diff options
author | Thomas Lenz <tlenz@iaik.tugraz.at> | 2013-08-12 13:31:30 +0200 |
---|---|---|
committer | Thomas Lenz <tlenz@iaik.tugraz.at> | 2013-08-12 13:31:30 +0200 |
commit | 7c6ecaa8adb365a6c670cb86bb68be94136dc6a0 (patch) | |
tree | f69c954a387513aa14adf86d4bf9a81a59b80c36 /id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/UserManagementAction.java | |
parent | 45e170310a012dca93d5e5d4dc0b54e6b0808e95 (diff) | |
download | moa-id-spss-7c6ecaa8adb365a6c670cb86bb68be94136dc6a0.tar.gz moa-id-spss-7c6ecaa8adb365a6c670cb86bb68be94136dc6a0.tar.bz2 moa-id-spss-7c6ecaa8adb365a6c670cb86bb68be94136dc6a0.zip |
Bugfixes:
@ConfigurationTool
- AuthenticationFilter: handle of non authenticated requests after restart
- Legacy Import: update legacy Configuration import process
@MOA-ID
- Change Legacy Configuration import
Diffstat (limited to 'id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/UserManagementAction.java')
-rw-r--r-- | id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/UserManagementAction.java | 326 |
1 files changed, 152 insertions, 174 deletions
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/UserManagementAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/UserManagementAction.java index c022d0057..2a9ec038f 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/UserManagementAction.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/UserManagementAction.java @@ -47,224 +47,202 @@ public class UserManagementAction extends ActionSupport public String init() { Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH); - if (authUserObj != null && authUserObj instanceof AuthenticatedUser) { - authUser = (AuthenticatedUser) authUserObj; + authUser = (AuthenticatedUser) authUserObj; + + if (authUser.isAdmin()) { - if (authUser.isAdmin()) { - - log.info("Show UserList"); - - List<UserDatabase> dbuserlist = ConfigurationDBRead.getAllUsers(); - if (dbuserlist != null) { - userlist = new ArrayList<AuthenticatedUser>(); - - for (UserDatabase dbuser : dbuserlist) { - userlist.add(new AuthenticatedUser( - dbuser.getHjid(), - dbuser.getGivenname(), - dbuser.getFamilyname(), - dbuser.getUsername(), - dbuser.isIsActive(), - dbuser.isIsAdmin())); - } - } - - ConfigurationDBUtils.closeSession(); - return Constants.STRUTS_SUCCESS; + log.info("Show UserList"); + + List<UserDatabase> dbuserlist = ConfigurationDBRead.getAllUsers(); + if (dbuserlist != null) { + userlist = new ArrayList<AuthenticatedUser>(); - } else { - log.info("User with ID " + authUser.getUserID() + " is not admin. Show only EditUser Frame"); - UserDatabase dbuser = ConfigurationDBRead.getUserWithID(authUser.getUserID()); - if (dbuser == null) { - return Constants.STRUTS_REAUTHENTICATE; + for (UserDatabase dbuser : dbuserlist) { + userlist.add(new AuthenticatedUser( + dbuser.getHjid(), + dbuser.getGivenname(), + dbuser.getFamilyname(), + dbuser.getUsername(), + dbuser.isIsActive(), + dbuser.isIsAdmin())); } - user = new UserDatabaseFrom(dbuser); - ConfigurationDBUtils.closeSession(); - return Constants.STRUTS_NOTALLOWED; } + + ConfigurationDBUtils.closeSession(); + return Constants.STRUTS_SUCCESS; + + } else { + log.info("User with ID " + authUser.getUserID() + " is not admin. Show only EditUser Frame"); + UserDatabase dbuser = ConfigurationDBRead.getUserWithID(authUser.getUserID()); + if (dbuser == null) { + return Constants.STRUTS_REAUTHENTICATE; + } + user = new UserDatabaseFrom(dbuser); + ConfigurationDBUtils.closeSession(); + return Constants.STRUTS_NOTALLOWED; } - return Constants.STRUTS_REAUTHENTICATE; - } public String createuser() { Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH); - if (authUserObj != null && authUserObj instanceof AuthenticatedUser) { - authUser = (AuthenticatedUser) authUserObj; - - if (authUser.isAdmin()) { - - user = new UserDatabaseFrom(); - - newUser = true; - return Constants.STRUTS_SUCCESS; - - } else { - return Constants.STRUTS_NOTALLOWED; - } - } - return Constants.STRUTS_REAUTHENTICATE; + authUser = (AuthenticatedUser) authUserObj; + if (authUser.isAdmin()) { + + user = new UserDatabaseFrom(); + + newUser = true; + return Constants.STRUTS_SUCCESS; + + } else { + return Constants.STRUTS_NOTALLOWED; + } } public String edituser() { Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH); - if (authUserObj != null && authUserObj instanceof AuthenticatedUser) { - authUser = (AuthenticatedUser) authUserObj; + authUser = (AuthenticatedUser) authUserObj; + + if (authUser.isAdmin()) { + long userid = -1; - if (authUser.isAdmin()) { - long userid = -1; - - if (!ValidationHelper.validateOAID(useridobj)) { - addActionError(LanguageHelper.getErrorString("errors.edit.user.userid", request)); - return Constants.STRUTS_ERROR; - } - userid = Long.valueOf(useridobj); - - UserDatabase dbuser = ConfigurationDBRead.getUserWithID(userid); - if (dbuser == null) { - log.info("No User with ID " + userid + " in Database");; - addActionError(LanguageHelper.getErrorString("errors.edit.user.userid", request)); - return Constants.STRUTS_ERROR; - } - user = new UserDatabaseFrom(dbuser); - - newUser = false; - - ConfigurationDBUtils.closeSession(); - - return Constants.STRUTS_SUCCESS; - - } else { - log.info("User with ID " + authUser.getUserID() + " is not admin. Show his own EditUser Frame"); - UserDatabase dbuser = ConfigurationDBRead.getUserWithID(authUser.getUserID()); - user = new UserDatabaseFrom(dbuser); - return Constants.STRUTS_SUCCESS; + if (!ValidationHelper.validateOAID(useridobj)) { + addActionError(LanguageHelper.getErrorString("errors.edit.user.userid", request)); + return Constants.STRUTS_ERROR; } - } - return Constants.STRUTS_REAUTHENTICATE; - + userid = Long.valueOf(useridobj); + + UserDatabase dbuser = ConfigurationDBRead.getUserWithID(userid); + if (dbuser == null) { + log.info("No User with ID " + userid + " in Database");; + addActionError(LanguageHelper.getErrorString("errors.edit.user.userid", request)); + return Constants.STRUTS_ERROR; + } + user = new UserDatabaseFrom(dbuser); + + newUser = false; + + ConfigurationDBUtils.closeSession(); + + return Constants.STRUTS_SUCCESS; + + } else { + log.info("User with ID " + authUser.getUserID() + " is not admin. Show his own EditUser Frame"); + UserDatabase dbuser = ConfigurationDBRead.getUserWithID(authUser.getUserID()); + user = new UserDatabaseFrom(dbuser); + return Constants.STRUTS_SUCCESS; + } } public String saveuser() { Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH); - if (authUserObj != null && authUserObj instanceof AuthenticatedUser) { - authUser = (AuthenticatedUser) authUserObj; + authUser = (AuthenticatedUser) authUserObj; - String useridobj = user.getUserID(); - long userID = -1; - if (MiscUtil.isEmpty(useridobj)) { - userID = -1; - - } else { - if (!ValidationHelper.validateOAID(useridobj)){ - log.warn("User with ID " + authUser.getUserID() - + " would access UserDatabase ID " + useridobj); - addActionError(LanguageHelper.getErrorString("errors.edit.user.notallowed", request)); - return Constants.STRUTS_ERROR; - } - userID = Long.valueOf(useridobj); - } + String useridobj = user.getUserID(); + long userID = -1; + if (MiscUtil.isEmpty(useridobj)) { + userID = -1; - List<String> errors; - UserDatabaseFormValidator validator = new UserDatabaseFormValidator(); - errors = validator.validate(user, userID); + } else { + if (!ValidationHelper.validateOAID(useridobj)){ + log.warn("User with ID " + authUser.getUserID() + + " would access UserDatabase ID " + useridobj); + addActionError(LanguageHelper.getErrorString("errors.edit.user.notallowed", request)); + return Constants.STRUTS_ERROR; + } + userID = Long.valueOf(useridobj); + } + + List<String> errors; + UserDatabaseFormValidator validator = new UserDatabaseFormValidator(); + errors = validator.validate(user, userID); - if (errors.size() > 0) { - log.info("UserDataForm has some erros."); - for (String el : errors) - addActionError(el); - user.setPassword(""); - - if (MiscUtil.isEmpty(user.getUsername())) - newUser = true; - - return Constants.STRUTS_ERROR_VALIDATION; - } + if (errors.size() > 0) { + log.info("UserDataForm has some erros."); + for (String el : errors) + addActionError(el); + user.setPassword(""); - if (!authUser.isAdmin()) { - if (authUser.getUserID() != userID) { - log.warn("User with ID " + authUser.getUserID() - + " would access UserDatabase Entry " + user.getUsername()); - addActionError(LanguageHelper.getErrorString("errors.edit.user.notallowed", request)); - return Constants.STRUTS_ERROR; - } - + if (MiscUtil.isEmpty(user.getUsername())) + newUser = true; + + return Constants.STRUTS_ERROR_VALIDATION; + } + + if (!authUser.isAdmin()) { + if (authUser.getUserID() != userID) { + log.warn("User with ID " + authUser.getUserID() + + " would access UserDatabase Entry " + user.getUsername()); + addActionError(LanguageHelper.getErrorString("errors.edit.user.notallowed", request)); + return Constants.STRUTS_ERROR; } + + } - String error = saveFormToDB(); - if (error != null) { - log.warn("UserData can not be stored in Database"); - addActionError(error); - return Constants.STRUTS_SUCCESS; - } - - ConfigurationDBUtils.closeSession(); + String error = saveFormToDB(); + if (error != null) { + log.warn("UserData can not be stored in Database"); + addActionError(error); return Constants.STRUTS_SUCCESS; - } - return Constants.STRUTS_REAUTHENTICATE; + ConfigurationDBUtils.closeSession(); + return Constants.STRUTS_SUCCESS; } public String deleteuser() { Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH); - if (authUserObj != null && authUserObj instanceof AuthenticatedUser) { - authUser = (AuthenticatedUser) authUserObj; - - String useridobj = user.getUserID(); - long userID = -1; - if (MiscUtil.isEmpty(useridobj)) { - userID = -1; - - } else { - if (!ValidationHelper.validateOAID(useridobj)){ - log.warn("User with ID " + authUser.getUserID() - + " would access UserDatabase ID " + useridobj); - addActionError(LanguageHelper.getErrorString("errors.edit.user.notallowed", request)); - return Constants.STRUTS_ERROR; - } - userID = Long.valueOf(useridobj); - } - - if (!authUser.isAdmin()) { - if (authUser.getUserID() != userID) { - log.warn("User with ID " + authUser.getUserID() - + " would access UserDatabase Entry " + user.getUsername()); - addActionError(LanguageHelper.getErrorString("errors.edit.user.notallowed", request)); - return Constants.STRUTS_ERROR; - } - } + authUser = (AuthenticatedUser) authUserObj; + + String useridobj = user.getUserID(); + long userID = -1; + if (MiscUtil.isEmpty(useridobj)) { + userID = -1; - UserDatabase dbuser = ConfigurationDBRead.getUserWithID(userID); - if (dbuser != null) { - dbuser.setOnlineApplication(null); - - try { - ConfigurationDBUtils.saveOrUpdate(dbuser); - ConfigurationDBUtils.delete(dbuser); + } else { + if (!ValidationHelper.validateOAID(useridobj)){ + log.warn("User with ID " + authUser.getUserID() + + " would access UserDatabase ID " + useridobj); + addActionError(LanguageHelper.getErrorString("errors.edit.user.notallowed", request)); + return Constants.STRUTS_ERROR; + } + userID = Long.valueOf(useridobj); + } - } catch (MOADatabaseException e) { - log.warn("UserData can not be deleted from Database"); - addActionError(e.getMessage()); - return Constants.STRUTS_SUCCESS; - } + if (!authUser.isAdmin()) { + if (authUser.getUserID() != userID) { + log.warn("User with ID " + authUser.getUserID() + + " would access UserDatabase Entry " + user.getUsername()); + addActionError(LanguageHelper.getErrorString("errors.edit.user.notallowed", request)); + return Constants.STRUTS_ERROR; + } + } + + UserDatabase dbuser = ConfigurationDBRead.getUserWithID(userID); + if (dbuser != null) { + dbuser.setOnlineApplication(null); + + try { + ConfigurationDBUtils.saveOrUpdate(dbuser); + ConfigurationDBUtils.delete(dbuser); - finally { - ConfigurationDBUtils.closeSession(); - } + } catch (MOADatabaseException e) { + log.warn("UserData can not be deleted from Database"); + addActionError(e.getMessage()); + return Constants.STRUTS_SUCCESS; } - ConfigurationDBUtils.closeSession(); - return Constants.STRUTS_SUCCESS; - + finally { + ConfigurationDBUtils.closeSession(); + } } - return Constants.STRUTS_REAUTHENTICATE; + ConfigurationDBUtils.closeSession(); + return Constants.STRUTS_SUCCESS; } private String saveFormToDB() { |