aboutsummaryrefslogtreecommitdiff
path: root/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java
diff options
context:
space:
mode:
Diffstat (limited to 'id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java')
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java574
1 files changed, 574 insertions, 0 deletions
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java
new file mode 100644
index 000000000..1c498ecc2
--- /dev/null
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java
@@ -0,0 +1,574 @@
+package at.gv.egovernment.moa.id.configuration.struts.action;
+
+import java.io.IOException;
+import java.math.BigInteger;
+import java.security.cert.CertificateException;
+import java.util.ArrayList;
+import java.util.List;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.apache.log4j.Logger;
+import org.apache.struts2.interceptor.ServletRequestAware;
+import org.apache.struts2.interceptor.ServletResponseAware;
+
+import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead;
+import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils;
+import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentOA;
+import at.gv.egovernment.moa.id.commons.db.dao.config.BKUURLS;
+import at.gv.egovernment.moa.id.commons.db.dao.config.IdentificationNumber;
+import at.gv.egovernment.moa.id.commons.db.dao.config.MOAKeyBoxSelector;
+import at.gv.egovernment.moa.id.commons.db.dao.config.Mandates;
+import at.gv.egovernment.moa.id.commons.db.dao.config.OAPVP2;
+import at.gv.egovernment.moa.id.commons.db.dao.config.OASAML1;
+import at.gv.egovernment.moa.id.commons.db.dao.config.OASSO;
+import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication;
+import at.gv.egovernment.moa.id.commons.db.dao.config.STORK;
+import at.gv.egovernment.moa.id.commons.db.dao.config.TemplateType;
+import at.gv.egovernment.moa.id.commons.db.dao.config.TemplatesType;
+import at.gv.egovernment.moa.id.commons.db.dao.config.TransformsInfoType;
+import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase;
+import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
+import at.gv.egovernment.moa.id.configuration.Constants;
+import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser;
+import at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig;
+import at.gv.egovernment.moa.id.configuration.data.oa.OAPVP2Config;
+import at.gv.egovernment.moa.id.configuration.data.oa.OASAML1Config;
+import at.gv.egovernment.moa.id.configuration.data.oa.OASSOConfig;
+import at.gv.egovernment.moa.id.configuration.data.oa.OASTORKConfig;
+import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
+import at.gv.egovernment.moa.id.configuration.validation.ValidationHelper;
+import at.gv.egovernment.moa.id.configuration.validation.oa.OAGeneralConfigValidation;
+import at.gv.egovernment.moa.id.configuration.validation.oa.OAPVP2ConfigValidation;
+import at.gv.egovernment.moa.id.configuration.validation.oa.OASAML1ConfigValidation;
+import at.gv.egovernment.moa.id.configuration.validation.oa.OASSOConfigValidation;
+import at.gv.egovernment.moa.id.configuration.validation.oa.OASTORKConfigValidation;
+import at.gv.egovernment.moa.util.MiscUtil;
+
+import com.opensymphony.xwork2.ActionSupport;
+
+public class EditOAAction extends ActionSupport implements ServletRequestAware,
+ServletResponseAware {
+
+ private final Logger log = Logger.getLogger(EditOAAction.class);
+
+ private static final long serialVersionUID = 1L;
+
+ private HttpServletRequest request;
+ private HttpServletResponse response;
+
+ private AuthenticatedUser authUser;
+
+ private String oaidobj;
+ private boolean newOA;
+
+ private OAGeneralConfig generalOA = new OAGeneralConfig();
+ private OAPVP2Config pvp2OA = new OAPVP2Config();
+ private OASAML1Config saml1OA = new OASAML1Config();
+ private OASSOConfig ssoOA = new OASSOConfig();
+ private OASTORKConfig storkOA;
+
+ //STRUTS actions
+ public String inital() {
+
+ Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH);
+
+ if (authUserObj != null && authUserObj instanceof AuthenticatedUser) {
+ authUser = (AuthenticatedUser) authUserObj;
+ } else
+ return Constants.STRUTS_REAUTHENTICATE;
+
+ long oaid = -1;
+
+ if (!ValidationHelper.validateOAID(oaidobj)) {
+ addActionError(LanguageHelper.getErrorString("errors.edit.oa.oaid", request));
+ return Constants.STRUTS_ERROR;
+ }
+ oaid = Long.valueOf(oaidobj);
+
+ request.getSession().setAttribute(Constants.SESSION_OAID, oaid);
+
+ OnlineApplication onlineapplication = ConfigurationDBRead.getOnlineApplication(oaid);
+
+ generalOA.parse(onlineapplication);
+ ssoOA.parse(onlineapplication);
+ saml1OA.parse(onlineapplication);
+ List<String> errors = pvp2OA.parse(onlineapplication);
+
+ if (errors.size() > 0) {
+ for (String el : errors)
+ addActionError(el);
+ }
+
+ ConfigurationDBUtils.closeSession();
+
+ newOA = false;
+
+ return Constants.STRUTS_OA_EDIT;
+ }
+
+ public String newOA() {
+ log.debug("insert new Online-Application");
+
+ request.getSession().setAttribute(Constants.SESSION_OAID, null);
+
+ Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH);
+
+ if (authUserObj != null && authUserObj instanceof AuthenticatedUser) {
+ authUser = (AuthenticatedUser) authUserObj;
+ } else
+ return Constants.STRUTS_REAUTHENTICATE;
+
+ newOA = true;
+
+ return Constants.STRUTS_OA_EDIT;
+ }
+
+ public String saveOA() {
+
+ Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH);
+
+ if (authUserObj != null && authUserObj instanceof AuthenticatedUser) {
+ authUser = (AuthenticatedUser) authUserObj;
+ } else
+ return Constants.STRUTS_REAUTHENTICATE;
+
+ OnlineApplication onlineapplication = null;
+ List<String> errors = new ArrayList<String>();
+
+ Object oadbid = request.getSession().getAttribute(Constants.SESSION_OAID);
+ Long oaid = (long) -1;
+
+ if (oadbid != null ) {
+ try {
+ oaid = (Long) oadbid;
+ if (oaid < 0 || oaid > Long.MAX_VALUE) {
+ addActionError(LanguageHelper.getErrorString("errors.edit.oa.oaid", request));
+ return Constants.STRUTS_ERROR;
+ }
+
+ } catch (Throwable t) {
+ addActionError(LanguageHelper.getErrorString("errors.edit.oa.oaid", request));
+ return Constants.STRUTS_ERROR;
+ }
+ }
+
+ //valid DBID and check entry
+ String oaidentifier = generalOA.getIdentifier();
+ if (MiscUtil.isEmpty(oaidentifier)) {
+ log.info("Empty OA identifier");
+ errors.add(LanguageHelper.getErrorString("validation.general.oaidentifier.empty"));
+
+ } else {
+ if (ValidationHelper.isValidOAIdentifier(oaidentifier)) {
+ log.warn("IdentificationNumber contains potentail XSS characters: " + oaidentifier);
+ errors.add(LanguageHelper.getErrorString("validation.general.oaidentifier.valid",
+ new Object[] {ValidationHelper.getNotValidOAIdentifierCharacters()} ));
+ } else {
+
+ if (oaid == -1) {
+ onlineapplication = ConfigurationDBRead.getOnlineApplication(oaidentifier);
+ if (onlineapplication != null) {
+ log.info("The OAIdentifier is not unique");
+ errors.add(LanguageHelper.getErrorString("validation.general.oaidentifier.notunique"));
+ }
+
+ } else {
+ onlineapplication = ConfigurationDBRead.getOnlineApplication(oaid);
+ if (!oaidentifier.equals(onlineapplication.getPublicURLPrefix())) {
+
+ if (ConfigurationDBRead.getOnlineApplication(oaidentifier) != null) {
+ log.info("The OAIdentifier is not unique");
+ errors.add(LanguageHelper.getErrorString("validation.general.oaidentifier.notunique"));
+ }
+ }
+ }
+ }
+ }
+
+ //check form
+ OAGeneralConfigValidation validatior_general = new OAGeneralConfigValidation();
+ OAPVP2ConfigValidation validatior_pvp2 = new OAPVP2ConfigValidation();
+ OASAML1ConfigValidation validatior_saml1 = new OASAML1ConfigValidation();
+ OASSOConfigValidation validatior_sso = new OASSOConfigValidation();
+ OASTORKConfigValidation validator_stork = new OASTORKConfigValidation();
+
+ errors.addAll(validatior_general.validate(generalOA, authUser.isAdmin()));
+ errors.addAll(validatior_pvp2.validate(pvp2OA));
+ errors.addAll(validatior_saml1.validate(saml1OA, generalOA));
+ errors.addAll(validatior_sso.validate(ssoOA, authUser.isAdmin()));
+ errors.addAll(validator_stork.validate(storkOA));
+
+ if (errors.size() > 0) {
+ log.info("OAConfiguration with ID " + generalOA.getIdentifier() + " has some errors.");
+ for (String el : errors)
+ addActionError(el);
+
+ return Constants.STRUTS_ERROR_VALIDATION;
+
+ } else {
+
+ String error = saveOAConfigToDatabase(onlineapplication);
+ if (MiscUtil.isNotEmpty(error)) {
+ log.warn("OA configuration can not be stored!");
+ addActionError(error);
+ return Constants.STRUTS_ERROR_VALIDATION;
+ }
+ }
+
+
+
+ request.getSession().setAttribute(Constants.SESSION_OAID, null);
+ addActionMessage(LanguageHelper.getGUIString("webpages.oaconfig.success", generalOA.getIdentifier(), request));
+
+ ConfigurationDBUtils.closeSession();
+
+ return Constants.STRUTS_SUCCESS;
+ }
+
+ public String cancleAndBackOA() {
+
+ request.getSession().setAttribute(Constants.SESSION_OAID, null);
+
+ addActionMessage(LanguageHelper.getGUIString("webpages.oaconfig.cancle", generalOA.getIdentifier(), request));
+
+ ConfigurationDBUtils.closeSession();
+
+ return Constants.STRUTS_SUCCESS;
+ }
+
+ public String deleteOA() {
+
+ String oaidentifier = generalOA.getIdentifier();
+ if (MiscUtil.isEmpty(oaidentifier)) {
+ log.info("Empty OA identifier");
+ addActionError(LanguageHelper.getErrorString("validation.general.oaidentifier.empty"));
+ return Constants.STRUTS_ERROR_VALIDATION;
+
+ } else {
+ if (ValidationHelper.isValidOAIdentifier(oaidentifier)) {
+ log.warn("IdentificationNumber contains potentail XSS characters: " + oaidentifier);
+ addActionError(LanguageHelper.getErrorString("validation.general.oaidentifier.valid",
+ new Object[] {ValidationHelper.getNotValidOAIdentifierCharacters()} ));
+ return Constants.STRUTS_ERROR_VALIDATION;
+ }
+ }
+
+ OnlineApplication onlineapplication = ConfigurationDBRead.getOnlineApplication(oaidentifier);
+
+ request.getSession().setAttribute(Constants.SESSION_OAID, null);
+ if (ConfigurationDBUtils.delete(onlineapplication)) {
+
+ if (!authUser.isAdmin()) {
+ UserDatabase user = ConfigurationDBRead.getUserWithID(authUser.getUserID());
+ List<OnlineApplication> useroas = user.getRegistratedOAs();
+
+ for (OnlineApplication oa : useroas) {
+ if (oa.getHjid().equals(onlineapplication.getHjid())) {
+ useroas.remove(oa);
+ }
+ }
+
+ try {
+ ConfigurationDBUtils.saveOrUpdate(user);
+
+ } catch (MOADatabaseException e) {
+ log.warn("User information can not be updated in database", e);
+ addActionError(LanguageHelper.getGUIString("error.db.oa.store", request));
+ return Constants.STRUTS_ERROR;
+ }
+ }
+
+ ConfigurationDBUtils.closeSession();
+
+ addActionMessage(LanguageHelper.getGUIString("webpages.oaconfig.delete.message", generalOA.getIdentifier(), request));
+
+ return Constants.STRUTS_SUCCESS;
+
+ } else {
+ ConfigurationDBUtils.closeSession();
+ addActionError(LanguageHelper.getGUIString("webpages.oaconfig.delete.error", generalOA.getIdentifier(), request));
+ return Constants.STRUTS_SUCCESS;
+ }
+
+
+
+ }
+
+ private String saveOAConfigToDatabase(OnlineApplication dboa) {
+
+ boolean newentry = false;
+
+ if (dboa == null) {
+ dboa = new OnlineApplication();
+ newentry = true;
+ dboa.setIsActive(false);
+ }
+
+ AuthComponentOA authoa = dboa.getAuthComponentOA();
+ if (authoa == null) {
+ authoa = new AuthComponentOA();
+ dboa.setAuthComponentOA(authoa);
+ }
+
+ if (authUser.isAdmin())
+ dboa.setIsActive(generalOA.isActive());
+
+ dboa.setFriendlyName(generalOA.getFriendlyName());
+ dboa.setCalculateHPI(generalOA.isCalculateHPI());
+ dboa.setKeyBoxIdentifier(MOAKeyBoxSelector.fromValue(generalOA.getKeyBoxIdentifier()));
+ dboa.setPublicURLPrefix(generalOA.getIdentifier());
+
+ if (generalOA.isBusinessService()) {
+ dboa.setType(Constants.MOA_CONFIG_BUSINESSSERVICE);
+
+ IdentificationNumber idnumber = new IdentificationNumber();
+ idnumber.setValue(generalOA.getIdentificationNumber());
+ authoa.setIdentificationNumber(idnumber);
+
+ }
+ else {
+ dboa.setType(null);
+ dboa.setTarget(generalOA.getTarget());
+ dboa.setTargetFriendlyName(generalOA.getTargetFriendlyName());
+
+ }
+
+ BKUURLS bkuruls = new BKUURLS();
+ authoa.setBKUURLS(bkuruls);
+ bkuruls.setHandyBKU(generalOA.getBkuHandyURL());
+ bkuruls.setLocalBKU(generalOA.getBkuLocalURL());
+ bkuruls.setOnlineBKU(generalOA.getBkuOnlineURL());
+
+ Mandates mandates = new Mandates();
+ mandates.setProfiles(generalOA.getMandateProfiles());
+ authoa.setMandates(mandates);
+
+ authoa.setSlVersion(generalOA.getSlVersion());
+ authoa.setUseIFrame(generalOA.isUseIFrame());
+ authoa.setUseUTC(generalOA.isUseUTC());
+
+ TemplatesType templates = authoa.getTemplates();
+ if (templates == null) {
+ templates = new TemplatesType();
+ authoa.setTemplates(templates);
+ }
+ templates.setAditionalAuthBlockText(generalOA.getAditionalAuthBlockText());
+
+ TemplateType template = templates.getTemplate();
+ if (template == null) {
+ //TODO: if OA specific templateURL is required
+
+ }
+
+ //set default transformation if it is empty
+ List<TransformsInfoType> transformsInfo = authoa.getTransformsInfo();
+ if (transformsInfo == null) {
+ //TODO: set OA specific transformation if it is required
+
+ }
+
+ OAPVP2 pvp2 = authoa.getOAPVP2();
+ if (pvp2 == null) {
+ pvp2 = new OAPVP2();
+ authoa.setOAPVP2(pvp2);
+ }
+
+ pvp2.setMetadataURL(pvp2OA.getMetaDataURL());
+ try {
+
+ if (pvp2OA.getFileUpload() != null)
+ pvp2.setCertificate(pvp2OA.getCertificate());
+
+ } catch (CertificateException e) {
+ log.info("Uploaded Certificate can not be found", e);
+ return LanguageHelper.getErrorString("validation.pvp2.certificate.notfound");
+ } catch (IOException e) {
+ log.info("Uploaded Certificate can not be parsed", e);
+ return LanguageHelper.getErrorString("validation.pvp2.certificate.format");
+ }
+
+ OASAML1 saml1 = authoa.getOASAML1();
+ if (saml1 == null) {
+ saml1 = new OASAML1();
+ authoa.setOASAML1(saml1);
+ }
+ saml1.setProvideAUTHBlock(saml1OA.isProvideAuthBlock());
+ saml1.setProvideCertificate(saml1OA.isProvideCertificate());
+ saml1.setProvideFullMandatorData(saml1OA.isProvideFullMandateData());
+ saml1.setProvideIdentityLink(saml1OA.isProvideIdentityLink());
+ saml1.setProvideStammzahl(saml1OA.isProvideStammZahl());
+ saml1.setUseCondition(saml1OA.isUseCondition());
+ saml1.setConditionLength(BigInteger.valueOf(saml1OA.getConditionLength()));
+ //TODO: set sourceID
+ //saml1.setSourceID("");
+
+ OASSO sso = authoa.getOASSO();
+ if (sso == null) {
+ sso = new OASSO();
+ authoa.setOASSO(sso);
+ sso.setAuthDataFrame(true);
+ }
+ sso.setUseSSO(ssoOA.isUseSSO());
+
+ if (authUser.isAdmin())
+ sso.setAuthDataFrame(ssoOA.isShowAuthDataFrame());
+
+ sso.setSingleLogOutURL(ssoOA.getSingleLogOutURL());
+
+
+ STORK stork = authoa.getSTORK();
+ if (stork == null) {
+ //TODO: make stork configurable
+
+ }
+
+ try {
+ if (newentry) {
+ ConfigurationDBUtils.save(dboa);
+
+ if (!authUser.isAdmin()) {
+ UserDatabase user = ConfigurationDBRead.getUserWithID(authUser.getUserID());
+ List<OnlineApplication> useroas = user.getRegistratedOAs();
+ if (useroas == null)
+ useroas = new ArrayList<OnlineApplication>();
+
+ useroas.add(dboa);
+ ConfigurationDBUtils.save(user);
+ }
+ }
+
+ else
+ ConfigurationDBUtils.saveOrUpdate(dboa);
+
+ } catch (MOADatabaseException e) {
+ log.warn("Online-Application can not be stored.", e);
+ return LanguageHelper.getErrorString("error.db.oa.store");
+ }
+
+ return null;
+ }
+
+ public String setGeneralOAConfig() {
+
+ return Constants.STRUTS_SUCCESS;
+ }
+
+ public String setSAML1OAConfig() {
+
+ return Constants.STRUTS_SUCCESS;
+ }
+
+ public String setPVP2OAConfig() {
+
+ return Constants.STRUTS_SUCCESS;
+ }
+
+ public String setSSOOAConfig() {
+
+ return Constants.STRUTS_SUCCESS;
+ }
+
+ public String setSTORKOAConfig() {
+
+ return Constants.STRUTS_SUCCESS;
+ }
+
+
+ //Getter and Setter
+ public void setServletResponse(HttpServletResponse arg0) {
+ this.response = arg0;
+
+ }
+
+ public void setServletRequest(HttpServletRequest arg0) {
+ this.request = arg0;
+
+ }
+
+ public HttpServletRequest getRequest() {
+ return request;
+ }
+
+ public void setRequest(HttpServletRequest request) {
+ this.request = request;
+ }
+
+ public HttpServletResponse getResponse() {
+ return response;
+ }
+
+ public void setResponse(HttpServletResponse response) {
+ this.response = response;
+ }
+
+ public OAGeneralConfig getGeneralOA() {
+ return generalOA;
+ }
+
+ public void setGeneralOA(OAGeneralConfig generalOA) {
+ this.generalOA = generalOA;
+ }
+
+ public OAPVP2Config getPvp2OA() {
+ return pvp2OA;
+ }
+
+ public void setPvp2OA(OAPVP2Config pvp2oa) {
+ pvp2OA = pvp2oa;
+ }
+
+ public OASAML1Config getSaml1OA() {
+ return saml1OA;
+ }
+
+ public void setSaml1OA(OASAML1Config saml1oa) {
+ saml1OA = saml1oa;
+ }
+
+ public OASSOConfig getSsoOA() {
+ return ssoOA;
+ }
+
+ public void setSsoOA(OASSOConfig ssoOA) {
+ this.ssoOA = ssoOA;
+ }
+
+ public OASTORKConfig getStorkOA() {
+ return storkOA;
+ }
+
+ public void setStorkOA(OASTORKConfig storkOA) {
+ this.storkOA = storkOA;
+ }
+
+ /**
+ * @param oaidobj the oaidobj to set
+ */
+ public void setOaidobj(String oaidobj) {
+ this.oaidobj = oaidobj;
+ }
+
+ /**
+ * @return the authUser
+ */
+ public AuthenticatedUser getAuthUser() {
+ return authUser;
+ }
+
+ /**
+ * @return the newOA
+ */
+ public boolean isNewOA() {
+ return newOA;
+ }
+
+ /**
+ * @param newOA the newOA to set
+ */
+ public void setNewOA(boolean newOA) {
+ this.newOA = newOA;
+ }
+
+}
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-14 20:56:42 +0000