Configuration Tool:

- OA Configuration TODO: - General Configuration - Import - User Management
author: Thomas Lenz <tlenz@iaik.tugraz.at> 2013-07-29 16:18:47 +0200
committer: Thomas Lenz <tlenz@iaik.tugraz.at> 2013-08-06 10:24:36 +0200
commit: e281b81475cc8a94a59f6ce7767d4b0996ea7180 (patch)
tree: 51b7a5e0e0a1abacc6157a0509377cdc5fb03fed /id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ListOAsAction.java
parent: 99694b29f82f858f5b6163e6a3d6c11caaeb487e (diff)
download: moa-id-spss-e281b81475cc8a94a59f6ce7767d4b0996ea7180.tar.gz
moa-id-spss-e281b81475cc8a94a59f6ce7767d4b0996ea7180.tar.bz2
moa-id-spss-e281b81475cc8a94a59f6ce7767d4b0996ea7180.zip
1 files changed, 97 insertions, 18 deletions
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ListOAsAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ListOAsAction.java
index cc613ef7b..9e6e04644 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ListOAsAction.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ListOAsAction.java
@@ -6,6 +6,7 @@ import java.util.List;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
+import org.apache.log4j.Logger;
 import org.apache.struts2.interceptor.ServletRequestAware;
 import org.apache.struts2.interceptor.ServletResponseAware;
 
@@ -21,10 +22,14 @@ import at.gv.egovernment.moa.id.configuration.config.ConfigurationProvider;
 import at.gv.egovernment.moa.id.configuration.data.OAListElement;
 import at.gv.egovernment.moa.id.configuration.exception.ConfigurationException;
 import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
+import at.gv.egovernment.moa.id.configuration.validation.ValidationHelper;
+import at.gv.egovernment.moa.util.MiscUtil;
 
 public class ListOAsAction extends ActionSupport implements ServletRequestAware,
 	ServletResponseAware {
 	
+	private final Logger log = Logger.getLogger(ListOAsAction.class);
+	
 	private static final long serialVersionUID = 1L;
 	
 	private HttpServletRequest request;
@@ -33,10 +38,8 @@ public class ListOAsAction extends ActionSupport implements ServletRequestAware,
 	private ConfigurationProvider configuration;
 	
 	private List<OAListElement> formOAs;
-	
-	
 	private AuthenticatedUser authUser; 
-	
+	private String friendlyname;
 	
 	public ListOAsAction() throws ConfigurationException {
 		configuration = ConfigurationProvider.getInstance();
@@ -59,32 +62,90 @@ public class ListOAsAction extends ActionSupport implements ServletRequestAware,
 				UserDatabase authUserDB = ConfigurationDBRead.getUserWithID(authUser.getUserID());
 				dbOAs = authUserDB.getRegistratedOAs();
 			}
+						
+			addFormOAs(dbOAs);
+
+			return Constants.STRUTS_SUCCESS;
 			
+		}
 			
-			formOAs = new ArrayList<OAListElement>();
-			if (dbOAs == null) {
-				addActionError(LanguageHelper.getErrorString("errors.listOAs.noOA", request));
+		return Constants.STRUTS_ERROR;
+	}
+	
+	public String searchOAInit() {
+		
+		Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH);
+		
+		if (authUserObj != null && authUserObj instanceof AuthenticatedUser) {
+			authUser = (AuthenticatedUser) authUserObj;
+		
+			formOAs = null;
+			friendlyname = "";
+		
+			return Constants.STRUTS_SUCCESS;
+			
+		} else {
+			return Constants.STRUTS_REAUTHENTICATE;
+		}
+	}
+	
+	public String searchOA() {
+		
+		Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH);
+		
+		if (authUserObj != null && authUserObj instanceof AuthenticatedUser) {
+			authUser = (AuthenticatedUser) authUserObj;
+			
+			if (MiscUtil.isEmpty(friendlyname)) {
+				log.info("SearchOA textfield is empty");
+				addActionError(LanguageHelper.getErrorString("validation.general.oafriendlyname.empty", request));
 				return Constants.STRUTS_SUCCESS;
 				
 			} else {
-				for (OnlineApplication dboa : dbOAs) {
-					OAListElement listoa = new OAListElement();
-					listoa.setActive(dboa.isIsActive());
-					listoa.setDataBaseID(dboa.getHjid());
-					listoa.setOaFriendlyName(dboa.getFriendlyName());
-					listoa.setOaIdentifier(dboa.getPublicURLPrefix());
-					listoa.setOaType(dboa.getType());
-					formOAs.add(listoa);
-				}
+				if (ValidationHelper.containsPotentialCSSCharacter(friendlyname, false)) {
+					log.warn("SearchOA textfield contains potential XSS characters");
+					addActionError(LanguageHelper.getErrorString("validation.general.oafriendlyname", 
+							new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request));
+					return Constants.STRUTS_SUCCESS;
+				}	
 			}
 			
-			return Constants.STRUTS_SUCCESS;
+			List<OnlineApplication> dbOAs = null;
 			
-		}
+			if (authUser.isAdmin()) {
+				dbOAs = ConfigurationDBRead.searchOnlineApplications(friendlyname);
+				
+			} else {
+				dbOAs = ConfigurationDBRead.searchOnlineApplicationsFromUser(authUser.getUserID(), friendlyname);
+				
+			}
 			
-		return Constants.STRUTS_ERROR;
+			addFormOAs(dbOAs);
+			
+			return Constants.STRUTS_SUCCESS;	
+		}
+		
+		return Constants.STRUTS_REAUTHENTICATE;	
 	}
 	
+	private void addFormOAs(List<OnlineApplication> dbOAs) {
+		
+		formOAs = new ArrayList<OAListElement>();
+		if (dbOAs == null) {
+			addActionError(LanguageHelper.getErrorString("errors.listOAs.noOA", request));
+			
+		} else {
+			for (OnlineApplication dboa : dbOAs) {
+				OAListElement listoa = new OAListElement();
+				listoa.setActive(dboa.isIsActive());
+				listoa.setDataBaseID(dboa.getHjid());
+				listoa.setOaFriendlyName(dboa.getFriendlyName());
+				listoa.setOaIdentifier(dboa.getPublicURLPrefix());
+				listoa.setOaType(dboa.getType());
+				formOAs.add(listoa);
+			}
+		}
+	}
 	
 	public void setServletResponse(HttpServletResponse arg0) {
 		this.response = arg0;
@@ -107,6 +168,24 @@ public class ListOAsAction extends ActionSupport implements ServletRequestAware,
 	 */
 	public List<OAListElement> getFormOAs() {
 		return formOAs;
+	}
+
+
+	/**
+	 * @return the friendlyname
+	 */
+	public String getFriendlyname() {
+		return friendlyname;
+	}
+
+
+	/**
+	 * @param friendlyname the friendlyname to set
+	 */
+	public void setFriendlyname(String friendlyname) {
+		this.friendlyname = friendlyname;
 	}	
+	
+	
 
 }
author	Thomas Lenz <tlenz@iaik.tugraz.at>	2013-07-29 16:18:47 +0200
committer	Thomas Lenz <tlenz@iaik.tugraz.at>	2013-08-06 10:24:36 +0200
commit	e281b81475cc8a94a59f6ce7767d4b0996ea7180 (patch)
tree	51b7a5e0e0a1abacc6157a0509377cdc5fb03fed /id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ListOAsAction.java
parent	99694b29f82f858f5b6163e6a3d6c11caaeb487e (diff)
download	moa-id-spss-e281b81475cc8a94a59f6ce7767d4b0996ea7180.tar.gz moa-id-spss-e281b81475cc8a94a59f6ce7767d4b0996ea7180.tar.bz2 moa-id-spss-e281b81475cc8a94a59f6ce7767d4b0996ea7180.zip