View Javadoc
1   /*
2    * This software was designed and created by Jason Carroll.
3    * Copyright (c) 2002, 2003, 2004 Jason Carroll.
4    * The author can be reached at jcarroll@cowsultants.com
5    * ITracker website: http://www.cowsultants.com
6    * ITracker forums: http://www.cowsultants.com/phpBB/index.php
7    *
8    * This program is free software; you can redistribute it and/or modify
9    * it only under the terms of the GNU General Public License as published by
10   * the Free Software Foundation; either version 2 of the License, or
11   * (at your option) any later version.
12   *
13   * This program is distributed in the hope that it will be useful,
14   * but WITHOUT ANY WARRANTY; without even the implied warranty of
15   * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
16   * GNU General Public License for more details.
17   */
18  
19  package org.itracker.web.actions.admin.user;
20  
21  import org.apache.log4j.Logger;
22  import org.apache.struts.action.*;
23  import org.itracker.model.*;
24  import org.itracker.model.util.UserUtilities;
25  import org.itracker.services.ProjectService;
26  import org.itracker.services.UserService;
27  import org.itracker.web.actions.base.ItrackerBaseAction;
28  import org.itracker.web.forms.UserForm;
29  import org.itracker.web.util.Constants;
30  import org.itracker.web.util.ServletContextUtils;
31  
32  import javax.servlet.ServletException;
33  import javax.servlet.http.HttpServletRequest;
34  import javax.servlet.http.HttpServletResponse;
35  import javax.servlet.http.HttpSession;
36  import java.io.IOException;
37  import java.util.Collections;
38  import java.util.HashMap;
39  import java.util.List;
40  
41  public class EditUserFormAction extends ItrackerBaseAction {
42      private static final Logger log = Logger.getLogger(EditUserFormAction.class);
43  
44      public ActionForward execute(ActionMapping mapping,
45                                   ActionForm form,
46                                   HttpServletRequest request,
47                                   HttpServletResponse response)
48              throws ServletException, IOException {
49  
50          ActionMessages errors = new ActionMessages();
51  
52          HttpSession session = request.getSession(true);
53          String action = request.getParameter("action");
54          String pageTitleKey;
55          String pageTitleArg = "";
56          boolean isUpdate = ( action != null && action.equals("update") );
57  
58  
59          try {
60  
61              UserService userService = ServletContextUtils.getItrackerServices().getUserService();
62              ProjectService projectService = ServletContextUtils.getItrackerServices().getProjectService();
63  
64              List<Project> projects;
65              User editUser = null;
66              HashMap<Integer, HashMap<String, Permission>> userPermissions = new HashMap<Integer, HashMap<String, Permission>>();
67  
68              List<NameValuePair> permissionNames = UserUtilities.getPermissionTypeNames(getLocale(request));
69              UserForm./../../../../org/itracker/web/forms/UserForm.html#UserForm">UserForm userForm = (UserForm) form;
70  
71              if (userForm == null) {
72                  userForm = new UserForm();
73              }
74  
75              if ("create".equals(action)) {
76  
77                  if (!userService.allowProfileCreation(null, null, UserUtilities.AUTH_TYPE_UNKNOWN, UserUtilities.REQ_SOURCE_WEB)) {
78                      errors.add(ActionMessages.GLOBAL_MESSAGE, new ActionMessage("itracker.web.error.noprofilecreates"));
79                      saveErrors(request, errors);
80  
81                      return mapping.findForward("error");
82                  }
83  
84                  editUser = new User();
85                  editUser.setId(-1);
86                  editUser.setStatus(UserUtilities.STATUS_ACTIVE);
87                  userForm.setAction("create");
88                  userForm.setId(editUser.getId());
89  
90              } else if ("update".equals(action)) {
91  
92                  Integer userId = userForm.getId();
93  
94                  if (userId == null) {
95                      errors.add(ActionMessages.GLOBAL_MESSAGE, new ActionMessage("itracker.web.error.invaliduser"));
96                  } else {
97  
98                      editUser = userService.getUser(userId);
99  
100                     if (editUser == null) {
101                         errors.add(ActionMessages.GLOBAL_MESSAGE, new ActionMessage("itracker.web.error.invaliduser"));
102                     } else {
103 
104                         userForm.setAction("update");
105                         userForm.setId(editUser.getId());
106                         userForm.setLogin(editUser.getLogin());
107                         userForm.setFirstName(editUser.getFirstName());
108                         userForm.setLastName(editUser.getLastName());
109                         userForm.setEmail(editUser.getEmail());
110                         userForm.setSuperUser(editUser.isSuperUser());
111 
112                         List<Permission> permissionList = userService.getPermissionsByUserId(editUser.getId());
113                         HashMap<String, Boolean> formPermissions = new HashMap<>();
114 
115                         boolean allowProfileUpdate = userService.allowProfileUpdates(editUser, null, UserUtilities.AUTH_TYPE_UNKNOWN, UserUtilities.REQ_SOURCE_WEB);
116                         request.setAttribute("allowProfileUpdate", allowProfileUpdate);
117 
118                         boolean allowPasswordUpdate = userService.allowPasswordUpdates(editUser, null, UserUtilities.AUTH_TYPE_UNKNOWN, UserUtilities.REQ_SOURCE_WEB);
119                         request.setAttribute("allowPasswordUpdate", allowPasswordUpdate);
120 
121                         boolean allowPermissionUpdate = userService.allowPermissionUpdates(editUser, null, UserUtilities.AUTH_TYPE_UNKNOWN, UserUtilities.REQ_SOURCE_WEB);
122                         request.setAttribute("allowPermissionUpdate", allowPermissionUpdate);
123 
124                         if (editUser.getId() > 0) {
125                             request.setAttribute("isUpdate", true);
126                         }
127 
128                         for (int i = 0; i < permissionList.size(); i++) {
129 
130                             log.debug("Processing permission type: " + permissionList.get(i).getPermissionType());
131 
132                             //if getPermissionType returned -1, this is a SuperUser. He will still be able to set project permissions.  
133 
134                             if (permissionList.size() > 0 && permissionList.get(0).getPermissionType() == PermissionType.USER_ADMIN) {
135 
136                                 if (permissionList.size() > 1 && i != 0) {
137 
138                                     Integer projectId = permissionList.get(i).getProject().getId();
139 
140                                     if (userPermissions.get(projectId) == null) {
141                                         HashMap<String, Permission> projectPermissions = new HashMap<>();
142                                         userPermissions.put(permissionList.get(i).getProject().getId(), projectPermissions);
143                                     }
144 
145                                     formPermissions.put(permissionList.get(i).getPermissionType().name(permissionList.get(i).getProject()), true);
146 
147                                     PermissionType permissionType = permissionList.get(i).getPermissionType();
148 
149                                     Permission thisPermission = permissionList.get(i);
150                                     HashMap<String, Permission> permissionHashMap = userPermissions.get(projectId);
151                                     permissionHashMap.put(String.valueOf(permissionType), thisPermission);
152 
153                                 }
154 
155                             } else {
156 
157                                 Integer projectId = permissionList.get(i).getProject().getId();
158 
159                                 if (userPermissions.get(projectId) == null) {
160                                     HashMap<String, Permission> projectPermissions = new HashMap<>();
161                                     userPermissions.put(permissionList.get(i).getProject().getId(), projectPermissions);
162                                 }
163 
164                                 formPermissions.put(permissionList.get(i).getPermissionType().name(permissionList.get(i).getProject()), true);
165 
166                                 PermissionType permissionType = permissionList.get(i).getPermissionType();
167 
168                                 Permission thisPermission = permissionList.get(i);
169                                 HashMap<String, Permission> permissionHashMap =  userPermissions.get(projectId);
170                                 permissionHashMap.put(String.valueOf(permissionType), thisPermission);
171 
172                             }
173 
174                         }
175 
176                         userForm.setPermissions(formPermissions);
177                     }
178                 }
179 
180             } else {
181                 errors.add(ActionMessages.GLOBAL_MESSAGE, new ActionMessage("itracker.web.error.invalidaction"));
182             }
183 
184             if (editUser == null) {
185                 return mapping.findForward("unauthorized");
186             }
187             if (isUpdate) {
188                 pageTitleKey = "itracker.web.admin.edituser.title.update";
189                 pageTitleArg = editUser.getLogin();
190 
191             } else {
192                 pageTitleKey = "itracker.web.admin.edituser.title.create";
193             }
194 
195             request.setAttribute("isUpdate", isUpdate);
196             request.setAttribute("pageTitleKey", pageTitleKey);
197             request.setAttribute("pageTitleArg", pageTitleArg);
198             if (errors.isEmpty()) {
199 
200                 String userStatus = UserUtilities.getStatusName(editUser.getStatus());
201                 request.setAttribute("userStatus", userStatus);
202 
203                 projects = projectService.getAllAvailableProjects();
204                 Collections.sort(projects, Project.PROJECT_COMPARATOR);
205                 request.setAttribute(Constants.PROJECTS_KEY, projects);
206 
207                 request.setAttribute("userForm", userForm);
208                 session.setAttribute(Constants.EDIT_USER_KEY, editUser);
209                 session.setAttribute(Constants.EDIT_USER_PERMS_KEY, userPermissions);
210                 request.setAttribute("permissionNames", permissionNames);
211                 request.setAttribute("permissionRowColIdxes", new Integer[]{0, 1});
212                 saveToken(request);
213 
214                 return mapping.findForward("edituserform");
215 
216             }
217 
218         } catch (Exception e) {
219             log.error("Exception while creating edit user form.", e);
220             errors.add(ActionMessages.GLOBAL_MESSAGE, new ActionMessage("itracker.web.error.system"));
221         }
222 
223         if (!errors.isEmpty()) {
224             saveErrors(request, errors);
225         }
226 
227         return mapping.findForward("error");
228 
229     }
230 
231 }