Source Code Cross Referenced for SuTool.java in  » ERP-CRM-Financial » sakai » org » sakaiproject » tool » su » Java Source Code / Java DocumentationJava Source Code and Java Documentation

001:        /**********************************************************************************
002:         * $URL: https://source.sakaiproject.org/svn/tool/tags/sakai_2-4-1/tool-tool/su/src/java/org/sakaiproject/tool/su/SuTool.java $
003:         * $Id: SuTool.java 23046 2007-03-20 18:17:50Z bkirschn@umich.edu $
004:         ***********************************************************************************
005:         *
006:         * Copyright (c) 2005, 2006 The Sakai Foundation.
007:         * 
008:         * Licensed under the Educational Community License, Version 1.0 (the "License"); 
009:         * you may not use this file except in compliance with the License. 
010:         * You may obtain a copy of the License at
011:         * 
012:         *      http://www.opensource.org/licenses/ecl1.php
013:         * 
014:         * Unless required by applicable law or agreed to in writing, software 
015:         * distributed under the License is distributed on an "AS IS" BASIS, 
016:         * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 
017:         * See the License for the specific language governing permissions and 
018:         * limitations under the License.
019:         *
020:         **********************************************************************************/package org.sakaiproject.tool.su;
021:
022:        import java.util.Vector;
023:
024:        import javax.faces.application.FacesMessage;
025:        import javax.faces.context.FacesContext;
026:
027:        import org.apache.commons.logging.Log;
028:        import org.apache.commons.logging.LogFactory;
029:        import org.sakaiproject.authz.api.AuthzGroupService;
030:        import org.sakaiproject.authz.api.SecurityService;
031:        import org.sakaiproject.component.api.ServerConfigurationService;
032:        import org.sakaiproject.event.api.UsageSessionService;
033:        import org.sakaiproject.tool.api.Session;
034:        import org.sakaiproject.tool.api.SessionManager;
035:        import org.sakaiproject.user.api.User;
036:        import org.sakaiproject.user.api.UserDirectoryService;
037:        import org.sakaiproject.user.api.UserNotDefinedException;
038:        import org.sakaiproject.util.ResourceLoader;
039:
040:        /**
041:         * @author zach.thomas@txstate.edu
042:         */
043:        public class SuTool {
044:            private static final long serialVersionUID = 1L;
045:
046:            /** Our log (commons). */
047:            private static Log M_log = LogFactory.getLog(SuTool.class);
048:
049:            ResourceLoader msgs = new ResourceLoader("tool-tool-su");
050:
051:            // Service instance variables
052:            private AuthzGroupService M_authzGroupService = org.sakaiproject.authz.cover.AuthzGroupService
053:                    .getInstance();
054:
055:            private UserDirectoryService M_uds = org.sakaiproject.user.cover.UserDirectoryService
056:                    .getInstance();
057:
058:            private SecurityService M_security = org.sakaiproject.authz.cover.SecurityService
059:                    .getInstance();
060:
061:            private SessionManager M_session = org.sakaiproject.tool.cover.SessionManager
062:                    .getInstance();
063:
064:            private ServerConfigurationService M_config = org.sakaiproject.component.cover.ServerConfigurationService
065:                    .getInstance();
066:
067:            // getters for these vars
068:            private String username;
069:
070:            private String validatedUserId;
071:
072:            private String validatedUserEid;
073:
074:            private User userinfo;
075:
076:            private boolean allowed = false;
077:
078:            // internal only vars
079:            private String message = "";
080:
081:            private boolean confirm = false;
082:
083:            // base constructor
084:            public SuTool() {
085:            }
086:
087:            /**
088:             * Functions
089:             */
090:            public String su() {
091:
092:                Session sakaiSession = M_session.getCurrentSession();
093:                FacesContext fc = FacesContext.getCurrentInstance();
094:                userinfo = null;
095:                message = "";
096:
097:                if (!getAllowed()) {
098:                    confirm = false;
099:                    return "unauthorized";
100:                }
101:
102:                try {
103:                    // try with the user id
104:                    userinfo = M_uds.getUser(username.trim());
105:                    validatedUserId = userinfo.getId();
106:                    validatedUserEid = userinfo.getEid();
107:                } catch (UserNotDefinedException e) {
108:                    try {
109:                        // try with the user eid
110:                        userinfo = M_uds.getUserByEid(username.trim());
111:                        validatedUserId = userinfo.getId();
112:                        validatedUserEid = userinfo.getEid();
113:                    } catch (UserNotDefinedException ee) {
114:                        message = msgs.getString("no_such_user") + ": "
115:                                + username;
116:                        fc.addMessage("su", new FacesMessage(
117:                                FacesMessage.SEVERITY_ERROR, message, message
118:                                        + ":" + ee));
119:                        M_log.warn("[SuTool] Exception: " + message);
120:                        confirm = false;
121:                        return "error";
122:                    }
123:                }
124:
125:                if (!confirm) {
126:                    message = msgs.getString("displaying_info_for") + ": "
127:                            + validatedUserEid;
128:                    fc.addMessage("su", new FacesMessage(
129:                            FacesMessage.SEVERITY_INFO, message, message + ":"
130:                                    + userinfo.getDisplayName()));
131:                    return "unconfirmed";
132:                }
133:
134:                // set the session user from the value supplied in the form
135:                message = "Username " + sakaiSession.getUserEid()
136:                        + " becoming " + validatedUserEid;
137:                M_log.info("[SuTool] " + message);
138:                message = msgs.getString("title");
139:                fc.addMessage("su", new FacesMessage(
140:                        FacesMessage.SEVERITY_INFO, message, message + ": "
141:                                + userinfo.getDisplayName()));
142:
143:                // while keeping the official usage session under the real user id, swicth over everything else to be the SU'ed user
144:                // Modeled on UsageSession's logout() and login()
145:
146:                // logout - clear, but do not invalidate, preserve the usage session's current session
147:                Vector saveAttributes = new Vector();
148:                saveAttributes.add(UsageSessionService.USAGE_SESSION_KEY);
149:                sakaiSession.clearExcept(saveAttributes);
150:
151:                // login - set the user id and eid into session, and refresh this user's authz information
152:                sakaiSession.setUserId(validatedUserId);
153:                sakaiSession.setUserEid(validatedUserEid);
154:                M_authzGroupService.refreshUser(validatedUserId);
155:
156:                return "redirect";
157:            }
158:
159:            // simple way to support 2 buttons that do almost the same thing
160:            public String confirm() {
161:                confirm = true;
162:                return su();
163:            }
164:
165:            /**
166:             * Specialized Getters
167:             */
168:            public boolean getAllowed() {
169:                Session sakaiSession = M_session.getCurrentSession();
170:                FacesContext fc = FacesContext.getCurrentInstance();
171:
172:                if (!M_security.isSuperUser()) {
173:                    message = msgs.getString("unauthorized") + " "
174:                            + sakaiSession.getUserId();
175:                    M_log.error("[SuTool] Fatal Error: " + message);
176:                    fc.addMessage("allowed", new FacesMessage(
177:                            FacesMessage.SEVERITY_FATAL, message, message));
178:                    allowed = false;
179:                } else {
180:                    allowed = true;
181:                }
182:
183:                return allowed;
184:            }
185:
186:            /**
187:             * Basic Getters and setters
188:             */
189:            public String getUsername() {
190:                return username;
191:            }
192:
193:            public String getPortalUrl() {
194:                return M_config.getPortalUrl();
195:            }
196:
197:            public void setUsername(String username) {
198:                this .username = username;
199:            }
200:
201:            public User getUserinfo() {
202:                return userinfo;
203:            }
204:
205:            public void setUserinfo(User userinfo) {
206:                this.userinfo = userinfo;
207:            }
208:
209:        }