KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > apache > jetspeed > modules > actions > portlets > security > UserGroupRoleUpdateAction


1 /*
2  * Copyright 2000-2004 The Apache Software Foundation.
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  * http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16
17 package org.apache.jetspeed.modules.actions.portlets.security;
18
19 // java util
20 import java.util.Iterator JavaDoc;
21 import java.util.Vector JavaDoc;
22
23 import org.apache.jetspeed.modules.actions.portlets.SecureVelocityPortletAction;
24 import org.apache.jetspeed.om.profile.Portlets;
25 import org.apache.jetspeed.om.profile.Profile;
26 import org.apache.jetspeed.om.profile.ProfileLocator;
27 import org.apache.jetspeed.om.security.Group;
28 import org.apache.jetspeed.om.security.GroupRole;
29 import org.apache.jetspeed.om.security.JetspeedUser;
30 import org.apache.jetspeed.om.security.Role;
31 import org.apache.jetspeed.portal.portlets.VelocityPortlet;
32 import org.apache.jetspeed.services.JetspeedSecurity;
33 import org.apache.jetspeed.services.Profiler;
34 import org.apache.jetspeed.services.PsmlManager;
35 import org.apache.jetspeed.services.logging.JetspeedLogFactoryService;
36 import org.apache.jetspeed.services.logging.JetspeedLogger;
37 import org.apache.jetspeed.services.resources.JetspeedResources;
38 import org.apache.jetspeed.services.rundata.JetspeedRunData;
39 import org.apache.jetspeed.util.PortletUtils;
40 import org.apache.turbine.util.RunData;
41 import org.apache.turbine.util.StringUtils;
42 import org.apache.velocity.context.Context;
43
44
45 /**
46  * This action sets up the template context for editing security group roles
47  * for a given user.
48  *
49  * @author <a HREF="mailto:morciuch@apache.org">Mark Orciuch</a>
50  * @version $Id: UserGroupRoleUpdateAction.java,v 1.3 2004/03/31 04:49:10 morciuch Exp $
51  */
52 public class UserGroupRoleUpdateAction extends SecureVelocityPortletAction
53 {
54
55     /**
56      * Static initialization of the logger for this class
57      */
58     private static final JetspeedLogger logger = JetspeedLogFactoryService.getLogger(UserRoleUpdateAction.class.getName());
59
60     /**
61      * Build the maximized state content for this portlet. (Same as normal state).
62      *
63      * @param portlet The velocity-based portlet that is being built.
64      * @param context The velocity context for this request.
65      * @param rundata The turbine rundata context for this request.
66      */
67     protected void buildMaximizedContext( VelocityPortlet portlet,
68                                           Context context,
69                                           RunData rundata )
70     {
71         buildNormalContext( portlet, context, rundata);
72     }
73
74     /**
75      * Build the configure state content for this portlet.
76      *
77      * @param portlet The velocity-based portlet that is being built.
78      * @param context The velocity context for this request.
79      * @param rundata The turbine rundata context for this request.
80      */
81     protected void buildConfigureContext( VelocityPortlet portlet,
82                                           Context context,
83                                           RunData rundata )
84     {
85
86         buildNormalContext( portlet, context, rundata);
87     }
88
89     /**
90      * Build the normal state content for this portlet.
91      *
92      * @param portlet The velocity-based portlet that is being built.
93      * @param context The velocity context for this request.
94      * @param rundata The turbine rundata context for this request.
95      */
96     protected void buildNormalContext( VelocityPortlet portlet,
97                                        Context context,
98                                        RunData rundata )
99     {
100         try
101         {
102
103             //
104 // check to see if we are adding a role for a single user
105 //
106 String JavaDoc entityid = rundata.getParameters().getString(SecurityConstants.PARAM_ENTITY_ID);
107             if (entityid == null || entityid.trim().length() == 0)
108             {
109                 return;
110             }
111
112             buildUserGroupRoleContext(portlet, context, rundata, entityid);
113
114             //
115 // if there was an error, display the message
116 //
117 String JavaDoc msgid = rundata.getParameters().getString(SecurityConstants.PARAM_MSGID);
118             if (msgid != null)
119             {
120                 int id = Integer.parseInt(msgid);
121                 if (id < SecurityConstants.MESSAGES.length)
122                     context.put(SecurityConstants.PARAM_MSG, SecurityConstants.MESSAGES[id]);
123             }
124
125         }
126         catch (Exception JavaDoc e)
127         {
128             logger.error("Error in Jetspeed User Group Role Security", e);
129             rundata.setMessage("Error in Jetspeed User Group Role Security: " + e.toString());
130             rundata.setStackTrace(StringUtils.stackTrace(e), e);
131             rundata.setScreenTemplate(JetspeedResources.getString("template.error","Error"));
132         }
133     }
134
135
136     /**
137      * Appends profile for specified role to the end of profile for specified user
138      *
139      * @param user User to append to
140      * @param role Role to append from
141      * @exception Exception
142      */
143     private void appendNewRoleProfile(JetspeedRunData jdata, JetspeedUser user, Role role)
144     throws Exception JavaDoc
145     {
146         // Retrieve the role profile
147 ProfileLocator roleLocator = Profiler.createLocator();
148         roleLocator.setRole(role);
149         roleLocator.setMediaType(jdata.getCapability().getPreferredMediaType());
150         roleLocator.setName("default.psml");
151         Profile roleProfile = Profiler.getProfile(roleLocator);
152         if (roleProfile != null)
153         {
154             if (logger.isDebugEnabled())
155             {
156                 logger.debug("UserGroupRoleUpdateAction: retrieved profile for role: " + roleProfile.getPath());
157             }
158         }
159
160         // Retrieve the user profile
161 ProfileLocator userLocator = Profiler.createLocator();
162         userLocator.setUser(user);
163         userLocator.setMediaType(jdata.getCapability().getPreferredMediaType());
164         userLocator.setName("default.psml");
165         Profile userProfile = Profiler.getProfile(userLocator);
166         if (userProfile != null)
167         {
168             if (logger.isDebugEnabled())
169             {
170                 logger.debug("UserGroupRoleUpdateAction: retrieved profile for user: " + userProfile.getPath());
171             }
172         }
173
174         // Append role profile to user profile
175 if (roleProfile != null &&
176             roleProfile.getDocument() != null &&
177             userProfile != null &&
178             userProfile.getDocument() != null)
179         {
180             Profile tmpProfile = (Profile) roleProfile.clone();
181             Portlets rolePortlets = tmpProfile.getDocument().getPortlets();
182             Portlets userPortlets = userProfile.getDocument().getPortlets();
183
184             // Handle pane based profile
185 if (rolePortlets.getPortletsCount() > 0)
186             {
187                 for (int i = 0; i < rolePortlets.getPortletsCount(); i++)
188                 {
189                     Portlets pane = rolePortlets.getPortlets(i);
190                     pane.setLayout(null);
191                     userPortlets.addPortlets(pane);
192                     if (logger.isDebugEnabled())
193                     {
194                         logger.debug("UserRoleUpdateAction: appended pane: " + pane.getId() + " to user: " + user.getUserName());
195                     }
196                 }
197             }
198             // Handle profile with no panes
199 else
200             {
201                 if (rolePortlets.getTitle() == null)
202                 {
203                     String JavaDoc title = org.apache.turbine.util.StringUtils.firstLetterCaps(roleProfile.getRoleName());
204                     rolePortlets.setTitle(title + " Home");
205                 }
206                 rolePortlets.setLayout(null);
207                 userPortlets.addPortlets(rolePortlets);
208             }
209
210             // Regenerate ids
211 PortletUtils.regenerateIds(userPortlets);
212
213             // Save the user profile
214 PsmlManager.store(userProfile);
215         }
216     }
217
218     /**
219      * Build the context for a role browser for a specific user.
220      *
221      * @param portlet The velocity-based portlet that is being built.
222      * @param context The velocity context for this request.
223      * @param rundata The turbine rundata context for this request.
224      * @param userid The userid of the user that we are building a role context for.
225      */
226     private void buildUserGroupRoleContext(VelocityPortlet portlet,
227                                            Context context,
228                                            RunData rundata,
229                                            String JavaDoc userid)
230     throws Exception JavaDoc
231     {
232         // get the user object
233 JetspeedUser user = JetspeedSecurity.getUser(userid);
234         if (null == user)
235         {
236             // no User found
237 logger.error("UserGroupRoleBrowser: Failed to get user: " + userid );
238             return;
239         }
240         // get master list of roles
241 Iterator JavaDoc roles = JetspeedSecurity.getRoles();
242         Vector JavaDoc masterRoles = new Vector JavaDoc();
243         while (roles.hasNext())
244         {
245             Role role = (Role) roles.next();
246             masterRoles.add(role);
247         }
248
249         Iterator JavaDoc groups = JetspeedSecurity.getGroups();
250         Vector JavaDoc masterGroups = new Vector JavaDoc();
251         while (groups.hasNext())
252         {
253             Group group = (Group) groups.next();
254             masterGroups.add(group);
255         }
256                 
257         Vector JavaDoc selected = new Vector JavaDoc();
258         Iterator JavaDoc groupRoles = JetspeedSecurity.getRoles(userid);
259         while (groupRoles.hasNext())
260         {
261             GroupRole gr = (GroupRole) groupRoles.next();
262             selected.add(gr.getGroup().getName() + gr.getRole().getName());
263         }
264
265         rundata.getUser().setTemp(SecurityConstants.CONTEXT_ROLES, masterRoles);
266         rundata.getUser().setTemp(SecurityConstants.CONTEXT_GROUPS, masterGroups);
267         rundata.getUser().setTemp(SecurityConstants.CONTEXT_SELECTED, selected);
268         
269         context.put(SecurityConstants.CONTEXT_USER, user);
270         context.put(SecurityConstants.CONTEXT_ROLES, masterRoles);
271         context.put(SecurityConstants.CONTEXT_GROUPS, masterGroups);
272         context.put(SecurityConstants.CONTEXT_SELECTED, selected);
273
274     }
275
276     /**
277      * Update the roles that are to assigned to a user
278      * for a project.
279      */
280     public void doRoles(RunData data, Context context)
281     throws Exception JavaDoc
282     {
283         /*
284          * Get the user we are trying to update. The username
285          * has been hidden in the form so we will grab the
286          * hidden username and use that to retrieve the
287          * user.
288          */
289         String JavaDoc username = data.getParameters().getString("username");
290         JetspeedUser user = JetspeedSecurity.getUser(username);
291
292         /*
293          * Grab all the Groups and Roles in the system.
294          */
295         for (Iterator JavaDoc groups = JetspeedSecurity.getGroups(); groups.hasNext();)
296         {
297             String JavaDoc groupName = ((Group) groups.next()).getName();
298
299             for (Iterator JavaDoc roles = JetspeedSecurity.getRoles(); roles.hasNext();)
300             {
301                 /*
302                  * In the UserRoleForm.vm we made a checkbox
303                  * for every possible Group/Role combination
304                  * so we will compare every possible combination
305                  * with the values that were checked off in
306                  * the form. If we have a match then we will
307                  * grant the user the role in the group.
308                  */
309                 Role role = (Role) roles.next();
310                 String JavaDoc roleName = role.getName();
311                 String JavaDoc groupRole = groupName + roleName;
312
313                 String JavaDoc formGroupRole = data.getParameters().getString(groupRole);
314
315                 if (formGroupRole != null && JetspeedSecurity.hasRole(username, roleName, groupName) == false)
316                 {
317                     JetspeedSecurity.grantRole(username, roleName, groupName);
318                     
319                     // If role profile merging is active, append profile for the new role
320 if (Profiler.useRoleProfileMerging())
321                     {
322                         appendNewRoleProfile((JetspeedRunData) data, user, role);
323                     }
324                 }
325                 else if (formGroupRole == null && JetspeedSecurity.hasRole(username, roleName, groupName))
326                 {
327                     JetspeedSecurity.revokeRole(username, roleName, groupName);
328                 }
329             }
330         }
331     }
332
333
334 }
335
Popular Tags