1 package org.tigris.scarab.actions; 2 3 48 49 import java.util.List ; 50 51 import org.apache.turbine.TemplateContext; 53 import org.apache.turbine.RunData; 54 55 import org.apache.fulcrum.security.TurbineSecurity; 56 import org.apache.turbine.tool.IntakeTool; 57 import org.apache.fulcrum.intake.model.Group; 58 import org.apache.fulcrum.security.util.DataBackendException; 59 import org.apache.fulcrum.security.util.UnknownEntityException; 60 import org.apache.fulcrum.security.util.PasswordMismatchException; 61 import org.apache.fulcrum.security.util.TurbineSecurityException; 62 63 import org.tigris.scarab.tools.ScarabRequestTool; 65 import org.tigris.scarab.tools.ScarabLocalizationTool; 66 import org.tigris.scarab.tools.localization.L10NKeySet; 67 import org.tigris.scarab.tools.localization.L10NMessage; 68 import org.tigris.scarab.tools.localization.Localizable; 69 import org.tigris.scarab.util.AnonymousUserUtil; 70 import org.tigris.scarab.util.ScarabConstants; 71 import org.tigris.scarab.util.Log; 72 import org.tigris.scarab.om.ScarabUser; 73 import org.tigris.scarab.om.Module; 74 import org.tigris.scarab.actions.base.ScarabTemplateAction; 75 76 83 public class Login extends ScarabTemplateAction 84 { 85 88 public void doLogin(RunData data, TemplateContext context) 89 throws Exception 90 { 91 data.setACL(null); 92 IntakeTool intake = getIntakeTool(context); 93 if (intake.isAllValid() && checkUser(data, context)) 94 { 95 ScarabUser user = (ScarabUser)data.getUser(); 96 List userModules = user.getModules(); 97 if (userModules != null) 98 { 99 Module module = null; 100 if (userModules.size() == 2) 101 { 102 Module module1 = (Module)userModules.get(0); 103 Module module2 = (Module)userModules.get(1); 104 if (module1.isGlobalModule()) 105 { 106 module = module2; 107 } 108 else if (module2.isGlobalModule()) 109 { 110 module = module1; 111 } 112 } 113 if (module != null || userModules.size() == 1) 114 { 115 ScarabRequestTool scarabR = getScarabRequestTool(context); 116 if (module == null) 117 { 118 module = (Module)userModules.get(0); 119 } 120 scarabR.setCurrentModule(module); 121 data.getParameters().remove(ScarabConstants.CURRENT_MODULE); 122 data.getParameters().add(ScarabConstants.CURRENT_MODULE, 123 module.getQueryKey()); 124 if ("SelectModule.vm".equals(data.getParameters() 125 .getString(ScarabConstants.NEXT_TEMPLATE))) 126 { 127 data.getParameters().remove(ScarabConstants.NEXT_TEMPLATE); 128 } 129 } 130 } 131 132 String template = data.getParameters() 133 .getString(ScarabConstants.NEXT_TEMPLATE, 134 "home,EnterNew.vm"); 135 setTarget(data, template); 136 } 137 } 138 139 142 public boolean checkUser(RunData data, TemplateContext context) 143 throws Exception 144 { 145 IntakeTool intake = getIntakeTool(context); 146 ScarabRequestTool scarabR = getScarabRequestTool(context); 147 ScarabLocalizationTool l10n = getLocalizationTool(context); 148 149 Group login = intake.get("Login", IntakeTool.DEFAULT_KEY); 150 String username = login.get("Username").toString(); 151 String password = login.get("Password").toString(); 152 153 ScarabUser user = null; 154 155 try 156 { 157 user = (ScarabUser) TurbineSecurity 159 .getAuthenticatedUser(username, password); 160 } 161 catch (UnknownEntityException e) 162 { 163 scarabR.setAlertMessage(L10NKeySet.InvalidUsernameOrPassword); 164 Log.get().info("Invalid login attempted: " + e.getMessage()); 165 return failAction(data, "Login.vm"); 166 } 167 catch (PasswordMismatchException e) 168 { 169 scarabR.setAlertMessage(L10NKeySet.InvalidUsernameOrPassword); 170 Log.get().debug("Password mis-match during login attempt: " 171 + e.getMessage()); 172 return failAction(data, "Login.vm"); 173 } 174 catch (DataBackendException e) 175 { 176 scarabR.setAlertMessage(L10NKeySet.ExceptionDatabaseGenericError); 177 Log.get().error("Error while attempting to log in", e); 178 return failAction(data, "Login.vm"); 179 } 180 181 try 182 { 183 if (user.getConfirmed().equals(ScarabUser.DELETED)){ 184 scarabR.setAlertMessage(L10NKeySet.UserIsDeleted); 185 Log.get().error("Deleted user attempting to log in"); 186 return failAction(data, "Login.vm"); 187 } 188 if (!user.isConfirmed()) 190 { 191 if (scarabR != null) 192 { 193 user = (ScarabUser) TurbineSecurity.getUserInstance(); 194 scarabR.setUser(user); 195 scarabR.setAlertMessage(L10NKeySet.UserIsNotConfirmed); 196 } 197 198 return failAction(data, "Confirm.vm"); 199 } 200 201 202 data.setUser(user); 204 user.setHasLoggedIn(Boolean.TRUE); 206 user.updateLastLogin(); 208 209 boolean userPasswordExpired = user.isPasswordExpired(); 211 if (userPasswordExpired) 212 { 213 if (scarabR != null) 214 { 215 user = (ScarabUser) TurbineSecurity.getUserInstance(); 216 scarabR.setUser(user); 217 scarabR.setAlertMessage(L10NKeySet.YourPasswordHasExpired); 218 } 219 220 221 setTarget(data, "ChangePassword.vm"); 222 data.save(); 224 return false; 225 } 226 227 user.setPasswordExpire(); 229 234 data.save(); 236 237 } 238 catch (TurbineSecurityException e) 239 { 240 Localizable msg = new L10NMessage(L10NKeySet.ExceptionTurbineGeneric,e); 241 scarabR.setAlertMessage(msg); 242 return failAction(data, "Login.vm"); 243 } 244 return true; 245 } 246 247 251 private boolean failAction(RunData data, String template) 252 throws DataBackendException, UnknownEntityException 253 { 254 AnonymousUserUtil.anonymousLogin(data); 256 setTarget(data, template); 257 return false; 258 } 259 260 263 public void doPerform(RunData data, TemplateContext context) 264 throws Exception 265 { 266 doLogin(data, context); 267 } 268 } 269 | Popular Tags |