001: package org.tigris.scarab.actions.admin;
002:
003: /* ================================================================
004: * Copyright (c) 2000-2002 CollabNet. All rights reserved.
005: *
006: * Redistribution and use in source and binary forms, with or without
007: * modification, are permitted provided that the following conditions are
008: * met:
009: *
010: * 1. Redistributions of source code must retain the above copyright
011: * notice, this list of conditions and the following disclaimer.
012: *
013: * 2. Redistributions in binary form must reproduce the above copyright
014: * notice, this list of conditions and the following disclaimer in the
015: * documentation and/or other materials provided with the distribution.
016: *
017: * 3. The end-user documentation included with the redistribution, if
018: * any, must include the following acknowlegement: "This product includes
019: * software developed by Collab.Net <http://www.Collab.Net/>."
020: * Alternately, this acknowlegement may appear in the software itself, if
021: * and wherever such third-party acknowlegements normally appear.
022: *
023: * 4. The hosted project names must not be used to endorse or promote
024: * products derived from this software without prior written
025: * permission. For written permission, please contact info@collab.net.
026: *
027: * 5. Products derived from this software may not use the "Tigris" or
028: * "Scarab" names nor may "Tigris" or "Scarab" appear in their names without
029: * prior written permission of Collab.Net.
030: *
031: * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
032: * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
033: * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
034: * IN NO EVENT SHALL COLLAB.NET OR ITS CONTRIBUTORS BE LIABLE FOR ANY
035: * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
036: * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
037: * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
038: * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER
039: * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
040: * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
041: * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
042: *
043: * ====================================================================
044: *
045: * This software consists of voluntary contributions made by many
046: * individuals on behalf of Collab.Net.
047: */
048:
049: // JDK classes
050: // Turbine Stuff
051: import org.apache.turbine.TemplateContext;
052: import org.apache.turbine.RunData;
053: import org.apache.turbine.tool.IntakeTool;
054: import org.apache.fulcrum.intake.model.Group;
055: import org.apache.fulcrum.security.TurbineSecurity;
056: import org.apache.fulcrum.security.entity.Role;
057: import org.apache.fulcrum.security.entity.Permission;
058: import org.apache.fulcrum.security.util.EntityExistsException;
059: import org.apache.fulcrum.security.util.PermissionSet;
060:
061: // Scarab Stuff
062: import org.tigris.scarab.om.ScarabUser;
063: import org.tigris.scarab.om.ScarabUserManager;
064: import org.tigris.scarab.tools.ScarabLocalizationTool;
065: import org.tigris.scarab.util.ScarabConstants;
066: import org.tigris.scarab.actions.base.RequireLoginFirstAction;
067:
068: /**
069: * This class is responsible for dealing with the role management
070: * Action(s).
071: *
072: * @author <a href="mailto:dr@bitonic.com">Douglas B. Robertson</a>
073: * @version $Id: ManageRoles.java 10239 2006-08-05 14:28:42Z pledbrook $
074: */
075: public class ManageRoles extends RequireLoginFirstAction {
076:
077: /**
078: * Go to the Add Role page
079: */
080: public void doGotoaddrole(RunData data, TemplateContext context)
081: throws Exception {
082: setTarget(data, "admin,AddRole.vm");
083: }
084:
085: /**
086: * Go to the Edit Role page
087: */
088: public void doGotoeditrole(RunData data, TemplateContext context)
089: throws Exception {
090: checkParamValidity(data, context, "admin,EditRole.vm");
091: }
092:
093: /**
094: * Go to the Delete Role page
095: */
096: public void doGotodeleterole(RunData data, TemplateContext context)
097: throws Exception {
098: checkParamValidity(data, context, "admin,DeleteRole.vm");
099: }
100:
101: /**
102: * Manages the adding of a new role when the 'Add Role' button is pressed.
103: */
104: public void doAddrole(RunData data, TemplateContext context)
105: throws Exception {
106: IntakeTool intake = getIntakeTool(context);
107: ScarabLocalizationTool l10n = getLocalizationTool(context);
108:
109: if (intake.isAllValid()) {
110: Object user = data.getUser().getTemp(
111: ScarabConstants.SESSION_REGISTER);
112:
113: Group editRole = null;
114: if (user != null && user instanceof ScarabUser) {
115: editRole = intake.get("EditRole", ((ScarabUser) user)
116: .getQueryKey(), false);
117: } else {
118: editRole = intake.get("EditRole",
119: IntakeTool.DEFAULT_KEY, false);
120: }
121: String name = editRole.get("RoleName").toString();
122:
123: try {
124: Role role = TurbineSecurity.getNewRole(null);
125: role.setName(name);
126:
127: TurbineSecurity.addRole(role);
128:
129: String msg = l10n.format("RoleCreated", name);
130: getScarabRequestTool(context).setConfirmMessage(msg);
131:
132: data.getParameters().setString("name", name);
133: doGotoeditrole(data, context);
134: } catch (EntityExistsException eee) {
135: String msg = l10n.format("RoleExists", name);
136: getScarabRequestTool(context).setConfirmMessage(msg);
137: }
138: }
139: }
140:
141: /**
142: * Manages the editing of an existing role when the 'Update Role' button is pressed.
143: */
144: public void doEditrole(RunData data, TemplateContext context)
145: throws Exception {
146: /*
147: * Grab the role we are trying to update.
148: */
149: String name = data.getParameters().getString("name");
150: checkParamValidity(data, context, null);
151: Role role = TurbineSecurity.getRole(name);
152:
153: /*
154: * Grab the permissions for the role we are
155: * dealing with.
156: */
157: PermissionSet rolePermissions = role.getPermissions();
158:
159: /*
160: * Grab all the permissions.
161: */
162: Permission[] permissions = TurbineSecurity.getAllPermissions()
163: .getPermissionsArray();
164:
165: String roleName = role.getName();
166:
167: for (int i = 0; i < permissions.length; i++) {
168: String permissionName = permissions[i].getName();
169: String rolePermission = roleName + permissionName;
170:
171: String formRolePermission = data.getParameters().getString(
172: rolePermission);
173: Permission permission = TurbineSecurity
174: .getPermission(permissionName);
175:
176: if (formRolePermission != null
177: && !rolePermissions.contains(permission)) {
178: /*
179: * Checkbox has been checked AND the role doesn't already
180: * contain this permission. So assign the permission to
181: * the role.
182: */
183:
184: role.grant(permission);
185: } else if (formRolePermission == null
186: && rolePermissions.contains(permission)) {
187: /*
188: * Checkbox has not been checked AND the role
189: * contains this permission. So remove this
190: * permission from the role.
191: */
192: role.revoke(permission);
193: }
194: }
195:
196: ScarabUserManager.getMethodResult().clear();
197: }
198:
199: /**
200: * This manages the clicking of the 'Confirm Delete' button and actually
201: * deletes the Role.
202: */
203: public void doDeleterole(RunData data, TemplateContext context)
204: throws Exception {
205: /*
206: * Grab the role we are trying to delete.
207: */
208: String name = data.getParameters().getString("name");
209: Role role = TurbineSecurity.getRole(name);
210: TurbineSecurity.removeRole(role);
211:
212: ScarabLocalizationTool l10n = getLocalizationTool(context);
213:
214: String msg = l10n.format("RoleDeleted", name);
215: getScarabRequestTool(context).setConfirmMessage(msg);
216: setTarget(data, data.getParameters().getString(
217: ScarabConstants.NEXT_TEMPLATE, "admin,ManageRoles.vm"));
218: }
219:
220: /**
221: This manages clicking the Cancel button
222: */
223: public void doCancel(RunData data, TemplateContext context)
224: throws Exception {
225: setTarget(data, data.getParameters().getString(
226: ScarabConstants.CANCEL_TEMPLATE, "admin,AdminIndex.vm"));
227: }
228:
229: /**
230: calls doCancel()
231: */
232: public void doPerform(RunData data, TemplateContext context)
233: throws Exception {
234: doCancel(data, context);
235: }
236:
237: /**
238: * Spit out an error message to the user if the "name" parameter
239: * is null or empty.
240: *
241: * @param target Page to go to if "name" parameter is present. If
242: * null then don't go anywhere.
243: */
244: protected void checkParamValidity(RunData data,
245: TemplateContext context, String target) {
246: String name = data.getParameters().getString("name");
247:
248: if (name == null || name.length() == 0) {
249: ScarabLocalizationTool l10n = getLocalizationTool(context);
250: String msg = l10n.get("NoRoleSelected");
251: getScarabRequestTool(context).setConfirmMessage(msg);
252: setTarget(data, "admin,ManageRoles.vm");
253: } else {
254: if (target != null) {
255: setTarget(data, target);
256: }
257: }
258: }
259: }
|