diff options
author | Thomas Lenz <tlenz@iaik.tugraz.at> | 2013-09-19 16:19:00 +0200 |
---|---|---|
committer | Thomas Lenz <tlenz@iaik.tugraz.at> | 2013-09-19 16:19:00 +0200 |
commit | a27cf61551c129aee48ea533ad73f2ade37a757a (patch) | |
tree | c97a1ccc7b3afdec906c609de165b582db2b3149 /id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java | |
parent | 2c7d70f182b554321b6baf3e225139a883d61035 (diff) | |
download | moa-id-spss-a27cf61551c129aee48ea533ad73f2ade37a757a.tar.gz moa-id-spss-a27cf61551c129aee48ea533ad73f2ade37a757a.tar.bz2 moa-id-spss-a27cf61551c129aee48ea533ad73f2ade37a757a.zip |
ConfigWebTool Version 0.9.5
--PVP2 Login
--PVP2 Users to UserDatabase functionality
--Mailaddress verification
--Mail status messages to users and admin
--add List with OpenRequests for admins
--change OA Target configuration
--add cleanUp Thread to remove old unused UserAccount requests
--update UserDatabase to support PVP2 logins
--add formID element validate received forms
-- add first classes for STORK configuration
make some Bugfixes
Diffstat (limited to 'id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java')
-rw-r--r-- | id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java | 413 |
1 files changed, 348 insertions, 65 deletions
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java index 297d80726..8d20fe118 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java @@ -8,6 +8,7 @@ import java.util.List; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; +import javax.servlet.http.HttpSession; import org.apache.log4j.Logger; import org.apache.struts2.interceptor.ServletRequestAware; @@ -38,13 +39,17 @@ import at.gv.egovernment.moa.id.configuration.data.oa.OAPVP2Config; import at.gv.egovernment.moa.id.configuration.data.oa.OASAML1Config; import at.gv.egovernment.moa.id.configuration.data.oa.OASSOConfig; import at.gv.egovernment.moa.id.configuration.data.oa.OASTORKConfig; +import at.gv.egovernment.moa.id.configuration.exception.ConfigurationException; import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; +import at.gv.egovernment.moa.id.configuration.helper.MailHelper; +import at.gv.egovernment.moa.id.configuration.validation.TargetValidator; import at.gv.egovernment.moa.id.configuration.validation.ValidationHelper; import at.gv.egovernment.moa.id.configuration.validation.oa.OAGeneralConfigValidation; import at.gv.egovernment.moa.id.configuration.validation.oa.OAPVP2ConfigValidation; import at.gv.egovernment.moa.id.configuration.validation.oa.OASAML1ConfigValidation; import at.gv.egovernment.moa.id.configuration.validation.oa.OASSOConfigValidation; import at.gv.egovernment.moa.id.configuration.validation.oa.OASTORKConfigValidation; +import at.gv.egovernment.moa.id.util.Random; import at.gv.egovernment.moa.util.MiscUtil; import com.opensymphony.xwork2.ActionSupport; @@ -63,6 +68,9 @@ ServletResponseAware { private String oaidobj; private boolean newOA; + private String formID; + + private String nextPage; private OAGeneralConfig generalOA = new OAGeneralConfig(); private OAPVP2Config pvp2OA = new OAPVP2Config(); @@ -72,11 +80,16 @@ ServletResponseAware { //STRUTS actions public String inital() { + HttpSession session = request.getSession(); + if (session == null) { + log.info("No http Session found."); + return Constants.STRUTS_ERROR; + } - Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH); + Object authUserObj = session.getAttribute(Constants.SESSION_AUTH); authUser = (AuthenticatedUser) authUserObj; - + long oaid = -1; if (!ValidationHelper.validateOAID(oaidobj)) { @@ -88,8 +101,15 @@ ServletResponseAware { OnlineApplication onlineapplication = null;; if (authUser.isAdmin()) onlineapplication = ConfigurationDBRead.getOnlineApplication(oaid); + else { UserDatabase userdb = ConfigurationDBRead.getUserWithID(authUser.getUserID()); + + if (!userdb.isIsMailAddressVerified() && !authUser.isAdmin()) { + log.info("Online-Applikation managemant disabled. Mail address is not verified."); + addActionError(LanguageHelper.getErrorString("error.editoa.mailverification")); + } + List<OnlineApplication> oas = userdb.getOnlineApplication(); for (OnlineApplication oa : oas) { if (oa.getHjid() == oaid) { @@ -115,7 +135,10 @@ ServletResponseAware { ConfigurationDBUtils.closeSession(); - request.getSession().setAttribute(Constants.SESSION_OAID, oaid); + session.setAttribute(Constants.SESSION_OAID, oaid); + + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); newOA = false; @@ -124,24 +147,66 @@ ServletResponseAware { public String newOA() { log.debug("insert new Online-Application"); + + HttpSession session = request.getSession(); + if (session == null) { + log.info("No http Session found."); + return Constants.STRUTS_ERROR; + } + + session.setAttribute(Constants.SESSION_OAID, null); + nextPage = Constants.STRUTS_RETURNAREA_VALUES.main.name(); - request.getSession().setAttribute(Constants.SESSION_OAID, null); - - Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH); + Object authUserObj = session.getAttribute(Constants.SESSION_AUTH); authUser = (AuthenticatedUser) authUserObj; + UserDatabase userdb = ConfigurationDBRead.getUserWithID(authUser.getUserID()); + if (!userdb.isIsMailAddressVerified() && !authUser.isAdmin()) { + log.info("Online-Applikation managemant disabled. Mail address is not verified."); + addActionError(LanguageHelper.getErrorString("error.editoa.mailverification")); + } + newOA = true; + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); + return Constants.STRUTS_OA_EDIT; } public String saveOA() { - - Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH); + HttpSession session = request.getSession(); + if (session == null) { + log.info("No http Session found."); + return Constants.STRUTS_ERROR; + } + Object authUserObj = session.getAttribute(Constants.SESSION_AUTH); authUser = (AuthenticatedUser) authUserObj; + Object formidobj = session.getAttribute(Constants.SESSION_FORMID); + if (formidobj != null && formidobj instanceof String) { + String formid = (String) formidobj; + if (!formid.equals(formID)) { + log.warn("FormIDs does not match. Some suspect Form is received from user " + + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID()); + return Constants.STRUTS_ERROR; + } + } else { + log.warn("FormIDs does not match. Some suspect Form is received from user " + + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID()); + return Constants.STRUTS_ERROR; + } + session.setAttribute(Constants.SESSION_FORMID, null); + + UserDatabase userdb = ConfigurationDBRead.getUserWithID(authUser.getUserID()); + if (!authUser.isAdmin() && !userdb.isIsMailAddressVerified()) { + log.info("Online-Applikation managemant disabled. Mail address is not verified."); + addActionError(LanguageHelper.getErrorString("error.editoa.mailverification")); + return Constants.STRUTS_SUCCESS; + } + OnlineApplication onlineapplication = null; List<String> errors = new ArrayList<String>(); @@ -170,15 +235,15 @@ ServletResponseAware { } else { - //TODO: oaidentifier has to be a URL according to PVP2.1 specification - if (ValidationHelper.isValidOAIdentifier(oaidentifier)) { - log.warn("IdentificationNumber contains potentail XSS characters: " + oaidentifier); + if (!ValidationHelper.validateURL(oaidentifier)) { + log.warn("OnlineapplikationIdentifier is not a valid URL: " + oaidentifier); errors.add(LanguageHelper.getErrorString("validation.general.oaidentifier.valid", new Object[] {ValidationHelper.getNotValidOAIdentifierCharacters()} )); } else { if (oaid == -1) { onlineapplication = ConfigurationDBRead.getOnlineApplication(oaidentifier); + newOA = true; if (onlineapplication != null) { log.info("The OAIdentifier is not unique"); errors.add(LanguageHelper.getErrorString("validation.general.oaidentifier.notunique")); @@ -215,23 +280,108 @@ ServletResponseAware { for (String el : errors) addActionError(el); + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); return Constants.STRUTS_ERROR_VALIDATION; } else { - String error = saveOAConfigToDatabase(onlineapplication); + boolean newentry = false; + + if (onlineapplication == null) { + onlineapplication = new OnlineApplication(); + newentry = true; + onlineapplication.setIsActive(false); + + if (!authUser.isAdmin()) { + onlineapplication.setIsAdminRequired(true); + } + + } else { + if (!authUser.isAdmin() && + !onlineapplication.getPublicURLPrefix(). + equals(generalOA.getIdentifier())) { + + onlineapplication.setIsAdminRequired(true); + onlineapplication.setIsActive(false); + log.info("User with ID " + authUser.getUserID() + + " change OA-PublicURLPrefix. Reaktivation is required."); + } + + } + + if ( (onlineapplication.isIsAdminRequired() == null) || + (authUser.isAdmin() && generalOA.isActive() + && onlineapplication.isIsAdminRequired()) ) { + + onlineapplication.setIsAdminRequired(false); + + UserDatabase user = ConfigurationDBRead.getUsersWithOADBID(onlineapplication.getHjid()); + if (user != null) { + try { + MailHelper.sendUserOnlineApplicationActivationMail( + user.getGivenname(), + user.getFamilyname(), + user.getInstitut(), + onlineapplication.getPublicURLPrefix(), + user.getMail()); + } catch (ConfigurationException e) { + log.warn("Sending Mail to User " + user.getMail() + " failed", e); + } + } + + } + + + String error = saveOAConfigToDatabase(onlineapplication, newentry); if (MiscUtil.isNotEmpty(error)) { log.warn("OA configuration can not be stored!"); - addActionError(error); + addActionError(error); + + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); return Constants.STRUTS_ERROR_VALIDATION; } } + Object nextPageAttr = session.getAttribute(Constants.SESSION_RETURNAREA); + if (nextPageAttr != null && nextPageAttr instanceof String) { + nextPage = (String) nextPageAttr; + session.setAttribute(Constants.SESSION_RETURNAREA, null); + + } else { + nextPage = Constants.STRUTS_RETURNAREA_VALUES.main.name(); + } - request.getSession().setAttribute(Constants.SESSION_OAID, null); - addActionMessage(LanguageHelper.getGUIString("webpages.oaconfig.success", generalOA.getIdentifier(), request)); + if (onlineapplication.isIsAdminRequired()) { + int numoas = 0; + int numusers = 0; + + List<OnlineApplication> openOAs = ConfigurationDBRead.getAllNewOnlineApplications(); + if (openOAs != null) + numoas = openOAs.size(); + + List<UserDatabase> openUsers = ConfigurationDBRead.getAllNewUsers(); + if (openUsers != null) + numusers = openUsers.size(); + try { + + addActionMessage(LanguageHelper.getGUIString("webpages.oaconfig.success.admin", generalOA.getIdentifier(), request)); + + if (numusers > 0 || numoas > 0) + MailHelper.sendAdminMail(numoas, numusers); + + } catch (ConfigurationException e) { + log.warn("Sending Mail to Admin failed.", e); + } + + } else + addActionMessage(LanguageHelper.getGUIString("webpages.oaconfig.success", generalOA.getIdentifier(), request)); + + + request.getSession().setAttribute(Constants.SESSION_OAID, null); ConfigurationDBUtils.closeSession(); return Constants.STRUTS_SUCCESS; @@ -239,7 +389,22 @@ ServletResponseAware { public String cancleAndBackOA() { - request.getSession().setAttribute(Constants.SESSION_OAID, null); + HttpSession session = request.getSession(); + if (session == null) { + log.info("No http Session found."); + return Constants.STRUTS_ERROR; + } + + Object nextPageAttr = session.getAttribute(Constants.SESSION_RETURNAREA); + if (nextPageAttr != null && nextPageAttr instanceof String) { + nextPage = (String) nextPageAttr; + session.setAttribute(Constants.SESSION_RETURNAREA, null); + + } else { + nextPage = Constants.STRUTS_RETURNAREA_VALUES.main.name(); + } + + session.setAttribute(Constants.SESSION_OAID, null); addActionMessage(LanguageHelper.getGUIString("webpages.oaconfig.cancle", generalOA.getIdentifier(), request)); @@ -249,15 +414,52 @@ ServletResponseAware { } public String deleteOA() { + HttpSession session = request.getSession(); + if (session == null) { + log.info("No http Session found."); + return Constants.STRUTS_ERROR; + } - Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH); - + Object authUserObj = session.getAttribute(Constants.SESSION_AUTH); authUser = (AuthenticatedUser) authUserObj; + Object formidobj = session.getAttribute(Constants.SESSION_FORMID); + if (formidobj != null && formidobj instanceof String) { + String formid = (String) formidobj; + if (!formid.equals(formID)) { + log.warn("FormIDs does not match. Some suspect Form is received from user " + + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID()); + return Constants.STRUTS_ERROR; + } + } else { + log.warn("FormIDs does not match. Some suspect Form is received from user " + + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID()); + return Constants.STRUTS_ERROR; + } + session.setAttribute(Constants.SESSION_FORMID, null); + + Object nextPageAttr = session.getAttribute(Constants.SESSION_RETURNAREA); + if (nextPageAttr != null && nextPageAttr instanceof String) { + nextPage = (String) nextPageAttr; + + } else { + nextPage = Constants.STRUTS_RETURNAREA_VALUES.main.name(); + } + + UserDatabase userdb = ConfigurationDBRead.getUserWithID(authUser.getUserID()); + if (!authUser.isAdmin() && !userdb.isIsMailAddressVerified()) { + log.info("Online-Applikation managemant disabled. Mail address is not verified."); + addActionError(LanguageHelper.getErrorString("error.editoa.mailverification")); + return Constants.STRUTS_SUCCESS; + } + String oaidentifier = generalOA.getIdentifier(); if (MiscUtil.isEmpty(oaidentifier)) { log.info("Empty OA identifier"); addActionError(LanguageHelper.getErrorString("validation.general.oaidentifier.empty")); + + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); return Constants.STRUTS_ERROR_VALIDATION; } else { @@ -265,6 +467,9 @@ ServletResponseAware { log.warn("IdentificationNumber contains potentail XSS characters: " + oaidentifier); addActionError(LanguageHelper.getErrorString("validation.general.oaidentifier.valid", new Object[] {ValidationHelper.getNotValidOAIdentifierCharacters()} )); + + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); return Constants.STRUTS_ERROR_VALIDATION; } } @@ -310,16 +515,8 @@ ServletResponseAware { } - private String saveOAConfigToDatabase(OnlineApplication dboa) { - - boolean newentry = false; - - if (dboa == null) { - dboa = new OnlineApplication(); - newentry = true; - dboa.setIsActive(false); - } - + private String saveOAConfigToDatabase(OnlineApplication dboa, boolean newentry) { + AuthComponentOA authoa = dboa.getAuthComponentOA(); if (authoa == null) { authoa = new AuthComponentOA(); @@ -331,72 +528,134 @@ ServletResponseAware { dboa.setFriendlyName(generalOA.getFriendlyName()); dboa.setCalculateHPI(generalOA.isCalculateHPI()); - dboa.setKeyBoxIdentifier(MOAKeyBoxSelector.fromValue(generalOA.getKeyBoxIdentifier())); + dboa.setRemoveBPKFromAuthBlock(generalOA.isHideBPKAuthBlock()); + + if (authUser.isAdmin()) + dboa.setKeyBoxIdentifier(MOAKeyBoxSelector.fromValue(generalOA.getKeyBoxIdentifier())); + else { + if (newentry) + dboa.setKeyBoxIdentifier(MOAKeyBoxSelector.SECURE_SIGNATURE_KEYPAIR); + } + dboa.setPublicURLPrefix(generalOA.getIdentifier()); if (generalOA.isBusinessService()) { dboa.setType(Constants.MOA_CONFIG_BUSINESSSERVICE); + String num = generalOA.getIdentificationNumber().replaceAll(" ", ""); + if (num.startsWith(Constants.IDENIFICATIONTYPE_FN)) + num = num.substring(Constants.IDENIFICATIONTYPE_FN.length()); + + if (num.startsWith(Constants.IDENIFICATIONTYPE_ZVR)) + num = num.substring(Constants.IDENIFICATIONTYPE_ZVR.length()); + + if (num.startsWith(Constants.IDENIFICATIONTYPE_ERSB)) + num = num.substring(Constants.IDENIFICATIONTYPE_ERSB.length()); + IdentificationNumber idnumber = new IdentificationNumber(); - idnumber.setValue(generalOA.getIdentificationNumber()); + idnumber.setValue( + Constants.PREFIX_WPBK + + generalOA.getIdentificationType() + + "+" + + num); + authoa.setIdentificationNumber(idnumber); } else { dboa.setType(null); - dboa.setTarget(generalOA.getTarget()); - dboa.setTargetFriendlyName(generalOA.getTargetFriendlyName()); + if (authUser.isAdmin()) { + if (MiscUtil.isNotEmpty(generalOA.getTarget_admin()) && + generalOA.isAdminTarget() ) { + dboa.setTarget(generalOA.getTarget_admin()); + dboa.setTargetFriendlyName(generalOA.getTargetFriendlyName()); + + } else { + String target_full = generalOA.getTarget(); + String[] target_split = target_full.split("-"); + if (MiscUtil.isNotEmpty(generalOA.getTarget_subsector())) + dboa.setTarget(target_split[0] + "-" + generalOA.getTarget_subsector()); + else + dboa.setTarget(target_full); + + String targetname = TargetValidator.getTargetFriendlyName(target_full); + if (MiscUtil.isNotEmpty(targetname)) + dboa.setTargetFriendlyName(targetname); + else + dboa.setTargetFriendlyName(TargetValidator.getTargetFriendlyName(target_split[0])); + } + + } else { + if (MiscUtil.isNotEmpty(generalOA.getTarget())) { + String target_full = generalOA.getTarget(); + String[] target_split = target_full.split("-"); + dboa.setTarget(target_split[0] + "-" + generalOA.getTarget_subsector()); + + if (MiscUtil.isNotEmpty(generalOA.getTarget_subsector())) + dboa.setTarget(target_split[0] + "-" + generalOA.getTarget_subsector()); + + else + dboa.setTarget(target_full); + + String targetname = TargetValidator.getTargetFriendlyName(target_full); + if (MiscUtil.isNotEmpty(targetname)) + dboa.setTargetFriendlyName(targetname); + else + dboa.setTargetFriendlyName(TargetValidator.getTargetFriendlyName(target_split[0])); + } + } } BKUURLS bkuruls = new BKUURLS(); authoa.setBKUURLS(bkuruls); - bkuruls.setHandyBKU(generalOA.getBkuHandyURL()); - bkuruls.setLocalBKU(generalOA.getBkuLocalURL()); - bkuruls.setOnlineBKU(generalOA.getBkuOnlineURL()); + if (authUser.isAdmin()) { + bkuruls.setHandyBKU(generalOA.getBkuHandyURL()); + bkuruls.setLocalBKU(generalOA.getBkuLocalURL()); + bkuruls.setOnlineBKU(generalOA.getBkuOnlineURL()); + } Mandates mandates = new Mandates(); mandates.setProfiles(generalOA.getMandateProfiles()); authoa.setMandates(mandates); - - authoa.setSlVersion(generalOA.getSlVersion()); - authoa.setUseIFrame(generalOA.isUseIFrame()); - authoa.setUseUTC(generalOA.isUseUTC()); - + TemplatesType templates = authoa.getTemplates(); if (templates == null) { templates = new TemplatesType(); authoa.setTemplates(templates); } - templates.setAditionalAuthBlockText(generalOA.getAditionalAuthBlockText()); - List<TemplateType> template = templates.getTemplate(); - if (generalOA.isLegacy()) { + if (authUser.isAdmin()) { + templates.setAditionalAuthBlockText(generalOA.getAditionalAuthBlockText()); + + List<TemplateType> template = templates.getTemplate(); + if (generalOA.isLegacy()) { - if (template == null) - template = new ArrayList<TemplateType>(); - else - template.clear(); + if (template == null) + template = new ArrayList<TemplateType>(); + else + template.clear(); - if (MiscUtil.isNotEmpty(generalOA.getSLTemplateURL1())) { - TemplateType el = new TemplateType(); - el.setURL(generalOA.getSLTemplateURL1()); - template.add(el); - } - if (MiscUtil.isNotEmpty(generalOA.getSLTemplateURL2())) { - TemplateType el = new TemplateType(); - el.setURL(generalOA.getSLTemplateURL2()); - template.add(el); - } - if (MiscUtil.isNotEmpty(generalOA.getSLTemplateURL3())) { - TemplateType el = new TemplateType(); - el.setURL(generalOA.getSLTemplateURL3()); - template.add(el); + if (MiscUtil.isNotEmpty(generalOA.getSLTemplateURL1())) { + TemplateType el = new TemplateType(); + el.setURL(generalOA.getSLTemplateURL1()); + template.add(el); + } + if (MiscUtil.isNotEmpty(generalOA.getSLTemplateURL2())) { + TemplateType el = new TemplateType(); + el.setURL(generalOA.getSLTemplateURL2()); + template.add(el); + } + if (MiscUtil.isNotEmpty(generalOA.getSLTemplateURL3())) { + TemplateType el = new TemplateType(); + el.setURL(generalOA.getSLTemplateURL3()); + template.add(el); + } + + } else { + if (template != null && template.size() > 0) + template.clear(); } - - } else { - if (template != null && template.size() > 0) - template.clear(); } //set default transformation if it is empty @@ -609,4 +868,28 @@ ServletResponseAware { this.newOA = newOA; } + /** + * @return the nextPage + */ + public String getNextPage() { + return nextPage; + } + + /** + * @return the formID + */ + public String getFormID() { + return formID; + } + + /** + * @param formID the formID to set + */ + public void setFormID(String formID) { + this.formID = formID; + } + + + + } |