diff options
| author | Thomas Lenz <tlenz@iaik.tugraz.at> | 2013-08-12 13:31:30 +0200 |
|---|---|---|
| committer | Thomas Lenz <tlenz@iaik.tugraz.at> | 2013-08-12 13:31:30 +0200 |
| commit | 7c6ecaa8adb365a6c670cb86bb68be94136dc6a0 (patch) | |
| tree | f69c954a387513aa14adf86d4bf9a81a59b80c36 /id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ListOAsAction.java | |
| parent | 45e170310a012dca93d5e5d4dc0b54e6b0808e95 (diff) | |
| download | moa-id-spss-7c6ecaa8adb365a6c670cb86bb68be94136dc6a0.tar.gz moa-id-spss-7c6ecaa8adb365a6c670cb86bb68be94136dc6a0.tar.bz2 moa-id-spss-7c6ecaa8adb365a6c670cb86bb68be94136dc6a0.zip | |
Bugfixes:
@ConfigurationTool
- AuthenticationFilter: handle of non authenticated requests after restart
- Legacy Import: update legacy Configuration import process
@MOA-ID
- Change Legacy Configuration import
Diffstat (limited to 'id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ListOAsAction.java')
| -rw-r--r-- | id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ListOAsAction.java | 123 |
1 files changed, 55 insertions, 68 deletions
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ListOAsAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ListOAsAction.java index deb48111d..f5f265ea6 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ListOAsAction.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ListOAsAction.java @@ -51,98 +51,85 @@ public class ListOAsAction extends ActionSupport implements ServletRequestAware, Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH); - if (authUserObj != null && authUserObj instanceof AuthenticatedUser) { - authUser = (AuthenticatedUser) authUserObj; - - List<OnlineApplication> dbOAs = null; - - if (authUser.isAdmin()) { - dbOAs = ConfigurationDBRead.getAllOnlineApplications(); - - } else { - UserDatabase authUserDB = ConfigurationDBRead.getUserWithID(authUser.getUserID()); - - if (authUserDB != null) - dbOAs = authUserDB.getOnlineApplication(); - } - - addFormOAs(dbOAs); - - ConfigurationDBUtils.closeSession(); + authUser = (AuthenticatedUser) authUserObj; + + List<OnlineApplication> dbOAs = null; + + if (authUser.isAdmin()) { + dbOAs = ConfigurationDBRead.getAllOnlineApplications(); - return Constants.STRUTS_SUCCESS; + } else { + UserDatabase authUserDB = ConfigurationDBRead.getUserWithID(authUser.getUserID()); + if (authUserDB != null) + dbOAs = authUserDB.getOnlineApplication(); } - - return Constants.STRUTS_ERROR; + + addFormOAs(dbOAs); + + ConfigurationDBUtils.closeSession(); + + return Constants.STRUTS_SUCCESS; } public String searchOAInit() { Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH); - if (authUserObj != null && authUserObj instanceof AuthenticatedUser) { - authUser = (AuthenticatedUser) authUserObj; - - formOAs = null; - friendlyname = ""; - - return Constants.STRUTS_SUCCESS; + authUser = (AuthenticatedUser) authUserObj; + + formOAs = null; + friendlyname = ""; + + return Constants.STRUTS_SUCCESS; - } else { - return Constants.STRUTS_REAUTHENTICATE; - } } public String searchOA() { Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH); - if (authUserObj != null && authUserObj instanceof AuthenticatedUser) { - authUser = (AuthenticatedUser) authUserObj; + authUser = (AuthenticatedUser) authUserObj; + + if (MiscUtil.isEmpty(friendlyname)) { + log.info("SearchOA textfield is empty"); + addActionError(LanguageHelper.getErrorString("validation.general.oafriendlyname.empty", request)); + return Constants.STRUTS_SUCCESS; - if (MiscUtil.isEmpty(friendlyname)) { - log.info("SearchOA textfield is empty"); - addActionError(LanguageHelper.getErrorString("validation.general.oafriendlyname.empty", request)); + } else { + if (ValidationHelper.containsPotentialCSSCharacter(friendlyname, false)) { + log.warn("SearchOA textfield contains potential XSS characters"); + addActionError(LanguageHelper.getErrorString("validation.general.oafriendlyname", + new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request)); return Constants.STRUTS_SUCCESS; - - } else { - if (ValidationHelper.containsPotentialCSSCharacter(friendlyname, false)) { - log.warn("SearchOA textfield contains potential XSS characters"); - addActionError(LanguageHelper.getErrorString("validation.general.oafriendlyname", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request)); - return Constants.STRUTS_SUCCESS; - } - } - - List<OnlineApplication> dbOAs = null; + } + } + + List<OnlineApplication> dbOAs = null; + + if (authUser.isAdmin()) { + dbOAs = ConfigurationDBRead.searchOnlineApplications(friendlyname); - if (authUser.isAdmin()) { - dbOAs = ConfigurationDBRead.searchOnlineApplications(friendlyname); + } else { + UserDatabase authUserDB = ConfigurationDBRead.getUserWithID(authUser.getUserID()); + if (authUserDB != null) { + List<OnlineApplication> alldbOAs = authUserDB.getOnlineApplication(); - } else { - UserDatabase authUserDB = ConfigurationDBRead.getUserWithID(authUser.getUserID()); - if (authUserDB != null) { - List<OnlineApplication> alldbOAs = authUserDB.getOnlineApplication(); - - dbOAs = new ArrayList<OnlineApplication>(); - - for (OnlineApplication el : alldbOAs) { - if (el.getPublicURLPrefix() - .toLowerCase().indexOf(friendlyname.toLowerCase()) > -1) - dbOAs.add(el); - } + dbOAs = new ArrayList<OnlineApplication>(); + + for (OnlineApplication el : alldbOAs) { + if (el.getPublicURLPrefix() + .toLowerCase().indexOf(friendlyname.toLowerCase()) > -1) + dbOAs.add(el); } } - - addFormOAs(dbOAs); - - ConfigurationDBUtils.closeSession(); - - return Constants.STRUTS_SUCCESS; } - return Constants.STRUTS_REAUTHENTICATE; + addFormOAs(dbOAs); + + ConfigurationDBUtils.closeSession(); + + return Constants.STRUTS_SUCCESS; } private void addFormOAs(List<OnlineApplication> dbOAs) { |