From 633f2cfe66fb871274cb7f94da14116a84b4fe0d Mon Sep 17 00:00:00 2001
From: Ben Alex <ben.alex@springsource.com>
Date: Thu, 3 Nov 2005 13:20:26 +0000
Subject: [PATCH] SEC-39: Add equals(Object) method to User.

---
 .../org/acegisecurity/userdetails/User.java   | 34 +++++++++++--
 .../providers/dao/UserTests.java              | 51 +++++++++++++++++++
 2 files changed, 82 insertions(+), 3 deletions(-)

diff --git a/core/src/main/java/org/acegisecurity/userdetails/User.java b/core/src/main/java/org/acegisecurity/userdetails/User.java
index 887df88eed..98120fe1ab 100644
--- a/core/src/main/java/org/acegisecurity/userdetails/User.java
+++ b/core/src/main/java/org/acegisecurity/userdetails/User.java
@@ -17,6 +17,7 @@ package net.sf.acegisecurity.providers.dao;
 
 import net.sf.acegisecurity.GrantedAuthority;
 import net.sf.acegisecurity.UserDetails;
+
 import org.springframework.util.Assert;
 
 
@@ -135,9 +136,9 @@ public class User implements UserDetails {
         }
 
         for (int i = 0; i < authorities.length; i++) {
-            Assert.notNull(authorities[i], "Granted authority element "
-                    + i
-                    + " is null - GrantedAuthority[] cannot contain any null elements");
+            Assert.notNull(authorities[i],
+                "Granted authority element " + i
+                + " is null - GrantedAuthority[] cannot contain any null elements");
         }
 
         this.username = username;
@@ -183,6 +184,33 @@ public class User implements UserDetails {
         return username;
     }
 
+    public boolean equals(Object rhs) {
+        if (!(rhs instanceof User) || (rhs == null)) {
+            return false;
+        }
+
+        User user = (User) rhs;
+
+        // We rely on constructor to guarantee any User has non-null and >0 authorities
+        if (user.getAuthorities().length != this.getAuthorities().length) {
+            return false;
+        }
+
+        for (int i = 0; i < this.getAuthorities().length; i++) {
+            if (!this.getAuthorities()[i].equals(user.getAuthorities()[i])) {
+                return false;
+            }
+        }
+
+        // We rely on constructor to guarantee non-null username and password
+        return (this.getPassword().equals(user.getPassword())
+        && this.getUsername().equals(user.getUsername())
+        && (this.isAccountNonExpired() == user.isAccountNonExpired())
+        && (this.isAccountNonLocked() == user.isAccountNonLocked())
+        && (this.isCredentialsNonExpired() == user.isCredentialsNonExpired())
+        && (this.isEnabled() == user.isEnabled()));
+    }
+
     public String toString() {
         StringBuffer sb = new StringBuffer();
         sb.append(super.toString() + ": ");
diff --git a/core/src/test/java/org/acegisecurity/providers/dao/UserTests.java b/core/src/test/java/org/acegisecurity/providers/dao/UserTests.java
index 895dc1c7d0..e510de58cf 100644
--- a/core/src/test/java/org/acegisecurity/providers/dao/UserTests.java
+++ b/core/src/test/java/org/acegisecurity/providers/dao/UserTests.java
@@ -49,6 +49,57 @@ public class UserTests extends TestCase {
         junit.textui.TestRunner.run(UserTests.class);
     }
 
+    public void testEquals() {
+        User user1 = new User("marissa", "koala", true, true, true, true,
+                new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl(
+                        "ROLE_TWO")});
+
+        assertFalse(user1.equals(null));
+        assertFalse(user1.equals("A STRING"));
+
+        assertTrue(user1.equals(user1));
+
+        assertTrue(user1.equals(
+                new User("marissa", "koala", true, true, true, true,
+                    new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl(
+                            "ROLE_TWO")})));
+
+        assertFalse(user1.equals(
+                new User("DIFFERENT_USERNAME", "koala", true, true, true, true,
+                    new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl(
+                            "ROLE_TWO")})));
+
+        assertFalse(user1.equals(
+                new User("marissa", "DIFFERENT_PASSWORD", true, true, true,
+                    true,
+                    new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl(
+                            "ROLE_TWO")})));
+
+        assertFalse(user1.equals(
+                new User("marissa", "koala", false, true, true, true,
+                    new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl(
+                            "ROLE_TWO")})));
+
+        assertFalse(user1.equals(
+                new User("marissa", "koala", true, false, true, true,
+                    new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl(
+                            "ROLE_TWO")})));
+
+        assertFalse(user1.equals(
+                new User("marissa", "koala", true, true, false, true,
+                    new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl(
+                            "ROLE_TWO")})));
+
+        assertFalse(user1.equals(
+                new User("marissa", "koala", true, true, true, false,
+                    new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl(
+                            "ROLE_TWO")})));
+
+        assertFalse(user1.equals(
+                new User("marissa", "koala", true, true, true, true,
+                    new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE")})));
+    }
+
     public void testNoArgConstructor() {
         try {
             new User();