KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > apache > jetspeed > modules > actions > portlets > security > PermissionUpdateAction


1 /*
2  * Copyright 2000-2001,2004 The Apache Software Foundation.
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  * http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16
17 package org.apache.jetspeed.modules.actions.portlets.security;
18
19 // velocity
20 import org.apache.jetspeed.modules.actions.portlets.SecureVelocityPortletAction;
21 import org.apache.jetspeed.om.security.JetspeedPermissionFactory;
22 import org.apache.jetspeed.om.security.Permission;
23 import org.apache.jetspeed.portal.portlets.VelocityPortlet;
24 import org.apache.jetspeed.services.JetspeedSecurity;
25 import org.apache.jetspeed.services.logging.JetspeedLogFactoryService;
26 import org.apache.jetspeed.services.logging.JetspeedLogger;
27 import org.apache.jetspeed.services.resources.JetspeedResources;
28 import org.apache.jetspeed.services.security.JetspeedSecurityException;
29 import org.apache.turbine.util.DynamicURI;
30 import org.apache.turbine.util.RunData;
31 import org.apache.turbine.util.StringUtils;
32 import org.apache.velocity.context.Context;
33
34
35 /**
36  * This action sets up the template context for editing security permissions in the Turbine database.
37  *
38  * @author <a HREF="mailto:taylor@apache.org">David Sean Taylor</a>
39  * @version $Id: PermissionUpdateAction.java,v 1.9 2004/03/31 04:49:10 morciuch Exp $
40  */
41 public class PermissionUpdateAction extends SecureVelocityPortletAction
42 {
43     private static final String JavaDoc TEMP_PERMISSION = "tempPermission";
44
45     /**
46      * Static initialization of the logger for this class
47      */
48     private static final JetspeedLogger logger = JetspeedLogFactoryService.getLogger(PermissionUpdateAction.class.getName());
49     
50     /**
51      * Build the maximized state content for this portlet. (Same as normal state).
52      *
53      * @param portlet The velocity-based portlet that is being built.
54      * @param context The velocity context for this request.
55      * @param rundata The turbine rundata context for this request.
56      */
57     protected void buildMaximizedContext( VelocityPortlet portlet,
58                                           Context context,
59                                           RunData rundata )
60     {
61         buildNormalContext( portlet, context, rundata);
62     }
63
64     /**
65      * Build the configure state content for this portlet.
66      * TODO: we could configure this portlet with configurable skins, etc..
67      *
68      * @param portlet The velocity-based portlet that is being built.
69      * @param context The velocity context for this request.
70      * @param rundata The turbine rundata context for this request.
71      */
72     protected void buildConfigureContext( VelocityPortlet portlet,
73                                           Context context,
74                                           RunData rundata )
75     {
76
77         buildNormalContext( portlet, context, rundata);
78     }
79
80     /**
81      * Build the normal state content for this portlet.
82      *
83      * @param portlet The velocity-based portlet that is being built.
84      * @param context The velocity context for this request.
85      * @param rundata The turbine rundata context for this request.
86      */
87     protected void buildNormalContext( VelocityPortlet portlet,
88                                        Context context,
89                                        RunData rundata )
90     {
91         try
92         {
93             Permission permission = null;
94
95             /*
96              * Grab the mode for the user form.
97              */
98             String JavaDoc mode = rundata.getParameters().getString(SecurityConstants.PARAM_MODE);
99
100             //
101 // if we are updating or deleting - put the name in the context
102 //
103 if (mode != null && (mode.equals(SecurityConstants.PARAM_MODE_UPDATE) ||
104                                  mode.equals(SecurityConstants.PARAM_MODE_DELETE)))
105             {
106                 // get the primary key and put the object in the context
107 String JavaDoc permissionname = rundata.getParameters().getString(SecurityConstants.PARAM_ENTITY_ID);
108                 permission = JetspeedSecurity.getPermission(permissionname);
109                 context.put(SecurityConstants.CONTEXT_PERMISSION, permission);
110             }
111
112             //
113 // if there was an error, display the message
114 //
115 String JavaDoc msgid = rundata.getParameters().getString(SecurityConstants.PARAM_MSGID);
116             if (msgid != null)
117             {
118                 int id = Integer.parseInt(msgid);
119                 if (id < SecurityConstants.MESSAGES.length)
120                     context.put(SecurityConstants.PARAM_MSG, SecurityConstants.MESSAGES[id]);
121
122                 // get the bad entered data and put it back for convenient update
123 Permission tempPermission = (Permission)rundata.getUser().getTemp(TEMP_PERMISSION);
124                 if (tempPermission != null)
125                     context.put(SecurityConstants.CONTEXT_PERMISSION, tempPermission);
126             }
127             context.put(SecurityConstants.PARAM_MODE, mode);
128
129         }
130         catch (Exception JavaDoc e)
131         {
132             logger.error("Error in Jetspeed User Security", e);
133             rundata.setMessage("Error in Jetspeed User Security: " + e.toString());
134             rundata.setStackTrace(StringUtils.stackTrace(e), e);
135             rundata.setScreenTemplate(JetspeedResources.getString("template.error","Error"));
136         }
137     }
138
139     /**
140      * Database Insert Action for Security Permissions. Performs inserts into security database.
141      *
142      * @param rundata The turbine rundata context for this request.
143      * @param context The velocity context for this request.
144      */
145     public void doInsert(RunData rundata, Context context)
146         throws Exception JavaDoc
147     {
148         Permission permission = null;
149         try
150         {
151             //
152 // validate that its not an 'blank' permissionname -- not allowed
153 //
154 String JavaDoc name = rundata.getParameters().getString("name");
155             if (name == null || name.trim().length() == 0)
156             {
157                 DynamicURI duri = new DynamicURI (rundata);
158                 duri.addPathInfo(SecurityConstants.PANE_NAME, SecurityConstants.PANEID_PERMISSION_UPDATE);
159                 duri.addPathInfo(SecurityConstants.PARAM_MSGID, SecurityConstants.MID_INVALID_ENTITY_NAME);
160                 rundata.setRedirectURI(duri.toString());
161                 rundata.getUser().setTemp(TEMP_PERMISSION, null);
162                 return;
163             }
164
165             //
166 // generate a new permission
167 //
168 permission = JetspeedPermissionFactory.getInstance();
169             permission.setName(name);
170
171             //
172 // add the permission
173 ///
174 JetspeedSecurity.addPermission(permission);
175
176         }
177         catch (JetspeedSecurityException e)
178         {
179             // log the error msg
180 logger.error("Exception", e);
181
182             //
183 // dup key found - display error message - bring back to same screen
184 //
185 DynamicURI duri = new DynamicURI (rundata);
186             duri.addPathInfo(SecurityConstants.PANE_NAME, SecurityConstants.PANEID_PERMISSION_UPDATE);
187             duri.addPathInfo(SecurityConstants.PARAM_MSGID, SecurityConstants.MID_ENTITY_ALREADY_EXISTS);
188             rundata.setRedirectURI(duri.toString());
189
190             // save values that user just entered so they don't have to re-enter
191 if (permission != null)
192                rundata.getUser().setTemp(TEMP_PERMISSION, permission);
193         }
194     }
195
196     /**
197      * Database Update Action for Security Permissions. Performs updates into security database.
198      *
199      * @param rundata The turbine rundata context for this request.
200      * @param context The velocity context for this request.
201      */
202     public void doUpdate(RunData rundata, Context context)
203         throws Exception JavaDoc
204     {
205         Permission permission = null;
206         try
207         {
208             //
209 // get the permission object from the selected permission entry in the browser
210 //
211 permission = JetspeedSecurity.getPermission(
212                      rundata.getParameters().getString(SecurityConstants.PARAM_ENTITY_ID));
213
214             //
215 // update the permission in the database
216 //
217 JetspeedSecurity.savePermission(permission);
218
219         }
220         catch (Exception JavaDoc e)
221         {
222            // log the error msg
223 logger.error("Exception", e);
224
225             //
226 // error on update - display error message
227 //
228 DynamicURI duri = new DynamicURI (rundata);
229             duri.addPathInfo(SecurityConstants.PANE_NAME, SecurityConstants.PANEID_PERMISSION_UPDATE);
230             duri.addPathInfo(SecurityConstants.PARAM_MSGID, SecurityConstants.MID_UPDATE_FAILED);
231             if (permission != null)
232                 duri.addPathInfo(SecurityConstants.PARAM_ENTITY_ID, permission.getName());
233             duri.addQueryData(SecurityConstants.PARAM_MODE, SecurityConstants.PARAM_MODE_UPDATE);
234             rundata.setRedirectURI(duri.toString());
235
236            // save values that user just entered so they don't have to re-enter
237 if (permission != null)
238                rundata.getUser().setTemp(TEMP_PERMISSION, permission);
239
240         }
241     }
242
243     /**
244      * Database Delete Action for Security Permissions. Performs deletes into security database.
245      *
246      * @param rundata The turbine rundata context for this request.
247      * @param context The velocity context for this request.
248      */
249     public void doDelete(RunData rundata, Context context)
250         throws Exception JavaDoc
251     {
252         Permission permission = null;
253
254         try
255         {
256             //
257 // get the permission object from the selected permission entry in the browser
258 //
259 permission = JetspeedSecurity.getPermission(
260                         rundata.getParameters().getString( SecurityConstants.PARAM_ENTITY_ID) );
261
262             //
263 // remove the permission
264 //
265 JetspeedSecurity.removePermission(permission.getName());
266         }
267         catch (Exception JavaDoc e)
268         {
269            // log the error msg
270 logger.error("Exception", e);
271
272             //
273 // error on delete - display error message
274 //
275 DynamicURI duri = new DynamicURI (rundata);
276             duri.addPathInfo(SecurityConstants.PANE_NAME, SecurityConstants.PANEID_PERMISSION_UPDATE);
277             duri.addPathInfo(SecurityConstants.PARAM_MSGID, SecurityConstants.MID_DELETE_FAILED);
278             if (permission != null)
279                 duri.addPathInfo(SecurityConstants.PARAM_ENTITY_ID, permission.getName());
280             duri.addQueryData(SecurityConstants.PARAM_MODE, SecurityConstants.PARAM_MODE_DELETE);
281             rundata.setRedirectURI(duri.toString());
282
283             // save values that user just entered so they don't have to re-enter
284 if (permission != null)
285                rundata.getUser().setTemp(TEMP_PERMISSION, permission);
286
287         }
288
289     }
290
291
292 }
Popular Tags