EditUserAction.java

/*
 * This software was designed and created by Jason Carroll.
 * Copyright (c) 2002, 2003, 2004 Jason Carroll.
 * The author can be reached at jcarroll@cowsultants.com
 * ITracker website: http://www.cowsultants.com
 * ITracker forums: http://www.cowsultants.com/phpBB/index.php
 *
 * This program is free software; you can redistribute it and/or modify
 * it only under the terms of the GNU General Public License as published by
 * the Free Software Foundation; either version 2 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 */

package org.itracker.web.actions.admin.user;

import org.apache.log4j.Logger;
import org.apache.struts.action.*;
import org.itracker.UserException;
import org.itracker.model.Permission;
import org.itracker.model.PermissionType;
import org.itracker.model.Project;
import org.itracker.model.User;
import org.itracker.model.util.UserUtilities;
import org.itracker.services.ProjectService;
import org.itracker.services.UserService;
import org.itracker.web.actions.base.ItrackerBaseAction;
import org.itracker.web.forms.UserForm;
import org.itracker.web.util.ServletContextUtils;
import org.itracker.web.util.SessionManager;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.util.*;


public class EditUserAction extends ItrackerBaseAction {
    private static final Logger log = Logger.getLogger(EditUserAction.class);


    public ActionForward execute(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
        ActionMessages errors = new ActionMessages();


        if (!isTokenValid(request)) {
            log.debug("Invalid request token while editing component.");
            errors.add(ActionMessages.GLOBAL_MESSAGE, new ActionMessage(
                    "itracker.web.error.transaction"));
            saveErrors(request, errors);
            return mapping.findForward("listusers");
        }
        resetToken(request);

        UserForm userForm = (UserForm) form;
        if (userForm == null) {
            return mapping.findForward("listusers");
        }

        ActionForward forward = setupJspEnv(request, userForm, errors, mapping);


        if (!errors.isEmpty()) {
            saveErrors(request, errors);
        }
        return forward;
    }


    public static ActionForward setupJspEnv(HttpServletRequest request, UserForm userForm, ActionMessages errors, ActionMapping mapping) {

        try {
            UserService userService = ServletContextUtils.getItrackerServices().getUserService();
            ProjectService projectService = ServletContextUtils.getItrackerServices().getProjectService();

            String previousLogin = userForm.getLogin();
            User editUser;
            // if userForm.getID returns -1, then this is a new user.. 
            if (userForm.getId() != -1) {
                editUser = userService.getUser(userForm.getId());
                previousLogin = editUser.getLogin();
            } else {
                editUser = new User();
            }


            editUser.setLogin(userForm.getLogin());
            editUser.setFirstName(userForm.getFirstName());
            editUser.setLastName(userForm.getLastName());
            editUser.setEmail(userForm.getEmail());
            editUser.setSuperUser(userForm.isSuperUser());

            try {
                if ("create".equals(userForm.getAction())) {
                    if (!userService.allowProfileCreation(editUser, null, UserUtilities.AUTH_TYPE_UNKNOWN, UserUtilities.REQ_SOURCE_WEB)) {
                        errors.add(ActionMessages.GLOBAL_MESSAGE, new ActionMessage("itracker.web.error.noprofilecreates"));
                        return mapping.findForward("error");
                    }

                    log.debug("Creating new userid.");
                    editUser.setRegistrationType(UserUtilities.REGISTRATION_TYPE_ADMIN);
                    if (null != userForm.getPassword() && userForm.getPassword().length() > 0) {
                        if (userService.allowPasswordUpdates(editUser, null, UserUtilities.AUTH_TYPE_UNKNOWN, UserUtilities.REQ_SOURCE_WEB)) {
                            editUser.setPassword(UserUtilities.encryptPassword(userForm.getPassword()));
                        } else {
                            // Passwort was attempted to set, but authenticator is not able to. Exception
//	                    	itracker.web.error.nopasswordupdates
                            errors.add(ActionMessages.GLOBAL_MESSAGE, new ActionMessage("itracker.web.error.nopasswordupdates"));
                            return mapping.findForward("error");
                        }
                    }
                    editUser = userService.createUser(editUser);
                } else if ("update".equals(userForm.getAction())) {
                    User existingUser = editUser;//userService.getUser(editUser.getId());
                    if (log.isDebugEnabled()) {
                        log.debug("execute: updating existingUser " + existingUser);
                    }

                     previousLogin = existingUser.getLogin();
                     if (!userService.allowProfileUpdates(existingUser, null, UserUtilities.AUTH_TYPE_UNKNOWN, UserUtilities.REQ_SOURCE_WEB)) {
                         editUser = existingUser;
//                            itracker.web.error.noprofileupdates
                         errors.add(ActionMessages.GLOBAL_MESSAGE, new ActionMessage("itracker.web.error.noprofileupdates"));
                         return mapping.findForward("error");
                     }


                     if (null != userForm.getPassword() && !userForm.getPassword().equals("")) {
                         if (userService.allowPasswordUpdates(existingUser, null, UserUtilities.AUTH_TYPE_UNKNOWN, UserUtilities.REQ_SOURCE_WEB)) {

                             editUser.setPassword(UserUtilities.encryptPassword(userForm.getPassword()));


                         } else {
                             // Passwort was attempted to set, but authenticator is not able to. Exception
                             editUser = existingUser;
//		                            itracker.web.error.nopasswordupdates
                             errors.add(ActionMessages.GLOBAL_MESSAGE, new ActionMessage("itracker.web.error.nopasswordupdates"));
                             return mapping.findForward("error");
                         }
                     }

                     if (log.isDebugEnabled()) {
                         log.debug("execute: applying updates on user " + editUser);
                     }
                     editUser = userService.updateUser(editUser);
                     if (log.isDebugEnabled()) {
                         log.debug("execute: applied updates on user " + editUser);
                     }

                } else {
                    errors.add(ActionMessages.GLOBAL_MESSAGE, new ActionMessage("itracker.web.error.invalidaction"));
                }
            } catch (UserException ue) {
                ue.printStackTrace();
                errors.add(ActionMessages.GLOBAL_MESSAGE, new ActionMessage("itracker.web.error.existinglogin"));

                mapping.findForward("error");
            }

            if (errors.isEmpty() && userService.allowPermissionUpdates(editUser, null, UserUtilities.AUTH_TYPE_UNKNOWN, UserUtilities.REQ_SOURCE_WEB)) {
                Map<String, Boolean> permissionsMap = userForm.getPermissions();
                List<Permission> newPermissions = new ArrayList<Permission>();


                Iterator<String> iter = permissionsMap.keySet().iterator();
                while (iter.hasNext()) {
                    String paramName = iter.next();
                    Integer projectIntValue = new Integer(paramName.substring(paramName.lastIndexOf('#') + 1));
                    Project project = projectService.getProject(projectIntValue);
                    PermissionType permissionType = PermissionType.valueOf(paramName.substring(0, paramName.lastIndexOf('#')));
                    Permission newPermission = new Permission(permissionType, editUser, project);
                    newPermission.setCreateDate(new Date());
                    newPermissions.add(newPermission);
                }

                boolean successful = userService.setUserPermissions(editUser.getId(), newPermissions);
                if (successful) {
                    log.debug("User Permissions have been nicely set.");

                } else {
                    log.debug("No good. User Permissions have not been nicely set.");
                }
            }

            if (errors.isEmpty()) {
                if (!previousLogin.equals(editUser.getLogin())) {
                    if (SessionManager.getSessionStart(previousLogin) != null) {
                        SessionManager.addRenamedLogin(previousLogin, editUser.getLogin());
                        SessionManager.setSessionNeedsReset(previousLogin);
                    }
                } else {
                    if (SessionManager.getSessionStart(editUser.getLogin()) != null) {
                        SessionManager.setSessionNeedsReset(editUser.getLogin());
                    }
                }

                log.debug("Forwarding to list users.");
                return mapping.findForward("listusers");
            }
        } catch (Exception e) {
            log.error("Exception processing form data", e);
            errors.add(ActionMessages.GLOBAL_MESSAGE, new ActionMessage("itracker.web.error.system"));
        }
        return mapping.getInputForward();
    }
}