AccountTag


1   /**
2    * Copyright (C) 2001 Yasna.com. All rights reserved.
3    *
4    * ===================================================================
5    * The Apache Software License, Version 1.1
6    *
7    * Redistribution and use in source and binary forms, with or without
8    * modification, are permitted provided that the following conditions
9    * are met:
10   *
11   * 1. Redistributions of source code must retain the above copyright
12   *    notice, this list of conditions and the following disclaimer.
13   *
14   * 2. Redistributions in binary form must reproduce the above copyright
15   *    notice, this list of conditions and the following disclaimer in
16   *    the documentation and/or other materials provided with the
17   *    distribution.
18   *
19   * 3. The end-user documentation included with the redistribution,
20   *    if any, must include the following acknowledgment:
21   *       "This product includes software developed by
22   *        Yasna.com (http://www.yasna.com)."
23   *    Alternately, this acknowledgment may appear in the software itself,
24   *    if and wherever such third-party acknowledgments normally appear.
25   *
26   * 4. The names "Yazd" and "Yasna.com" must not be used to
27   *    endorse or promote products derived from this software without
28   *    prior written permission. For written permission, please
29   *    contact yazd@yasna.com.
30   *
31   * 5. Products derived from this software may not be called "Yazd",
32   *    nor may "Yazd" appear in their name, without prior written
33   *    permission of Yasna.com.
34   *
35   * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
36   * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
37   * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
38   * DISCLAIMED.  IN NO EVENT SHALL YASNA.COM OR
39   * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
40   * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
41   * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
42   * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
43   * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
44   * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
45   * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
46   * SUCH DAMAGE.
47   * ====================================================================
48   *
49   * This software consists of voluntary contributions made by many
50   * individuals on behalf of Yasna.com. For more information
51   * on Yasna.com, please see <http://www.yasna.com>.
52   */
53  
54  /**
55   * Copyright (C) 2000 CoolServlets.com. All rights reserved.
56   *
57   * ===================================================================
58   * The Apache Software License, Version 1.1
59   *
60   * Redistribution and use in source and binary forms, with or without
61   * modification, are permitted provided that the following conditions
62   * are met:
63   *
64   * 1. Redistributions of source code must retain the above copyright
65   *    notice, this list of conditions and the following disclaimer.
66   *
67   * 2. Redistributions in binary form must reproduce the above copyright
68   *    notice, this list of conditions and the following disclaimer in
69   *    the documentation and/or other materials provided with the
70   *    distribution.
71   *
72   * 3. The end-user documentation included with the redistribution,
73   *    if any, must include the following acknowledgment:
74   *       "This product includes software developed by
75   *        CoolServlets.com (http://www.coolservlets.com)."
76   *    Alternately, this acknowledgment may appear in the software itself,
77   *    if and wherever such third-party acknowledgments normally appear.
78   *
79   * 4. The names "Jive" and "CoolServlets.com" must not be used to
80   *    endorse or promote products derived from this software without
81   *    prior written permission. For written permission, please
82   *    contact webmaster@coolservlets.com.
83   *
84   * 5. Products derived from this software may not be called "Jive",
85   *    nor may "Jive" appear in their name, without prior written
86   *    permission of CoolServlets.com.
87   *
88   * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
89   * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
90   * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
91   * DISCLAIMED.  IN NO EVENT SHALL COOLSERVLETS.COM OR
92   * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
93   * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
94   * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
95   * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
96   * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
97   * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
98   * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
99   * SUCH DAMAGE.
100  * ====================================================================
101  *
102  * This software consists of voluntary contributions made by many
103  * individuals on behalf of CoolServlets.com. For more information
104  * on CoolServlets.com, please see <http://www.coolservlets.com>.
105  */
106 
107 package com.Yasna.forum.tags;
108 
109 import java.util.*;
110 import javax.servlet.*;
111 import javax.servlet.jsp.*;
112 import javax.servlet.jsp.tagext.*;
113 import javax.servlet.http.*;
114 import com.Yasna.forum.*;
115 import com.Yasna.forum.tags.*;
116 
117 /**
118  * JSP Tag <b>account</b>, used to modify a Yazd User account.
119  * <p>
120  * Requires that attribute <b>id</b> be set to the name of a
121  * script variable for later use in JSP to retrieve User data
122  * using &lt;jsp:getProperty/&gt;.
123  * <p>
124  * If optional tag attribute <b>confirm</b>="true" and the
125  * user enters a password, they must also enter the password
126  * a second time to confirm their password change.
127  * <p>
128  * Requires that the User be logged in to modify their account.
129  * <p>
130  * Can be nested inside the <b>admin</b> tag so that a user
131  * can be modified using the permissions of the admin user.
132  * <p>
133  * The authorize tag must be used in the JSP prior to using this tag
134  * so that YazdState and YazdRequest are initialized, and to verify
135  * that a real user is logged in.
136  * <p>
137  * Uses the the following HTTP input parameters
138  * <p><ul>
139  * <li><b>modify</b> - name of submit button to use with HTML input form
140  * <li><b>email</b> - users email address
141  * <li><b>password</b> - new password
142  * <li><b>confirm</b> - confirm password if changing to new password
143  * <li><b>name</b> - users real name
144  * <li><b>nameVisible</b> - check box returning "checked" if real name should be visible
145  * <li><b>emailVisible</b> - check box returning "checked" if email address should be visible
146  * </ul>
147  * <p>
148  * Plus any additional parameters as specified in yazd.user.properties file.
149  * If a property in yazd.user.properties is named "password", that User
150  * property is only changed if a user's password gets changed and they
151  * are not a System, Forum, Group, or User Admin.
152  * <p>
153  * Sets one or more user errors if account modifications fail.
154  * <p>
155  * JSP Tag Lib Descriptor
156  * <p><pre>
157  * &lt;name&gt;account&lt;/name&gt;
158  * &lt;tagclass&gt;com.Yasna.forum.tags.AccountTag&lt;/tagclass&gt;
159  * &lt;bodycontent&gt;JSP&lt;/bodycontent&gt;
160  * &lt;info&gt;Includes body of tag if account modifications are successful.&lt;/info&gt;
161  *   &lt;attribute&gt;
162  *     &lt;name&gt;id&lt;/name&gt;
163  *     &lt;required&gt;true&lt;/required&gt;
164  *     &lt;rtexprvalue&gt;false&lt;/rtexprvalue&gt;
165  *   &lt;/attribute&gt;
166  *   &lt;attribute&gt;
167  *     &lt;name&gt;confirm&lt;/name&gt;
168  *     &lt;required&gt;false&lt;/required&gt;
169  *     &lt;rtexprvalue&gt;false&lt;/rtexprvalue&gt;
170  *   &lt;/attribute&gt;
171  * </pre>
172  *
173  * @see AdminUserTag
174  * @see TagPropertyManager
175  * @see YazdProperty
176  * @see GetYazdPropertyTag
177  * @see SetYazdPropertyTag
178  * @see YazdState
179  * @see YazdRequest
180  * @see ErrorTag
181  * @see ErrorLoopTag
182  *
183  * @author Glenn Nielsen
184  */
185 
186 public class AccountTag extends TagSupport implements YazdProperty
187 {
188   private YazdState js = null;
189   private YazdRequest jr = null;
190   private User user = null;
191   // Static user data, can't change username after account created.
192   private String   username = null;
193   // Required input parameters
194   private String   email = null;
195   // Optional input parameters
196   private String   nameVisible = null;
197   private String   emailVisible = null;
198   private String   receiveMail = null;
199   private String   password = null;
200   private String   confirm = null;
201   private String   name = null;
202   // Extended properties of User as configured in yazd.user.properties
203   private Map properties = new HashMap();
204   // Required extended properties of User as configured in yazd.user.properties
205   private Map required = new HashMap();
206   // Flag that we must confirm password if user is setting new password
207   // Set by the account tag confirm attribute
208   private boolean confirm_password = false;
209 
210   /**
211    * Initializes data for account tag User data and modifies User account
212    * if this is an HTML form submission.
213    *
214    * @throws JspException on system level error
215    *
216    * @return EVAL_BODY_INCLUDE
217    */
218 
219   public final int doStartTag() throws JspException
220   {
221     boolean extended_required = true;
222 
223     // Get the user state information
224     js = (YazdState)pageContext.getAttribute("yazdUserState",
225         PageContext.SESSION_SCOPE);
226     if( js == null ) {
227       throw new JspException("Yazd account tag could not get yazd state.");
228     }
229 
230     // Get the user request information
231     jr = (YazdRequest)pageContext.getAttribute("yazdUserRequest",
232                 PageContext.REQUEST_SCOPE);
233     if( jr == null ) {
234       throw new JspException("Yazd account tag could not get yazd request.");
235     }
236 
237     // If we are nested inside an admin tag, get user to administer
238     try {
239       AdminUserTag at = (AdminUserTag)this.findAncestorWithClass(this,
240         Class.forName("com.Yasna.forum.tags.AdminUserTag"));
241       user = at.getUser();
242     } catch(Exception   e) {
243     }
244 
245     if( user == null ) {
246       // Get the User data
247       ProfileManager pm = jr.getProfileManager();
248       try {
249         user = pm.getUser(js.getAuthorization().getUserID());
250       } catch( UserNotFoundException ex ) {
251         throw new JspException("Yazd account tag could not find user.");
252       }
253     }
254 
255     // Make sure user isn't anonymous
256     if( user.isAnonymous() ) {
257       throw new JspException("Yazd account tag can not be used by an anonymous user.");
258     }
259 
260     // Get user board name
261     if( user.getUsername() == null )
262       throw new JspException("Yazd account tag, user with id " +
263     user.getID() + " has no name.");
264     username = user.getUsername();
265 
266     // Save the script variable so JSP author can access user data
267     pageContext.setAttribute(id,this,PageContext.PAGE_SCOPE);
268 
269     // Get the User data and any extended properties
270     Enumeration enume = TagPropertyManager.getUserPropertyNames();
271     String   tmp;
272     String   prop;
273     ServletRequest req = pageContext.getRequest();
274     if( user.getEmail() != null )
275       email = user.getEmail();
276     if( user.getName() != null )
277       name = user.getName();
278     if( user.isEmailVisible() )
279       emailVisible = "checked";
280     if( user.isNameVisible() )
281       nameVisible = "checked";
282     // Get values of any extended user properties defined
283     // in yazd.user.properties
284     while( enume.hasMoreElements() ) {
285       prop = (String  )enume.nextElement();
286       if( prop.startsWith( "required." ) ) {
287         prop = prop.substring(9);
288         if( (tmp = user.getProperty(prop)) != null ) {
289           required.put(prop,tmp);
290         } else {
291           required.put(prop,"");
292         }
293       } else {
294         if( (tmp = user.getProperty(prop)) != null ) {
295       properties.put(prop,tmp);
296     } else {
297           properties.put(prop,"");
298     }
299       }
300     }
301 
302     if( (tmp = req.getParameter("modify")) == null ) {
303       // First time account info display, so continue on with rest of page
304       return EVAL_BODY_INCLUDE;
305     }
306 
307     // User has submitted a page requesting changes to their user data
308 
309     // Harvest the standard user data input parameters from page
310     email = req.getParameter("email");
311     password = req.getParameter("password");
312     confirm = req.getParameter("confirm");
313     name = req.getParameter("name");
314     nameVisible = req.getParameter("nameVisible");
315     emailVisible = req.getParameter("emailVisible");
316     receiveMail = req.getParameter("receiveMail");
317 
318     // Harvest the input parameters for any required extended properties
319     for( Iterator it=required.keySet().iterator(); it.hasNext(); ) {
320       prop = (String  )it.next();
321       if( (tmp = req.getParameter(prop)) != null && tmp.length() > 0 ) {
322         required.put(prop,tmp);
323       } else {
324         required.put(prop,"");
325         extended_required = false;
326       }
327     }
328 
329     // Harvest the input parameters for any optional extended properties
330     for( Iterator it=properties.keySet().iterator(); it.hasNext(); ) {
331       prop = (String  )it.next();
332       if( (tmp = req.getParameter(prop)) != null ) {
333         properties.put(prop,tmp);
334       }
335     }
336 
337     // Validate email address, error string comes from yazd.tag.properties
338     if( email == null || email.length() == 0 || !extended_required ) {
339         jr.addError(TagPropertyManager.getTagProperty("yazd.tag.account.required"));
340         return EVAL_BODY_INCLUDE;
341     }
342 
343     // Validate password confirmation if a password change is being made,
344     // and confirm is true. Error string comes from yazd.tag.properties
345     if( password != null && password.length() > 0 ) {
346       if( confirm_password && (confirm == null || !password.equals(confirm)) ) {
347         password = null;
348         confirm = null;
349         jr.addError(TagPropertyManager.getTagProperty("yazd.tag.account.confirm_password"));
350         return EVAL_BODY_INCLUDE;
351       }
352     }
353 
354     try {
355       // Save standard user data if changed
356       if( password != null && password.length() > 0 ) {
357     user.setPassword(password);
358     if( properties.get("password") != null ) {
359       ForumPermissions perms =
360         jr.getForumFactory().getPermissions(js.getAuthorization());
361           if( !perms.get(ForumPermissions.SYSTEM_ADMIN) &&
362               !perms.get(ForumPermissions.FORUM_ADMIN) &&
363               !perms.get(ForumPermissions.GROUP_ADMIN) &&
364               !perms.get(ForumPermissions.USER_ADMIN) ) {
365                 user.setProperty( "password", (String  )properties.get("password"));
366       }
367     }
368       }
369       if( name != null && name.length() > 0 ) {
370         user.setName( name );
371       }
372       if( nameVisible != null && nameVisible.length() > 0) {
373         user.setNameVisible( true );
374       } else {
375         user.setNameVisible( false );
376       }
377       if( receiveMail != null) {
378         user.setThreadSubscribe( true );
379       } else {
380         user.setThreadSubscribe( false );
381       }
382       if( email != null && email.length() > 0 ) {
383         user.setEmail( email );
384       }
385       if( emailVisible != null && emailVisible.length() > 0 ) {
386         user.setEmailVisible( true );
387       } else {
388         user.setEmailVisible( false );
389       }
390 
391       // Save any extended user properties
392       // thread_depth, message_depth, and items_per_page are special
393       // extended properties used for display preferences
394       for( Iterator it=properties.keySet().iterator(); it.hasNext(); ) {
395         tmp = (String  )it.next();
396         if( !tmp.equals("password") )
397           user.setProperty( tmp, (String  )properties.get(tmp));
398         if( tmp.equals(YazdState.MESSAGE_DEPTH) )
399           js.setMessageDepth(Integer.valueOf((String  )properties.get(tmp)).intValue());
400         if( tmp.equals(YazdState.THREAD_DEPTH) )
401           js.setThreadDepth(Integer.valueOf((String  )properties.get(tmp)).intValue());
402         if( tmp.equals(YazdState.ITEMS_PER_PAGE) )
403           js.setItemsPerPage(Integer.valueOf((String  )properties.get(tmp)).intValue());
404       }
405 
406       // Save any extended required user properties
407       // thread_depth, message_depth, and items_per_page are special
408       // extended properties used for display preferences
409       for( Iterator it=required.keySet().iterator(); it.hasNext(); ) {
410         tmp = (String  )it.next();
411         if( !tmp.equals("password") )
412           user.setProperty( tmp, (String  )required.get(tmp));
413         if( tmp.equals(YazdState.MESSAGE_DEPTH) )
414           js.setMessageDepth(Integer.valueOf((String  )required.get(tmp)).intValue());
415         if( tmp.equals(YazdState.THREAD_DEPTH) )
416           js.setThreadDepth(Integer.valueOf((String  )required.get(tmp)).intValue());
417         if( tmp.equals(YazdState.ITEMS_PER_PAGE) )
418           js.setItemsPerPage(Integer.valueOf((String  )required.get(tmp)).intValue());
419       }
420 
421     } catch(UnauthorizedException e) {
422       throw new JspException("Yazd account tag, user with id " +
423     user.getID() + " is not authorized to set user values.");
424     }
425 
426     // All done, the body of the account tag can now redirect the
427     // user some where else if needed.
428     return EVAL_BODY_INCLUDE;
429   }
430 
431   /**
432    * Set a flag indicating that password changes should be confirmed
433    * (Optional attribute).
434    */
435   public final void setConfirm(String   name)
436   {
437     if( name.equals("true") )
438       confirm_password = true;
439   }
440 
441   // Get methods for standard user data which is made
442   // availabe to JSP author via a script variable
443 
444   /**
445    * User Email address property which can be obtained by the JSP page
446    * using &lt;jsp:getProperty name=<i>"id"</i> property="email"/&gt;
447    *
448    * @return String - user email address
449    */
450   public final String   getEmail()
451   {
452     if( email == null )
453       return "";
454     return email;
455   }
456 
457   /**
458    * User Username (userid) property which can be obtained by the JSP page
459    * using &lt;jsp:getProperty name=<i>"id"</i> property="username"/&gt;
460    *
461    * @return String - user username (forum userid)
462    */
463   public final String   getUsername()
464   {
465     if( username == null )
466       return "";
467     return username;
468   }
469 
470   /**
471    * Password entered in previous HTML form submisson which can be
472    * obtained by the JSP page using
473    * &lt;jsp:getProperty name=<i>"id"</i> property="password"/&gt;
474    *
475    * @return String - password the user entered in the HTML form submitted
476    */
477   public final String   getPassword()
478   {
479     if( password == null )
480       return "";
481     return password;
482   }
483 
484   /**
485    * Confirm Password entered in previous HTML form submisson which can be
486    * obtained by the JSP page using
487    * &lt;jsp:getProperty name=<i>"id"</i> property="confirm"/&gt;
488    *
489    * @return String - confirm password the user entered in the HTML form submitted
490    */
491   public final String   getConfirm()
492   {
493     if( confirm == null )
494       return "";
495     return confirm;
496   }
497 
498   /**
499    * User Name (real name) property which can be obtained by the JSP page
500    * using &lt;jsp:getProperty name=<i>"id"</i> property="name"/&gt;
501    *
502    * @return String - user name (real name)
503    */
504   public final String   getName()
505   {
506     if( name == null )
507       return "";
508     return name;
509   }
510 
511   /**
512    * User NameVisible (real name) property which can be obtained by the
513    * JSP Page using &lt;jsp:getProperty name=<i>"id"</i> property="nameVisible"/&gt;
514    *
515    * @return <b>checked</b> if user real name should be visible.
516    */
517   public final String   getNameVisible()
518   {
519     if( nameVisible != null )
520       return "checked";
521     return "";
522   }
523 
524   /**
525    * User EmailVisible (email address) property which can be obtained by the
526    * JSP Page using &lt;jsp:getProperty name=<i>"id"</i> property="emailVisible"/&gt;
527    *
528    * @return <b>checked</b> if user email address should be visible.
529    */
530   public final String   getEmailVisible()
531   {
532     if( emailVisible != null )
533       return "checked";
534     return "";
535   }
536 
537   public final String   getEmailReply()
538   {
539     if( receiveMail != null )
540       return "checked";
541     return "";
542   }
543 
544   /**
545    * Method used by the getYazdProperty tag to get an extended User
546    * property from the account tag script variable.
547    *
548    * @return String - value of the property
549    */
550   public final String   getProperty(String   name)
551   {
552     String   tmp = (String  )properties.get(name);
553     if( tmp != null )
554       return tmp;
555     tmp = (String  )required.get(name);
556     if( tmp != null )
557       return tmp;
558     return "";
559   }
560 
561   /**
562    * Method used by the setYazdProperty tag to set an extended User
563    * property from the account tag script variable.
564    */
565   public final void setProperty(String   name, String   value)
566   {
567     user.setProperty(name,value);
568     if( properties.containsKey(name) )
569       properties.put(name,value);
570     else if( required.containsKey(name) )
571       properties.put(name,value);
572   }
573 
574   /**
575    * Method used to determine if user is a member of a yazd Group.
576    *
577    * @return true if a member, false if not a member
578    */
579   public final boolean isMember(String   name) throws JspException
580   {
581     // Get the group data
582     ProfileManager pm = jr.getProfileManager();
583     try {
584       Group group = pm.getGroup(name);
585       return group.isMember(user);
586     } catch( GroupNotFoundException ex ) {
587     }
588     return false;
589   }
590 
591 }
592
A to Z: JavaDoc & Examples Daily Java News & Articles Open Source Projects Open Source Codes Free Computer Books Remove Frame
Popular Tags