diff options
| author | Thomas Lenz <tlenz@iaik.tugraz.at> | 2014-05-05 17:56:07 +0200 |
|---|---|---|
| committer | Thomas Lenz <tlenz@iaik.tugraz.at> | 2014-05-05 17:56:07 +0200 |
| commit | 761e3c17f3679ed4bbc3402c8552d7e2a1e77d1b (patch) | |
| tree | 6f02374cc8552ac3807afd8bb2017c27e3537070 /id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java | |
| parent | 942a56df5948a398290323fa7f9308492ac1d998 (diff) | |
| download | moa-id-spss-761e3c17f3679ed4bbc3402c8552d7e2a1e77d1b.tar.gz moa-id-spss-761e3c17f3679ed4bbc3402c8552d7e2a1e77d1b.tar.bz2 moa-id-spss-761e3c17f3679ed4bbc3402c8552d7e2a1e77d1b.zip | |
refector struts actions for OnlineApplication handling
Diffstat (limited to 'id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java')
| -rw-r--r-- | id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java | 331 |
1 files changed, 52 insertions, 279 deletions
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java index 2cbac64ff..ae1104905 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java @@ -27,60 +27,35 @@ import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead; import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils; import at.gv.egovernment.moa.id.commons.db.dao.config.*; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; -import at.gv.egovernment.moa.id.commons.validation.TargetValidator; -import at.gv.egovernment.moa.id.commons.validation.ValidationHelper; import at.gv.egovernment.moa.id.configuration.Constants; -import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser; import at.gv.egovernment.moa.id.configuration.config.ConfigurationProvider; import at.gv.egovernment.moa.id.configuration.data.FormularCustomization; import at.gv.egovernment.moa.id.configuration.data.oa.*; import at.gv.egovernment.moa.id.configuration.exception.BasicActionException; +import at.gv.egovernment.moa.id.configuration.exception.BasicOAActionException; import at.gv.egovernment.moa.id.configuration.exception.ConfigurationException; import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; import at.gv.egovernment.moa.id.configuration.helper.MailHelper; -import at.gv.egovernment.moa.id.configuration.helper.StringHelper; -import at.gv.egovernment.moa.id.configuration.validation.FormularCustomizationValitator; -import at.gv.egovernment.moa.id.configuration.validation.oa.*; import at.gv.egovernment.moa.id.util.FormBuildUtils; import at.gv.egovernment.moa.id.util.Random; import at.gv.egovernment.moa.util.MiscUtil; -import com.opensymphony.xwork2.ActionSupport; import iaik.utils.URLDecoder; import org.apache.log4j.Logger; -import org.apache.struts2.interceptor.ServletRequestAware; -import org.apache.struts2.interceptor.ServletResponseAware; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import javax.servlet.http.HttpSession; import java.io.*; -import java.math.BigInteger; -import java.security.cert.CertificateException; import java.util.*; -public class EditOAAction extends BasicAction { +public class EditOAAction extends BasicOAAction { private final Logger log = Logger.getLogger(EditOAAction.class); private static final long serialVersionUID = 1L; - private String oaidobj; - private boolean newOA; - private String formID; - private boolean isMetaDataRefreshRequired = false; private String nextPage; private InputStream stream; - - private LinkedHashMap<String, IOnlineApplicationData> formList; - - /** - * - */ + public EditOAAction() { - formList = new LinkedHashMap<String, IOnlineApplicationData>(); - - OAGeneralConfig generalOA = new OAGeneralConfig(); - formList.put(generalOA.getName(), generalOA); + super(); OAAuthenticationData authOA = new OAAuthenticationData(); formList.put(authOA.getName(), authOA); @@ -112,71 +87,18 @@ public class EditOAAction extends BasicAction { public String inital() { try { populateBasicInformations(); + + populateOnlineApplicationFromRequest(); + return Constants.STRUTS_OA_EDIT; + } catch (BasicActionException e) { return Constants.STRUTS_ERROR; + } catch (BasicOAActionException e) { + addActionError(e.getStrutsError()); + return e.getStrutsReturnValue(); } - - long oaid = -1; - - if (!ValidationHelper.validateOAID(oaidobj)) { - addActionError(LanguageHelper.getErrorString("errors.edit.oa.oaid", request)); - return Constants.STRUTS_ERROR; - } - oaid = Long.valueOf(oaidobj); - - UserDatabase userdb = null; - OnlineApplication onlineapplication = null; - - if (authUser.isAdmin()) - onlineapplication = ConfigurationDBRead.getOnlineApplication(oaid); - - else { - userdb = ConfigurationDBRead.getUserWithID(authUser.getUserID()); - - if (!authUser.isAdmin() && userdb.isIsMailAddressVerified() != null && !userdb.isIsMailAddressVerified()) { - log.info("Online-Applikation managemant disabled. Mail address is not verified."); - addActionError(LanguageHelper.getErrorString("error.editoa.mailverification", request)); - return Constants.STRUTS_SUCCESS; - } - - // TODO: change to direct Database operation - List<OnlineApplication> oas = userdb.getOnlineApplication(); - for (OnlineApplication oa : oas) { - if (oa.getHjid() == oaid) { - onlineapplication = oa; - break; - } - } - if (onlineapplication == null) { - addActionError(LanguageHelper.getErrorString("errors.edit.oa.oaid", request)); - return Constants.STRUTS_ERROR; - } - } - - List<String> errors = new ArrayList<String>(); - - - for (IOnlineApplicationData form : formList.values()) { - List<String> error = form.parse(onlineapplication, authUser, request); - if (error != null) - errors.addAll(error); - } - if (errors.size() > 0) { - for (String el : errors) - addActionError(el); - } - - ConfigurationDBUtils.closeSession(); - session.setAttribute(Constants.SESSION_OAID, oaid); - - formID = Random.nextRandom(); - session.setAttribute(Constants.SESSION_FORMID, formID); - - newOA = false; - - return Constants.STRUTS_OA_EDIT; } public String newOA() { @@ -185,14 +107,13 @@ public class EditOAAction extends BasicAction { try { populateBasicInformations(); + populateBasicNewOnlineApplicationInformation(); + } catch (BasicActionException e) { return Constants.STRUTS_ERROR; } - - session.setAttribute(Constants.SESSION_OAID, null); - nextPage = Constants.STRUTS_RETURNAREA_VALUES.main.name(); - + UserDatabase userdb = ConfigurationDBRead.getUserWithID(authUser.getUserID()); if (!authUser.isAdmin() && userdb.isIsMailAddressVerified() != null && !userdb.isIsMailAddressVerified()) { @@ -200,106 +121,37 @@ public class EditOAAction extends BasicAction { addActionError(LanguageHelper.getErrorString("error.editoa.mailverification", request)); return Constants.STRUTS_SUCCESS; } - - newOA = true; - formID = Random.nextRandom(); - session.setAttribute(Constants.SESSION_FORMID, formID); - session.setAttribute(Constants.SESSION_BKUFORMPREVIEW, null); + session.setAttribute(Constants.SESSION_OAUTH20SECRET, ((OAOAuth20Config)formList.get(new OAOAuth20Config().getName())).getClientSecret()); + + nextPage = Constants.STRUTS_RETURNAREA_VALUES.main.name(); return Constants.STRUTS_OA_EDIT; } public String saveOA() { + + OnlineApplication onlineapplication= null; + try { populateBasicInformations(); + onlineapplication = preProcessSaveOnlineApplication(); + } catch (BasicActionException e) { return Constants.STRUTS_ERROR; + } catch (BasicOAActionException e) { + addActionError(e.getStrutsError()); + return e.getStrutsReturnValue(); + } - Object formidobj = session.getAttribute(Constants.SESSION_FORMID); - if (formidobj != null && formidobj instanceof String) { - String formid = (String) formidobj; - if (!formid.equals(formID)) { - log.warn("FormIDs does not match. Some suspect Form is received from user " + authUser.getFamilyName() - + authUser.getGivenName() + authUser.getUserID()); - return Constants.STRUTS_ERROR; - } - } else { - log.warn("FormIDs does not match. Some suspect Form is received from user " + authUser.getFamilyName() - + authUser.getGivenName() + authUser.getUserID()); - return Constants.STRUTS_ERROR; - } - session.setAttribute(Constants.SESSION_FORMID, null); - - UserDatabase userdb = ConfigurationDBRead.getUserWithID(authUser.getUserID()); - if (!authUser.isAdmin() && userdb.isIsMailAddressVerified() != null && !userdb.isIsMailAddressVerified()) { - log.info("Online-Applikation managemant disabled. Mail address is not verified."); - addActionError(LanguageHelper.getErrorString("error.editoa.mailverification", request)); - return Constants.STRUTS_SUCCESS; - } - - OnlineApplication onlineapplication = null; List<String> errors = new ArrayList<String>(); - - Object oadbid = request.getSession().getAttribute(Constants.SESSION_OAID); - Long oaid = (long) -1; - - if (oadbid != null) { - try { - oaid = (Long) oadbid; - if (oaid < 0 || oaid > Long.MAX_VALUE) { - addActionError(LanguageHelper.getErrorString("errors.edit.oa.oaid", request)); - return Constants.STRUTS_ERROR; - } - - } catch (Throwable t) { - addActionError(LanguageHelper.getErrorString("errors.edit.oa.oaid", request)); - return Constants.STRUTS_ERROR; - } - } - - // valid DBID and check entry - OAGeneralConfig oaGeneralForm = ((OAGeneralConfig)formList.get(new OAGeneralConfig().getName())); - String oaidentifier = oaGeneralForm.getIdentifier(); - if (MiscUtil.isEmpty(oaidentifier)) { - log.info("Empty OA identifier"); - errors.add(LanguageHelper.getErrorString("validation.general.oaidentifier.empty", request)); - - } else { - - if (!ValidationHelper.validateURL(oaidentifier)) { - log.warn("OnlineapplikationIdentifier is not a valid URL: " + oaidentifier); - errors.add(LanguageHelper.getErrorString("validation.general.oaidentifier.valid", - new Object[]{ValidationHelper.getNotValidOAIdentifierCharacters()}, request)); - } else { - - if (oaid == -1) { - onlineapplication = ConfigurationDBRead.getOnlineApplication(oaidentifier); - newOA = true; - if (onlineapplication != null) { - log.info("The OAIdentifier is not unique"); - errors.add(LanguageHelper.getErrorString("validation.general.oaidentifier.notunique", request)); - } - - } else { - onlineapplication = ConfigurationDBRead.getOnlineApplication(oaid); - if (!oaidentifier.equals(onlineapplication.getPublicURLPrefix())) { - - if (ConfigurationDBRead.getOnlineApplication(oaidentifier) != null) { - log.info("The OAIdentifier is not unique"); - errors.add(LanguageHelper.getErrorString("validation.general.oaidentifier.notunique", request)); - } - } - } - } - } - + //validate forms for (IOnlineApplicationData form : formList.values()) - errors.addAll(form.validate(oaGeneralForm, authUser, request)); + errors.addAll(form.validate(getGeneralOA(), authUser, request)); // Do not allow SSO in combination with special BKUSelection features if (getSsoOA().isUseSSO() && (getFormOA().isOnlyMandateAllowed() || !getFormOA().isShowMandateLoginButton())) { @@ -308,7 +160,7 @@ public class EditOAAction extends BasicAction { } if (errors.size() > 0) { - log.info("OAConfiguration with ID " + oaGeneralForm.getIdentifier() + " has some errors."); + log.info("OAConfiguration with ID " + getGeneralOA().getIdentifier() + " has some errors."); for (String el : errors) addActionError(el); @@ -317,9 +169,7 @@ public class EditOAAction extends BasicAction { return Constants.STRUTS_ERROR_VALIDATION; } else { - - boolean newentry = false; - + if (onlineapplication == null) { onlineapplication = new OnlineApplication(); onlineapplication.setIsNew(true); @@ -333,7 +183,7 @@ public class EditOAAction extends BasicAction { } else { onlineapplication.setIsNew(false); - if (!authUser.isAdmin() && !onlineapplication.getPublicURLPrefix().equals(oaGeneralForm.getIdentifier())) { + if (!authUser.isAdmin() && !onlineapplication.getPublicURLPrefix().equals(getGeneralOA().getIdentifier())) { onlineapplication.setIsAdminRequired(true); onlineapplication.setIsActive(false); @@ -343,12 +193,13 @@ public class EditOAAction extends BasicAction { } if ((onlineapplication.isIsAdminRequired() == null) - || (authUser.isAdmin() && oaGeneralForm.isActive() && onlineapplication.isIsAdminRequired())) { + || (authUser.isAdmin() && getGeneralOA().isActive() && onlineapplication.isIsAdminRequired())) { onlineapplication.setIsAdminRequired(false); isMetaDataRefreshRequired = true; - if (onlineapplication.getHjid() != null) + UserDatabase userdb = null; + if (onlineapplication.getHjid() != null) userdb = ConfigurationDBRead.getUsersWithOADBID(onlineapplication.getHjid()); if (userdb != null && !userdb.isIsAdmin()) { @@ -414,7 +265,7 @@ public class EditOAAction extends BasicAction { if (openUsers != null) numusers = openUsers.size(); try { - addActionMessage(LanguageHelper.getGUIString("webpages.oaconfig.success.admin", oaGeneralForm.getIdentifier(), request)); + addActionMessage(LanguageHelper.getGUIString("webpages.oaconfig.success.admin", getGeneralOA().getIdentifier(), request)); if (numusers > 0 || numoas > 0) MailHelper.sendAdminMail(numoas, numusers); @@ -423,7 +274,7 @@ public class EditOAAction extends BasicAction { } } else - addActionMessage(LanguageHelper.getGUIString("webpages.oaconfig.success", oaGeneralForm.getIdentifier(), request)); + addActionMessage(LanguageHelper.getGUIString("webpages.oaconfig.success", getGeneralOA().getIdentifier(), request)); //remove session attributes session.setAttribute(Constants.SESSION_OAID, null); @@ -462,65 +313,30 @@ public class EditOAAction extends BasicAction { } public String deleteOA() { + String oaidentifier = null; try { populateBasicInformations(); + + Object nextPageAttr = session.getAttribute(Constants.SESSION_RETURNAREA); + if (nextPageAttr != null && nextPageAttr instanceof String) { + nextPage = (String) nextPageAttr; + + } else { + nextPage = Constants.STRUTS_RETURNAREA_VALUES.main.name(); + } + + oaidentifier = preProcessDeleteOnlineApplication(); + } catch (BasicActionException e) { return Constants.STRUTS_ERROR; + } catch (BasicOAActionException e) { + addActionError(e.getStrutsError()); + return e.getStrutsReturnValue(); + } - Object formidobj = session.getAttribute(Constants.SESSION_FORMID); - if (formidobj != null && formidobj instanceof String) { - String formid = (String) formidobj; - if (!formid.equals(formID)) { - log.warn("FormIDs does not match. Some suspect Form is received from user " + authUser.getFamilyName() - + authUser.getGivenName() + authUser.getUserID()); - return Constants.STRUTS_ERROR; - } - } else { - log.warn("FormIDs does not match. Some suspect Form is received from user " + authUser.getFamilyName() - + authUser.getGivenName() + authUser.getUserID()); - return Constants.STRUTS_ERROR; - } - session.setAttribute(Constants.SESSION_FORMID, null); - - Object nextPageAttr = session.getAttribute(Constants.SESSION_RETURNAREA); - if (nextPageAttr != null && nextPageAttr instanceof String) { - nextPage = (String) nextPageAttr; - - } else { - nextPage = Constants.STRUTS_RETURNAREA_VALUES.main.name(); - } - - UserDatabase userdb = ConfigurationDBRead.getUserWithID(authUser.getUserID()); - if (!authUser.isAdmin() && userdb.isIsMailAddressVerified() != null && !userdb.isIsMailAddressVerified()) { - log.info("Online-Applikation managemant disabled. Mail address is not verified."); - addActionError(LanguageHelper.getErrorString("error.editoa.mailverification", request)); - return Constants.STRUTS_SUCCESS; - } - - String oaidentifier = getGeneralOA().getIdentifier(); - if (MiscUtil.isEmpty(oaidentifier)) { - log.info("Empty OA identifier"); - addActionError(LanguageHelper.getErrorString("validation.general.oaidentifier.empty", request)); - - formID = Random.nextRandom(); - session.setAttribute(Constants.SESSION_FORMID, formID); - return Constants.STRUTS_ERROR_VALIDATION; - - } else { - if (ValidationHelper.isValidOAIdentifier(oaidentifier)) { - log.warn("IdentificationNumber contains potentail XSS characters: " + oaidentifier); - addActionError(LanguageHelper.getErrorString("validation.general.oaidentifier.valid", - new Object[]{ValidationHelper.getNotValidOAIdentifierCharacters()}, request)); - - formID = Random.nextRandom(); - session.setAttribute(Constants.SESSION_FORMID, formID); - return Constants.STRUTS_ERROR_VALIDATION; - } - } - OnlineApplication onlineapplication = ConfigurationDBRead.getOnlineApplication(oaidentifier); request.getSession().setAttribute(Constants.SESSION_OAID, null); @@ -715,14 +531,6 @@ public class EditOAAction extends BasicAction { formList.put(generalOA.getName(), generalOA); } - public OAGeneralConfig getGeneralOA() { - return (OAGeneralConfig) formList.get(new OAGeneralConfig().getName()); - } - - public void setGeneralOA(OAGeneralConfig generalOA) { - formList.put(generalOA.getName(), generalOA); - } - public OAPVP2Config getPvp2OA() { return (OAPVP2Config) formList.get(new OAPVP2Config().getName()); } @@ -756,27 +564,6 @@ public class EditOAAction extends BasicAction { } /** - * @param oaidobj the oaidobj to set - */ - public void setOaidobj(String oaidobj) { - this.oaidobj = oaidobj; - } - - /** - * @return the newOA - */ - public boolean isNewOA() { - return newOA; - } - - /** - * @param newOA the newOA to set - */ - public void setNewOA(boolean newOA) { - this.newOA = newOA; - } - - /** * @return the nextPage */ public String getNextPage() { @@ -784,20 +571,6 @@ public class EditOAAction extends BasicAction { } /** - * @return the formID - */ - public String getFormID() { - return formID; - } - - /** - * @param formID the formID to set - */ - public void setFormID(String formID) { - this.formID = formID; - } - - /** * @return the formOA */ public FormularCustomization getFormOA() { |