KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > apache > jetspeed > modules > actions > portlets > security > UserUpdateAction


1 /*
2  * Copyright 2000-2001,2004 The Apache Software Foundation.
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  * http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16
17 package org.apache.jetspeed.modules.actions.portlets.security;
18
19 // java util
20 import java.io.StringWriter JavaDoc;
21 import java.util.Date JavaDoc;
22 import java.util.Locale JavaDoc;
23 import java.util.Properties JavaDoc;
24
25 import org.apache.jetspeed.modules.actions.portlets.SecureVelocityPortletAction;
26 import org.apache.jetspeed.om.security.JetspeedUser;
27 import org.apache.jetspeed.portal.portlets.VelocityPortlet;
28 import org.apache.jetspeed.services.JetspeedSecurity;
29 import org.apache.jetspeed.services.TemplateLocator;
30 import org.apache.jetspeed.services.logging.JetspeedLogFactoryService;
31 import org.apache.jetspeed.services.logging.JetspeedLogger;
32 import org.apache.jetspeed.services.resources.JetspeedResources;
33 import org.apache.jetspeed.services.security.NotUniqueUserException;
34 import org.apache.turbine.services.resources.TurbineResources;
35 import org.apache.turbine.services.velocity.TurbineVelocity;
36 import org.apache.turbine.util.DynamicURI;
37 import org.apache.turbine.util.RunData;
38 import org.apache.turbine.util.StringUtils;
39 import org.apache.turbine.util.mail.SimpleEmail;
40 import org.apache.velocity.context.Context;
41
42 /**
43  * This action sets up the template context for editing users in the Turbine database.
44  *
45  * @author <a HREF="mailto:taylor@apache.org">David Sean Taylor</a>
46  * @author <a HREF="mailto:kimptoc_mail@yahoo.com">Chris Kimpton</a>
47  * @author <a HREF="mailto:paulsp@apache.org">Paul Spencer</a>
48  * @version $Id: UserUpdateAction.java,v 1.17 2004/03/31 04:49:10 morciuch Exp $
49  */
50 public class UserUpdateAction extends SecureVelocityPortletAction
51 {
52     private static final String JavaDoc TEMP_USER = "tempUser";
53     
54     /**
55      * Static initialization of the logger for this class
56      */
57     private static final JetspeedLogger logger = JetspeedLogFactoryService.getLogger(UserUpdateAction.class.getName());
58     
59     /**
60      * Build the maximized state content for this portlet. (Same as normal state).
61      *
62      * @param portlet The velocity-based portlet that is being built.
63      * @param context The velocity context for this request.
64      * @param rundata The turbine rundata context for this request.
65      */
66     protected void buildMaximizedContext( VelocityPortlet portlet,
67                                           Context context,
68                                           RunData rundata )
69     {
70         buildNormalContext( portlet, context, rundata);
71     }
72
73     /**
74      * Build the configure state content for this portlet.
75      * TODO: we could configure this portlet with configurable skins, etc..
76      *
77      * @param portlet The velocity-based portlet that is being built.
78      * @param context The velocity context for this request.
79      * @param rundata The turbine rundata context for this request.
80      */
81     protected void buildConfigureContext( VelocityPortlet portlet,
82                                           Context context,
83                                           RunData rundata )
84     {
85
86         buildNormalContext( portlet, context, rundata);
87         setTemplate(rundata, "user-form.vm");
88     }
89
90     /**
91      * Build the normal state content for this portlet.
92      *
93      * @param portlet The velocity-based portlet that is being built.
94      * @param context The velocity context for this request.
95      * @param rundata The turbine rundata context for this request.
96      */
97     protected void buildNormalContext( VelocityPortlet portlet,
98                                        Context context,
99                                        RunData rundata )
100     {
101         try
102         {
103             JetspeedUser user = null;
104             /*
105              * Grab the mode for the user form.
106              */
107             String JavaDoc mode = rundata.getParameters().getString(SecurityConstants.PARAM_MODE);
108
109             if (mode != null && (mode.equals(SecurityConstants.PARAM_MODE_UPDATE) ||
110                                  mode.equals(SecurityConstants.PARAM_MODE_DELETE)))
111             {
112                 // get the primary key and put the object in the context
113 String JavaDoc username = rundata.getParameters().getString(SecurityConstants.PARAM_ENTITY_ID);
114                 user = JetspeedSecurity.getUser(username);
115                 context.put(SecurityConstants.CONTEXT_USER, user);
116             }
117
118             //
119 // if there was an error, display the message
120 //
121 String JavaDoc msgid = rundata.getParameters().getString(SecurityConstants.PARAM_MSGID);
122             if (msgid != null)
123             {
124                 int id = Integer.parseInt(msgid);
125                 if (id < SecurityConstants.MESSAGES.length)
126                     context.put(SecurityConstants.PARAM_MSG, SecurityConstants.MESSAGES[id]);
127
128                 // get the bad entered data and put it back for convenient update
129 JetspeedUser tempUser = (JetspeedUser)rundata.getUser().getTemp(TEMP_USER);
130                 if (tempUser != null)
131                     context.put(SecurityConstants.CONTEXT_USER, tempUser);
132
133             }
134
135             context.put(SecurityConstants.PARAM_MODE, mode);
136
137         }
138         catch (Exception JavaDoc e)
139         {
140             logger.error("Error in Jetspeed User Security", e);
141             rundata.setMessage("Error in Jetspeed User Security: " + e.toString());
142             rundata.setStackTrace(StringUtils.stackTrace(e), e);
143             rundata.setScreenTemplate(JetspeedResources.getString("template.error","Error"));
144         }
145     }
146
147     /**
148      * Database Insert Action for Users. Performs inserts into security database.
149      *
150      * @param rundata The turbine rundata context for this request.
151      * @param context The velocity context for this request.
152      */
153     public void doInsert(RunData rundata, Context context)
154         throws Exception JavaDoc
155     {
156         JetspeedUser user = null;
157         try
158         {
159             //
160 // validate that its not an 'blank' rolename -- not allowed
161 //
162 String JavaDoc name = rundata.getParameters().getString("username");
163             if (name == null || name.trim().length() == 0)
164             {
165                 DynamicURI duri = new DynamicURI (rundata);
166                 duri.addPathInfo(SecurityConstants.PANE_NAME, SecurityConstants.PANEID_USER_UPDATE);
167                 duri.addPathInfo(SecurityConstants.PARAM_MSGID, SecurityConstants.MID_INVALID_ENTITY_NAME);
168                 rundata.setRedirectURI(duri.toString());
169                 // save values that user just entered so they don't have to re-enter
170 if (user != null)
171                    rundata.getUser().setTemp(TEMP_USER, user);
172                 return;
173             }
174
175
176             //
177 // create a new user
178 //
179 user = JetspeedSecurity.getUserInstance();
180             rundata.getParameters().setProperties(user);
181
182             String JavaDoc password = rundata.getParameters().getString("password");
183             if (password == null)
184                 password = "";
185
186             user.setUserName(JetspeedSecurity.convertUserName(user.getUserName()));
187
188             Date JavaDoc now = new Date JavaDoc();
189             user.setCreateDate(now);
190             user.setLastLogin(now);
191             user.setConfirmed(JetspeedResources.CONFIRM_VALUE);
192
193             String JavaDoc disabled = rundata.getParameters().getString("disabled");
194             user.setDisabled( disabled != null );
195
196             //
197 // add the user
198 ///
199 user.setPassword(password);
200             JetspeedSecurity.addUser(user);
201         }
202         catch (NotUniqueUserException e)
203         {
204             // log the error msg
205 logger.error("Exception", e);
206
207             //
208 // dup key found - display error message - bring back to same screen
209 //
210 DynamicURI duri = new DynamicURI (rundata);
211             duri.addPathInfo(SecurityConstants.PANE_NAME, SecurityConstants.PANEID_USER_UPDATE);
212             duri.addPathInfo(SecurityConstants.PARAM_MSGID, SecurityConstants.MID_ENTITY_ALREADY_EXISTS);
213             rundata.setRedirectURI(duri.toString());
214             // save values that user just entered so they don't have to re-enter
215 if (user != null)
216                rundata.getUser().setTemp(TEMP_USER, user);
217         }
218
219     }
220
221     /**
222      * Database Update Action for Users. Performs accepting of new users into security database.
223      *
224      * @param rundata The turbine rundata context for this request.
225      * @param context The velocity context for this request.
226      */
227     public void doAccept(RunData rundata, Context context)
228     throws Exception JavaDoc
229     {
230         JetspeedUser user = null;
231         try
232         {
233             //
234 // get the user object from the selected entry in the browser
235 //
236 user = (JetspeedUser)JetspeedSecurity.getUser(
237                                            rundata.getParameters().getString(SecurityConstants.PARAM_ENTITY_ID));
238
239             user.setConfirmed(JetspeedResources.CONFIRM_VALUE);
240
241             //
242 // update the user in the database
243 //
244 JetspeedSecurity.saveUser(user);
245
246
247             //
248 // tell the user that they can now use jetspeed
249 //
250
251             DynamicURI url = new DynamicURI(rundata);
252
253             //build body via template
254 StringWriter JavaDoc email_body = new StringWriter JavaDoc();
255             SimpleEmail se = new SimpleEmail();
256             Context emailContext = TurbineVelocity.getContext();
257             emailContext.put( "data", rundata );
258             emailContext.put( "user", user );
259             emailContext.put( "config",new JetspeedResources());
260             emailContext.put( "urltojetspeed",url);
261             emailContext.put( "email",se);
262
263             //determine the language to be used for the notification email
264 String JavaDoc language = (String JavaDoc)user.getPerm("language",TurbineResources.getString("locale.default.language", "en"));
265             String JavaDoc country = (String JavaDoc)user.getPerm("country",TurbineResources.getString("locale.default.country", "US"));
266             Locale JavaDoc locale = new Locale JavaDoc(language,country);
267
268             String JavaDoc templateFile = JetspeedResources.getString("newuser.approval.accept.template");
269             String JavaDoc templatePath = TemplateLocator.locateEmailTemplate(rundata, templateFile, locale );
270             TurbineVelocity.handleRequest(emailContext, templatePath, email_body);
271
272             se.setMsg( email_body.toString() );
273
274             Properties JavaDoc props = System.getProperties();
275             String JavaDoc mailServerMachine = JetspeedResources.getString( "mail.server" );
276             props.put ( "mail.host", mailServerMachine );
277             props.put("mail.smtp.host", mailServerMachine);
278
279             se.send();
280
281
282         } catch (Exception JavaDoc e)
283         {
284             // log the error msg
285 logger.error("Exception", e);
286
287             //
288 // error on update - display error message
289 //
290 DynamicURI duri = new DynamicURI (rundata);
291             duri.addPathInfo(SecurityConstants.PANE_NAME, SecurityConstants.PANEID_USER_UPDATE);
292             duri.addPathInfo(SecurityConstants.PARAM_MSGID, SecurityConstants.MID_UPDATE_FAILED);
293             if (user != null)
294                 duri.addPathInfo(SecurityConstants.PARAM_ENTITY_ID, user.getUserName());
295             duri.addQueryData(SecurityConstants.PARAM_MODE, SecurityConstants.PARAM_MODE_UPDATE);
296             rundata.setRedirectURI(duri.toString());
297             // save values that user just entered so they don't have to re-enter
298 if (user != null)
299                 rundata.getUser().setTemp(TEMP_USER, user);
300         }
301      }
302
303     /**
304      * Database Update Action for Users. Performs accepting of new users into security database.
305      *
306      * @param rundata The turbine rundata context for this request.
307      * @param context The velocity context for this request.
308      */
309      public void doReject(RunData rundata, Context context)
310     throws Exception JavaDoc
311     {
312         JetspeedUser user = null;
313         try
314         {
315             //
316 // get the user object from the selected entry in the browser
317 //
318 user = (JetspeedUser)JetspeedSecurity.getUser(
319                                            rundata.getParameters().getString(SecurityConstants.PARAM_ENTITY_ID));
320
321             user.setConfirmed(JetspeedResources.CONFIRM_VALUE_REJECTED);
322
323             //
324 // update the user in the database
325 //
326 JetspeedSecurity.saveUser(user);
327
328
329
330             //
331 // tell the user that they can now use jetspeed
332 //
333
334             DynamicURI url = new DynamicURI(rundata);
335
336             //build body via template
337 StringWriter JavaDoc email_body = new StringWriter JavaDoc();
338             SimpleEmail se = new SimpleEmail();
339             Context emailContext = TurbineVelocity.getContext();
340             emailContext.put( "data", rundata );
341             emailContext.put( "user", user );
342             emailContext.put( "config",new JetspeedResources());
343             emailContext.put( "urltojetspeed",url);
344             emailContext.put( "email",se);
345
346             //determine the language to be used for the notification email
347 String JavaDoc language = (String JavaDoc)user.getPerm("language",TurbineResources.getString("locale.default.language", "en"));
348             String JavaDoc country = (String JavaDoc)user.getPerm("country",TurbineResources.getString("locale.default.country", "US"));
349             Locale JavaDoc locale = new Locale JavaDoc(language,country);
350
351             String JavaDoc templateFile = JetspeedResources.getString("newuser.approval.reject.template");
352             String JavaDoc templatePath = TemplateLocator.locateEmailTemplate(rundata, templateFile, locale );
353             TurbineVelocity.handleRequest(emailContext, templatePath, email_body);
354
355             se.setMsg( email_body.toString() );
356
357             Properties JavaDoc props = System.getProperties();
358             String JavaDoc mailServerMachine = JetspeedResources.getString( "mail.server" );
359             props.put ( "mail.host", mailServerMachine );
360             props.put("mail.smtp.host", mailServerMachine);
361
362             se.send();
363
364         } catch (Exception JavaDoc e)
365         {
366             // log the error msg
367 logger.error("Exception", e);
368
369             //
370 // error on update - display error message
371 //
372 DynamicURI duri = new DynamicURI (rundata);
373             duri.addPathInfo(SecurityConstants.PANE_NAME, SecurityConstants.PANEID_USER_UPDATE);
374             duri.addPathInfo(SecurityConstants.PARAM_MSGID, SecurityConstants.MID_UPDATE_FAILED);
375             if (user != null)
376                 duri.addPathInfo(SecurityConstants.PARAM_ENTITY_ID, user.getUserName());
377             duri.addQueryData(SecurityConstants.PARAM_MODE, SecurityConstants.PARAM_MODE_UPDATE);
378             rundata.setRedirectURI(duri.toString());
379             // save values that user just entered so they don't have to re-enter
380 if (user != null)
381                 rundata.getUser().setTemp(TEMP_USER, user);
382         }
383      }
384
385     /**
386      * Database Update Action for Users. Performs updates into security database.
387      *
388      * @param rundata The turbine rundata context for this request.
389      * @param context The velocity context for this request.
390      */
391     public void doUpdate(RunData rundata, Context context)
392         throws Exception JavaDoc
393     {
394         JetspeedUser user = null;
395         try
396         {
397             //
398 // get the user object from the selected entry in the browser
399 //
400 user = (JetspeedUser)JetspeedSecurity.getUser(
401                             rundata.getParameters().getString(SecurityConstants.PARAM_ENTITY_ID));
402
403             String JavaDoc name = rundata.getParameters().getString("username");
404             if (name == null || name.trim().length() == 0)
405             {
406                 DynamicURI duri = new DynamicURI (rundata);
407                 duri.addPathInfo(SecurityConstants.PANE_NAME, SecurityConstants.PANEID_USER_UPDATE);
408                 duri.addPathInfo(SecurityConstants.PARAM_MSGID, SecurityConstants.MID_INVALID_ENTITY_NAME);
409                 if (user != null)
410                     duri.addPathInfo(SecurityConstants.PARAM_ENTITY_ID, user.getUserName());
411                 duri.addQueryData(SecurityConstants.PARAM_MODE, SecurityConstants.PARAM_MODE_UPDATE);
412                 rundata.setRedirectURI(duri.toString());
413                 // save values that user just entered so they don't have to re-enter
414 if (user != null)
415                    rundata.getUser().setTemp(TEMP_USER, user);
416                 return;
417             }
418
419             //
420 // pull the values off the form and into the user object
421 //
422 boolean oldDisabled = user.getDisabled();
423             rundata.getParameters().setProperties(user);
424             user.setLastAccessDate();
425
426             JetspeedSecurity.forcePassword(user,rundata.getParameters().getString("password"));
427
428             String JavaDoc strDisabled = rundata.getParameters().getString("disabled");
429             boolean disabled = (strDisabled != null);
430             user.setDisabled(disabled);
431
432             if (!disabled && oldDisabled && JetspeedSecurity.isDisableAccountCheckEnabled())
433             {
434                 JetspeedSecurity.resetDisableAccountCheck(name);
435             }
436
437             //
438 // update the user in the database
439 //
440 JetspeedSecurity.saveUser(user);
441
442             JetspeedUser currentUser = (JetspeedUser)rundata.getUser();
443             if (currentUser.getUserName().equals(user.getUserName()))
444             {
445                 // same user as admin -- need to update in memory
446 currentUser.setPassword(user.getPassword()); // Contains Encrypted password
447 currentUser.setFirstName(user.getFirstName());
448                 currentUser.setLastName(user.getLastName());
449                 currentUser.setEmail(user.getEmail());
450             }
451
452         }
453         catch (Exception JavaDoc e)
454         {
455            // log the error msg
456 logger.error("Exception", e);
457
458             //
459 // error on update - display error message
460 //
461 DynamicURI duri = new DynamicURI (rundata);
462             duri.addPathInfo(SecurityConstants.PANE_NAME, SecurityConstants.PANEID_USER_UPDATE);
463             duri.addPathInfo(SecurityConstants.PARAM_MSGID, SecurityConstants.MID_UPDATE_FAILED);
464             if (user != null)
465                 duri.addPathInfo(SecurityConstants.PARAM_ENTITY_ID, user.getUserName());
466             duri.addQueryData(SecurityConstants.PARAM_MODE, SecurityConstants.PARAM_MODE_UPDATE);
467             rundata.setRedirectURI(duri.toString());
468             // save values that user just entered so they don't have to re-enter
469 if (user != null)
470                rundata.getUser().setTemp(TEMP_USER, user);
471         }
472
473     }
474
475     /**
476      * Database Delete Action for Users. Performs deletes into security database.
477      *
478      * @param rundata The turbine rundata context for this request.
479      * @param context The velocity context for this request.
480      */
481     public void doDelete(RunData rundata, Context context)
482         throws Exception JavaDoc
483     {
484         JetspeedUser user = null;
485         try
486         {
487             //
488 // get the user object from the selected entry in the browser
489 //
490 user = (JetspeedUser)JetspeedSecurity.getUser(
491                        rundata.getParameters().getString(SecurityConstants.PARAM_ENTITY_ID));
492
493             if (rundata.getUser().getUserName().equals(user.getUserName()))
494             {
495                 DynamicURI duri = new DynamicURI (rundata);
496                 duri.addPathInfo(SecurityConstants.PANE_NAME, SecurityConstants.PANEID_USER_UPDATE);
497                 duri.addPathInfo(SecurityConstants.PARAM_MSGID, SecurityConstants.MID_CANT_DELETE_CURRENT);
498                 if (user != null)
499                     duri.addPathInfo(SecurityConstants.PARAM_ENTITY_ID, user.getUserName());
500                 duri.addQueryData(SecurityConstants.PARAM_MODE, SecurityConstants.PARAM_MODE_DELETE);
501                 rundata.setRedirectURI(duri.toString());
502                 // save values that user just entered so they don't have to re-enter
503 if (user != null)
504                    rundata.getUser().setTemp(TEMP_USER, user);
505                 return;
506             }
507
508             //
509 // remove the user
510 //
511 JetspeedSecurity.removeUser(user.getUserName());
512
513         }
514         catch (Exception JavaDoc e)
515         {
516            // log the error msg
517 logger.error("Exception", e);
518
519             //
520 // error on delete - display error message
521 //
522 DynamicURI duri = new DynamicURI (rundata);
523             duri.addPathInfo(SecurityConstants.PANE_NAME, SecurityConstants.PANEID_USER_UPDATE);
524             duri.addPathInfo(SecurityConstants.PARAM_MSGID, SecurityConstants.MID_DELETE_FAILED);
525             if (user != null)
526                 duri.addPathInfo(SecurityConstants.PARAM_ENTITY_ID, user.getUserName());
527             duri.addQueryData(SecurityConstants.PARAM_MODE, SecurityConstants.PARAM_MODE_DELETE);
528             rundata.setRedirectURI(duri.toString());
529
530             // save values that user just entered so they don't have to re-enter
531 if (user != null)
532                rundata.getUser().setTemp(TEMP_USER, user);
533
534         }
535     }
536
537 }
Popular Tags