View Javadoc
1   /*
2    * This software was designed and created by Jason Carroll.
3    * Copyright (c) 2002, 2003, 2004 Jason Carroll.
4    * The author can be reached at jcarroll@cowsultants.com
5    * ITracker website: http://www.cowsultants.com
6    * ITracker forums: http://www.cowsultants.com/phpBB/index.php
7    *
8    * This program is free software; you can redistribute it and/or modify
9    * it only under the terms of the GNU General Public License as published by
10   * the Free Software Foundation; either version 2 of the License, or
11   * (at your option) any later version.
12   *
13   * This program is distributed in the hope that it will be useful,
14   * but WITHOUT ANY WARRANTY; without even the implied warranty of
15   * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
16   * GNU General Public License for more details.
17   */
18  
19  package org.itracker.web.actions.admin.user;
20  
21  import org.apache.log4j.Logger;
22  import org.apache.struts.action.*;
23  import org.itracker.UserException;
24  import org.itracker.model.Permission;
25  import org.itracker.model.PermissionType;
26  import org.itracker.model.Project;
27  import org.itracker.model.User;
28  import org.itracker.model.util.UserUtilities;
29  import org.itracker.services.ProjectService;
30  import org.itracker.services.UserService;
31  import org.itracker.web.actions.base.ItrackerBaseAction;
32  import org.itracker.web.forms.UserForm;
33  import org.itracker.web.util.ServletContextUtils;
34  import org.itracker.web.util.SessionManager;
35  
36  import javax.servlet.ServletException;
37  import javax.servlet.http.HttpServletRequest;
38  import javax.servlet.http.HttpServletResponse;
39  import java.io.IOException;
40  import java.util.*;
41  
42  
43  public class EditUserAction extends ItrackerBaseAction {
44      private static final Logger log = Logger.getLogger(EditUserAction.class);
45  
46  
47      public ActionForward execute(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
48          ActionMessages errors = new ActionMessages();
49  
50  
51          if (!isTokenValid(request)) {
52              log.debug("Invalid request token while editing component.");
53              errors.add(ActionMessages.GLOBAL_MESSAGE, new ActionMessage(
54                      "itracker.web.error.transaction"));
55              saveErrors(request, errors);
56              return mapping.findForward("listusers");
57          }
58          resetToken(request);
59  
60          UserForm./../../../../org/itracker/web/forms/UserForm.html#UserForm">UserForm userForm = (UserForm) form;
61          if (userForm == null) {
62              return mapping.findForward("listusers");
63          }
64  
65          ActionForward forward = setupJspEnv(request, userForm, errors, mapping);
66  
67  
68          if (!errors.isEmpty()) {
69              saveErrors(request, errors);
70          }
71          return forward;
72      }
73  
74  
75      public static ActionForward setupJspEnv(HttpServletRequest request, UserForm userForm, ActionMessages errors, ActionMapping mapping) {
76  
77          try {
78              UserService userService = ServletContextUtils.getItrackerServices().getUserService();
79              ProjectService projectService = ServletContextUtils.getItrackerServices().getProjectService();
80  
81              String previousLogin = userForm.getLogin();
82              User editUser;
83              // if userForm.getID returns -1, then this is a new user.. 
84              if (userForm.getId() != -1) {
85                  editUser = userService.getUser(userForm.getId());
86                  previousLogin = editUser.getLogin();
87              } else {
88                  editUser = new User();
89              }
90  
91  
92              editUser.setLogin(userForm.getLogin());
93              editUser.setFirstName(userForm.getFirstName());
94              editUser.setLastName(userForm.getLastName());
95              editUser.setEmail(userForm.getEmail());
96              editUser.setSuperUser(userForm.isSuperUser());
97  
98              try {
99                  if ("create".equals(userForm.getAction())) {
100                     if (!userService.allowProfileCreation(editUser, null, UserUtilities.AUTH_TYPE_UNKNOWN, UserUtilities.REQ_SOURCE_WEB)) {
101                         errors.add(ActionMessages.GLOBAL_MESSAGE, new ActionMessage("itracker.web.error.noprofilecreates"));
102                         return mapping.findForward("error");
103                     }
104 
105                     log.debug("Creating new userid.");
106                     editUser.setRegistrationType(UserUtilities.REGISTRATION_TYPE_ADMIN);
107                     if (null != userForm.getPassword() && userForm.getPassword().length() > 0) {
108                         if (userService.allowPasswordUpdates(editUser, null, UserUtilities.AUTH_TYPE_UNKNOWN, UserUtilities.REQ_SOURCE_WEB)) {
109                             editUser.setPassword(UserUtilities.encryptPassword(userForm.getPassword()));
110                         } else {
111                             // Passwort was attempted to set, but authenticator is not able to. Exception
112 //	                    	itracker.web.error.nopasswordupdates
113                             errors.add(ActionMessages.GLOBAL_MESSAGE, new ActionMessage("itracker.web.error.nopasswordupdates"));
114                             return mapping.findForward("error");
115                         }
116                     }
117                     editUser = userService.createUser(editUser);
118                 } else if ("update".equals(userForm.getAction())) {
119                     User existingUser = editUser;//userService.getUser(editUser.getId());
120                     if (log.isDebugEnabled()) {
121                         log.debug("execute: updating existingUser " + existingUser);
122                     }
123 
124                      previousLogin = existingUser.getLogin();
125                      if (!userService.allowProfileUpdates(existingUser, null, UserUtilities.AUTH_TYPE_UNKNOWN, UserUtilities.REQ_SOURCE_WEB)) {
126                          editUser = existingUser;
127 //                            itracker.web.error.noprofileupdates
128                          errors.add(ActionMessages.GLOBAL_MESSAGE, new ActionMessage("itracker.web.error.noprofileupdates"));
129                          return mapping.findForward("error");
130                      }
131 
132 
133                      if (null != userForm.getPassword() && !userForm.getPassword().equals("")) {
134                          if (userService.allowPasswordUpdates(existingUser, null, UserUtilities.AUTH_TYPE_UNKNOWN, UserUtilities.REQ_SOURCE_WEB)) {
135 
136                              editUser.setPassword(UserUtilities.encryptPassword(userForm.getPassword()));
137 
138 
139                          } else {
140                              // Passwort was attempted to set, but authenticator is not able to. Exception
141                              editUser = existingUser;
142 //		                            itracker.web.error.nopasswordupdates
143                              errors.add(ActionMessages.GLOBAL_MESSAGE, new ActionMessage("itracker.web.error.nopasswordupdates"));
144                              return mapping.findForward("error");
145                          }
146                      }
147 
148                      if (log.isDebugEnabled()) {
149                          log.debug("execute: applying updates on user " + editUser);
150                      }
151                      editUser = userService.updateUser(editUser);
152                      if (log.isDebugEnabled()) {
153                          log.debug("execute: applied updates on user " + editUser);
154                      }
155 
156                 } else {
157                     errors.add(ActionMessages.GLOBAL_MESSAGE, new ActionMessage("itracker.web.error.invalidaction"));
158                 }
159             } catch (UserException ue) {
160                 ue.printStackTrace();
161                 errors.add(ActionMessages.GLOBAL_MESSAGE, new ActionMessage("itracker.web.error.existinglogin"));
162 
163                 mapping.findForward("error");
164             }
165 
166             if (errors.isEmpty() && userService.allowPermissionUpdates(editUser, null, UserUtilities.AUTH_TYPE_UNKNOWN, UserUtilities.REQ_SOURCE_WEB)) {
167                 Map<String, Boolean> permissionsMap = userForm.getPermissions();
168                 List<Permission> newPermissions = new ArrayList<Permission>();
169 
170 
171                 Iterator<String> iter = permissionsMap.keySet().iterator();
172                 while (iter.hasNext()) {
173                     String paramName = iter.next();
174                     Integer projectIntValue = new Integer(paramName.substring(paramName.lastIndexOf('#') + 1));
175                     Project project = projectService.getProject(projectIntValue);
176                     PermissionType permissionType = PermissionType.valueOf(paramName.substring(0, paramName.lastIndexOf('#')));
177                     Permission newPermission = new Permission(permissionType, editUser, project);
178                     newPermission.setCreateDate(new Date());
179                     newPermissions.add(newPermission);
180                 }
181 
182                 boolean successful = userService.setUserPermissions(editUser.getId(), newPermissions);
183                 if (successful) {
184                     log.debug("User Permissions have been nicely set.");
185 
186                 } else {
187                     log.debug("No good. User Permissions have not been nicely set.");
188                 }
189             }
190 
191             if (errors.isEmpty()) {
192                 if (!previousLogin.equals(editUser.getLogin())) {
193                     if (SessionManager.getSessionStart(previousLogin) != null) {
194                         SessionManager.addRenamedLogin(previousLogin, editUser.getLogin());
195                         SessionManager.setSessionNeedsReset(previousLogin);
196                     }
197                 } else {
198                     if (SessionManager.getSessionStart(editUser.getLogin()) != null) {
199                         SessionManager.setSessionNeedsReset(editUser.getLogin());
200                     }
201                 }
202 
203                 log.debug("Forwarding to list users.");
204                 return mapping.findForward("listusers");
205             }
206         } catch (Exception e) {
207             log.error("Exception processing form data", e);
208             errors.add(ActionMessages.GLOBAL_MESSAGE, new ActionMessage("itracker.web.error.system"));
209         }
210         return mapping.getInputForward();
211     }
212 }
213