View Javadoc

1   /*
2    * This software was designed and created by Jason Carroll.
3    * Copyright (c) 2002, 2003, 2004 Jason Carroll.
4    * The author can be reached at jcarroll@cowsultants.com
5    * ITracker website: http://www.cowsultants.com
6    * ITracker forums: http://www.cowsultants.com/phpBB/index.php
7    *
8    * This program is free software; you can redistribute it and/or modify
9    * it only under the terms of the GNU General Public License as published by
10   * the Free Software Foundation; either version 2 of the License, or
11   * (at your option) any later version.
12   *
13   * This program is distributed in the hope that it will be useful,
14   * but WITHOUT ANY WARRANTY; without even the implied warranty of
15   * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
16   * GNU General Public License for more details.
17   */
18  
19  package org.itracker.web.actions.admin.user;
20  
21  import java.io.IOException;
22  import java.util.ArrayList;
23  import java.util.Date;
24  import java.util.Iterator;
25  import java.util.List;
26  import java.util.Map;
27  
28  import javax.servlet.ServletException;
29  import javax.servlet.http.HttpServletRequest;
30  import javax.servlet.http.HttpServletResponse;
31  
32  import org.apache.log4j.Logger;
33  import org.apache.struts.action.ActionForm;
34  import org.apache.struts.action.ActionForward;
35  import org.apache.struts.action.ActionMapping;
36  import org.apache.struts.action.ActionMessage;
37  import org.apache.struts.action.ActionMessages;
38  import org.itracker.model.Permission;
39  import org.itracker.model.Project;
40  import org.itracker.model.User;
41  import org.itracker.services.ProjectService;
42  import org.itracker.services.UserService;
43  import org.itracker.services.exceptions.UserException;
44  import org.itracker.services.util.UserUtilities;
45  import org.itracker.web.actions.base.ItrackerBaseAction;
46  import org.itracker.web.forms.UserForm;
47  import org.itracker.web.util.ServletContextUtils;
48  import org.itracker.web.util.SessionManager;
49  
50  
51  public class EditUserAction extends ItrackerBaseAction {
52  	private static final Logger log = Logger.getLogger(EditUserAction.class);
53  	
54  
55      public ActionForward execute(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
56      	ActionMessages errors = new ActionMessages();
57      	
58          if(! hasPermission(UserUtilities.PERMISSION_USER_ADMIN, request, response)) {
59              return mapping.findForward("unauthorized");
60          }
61  
62          if(! isTokenValid(request)) {
63              log.debug("Invalid request token while editing component.");
64  			errors.add(ActionMessages.GLOBAL_MESSAGE, new ActionMessage(
65  			"itracker.web.error.transaction"));
66  			saveErrors(request, errors);
67              return mapping.findForward("listusers");
68          }
69          resetToken(request);
70  
71          UserForm userForm = (UserForm) form;
72          if(userForm == null) {
73              return mapping.findForward("listusers");
74          }
75  
76          ActionForward forward = setupJspEnv(request, userForm, errors, mapping);
77  
78          
79  
80          if(! errors.isEmpty()) {
81          	saveErrors(request, errors);
82          }
83          return forward;
84  //        request.getSession().removeAttribute(Constants.EDIT_USER_KEY);
85  //        return mapping.findForward("error");
86      }
87  
88      
89      public static final ActionForward setupJspEnv(HttpServletRequest request, UserForm userForm, ActionMessages errors, ActionMapping mapping) {
90  
91          try {
92              UserService userService = ServletContextUtils.getItrackerServices().getUserService();
93              ProjectService projectService = ServletContextUtils.getItrackerServices().getProjectService();
94  
95              String previousLogin = userForm.getLogin();
96              User editUser;
97              // if userForm.getID returns -1, then this is a new user.. 
98              if( userForm.getId() != -1 ) {
99  //                editUser.setId(userForm.getId());
100             	editUser = userService.getUser(userForm.getId());
101                 previousLogin = editUser.getLogin();
102             } else {
103             	editUser = new User();
104             }
105 
106 
107             editUser.setLogin(userForm.getLogin());
108             editUser.setFirstName(userForm.getFirstName());
109             editUser.setLastName(userForm.getLastName());
110             editUser.setEmail(userForm.getEmail());
111             editUser.setSuperUser(userForm.isSuperUser());
112 
113             try {
114                 if("create".equals(userForm.getAction())) {
115                     if(! userService.allowProfileCreation(editUser, null, UserUtilities.AUTH_TYPE_UNKNOWN, UserUtilities.REQ_SOURCE_WEB)) {
116                     	errors.add(ActionMessages.GLOBAL_MESSAGE, new ActionMessage("itracker.web.error.noprofilecreates"));
117 //                    	saveErrors(request, errors);
118                         return mapping.findForward("error");
119                     }
120 
121                     log.debug("Creating new userid.");
122                     editUser.setRegistrationType(UserUtilities.REGISTRATION_TYPE_ADMIN);
123                     if (null != userForm.getPassword() && userForm.getPassword().length() > 0) {
124 	                    if(userService.allowPasswordUpdates(editUser, null, UserUtilities.AUTH_TYPE_UNKNOWN, UserUtilities.REQ_SOURCE_WEB)) {
125 	                        editUser.setPassword(UserUtilities.encryptPassword(userForm.getPassword()));
126 	                    } else {
127 	                    	// Passwort was attempted to set, but authenticator is not able to. Exception
128 //	                    	itracker.web.error.nopasswordupdates
129 	                    	errors.add(ActionMessages.GLOBAL_MESSAGE, new ActionMessage("itracker.web.error.nopasswordupdates"));
130 //	                    	saveErrors(request, errors);
131 	                        return mapping.findForward("error");
132 	                    }
133                     }
134                     editUser = userService.createUser(editUser);
135                 } else if ("update".equals(userForm.getAction())) {
136                     User existingUser = editUser;//userService.getUser(editUser.getId());
137                     if (log.isDebugEnabled()) {
138                     	log.debug("execute: updating existingUser " + existingUser);
139                     }
140                     if(existingUser != null) {
141                         previousLogin = existingUser.getLogin();
142                         if(! userService.allowProfileUpdates(existingUser, null, UserUtilities.AUTH_TYPE_UNKNOWN, UserUtilities.REQ_SOURCE_WEB)) {
143                             editUser = existingUser;
144 //                            itracker.web.error.noprofileupdates
145 	                    	errors.add(ActionMessages.GLOBAL_MESSAGE, new ActionMessage("itracker.web.error.noprofileupdates"));
146 //	                    	saveErrors(request, errors);
147 	                        return mapping.findForward("error");
148                         }
149                         
150 
151 //                            log.debug("updating " + editUser);
152                         if (null != userForm.getPassword() && !userForm.getPassword().equals("")) {
153 	                        if(userService.allowPasswordUpdates(existingUser, null, UserUtilities.AUTH_TYPE_UNKNOWN, UserUtilities.REQ_SOURCE_WEB)) {
154 
155                                 editUser.setPassword(UserUtilities.encryptPassword(userForm.getPassword()));
156 //	                                if (log.isDebugEnabled()) {
157 //	                                	log.debug("execute: setting password: " + userForm.getPassword() + " encrypted: " + editUser.getPassword());
158 //	                                }
159 	                            
160 	                        } else {
161 		                    	// Passwort was attempted to set, but authenticator is not able to. Exception
162 	                            editUser = existingUser;
163 //		                            itracker.web.error.nopasswordupdates
164 		                    	errors.add(ActionMessages.GLOBAL_MESSAGE, new ActionMessage("itracker.web.error.nopasswordupdates"));
165 //		                    	saveErrors(request, errors);
166 		                        return mapping.findForward("error");
167 	                        }
168                         }
169                         
170                     	if (log.isDebugEnabled()) {
171                     		log.debug("execute: applying updates on user " + editUser);
172                     	}
173                         editUser = userService.updateUser(editUser);
174                     	if (log.isDebugEnabled()) {
175                     		log.debug("execute: applied updates on user " + editUser);
176                     	}
177                     } else {
178                     	errors.add(ActionMessages.GLOBAL_MESSAGE, new ActionMessage("itracker.web.error.invaliduser"));
179                     }
180                 } else {
181                 	errors.add(ActionMessages.GLOBAL_MESSAGE, new ActionMessage("itracker.web.error.invalidaction"));
182                 }
183             } catch (UserException ue) {
184                 ue.printStackTrace();
185                 errors.add(ActionMessages.GLOBAL_MESSAGE, new ActionMessage("itracker.web.error.existinglogin"));
186 //                saveErrors(request, errors);
187 //                saveToken(request);
188                 mapping.findForward("error");
189             }
190 
191             if(errors.isEmpty() && userService.allowPermissionUpdates(editUser, null, UserUtilities.AUTH_TYPE_UNKNOWN, UserUtilities.REQ_SOURCE_WEB)) {
192                 Map<String,String> permissionsMap = userForm.getPermissions();
193                 List<Permission> newPermissions = new ArrayList<Permission>();
194                 
195                 
196                 Iterator<String> iter = permissionsMap.keySet().iterator();
197                 while (iter.hasNext()) {
198                     String paramName = iter.next();
199                     Integer projectIntValue =  new Integer(paramName.substring(paramName.lastIndexOf('j') + 1));
200                     Project project = projectService.getProject(projectIntValue);
201                     Integer permissionIntValue = Integer.parseInt(paramName.substring(4,paramName.lastIndexOf('P')));
202                     Permission newPermission = new Permission(permissionIntValue, editUser, project); 
203                     newPermission.setCreateDate(new Date());
204                     newPermissions.add(newPermission);
205                 }
206                 
207                 boolean successful = userService.setUserPermissions(editUser.getId(), newPermissions);
208                 if (successful == true) { 
209                 	log.debug("User Permissions have been nicely set.");
210                 
211                 } else {
212                 	log.debug("No good. User Permissions have not been nicely set.");
213                 }
214             }
215 
216             if(errors.isEmpty()) {
217                 if(! previousLogin.equals(editUser.getLogin())) {
218                     if(SessionManager.getSessionStart(previousLogin) != null) {
219                         SessionManager.addRenamedLogin(previousLogin, editUser.getLogin());
220                         SessionManager.setSessionNeedsReset(previousLogin);
221                     }
222                 } else {
223                     if(SessionManager.getSessionStart(editUser.getLogin()) != null) {
224                         SessionManager.setSessionNeedsReset(editUser.getLogin());
225                     }
226                 }
227 
228                 log.debug("Forwarding to list users.");
229                 return mapping.findForward("listusers");
230             }
231         } catch(Exception e) {
232             log.error("Exception processing form data", e);
233             errors.add(ActionMessages.GLOBAL_MESSAGE, new ActionMessage("itracker.web.error.system"));
234         }
235         return mapping.getInputForward();
236     }
237 }
238