View Javadoc

1   /*
2    * This software was designed and created by Jason Carroll.
3    * Copyright (c) 2002, 2003, 2004 Jason Carroll.
4    * The author can be reached at jcarroll@cowsultants.com
5    * ITracker website: http://www.cowsultants.com
6    * ITracker forums: http://www.cowsultants.com/phpBB/index.php
7    *
8    * This program is free software; you can redistribute it and/or modify
9    * it only under the terms of the GNU General Public License as published by
10   * the Free Software Foundation; either version 2 of the License, or
11   * (at your option) any later version.
12   *
13   * This program is distributed in the hope that it will be useful,
14   * but WITHOUT ANY WARRANTY; without even the implied warranty of
15   * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
16   * GNU General Public License for more details.
17   */
18  
19  package org.itracker.web.actions.admin.user;
20  
21  import java.io.IOException;
22  import java.util.Collections;
23  import java.util.HashMap;
24  import java.util.List;
25  
26  import javax.servlet.ServletException;
27  import javax.servlet.http.HttpServletRequest;
28  import javax.servlet.http.HttpServletResponse;
29  import javax.servlet.http.HttpSession;
30  
31  import org.apache.log4j.Logger;
32  import org.apache.struts.action.ActionForm;
33  import org.apache.struts.action.ActionForward;
34  import org.apache.struts.action.ActionMapping;
35  import org.apache.struts.action.ActionMessage;
36  import org.apache.struts.action.ActionMessages;
37  import org.itracker.model.NameValuePair;
38  import org.itracker.model.Permission;
39  import org.itracker.model.Project;
40  import org.itracker.model.User;
41  import org.itracker.services.ProjectService;
42  import org.itracker.services.UserService;
43  import org.itracker.services.util.UserUtilities;
44  import org.itracker.web.actions.base.ItrackerBaseAction;
45  import org.itracker.web.forms.UserForm;
46  import org.itracker.web.util.Constants;
47  
48  public class EditUserFormAction extends ItrackerBaseAction {
49  	private static final Logger log = Logger.getLogger(EditUserFormAction.class);
50  	
51      public ActionForward execute(ActionMapping mapping,
52                                   ActionForm form,
53                                   HttpServletRequest request,
54                                   HttpServletResponse response)
55              throws ServletException, IOException {
56  
57      	ActionMessages errors = new ActionMessages();
58  
59          if (!hasPermission(UserUtilities.PERMISSION_USER_ADMIN, request, response)) {
60              return mapping.findForward("unauthorized");
61          }
62  
63          HttpSession session = request.getSession(true);
64          User user = (User) session.getAttribute(Constants.USER_KEY);
65          String action = (String) request.getParameter("action");
66          String pageTitleKey = "";
67          String pageTitleArg = "";
68          boolean isUpdate = false;
69  
70          if (action != null && action.equals("update")) {
71  
72              isUpdate = true;
73              pageTitleKey = "itracker.web.admin.edituser.title.update";
74              pageTitleArg = user.getLogin();
75  
76          } else {
77  
78              pageTitleKey = "itracker.web.admin.edituser.title.create";
79              //     pageTitleArg = ITrackerResources.getString("itracker.locale.name", parentLocale);
80              //    pageTitleArg = ITrackerResources.getString("itracker.locale.name", this.getCurrLocale());
81  
82  
83          }
84          
85          request.setAttribute("isUpdate", isUpdate);
86          request.setAttribute("pageTitleKey", pageTitleKey);
87          request.setAttribute("pageTitleArg", pageTitleArg);
88          
89          try {
90  
91              UserService userService = getITrackerServices().getUserService();
92              ProjectService projectService = getITrackerServices().getProjectService();
93  
94              List<Project> projects = null;
95              User editUser = null;
96              HashMap<Integer, HashMap<String, Permission>> userPermissions = new HashMap<Integer, HashMap<String, Permission>>();
97  
98              List<NameValuePair> permissionNames = UserUtilities.getPermissionNames(getLocale(request));
99              UserForm userForm = (UserForm) form;
100 
101             if (userForm == null) {
102                 userForm = new UserForm();
103             }
104 
105             if ("create".equals(action)) {
106 
107                 if (!userService.allowProfileCreation(null, null, UserUtilities.AUTH_TYPE_UNKNOWN, UserUtilities.REQ_SOURCE_WEB)) {
108                     errors.add(ActionMessages.GLOBAL_MESSAGE, new ActionMessage("itracker.web.error.noprofilecreates"));
109                     saveErrors(request, errors);
110 
111                     return mapping.findForward("error");
112                 }
113 
114                 editUser = new User();
115                 editUser.setId(-1);
116                 editUser.setStatus(UserUtilities.STATUS_ACTIVE);
117                 userForm.setAction("create");
118                 userForm.setId(editUser.getId());
119 
120             } else if ("update".equals(action)) {
121 
122                 Integer userId = userForm.getId();
123 
124                 if (userId == null) {
125                     errors.add(ActionMessages.GLOBAL_MESSAGE, new ActionMessage("itracker.web.error.invaliduser"));
126                 } else {
127 
128                     editUser = userService.getUser(userId);
129 
130                     if (editUser == null) {
131                         errors.add(ActionMessages.GLOBAL_MESSAGE, new ActionMessage("itracker.web.error.invaliduser"));
132                     } else {
133 
134                         userForm.setAction("update");
135                         userForm.setId(editUser.getId());
136                         userForm.setLogin(editUser.getLogin());
137                         userForm.setFirstName(editUser.getFirstName());
138                         userForm.setLastName(editUser.getLastName());
139                         userForm.setEmail(editUser.getEmail());
140                         userForm.setSuperUser(editUser.isSuperUser());
141 
142                         List<Permission> permissionList = userService.getPermissionsByUserId(editUser.getId());
143                         HashMap<String, String> formPermissions = new HashMap<String, String>();
144 
145                         boolean allowProfileUpdate = userService.allowProfileUpdates(editUser, null, UserUtilities.AUTH_TYPE_UNKNOWN, UserUtilities.REQ_SOURCE_WEB);
146                         request.setAttribute("allowProfileUpdate", allowProfileUpdate);
147 
148                         boolean allowPasswordUpdate = userService.allowPasswordUpdates(editUser, null, UserUtilities.AUTH_TYPE_UNKNOWN, UserUtilities.REQ_SOURCE_WEB);
149                         request.setAttribute("allowPasswordUpdate", allowPasswordUpdate);
150 
151                         boolean allowPermissionUpdate = userService.allowPermissionUpdates(editUser, null, UserUtilities.AUTH_TYPE_UNKNOWN, UserUtilities.REQ_SOURCE_WEB);
152                         request.setAttribute("allowPermissionUpdate", allowPermissionUpdate);
153 
154                         if(editUser.getId() > 0) {
155                             request.setAttribute("isUpdate", true);
156                         }
157 
158                         for (int i = 0; i < permissionList.size(); i++) {
159 
160                             log.debug("Processing permission type: " + permissionList.get(i).getPermissionType());
161 
162                             //if getPermissionType returned -1, this is a SuperUser. He will still be able to set project permissions.  
163 
164                             if (permissionList.size() > 0 && permissionList.get(0).getPermissionType() == -1) {
165 
166                                 if (permissionList.size() > 1 && i != 0) {
167 
168                                     Integer projectId = permissionList.get(i).getProject().getId();
169 
170                                     if (userPermissions.get(projectId) == null) {
171                                         HashMap<String, Permission> projectPermissions = new HashMap<String, Permission>();
172                                         userPermissions.put(permissionList.get(i).getProject().getId(), projectPermissions);
173                                     }
174 
175                                     formPermissions.put("Perm" + permissionList.get(i).getPermissionType() + "Proj" + permissionList.get(i).getProject().getId(), "on");
176 
177                                     Integer permissionType = permissionList.get(i).getPermissionType();
178 
179                                     Permission thisPermission = permissionList.get(i);
180                                     HashMap<String, Permission> permissionHashMap = ((HashMap<String, Permission>) userPermissions.get(projectId));
181                                     permissionHashMap.put(String.valueOf(permissionType), thisPermission);
182 
183                                 }
184 
185                             } else {
186 
187                                 Integer projectId = permissionList.get(i).getProject().getId();
188 
189                                 if (userPermissions.get(projectId) == null) {
190                                     HashMap<String, Permission> projectPermissions = new HashMap<String, Permission>();
191                                     userPermissions.put(permissionList.get(i).getProject().getId(), projectPermissions);
192                                 }
193 
194                                 formPermissions.put("Perm" + permissionList.get(i).getPermissionType() + "Proj" + permissionList.get(i).getProject().getId(), "on");
195 
196                                 Integer permissionType = permissionList.get(i).getPermissionType();
197 
198                                 Permission thisPermission = permissionList.get(i);
199                                 HashMap<String, Permission> permissionHashMap = ((HashMap<String, Permission>) userPermissions.get(projectId));
200                                 permissionHashMap.put(String.valueOf(permissionType), thisPermission);
201 
202                             }
203 
204                         }
205 
206                         userForm.setPermissions(formPermissions);
207                     }
208                 }
209 
210             } else {
211                 errors.add(ActionMessages.GLOBAL_MESSAGE, new ActionMessage("itracker.web.error.invalidaction"));
212             }
213 
214             if (editUser == null) {
215                 return mapping.findForward("unauthorized");    
216             }
217 
218             if (errors.isEmpty()) {
219 
220                 String userStatus = UserUtilities.getStatusName(editUser.getStatus());
221                 request.setAttribute("userStatus", userStatus);
222             	
223             	projects = projectService.getAllAvailableProjects();
224             	Collections.sort(projects, Project.PROJECT_COMPARATOR);
225             	request.setAttribute(Constants.PROJECTS_KEY, projects);
226 
227                 request.setAttribute("userForm", userForm);
228                 session.setAttribute(Constants.EDIT_USER_KEY, editUser);
229                 session.setAttribute(Constants.EDIT_USER_PERMS_KEY, userPermissions);
230                 request.setAttribute("permissionNames", permissionNames);
231                 request.setAttribute("permissionRowColIdxes", new Integer[]{0,1});
232                 saveToken(request);
233 
234                 return mapping.findForward("edituserform");
235 
236             }
237 
238         } catch (Exception e) {
239             log.error("Exception while creating edit user form.", e);
240             errors.add(ActionMessages.GLOBAL_MESSAGE, new ActionMessage("itracker.web.error.system"));
241         }
242 
243         if (!errors.isEmpty()) {
244         	saveErrors(request, errors);
245         }
246 
247         return mapping.findForward("error");
248 
249     }
250 
251 }