KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > tigris > scarab > actions > admin > ManageUser


1 package org.tigris.scarab.actions.admin;
2
3 /* ================================================================
4  * Copyright (c) 2000-2003 CollabNet. All rights reserved.
5  *
6  * Redistribution and use in source and binary forms, with or without
7  * modification, are permitted provided that the following conditions are
8  * met:
9  *
10  * 1. Redistributions of source code must retain the above copyright
11  * notice, this list of conditions and the following disclaimer.
12  *
13  * 2. Redistributions in binary form must reproduce the above copyright
14  * notice, this list of conditions and the following disclaimer in the
15  * documentation and/or other materials provided with the distribution.
16  *
17  * 3. The end-user documentation included with the redistribution, if
18  * any, must include the following acknowlegement: "This product includes
19  * software developed by CollabNet <http://www.collab.net/>."
20  * Alternately, this acknowlegement may appear in the software itself, if
21  * and wherever such third-party acknowlegements normally appear.
22  *
23  * 4. The hosted project names must not be used to endorse or promote
24  * products derived from this software without prior written
25  * permission. For written permission, please contact info@collab.net.
26  *
27  * 5. Products derived from this software may not use the "Tigris" or
28  * "Scarab" names nor may "Tigris" or "Scarab" appear in their names without
29  * prior written permission of CollabNet.
30  *
31  * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
32  * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
33  * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
34  * IN NO EVENT SHALL COLLAB.NET OR ITS CONTRIBUTORS BE LIABLE FOR ANY
35  * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
36  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
37  * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
38  * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER
39  * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
40  * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
41  * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
42  *
43  * ====================================================================
44  *
45  * This software consists of voluntary contributions made by many
46  * individuals on behalf of CollabNet.
47  */
48
49
50 // JDK classes
51 import java.util.Calendar JavaDoc;
52 import java.util.List JavaDoc;
53
54 import org.apache.fulcrum.intake.model.Group;
55 import org.apache.fulcrum.security.TurbineSecurity;
56 import org.apache.fulcrum.security.entity.Role;
57 import org.apache.fulcrum.security.entity.User;
58 import org.apache.fulcrum.security.util.AccessControlList;
59 import org.apache.turbine.RunData;
60 import org.apache.turbine.TemplateContext;
61 import org.apache.turbine.tool.IntakeTool;
62 import org.tigris.scarab.actions.ForgotPassword;
63 import org.tigris.scarab.actions.base.RequireLoginFirstAction;
64 import org.tigris.scarab.om.ScarabUser;
65 import org.tigris.scarab.om.ScarabUserImpl;
66 import org.tigris.scarab.om.ScarabUserImplPeer;
67 import org.tigris.scarab.om.ScarabUserManager;
68 import org.tigris.scarab.tools.ScarabRequestTool;
69 import org.tigris.scarab.tools.localization.L10NKeySet;
70 import org.tigris.scarab.tools.localization.L10NMessage;
71 import org.tigris.scarab.tools.localization.Localizable;
72 import org.tigris.scarab.util.AnonymousUserUtil;
73 import org.tigris.scarab.util.Log;
74 import org.tigris.scarab.util.PasswordGenerator;
75 import org.tigris.scarab.util.ScarabConstants;
76
77
78 /**
79  * This class is responsible for dealing with the user management
80  * Action(s).
81  *
82  * @author <a HREF="mailto:dr@bitonic.com">Douglas B. Robertson</a>
83  * @author <a HREF="mailto:mpoeschl@martmot.at">Martin Poeschl</a>
84  * @version $Id: ManageUser.java 9738 2005-06-17 17:42:59Z jorgeuriarte $
85  */
86 public class ManageUser extends RequireLoginFirstAction
87 {
88     /**
89      * This manages clicking the Add User button
90      */
91     public void doAdduser(RunData data, TemplateContext context)
92         throws Exception JavaDoc
93     {
94         ScarabRequestTool scarabR = getScarabRequestTool(context);
95         String JavaDoc template = getCurrentTemplate(data, null);
96         String JavaDoc nextTemplate = getNextTemplate(data, template);
97         ScarabUser su = null;
98         
99         IntakeTool intake = getIntakeTool(context);
100         if (intake.isAllValid())
101         {
102             Object JavaDoc user = data.getUser()
103                 .getTemp(ScarabConstants.SESSION_REGISTER);
104             Group register = null;
105             if (user != null && user instanceof ScarabUser)
106             {
107                 register = intake.get("Register",
108                                       ((ScarabUser)user).getQueryKey(), false);
109             }
110             else
111             {
112                 register = intake.get("Register",
113                                       IntakeTool.DEFAULT_KEY, false);
114             }
115             
116             su = (ScarabUser) AnonymousUserUtil.getAnonymousUser();
117             su.setUserName(register.get("UserName").toString());
118             su.setFirstName(register.get("FirstName").toString());
119             su.setLastName(register.get("LastName").toString());
120             su.setEmail(register.get("Email").toString());
121             su.setPassword(register.get("Password").toString().trim());
122             
123             if (ScarabUserImplPeer.checkExists(su))
124             {
125                 setTarget(data, template);
126                 scarabR.setAlertMessage(L10NKeySet.UsernameExistsAlready);
127                 data.getParameters().setString("errorLast","true");
128                 data.getParameters().setString("state","showadduser");
129                 return;
130             }
131             
132             // if we got here, then all must be good...
133 try
134             {
135                 su.createNewUser();
136                 ScarabUserImpl.confirmUser(register.get("UserName").toString());
137                 // force the user to change their password the first time they login
138 su.setPasswordExpire(Calendar.getInstance());
139                 Localizable msg = new L10NMessage(L10NKeySet.UserCreated,register.get("UserName").toString());
140                 scarabR.setConfirmMessage(msg);
141                 data.getParameters().setString("state","showadduser");
142                 data.getParameters().setString("lastAction","addeduser");
143                 
144                 setTarget(data, nextTemplate);
145                 return;
146             }
147             catch (Exception JavaDoc e)
148             {
149                 setTarget(data, template);
150                 data.getParameters().setString("lastAction","");
151                 Localizable msg = new L10NMessage(L10NKeySet.ExceptionGeneric,e);
152                 scarabR.setAlertMessage (msg);
153                 Log.get().error(e);
154                 data.getParameters().setString("state","showadduser");
155                 return;
156             }
157         }
158         else
159         {
160             data.getParameters().setString("state","showadduser");
161             data.getParameters().setString("lastAction","");
162         }
163     }
164     
165     public void doEdituser(RunData data, TemplateContext context) throws Exception JavaDoc
166     {
167         ScarabRequestTool scarabR = getScarabRequestTool(context);
168         String JavaDoc template = getCurrentTemplate(data, null);
169         String JavaDoc nextTemplate = getNextTemplate(data, template);
170         ScarabUser su = null;
171         
172         IntakeTool intake = getIntakeTool(context);
173         if (intake.isAllValid())
174         {
175             Object JavaDoc user = data.getUser()
176                 .getTemp(ScarabConstants.SESSION_REGISTER);
177             Group register = null;
178             if (user != null && user instanceof ScarabUser)
179             {
180                 register = intake.get("Register",
181                                           ((ScarabUser)user).getQueryKey(), false);
182             }
183             else
184             {
185                 register = intake.get("Register",
186                                       IntakeTool.DEFAULT_KEY, false);
187             }
188             
189             
190             // if we got here, then all must be good...
191
192             String JavaDoc username = data.getParameters().getString("username");
193             su = (ScarabUser) TurbineSecurity.getUser(username);
194             try
195             {
196                 if ((su != null) && (register != null))
197                 {
198                     // update the first name, last name, email
199 // Turbine's security service does not allow
200 // changing the username, this is considered the
201 // defining info of a particular user. SCB197 is
202 // a request to make this information modifiable.
203 su.setFirstName(register.get("FirstName").toString());
204                     su.setLastName(register.get("LastName").toString());
205                     su.setEmail(register.get("Email").toString());
206                     su.setConfirmed(data.getParameters().getString("accountStatus"));
207                     ScarabUserManager.putInstance((ScarabUserImpl)su);
208                     TurbineSecurity.saveUser(su);
209                     
210                     //
211 // Fix: SCB1065
212 // I think this fix really belongs in Turbine, but
213 // I'm not going to touch that code. So here's a
214 // workaround.
215 //
216 User userInSession = data.getUser();
217                     if (userInSession.getUserName().equals(username))
218                     {
219                         //
220 // The current user is trying to modify their
221 // own details. Update the user object in the
222 // session with the new values otherwise the
223 // old ones will be saved back to the database
224 // when the user logs out, or the session times
225 // out.
226 //
227 userInSession.setFirstName(su.getFirstName());
228                         userInSession.setLastName(su.getLastName());
229                         userInSession.setEmail(su.getEmail());
230                         userInSession.setConfirmed(su.getConfirmed());
231                     }
232
233
234                     
235                     String JavaDoc password;
236                     String JavaDoc passwordConfirm;
237
238                     String JavaDoc generatePassword = data.getParameters().getString("generate-password");
239                     if(generatePassword!=null && generatePassword.equalsIgnoreCase("on"))
240                     {
241                         password = passwordConfirm = PasswordGenerator.generate();
242                     }
243                     else
244                     {
245                         password = register.get("NPassword").toString();
246                         passwordConfirm = register.get("NPasswordConfirm").toString();
247                     }
248                         
249                     if (!password.equals(""))
250                     {
251                         if (password.equals(passwordConfirm))
252                         {
253                             TurbineSecurity.forcePassword(su, password);
254                             su.setPasswordExpire(Calendar.getInstance());
255                             TurbineSecurity.saveUser(su);
256                             User me = data.getUser();
257                             try
258                             {
259                                 data.setUser(su);
260                                 ForgotPassword.sendNotificationEmail(context, su, password);
261                             }
262                             catch(Exception JavaDoc e)
263                             {
264                                 Localizable msg = new L10NMessage(L10NKeySet.ExceptionEmailFailure,e);
265                                 scarabR.setAlertMessage(msg);
266                             }
267                             data.setUser(me);
268                         }
269                         else
270                         /* !password.equals(passwordConfirm) */
271                         {
272                             scarabR.setAlertMessage(L10NKeySet.PasswordsDoNotMatch);
273                             return;
274                         }
275                     }
276                     
277                     
278                     
279                     Localizable msg = new L10NMessage(L10NKeySet.UserChangesSaved, username);
280                     scarabR.setConfirmMessage(msg);
281                     data.getParameters().setString("state", "showedituser");
282                     data.getParameters().setString("lastAction", "editeduser");
283                     
284                     setTarget(data, nextTemplate);
285                     return;
286                 }
287                 else
288                 {
289                     Localizable msg = new L10NMessage(L10NKeySet.UserNotRetrieved, username);
290                     scarabR.setAlertMessage(msg);
291                     data.getParameters().setString("state", "showedituser");
292                 }
293             }
294             catch (Exception JavaDoc e)
295             {
296                 setTarget(data, template);
297                 data.getParameters().setString("lastAction","");
298                 Localizable msg = new L10NMessage(L10NKeySet.ExceptionGeneric,e);
299                 scarabR.setAlertMessage (msg);
300                 Log.get().error(e);
301                 data.getParameters().setString("state","showedituser");
302                 return;
303             }
304         }
305         else
306         {
307             data.getParameters().setString("state","showedituser");
308             data.getParameters().setString("lastAction","");
309         }
310     }
311
312     public void doDeleteuser(RunData data, TemplateContext context)
313         throws Exception JavaDoc
314     {
315         ScarabRequestTool scarabR = getScarabRequestTool(context);
316         String JavaDoc template = getCurrentTemplate(data, null);
317         String JavaDoc nextTemplate = getNextTemplate(data, template);
318         User user = null;
319         String JavaDoc username = data.getParameters().getString("username");
320         User userInSession = data.getUser();
321         if (userInSession.getUserName().equals(username)){
322             scarabR.setAlertMessage(L10NKeySet.UserCanNotDeleteSelf);
323             return;
324         }
325         try
326         {
327             
328             user = TurbineSecurity.getUser(username);
329             user.setConfirmed(ScarabUser.DELETED);
330             TurbineSecurity.saveUser(user);
331             List JavaDoc lista = (List JavaDoc)data.getUser().getTemp("userList");
332             if (lista != null)
333                 lista.set(lista.indexOf(user), user);
334             
335             Localizable msg = new L10NMessage(L10NKeySet.UserDeleted, username);
336             scarabR.setConfirmMessage(msg);
337             data.getParameters().setString("state", "showedituser");
338             data.getParameters().setString("lastAction", "editeduser");
339             
340             setTarget(data, nextTemplate);
341             return;
342             
343            
344         }
345         catch (Exception JavaDoc e)
346         {
347             setTarget(data, template);
348             data.getParameters().setString("lastAction","");
349             Localizable msg = new L10NMessage(L10NKeySet.ExceptionGeneric,e);
350             scarabR.setAlertMessage (msg);
351             Log.get().error(e);
352             data.getParameters().setString("state","showedituser");
353             return;
354         }
355        
356     }
357     
358     
359     /**
360      * This manages clicking the 'Update Roles' button
361      */
362     public void doRoles(RunData data, TemplateContext context)
363         throws Exception JavaDoc
364     {
365         String JavaDoc username = data.getParameters().getString("username");
366         User user = TurbineSecurity.getUser(username);
367         
368         AccessControlList acl = TurbineSecurity.getACL(user);
369         
370         // Grab all the Groups and Roles in the system.
371 org.apache.fulcrum.security.entity.Group[] groups = TurbineSecurity.getAllGroups().getGroupsArray();
372         Role[] roles = TurbineSecurity.getAllRoles().getRolesArray();
373         
374         for (int i = 0; i < groups.length; i++)
375         {
376             String JavaDoc groupName = groups[i].getName();
377             
378             for (int j = 0; j < roles.length; j++)
379             {
380                 String JavaDoc roleName = roles[j].getName();
381                 String JavaDoc groupRole = groupName + roleName;
382                 
383                 String JavaDoc formGroupRole = data.getParameters().getString(groupRole);
384                 
385                 if (formGroupRole != null && !acl.hasRole(roles[j], groups[i]))
386                 {
387                     TurbineSecurity.grant(user, groups[i], roles[j]);
388                 }
389                 else if (formGroupRole == null && acl.hasRole(roles[j], groups[i]))
390                 {
391                     TurbineSecurity.revoke(user, groups[i], roles[j]);
392                 }
393             }
394         }
395     }
396     
397     // all the goto's (button redirects) are here
398
399     /**
400      *
401      */
402     public void doGotoedituser(RunData data, TemplateContext context)
403         throws Exception JavaDoc
404     {
405         String JavaDoc userName = data.getParameters().getString("username");
406         if ((userName != null) && (userName.length() > 0))
407         {
408             data.getParameters().setString("state","showedituser");
409             setTarget(data, "admin,EditUser.vm");
410         }
411         else
412         {
413             getScarabRequestTool(context).setAlertMessage(L10NKeySet.UserSelect);
414         }
415     }
416     
417     /**
418      *
419      */
420     public void doGotoeditroles(RunData data, TemplateContext context)
421         throws Exception JavaDoc
422     {
423         String JavaDoc userName = data.getParameters().getString("username");
424         if ((userName != null) && (userName.length() > 0))
425         {
426             setTarget(data, "admin,EditUserRoles.vm");
427         }
428         else
429         {
430             getScarabRequestTool(context).setAlertMessage(L10NKeySet.UserSelect);
431         }
432     }
433     
434     /**
435      *
436      */
437     public void doGotodeleteuser(RunData data, TemplateContext context)
438         throws Exception JavaDoc
439     {
440         setTarget(data, "admin,DeleteUser.vm");
441     }
442     
443     /**
444      *
445      */
446     public void doGotoadduser(RunData data, TemplateContext context)
447         throws Exception JavaDoc
448     {
449         setTarget(data, "admin,AddUser.vm");
450     }
451
452     /**
453      * This manages clicking the 'Search' button. Sets some data in context and delegates
454      * to the page (that will make the real search).
455      */
456     public void doSearch(RunData data, TemplateContext context)
457         throws Exception JavaDoc
458     {
459         String JavaDoc searchField = data.getParameters().getString("searchField");
460         String JavaDoc searchCriteria = data.getParameters().getString("searchCriteria");
461         String JavaDoc orderByField = data.getParameters().getString("orderByField");
462         String JavaDoc ascOrDesc = data.getParameters().getString("ascOrDesc");
463         String JavaDoc resultsPerPage= data.getParameters().getString("resultsPerPage");
464         ScarabRequestTool scarabR = getScarabRequestTool(context);
465         
466         scarabR.setGlobalUserSearchParam("searchField", searchField);
467         scarabR.setGlobalUserSearchParam("searchCriteria", searchCriteria);
468         scarabR.setGlobalUserSearchParam("orderByField", orderByField);
469         scarabR.setGlobalUserSearchParam("ascOrDesc", ascOrDesc);
470         scarabR.setGlobalUserSearchParam("resultsPerPage", resultsPerPage);
471         
472         setTarget(data, "admin,ManageUserSearch.vm");
473     }
474     
475     /**
476      * calls doSearch()
477      */
478     public void doPerform(RunData data, TemplateContext context)
479         throws Exception JavaDoc
480     {
481         doSearch(data, context);
482     }
483 }
484
Popular Tags