Bugfixes:

@ConfigurationTool - AuthenticationFilter: handle of non authenticated requests after restart - Legacy Import: update legacy Configuration import process @MOA-ID - Change Legacy Configuration import
author: Thomas Lenz <tlenz@iaik.tugraz.at> 2013-08-12 13:31:30 +0200
committer: Thomas Lenz <tlenz@iaik.tugraz.at> 2013-08-12 13:31:30 +0200
commit: 7c6ecaa8adb365a6c670cb86bb68be94136dc6a0 (patch)
tree: f69c954a387513aa14adf86d4bf9a81a59b80c36 /id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/UserManagementAction.java
parent: 45e170310a012dca93d5e5d4dc0b54e6b0808e95 (diff)
download: moa-id-spss-7c6ecaa8adb365a6c670cb86bb68be94136dc6a0.tar.gz
moa-id-spss-7c6ecaa8adb365a6c670cb86bb68be94136dc6a0.tar.bz2
moa-id-spss-7c6ecaa8adb365a6c670cb86bb68be94136dc6a0.zip
1 files changed, 152 insertions, 174 deletions
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/UserManagementAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/UserManagementAction.java
index c022d0057..2a9ec038f 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/UserManagementAction.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/UserManagementAction.java
@@ -47,224 +47,202 @@ public class UserManagementAction extends ActionSupport
 	public String init() {
 		Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH);
 		
-		if (authUserObj != null && authUserObj instanceof AuthenticatedUser) {
-			authUser = (AuthenticatedUser) authUserObj;
+		authUser = (AuthenticatedUser) authUserObj;
+		
+		if (authUser.isAdmin()) {
 			
-			if (authUser.isAdmin()) {
-				
-				log.info("Show UserList");
-				
-				List<UserDatabase> dbuserlist = ConfigurationDBRead.getAllUsers();
-				if (dbuserlist != null) {
-					userlist = new ArrayList<AuthenticatedUser>();
-					
-					for (UserDatabase dbuser : dbuserlist) {
-						userlist.add(new AuthenticatedUser(
-								dbuser.getHjid(), 
-								dbuser.getGivenname(), 
-								dbuser.getFamilyname(),
-								dbuser.getUsername(),
-								dbuser.isIsActive(), 
-								dbuser.isIsAdmin()));
-					}
-				}
-				
-				ConfigurationDBUtils.closeSession();
-				return Constants.STRUTS_SUCCESS;
+			log.info("Show UserList");
+			
+			List<UserDatabase> dbuserlist = ConfigurationDBRead.getAllUsers();
+			if (dbuserlist != null) {
+				userlist = new ArrayList<AuthenticatedUser>();
 				
-			} else {
-				log.info("User with ID " + authUser.getUserID() + " is not admin. Show only EditUser Frame");
-				UserDatabase dbuser = ConfigurationDBRead.getUserWithID(authUser.getUserID());
-				if (dbuser == null) {
-					return Constants.STRUTS_REAUTHENTICATE;
+				for (UserDatabase dbuser : dbuserlist) {
+					userlist.add(new AuthenticatedUser(
+							dbuser.getHjid(), 
+							dbuser.getGivenname(), 
+							dbuser.getFamilyname(),
+							dbuser.getUsername(),
+							dbuser.isIsActive(), 
+							dbuser.isIsAdmin()));
 				}
-				user = new UserDatabaseFrom(dbuser);
-				ConfigurationDBUtils.closeSession();
-				return Constants.STRUTS_NOTALLOWED;
 			}
+			
+			ConfigurationDBUtils.closeSession();
+			return Constants.STRUTS_SUCCESS;
+			
+		} else {
+			log.info("User with ID " + authUser.getUserID() + " is not admin. Show only EditUser Frame");
+			UserDatabase dbuser = ConfigurationDBRead.getUserWithID(authUser.getUserID());
+			if (dbuser == null) {
+				return Constants.STRUTS_REAUTHENTICATE;
+			}
+			user = new UserDatabaseFrom(dbuser);
+			ConfigurationDBUtils.closeSession();
+			return Constants.STRUTS_NOTALLOWED;
 		}
-		return Constants.STRUTS_REAUTHENTICATE;
-		
 	}
 	
 	public String createuser() {
 		Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH);
 		
-		if (authUserObj != null && authUserObj instanceof AuthenticatedUser) {
-			authUser = (AuthenticatedUser) authUserObj;
-			
-			if (authUser.isAdmin()) {
-								
-				user = new UserDatabaseFrom();
-				
-				newUser = true;
-				return Constants.STRUTS_SUCCESS;
-				
-			} else {
-				return Constants.STRUTS_NOTALLOWED;
-			}
-		}
-		return Constants.STRUTS_REAUTHENTICATE;
+		authUser = (AuthenticatedUser) authUserObj;
 		
+		if (authUser.isAdmin()) {
+							
+			user = new UserDatabaseFrom();
+			
+			newUser = true;
+			return Constants.STRUTS_SUCCESS;
+			
+		} else {
+			return Constants.STRUTS_NOTALLOWED;
+		}	
 	}
 	
 	public String edituser() {
 		Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH);
 		
-		if (authUserObj != null && authUserObj instanceof AuthenticatedUser) {
-			authUser = (AuthenticatedUser) authUserObj;
+		authUser = (AuthenticatedUser) authUserObj;
+		
+		if (authUser.isAdmin()) {
+			long userid = -1;
 			
-			if (authUser.isAdmin()) {
-				long userid = -1;
-				
-				if (!ValidationHelper.validateOAID(useridobj)) {
-					addActionError(LanguageHelper.getErrorString("errors.edit.user.userid", request));
-					return Constants.STRUTS_ERROR;
-				}
-				userid = Long.valueOf(useridobj);
-				
-				UserDatabase dbuser = ConfigurationDBRead.getUserWithID(userid);
-				if (dbuser == null) {
-					log.info("No User with ID " + userid + " in Database");;
-					addActionError(LanguageHelper.getErrorString("errors.edit.user.userid", request));
-					return Constants.STRUTS_ERROR;
-				}
-				user = new UserDatabaseFrom(dbuser);
-				
-				newUser = false;
-				
-				ConfigurationDBUtils.closeSession();
-				
-				return Constants.STRUTS_SUCCESS;
-				
-			} else {
-				log.info("User with ID " + authUser.getUserID() + " is not admin. Show his own EditUser Frame");
-				UserDatabase dbuser = ConfigurationDBRead.getUserWithID(authUser.getUserID());
-				user = new UserDatabaseFrom(dbuser);
-				return Constants.STRUTS_SUCCESS;
+			if (!ValidationHelper.validateOAID(useridobj)) {
+				addActionError(LanguageHelper.getErrorString("errors.edit.user.userid", request));
+				return Constants.STRUTS_ERROR;
 			}
-		}
-		return Constants.STRUTS_REAUTHENTICATE;
-		
+			userid = Long.valueOf(useridobj);
+			
+			UserDatabase dbuser = ConfigurationDBRead.getUserWithID(userid);
+			if (dbuser == null) {
+				log.info("No User with ID " + userid + " in Database");;
+				addActionError(LanguageHelper.getErrorString("errors.edit.user.userid", request));
+				return Constants.STRUTS_ERROR;
+			}
+			user = new UserDatabaseFrom(dbuser);
+			
+			newUser = false;
+			
+			ConfigurationDBUtils.closeSession();
+			
+			return Constants.STRUTS_SUCCESS;
+			
+		} else {
+			log.info("User with ID " + authUser.getUserID() + " is not admin. Show his own EditUser Frame");
+			UserDatabase dbuser = ConfigurationDBRead.getUserWithID(authUser.getUserID());
+			user = new UserDatabaseFrom(dbuser);
+			return Constants.STRUTS_SUCCESS;
+		}		
 	}
 	
 	public String saveuser() {
 		Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH);
 		
-		if (authUserObj != null && authUserObj instanceof AuthenticatedUser) {
-			authUser = (AuthenticatedUser) authUserObj;
+		authUser = (AuthenticatedUser) authUserObj;
 
-			String useridobj = user.getUserID();
-			long userID = -1;
-			if (MiscUtil.isEmpty(useridobj)) {
-				userID = -1;
-				
-			} else {
-				if (!ValidationHelper.validateOAID(useridobj)){
-					log.warn("User with ID " + authUser.getUserID() 
-							+ " would access UserDatabase ID " + useridobj);
-					addActionError(LanguageHelper.getErrorString("errors.edit.user.notallowed", request));
-					return Constants.STRUTS_ERROR;
-				}	
-				userID = Long.valueOf(useridobj);
-			}
+		String useridobj = user.getUserID();
+		long userID = -1;
+		if (MiscUtil.isEmpty(useridobj)) {
+			userID = -1;
 			
-			List<String> errors;
-			UserDatabaseFormValidator validator = new UserDatabaseFormValidator();
-			errors = validator.validate(user, userID);
+		} else {
+			if (!ValidationHelper.validateOAID(useridobj)){
+				log.warn("User with ID " + authUser.getUserID() 
+						+ " would access UserDatabase ID " + useridobj);
+				addActionError(LanguageHelper.getErrorString("errors.edit.user.notallowed", request));
+				return Constants.STRUTS_ERROR;
+			}	
+			userID = Long.valueOf(useridobj);
+		}
+		
+		List<String> errors;
+		UserDatabaseFormValidator validator = new UserDatabaseFormValidator();
+		errors = validator.validate(user, userID);
 
-			if (errors.size() > 0) {
-				log.info("UserDataForm has some erros.");
-				for (String el : errors)
-					addActionError(el);	
-				user.setPassword("");
-				
-				if (MiscUtil.isEmpty(user.getUsername()))
-					newUser = true;
-				
-				return Constants.STRUTS_ERROR_VALIDATION;
-			}
+		if (errors.size() > 0) {
+			log.info("UserDataForm has some erros.");
+			for (String el : errors)
+				addActionError(el);	
+			user.setPassword("");
 			
-			if (!authUser.isAdmin()) {
-				if (authUser.getUserID() != userID) {
-					log.warn("User with ID " + authUser.getUserID() 
-							+ " would access UserDatabase Entry " + user.getUsername());
-					addActionError(LanguageHelper.getErrorString("errors.edit.user.notallowed", request));
-					return Constants.STRUTS_ERROR;
-				}
-								
+			if (MiscUtil.isEmpty(user.getUsername()))
+				newUser = true;
+			
+			return Constants.STRUTS_ERROR_VALIDATION;
+		}
+		
+		if (!authUser.isAdmin()) {
+			if (authUser.getUserID() != userID) {
+				log.warn("User with ID " + authUser.getUserID() 
+						+ " would access UserDatabase Entry " + user.getUsername());
+				addActionError(LanguageHelper.getErrorString("errors.edit.user.notallowed", request));
+				return Constants.STRUTS_ERROR;
 			}
+							
+		}
 
-			String error = saveFormToDB();
-			if (error != null) {
-				log.warn("UserData can not be stored in Database");
-				addActionError(error);
-				return Constants.STRUTS_SUCCESS;
-			}
-			
-			ConfigurationDBUtils.closeSession();
+		String error = saveFormToDB();
+		if (error != null) {
+			log.warn("UserData can not be stored in Database");
+			addActionError(error);
 			return Constants.STRUTS_SUCCESS;
-				
 		}
-		return Constants.STRUTS_REAUTHENTICATE;
 		
+		ConfigurationDBUtils.closeSession();
+		return Constants.STRUTS_SUCCESS;
 	}
 	
 	public String deleteuser() {
 		Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH);
 		
-		if (authUserObj != null && authUserObj instanceof AuthenticatedUser) {
-			authUser = (AuthenticatedUser) authUserObj;
-								
-			String useridobj = user.getUserID();
-			long userID = -1;
-			if (MiscUtil.isEmpty(useridobj)) {
-				userID = -1;
-				
-			} else {
-				if (!ValidationHelper.validateOAID(useridobj)){
-					log.warn("User with ID " + authUser.getUserID() 
-							+ " would access UserDatabase ID " + useridobj);
-					addActionError(LanguageHelper.getErrorString("errors.edit.user.notallowed", request));
-					return Constants.STRUTS_ERROR;
-				}	
-				userID = Long.valueOf(useridobj);
-			}
-						
-			if (!authUser.isAdmin()) {
-				if (authUser.getUserID() != userID) {
-					log.warn("User with ID " + authUser.getUserID() 
-							+ " would access UserDatabase Entry " + user.getUsername());
-					addActionError(LanguageHelper.getErrorString("errors.edit.user.notallowed", request));
-					return Constants.STRUTS_ERROR;
-				}
-			}
+		authUser = (AuthenticatedUser) authUserObj;
+							
+		String useridobj = user.getUserID();
+		long userID = -1;
+		if (MiscUtil.isEmpty(useridobj)) {
+			userID = -1;
 			
-			UserDatabase dbuser = ConfigurationDBRead.getUserWithID(userID);
-			if (dbuser != null) {
-				dbuser.setOnlineApplication(null);
-				
-				try {
-					ConfigurationDBUtils.saveOrUpdate(dbuser);
-					ConfigurationDBUtils.delete(dbuser);
+		} else {
+			if (!ValidationHelper.validateOAID(useridobj)){
+				log.warn("User with ID " + authUser.getUserID() 
+						+ " would access UserDatabase ID " + useridobj);
+				addActionError(LanguageHelper.getErrorString("errors.edit.user.notallowed", request));
+				return Constants.STRUTS_ERROR;
+			}	
+			userID = Long.valueOf(useridobj);
+		}
 					
-				} catch (MOADatabaseException e) {
-					log.warn("UserData can not be deleted from Database");
-					addActionError(e.getMessage());
-					return Constants.STRUTS_SUCCESS;
-				}
+		if (!authUser.isAdmin()) {
+			if (authUser.getUserID() != userID) {
+				log.warn("User with ID " + authUser.getUserID() 
+						+ " would access UserDatabase Entry " + user.getUsername());
+				addActionError(LanguageHelper.getErrorString("errors.edit.user.notallowed", request));
+				return Constants.STRUTS_ERROR;
+			}
+		}
+		
+		UserDatabase dbuser = ConfigurationDBRead.getUserWithID(userID);
+		if (dbuser != null) {
+			dbuser.setOnlineApplication(null);
+			
+			try {
+				ConfigurationDBUtils.saveOrUpdate(dbuser);
+				ConfigurationDBUtils.delete(dbuser);
 				
-				finally {
-					ConfigurationDBUtils.closeSession();
-				}
+			} catch (MOADatabaseException e) {
+				log.warn("UserData can not be deleted from Database");
+				addActionError(e.getMessage());
+				return Constants.STRUTS_SUCCESS;
 			}
 			
-			ConfigurationDBUtils.closeSession();
-			return Constants.STRUTS_SUCCESS;
-
+			finally {
+				ConfigurationDBUtils.closeSession();
+			}
 		}
-		return Constants.STRUTS_REAUTHENTICATE;
 		
+		ConfigurationDBUtils.closeSession();
+		return Constants.STRUTS_SUCCESS;
 	}
 	
 	private String saveFormToDB() {
author	Thomas Lenz <tlenz@iaik.tugraz.at>	2013-08-12 13:31:30 +0200
committer	Thomas Lenz <tlenz@iaik.tugraz.at>	2013-08-12 13:31:30 +0200
commit	7c6ecaa8adb365a6c670cb86bb68be94136dc6a0 (patch)
tree	f69c954a387513aa14adf86d4bf9a81a59b80c36 /id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/UserManagementAction.java
parent	45e170310a012dca93d5e5d4dc0b54e6b0808e95 (diff)
download	moa-id-spss-7c6ecaa8adb365a6c670cb86bb68be94136dc6a0.tar.gz moa-id-spss-7c6ecaa8adb365a6c670cb86bb68be94136dc6a0.tar.bz2 moa-id-spss-7c6ecaa8adb365a6c670cb86bb68be94136dc6a0.zip