1 16 package com.blandware.atleap.webapp.action.core.user; 17 18 import com.blandware.atleap.common.Constants; 19 import com.blandware.atleap.model.core.User; 20 import com.blandware.atleap.service.core.UserManager; 21 import com.blandware.atleap.webapp.action.core.BaseAction; 22 import com.blandware.atleap.webapp.form.UserForm; 23 import com.blandware.atleap.webapp.util.core.WebappUtil; 24 import org.apache.struts.action.ActionForm; 25 import org.apache.struts.action.ActionForward; 26 import org.apache.struts.action.ActionMapping; 27 import org.apache.struts.action.ActionMessage; 28 import org.apache.struts.action.ActionMessages; 29 30 import javax.servlet.http.HttpServletRequest ; 31 import javax.servlet.http.HttpServletResponse ; 32 33 52 public final class CallUpdateUserAction extends BaseAction { 53 62 public ActionForward execute(ActionMapping mapping, ActionForm form, 63 HttpServletRequest request, HttpServletResponse response) throws Exception { 64 65 if ( isCancelled(request) ) { 66 if ( request.isUserInRole("core-user-list") ) { 67 return mapping.findForward("listUsers"); 68 } else { 69 return mapping.findForward("admin"); 70 } 71 } 72 73 if ( !request.isUserInRole("core-user-update") && !request.isUserInRole("core-user-updateOneself") ) { 74 response.sendError(HttpServletResponse.SC_FORBIDDEN); 75 return null; 76 } 77 78 UserForm userForm = (UserForm) form; 79 String userName = null; 80 if ( userForm.getName() != null ) { 81 userName = userForm.getName(); 82 } else { 83 if ( log.isWarnEnabled() ) { 84 log.warn("Missing user name. Returning to list..."); 85 } 86 return mapping.findForward("listUsers"); 87 } 88 89 if ( !userName.equals(request.getRemoteUser()) && !request.isUserInRole("core-user-update") ) { 90 response.sendError(HttpServletResponse.SC_FORBIDDEN); 91 return null; 92 } 93 94 UserManager userManager = (UserManager) getBean(Constants.USER_MANAGER_BEAN); 95 User user = userManager.retrieveUser(userName); 96 if ( user == null ) { 97 ActionMessages errors = new ActionMessages(); 99 errors.add("userNotFound", new ActionMessage("core.user.errors.notFound")); 100 saveErrors(request, errors); 101 return mapping.findForward("listUsers"); 102 } 103 104 WebappUtil.copyProperties(userForm, user, request); 105 106 userForm.setPassword(""); 107 108 saveToken(request); 110 return mapping.findForward("updateUser"); 111 } 112 113 } | Popular Tags |