aboutsummaryrefslogtreecommitdiff
path: root/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/BasicOAAction.java
diff options
context:
space:
mode:
authorThomas Lenz <tlenz@iaik.tugraz.at>2014-05-05 17:56:07 +0200
committerThomas Lenz <tlenz@iaik.tugraz.at>2014-05-05 17:56:07 +0200
commit761e3c17f3679ed4bbc3402c8552d7e2a1e77d1b (patch)
tree6f02374cc8552ac3807afd8bb2017c27e3537070 /id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/BasicOAAction.java
parent942a56df5948a398290323fa7f9308492ac1d998 (diff)
downloadmoa-id-spss-761e3c17f3679ed4bbc3402c8552d7e2a1e77d1b.tar.gz
moa-id-spss-761e3c17f3679ed4bbc3402c8552d7e2a1e77d1b.tar.bz2
moa-id-spss-761e3c17f3679ed4bbc3402c8552d7e2a1e77d1b.zip
refector struts actions for OnlineApplication handling
Diffstat (limited to 'id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/BasicOAAction.java')
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/BasicOAAction.java335
1 files changed, 335 insertions, 0 deletions
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/BasicOAAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/BasicOAAction.java
new file mode 100644
index 000000000..5db77a515
--- /dev/null
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/BasicOAAction.java
@@ -0,0 +1,335 @@
+/*
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.configuration.struts.action;
+
+import java.util.ArrayList;
+import java.util.LinkedHashMap;
+import java.util.List;
+
+import org.apache.log4j.Logger;
+
+import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead;
+import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils;
+import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication;
+import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase;
+import at.gv.egovernment.moa.id.commons.validation.ValidationHelper;
+import at.gv.egovernment.moa.id.configuration.Constants;
+import at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData;
+import at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig;
+import at.gv.egovernment.moa.id.configuration.exception.BasicOAActionException;
+import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
+import at.gv.egovernment.moa.id.util.Random;
+import at.gv.egovernment.moa.util.MiscUtil;
+
+/**
+ * @author tlenz
+ *
+ */
+public class BasicOAAction extends BasicAction {
+
+ private static final long serialVersionUID = 5676123696807646246L;
+ private final Logger log = Logger.getLogger(BasicOAAction.class);
+
+ protected LinkedHashMap<String, IOnlineApplicationData> formList;
+ protected long oaid = -1;
+
+ private String oaidobj;
+ private boolean newOA;
+
+ /**
+ *
+ */
+ public BasicOAAction() {
+ formList = new LinkedHashMap<String, IOnlineApplicationData>();
+
+ OAGeneralConfig generalOA = new OAGeneralConfig();
+ formList.put(generalOA.getName(), generalOA);
+
+ }
+
+ protected OnlineApplication populateOnlineApplicationFromRequest(LinkedHashMap<String, IOnlineApplicationData> requestedFormList) throws BasicOAActionException{
+ if (!ValidationHelper.validateOAID(oaidobj)) {
+ throw new BasicOAActionException(
+ LanguageHelper.getErrorString("errors.edit.oa.oaid", request),
+ Constants.STRUTS_ERROR);
+
+ }
+ oaid = Long.valueOf(oaidobj);
+
+ UserDatabase userdb = null;
+ OnlineApplication onlineapplication = null;
+
+ if (authUser.isAdmin())
+ onlineapplication = ConfigurationDBRead.getOnlineApplication(oaid);
+
+ else {
+ userdb = ConfigurationDBRead.getUserWithID(authUser.getUserID());
+
+ if (!authUser.isAdmin() && userdb.isIsMailAddressVerified() != null && !userdb.isIsMailAddressVerified()) {
+ log.info("Online-Applikation managemant disabled. Mail address is not verified.");
+ throw new BasicOAActionException(
+ LanguageHelper.getErrorString("error.editoa.mailverification", request),
+ Constants.STRUTS_SUCCESS);
+
+ }
+
+ // TODO: change to direct Database operation
+ List<OnlineApplication> oas = userdb.getOnlineApplication();
+ for (OnlineApplication oa : oas) {
+ if (oa.getHjid() == oaid) {
+ onlineapplication = oa;
+ break;
+ }
+ }
+ if (onlineapplication == null) {
+ throw new BasicOAActionException(
+ LanguageHelper.getErrorString("errors.edit.oa.oaid", request),
+ Constants.STRUTS_ERROR);
+ }
+ }
+
+ List<String> errors = new ArrayList<String>();
+ for (IOnlineApplicationData form : requestedFormList.values()) {
+ List<String> error = form.parse(onlineapplication, authUser, request);
+ if (error != null)
+ errors.addAll(error);
+ }
+ if (errors.size() > 0) {
+ for (String el : errors)
+ addActionError(el);
+ }
+
+ ConfigurationDBUtils.closeSession();
+ session.setAttribute(Constants.SESSION_OAID, oaid);
+
+ formID = Random.nextRandom();
+ session.setAttribute(Constants.SESSION_FORMID, formID);
+
+ newOA = false;
+
+ return onlineapplication;
+
+ }
+
+ protected OnlineApplication populateOnlineApplicationFromRequest() throws BasicOAActionException{
+ return populateOnlineApplicationFromRequest(formList);
+ }
+
+ protected void populateBasicNewOnlineApplicationInformation() {
+ session.setAttribute(Constants.SESSION_OAID, null);
+
+ setNewOA(true);
+
+ formID = Random.nextRandom();
+ session.setAttribute(Constants.SESSION_FORMID, formID);
+ session.setAttribute(Constants.SESSION_BKUFORMPREVIEW, null);
+ }
+
+ protected OnlineApplication preProcessSaveOnlineApplication() throws BasicOAActionException {
+ Object formidobj = session.getAttribute(Constants.SESSION_FORMID);
+ if (formidobj != null && formidobj instanceof String) {
+ String formid = (String) formidobj;
+ if (!formid.equals(formID)) {
+ throw new BasicOAActionException(
+ "FormIDs does not match. Some suspect Form is received from user " + authUser.getFamilyName()
+ + authUser.getGivenName() + authUser.getUserID(),
+ Constants.STRUTS_ERROR);
+ }
+ } else {
+ throw new BasicOAActionException(
+ "FormIDs does not match. Some suspect Form is received from user " + authUser.getFamilyName()
+ + authUser.getGivenName() + authUser.getUserID(),
+ Constants.STRUTS_ERROR);
+
+ }
+ session.setAttribute(Constants.SESSION_FORMID, null);
+
+ UserDatabase userdb = ConfigurationDBRead.getUserWithID(authUser.getUserID());
+ if (!authUser.isAdmin() && userdb.isIsMailAddressVerified() != null && !userdb.isIsMailAddressVerified()) {
+ log.info("Online-Applikation managemant disabled. Mail address is not verified.");
+ throw new BasicOAActionException(
+ LanguageHelper.getErrorString("error.editoa.mailverification", request),
+ Constants.STRUTS_SUCCESS);
+ }
+
+ OnlineApplication onlineapplication = null;
+
+ Object oadbid = request.getSession().getAttribute(Constants.SESSION_OAID);
+ Long oaid = (long) -1;
+
+ if (oadbid != null) {
+ try {
+ oaid = (Long) oadbid;
+ if (oaid < 0 || oaid > Long.MAX_VALUE) {
+ throw new BasicOAActionException(
+ LanguageHelper.getErrorString("errors.edit.oa.oaid", request),
+ Constants.STRUTS_ERROR);
+ }
+
+ } catch (Throwable t) {
+ throw new BasicOAActionException(
+ LanguageHelper.getErrorString("errors.edit.oa.oaid", request),
+ Constants.STRUTS_ERROR);
+ }
+ }
+
+ // valid DBID and check entry
+ OAGeneralConfig oaGeneralForm = ((OAGeneralConfig)formList.get(new OAGeneralConfig().getName()));
+ String oaidentifier = oaGeneralForm.getIdentifier();
+ if (MiscUtil.isEmpty(oaidentifier)) {
+ log.info("Empty OA identifier");
+ throw new BasicOAActionException(
+ LanguageHelper.getErrorString("validation.general.oaidentifier.empty", request),
+ Constants.STRUTS_ERROR_VALIDATION);
+
+ } else {
+
+ if (!ValidationHelper.validateURL(oaidentifier)) {
+ log.warn("OnlineapplikationIdentifier is not a valid URL: " + oaidentifier);
+ throw new BasicOAActionException(
+ LanguageHelper.getErrorString("validation.general.oaidentifier.valid",
+ new Object[]{ValidationHelper.getNotValidOAIdentifierCharacters()}, request),
+ Constants.STRUTS_ERROR_VALIDATION);
+
+ } else {
+
+ if (oaid == -1) {
+ onlineapplication = ConfigurationDBRead.getOnlineApplication(oaidentifier);
+ setNewOA(true);
+ if (onlineapplication != null) {
+ log.info("The OAIdentifier is not unique");
+ throw new BasicOAActionException(
+ LanguageHelper.getErrorString("validation.general.oaidentifier.notunique", request),
+ Constants.STRUTS_ERROR_VALIDATION);
+
+ }
+
+ } else {
+ onlineapplication = ConfigurationDBRead.getOnlineApplication(oaid);
+ if (!oaidentifier.equals(onlineapplication.getPublicURLPrefix())) {
+
+ if (ConfigurationDBRead.getOnlineApplication(oaidentifier) != null) {
+ log.info("The OAIdentifier is not unique");
+ throw new BasicOAActionException(
+ LanguageHelper.getErrorString("validation.general.oaidentifier.notunique", request),
+ Constants.STRUTS_ERROR_VALIDATION);
+
+ }
+ }
+ }
+ }
+ }
+
+ return onlineapplication;
+
+ }
+
+ protected String preProcessDeleteOnlineApplication() throws BasicOAActionException {
+ Object formidobj = session.getAttribute(Constants.SESSION_FORMID);
+ if (formidobj != null && formidobj instanceof String) {
+ String formid = (String) formidobj;
+ if (!formid.equals(formID)) {
+ log.warn("FormIDs does not match. Some suspect Form is received from user " + authUser.getFamilyName()
+ + authUser.getGivenName() + authUser.getUserID());
+ throw new BasicOAActionException(
+ "FormIDs does not match. Some suspect Form is received from user " + authUser.getFamilyName()
+ + authUser.getGivenName() + authUser.getUserID(),
+ Constants.STRUTS_ERROR);
+
+ }
+ } else {
+ log.warn("FormIDs does not match. Some suspect Form is received from user " + authUser.getFamilyName()
+ + authUser.getGivenName() + authUser.getUserID());
+ throw new BasicOAActionException(
+ "FormIDs does not match. Some suspect Form is received from user " + authUser.getFamilyName()
+ + authUser.getGivenName() + authUser.getUserID(),
+ Constants.STRUTS_ERROR);
+ }
+ session.setAttribute(Constants.SESSION_FORMID, null);
+
+ UserDatabase userdb = ConfigurationDBRead.getUserWithID(authUser.getUserID());
+ if (!authUser.isAdmin() && userdb.isIsMailAddressVerified() != null && !userdb.isIsMailAddressVerified()) {
+ log.info("Online-Applikation managemant disabled. Mail address is not verified.");
+ throw new BasicOAActionException(
+ LanguageHelper.getErrorString("error.editoa.mailverification", request),
+ Constants.STRUTS_SUCCESS);
+
+ }
+
+ String oaidentifier = getGeneralOA().getIdentifier();
+ if (MiscUtil.isEmpty(oaidentifier)) {
+ log.info("Empty OA identifier");
+ formID = Random.nextRandom();
+ session.setAttribute(Constants.SESSION_FORMID, formID);
+
+ throw new BasicOAActionException(
+ LanguageHelper.getErrorString("validation.general.oaidentifier.empty", request),
+ Constants.STRUTS_ERROR_VALIDATION);
+
+ } else {
+ if (ValidationHelper.isValidOAIdentifier(oaidentifier)) {
+ log.warn("IdentificationNumber contains potentail XSS characters: " + oaidentifier);
+ formID = Random.nextRandom();
+ session.setAttribute(Constants.SESSION_FORMID, formID);
+
+ throw new BasicOAActionException(
+ LanguageHelper.getErrorString("validation.general.oaidentifier.valid",
+ new Object[]{ValidationHelper.getNotValidOAIdentifierCharacters()}, request),
+ Constants.STRUTS_ERROR_VALIDATION);
+ }
+ }
+
+ return oaidentifier;
+ }
+
+
+ /**
+ * @param oaidobj the oaidobj to set
+ */
+ public void setOaidobj(String oaidobj) {
+ this.oaidobj = oaidobj;
+ }
+
+ /**
+ * @return the newOA
+ */
+ public boolean isNewOA() {
+ return newOA;
+ }
+
+ /**
+ * @param newOA the newOA to set
+ */
+ public void setNewOA(boolean newOA) {
+ this.newOA = newOA;
+ }
+
+ public OAGeneralConfig getGeneralOA() {
+ return (OAGeneralConfig) formList.get(new OAGeneralConfig().getName());
+ }
+
+ public void setGeneralOA(OAGeneralConfig generalOA) {
+ formList.put(generalOA.getName(), generalOA);
+ }
+
+}
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-01 18:25:11 +0000