1 21 package com.jaspersoft.jasperserver.war.control; 22 23 import java.util.List ; 24 25 import javax.servlet.ServletException ; 26 import javax.servlet.http.HttpServletRequest ; 27 import javax.servlet.http.HttpServletResponse ; 28 29 import org.apache.commons.logging.Log; 30 import org.apache.commons.logging.LogFactory; 31 import org.springframework.web.servlet.ModelAndView; 32 33 import com.jaspersoft.jasperserver.api.metadata.common.domain.Resource; 34 import com.jaspersoft.jasperserver.api.metadata.user.domain.ObjectPermission; 35 import com.jaspersoft.jasperserver.api.metadata.user.domain.Role; 36 import com.jaspersoft.jasperserver.api.metadata.user.domain.User; 37 import com.jaspersoft.jasperserver.api.common.domain.ExecutionContext; 38 import com.jaspersoft.jasperserver.api.common.domain.impl.ExecutionContextImpl; 39 40 44 public class JSAdminController extends JRBaseMultiActionController { 45 46 protected static final Log log = LogFactory.getLog(JSAdminController.class); 47 48 53 public ModelAndView adminHome(HttpServletRequest req, HttpServletResponse res) 54 throws ServletException { 55 req.setAttribute("reportUnits", getReportUnits()); 56 return new ModelAndView("AdminHomePage"); 57 } 58 59 64 public ModelAndView reportMgmt(HttpServletRequest req, HttpServletResponse res) 65 throws ServletException { 66 req.setAttribute("reportUnits", getReportUnits()); 67 return new ModelAndView("ReportManagement"); 68 } 69 70 75 public ModelAndView reportMgmtActions(HttpServletRequest req, HttpServletResponse res) 76 throws ServletException { 77 String action = req.getParameter("repmgmtaction"), toPage = null; 78 if(action == null || action.trim().length()==0) { 79 return reportMgmt(req, res); 80 } else { 81 if(action.equals("createreport")) { 82 toPage = "forward:/flow.html?_flowId=createReportFlow"; 84 } else if(action.equals("hierarchview")) { 85 toPage = "HierarchView"; 86 } 87 } 88 return new ModelAndView(toPage); 89 } 90 91 96 public ModelAndView reportDtls(HttpServletRequest req, HttpServletResponse res) 97 throws ServletException { 98 req.setAttribute("reportUnit", getReportUnit(req)); 99 return new ModelAndView("ReportDetails"); 100 } 101 102 107 public ModelAndView reportDtlsActions(HttpServletRequest req, HttpServletResponse res) 108 throws ServletException { 109 String action = req.getParameter("repdtlsaction"), toPage = null; 110 if(action == null || action.trim().length()==0) { 111 return reportDtls(req, res); 112 } else { 113 if(action.equals("torepmgmt")) { 114 return reportMgmt(req, res); 115 } else if(action.equals("editreport")) { 116 toPage = "forward:/reportedit.html"; 117 } else if(action.equals("runreport")) { 118 toPage = "RunReport"; 119 } 120 } 121 return new ModelAndView(toPage); 122 } 123 124 129 public ModelAndView userSearchActions(HttpServletRequest req, HttpServletResponse res) 130 throws ServletException { 131 132 String action = req.getParameter("usersearchaction"); 133 String commonAction = req.getParameter("commonuseraction"); 134 String toPage = null; 135 136 if(commonAction != null && commonAction.trim().length() != 0) { 138 if (commonAction != null && commonAction.equals("searchuser")) { 139 toPage = "forward:/usersearch.html"; 142 } else if (commonAction != null && commonAction.equals("pagenoclick")) { 143 req.setAttribute("roleList", getAllRoles()); req.setAttribute("userList", getAllUsers()); return new ModelAndView(req.getParameter("frompage")); } else if (commonAction != null && commonAction.equals("pagesetclick")) { 147 req.setAttribute("roleList", getAllRoles()); req.setAttribute("userList", getAllUsers()); return new ModelAndView(req.getParameter("frompage")); } 151 } 152 153 if(action != null && action.trim().length() != 0) { 155 if (action.equals("viewedituser")) { 156 return new ModelAndView("forward:/createedituser.html?readonly=readonly"); 159 } else if (action.equals("newuser")) { 160 return new ModelAndView("forward:/createnewuser.html?createedituseraction=newuser"); 162 } else if (action.equals("deleteuser")) { 163 String username = req.getParameter("userselected"); 165 userAuthService.deleteUser(new ExecutionContextImpl(), username); 166 toPage = "forward:/usersearch.html"; 167 } else if (action.equals("deleteusers")) { 168 String [] usernames = req.getParameterValues("deleteUser"); 169 if (usernames != null) 170 for (int i = 0; i < usernames.length; i++) 171 userAuthService.deleteUser(new ExecutionContextImpl(), usernames[i]); 172 toPage = "forward:/usersearch.html"; 173 } 174 } 175 return new ModelAndView(toPage); 176 } 177 178 183 public ModelAndView createEditUserActions(HttpServletRequest req, HttpServletResponse res) 184 throws ServletException { 185 String fromPage = req.getParameter("frompage"); 186 String action = req.getParameter("createedituseraction"), toPage = null; 187 if(action == null || action.trim().length()==0) { 188 toPage = "forward:/usersearch.html"; 189 } else { 190 if (action.equals("cancelusersave")) { 191 if(fromPage != null) { 192 if(fromPage.equals("UserSearch")) { 193 toPage = "forward:/usersearch.html"; 194 } else if(fromPage.equals("EditRoleSelectingUsers")) { 195 toPage = "forward:/editRoleSelectingUsers.html"; 196 } else if(fromPage.equals("ObjectPermissionToUser")) { 197 toPage = "forward:/objprmtouser.html"; 198 } 199 } 200 } 201 } 202 return new ModelAndView(toPage); 203 } 204 205 210 public ModelAndView editCreateRoleActions(HttpServletRequest req, HttpServletResponse res) 211 throws ServletException { 212 String action = req.getParameter("createeditroleaction"), toPage = null; 213 if(action == null || action.trim().length()==0) { 214 toPage = ""; 215 } else { 216 if(action.equals("newrole")) { 217 toPage = "CreateEditRole"; 218 } else if (action.equals("submit")) { 219 toPage = "CreateEditRole"; 221 } 222 } 223 return new ModelAndView(toPage); 224 } 225 226 231 public ModelAndView editRoleUserActions(HttpServletRequest req, HttpServletResponse res) 232 throws ServletException { 233 String action = req.getParameter("editroleuseraction"); 234 String commonAction = req.getParameter("commonuseraction"); 235 String toPage = req.getParameter("frompage"); 236 237 Role role = null; 238 User user = null; 239 ExecutionContext context = null; 240 241 if(commonAction != null) { 242 if (commonAction.equals("searchuser")) { 243 req.setAttribute("roleList", getAllRoles()); 245 req.setAttribute("userList", getAllUsers()); return new ModelAndView("EditRoleSelectingUsers"); 247 } else if (commonAction.equals("pagenoclick")) { 248 req.setAttribute("roleList", getAllRoles()); 249 req.setAttribute("userList", getAllUsers()); return new ModelAndView(toPage); 251 } else if (commonAction.equals("pagesetclick")) { 252 req.setAttribute("roleList", getAllRoles()); 253 req.setAttribute("userList", getAllUsers()); return new ModelAndView(toPage); 255 } 256 } 257 258 String userid = req.getParameter("userselected"); 260 String roleid = req.getParameter("selectedrole"); 261 262 if(userid == null || roleid == null) 263 throw new RuntimeException (" Invalid userid or roleid. cannot continue."); 264 265 if(action != null) { 266 context = new ExecutionContextImpl(); 267 role = userAuthService.getRole(context, roleid); 268 user = userAuthService.getUser(context, userid); 269 270 if(action.equals("viewedituser")) { 271 toPage = "forward:/createedituser.html?readonly=readonly"; 273 } else if (action.equals("addroletouser")) { 274 user.addRole(role); 275 userAuthService.putUser(context, user); 276 req.setAttribute("roleList", getAllRoles()); 277 req.setAttribute("userList", getAllUsers()); } else if (action.equals("delrolefrmuser")) { 279 user.removeRole(role); 280 userAuthService.putUser(context, user); 281 req.setAttribute("roleList", getAllRoles()); 282 req.setAttribute("userList", getAllUsers()); } 284 } 285 return new ModelAndView(toPage); 286 } 287 288 293 public ModelAndView objPermToUserActions(HttpServletRequest req, HttpServletResponse res) 294 throws ServletException { 295 296 String objectidentifier = req.getParameter("resource"); 297 String action = req.getParameter("objpermtouseraction"); 298 String commonaction = req.getParameter("commonuseraction"); 299 String toPage = req.getParameter("frompage"); 300 ExecutionContext context = null; 301 302 if(commonaction != null && commonaction.trim().length() != 0) { 303 if(commonaction.equals("searchuser")) { 304 } else if(commonaction.equals("pagenoclick")) { 307 } else if(commonaction.equals("pagesetclick")) { 309 } 311 req.setAttribute("userList", getAllUsers()); 313 return new ModelAndView(toPage); 314 } 315 316 if (action != null && action.trim().length() != 0) { 317 318 String userid = req.getParameter("userselected"); 319 String permsn = req.getParameter("permission"); 320 321 if (userid == null || userid.trim().length() == 0) { 322 throw new RuntimeException (" Invalid 'setPermission' request. Null user. "); 323 } 324 325 context = new ExecutionContextImpl(); 326 User user = userAuthService.getUser(context, userid); 327 328 if (action.equals("viewedituser")) { 329 330 toPage = "forward:/createedituser.html?readonly=readonly"; 332 333 } else if (action.equals("setpermissiontouser")) { 334 335 if (permsn == null || permsn.trim().length() == 0) { 336 throw new RuntimeException (" Invalid 'setPermission' request. Null Permission. "); 337 } 338 339 int permissionValue = Integer.parseInt(permsn); 340 341 if (permissionValue >= 0) { 342 if (!performObjectPermissionSave(context, objectidentifier, user, permissionValue)) { 343 throw new RuntimeException (" Error occurred in object-permission Save. "); 344 } 345 } 346 347 req.setAttribute("userList", getAllUsers()); } 350 } 351 return new ModelAndView(toPage); 352 } 353 354 355 360 public ModelAndView objPermToRoleActions(HttpServletRequest req, HttpServletResponse res) 361 throws ServletException { 362 363 String objectidentifier = req.getParameter("resource"); 364 String action = req.getParameter("objpermtoroleaction"); 365 String commonaction = req.getParameter("commonuseraction"); 366 String toPage = req.getParameter("frompage"); 367 ExecutionContext context = null; 368 369 if (commonaction != null) { 370 if (commonaction.equals("pagenoclick")) { 371 req.setAttribute("roleList", getAllRoles()); 372 return new ModelAndView(toPage); 373 } else if (commonaction.equals("pagesetclick")) { 374 req.setAttribute("roleList", getAllRoles()); 375 return new ModelAndView(toPage); 376 } 377 } 378 379 if (action != null) { 380 String roleid = req.getParameter("selectedrole"); 381 String permsn = req.getParameter("permission"); 382 383 if (roleid == null || roleid.trim().length() == 0) 385 throw new RuntimeException (" Invalid 'setPermission' request. Null role. "); 386 387 context = new ExecutionContextImpl(); 388 Role role = userAuthService.getRole(context, roleid); 389 390 if (action.equals("vieweditrole")) { 391 toPage = "forward:/editrole.html?readonly=readonly"; 393 } else if (action.equals("setpermissiontorole")) { 394 if (permsn == null || permsn.trim().length() == 0) 395 throw new RuntimeException (" Invalid 'setPermission' request. Null Permission. "); 396 397 int permissionValue = Integer.parseInt(permsn); 398 399 if (permissionValue >= 0) { 400 if (!performObjectPermissionSave(context, objectidentifier, role, permissionValue)) 401 throw new RuntimeException (" Error occurred in object-permission Save. "); 402 } else { 403 if (!performObjectPermissionDelete(context, objectidentifier, role)) 404 throw new RuntimeException (" Error occurred in object-permission delete. "); 405 } 406 } 407 } 408 409 req.setAttribute("roleList", getAllRoles()); 410 return new ModelAndView(toPage); 411 } 412 413 418 public ModelAndView objectSearchGetActions(HttpServletRequest req, HttpServletResponse res) 419 throws ServletException { 420 421 String toPage = req.getParameter("frompage"); 422 String action = req.getParameter("objsrchaction"); 423 String objtype = req.getParameter("objecttype"); 424 425 if(action != null) { 426 if (action.equals("searchobject")) { 427 } else if(action.equals("filterby")) { 429 } else if (action.equals("vieweditobject")) { 431 if(objtype.equals("USER")) { 432 toPage = "forward:/createedituser.html"; 433 } else if(objtype.equals("ROLE")) { 434 toPage = "forward:/editrole.html"; 435 } else if(objtype.equals("REPORTUNIT")) { 436 toPage = "forward:/reportedit.html"; 437 } else if(objtype.equals("DATASOURCE")) { 438 toPage = "forward:/datasrcedit.html"; 439 } 440 } else if (action.equals("setuserpermission")) { 441 toPage = "ObjectPermissionToUser"; 442 } else if (action.equals("setrolepermission")) { 443 toPage = "ObjectPermissionToRole"; 444 } 445 } 446 return new ModelAndView(toPage); 447 } 448 449 454 private boolean performObjectPermissionSave(ExecutionContext context, String objectIdentifier, Object recipientObject, int permission) { 455 456 if (recipientObject == null) { 457 log.warn("performObjectPermissionDelete: recipient is null"); 458 return false; 459 } 460 461 Resource targetObject = (Resource) repository.getResource(context, objectIdentifier); 462 if (targetObject == null) { 463 targetObject = repository.getFolder(context, objectIdentifier); 464 } 465 if (targetObject == null) { 466 log.warn("performObjectPermissionDelete: target is null"); 467 return false; 468 } 469 470 ObjectPermission objectPermission = null; 471 472 List lstObjPerms = objPermService.getObjectPermissionsForObjectAndRecipient(context, targetObject, recipientObject); 473 474 if (lstObjPerms != null && lstObjPerms.size() > 0) 475 objectPermission = (ObjectPermission) lstObjPerms.get(0); 476 477 if (objectPermission == null) { 478 objectPermission = objPermService.newObjectPermission(context); 479 } 480 481 483 objectPermission.setURI(targetObject.getURI()); 484 objectPermission.setPermissionMask(permission); 485 objectPermission.setPermissionRecipient(recipientObject); 486 487 objPermService.putObjectPermission(context, objectPermission); 488 return true; 489 } 490 491 496 private boolean performObjectPermissionDelete(ExecutionContext context, String objectIdentifier, Object recipientObject) { 497 498 if (recipientObject == null) { 499 log.warn("performObjectPermissionDelete: recipient is null"); 500 return false; 501 } 502 503 Resource targetObject = (Resource) repository.getResource(context, objectIdentifier); 504 if (targetObject == null) { 505 targetObject = repository.getFolder(context, objectIdentifier); 506 } 507 if (targetObject == null) { 508 log.warn("performObjectPermissionDelete: target is null"); 509 return false; 510 } 511 512 ObjectPermission objectPermission = null; 513 514 List lstObjPerms = objPermService.getObjectPermissionsForObjectAndRecipient(context, targetObject, recipientObject); 515 516 if (lstObjPerms != null && lstObjPerms.size() > 0) 517 objectPermission = (ObjectPermission) lstObjPerms.get(0); 518 519 if (objectPermission == null || objectPermission.getPermissionRecipient() == null) { 521 log.warn("performObjectPermissionDelete: no permission for target and recipient"); 522 return false; 523 } 524 525 objPermService.deleteObjectPermission(context, objectPermission); 526 return true; 527 } 528 529 } 530 | Popular Tags |