Java > Open Source Codes > org > jahia > bin > JahiaAdministration


1 // $Id: JahiaAdministration.java 16517 2007-02-27 13:06:36Z bpapez $
2 //
3 // ____.
4 // __/\ ______| |__/\. _______
5 // __ .____| | \ | +----+ \
6 // _______| /--| | | - \ _ | : - \_________
7 // \\______: :---| : : | : | \________>
8 // |__\---\_____________:______: :____|____:_____\
9 // /_____|
10 //
11 // . . . i n j a h i a w e t r u s t . . .
12 //
13 //
14 // JahiaAdministration
15 //
16 // 27.01.2001 AK added in jahia.
17 // 29.01.2001 AK fix a bug when check the database.
18 // 06.02.2001 AK add server settings methods.
19 // 07.02.2001 AK replace context attributes by session and request attributes.
20 // 10.01.2001 AK include design, add base for templates and components.
21 // 13.01.2001 MJ added user&group management.
22 // 31.03.2001 AK completely change the properties system.
23 // 01.04.2001 AK cut the servlet into some beans.
24 // 17.04.2001 AK change methods processLogin() and isValidLoginSession() to
25 // check if the user is member of the "admin" or "superadmin"
26 // elitists groups.
27 // 18.04.2001 AK change method displayMenu() to get all administrator access
28 // granted website(s).
29 // 20.04.2001 AK fix mammouth in userRequestDispatcher() method.
30 // 21.04.2001 AK set an attribute if the super admin is logged to administrate
31 // the server and not an hosted site.
32 // 30.04.2001 AK administrative log settings are now only available on server
33 // mode, because they are not sites-specific.
34 // 16.05.2001 NK DisplayMenu handle default site created at install.
35 // 12.06.2001 NK added jef files management
36 //
37 //
38
39 package org.jahia.bin;
40
41 import java.io.IOException ;
42 import java.io.OutputStreamWriter ;
43 import java.io.PrintWriter ;
44 import java.io.StringWriter ;
45 import java.net.URLDecoder ;
46 import java.util.Collections ;
47 import java.util.Locale ;
48 import java.util.Properties ;
49 import java.util.Vector ;
50
51 import javax.servlet.ServletConfig ;
52 import javax.servlet.ServletContext ;
53 import javax.servlet.ServletException ;
54 import javax.servlet.ServletOutputStream ;
55 import javax.servlet.http.HttpServletRequest ;
56 import javax.servlet.http.HttpServletResponse ;
57 import javax.servlet.http.HttpSession ;
58
59 import org.apache.log4j.Logger;
60 import org.apache.struts.action.ActionServlet;
61 import org.jahia.admin.access.ViewAccess;
62 import org.jahia.admin.audit.ManageLogs;
63 import org.jahia.admin.categories.ManageCategories;
64 import org.jahia.admin.components.ManageComponents;
65 import org.jahia.admin.database.ManageDatabase;
66 import org.jahia.admin.homepages.ManageHomepages;
67 import org.jahia.admin.info.LicenseInfo;
68 import org.jahia.admin.jeffiles.ManageJefFile;
69 import org.jahia.admin.languages.ManageSiteLanguages;
70 import org.jahia.admin.pages.ManagePages;
71 import org.jahia.admin.search.ManageSearch;
72 import org.jahia.admin.server.ManageServer;
73 import org.jahia.admin.sites.ExtractDeploySite;
74 import org.jahia.admin.sites.ManageSites;
75 import org.jahia.admin.status.ManageStatus;
76 import org.jahia.admin.templates.ManageTemplates;
77 import org.jahia.admin.users.ManageGroups;
78 import org.jahia.admin.users.ManageUsers;
79 import org.jahia.data.JahiaData;
80 import org.jahia.exceptions.JahiaException;
81 import org.jahia.exceptions.JahiaOperationNotAllowedException;
82 import org.jahia.exceptions.JahiaPageNotFoundException;
83 import org.jahia.exceptions.JahiaSecurityException;
84 import org.jahia.exceptions.JahiaSessionExpirationException;
85 import org.jahia.exceptions.services.ServiceNotFoundException;
86 import org.jahia.params.AdminParamBean;
87 import org.jahia.params.ParamBean;
88 import org.jahia.registries.ServicesRegistry;
89 import org.jahia.resourcebundle.JahiaResourceBundle;
90 import org.jahia.security.license.DaysLeftValidator;
91 import org.jahia.security.license.Limit;
92 import org.jahia.services.cache.CacheFactory;
93 import org.jahia.services.database.ConnectionDispenser;
94 import org.jahia.services.pages.ContentPage;
95 import org.jahia.services.sites.JahiaSite;
96 import org.jahia.services.usermanager.JahiaGroup;
97 import org.jahia.services.usermanager.JahiaGroupManagerService;
98 import org.jahia.services.usermanager.JahiaUser;
99 import org.jahia.services.usermanager.JahiaUserManagerService;
100 import org.jahia.settings.SettingsBean;
101 import org.jahia.utils.JahiaChrono;
102 import org.jahia.utils.JahiaTools;
103 import org.jahia.utils.PathResolver;
104 import org.jahia.utils.WebAppPathResolver;
105 import org.jahia.utils.properties.PropertiesManager;
106
107 /**
108  * desc: This servlet handles all general administration tasks. it requires
109  * authentication as a member of the "admin" group (for the site currently
110  * used... or "superadmin" group on the site 0), and provides a management
111  * interface for general context property settings, database settings, sites,
112  * pages, users, user groups, application roles, components, templates and audit
113  * log settings.
114  *
115  * Copyright: Copyright (c) 2002 Company: Jahia Ltd
116  *
117  * @author Alexandre Kraft
118  * @version 1.0
119  */
120 public class JahiaAdministration extends ActionServlet implements JahiaInterface {
121     private static Logger logger = Logger.getLogger(JahiaAdministration.class);
122
123     private static ServletConfig config;
124     private static ServletContext context;
125     private static PathResolver pathResolver;
126
127     public static final String CLASS_NAME = "org.jahia.bin.JahiaAdministration";
128     public static final String JSP_PATH = "/jsp/jahia/administration/";
129     private static final int SUPERADMIN_SITE_ID = 0;
130     private static final long DAY_MILLIS = 1000L * 60L * 60L * 24L;
131     private static final Integer ADMIN_SITE_ID = new Integer (SUPERADMIN_SITE_ID);
132
133     private static ServicesRegistry sReg;
134     private static JahiaUserManagerService uMgr;
135     private static JahiaGroupManagerService gMgr;
136     private static String servletPath = null;
137
138     private String servletURI = null;
139     public static String installerURL = "";
140     private static SettingsBean jSettings;
141     private static String contentServletPath = null;
142
143     static private final String GET_REQUEST = "GET";
144     static private final String POST_REQUEST = "POST";
145
146     // static private final String CONFIG_PATH = "config_path";
147 static private final String INIT_PARAM_CONTENT_SERVLET_PATH = "content_servlet_path";
148
149     /** properties filename */
150     // static private final String PROPERTIES_FILENAME = "jahia.properties";
151 // -------------------------------------------------------------------------
152 /**
153      * Default init inherited from HttpServlet. This method set config and
154      * context static variables.
155      *
156      * @author Alexandre Kraft
157      *
158      * @param conf
159      * Servlet configuration (inherited).
160      */
161     public void init(ServletConfig conf) throws ServletException {
162         // get servlet config and context...
163 JahiaAdministration.config = conf;
164         JahiaAdministration.context = conf.getServletContext();
165         pathResolver = new WebAppPathResolver(context);
166
167         JahiaAdministration.contentServletPath = conf.getInitParameter(INIT_PARAM_CONTENT_SERVLET_PATH);
168         if (contentServletPath == null) {
169             logger.debug("Web app initialization parameter " + INIT_PARAM_CONTENT_SERVLET_PATH
170                     + " missing in web.xml deployment descriptor file, use default /Jahia/... ");
171             contentServletPath = "/Jahia/";
172         }
173
174     } // end init
175
176     /*
177      * (non-Javadoc)
178      *
179      * @see org.apache.struts.action.ActionServlet#destroy()
180      */
181     public void destroy() {
182         // do nothing
183 }
184
185     /**
186      * Default service inherited from HttpServlet.
187      *
188      * @author Alexandre Kraft
189      *
190      * @param request
191      * Servlet request (inherited).
192      * @param response
193      * Servlet response (inherited).
194      */
195     public void service(HttpServletRequest request, HttpServletResponse response) throws IOException , ServletException {
196         logger.debug("--[ " + request.getMethod() + " Request Start URI='" + request.getRequestURI() + "' query='"
197                 + request.getQueryString() + "'] --");
198
199         Jahia.setThreadParamBean(null);
200         Jahia.copySessionCookieToRootContext(request, response);
201
202         if (jSettings != null) {
203             if (jSettings.isUtf8Encoding()) {
204                 // bad browser, doesn't send character encoding :(
205 // we can force the encoding ONLY if we do this call before any
206 // getParameter() call is done !
207 request.setCharacterEncoding("UTF-8");
208             }
209         }
210
211         // get the current user session...
212 HttpSession session = request.getSession(true);
213
214         if (JahiaAdministration.servletPath == null) {
215             servletPath = request.getServletPath();
216         }
217
218         if (Jahia.isInitiated() && !Jahia.checkLockAccess(session)) {
219             session.setAttribute(CLASS_NAME + "jahiaDisplayMessage",
220                     "Sorry, Jahia is locked by a super admin. No more access allowed.");
221             displayLogin(request, response, session);
222             return;
223         }
224
225         // init host servlet URI
226 if (servletURI == null) {
227             this.servletURI = getServletURI(request, response);
228         }
229
230         // determine installation status...
231 if (Jahia.getJahiaPropertiesFileName() == null) { // jahia is not launched...
232 request.setAttribute("jahiaLaunch", "administration"); // call jahia to init and re-launch admin...
233 logger.debug("Redirecting to " + contentServletPath + " in order to init Jahia first ...");
234             doRedirect(request, response, session, contentServletPath);
235         } else { // jahia is running...
236 if (JahiaTools.checkFileExists(Jahia.getJahiaPropertiesFileName())) {
237                 PropertiesManager properties = new PropertiesManager(Jahia.getJahiaPropertiesFileName());
238                 installerURL = request.getContextPath() + properties.getProperty("jahiaEnginesDiskPath");
239
240                 // get the JahiaPrivate settings and config it with correct values
241 // change Jahia core http to JahiaAdministration instead of Jahia
242 jSettings = Jahia.getSettings();
243                 jSettings.setJahiaCoreHttpPath(this.servletURI);
244
245                 // set Jahia running mode to Admin
246 session.setAttribute(ParamBean.SESSION_JAHIA_RUNNING_MODE, new Integer (Jahia.ADMIN_MODE));
247                 logger.debug("Running mode : " + Jahia.ADMIN_MODE);
248
249                 if (Jahia.getCoreLicense() == null) {
250                     session.setAttribute(CLASS_NAME + "jahiaDisplayMessage", "Invalid License");
251                     displayLogin(request, response, session);
252                 } else {
253                     try {
254                         if (!handleEngines(request, response))
255                             userRequestDispatcher(request, response, session);
256                         ConnectionDispenser.terminateConnection();
257                         CacheFactory.getInstance().syncCachesNow();
258                     } catch (JahiaException je) {
259                         JahiaErrorDisplay.DisplayException(request, response, context, Jahia.getSettings(), je);
260                         ConnectionDispenser.abortConnection();
261                     } catch (Throwable t) {
262                         ConnectionDispenser.abortConnection();
263                     }
264                 }
265             } else {
266                 request.setAttribute("jahiaLaunch", "installation");
267                 doRedirect(request, response, session, contentServletPath);
268             }
269         }
270         Jahia.setThreadParamBean(null);
271         logger.debug("--[ " + request.getMethod() + " Request End ] --");
272     } // end service
273
274     public static String getServletPath() {
275         return servletPath;
276     }
277
278     /**
279      * Static method to generate URLs for the administration. This should be
280      * used by all JSPs and java code that is called by the administration.
281      *
282      * @param request
283      * the current request object, used to generate the context path
284      * part of the URL
285      *
286      * @param response
287      * the current response object, used to make a call to encodeURL
288      * to generate session information in the case that cookies
289      * cannot be used
290      * @param doAction
291      * a String representing the action we are linking to. This is
292      * then encoded as a ?do=doAction string
293      * @param extraQueryParams
294      * a string including any other parameters that will be directly
295      * appended after the doAction string. This is done because this
296      * way we offer the possibility to do an encodeURL over the whole
297      * string. Note that this string may be null.
298      *
299      * @return a String containing an URL with jsessionid generated and in the
300      * form : /contextPath/servletPath/?do=doActionextraQueryParams
301      */
302     public static String composeActionURL(HttpServletRequest request, HttpServletResponse response, String doAction,
303             String extraQueryParams) {
304         String internalDoAction = "";
305         String internalQueryParams = "";
306
307         if (doAction != null) {
308             internalDoAction = "/?do=" + doAction;
309         }
310
311         if (extraQueryParams != null) {
312             internalQueryParams = extraQueryParams;
313         }
314
315         return response.encodeURL(request.getContextPath() + getServletPath() + internalDoAction + internalQueryParams);
316     }
317
318     // -------------------------------------------------------------------------
319 /**
320      * This method is used like a dispatcher for user requests.
321      *
322      * @author Alexandre Kraft
323      * @param request
324      * Servlet request.
325      * @param response
326      * Servlet response.
327      * @param session
328      * Servlet session for the current user.
329      */
330     private void userRequestDispatcher(HttpServletRequest request, HttpServletResponse response, HttpSession session)
331             throws JahiaException {
332         String operation = request.getParameter("do");
333         if (operation == null)
334             operation = "";
335
336         ParamBean jParams = initAdminJahiaData(request, response, session);
337         request = jParams.getRequest();
338         response = jParams.getResponse();
339
340         try {
341             if (operation.equals("processlogin"))
342                 // operation : process login...
343 processLogin(request, response, session, null, null);
344             else if (null != request.getAttribute(JahiaConfigurationWizard.CLASS_NAME + ".directAdministration"))
345                 processLogin(request, response, session, (String ) request
346                         .getAttribute(JahiaConfigurationWizard.CLASS_NAME + ".rootName"), (String ) request
347                         .getAttribute(JahiaConfigurationWizard.CLASS_NAME + ".rootPass"));
348             else {
349                 Boolean accessGranted = (Boolean ) session.getAttribute(CLASS_NAME + "accessGranted");
350                 if (accessGranted == null)
351                     accessGranted = Boolean.FALSE;
352
353                 if (accessGranted.booleanValue()) {
354                     // authorize these methods only if it's a superadmin group
355 // member...
356 Boolean isSuperAdmin = (Boolean ) session.getAttribute(CLASS_NAME + "isSuperAdmin");
357                     boolean alreadyExited;
358                     if (isSuperAdmin.booleanValue()) {
359                         alreadyExited = true; // expect match
360 if (operation.equals("server"))
361                             // operation : server settings
362 new ManageServer(request, response, session);
363                         else if (operation.equals("categories"))
364                             // operation: categories management
365 new ManageCategories(request, response, session);
366                         else if (operation.equals("database"))
367                             // operation: database management
368 new ManageDatabase(request, response, session, pathResolver);
369                         else if (operation.equals("sites"))
370                             // operation: sites management
371 new ManageSites(request, response, session, context);
372                         else if (operation.equals("jeffile"))
373                             // operation : jef files management
374 new ManageJefFile(request, response, session);
375                         else if (operation.equals("extdepsite"))
376                             // operation: site extract/deploy management
377 new ExtractDeploySite(request, response, session, pathResolver);
378                         else if (operation.equals("switch"))
379                             // operation: switch management mode (server, sites)
380 switchModeAction(request, response, session);
381                         else if (operation.equals("logs"))
382                             // operation : audit log management
383 new ManageLogs(request, response, session);
384                         else if (operation.equals("info"))
385                             // operation : display license info
386 new LicenseInfo(request, response, session);
387                         else if ("status".equals(operation))
388                             // operation: display server statistics
389 new ManageStatus(request, response, session);
390                         else
391                             alreadyExited = false;
392                     } else
393                         alreadyExited = false;
394
395                     if (!alreadyExited) {
396                         // authorize these methods for all admins and
397 // superadmins...
398 if (operation.equals("users"))
399                             // operation: users management
400 new ManageUsers(request, response, session);
401                         else if (operation.equals("groups"))
402                             // operation: groups management
403 new ManageGroups(request, response, session);
404                         else if (operation.equals("pages"))
405                             // operation : pages management
406 new ManagePages(request, response, session);
407                         else if (operation.equals("components"))
408                             // operation: components management
409 new ManageComponents(request, response, session);
410                         else if (operation.equals("templates"))
411                             // operation:templates management
412 new ManageTemplates(request, response, session, context);
413                         else if (operation.equals("search"))
414                             // operation: search engine management
415 // Use response response wrapper to ensure correct
416 // handling of
417 // Application fields output to the response
418 // @todo: Should be applied to other Admin tools
419 // too?
420 new ManageSearch(request, response, session, context);
421                         else if (operation.equals("homepages"))
422                             // operation: homepages management
423 new ManageHomepages(request, response, session, context);
424                         else if (operation.equals("change"))
425                             // operation: change site id to manage
426 changeSite(request, response, session);
427                         else if (operation.equals("access"))
428                             // operation: display license info
429 new ViewAccess(request, response, session);
430                         else if (operation.equals("siteLanguages"))
431                             // operation: display license info
432 new ManageSiteLanguages(request, response, session);
433                         else
434                             // in case when an unknown operation is requested...
435 displayMenu(request, response, session);
436                     }
437                 }
438                 // the user don't currently have a granted access...
439 else if (isValidLoginSession(session))
440                     displayMenu(request, response, session);
441                 else
442                     displayLogin(request, response, session);
443             }
444         } catch (Throwable ex) {
445             if (ex instanceof Error )
446                 throw (Error ) ex;
447             if (ex instanceof JahiaException)
448                 throw (JahiaException) ex;
449             int severety = JahiaException.ERROR_SEVERITY;
450             if (ex instanceof RuntimeException )
451                 severety = JahiaException.CRITICAL_SEVERITY;
452             throw new JahiaException("Technical Exception", "Technical Exception", JahiaException.SERVICE_ERROR,
453                     severety, ex);
454         }
455     } // end userRequestDispatcher
456
457     // -------------------------------------------------------------------------
458 /**
459      * Forward servlet request and servlet response objects, using the request
460      * dispatcher contained in the context. Please be careful: use only context
461      * relative path.
462      *
463      * @author Alexandre Kraft
464      * @param request
465      * Servlet request.
466      * @param response
467      * Servlet response.
468      * @param destination
469      * Context relative path where you want to go.
470      */
471     public synchronized static void doRedirect(HttpServletRequest request, HttpServletResponse response,
472             HttpSession session, String destination) throws IOException , ServletException {
473         JahiaData jData = (JahiaData) request.getAttribute(JahiaData.JAHIA_DATA);
474         ParamBean jParams = null;
475         if (jData != null)
476             jParams = jData.params();
477
478         if (session.getAttribute(CLASS_NAME + "jahiaDisplayMessage") == null) {
479             String msg = JahiaResourceBundle
480                     .getAdminResource("org.jahia.admin.copyright", jParams, jParams.getLocale());
481             session.setAttribute(CLASS_NAME + "jahiaDisplayMessage", msg);
482             request.setAttribute("jahiaDisplayMessage", msg);
483         } else {
484             request.setAttribute("jahiaDisplayMessage", session.getAttribute(CLASS_NAME + "jahiaDisplayMessage"));
485         }
486
487         request.setAttribute("URL", installerURL);
488         request.setAttribute("requestURI", request.getRequestURI());
489
490         if (request.getAttribute("title") == null)
491             request.setAttribute("title", "no title");
492
493         // set browser response content type
494 Locale defaultLocale = (Locale ) session.getAttribute(ParamBean.SESSION_LOCALE);
495         if (defaultLocale == null) {
496             if (request.getLocale() != null)
497                 defaultLocale = request.getLocale();
498             else
499                 defaultLocale = Locale.ENGLISH;
500         }
501
502         String contentTypeStr = "text/html;charset=";
503         String charEncoding = Jahia.getSettings().getDefaultResponseBodyEncoding();
504
505         contentTypeStr = contentTypeStr + charEncoding;
506
507         request.setAttribute("content-type", contentTypeStr);
508
509         // response no-cache headers...
510 response.setHeader("Pragma", "no-cache");
511         response.setHeader("Cache-Control", "no-cache");
512         response.setDateHeader("Expires", 0);
513
514         if (jData != null) {
515             jParams = jData.getParamBean();
516             try {
517                 String htmlContent = ServicesRegistry.getInstance().getJahiaFetcherService().fetchServlet(jParams,
518                         destination);
519
520                 if (jParams.getRedirectLocation() != null) {
521                     logger.debug("sendRedirect call detected during output generation, no other output...");
522                     if (!response.isCommitted()) {
523                         response.sendRedirect(response.encodeRedirectURL(jParams.getRedirectLocation()));
524                     }
525                 } else {
526                     /**
527                      * @todo we should really find a more elegant way to handle
528                      * this case, especially when handling a file manager
529                      * download that has already accessed the RealResponse
530                      * object.
531                      */
532                     if (!response.isCommitted()) {
533                         logger.debug("Printing content output to real writer");
534                         if (contentTypeStr != null) {
535                             response.setContentType(contentTypeStr);
536                         }
537                         ServletOutputStream outputStream = response.getOutputStream();
538                         OutputStreamWriter streamWriter = new OutputStreamWriter (outputStream);
539                         streamWriter = new OutputStreamWriter (outputStream, charEncoding);
540                         streamWriter.write(htmlContent, 0, htmlContent.length());
541                         streamWriter.flush();
542                     } else {
543                         logger.debug("Output has already been committed, aborting display...");
544                     }
545                 }
546             } catch (JahiaException je) {
547                 StringWriter strWriter = new StringWriter ();
548                 PrintWriter ptrWriter = new PrintWriter (strWriter);
549                 logger.debug("Error while redirecting", je);
550
551                 ptrWriter.println("Exception in doRedirect");
552                 je.printStackTrace(ptrWriter);
553
554                 Throwable t = je.getRootCause();
555                 if (t != null) {
556                     ptrWriter.println("Root cause Exception");
557                     t.printStackTrace(ptrWriter);
558                 }
559
560                 logger.debug(strWriter.toString());
561             }
562         } else {
563             config.getServletContext().getRequestDispatcher(destination).forward(request, response);
564         }
565     } // end doRedirect
566
567     // -------------------------------------------------------------------------
568 /**
569      * Display the login page, using doRedirect().
570      *
571      * @author Alexandre Kraft
572      * @param request
573      * Servlet request.
574      * @param response
575      * Servlet response.
576      * @param session
577      * Servlet session for the current user.
578      */
579     private void displayLogin(HttpServletRequest request, HttpServletResponse response, HttpSession session)
580             throws IOException , ServletException {
581         // retrieve previous form values...
582 String jahiaLoginUsername = (String ) request.getAttribute(CLASS_NAME + "jahiaLoginUsername");
583
584         // set default values (if necessary)...
585 if (jahiaLoginUsername == null)
586             jahiaLoginUsername = "";
587
588         // set request attributes...
589 request.setAttribute("jahiaLoginUsername", jahiaLoginUsername);
590         request.setAttribute("redirectTo", request.getRequestURI() + "?" + request.getQueryString());
591
592         doRedirect(request, response, session, JSP_PATH + "login.jsp");
593     } // end displayLogin
594
595     // -------------------------------------------------------------------------
596 /**
597      * Process and check validity of inputs from the login page.
598      *
599      * @author Alexandre Kraft
600      * @param request
601      * Servlet request.
602      * @param response
603      * Servlet response.
604      * @param session
605      * Servlet session for the current user.
606      * @param rootName
607      * String containing root username fo bypass login.
608      * @param rootPass
609      * String containing root password fo bypass login.
610      * @todo FIXME we need to change this so that siteadmins can also login,
611      * without accessing server settings. Actually a global implementation
612      * would grant permissions to each administration action.
613      */
614     private void processLogin(HttpServletRequest request, HttpServletResponse response, HttpSession session,
615             String rootName, String rootPass) throws IOException , ServletException {
616         logger.debug("processLogin started");
617
618         boolean loginError = true;
619         String jahiaLoginUsername;
620         String jahiaLoginPassword;
621
622         JahiaUser theUser = null;
623         JahiaGroup theGroup = null;
624
625         // get form values...
626 if (rootName == null && rootPass == null) {
627             jahiaLoginUsername = request.getParameter("login_username");
628             jahiaLoginPassword = request.getParameter("login_password");
629         } else {
630             jahiaLoginUsername = rootName;
631             jahiaLoginPassword = rootPass;
632         }
633
634         String redirectTo = request.getParameter("redirectTo");
635         if (redirectTo != null && request.getCharacterEncoding() != null)
636             redirectTo = URLDecoder.decode(redirectTo, request.getCharacterEncoding());
637
638         // get references to user manager and group manager...
639 sReg = ServicesRegistry.getInstance();
640         if (sReg != null) {
641             uMgr = sReg.getJahiaUserManagerService();
642             gMgr = sReg.getJahiaGroupManagerService();
643         }
644
645         // check form validity...
646 if (uMgr != null) {
647             theUser = uMgr.lookupUser(SUPERADMIN_SITE_ID, jahiaLoginUsername);
648
649             if (theUser == null)
650                 logger.debug("User " + jahiaLoginUsername + " not found ");
651
652             theGroup = gMgr.getAdministratorGroup(SUPERADMIN_SITE_ID);
653
654             if (theUser != null) {
655                 if (theUser.verifyPassword(jahiaLoginPassword)) {
656                     if (theGroup.isMember(theUser)) {
657                         loginError = false;
658                         session.setAttribute(CLASS_NAME + "adminUsername", theUser.getUsername());
659                         logger.debug("Login granted: " + jahiaLoginUsername + " entered correct password.");
660                     } else {
661                         String dspMsg = JahiaResourceBundle.getMessageResource(
662                                 "org.jahia.bin.JahiaConfigurationWizard.JahiaDisplayMessage.isntadministrator1.label",
663                                 request.getLocale())
664                                 + " "
665                                 + jahiaLoginUsername
666                                 + " "
667                                 + JahiaResourceBundle
668                                         .getMessageResource(
669                                                 "org.jahia.bin.JahiaConfigurationWizard.JahiaDisplayMessage.isntadministrator2.label",
670                                                 request.getLocale());
671                         request.setAttribute(JahiaAdministration.CLASS_NAME + "jahiaDisplayMessage", dspMsg);
672                         JahiaException je = new JahiaException("JahiaAdministration", "Login Error: User "
673                                 + jahiaLoginUsername + " is not an administrator.", JahiaException.SECURITY_ERROR,
674                                 JahiaException.WARNING_SEVERITY);
675                         logger.error("Error:", je);
676                     }
677                 } else {
678                     String dspMsg = JahiaResourceBundle.getMessageResource(
679                             "org.jahia.bin.JahiaConfigurationWizard.JahiaDisplayMessage.logininvalid.label", request
680                                     .getLocale());
681                     request.setAttribute(JahiaAdministration.CLASS_NAME + "jahiaDisplayMessage", dspMsg);
682                     JahiaException je = new JahiaException("JahiaAdministration", "Login Error: User "
683                             + jahiaLoginUsername + " entered bad password.", JahiaException.SECURITY_ERROR,
684                             JahiaException.WARNING_SEVERITY);
685                     logger.error("Error:", je);
686                 }
687             }
688         }
689
690         if (!loginError) { // access granted...
691 // i lookup user on the superadmin group. so... only a super admin can arrive on this set attribute :o)
692 session.setAttribute(CLASS_NAME + "isSuperAdmin", Boolean.TRUE);
693             session.setAttribute(CLASS_NAME + "manageSiteID", ADMIN_SITE_ID);
694             session.setAttribute(CLASS_NAME + "accessGranted", Boolean.TRUE);
695             session.setAttribute(CLASS_NAME + "jahiaLoginUsername", jahiaLoginUsername);
696             session.setAttribute(CLASS_NAME + "jahiaLoginPassword", jahiaLoginPassword);
697             session.setAttribute(CLASS_NAME + "configJahia", Boolean.TRUE);
698             session.setAttribute(ParamBean.SESSION_USER, theUser);
699             if (redirectTo == null) {
700                 displayMenu(request, response, session);
701             } else {
702                 logger.debug("Should redirect to : " + redirectTo + " but not yet implemented.");
703                 /**
704                  * @todo not implemented fully for the moment, let's just
705                  * display menu
706                  */
707                 displayMenu(request, response, session);
708             }
709         } else { // access failed...
710 session.setAttribute(CLASS_NAME + "isSuperAdmin", Boolean.FALSE);
711             session.setAttribute(CLASS_NAME + "accessGranted", Boolean.FALSE);
712             session.setAttribute(CLASS_NAME + "configJahia", Boolean.FALSE);
713             request.setAttribute(CLASS_NAME + "jahiaLoginUsername", jahiaLoginUsername);
714             displayLogin(request, response, session);
715         }
716     } // end processLogin
717
718     // -------------------------------------------------------------------------
719 /**
720      * Display the administration menu, using doRedirect().
721      *
722      * @author Alexandre Kraft
723      * @author Khue Nguyen
724      * @param request
725      * Servlet request.
726      * @param response
727      * Servlet response.
728      * @param session
729      * Servlet session for the current user.
730      */
731     public static void displayMenu(HttpServletRequest request, HttpServletResponse response, HttpSession session)
732             throws IOException , ServletException {
733         boolean profileCapability = false;
734         Vector grantedSites = new Vector ();
735         JahiaUser theUser = null;
736
737         logger.debug("started ");
738         JahiaSite theSite = (JahiaSite) session.getAttribute(ParamBean.SESSION_SITE);
739
740         if (theSite == null) {
741             logger.debug("session site is null ! ");
742         } else {
743             // try to get site from cache
744 try {
745                 theSite = sReg.getJahiaSitesService().getSiteByKey(theSite.getSiteKey());
746             } catch (Exception e) {
747                 logger.debug(e.getMessage(), e);
748                 theSite = null;
749             }
750         }
751
752         // get sites where the user has an admin access...
753 try {
754             theUser = (JahiaUser) session.getAttribute(ParamBean.SESSION_USER);
755             if (theUser != null) {
756                 grantedSites = ServicesRegistry.getInstance().getJahiaGroupManagerService().getAdminGrantedSites(
757                         theUser);
758             }
759         } catch (Exception e) {
760             logger.debug(e.getMessage(), e);
761         }
762
763         if (grantedSites == null) {
764             logger.debug("can not admin any site at all !!! ");
765             grantedSites = new Vector ();
766         } else {
767             Locale defaultLocale = (Locale ) session.getAttribute(ParamBean.SESSION_LOCALE);
768             if (defaultLocale != null) {
769                 Collections.sort(grantedSites, JahiaSite.getTitleComparator(defaultLocale));
770             } else {
771                 Collections.sort(grantedSites, JahiaSite.getTitleComparator());
772             }
773         }
774
775         if (theSite == null && grantedSites.size() > 0)
776             theSite = (JahiaSite) grantedSites.get(0);
777
778         // check if the user is created on this site...
779 if (theSite != null) {
780             if (theUser.getSiteID() == theSite.getID())
781                 profileCapability = true;
782
783             session.setAttribute(CLASS_NAME + "manageSiteID", new Integer (theSite.getID()));
784             session.setAttribute(ParamBean.SESSION_SITE, theSite);
785
786             try {
787                 initAdminJahiaData(request, response, session);
788             } catch (JahiaException je) {
789                 JahiaErrorDisplay.DisplayException(request, response, context, Jahia.getSettings(), je);
790                 return;
791             }
792         }
793
794         Limit daysLeftLimit = Jahia.getCoreLicense().getLimit("maxUsageDays");
795         // the limit might be null if a license has been created without
796 // this limit.
797 if (daysLeftLimit != null) {
798             DaysLeftValidator daysLeftValidator = (DaysLeftValidator) daysLeftLimit.getValidator();
799             int maxDays = Integer.parseInt(daysLeftLimit.getValueStr());
800             long expirationTime = daysLeftValidator.getComponentInstallDate().getTime() + DAY_MILLIS * maxDays;
801             long nowTime = System.currentTimeMillis();
802             long timeLeft = expirationTime - nowTime;
803             if (timeLeft < 0)
804                 timeLeft = 0;
805             int daysLeft = (int) (timeLeft / DAY_MILLIS);
806             if (daysLeft <= 10)
807                 request.setAttribute("daysLeft", new Integer (daysLeft));
808         }
809
810         request.setAttribute("site", theSite);
811         request.setAttribute("sitesList", grantedSites);
812         request.setAttribute("siteID", session.getAttribute(CLASS_NAME + "manageSiteID"));
813         request.setAttribute("isSuperAdmin", session.getAttribute(CLASS_NAME + "isSuperAdmin"));
814         request.setAttribute("configJahia", session.getAttribute(CLASS_NAME + "configJahia"));
815         request.setAttribute("profileCapability", Boolean.valueOf(profileCapability));
816
817         doRedirect(request, response, session, JSP_PATH + "menu.jsp");
818     } // end displayMenu
819
820     // -------------------------------------------------------------------------
821 /**
822      * Change the site you want to administrate. After, display the menu again.
823      *
824      * @author Alexandre Kraft
825      * @param request
826      * Servlet request.
827      * @param response
828      * Servlet response.
829      * @param session
830      * Servlet session for the current user.
831      */
832     public static void changeSite(HttpServletRequest request, HttpServletResponse response, HttpSession session)
833             throws IOException , ServletException {
834         String newSiteID = request.getParameter("changesite");
835         int siteID = Integer.parseInt(newSiteID);
836
837         // check if the user has really admin access to this site...
838 JahiaUser theUser = (JahiaUser) session.getAttribute(ParamBean.SESSION_USER);
839         JahiaGroup group = ServicesRegistry.getInstance().getJahiaGroupManagerService().getAdministratorGroup(siteID);
840
841         JahiaSite currentSite = null;
842
843         if (group != null && !group.isMember(theUser)) {
844             // System.out.println(" --> no admin access on this site <--");
845 currentSite = (JahiaSite) session.getAttribute(ParamBean.SESSION_SITE);
846             siteID = currentSite.getID();
847         } else {
848             try {
849                 currentSite = ServicesRegistry.getInstance().getJahiaSitesService().getSite(siteID);
850                 session.setAttribute(ParamBean.SESSION_SITE, currentSite);
851             } catch (JahiaException je) {
852                 String dspMsg = JahiaResourceBundle.getMessageResource(
853                         "org.jahia.bin.JahiaConfigurationWizard.JahiaDisplayMessage.logininvalid.label", request
854                                 .getLocale());
855                 request.setAttribute(JahiaAdministration.CLASS_NAME + "jahiaDisplayMessage", dspMsg);
856             }
857         }
858
859         // set the new site id to administrate...
860 request.setAttribute("site", currentSite);
861         session.setAttribute(CLASS_NAME + "manageSiteID", new Integer (siteID));
862
863         displayMenu(request, response, session);
864     } // end changeSite
865
866     // -------------------------------------------------------------------------
867 /**
868      * Change the management mode, between sites and server. After, display the
869      * menu again.
870      *
871      * @author Alexandre Kraft
872      * @param request
873      * Servlet request.
874      * @param response
875      * Servlet response.
876      * @param session
877      * Servlet session for the current user.
878      */
879     public static void switchModeAction(HttpServletRequest request, HttpServletResponse response, HttpSession session)
880             throws IOException , ServletException {
881         logger.debug("switchModeAction started");
882
883         String mode = request.getParameter("mode");
884
885         if ("server".equals(mode)) {
886             // check if the user has really superadmin access...
887 JahiaUser theUser = (JahiaUser) session.getAttribute(ParamBean.SESSION_USER);
888             JahiaGroup theGroup = gMgr.getAdministratorGroup(SUPERADMIN_SITE_ID);
889             if (theGroup != null && theGroup.isMember(theUser))
890                 session.setAttribute(CLASS_NAME + "configJahia", Boolean.TRUE);
891         } else
892             session.setAttribute(CLASS_NAME + "configJahia", Boolean.FALSE);
893
894         displayMenu(request, response, session);
895     } // end switchModeAction
896
897     // -------------------------------------------------------------------------
898 /**
899      * Checks if a login session passed from Jahia is valid for silent login to
900      * JahiaAdministration
901      *
902      * @author Mikhael Janson
903      * @author Alexandre Kraft
904      * @param session
905      * the HttpSession object
906      * @return <code>true</code> if the user can access to administration,
907      * <code>false</code> otherwise.
908      */
909     protected static boolean isValidLoginSession(HttpSession session) {
910         logger.debug("isValidatingLoginSession started");
911
912         boolean isValid = false;
913         boolean isSuperAdmin = false;
914
915         try {
916             // get references to user manager and group manager...
917 sReg = ServicesRegistry.getInstance();
918             if (sReg != null) {
919                 uMgr = sReg.getJahiaUserManagerService();
920                 gMgr = sReg.getJahiaGroupManagerService();
921             }
922
923             JahiaUser theUser = (JahiaUser) session.getAttribute(ParamBean.SESSION_USER);
924             JahiaSite theSite = (JahiaSite) session.getAttribute(ParamBean.SESSION_SITE);
925
926             if (theUser != null) {
927                 if (theSite == null) {
928                     logger.debug("Site under \"" + ParamBean.SESSION_SITE
929                             + "\" is null, looking for any granted site...");
930
931                     Vector grantedSites = gMgr.getAdminGrantedSites(theUser);
932
933                     if (grantedSites.size() != 0) {
934                         theSite = (JahiaSite) grantedSites.get(0);
935                         session.setAttribute(ParamBean.SESSION_SITE, theSite);
936                     }
937                 }
938
939                 if (theSite != null) {
940                     String username = theUser.getUsername();
941                     JahiaGroup theGroup = gMgr.getAdministratorGroup(theSite.getID());
942                     if (theGroup.isMember(theUser)) {
943                         // check if the user is a super admin or not...
944 JahiaGroup superAdminGroup = gMgr.getAdministratorGroup(SUPERADMIN_SITE_ID);
945                         if (superAdminGroup.isMember(theUser)) {
946                             isSuperAdmin = true;
947                         }
948                         session.setAttribute(CLASS_NAME + "isSuperAdmin", Boolean.valueOf(isSuperAdmin));
949                         session.setAttribute(CLASS_NAME + "manageSiteID", new Integer (theSite.getID()));
950                         session.setAttribute(CLASS_NAME + "accessGranted", Boolean.TRUE);
951                         session.setAttribute(CLASS_NAME + "adminUsername", username);
952                         session.setAttribute(CLASS_NAME + "jahiaLoginUsername", username);
953
954                         logger.debug("Silent login granted: user " + username + " has valid login session.");
955                         isValid = true;
956                     } else {
957                         logger.debug("Couldn't validate login session for: " + username);
958                     }
959                 }
960             }
961             // else if (theUser.isRoot())
962 // {
963 // session.setAttribute(CLASS_NAME + "isSuperAdmin", Boolean.TRUE);
964 // session.setAttribute(CLASS_NAME + "manageSiteID", new
965 // Integer(0));
966 // session.setAttribute(CLASS_NAME + "accessGranted", Boolean.TRUE);
967 // session.setAttribute(CLASS_NAME + "adminUsername",
968 // theUser.getUsername());
969 // session.setAttribute(CLASS_NAME + "jahiaLoginUsername",
970 // theUser.getUsername());
971 // }
972 } catch (Exception e) {
973             logger.debug(e.getMessage(), e);
974         }
975         return isValid;
976     } // end isValidLoginSession
977
978     // -------------------------------------------------------------------------
979 /**
980      * Handles engine calls within JahiaAdministration Servlet
981      *
982      * @param request
983      * @param response
984      * @return boolean true if the request is effectively a engine call.
985      * @author Khue NGuyen
986      */
987     protected boolean handleEngines(HttpServletRequest request, HttpServletResponse response) throws IOException ,
988             ServletException {
989         String pathInfo = request.getPathInfo();
990         if (pathInfo == null)
991             return false;
992         if (pathInfo.indexOf("engineName") == -1)
993             return false;
994
995         // start the chrono...
996 long startTime = JahiaChrono.getInstance().start();
997
998         // get the main http method...
999 String requestMethod = request.getMethod();
1000        int intRequestMethod = 0;
1001        if (requestMethod.equals(GET_REQUEST))
1002            intRequestMethod = ParamBean.GET_METHOD;
1003        else if (requestMethod.equals(POST_REQUEST))
1004            intRequestMethod = ParamBean.POST_METHOD;
1005
1006        logger.debug("------------------------------------------------------- NEW " + requestMethod + " REQUEST ---");
1007
1008        // create the parambean (jParams)...
1009 ParamBean jParams = null;
1010
1011        try {
1012            jParams = new ParamBean(request, response, context, jSettings, startTime, intRequestMethod);
1013
1014            if (jParams == null) {
1015                throw new JahiaException(CLASS_NAME + ".handleEngine", "ParamBean is null",
1016                        JahiaException.ERROR_SEVERITY, JahiaException.CRITICAL_SEVERITY);
1017            }
1018            request.setAttribute("org.jahia.params.ParamBean", jParams);
1019            process(request, response);
1020            /*
1021             * OperationManager operations = new OperationManager();
1022             * operations.handleOperations (jParams, jSettings);
1023             */
1024
1025            // display time
1026 if (jParams.getUser() != null) {
1027                if (logger.isDebugEnabled())
1028                    logger.debug("Served " + jParams.getEngine() + " engine for user "
1029                            + jParams.getUser().getUsername() + " from [" + jParams.getRequest().getRemoteAddr()
1030                            + "] in [" + JahiaChrono.getInstance().read(jParams.getStartTime()) + "ms]");
1031            }
1032            jParams = null;
1033
1034            // PAGE NOT FOUND EXCEPTION
1035 } catch (JahiaPageNotFoundException ex) {
1036            logger.debug(ex.getJahiaErrorMsg(), ex);
1037            JahiaErrorDisplay.DisplayException(request, response, getServletContext(), jSettings, ex);
1038        }
1039        // SECURITY EXCEPTION
1040 catch (JahiaSecurityException ex) {
1041            logger.debug("A Security error occured -> request ignored.", ex);
1042            JahiaErrorDisplay.DisplayException(request, response, getServletContext(), jSettings, ex);
1043        }
1044        // SESSION EXPIRATION
1045 catch (JahiaSessionExpirationException ex) {
1046            logger.debug("Null session -> session expiration -> request ignored.", ex);
1047            JahiaErrorDisplay.DisplayException(request, response, getServletContext(), jSettings, ex);
1048        }
1049
1050        // OPERATION NOT ALLOWED
1051 catch (JahiaOperationNotAllowedException ex) {
1052            logger.debug(ex.getJahiaErrorMsg(), ex);
1053            JahiaErrorDisplay.DisplayException(request, response, getServletContext(), jSettings, ex);
1054        }
1055
1056        // SERVICE EXCEPTIONS
1057 catch (ServiceNotFoundException ex) {
1058            logger.debug(ex.getJahiaErrorMsg(), ex);
1059            JahiaErrorDisplay.DisplayException(request, response, getServletContext(), jSettings, ex);
1060        }
1061
1062        // ALL OTHER JAHIA EXCEPTIONS
1063 catch (JahiaException je) {
1064            logger.debug("Error in " + requestMethod + " method -> BAILING OUT", je);
1065            // should redirect to an error page here
1066 JahiaErrorDisplay.DisplayException(request, response, getServletContext(), jSettings, je);
1067        }
1068
1069        return true;
1070    }
1071
1072    // -------------------------------------------------------------------------
1073 /**
1074     * Returns a relative qualified request URL , i.e /JahiaAdministration.
1075     *
1076     * @param request
1077     * @param response
1078     * @author Khue NGuyen
1079     */
1080    private String getServletURI(HttpServletRequest request, HttpServletResponse response) {
1081        if (request == null)
1082            return "";
1083        String pathInfo = request.getPathInfo();
1084        String tempServletURI;
1085        if (pathInfo == null)
1086            tempServletURI = response.encodeURL(request.getRequestURI());
1087        else
1088            tempServletURI = response.encodeURL(request.getRequestURI().substring(0,
1089                    request.getRequestURI().indexOf(pathInfo)));
1090
1091        return tempServletURI;
1092    }
1093
1094    /**
1095     * Init a minimalistic JahiaData that is necessary to work with taglibs and
1096     * engines within JahiaAdministration servlet. The JahiaData only contains
1097     * the current site and the user, that is the current identified admin. The
1098     * page is null and fields set and containers set are not build. The
1099     * JahiaData is then stored in the request as the attribute :
1100     * "org.jahia.data.JahiaData"
1101     *
1102     * @param request
1103     * @param response
1104     * @param session
1105     * @author Khue NGuyen
1106     */
1107    public static ParamBean initAdminJahiaData(HttpServletRequest request, HttpServletResponse response,
1108            HttpSession session) throws JahiaException {
1109        JahiaSite site = (JahiaSite) session.getAttribute(ParamBean.SESSION_SITE);
1110        ParamBean jParams = Jahia.getThreadParamBean();
1111        if (jParams != null && (site == null || site.getID() == jParams.getSiteID())) {
1112            logger.debug("ParamBean already exists.");
1113            if (request.getAttribute(JahiaData.JAHIA_DATA) == null)
1114                request.setAttribute(JahiaData.JAHIA_DATA, new JahiaData(jParams, false));
1115            return jParams;
1116        }
1117        logger.debug("started");
1118
1119        JahiaUser user = (JahiaUser) session.getAttribute(ParamBean.SESSION_USER);
1120
1121        if (site == null) {
1122            // This can occurs when all sites has been deleted ...
1123 // create a fake site for JSP using taglibs
1124 JahiaSite fakeSite = new JahiaSite(-1, "", "", "", false, -1, "", null, new Properties ());
1125            site = fakeSite;
1126        }
1127        ContentPage contentPage = null;
1128
1129        Integer I = (Integer ) session.getAttribute(ParamBean.SESSION_LAST_REQUESTED_PAGE_ID);
1130        if (I != null) {
1131            try {
1132                contentPage = ServicesRegistry.getInstance().getJahiaPageService().lookupContentPage(I.intValue(),
1133                        false);
1134                if (contentPage.getJahiaID() != site.getID())
1135                    contentPage = site.getHomeContentPage(); // site has
1136 // changed , we
1137 // cannot use the old page
1138 } catch (Throwable t) {
1139                logger.debug(t.getMessage(), t);
1140            }
1141        } else {
1142            contentPage = site.getHomeContentPage();
1143        }
1144
1145        // start the chrono...
1146 long startTime = JahiaChrono.getInstance().start();
1147
1148        // get the main http method...
1149 String requestMethod = request.getMethod();
1150        int intRequestMethod = 0;
1151
1152        if (requestMethod.equals(GET_REQUEST))
1153            intRequestMethod = ParamBean.GET_METHOD;
1154        else if (requestMethod.equals(POST_REQUEST))
1155            intRequestMethod = ParamBean.POST_METHOD;
1156
1157        jParams = new AdminParamBean(request, response, context, jSettings, startTime, intRequestMethod, site, user,
1158                contentPage);
1159        Jahia.setThreadParamBean(jParams);
1160
1161        if (contentPage != null) {
1162            try {
1163                contentPage = ServicesRegistry.getInstance().getJahiaPageService().lookupContentPage(
1164                        contentPage.getID(), jParams.getEntryLoadRequest(), true);
1165            } catch (Throwable t) {
1166                logger.error(t.getMessage(), t);
1167            }
1168        }
1169        JahiaData jData = new JahiaData(jParams, false);
1170        jParams.changePage(contentPage);
1171
1172        request.setAttribute(JahiaData.JAHIA_DATA, jData);
1173        request.setAttribute("org.jahia.params.ParamBean", jParams);
1174        return jParams;
1175    }
1176
1177    /**
1178     * @param request
1179     * @param response
1180     * @throws IOException
1181     * @throws ServletException
1182     * @todo should call Struts' ActionServlet.process() method
1183     */
1184    public void process(HttpServletRequest request, HttpServletResponse response) throws IOException , ServletException {
1185        try {
1186            ParamBean jParams = (ParamBean) request.getAttribute("org.jahia.params.ParamBean");
1187            // Create a JahiaData without loaded containers and fields
1188 JahiaData jData = new JahiaData(jParams, false);
1189            jParams.getRequest().setAttribute(JahiaData.JAHIA_DATA, jData);
1190            super.process(jParams.getRequest(), jParams.getResponse());
1191        } catch (JahiaException je) {
1192            logger.debug(je.getMessage(), je);
1193        }
1194    }
1195} // end JahiaAdministratin
1196

A to Z: JavaDoc & Examples

---

Daily Java News & Articles

---

Open Source Projects

---

Open Source Codes

---

Free Computer Books

---

Remove Frame

---

Popular Tags