001: package org.tigris.scarab.actions.admin;
002:
003: /* ================================================================
004: * Copyright (c) 2000-2003 CollabNet. All rights reserved.
005: *
006: * Redistribution and use in source and binary forms, with or without
007: * modification, are permitted provided that the following conditions are
008: * met:
009: *
010: * 1. Redistributions of source code must retain the above copyright
011: * notice, this list of conditions and the following disclaimer.
012: *
013: * 2. Redistributions in binary form must reproduce the above copyright
014: * notice, this list of conditions and the following disclaimer in the
015: * documentation and/or other materials provided with the distribution.
016: *
017: * 3. The end-user documentation included with the redistribution, if
018: * any, must include the following acknowlegement: "This product includes
019: * software developed by CollabNet <http://www.Collab.Net/>."
020: * Alternately, this acknowlegement may appear in the software itself, if
021: * and wherever such third-party acknowlegements normally appear.
022: *
023: * 4. The hosted project names must not be used to endorse or promote
024: * products derived from this software without prior written
025: * permission. For written permission, please contact info@collab.net.
026: *
027: * 5. Products derived from this software may not use the "Tigris" or
028: * "Scarab" names nor may "Tigris" or "Scarab" appear in their names without
029: * prior written permission of CollabNet.
030: *
031: * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
032: * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
033: * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
034: * IN NO EVENT SHALL COLLAB.NET OR ITS CONTRIBUTORS BE LIABLE FOR ANY
035: * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
036: * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
037: * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
038: * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER
039: * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
040: * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
041: * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
042: *
043: * ====================================================================
044: *
045: * This software consists of voluntary contributions made by many
046: * individuals on behalf of CollabNet.
047: */
048:
049: import java.io.Serializable;
050: import java.util.Iterator;
051: import java.util.List;
052:
053: import org.apache.fulcrum.parser.ParameterParser;
054: import org.apache.fulcrum.security.TurbineSecurity;
055: import org.apache.fulcrum.security.util.AccessControlList;
056: import org.apache.fulcrum.security.util.DataBackendException;
057: import org.apache.torque.om.NumberKey;
058: import org.apache.turbine.RunData;
059: import org.apache.turbine.TemplateContext;
060: import org.apache.turbine.Turbine;
061: import org.tigris.scarab.actions.base.RequireLoginFirstAction;
062: import org.tigris.scarab.om.IssueTemplateInfo;
063: import org.tigris.scarab.om.IssueTemplateInfoPeer;
064: import org.tigris.scarab.om.Module;
065: import org.tigris.scarab.om.PendingGroupUserRole;
066: import org.tigris.scarab.om.Query;
067: import org.tigris.scarab.om.QueryPeer;
068: import org.tigris.scarab.om.ScarabUser;
069: import org.tigris.scarab.om.ScarabUserManager;
070: import org.tigris.scarab.om.Scope;
071: import org.tigris.scarab.services.security.ScarabSecurity;
072: import org.tigris.scarab.tools.ScarabLocalizationTool;
073: import org.tigris.scarab.tools.ScarabRequestTool;
074: import org.tigris.scarab.tools.SecurityAdminTool;
075: import org.tigris.scarab.tools.localization.L10NKeySet;
076: import org.tigris.scarab.tools.localization.L10NMessage;
077: import org.tigris.scarab.tools.localization.LocalizationKey;
078: import org.tigris.scarab.util.Email;
079: import org.tigris.scarab.util.EmailContext;
080: import org.tigris.scarab.util.ScarabConstants;
081: import org.tigris.scarab.util.ScarabException;
082:
083: /**
084: * This class is responsible for managing the approval process.
085: *
086: * @author <a href="mailto:elicia@collab.net">Elicia David</a>
087: * @version $Id: Approval.java 10059 2006-04-20 16:13:35Z jorgeuriarte $
088: */
089: public class Approval extends RequireLoginFirstAction {
090: private static final String REJECT = "reject";
091: private static final String APPROVE = "approve";
092: private static final String COMMENT = "comment";
093:
094: private static final Integer QUERY = new Integer(0);
095: private static final Integer ISSUE_ENTRY_TEMPLATE = new Integer(1);
096: private static final Integer COMMENTED = new Integer(2);
097:
098: private static final Integer REJECTED = QUERY;
099: private static final Integer APPROVED = ISSUE_ENTRY_TEMPLATE;
100:
101: public void doSubmit(RunData data, TemplateContext context)
102: throws Exception {
103: ScarabRequestTool scarabR = (ScarabRequestTool) context
104: .get(ScarabConstants.SCARAB_REQUEST_TOOL);
105: ScarabLocalizationTool l10n = getLocalizationTool(context);
106: ScarabUser user = (ScarabUser) data.getUser();
107: Module module = scarabR.getCurrentModule();
108: String globalComment = data.getParameters().getString(
109: "global_comment");
110:
111: ParameterParser params = data.getParameters();
112: Object[] keys = params.getKeys();
113: String key;
114: String action = null;
115: Integer actionWord = null;
116: Integer artifact = null;
117: String artifactName = null;
118: String comment = null;
119: ScarabUser toUser = null;
120: String userId;
121: boolean success = true;
122:
123: for (int i = 0; i < keys.length; i++) {
124: action = "none";
125: key = keys[i].toString();
126: if (key.startsWith("query_id_")) {
127: String queryId = key.substring(9);
128: Query query = QueryPeer.retrieveByPK(new NumberKey(
129: queryId));
130:
131: action = params.getString("query_action_" + queryId);
132: comment = params.getString("query_comment_" + queryId);
133:
134: userId = params.getString("query_user_" + queryId);
135: toUser = scarabR.getUser(userId);
136: artifact = QUERY;
137: artifactName = query.getName();
138:
139: if (query.getApproved()) {
140: success = false;
141: boolean isApproved = Scope.MODULE__PK.equals(query
142: .getScopeId());
143: LocalizationKey l10nKey = (isApproved) ? L10NKeySet.ItemAlreadyApproved
144: : L10NKeySet.ItemAlreadyRejected;
145: L10NMessage l10nMessage = new L10NMessage(l10nKey,
146: artifactName);
147: scarabR.setAlertMessage(l10nMessage);
148: } else {
149: if (action.equals(REJECT)) {
150: try {
151: query.approve(user, false);
152: } catch (ScarabException e) {
153: L10NMessage msg = new L10NMessage(
154: L10NKeySet.ExceptionGeneric, e);
155: scarabR.setAlertMessage(msg);
156: }
157: actionWord = REJECTED;
158: } else if (action.equals(APPROVE)) {
159: try {
160: query.approve(user, true);
161: } catch (ScarabException e) {
162: L10NMessage msg = new L10NMessage(
163: L10NKeySet.ExceptionGeneric, e);
164: scarabR.setAlertMessage(msg);
165: }
166: actionWord = APPROVED;
167: } else if (action.equals(COMMENT)) {
168: actionWord = COMMENTED;
169: }
170: }
171: } else if (key.startsWith("template_id_")) {
172: String templateId = key.substring(12);
173: IssueTemplateInfo info = IssueTemplateInfoPeer
174: .retrieveByPK(new NumberKey(templateId));
175:
176: action = params.getString("template_action_"
177: + templateId);
178: comment = params.getString("template_comment_"
179: + templateId);
180:
181: userId = params
182: .getString("template_user_" + templateId);
183: toUser = scarabR.getUser(userId);
184: artifact = ISSUE_ENTRY_TEMPLATE;
185: artifactName = info.getName();
186:
187: if (info.getApproved()) {
188: success = false;
189: boolean isApproved = Scope.MODULE__PK.equals(info
190: .getScopeId());
191: LocalizationKey l10nKey = (isApproved) ? L10NKeySet.ItemAlreadyApproved
192: : L10NKeySet.ItemAlreadyRejected;
193: L10NMessage l10nMessage = new L10NMessage(l10nKey,
194: artifactName);
195: scarabR.setAlertMessage(l10nMessage);
196: } else {
197: if (action.equals(REJECT)) {
198: try {
199: info.approve(user, false);
200: } catch (ScarabException e) {
201: L10NMessage msg = new L10NMessage(
202: L10NKeySet.ExceptionGeneric, e);
203: scarabR.setAlertMessage(msg);
204: }
205: actionWord = REJECTED;
206: } else if (action.equals(APPROVE)) {
207: try {
208: info.approve(user, true);
209: } catch (ScarabException e) {
210: L10NMessage msg = new L10NMessage(
211: L10NKeySet.ExceptionGeneric, e);
212: scarabR.setAlertMessage(msg);
213: }
214: actionWord = APPROVED;
215: } else if (action.equals(COMMENT)) {
216: actionWord = COMMENTED;
217: }
218: }
219: if (!action.equals("none") && success) {
220: // send email
221: EmailContext ectx = new EmailContext();
222: ectx.setUser(user);
223: // add specific data to context for email template
224: ectx.put("artifactIndex", artifact);
225: ectx.put("artifactName", artifactName);
226: ectx.put("actionIndex", actionWord);
227: ectx.put("comment", comment);
228: ectx.put("globalComment", globalComment);
229:
230: String template = Turbine.getConfiguration()
231: .getString(
232: "scarab.email.approval.template",
233: "Approval.vm");
234: try {
235: Email.sendEmail(ectx, module, user, module
236: .getSystemEmail(), toUser, template);
237: } catch (Exception e) {
238: L10NMessage l10nMessage = new L10NMessage(
239: EMAIL_ERROR, e);
240: scarabR.setAlertMessage(l10nMessage);
241: }
242: }
243: }
244: }
245: }
246:
247: public void doApproveroles(RunData data, TemplateContext context)
248: throws Exception {
249: String template = getCurrentTemplate(data, null);
250: String nextTemplate = getNextTemplate(data, template);
251: ScarabRequestTool scarabR = getScarabRequestTool(context);
252: ScarabLocalizationTool l10n = getLocalizationTool(context);
253: Module module = scarabR.getCurrentModule();
254: if (((ScarabUser) data.getUser()).hasPermission(
255: ScarabSecurity.USER__APPROVE_ROLES, module)) {
256: SecurityAdminTool scarabA = getSecurityAdminTool(context);
257: List pendings = scarabA.getPendingGroupUserRoles(module);
258: Iterator i = pendings.iterator();
259: while (i.hasNext()) {
260: PendingGroupUserRole pending = (PendingGroupUserRole) i
261: .next();
262: ScarabUser user = ScarabUserManager.getInstance(pending
263: .getUserId());
264:
265: String checked = data.getParameters().getString(
266: "user_id_" + user.getUserName());
267:
268: if (checked != null && checked.equals("on")) {
269: String roleName = data.getParameters().getString(
270: user.getUserName());
271: if (roleName != null && roleName.length() > 0) {
272: if (roleName.equalsIgnoreCase(l10n
273: .get(L10NKeySet.Deny))) {
274: pending.delete();
275: } else {
276: try {
277: TurbineSecurity
278: .grant(
279: user,
280: (org.apache.fulcrum.security.entity.Group) module,
281: TurbineSecurity
282: .getRole(roleName));
283:
284: // TODO: Needs to be refactored into the Users system?
285: ScarabUserManager
286: .getMethodResult()
287: .remove(
288: user.getUserName(),
289: ScarabUserManager.GET_ACL);
290: ScarabUserManager
291: .getMethodResult()
292: .remove(
293: user.getUserName(),
294: ScarabUserManager.HAS_ROLE_IN_MODULE,
295: roleName,
296: module.getModuleId());
297: } catch (DataBackendException e) {
298: // maybe the role request was approved
299: // by another admin?
300: AccessControlList acl = TurbineSecurity
301: .getACL(user);
302: if (acl
303: .hasRole(
304: TurbineSecurity
305: .getRole(roleName),
306: (org.apache.fulcrum.security.entity.Group) module)) {
307: String[] args = { roleName,
308: user.getUserName(),
309: module.getRealName() };
310: String msg = l10n
311: .format(
312: "RolePreviouslyApprovedForUserInModule",
313: args);
314: String info = (String) scarabR
315: .getInfoMessage();
316: if (info == null) {
317: info = msg;
318: } else {
319: info += " " + msg;
320: }
321:
322: scarabR.setInfoMessage(info);
323: } else {
324: throw e; //EXCEPTION
325: }
326: }
327: pending.delete();
328: }
329: }
330: }
331: }
332: scarabR.setConfirmMessage(L10NKeySet.AllRolesProcessed);
333: }
334: setTarget(data, nextTemplate);
335: }
336:
337: /**
338: * Helper method to retrieve the ScarabRequestTool from the Context
339: */
340: private SecurityAdminTool getSecurityAdminTool(
341: TemplateContext context) {
342: return (SecurityAdminTool) context
343: .get(ScarabConstants.SECURITY_ADMIN_TOOL);
344: }
345: }
|