001: /**
002: * Licensed under the GNU LESSER GENERAL PUBLIC LICENSE, version 2.1, dated February 1999.
003: *
004: * This program is free software; you can redistribute it and/or modify
005: * it under the terms of the latest version of the GNU Lesser General
006: * Public License as published by the Free Software Foundation;
007: *
008: * This program is distributed in the hope that it will be useful,
009: * but WITHOUT ANY WARRANTY; without even the implied warranty of
010: * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
011: * GNU Lesser General Public License for more details.
012: *
013: * You should have received a copy of the GNU Lesser General Public License
014: * along with this program (LICENSE.txt); if not, write to the Free Software
015: * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
016: */package org.jamwiki.servlets;
017:
018: import java.util.ArrayList;
019: import java.util.Collection;
020: import java.util.Iterator;
021: import java.util.List;
022: import java.util.Vector;
023: import javax.servlet.http.HttpServletRequest;
024: import javax.servlet.http.HttpServletResponse;
025: import org.apache.commons.lang.StringUtils;
026: import org.jamwiki.WikiBase;
027: import org.jamwiki.WikiException;
028: import org.jamwiki.WikiMessage;
029: import org.jamwiki.model.Role;
030: import org.jamwiki.utils.WikiLogger;
031: import org.jamwiki.utils.WikiUtil;
032: import org.springframework.web.servlet.ModelAndView;
033:
034: /**
035: *
036: */
037: public class RolesServlet extends JAMWikiServlet {
038:
039: private static final WikiLogger logger = WikiLogger
040: .getLogger(RolesServlet.class.getName());
041: protected static final String JSP_ADMIN_ROLES = "admin-roles.jsp";
042:
043: /**
044: * This method handles the request after its parent class receives control.
045: *
046: * @param request - Standard HttpServletRequest object.
047: * @param response - Standard HttpServletResponse object.
048: * @return A <code>ModelAndView</code> object to be handled by the rest of the Spring framework.
049: */
050: protected ModelAndView handleJAMWikiRequest(
051: HttpServletRequest request, HttpServletResponse response,
052: ModelAndView next, WikiPageInfo pageInfo) throws Exception {
053: String function = request.getParameter("function");
054: if (StringUtils.isBlank(function)) {
055: view(request, next, pageInfo);
056: } else if (function.equals("modifyRole")) {
057: modifyRole(request, next, pageInfo);
058: } else if (function.equals("searchRole")) {
059: searchRole(request, next, pageInfo);
060: } else if (function.equals("assignRole")) {
061: assignRole(request, next, pageInfo);
062: }
063: return next;
064: }
065:
066: /**
067: * Utility method for converting a processing an array of "userid|groupid|role" values
068: * into a List of roles for a specific id value.
069: *
070: * @return A List of role names for the given id, or an empty
071: * List if no matching values are found.
072: */
073: private static List buildRoleArray(int userId, int groupId,
074: String[] valueArray) {
075: List results = new Vector();
076: if (valueArray == null) {
077: return results;
078: }
079: for (int i = 0; i < valueArray.length; i++) {
080: String[] tokens = valueArray[i].split("\\|");
081: String parsedUserId = tokens[0];
082: int userInt = -1;
083: try {
084: userInt = Integer.parseInt(parsedUserId);
085: } catch (Exception ignore) {
086: }
087: String parsedGroupId = tokens[1];
088: int groupInt = -1;
089: try {
090: groupInt = Integer.parseInt(parsedGroupId);
091: } catch (Exception ignore) {
092: }
093: String valueRole = tokens[2];
094: if ((userId > 0 && userId == userInt)
095: || (groupId > 0 && groupId == groupInt)) {
096: results.add(valueRole);
097: }
098: }
099: return results;
100: }
101:
102: /**
103: *
104: */
105: private void assignRole(HttpServletRequest request,
106: ModelAndView next, WikiPageInfo pageInfo) throws Exception {
107: // the way this works is that there will be an array of candidate
108: // groups - these are all groups that could have been modified. there
109: // will also be a groupRole array containing values of the form
110: // "userid|groupid|role". process both, deleting all old roles for the
111: // candidate group array and adding the new roles in the groupRole
112: // array.
113: ArrayList errors = new ArrayList();
114: try {
115: String[] candidateGroups = request
116: .getParameterValues("candidateGroup");
117: String[] groupRoles = request
118: .getParameterValues("groupRole");
119: if (candidateGroups != null) {
120: for (int i = 0; i < candidateGroups.length; i++) {
121: int groupId = Integer.parseInt(candidateGroups[i]);
122: List roles = buildRoleArray(-1, groupId, groupRoles);
123: WikiBase.getDataHandler().writeRoleMapGroup(
124: groupId, roles, null);
125: }
126: next.addObject("message", new WikiMessage(
127: "roles.message.grouproleupdate"));
128: }
129: // now do the same for user roles.
130: String[] candidateUsers = request
131: .getParameterValues("candidateUser");
132: String[] userRoles = request.getParameterValues("userRole");
133: if (candidateUsers != null) {
134: for (int i = 0; i < candidateUsers.length; i++) {
135: int userId = Integer.parseInt(candidateUsers[i]);
136: List roles = buildRoleArray(userId, -1, userRoles);
137: if (userId == ServletUtil.currentUser().getUserId()
138: && !roles.contains(Role.ROLE_SYSADMIN)) {
139: errors.add(new WikiMessage(
140: "roles.message.sysadminremove"));
141: roles.add(Role.ROLE_SYSADMIN.getAuthority());
142: }
143: WikiBase.getDataHandler().writeRoleMapUser(userId,
144: roles, null);
145: }
146: next.addObject("message", new WikiMessage(
147: "roles.message.userroleupdate"));
148: }
149: } catch (WikiException e) {
150: errors.add(e.getWikiMessage());
151: } catch (Exception e) {
152: logger.severe("Failure while adding role", e);
153: errors.add(new WikiMessage("roles.message.rolefail", e
154: .getMessage()));
155: }
156: if (errors.size() > 0) {
157: next.addObject("errors", errors);
158: }
159: this .view(request, next, pageInfo);
160: }
161:
162: /**
163: *
164: */
165: private void modifyRole(HttpServletRequest request,
166: ModelAndView next, WikiPageInfo pageInfo) throws Exception {
167: String updateRole = request.getParameter("updateRole");
168: Role role = null;
169: if (!StringUtils.isBlank(request.getParameter("Submit"))) {
170: try {
171: // once created a role name cannot be modified, so the text field
172: // will be disabled in the form.
173: boolean update = StringUtils.isBlank(request
174: .getParameter("roleName"));
175: String roleName = (update) ? updateRole : request
176: .getParameter("roleName");
177: role = new Role(roleName);
178: role.setDescription(request
179: .getParameter("roleDescription"));
180: WikiUtil.validateRole(role);
181: WikiBase.getDataHandler().writeRole(role, null, update);
182: if (!StringUtils.isBlank(updateRole)
183: && updateRole.equals(role.getAuthority())) {
184: next.addObject("message", new WikiMessage(
185: "roles.message.roleupdated", role
186: .getAuthority()));
187: } else {
188: next.addObject("message", new WikiMessage(
189: "roles.message.roleadded", role
190: .getAuthority()));
191: }
192: } catch (WikiException e) {
193: next.addObject("message", e.getWikiMessage());
194: } catch (Exception e) {
195: logger.severe("Failure while adding role", e);
196: next.addObject("message", new WikiMessage(
197: "roles.message.rolefail", e.getMessage()));
198: }
199: } else if (!StringUtils.isBlank(updateRole)) {
200: // FIXME - use a cached list of roles instead of iterating
201: // load details for the selected role
202: Collection roles = WikiBase.getDataHandler().getAllRoles();
203: Iterator roleIterator = roles.iterator();
204: while (roleIterator.hasNext()) {
205: Role tempRole = (Role) roleIterator.next();
206: if (tempRole.getAuthority().equals(updateRole)) {
207: role = tempRole;
208: }
209: }
210: }
211: if (role != null) {
212: next.addObject("roleName", role.getAuthority());
213: next.addObject("roleDescription", role.getDescription());
214: }
215: this .view(request, next, pageInfo);
216: }
217:
218: /**
219: *
220: */
221: private void searchRole(HttpServletRequest request,
222: ModelAndView next, WikiPageInfo pageInfo) throws Exception {
223: try {
224: String searchLogin = request.getParameter("searchLogin");
225: Collection roleMapUsers = null;
226: if (!StringUtils.isBlank(searchLogin)) {
227: roleMapUsers = WikiBase.getDataHandler()
228: .getRoleMapByLogin(searchLogin);
229: next.addObject("searchLogin", searchLogin);
230: } else {
231: String searchRole = request.getParameter("searchRole");
232: roleMapUsers = WikiBase.getDataHandler()
233: .getRoleMapByRole(searchRole);
234: next.addObject("searchRole", searchRole);
235: }
236: next.addObject("roleMapUsers", roleMapUsers);
237: } catch (Exception e) {
238: logger.severe("Failure while retrieving role", e);
239: next.addObject("message", new WikiMessage(
240: "roles.message.rolesearchfail", e.getMessage()));
241: }
242: this .view(request, next, pageInfo);
243: }
244:
245: /**
246: *
247: */
248: private void view(HttpServletRequest request, ModelAndView next,
249: WikiPageInfo pageInfo) throws Exception {
250: Collection roles = WikiBase.getDataHandler().getAllRoles();
251: next.addObject("roles", roles);
252: next.addObject("roleCount", new Integer(roles.size()));
253: Collection roleMapGroups = WikiBase.getDataHandler()
254: .getRoleMapGroups();
255: next.addObject("roleMapGroups", roleMapGroups);
256: pageInfo.setAdmin(true);
257: pageInfo.setContentJsp(JSP_ADMIN_ROLES);
258: pageInfo.setPageTitle(new WikiMessage("roles.title"));
259: }
260: }
|