HandleRoleRequests


1   package org.tigris.scarab.actions;
2   
3   /* ================================================================
4    * Copyright (c) 2000-2002 CollabNet.  All rights reserved.
5    *
6    * Redistribution and use in source and binary forms, with or without
7    * modification, are permitted provided that the following conditions are
8    * met:
9    *
10   * 1. Redistributions of source code must retain the above copyright
11   * notice, this list of conditions and the following disclaimer.
12   *
13   * 2. Redistributions in binary form must reproduce the above copyright
14   * notice, this list of conditions and the following disclaimer in the
15   * documentation and/or other materials provided with the distribution.
16   *
17   * 3. The end-user documentation included with the redistribution, if
18   * any, must include the following acknowlegement: "This product includes
19   * software developed by Collab.Net <http://www.Collab.Net/>."
20   * Alternately, this acknowlegement may appear in the software itself, if
21   * and wherever such third-party acknowlegements normally appear.
22   *
23   * 4. The hosted project names must not be used to endorse or promote
24   * products derived from this software without prior written
25   * permission. For written permission, please contact info@collab.net.
26   *
27   * 5. Products derived from this software may not use the "Tigris" or
28   * "Scarab" names nor may "Tigris" or "Scarab" appear in their names without
29   * prior written permission of Collab.Net.
30   *
31   * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
32   * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
33   * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
34   * IN NO EVENT SHALL COLLAB.NET OR ITS CONTRIBUTORS BE LIABLE FOR ANY
35   * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
36   * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
37   * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
38   * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER
39   * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
40   * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
41   * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
42   *
43   * ====================================================================
44   *
45   * This software consists of voluntary contributions made by many
46   * individuals on behalf of Collab.Net.
47   */
48  
49  import java.util.List  ;
50  import java.util.ArrayList  ;
51  import java.util.Arrays  ;
52  import java.util.Iterator  ;
53  
54  // Turbine Stuff
55  import org.apache.turbine.TemplateContext;
56  import org.apache.turbine.RunData;
57  
58  import org.apache.fulcrum.security.TurbineSecurity;
59  
60  // Scarab Stuff
61  import org.tigris.scarab.om.ScarabUser;
62  import org.tigris.scarab.om.ScarabModule;
63  import org.tigris.scarab.om.PendingGroupUserRole;
64  import org.tigris.scarab.tools.SecurityAdminTool;
65  import org.tigris.scarab.tools.ScarabRequestTool;
66  import org.tigris.scarab.tools.ScarabLocalizationTool;
67  import org.tigris.scarab.tools.localization.L10NMessage;
68  import org.tigris.scarab.tools.localization.L10NKeySet;
69  import org.tigris.scarab.tools.localization.Localizable;
70  import org.tigris.scarab.util.ScarabConstants;
71  import org.tigris.scarab.actions.base.RequireLoginFirstAction;
72  import org.tigris.scarab.util.EmailContext;
73  import org.tigris.scarab.util.Email;
74  import org.tigris.scarab.util.SimpleSkipFiltering;
75  import org.tigris.scarab.services.security.ScarabSecurity;
76  
77  /**
78   * This class is responsible for moderated self-serve role assignments
79   * within a particular module.
80   *
81   * @author <a HREF="mailto:jmcnally@collab.net">John McNally</a>
82   */
83  public class HandleRoleRequests extends RequireLoginFirstAction
84  {
85      public void doRequestroles(RunData data, TemplateContext context)
86          throws Exception  
87      {
88          String   template = getCurrentTemplate(data, null);
89          String   nextTemplate = getNextTemplate(data, template);
90          ScarabUser user = (ScarabUser)data.getUser();
91          SecurityAdminTool scarabA = getSecurityAdminTool(context);
92          ScarabRequestTool scarabR = getScarabRequestTool(context);
93          ScarabLocalizationTool l10n = getLocalizationTool(context);
94  
95          // List roles = scarabA.getNonRootRoles();
96          List   groups = scarabA.getNonMemberGroups(user);
97  
98          Iterator   gi = groups.iterator();
99  
100         String   autoApproveRoleSet=null;
101         String   waitApproveRoleSet=null;
102         
103         while (gi.hasNext()) 
104         {
105             ScarabModule module = ((ScarabModule)gi.next());
106             String  [] autoRoles = module.getAutoApprovedRoles();
107             String   role = data.getParameters().getString(module.getName());
108             if (role != null && role.length() > 0) 
109             {
110                 boolean autoApprove = Arrays.asList(autoRoles).contains(role);
111                 if (autoApprove) 
112                 {
113                     TurbineSecurity.grant(user, module, 
114                         TurbineSecurity.getRole(role));
115 
116                     autoApproveRoleSet = addToRoleSet(autoApproveRoleSet,module, role);
117                 }
118                 else 
119                 {
120                     try
121                     {
122                         sendNotification(module, user, role); 
123                     }
124                     catch(Exception   e)
125                     {
126                         L10NMessage l10nMessage = new L10NMessage(L10NKeySet.CouldNotSendNotification,e);
127                         scarabR.setAlertMessage(l10nMessage);
128                     } 
129 
130                     PendingGroupUserRole pend = new PendingGroupUserRole();
131                     pend.setGroupId(module.getModuleId());
132                     pend.setUserId(user.getUserId());
133                     pend.setRoleName(role);
134                     pend.save();
135                     
136                     waitApproveRoleSet = addToRoleSet(waitApproveRoleSet,module, role);
137                 }                
138             }
139         }
140 
141         if (autoApproveRoleSet != null)
142         {
143             SimpleSkipFiltering htmlSet = new SimpleSkipFiltering(autoApproveRoleSet+"<br>");
144             Localizable msg = new L10NMessage(L10NKeySet.RoleRequestGranted, htmlSet);
145             scarabR.setConfirmMessage(msg);                    
146         }
147 
148         if (waitApproveRoleSet != null)
149         {
150             SimpleSkipFiltering htmlSet = new SimpleSkipFiltering(waitApproveRoleSet+"<br>");
151             Localizable msg = new L10NMessage(L10NKeySet.RoleRequestAwaiting, htmlSet);
152             scarabR.setInfoMessage(msg);                    
153         }
154 
155         setTarget(data, nextTemplate);
156     }
157 
158     /**
159      * Add a role to the String representation of the list of
160      * roles (used later for display purposes).
161      * @param autoApproveRoleSet
162      * @param role
163      * @return
164      */
165     private String   addToRoleSet(String   roleSet, ScarabModule module, String   role)
166     {
167         String   result;
168         if(roleSet==null)
169         {
170             result = "<br> ";
171         }
172         else
173         {
174             result = roleSet + "<br> ";
175         }
176         result += module.getName()+":"+role;
177         return result;
178     }
179 
180     /**
181      * Helper method to retrieve the ScarabRequestTool from the Context
182      */
183     private SecurityAdminTool getSecurityAdminTool(TemplateContext context)
184     {
185         return (SecurityAdminTool)context
186             .get(ScarabConstants.SECURITY_ADMIN_TOOL);
187     }
188 
189     /**
190      * Send email notification about role request to all users which have the rights
191      * to approve the request. If those users include both users which have
192      * a role in the module, and those who don't (like global admin), only
193      * users with roles in the module are notified.
194      * Returns true if everything is OK, and false in case of error.
195      */
196     private void sendNotification(ScarabModule module, ScarabUser user, 
197                                   String   role)
198         throws Exception  
199     {
200         EmailContext econtext = new EmailContext();
201 
202         econtext.setModule(module);
203         econtext.setUser(user);
204         econtext.put("role", role);
205                 
206         // Who can approve this request?
207         List   approvers = Arrays.asList(module.
208             getUsers(ScarabSecurity.USER__APPROVE_ROLES));
209 
210         // Which potential approvers has any role in this module?
211         List   approversWithRole = new ArrayList  ();
212         for(Iterator   i = approvers.iterator(); i.hasNext();)
213         {
214             ScarabUser u = (ScarabUser)i.next();
215             if (u.hasAnyRoleIn(module))
216             {
217                 approversWithRole.add(u);
218             }
219         }
220 
221         // If some approvers have role in this module, sent email only to them.
222         if (!approversWithRole.isEmpty())
223         {
224             approvers = approversWithRole;
225         }
226 
227         Email.sendEmail(econtext, module, 
228                                "scarab.email.default", module.getSystemEmail(),
229                                approvers, null,
230                                "RoleRequest.vm");        
231     }
232 }
233 
234
A to Z: JavaDoc & Examples Daily Java News & Articles Open Source Projects Open Source Codes Free Computer Books Remove Frame
Popular Tags