aboutsummaryrefslogtreecommitdiff
path: root/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/UserManagementAction.java
diff options
context:
space:
mode:
Diffstat (limited to 'id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/UserManagementAction.java')
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/UserManagementAction.java376
1 files changed, 376 insertions, 0 deletions
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/UserManagementAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/UserManagementAction.java
new file mode 100644
index 000000000..2a9ec038f
--- /dev/null
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/UserManagementAction.java
@@ -0,0 +1,376 @@
+package at.gv.egovernment.moa.id.configuration.struts.action;
+
+import java.util.ArrayList;
+import java.util.Date;
+import java.util.List;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.apache.log4j.Logger;
+import org.apache.struts2.interceptor.ServletRequestAware;
+import org.apache.struts2.interceptor.ServletResponseAware;
+
+import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead;
+import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils;
+import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase;
+import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
+import at.gv.egovernment.moa.id.configuration.Constants;
+import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser;
+import at.gv.egovernment.moa.id.configuration.data.UserDatabaseFrom;
+import at.gv.egovernment.moa.id.configuration.helper.AuthenticationHelper;
+import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
+import at.gv.egovernment.moa.id.configuration.validation.UserDatabaseFormValidator;
+import at.gv.egovernment.moa.id.configuration.validation.ValidationHelper;
+import at.gv.egovernment.moa.util.MiscUtil;
+
+import com.opensymphony.xwork2.ActionSupport;
+
+public class UserManagementAction extends ActionSupport
+ implements ServletRequestAware, ServletResponseAware {
+
+ private static final Logger log = Logger.getLogger(UserManagementAction.class);
+
+ private static final long serialVersionUID = 1L;
+
+ private HttpServletRequest request;
+ private HttpServletResponse response;
+
+ private AuthenticatedUser authUser = null;
+
+ private List<AuthenticatedUser> userlist = null;
+ private UserDatabaseFrom user = null;
+
+ private String useridobj = null;
+ private static boolean newUser = false;
+
+ public String init() {
+ Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH);
+
+ authUser = (AuthenticatedUser) authUserObj;
+
+ if (authUser.isAdmin()) {
+
+ log.info("Show UserList");
+
+ List<UserDatabase> dbuserlist = ConfigurationDBRead.getAllUsers();
+ if (dbuserlist != null) {
+ userlist = new ArrayList<AuthenticatedUser>();
+
+ for (UserDatabase dbuser : dbuserlist) {
+ userlist.add(new AuthenticatedUser(
+ dbuser.getHjid(),
+ dbuser.getGivenname(),
+ dbuser.getFamilyname(),
+ dbuser.getUsername(),
+ dbuser.isIsActive(),
+ dbuser.isIsAdmin()));
+ }
+ }
+
+ ConfigurationDBUtils.closeSession();
+ return Constants.STRUTS_SUCCESS;
+
+ } else {
+ log.info("User with ID " + authUser.getUserID() + " is not admin. Show only EditUser Frame");
+ UserDatabase dbuser = ConfigurationDBRead.getUserWithID(authUser.getUserID());
+ if (dbuser == null) {
+ return Constants.STRUTS_REAUTHENTICATE;
+ }
+ user = new UserDatabaseFrom(dbuser);
+ ConfigurationDBUtils.closeSession();
+ return Constants.STRUTS_NOTALLOWED;
+ }
+ }
+
+ public String createuser() {
+ Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH);
+
+ authUser = (AuthenticatedUser) authUserObj;
+
+ if (authUser.isAdmin()) {
+
+ user = new UserDatabaseFrom();
+
+ newUser = true;
+ return Constants.STRUTS_SUCCESS;
+
+ } else {
+ return Constants.STRUTS_NOTALLOWED;
+ }
+ }
+
+ public String edituser() {
+ Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH);
+
+ authUser = (AuthenticatedUser) authUserObj;
+
+ if (authUser.isAdmin()) {
+ long userid = -1;
+
+ if (!ValidationHelper.validateOAID(useridobj)) {
+ addActionError(LanguageHelper.getErrorString("errors.edit.user.userid", request));
+ return Constants.STRUTS_ERROR;
+ }
+ userid = Long.valueOf(useridobj);
+
+ UserDatabase dbuser = ConfigurationDBRead.getUserWithID(userid);
+ if (dbuser == null) {
+ log.info("No User with ID " + userid + " in Database");;
+ addActionError(LanguageHelper.getErrorString("errors.edit.user.userid", request));
+ return Constants.STRUTS_ERROR;
+ }
+ user = new UserDatabaseFrom(dbuser);
+
+ newUser = false;
+
+ ConfigurationDBUtils.closeSession();
+
+ return Constants.STRUTS_SUCCESS;
+
+ } else {
+ log.info("User with ID " + authUser.getUserID() + " is not admin. Show his own EditUser Frame");
+ UserDatabase dbuser = ConfigurationDBRead.getUserWithID(authUser.getUserID());
+ user = new UserDatabaseFrom(dbuser);
+ return Constants.STRUTS_SUCCESS;
+ }
+ }
+
+ public String saveuser() {
+ Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH);
+
+ authUser = (AuthenticatedUser) authUserObj;
+
+ String useridobj = user.getUserID();
+ long userID = -1;
+ if (MiscUtil.isEmpty(useridobj)) {
+ userID = -1;
+
+ } else {
+ if (!ValidationHelper.validateOAID(useridobj)){
+ log.warn("User with ID " + authUser.getUserID()
+ + " would access UserDatabase ID " + useridobj);
+ addActionError(LanguageHelper.getErrorString("errors.edit.user.notallowed", request));
+ return Constants.STRUTS_ERROR;
+ }
+ userID = Long.valueOf(useridobj);
+ }
+
+ List<String> errors;
+ UserDatabaseFormValidator validator = new UserDatabaseFormValidator();
+ errors = validator.validate(user, userID);
+
+ if (errors.size() > 0) {
+ log.info("UserDataForm has some erros.");
+ for (String el : errors)
+ addActionError(el);
+ user.setPassword("");
+
+ if (MiscUtil.isEmpty(user.getUsername()))
+ newUser = true;
+
+ return Constants.STRUTS_ERROR_VALIDATION;
+ }
+
+ if (!authUser.isAdmin()) {
+ if (authUser.getUserID() != userID) {
+ log.warn("User with ID " + authUser.getUserID()
+ + " would access UserDatabase Entry " + user.getUsername());
+ addActionError(LanguageHelper.getErrorString("errors.edit.user.notallowed", request));
+ return Constants.STRUTS_ERROR;
+ }
+
+ }
+
+ String error = saveFormToDB();
+ if (error != null) {
+ log.warn("UserData can not be stored in Database");
+ addActionError(error);
+ return Constants.STRUTS_SUCCESS;
+ }
+
+ ConfigurationDBUtils.closeSession();
+ return Constants.STRUTS_SUCCESS;
+ }
+
+ public String deleteuser() {
+ Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH);
+
+ authUser = (AuthenticatedUser) authUserObj;
+
+ String useridobj = user.getUserID();
+ long userID = -1;
+ if (MiscUtil.isEmpty(useridobj)) {
+ userID = -1;
+
+ } else {
+ if (!ValidationHelper.validateOAID(useridobj)){
+ log.warn("User with ID " + authUser.getUserID()
+ + " would access UserDatabase ID " + useridobj);
+ addActionError(LanguageHelper.getErrorString("errors.edit.user.notallowed", request));
+ return Constants.STRUTS_ERROR;
+ }
+ userID = Long.valueOf(useridobj);
+ }
+
+ if (!authUser.isAdmin()) {
+ if (authUser.getUserID() != userID) {
+ log.warn("User with ID " + authUser.getUserID()
+ + " would access UserDatabase Entry " + user.getUsername());
+ addActionError(LanguageHelper.getErrorString("errors.edit.user.notallowed", request));
+ return Constants.STRUTS_ERROR;
+ }
+ }
+
+ UserDatabase dbuser = ConfigurationDBRead.getUserWithID(userID);
+ if (dbuser != null) {
+ dbuser.setOnlineApplication(null);
+
+ try {
+ ConfigurationDBUtils.saveOrUpdate(dbuser);
+ ConfigurationDBUtils.delete(dbuser);
+
+ } catch (MOADatabaseException e) {
+ log.warn("UserData can not be deleted from Database");
+ addActionError(e.getMessage());
+ return Constants.STRUTS_SUCCESS;
+ }
+
+ finally {
+ ConfigurationDBUtils.closeSession();
+ }
+ }
+
+ ConfigurationDBUtils.closeSession();
+ return Constants.STRUTS_SUCCESS;
+ }
+
+ private String saveFormToDB() {
+
+ UserDatabase dbuser = ConfigurationDBRead.getUserWithUserName(user.getUsername());
+
+ if( dbuser == null) {
+ dbuser = new UserDatabase();
+ }
+
+ dbuser.setBpk(user.getBpk());
+ dbuser.setFamilyname(user.getFamilyName());
+ dbuser.setGivenname(user.getGivenName());
+ dbuser.setInstitut(user.getInstitut());
+ dbuser.setMail(user.getMail());
+ dbuser.setPhone(user.getPhone());
+ dbuser.setUsername(user.getUsername());
+
+ if (authUser.isAdmin()) {
+ dbuser.setIsActive(user.isActive());
+ dbuser.setIsAdmin(user.isAdmin());
+ }
+
+ if (MiscUtil.isNotEmpty(user.getPassword())) {
+ String key = AuthenticationHelper.generateKeyFormPassword(user.getPassword());
+ if (key == null) {
+ return LanguageHelper.getErrorString("errors.edit.user.save");
+ }
+ dbuser.setPassword(key);
+ }
+
+
+ try {
+ ConfigurationDBUtils.saveOrUpdate(dbuser);
+ } catch (MOADatabaseException e) {
+ log.warn("User information can not be stored in Database.", e);
+ return LanguageHelper.getErrorString("errors.edit.user.save");
+ }
+
+ return null;
+ }
+
+// public String createTestUser() throws MOADatabaseException {
+//
+// UserDatabase user = new UserDatabase();
+// user.setBpk("");
+// user.setFamilyname("Max");
+// user.setGivenname("Mustermann");
+// user.setIsActive(true);
+// user.setIsAdmin(false);
+// user.setInstitut("EGIZ");
+// user.setLastLoginItem(new Date());
+// user.setMail("masdf@amfasdf.com");
+// user.setPhone("00660011542");
+// user.setUsername("testuser");
+//
+// ConfigurationDBUtils.save(user);
+//
+// return Constants.STRUTS_SUCCESS;
+// }
+
+
+ public void setServletResponse(HttpServletResponse response) {
+ this.response = response;
+
+ }
+
+ public void setServletRequest(HttpServletRequest request) {
+ this.request = request;
+
+ }
+
+ /**
+ * @return the userlist
+ */
+ public List<AuthenticatedUser> getUserlist() {
+ return userlist;
+ }
+
+ /**
+ * @param userlist the userlist to set
+ */
+ public void setUserlist(List<AuthenticatedUser> userlist) {
+ this.userlist = userlist;
+ }
+
+ /**
+ * @return the user
+ */
+ public UserDatabaseFrom getUser() {
+ return user;
+ }
+
+ /**
+ * @param user the user to set
+ */
+ public void setUser(UserDatabaseFrom user) {
+ this.user = user;
+ }
+
+ /**
+ * @return the useridobj
+ */
+ public String getUseridobj() {
+ return useridobj;
+ }
+
+ /**
+ * @param useridobj the useridobj to set
+ */
+ public void setUseridobj(String useridobj) {
+ this.useridobj = useridobj;
+ }
+
+ /**
+ * @return the authUser
+ */
+ public AuthenticatedUser getAuthUser() {
+ return authUser;
+ }
+
+ /**
+ * @return the newUser
+ */
+ public boolean isNewUser() {
+ return newUser;
+ }
+
+
+
+}
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-10 10:59:45 +0000