChild(authen_node);
155		result.appendChild(getCollectList(this.site_home + File.separatorChar + "collect"));
156		// create a service node added into the Authentication node
157		Element service_node = this.doc.createElement(GSXML.SERVICE_ELEM);
158		authen_node.appendChild(service_node);
159		service_node.setAttribute("aup",aup);
160		// user's info
161		UserQueryResult userQueryResult=null;
162
163		// check the usersDb database, if it isn't existing, check the etc dir, create the etc dir if it isn't existing, then create the user database and add a "admin" user
164		String usersDB_dir = this.site_home + File.separatorChar + "etc" + File.separatorChar + "usersDB";
165		DerbyWrapper derbyWrapper=new DerbyWrapper();
166		File usersDB_file =new File(usersDB_dir);
167		if (!usersDB_file.exists()){
168		String etc_dir = this.site_home + File.separatorChar + "etc";
169		File etc_file =new File(etc_dir);
170		if (!etc_file.exists()){
171		boolean success = etc_file.mkdir();
172		if (!success){
173		logger.error("Couldn't create the etc dir under "+this.site_home + ".");
174		return result;
175		}
176		}
177		derbyWrapper.connectDatabase(usersDB_dir,true);
178		derbyWrapper.createDatabase();
179		}else{
180		derbyWrapper.connectDatabase(usersDB_dir, false);
181		}
182
183		// Action: login
184		if (aup.equals("Login")){
185		if (uan.equals("")){ //return a login page, if the user's name is not given
186		service_node.setAttribute("info","Login");
187		derbyWrapper.closeDatabase();
	18	extends ServiceRack {
	19	//the services on offer
	20	protected static final String AUTHENTICATION_SERVICE="Authentication";
	21
	22	/** constructor */
	23	public Authentication()
	24	{ }
	25
	26	public boolean configure(Element info, Element extra_info)
	27	{
	28	logger.info("Configuring Authentication...");
	29	this.config_info = info;
	30
	31	// set up Authentication service info - for now just has name and type
	32	Element authentication_service= this.doc.createElement(GSXML.SERVICE_ELEM);
	33	authentication_service.setAttribute(GSXML.TYPE_ATT, "authen");
	34	authentication_service.setAttribute(GSXML.NAME_ATT, AUTHENTICATION_SERVICE);
	35	this.short_service_info.appendChild(authentication_service);
	36
	37	return true;
	38	}
	39
	40	protected Element getServiceDescription(String service_id, String lang, String subset)
	41	{
	42
	43	Element authen_service=this.doc.createElement(GSXML.SERVICE_ELEM);
	44
	45	if (service_id.equals(AUTHENTICATION_SERVICE)) {
	46	authen_service.setAttribute(GSXML.TYPE_ATT,"authen");
	47	authen_service.setAttribute(GSXML.NAME_ATT, AUTHENTICATION_SERVICE);
	48	} else {
	49	return null;
	50	}
	51
	52	if (subset==null \|\| subset.equals(GSXML.DISPLAY_TEXT_ELEM+GSXML.LIST_MODIFIER)) {
	53	authen_service.appendChild(GSXML.createDisplayTextElement(this.doc, GSXML.DISPLAY_TEXT_NAME, getServiceName(service_id, lang) ));
	54	authen_service.appendChild(GSXML.createDisplayTextElement(this.doc, GSXML.DISPLAY_TEXT_DESCRIPTION, getServiceDescription(service_id, lang)));
	55	}
	56	return authen_service;
	57	}
	58
	59	protected String getServiceName(String service_id, String lang) {
	60	return getTextString(service_id+".name", lang);
	61	}
	62
	63	protected String getServiceSubmit(String service_id, String lang) {
	64	return getTextString(service_id+".submit", lang);
	65	}
	66
	67	protected String getServiceDescription(String service_id, String lang) {
	68	return getTextString(service_id+".description", lang);
	69	}
	70
	71	protected void addCustomParams(String service, Element param_list, String lang) {
	72	}
	73
	74	protected void createParameter(String name, Element param_list, String lang) {
	75	}
	76
	77	protected Element processAuthentication(Element request) throws SQLException, UnsupportedEncodingException{
	78
	79	// Create a new (empty) result message
	80	Element result = this.doc.createElement(GSXML.RESPONSE_ELEM);
	81
	82	result.setAttribute(GSXML.FROM_ATT, AUTHENTICATION_SERVICE);
	83	result.setAttribute(GSXML.TYPE_ATT, GSXML.REQUEST_TYPE_PROCESS);
	84
	85	String lang = request.getAttribute(GSXML.LANG_ATT);
	86	// Get the parameters of the request
	87	Element param_list = (Element) GSXML.getChildByTagName(request, GSXML.PARAM_ELEM+GSXML.LIST_MODIFIER);
	88
	89	if (param_list == null) {
	90	logger.error("AddUsers request had no paramList.");
	91	return result; // Return the empty result
	92	}
	93
	94	String aup=null; //Actions: ListUsers, AddUser, ModifyPassword, DeleteUser, Login
	95	String un=""; //login user's name
	96	String pw=""; //login user's password
	97	String asn=""; //whether a user is authenticated
	98	String uan=""; //whether a authentication for a particular action is needed
	99	String cm=""; //whether the action is confirmed
	100
	101	String umun=""; //the new user name
	102	String umpw=""; //user's new password
	103	String umas=""; //user account status
	104	String umgp=""; //user greoups
	105	String umc=""; // comments for the user
	106
	107	String oumun=""; //the original user's name
	108	String umpw1=""; //user's new password
	109	String umpw2=""; //user's retyped new password
	110
	111	//used for adding a list of users at one time. Format: name,password,role]name,password,role]...
	112	//in which, role may be in the format: student:[teacher's username]
	113	String unpwlist="";
	114	String service = "";
	115
	116	// get parameters from the request
	117	NodeList params = param_list.getElementsByTagName(GSXML.PARAM_ELEM);
	118	for (int i=0; i<params.getLength();i++) {
	119	Element param = (Element)params.item(i);
	120	String p_name = param.getAttribute(GSXML.NAME_ATT);
	121	String p_value = GSXML.getValue(param);
	122
	123	if (p_name.equals("aup")){
	124	aup = p_value;
	125	}else if (p_name.equals("un")) {
	126	un = p_value;
	127	}else if(p_name.equals("pw")) {
	128	pw = p_value;
	129	}else if(p_name.equals("umun")) {
	130	umun = p_value;
	131	}else if(p_name.equals("umpw")) {
	132	umpw = p_value;
	133	}else if (p_name.equals("umas")){
	134	umas = p_value;
	135	}else if (p_name.equals("umgp")){
	136	umgp = p_value;
	137	}else if (p_name.equals("umc")){
	138	umc = p_value;
	139	}else if (p_name.equals("asn")){
	140	asn = p_value;
	141	}else if (p_name.equals("uan")){
	142	uan = p_value;
	143	}else if (p_name.equals("cm")){
	144	cm = p_value;
	145	}else if(p_name.equals("umpw1")) {
	146	umpw1 = p_value;
	147	}else if(p_name.equals("umpw2")) {
	148	umpw2 = p_value;
	149	}else if(p_name.equals("oumun")) {
	150	oumun = p_value;
	151	}else if(p_name.equals("unpwlist")) {
	152	unpwlist = p_value;
	153	}
	154
	155	}
	156
	157	// create a Authentication node put into the result
	158	Element authen_node = this.doc.createElement(GSXML.AUTHEN_NODE_ELEM);
	159	result.appendChild(authen_node);
	160	result.appendChild(getCollectList(this.site_home + File.separatorChar + "collect"));
	161	// create a service node added into the Authentication node
	162	Element service_node = this.doc.createElement(GSXML.SERVICE_ELEM);
	163	authen_node.appendChild(service_node);
	164	service_node.setAttribute("aup",aup);
	165	// user's info
	166	UserQueryResult userQueryResult=null;
	167
	168	// check the usersDb database, if it isn't existing, check the etc dir, create the etc dir if it isn't existing, then create the user database and add a "admin" user
	169	String usersDB_dir = this.site_home + File.separatorChar + "etc" + File.separatorChar + "usersDB";
	170	DerbyWrapper derbyWrapper=new DerbyWrapper();
	171	File usersDB_file =new File(usersDB_dir);
	172	if (!usersDB_file.exists()){
	173	String etc_dir = this.site_home + File.separatorChar + "etc";
	174	File etc_file =new File(etc_dir);
	175	if (!etc_file.exists()){
	176	boolean success = etc_file.mkdir();
	177	if (!success){
	178	logger.error("Couldn't create the etc dir under "+this.site_home + ".");
	179	return result;
	180	}
	181	}
	182	derbyWrapper.connectDatabase(usersDB_dir,true);
	183	derbyWrapper.createDatabase();
	184	}else{
	185	derbyWrapper.connectDatabase(usersDB_dir, false);
	186	}
	187
	188	// Action: login
	189	if (aup.equals("Login")){
	190	if (uan.equals("")){ //return a login page, if the user's name is not given
	191	service_node.setAttribute("info","Login");
	192	derbyWrapper.closeDatabase();
	193	return result;
	194	}
	195	String groups = "";
	196	// if the authentication(uan=1) is required,but the user hasn't been authenticated(asn=0),the user is asked to login first
	197	if ((uan.equals("1") && asn.equals("0"))) {
	198	if ((un.length()==0) && (pw.length()==0)){
	199	service_node.setAttribute("asn","0");
	200	service_node.setAttribute("info","Login");
	201	derbyWrapper.closeDatabase();
	202	return result;
	203	}
	204	if ((un.length()==0) \|\| (pw.length()==0)){
	205	service_node.setAttribute("asn","0");
	206	service_node.setAttribute("info","Login");
	207	service_node.setAttribute("err","un-pw-err");
	208	derbyWrapper.closeDatabase();
	209	return result;
	210	}else{
	211	userQueryResult=derbyWrapper.findUser(un,pw);//looking for the user from the users table
	212	service_node.setAttribute(GSXML.NAME_ATT,"Authentication");
	213	service_node.setAttribute("un",un);
	214	if (userQueryResult==null){
	215	//the user isn't a vaild user
	216	service_node.setAttribute("asn","0");
	217	service_node.setAttribute("err","un-pw-err");// either unsername or password is wrong
	218	service_node.setAttribute("info","Login");
	219	derbyWrapper.closeDatabase();
	220	return result;
	221	}else{
	222	// asn="1"; //the user is a member of the "administrator" group
	223	Vector userInfo=userQueryResult.users_;
	224	groups=((UserTermInfo)userInfo.get(0)).groups_;
	225	String accountstatus=((UserTermInfo)userInfo.get(0)).accountstatus_;
	226	if (accountstatus.trim().equals("false")){
	227	service_node.setAttribute("asn","0");
	228	service_node.setAttribute("err","as-false");//the account status is false
	229	service_node.setAttribute("info","Login");
	230	derbyWrapper.closeDatabase();
	231	return result;
	232	}
	233	String[] groups_array=groups.split(",");
	234	for (int i=0; i<groups_array.length;i++){
	235	if ((groups_array[i].trim().toLowerCase()).equals("administrator")){// check whether the user is in the administrator group
	236	asn="1";
	237	service_node.setAttribute("asn","1");
	238	break;
	239	}
	240	}
	241	if (!asn.equals("1")){
	242	asn="2";
	243	service_node.setAttribute("asn","2");//the user is authenticated
	244	}
	245	}
	246	}
	247	}
	248
	249	//asn!=0 This is a valid user
	250	if (!asn.equals("0")){
	251	service_node.setAttribute("info","Login");
	252	service_node.setAttribute("un",un);
	253	service_node.setAttribute("pw",pw);
	254	service_node.setAttribute("asn",asn);
	255	service_node.setAttribute("umgp",groups);
	256	derbyWrapper.closeDatabase();
	257	return result;
	258	}
	259	}
	260
	261	//Action: listuser
	262	if (aup.equals("ListUsers")){
	263	if (asn.equals("") && un.equals("")){
	264	service_node.setAttribute("info","Login");
	265	derbyWrapper.closeDatabase();
	266	return result;
	267	}
	268
	269	//valid users but not in the administrator group(asn=2), they cannot list all users
	270	if (asn.equals("2")){
	271	service_node.setAttribute("info","Login");
	272	service_node.setAttribute("err","no-permission");
	273	service_node.setAttribute("un",un);
	274	service_node.setAttribute("asn",asn);
	275	derbyWrapper.closeDatabase();
	276	return result;
	277	}
	278	//valid users belong to the administrator group(asn=1), they can list all users
	279	if (asn.equals("1")){
	280	userQueryResult=derbyWrapper.findUser(null,null);
	281	derbyWrapper.closeDatabase();
	282	service_node.setAttribute(GSXML.NAME_ATT,"Authentication");
	283	service_node.setAttribute("un",un);
	284	service_node.setAttribute("asn",asn);
	285
	286	if (userQueryResult!=null && userQueryResult.getSize()>0){
	287	service_node.setAttribute("info","all-un"); // got a user list
	288	Element user_node=getUserNode(userQueryResult);
	289	service_node.appendChild(user_node);
	290	derbyWrapper.closeDatabase();
	291	return result;
	292	}else {
	293	service_node.setAttribute("err","no-un"); // no user returned
	294	derbyWrapper.closeDatabase();
	295	return result;
	296	}
	297	}
	298	}
	299	//TODO: Action : addStudents (bulk adding)
	300	if (aup.equals("AddStudents")){
	301	String[] users = unpwlist.split("]");
	302	for(int i=0; i<users.length; i++) {
	303	String[] user = users[i].split(",");
	304	String uname = user[0];
	305	String password = user[1];
	306	String group = user[2].split(":")[0];
	307	String add_user=derbyWrapper.addUser(uname, password, group,"true","");
	308	if (add_user.equals("succeed")){
	309	userQueryResult=derbyWrapper.findUser(null,null);
	310	derbyWrapper.closeDatabase();
	311	service_node.setAttribute("info","all-un"); // return a list of all users if the user has been added
	312	Element user_node=getUserNode(userQueryResult);
	313	service_node.appendChild(user_node);
	314	derbyWrapper.closeDatabase();
	315	return result;
	316	}
	317	}
	318	}
	319
	320	//Action : adduder
	321	if (aup.equals("AddUser")){
	322	if (asn.equals("") && un.equals("")){
	323	service_node.setAttribute("info","Login");
	324	derbyWrapper.closeDatabase();
	325	return result;
	326	}
	327	//valid users can't add a new user because they aren't in the administrator group(asn=2)
	328	if (asn.equals("2")){
	329	service_node.setAttribute("info","Login");
	330	service_node.setAttribute("err","no-permission");
	331	service_node.setAttribute("un",un);
	332	service_node.setAttribute("asn",asn);
	333	derbyWrapper.closeDatabase();
	334	return result;
	335	}
	336	//valid users are in the administrator group, they can add a new user(asn=1)
	337	if (asn.equals("1")){
	338	service_node.setAttribute(GSXML.NAME_ATT,"Authentication");
	339	service_node.setAttribute("un",un);
	340	service_node.setAttribute("asn",asn);
	341
	342	if (umun.length()==0 && umpw.length()==0 && umgp.length()==0 && umas.length()==0 && umc.length()==0){
	343	service_node.setAttribute("info","adduser_interface");
	344	derbyWrapper.closeDatabase();
	345	return result;
	346	}
	347
	348	//check the strings of username and password
	349	if ((umun==null) \|\| (umun.length()<2) \|\| (umun.length()>30) \|\| (!(Pattern.matches("[a-zA-Z0-9//_//.]+",umun)))){
	350	service_node.setAttribute("err","un-err"); //the input username string is illegal
	351	service_node.setAttribute("info","adduser_interface");
	352	derbyWrapper.closeDatabase();
	353	return result;
	354	}
	355
	356	if ((umpw==null) \|\| (umpw.length()<3) \|\| (umpw.length()>8) \|\| (!(Pattern.matches("[\\p{ASCII}]+",umpw)))){
	357	service_node.setAttribute("err","pw-err"); //the input passwrod string is illegal
	358	service_node.setAttribute("info","adduser_interface");
	359	derbyWrapper.closeDatabase();
	360	return result;
	361	}
	362
	363	// add the new users into the users table
	364	umgp=umgp.replaceAll(" ","");//get rid of the space of the groups string
	365	userQueryResult=derbyWrapper.findUser(umun,null);// check whether the new user name has existed in the table.
	366	if (userQueryResult!=null){
	367	service_node.setAttribute("err","un-exist"); //the new username string is duplicated
	368	service_node.setAttribute("info","adduser_interface");
	369	derbyWrapper.closeDatabase();
	370	return result;
	371	}else{
	372	String add_user=derbyWrapper.addUser(umun,umpw,umgp,umas,umc);
	373	if (add_user.equals("succeed")){
	374	userQueryResult=derbyWrapper.findUser(null,null);
	375	derbyWrapper.closeDatabase();
	376	service_node.setAttribute("info","all-un"); // return a list of all users if the user has been added
	377	Element user_node=getUserNode(userQueryResult);
	378	service_node.appendChild(user_node);
	379	derbyWrapper.closeDatabase();
	380	return result;
	381	}else{
	382	derbyWrapper.closeDatabase();
	383	service_node.setAttribute("err",add_user);// return the error message if the user couldn't be added
	384	derbyWrapper.closeDatabase();
	385	return result;
	386	}
	387	}
	388	}
	389	}
	390
	391	//Action: edituser
	392	if (aup.equals("EditUser")){
	393	service_node.setAttribute(GSXML.NAME_ATT,"Authentication");
	394	service_node.setAttribute("un",un);
	395	service_node.setAttribute("asn",asn);
	396
	397	//Get the user's info from the database
	398	if (cm.length()==0){
	399	service_node.setAttribute("info","edituser-interface");
	400	userQueryResult=derbyWrapper.findUser(umun,null);
	401	derbyWrapper.closeDatabase();
	402	Vector userInfo=userQueryResult.users_;
	403	String username=((UserTermInfo)userInfo.get(0)).username_;
	404	String password=((UserTermInfo)userInfo.get(0)).password_;
	405	String groups=((UserTermInfo)userInfo.get(0)).groups_;
	406	String accountstatus=((UserTermInfo)userInfo.get(0)).accountstatus_;
	407	String comment=((UserTermInfo)userInfo.get(0)).comment_;
	408
	409	service_node.setAttribute("oumun",oumun);
	410	service_node.setAttribute("umun",username);
	411	service_node.setAttribute("umpw",password);
	412	service_node.setAttribute("umgp",groups);
	413	service_node.setAttribute("umas",accountstatus);
	414	service_node.setAttribute("umc",comment);
	415	derbyWrapper.closeDatabase();
	416	return result;
	417	}
	418
	419	//Commit the modified user's info to the database
	420	if (cm.toLowerCase().equals("submit")){
	421	if (oumun.equals(umun)){// the user's name hasn't been changed, update the user's info
	422	if (umpw.length()==0){
	423	derbyWrapper.modifyUserInfo(umun,null,umgp,umas,umc);
	424	userQueryResult=derbyWrapper.findUser(null,null);
	425	derbyWrapper.closeDatabase();
	426	service_node.setAttribute("info","all-un"); // the user's info has been updated, return a list of all users
	427	Element user_node=getUserNode(userQueryResult);
	428	service_node.appendChild(user_node);
	429	derbyWrapper.closeDatabase();
	430	return result;
	431	}else{
	432	if ((umpw.length()==0) \|\| (umpw.length()<3) \|\| (umpw.length()>8) \|\| (!(Pattern.matches("[\\p{ASCII}]+",umpw)))){
	433	service_node.setAttribute("err","umpw-err"); //the input passwrod string is illegal
	434	service_node.setAttribute("info","edituser-interface");
	435	service_node.setAttribute("umun",umun);
	436	service_node.setAttribute("umpw",umpw);
	437	service_node.setAttribute("umgp",umgp);
	438	service_node.setAttribute("umas",umas);
	439	service_node.setAttribute("umc",umc);
	440	service_node.setAttribute("oumun",oumun);
	441	derbyWrapper.closeDatabase();
	442	return result;
	443	}
	444	umgp=umgp.replaceAll(" ","");// get rid of the space
	445	derbyWrapper.modifyUserInfo(umun,umpw,umgp,umas,umc);
	446	userQueryResult=derbyWrapper.listAllUser();
	447	derbyWrapper.closeDatabase();
	448	service_node.setAttribute("info","all-un"); // if the new user has been added successfully, return a list of all users
	449	Element user_node=getUserNode(userQueryResult);
	450	service_node.appendChild(user_node);
	451	derbyWrapper.closeDatabase();
	452	return result;
	453	}
	454	}
	455	// The user's name has been changed, add a new user record to the database
	456	else{
	457	if ((umun.length()==0) \|\| (umun.length()<2) \|\| (umun.length()>30) \|\| (!(Pattern.matches("[a-zA-Z0-9//_//.]+",umun)))){
	458	service_node.setAttribute("err","umun-err"); //the input username string is illegal
	459	service_node.setAttribute("umun",umun);
	460	service_node.setAttribute("umpw",umpw);
	461	service_node.setAttribute("umgp",umgp);
	462	service_node.setAttribute("umas",umas);
	463	service_node.setAttribute("umc",umc);
	464	service_node.setAttribute("oumun",oumun);
	465	service_node.setAttribute("info","edituser-interface");
	466	derbyWrapper.closeDatabase();
	467	return result;
	468	}
	469	if (umpw.length()==0){
	470	service_node.setAttribute("err","ini-umpw-err"); //the input passwrod string is illegal
	471	service_node.setAttribute("info","edituser-interface");
	472	service_node.setAttribute("umun",umun);
	473	service_node.setAttribute("umpw",umpw);
	474	service_node.setAttribute("umgp",umgp);
	475	service_node.setAttribute("umas",umas);
	476	service_node.setAttribute("umc",umc);
	477	service_node.setAttribute("oumun",oumun);
	478	derbyWrapper.closeDatabase();
	479	return result;
	480	}
	481	if ((umpw.length()<3) \|\| (umpw.length()>8) \|\| (!(Pattern.matches("[\\p{ASCII}]+",umpw)))){
	482	service_node.setAttribute("err","umpw-err"); //the input passwrod string is illegal
	483	service_node.setAttribute("info","edituser-interface");
	484	service_node.setAttribute("umun",umun);
	485	service_node.setAttribute("umpw",umpw);
	486	service_node.setAttribute("umgp",umgp);
	487	service_node.setAttribute("umas",umas);
	488	service_node.setAttribute("umc",umc);
	489	service_node.setAttribute("oumun",oumun);
	490	derbyWrapper.closeDatabase();
	491	return result;
	492	}
	493	umgp=umgp.replaceAll(" ","");// get rid of the space
	494	userQueryResult=derbyWrapper.findUser(umun,null);// check whether the new user name has existed in the table.
	495	if (userQueryResult!=null){
	496	service_node.setAttribute("err","un-exist"); //the new username string is duplicated
	497	service_node.setAttribute("info","edituser-interface");
	498	service_node.setAttribute("umun","");
	499	service_node.setAttribute("umpw","");
	500	service_node.setAttribute("umgp",umgp);
	501	service_node.setAttribute("umas",umas);
	502	service_node.setAttribute("umc",umc);
	503	service_node.setAttribute("oumun",oumun);
	504	derbyWrapper.closeDatabase();
	505	return result;
	506	}else{
	507	derbyWrapper.addUser(umun,umpw,umgp,umas,umc);
	508	userQueryResult=derbyWrapper.listAllUser();
	509	derbyWrapper.closeDatabase();
	510	service_node.setAttribute("info","all-un"); // if the new user has been added successfully, return a list of all users
	511	Element user_node=getUserNode(userQueryResult);
	512	service_node.appendChild(user_node);
	513	derbyWrapper.closeDatabase();
	514	return result;
	515	}
	516	}
	517	}
	518
	519	if (cm.toLowerCase().equals("cancel")){
	520	userQueryResult=derbyWrapper.listAllUser();
	521	derbyWrapper.closeDatabase();
	522	service_node.setAttribute("info","all-un"); // if the new user has been added successfully, return a list of all users
	523	Element user_node=getUserNode(userQueryResult);
	524	service_node.appendChild(user_node);
	525	derbyWrapper.closeDatabase();
	526