/******************************************************************************* * Copyright 2014 Federal Chancellery Austria * MOA-ID has been developed in a cooperation between BRZ, the Federal * Chancellery Austria - ICT staff unit, and Graz University of Technology. * * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by * the European Commission - subsequent versions of the EUPL (the "Licence"); * You may not use this work except in compliance with the Licence. * You may obtain a copy of the Licence at: * http://www.osor.eu/eupl/ * * Unless required by applicable law or agreed to in writing, software * distributed under the Licence is distributed on an "AS IS" basis, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the Licence for the specific language governing permissions and * limitations under the Licence. * * This product combines work with different licenses. See the "NOTICE" text * file for details on the various modules and licenses. * The "NOTICE" text file is part of the distribution. Any derivative works * that you distribute must include a readable copy of the "NOTICE" text file. *******************************************************************************/ package at.gv.egovernment.moa.id.configuration.struts.action; import java.util.ArrayList; import java.util.HashMap; import java.util.List; import java.util.Map; import org.apache.log4j.Logger; import at.gv.egiz.eaaf.core.impl.utils.Random; import at.gv.egovernment.moa.id.auth.frontend.utils.FormBuildUtils; import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase; import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.OnlineApplication; import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.StorkAttribute; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationException; import at.gv.egovernment.moa.id.configuration.Constants; import at.gv.egovernment.moa.id.configuration.data.FormularCustomization; import at.gv.egovernment.moa.id.configuration.data.oa.AttributeHelper; import at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData; import at.gv.egovernment.moa.id.configuration.data.oa.OAAuthenticationData; import at.gv.egovernment.moa.id.configuration.data.oa.OABPKEncryption; import at.gv.egovernment.moa.id.configuration.data.oa.OAOAuth20Config; import at.gv.egovernment.moa.id.configuration.data.oa.OAPVP2Config; import at.gv.egovernment.moa.id.configuration.data.oa.OARevisionsLogData; import at.gv.egovernment.moa.id.configuration.data.oa.OASAML1Config; import at.gv.egovernment.moa.id.configuration.data.oa.OASSOConfig; import at.gv.egovernment.moa.id.configuration.data.oa.OASTORKConfig; import at.gv.egovernment.moa.id.configuration.data.oa.OATargetConfiguration; import at.gv.egovernment.moa.id.configuration.exception.BasicActionException; import at.gv.egovernment.moa.id.configuration.exception.BasicOAActionException; import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; import at.gv.egovernment.moa.id.configuration.helper.MailHelper; public class EditOAAction extends BasicOAAction { private final Logger log = Logger.getLogger(EditOAAction.class); private static final long serialVersionUID = 1L; private String nextPage; public EditOAAction() { super(); OATargetConfiguration oaTarget = new OATargetConfiguration(); formList.put(oaTarget.getName(), oaTarget); OAAuthenticationData authOA = new OAAuthenticationData(); formList.put(authOA.getName(), authOA); OASAML1Config saml1OA = new OASAML1Config(); formList.put(saml1OA.getName(), saml1OA); if (isMoaidMode) { OABPKEncryption bPKEncDec = new OABPKEncryption(); formList.put(bPKEncDec.getName(), bPKEncDec); OASSOConfig ssoOA = new OASSOConfig(); formList.put(ssoOA.getName(), ssoOA); OAPVP2Config pvp2OA = new OAPVP2Config(); formList.put(pvp2OA.getName(), pvp2OA); OAOAuth20Config oauth20OA = new OAOAuth20Config(); formList.put(oauth20OA.getName(), oauth20OA); OASTORKConfig storkOA = new OASTORKConfig(); formList.put(storkOA.getName(), storkOA); Map map = new HashMap(); map.putAll(FormBuildUtils.getDefaultMap()); FormularCustomization formOA = new FormularCustomization(map); formList.put(formOA.getName(), formOA); OARevisionsLogData revisOA = new OARevisionsLogData(); formList.put(revisOA.getName(), revisOA); } } // STRUTS actions public String inital() { try { populateBasicInformations(); OnlineApplication onlineapplication = populateOnlineApplicationFromRequest(); if (onlineapplication == null) { addActionError(LanguageHelper.getErrorString( "errors.listOAs.noOA", request)); return Constants.STRUTS_SUCCESS; } List errors = new ArrayList(); for (IOnlineApplicationData form : formList.values()) { List error = form.parse(onlineapplication, authUser, request); if (error != null) errors.addAll(error); } if (errors.size() > 0) { for (String el : errors) addActionError(el); } setNewOA(false); formID = Random.nextRandom(); session.setAttribute(Constants.SESSION_FORMID, formID); session.setAttribute(Constants.SESSION_OAID, oaid); return Constants.STRUTS_OA_EDIT; } catch (BasicActionException e) { return Constants.STRUTS_ERROR; } catch (BasicOAActionException e) { addActionError(e.getStrutsError()); return e.getStrutsReturnValue(); } finally { } } public String newOA() { log.debug("insert new Online-Application"); try { populateBasicInformations(); populateBasicNewOnlineApplicationInformation(); // prepare attribute helper list ArrayList attributes = new ArrayList(); try { for (StorkAttribute current : configuration.getDbRead() .getMOAIDConfiguration().getAuthComponentGeneral() .getForeignIdentities().getSTORK().getAttributes()) attributes.add(new AttributeHelper(current)); } catch (NullPointerException e) { } if (getStorkOA() != null) getStorkOA().setHelperAttributes(attributes); UserDatabase userdb = configuration.getUserManagement().getUserWithID(authUser .getUserID()); if (!authUser.isAdmin() && userdb.isIsMailAddressVerified() != null && !userdb.isIsMailAddressVerified()) { log.info("Online-Applikation managemant disabled. Mail address is not verified."); addActionError(LanguageHelper.getErrorString( "error.editoa.mailverification", request)); return Constants.STRUTS_SUCCESS; } if (formList.get(new OAOAuth20Config().getName()) != null) session.setAttribute( Constants.SESSION_OAUTH20SECRET, ((OAOAuth20Config) formList.get(new OAOAuth20Config().getName())) .getClientSecret()); if (getFormOA() != null) session.setAttribute(Constants.SESSION_BKUFORMPREVIEW, getFormOA().getFormMap()); nextPage = Constants.STRUTS_RETURNAREA_VALUES.main.name(); return Constants.STRUTS_OA_EDIT; } catch (BasicActionException e) { return Constants.STRUTS_ERROR; } finally { } } public String saveOA() { OnlineApplication onlineapplication = null; try { populateBasicInformations(); onlineapplication = preProcessSaveOnlineApplication(); List errors = new ArrayList(); // validate forms for (IOnlineApplicationData form : formList.values()) errors.addAll(form.validate(getGeneralOA(), authUser, request)); // Do not allow SSO in combination with special BKUSelection features if (getSsoOA() != null && getSsoOA().isUseSSO() && (getFormOA() != null && getFormOA().isOnlyMandateAllowed() || !getFormOA() .isShowMandateLoginButton())) { log.warn("Special BKUSelection features can not be used in combination with SSO"); errors.add(LanguageHelper.getErrorString( "validation.general.bkuselection.specialfeatures.valid", request)); } if (errors.size() > 0) { log.info("OAConfiguration with ID " + getGeneralOA().getIdentifier() + " has some errors."); for (String el : errors) addActionError(el); formID = Random.nextRandom(); session.setAttribute(Constants.SESSION_FORMID, formID); return Constants.STRUTS_ERROR_VALIDATION; } else { try { onlineapplication = postProcessSaveOnlineApplication(onlineapplication, true); } catch (BasicOAActionException e) { addActionError(e.getStrutsError()); return e.getStrutsReturnValue(); } } Object nextPageAttr = session .getAttribute(Constants.SESSION_RETURNAREA); if (nextPageAttr != null && nextPageAttr instanceof String) { nextPage = (String) nextPageAttr; session.setAttribute(Constants.SESSION_RETURNAREA, null); } else { nextPage = Constants.STRUTS_RETURNAREA_VALUES.main.name(); } if (onlineapplication.isIsAdminRequired()) { int numoas = 0; int numusers = 0; List openOAs = configuration.getDbRead() .getAllNewOnlineApplications(); if (openOAs != null) numoas = openOAs.size(); List openUsers = configuration.getUserManagement().getAllNewUsers(); if (openUsers != null) numusers = openUsers.size(); try { addActionMessage(LanguageHelper.getGUIString( "webpages.oaconfig.success.admin", getGeneralOA() .getIdentifier(), request)); if (numusers > 0 || numoas > 0) MailHelper.sendAdminMail(numoas, numusers); } catch (ConfigurationException e) { log.warn("Sending Mail to Admin failed.", e); } } else addActionMessage(LanguageHelper.getGUIString( "webpages.oaconfig.success", getGeneralOA().getIdentifier(), request)); // remove session attributes session.setAttribute(Constants.SESSION_OAID, null); session.removeAttribute(Constants.SESSION_BKUSELECTIONTEMPLATE); session.removeAttribute(Constants.SESSION_SENDASSERTIONTEMPLATE); return Constants.STRUTS_SUCCESS; } catch (BasicActionException e) { return Constants.STRUTS_ERROR; } catch (BasicOAActionException e) { addActionError(e.getStrutsError()); return e.getStrutsReturnValue(); } finally { } } public String cancleAndBackOA() { try { populateBasicInformations(); Object nextPageAttr = session .getAttribute(Constants.SESSION_RETURNAREA); if (nextPageAttr != null && nextPageAttr instanceof String) { nextPage = (String) nextPageAttr; session.setAttribute(Constants.SESSION_RETURNAREA, null); } else { nextPage = Constants.STRUTS_RETURNAREA_VALUES.main.name(); } session.setAttribute(Constants.SESSION_OAID, null); addActionMessage(LanguageHelper.getGUIString( "webpages.oaconfig.cancle", getGeneralOA().getIdentifier(), request)); return Constants.STRUTS_SUCCESS; } catch (BasicActionException e) { return Constants.STRUTS_ERROR; } finally { } } public String deleteOA() { String oaidentifier = null; try { populateBasicInformations(); Object nextPageAttr = session .getAttribute(Constants.SESSION_RETURNAREA); if (nextPageAttr != null && nextPageAttr instanceof String) { nextPage = (String) nextPageAttr; } else { nextPage = Constants.STRUTS_RETURNAREA_VALUES.main.name(); } oaidentifier = preProcessDeleteOnlineApplication(); List onlineapplications = configuration.getDbRead() .getOnlineApplications(oaidentifier); Long oaid = getOAIDFromSession(); OnlineApplication onlineapplication = null; if (onlineapplications != null && onlineapplications.size() > 1) { log.info("Found more then one OA with PublicURLPrefix in configuration. " + "Select OA with DB Id ..."); for (OnlineApplication oa : onlineapplications) { if (oa.getHjid().equals(oaid)) { if (onlineapplication == null) onlineapplication = oa; else { log.error("Found more then one OA with same PublicURLPrefix and same DBID."); new BasicOAActionException( "Found more then one OA with same PublicURLPrefix and same DBID.", Constants.STRUTS_SUCCESS); } } } } else if (onlineapplications != null && onlineapplications.size() == 1) onlineapplication = onlineapplications.get(0); request.getSession().setAttribute(Constants.SESSION_OAID, null); // try { // if (MiscUtil.isNotEmpty(onlineapplication.getAuthComponentOA() // .getOAPVP2().getMetadataURL())) { // // MOAIDConfiguration moaconfig = configuration.getDbRead() // .getMOAIDConfiguration(); // moaconfig.setPvp2RefreshItem(new Date()); // ConfigurationDBUtils.saveOrUpdate(moaconfig); // // } // } catch (NullPointerException e) { // log.debug("Found no MetadataURL in OA-Databaseconfig"); // // } catch (Throwable e) { // log.info("Set metadata refresh flag FAILED.", e); // } if (onlineapplication != null && delete(onlineapplication)) { if (!authUser.isAdmin()) { UserDatabase user = configuration.getUserManagement().getUserWithID(authUser .getUserID()); List useroas = user.getOnlineApplication(); for (String oa : useroas) { if (oa.equals(onlineapplication.getHjid())) { useroas.remove(oa); } } try { configuration.getUserManagement().saveOrUpdate(user); } catch (MOADatabaseException e) { log.warn("User information can not be updated in database", e); addActionError(LanguageHelper.getGUIString( "error.db.oa.store", request)); return Constants.STRUTS_ERROR; } } addActionMessage(LanguageHelper.getGUIString( "webpages.oaconfig.delete.message", oaidentifier, request)); return Constants.STRUTS_SUCCESS; } else { addActionError(LanguageHelper.getGUIString( "webpages.oaconfig.delete.error", oaidentifier, request)); return Constants.STRUTS_SUCCESS; } } catch (BasicActionException e) { return Constants.STRUTS_ERROR; } catch (BasicOAActionException e) { addActionError(e.getStrutsError()); return e.getStrutsReturnValue(); } finally { } } public OAAuthenticationData getAuthOA() { return (OAAuthenticationData) formList.get(new OAAuthenticationData() .getName()); } public void setAuthOA(OAAuthenticationData generalOA) { formList.put(generalOA.getName(), generalOA); } public OASAML1Config getSaml1OA() { return (OASAML1Config) formList.get(new OASAML1Config().getName()); } public void setSaml1OA(OASAML1Config saml1oa) { formList.put(saml1oa.getName(), saml1oa); } public OASSOConfig getSsoOA() { return (OASSOConfig) formList.get(new OASSOConfig().getName()); } public void setSsoOA(OASSOConfig ssoOA) { formList.put(ssoOA.getName(), ssoOA); } public OASTORKConfig getStorkOA() { return (OASTORKConfig) formList.get(new OASTORKConfig().getName()); } public void setStorkOA(OASTORKConfig storkOA) { formList.put(storkOA.getName(), storkOA); } public OARevisionsLogData getRevisionsLogOA() { return (OARevisionsLogData) formList.get(new OARevisionsLogData().getName()); } public void setRevisionsLogOA(OARevisionsLogData storkOA) { formList.put(storkOA.getName(), storkOA); } /** * @return the nextPage */ public String getNextPage() { return nextPage; } /** * @return the formOA */ public FormularCustomization getFormOA() { return (FormularCustomization) formList.get(new FormularCustomization( null).getName()); } /** * @param formOA * the formOA to set */ public void setFormOA(FormularCustomization formOA) { formList.put(formOA.getName(), formOA); } public OAOAuth20Config getOauth20OA() { return (OAOAuth20Config) formList.get(new OAOAuth20Config().getName()); } public void setOauth20OA(OAOAuth20Config oauth20OA) { formList.put(oauth20OA.getName(), oauth20OA); } /** * @return the formOA */ public OATargetConfiguration getTargetConfig() { return (OATargetConfiguration) formList.get(new OATargetConfiguration() .getName()); } /** * @param formOA * the formOA to set */ public void setTargetConfig(OATargetConfiguration formOA) { formList.put(formOA.getName(), formOA); } /** * @return the bPK encryption/decryption form */ public OABPKEncryption getBPKEncDecr() { return (OABPKEncryption) formList.get(new OABPKEncryption().getName()); } /** * @param bPK encryption/decryption form * the bPK encryption/decryption form to set */ public void setBPKEncDecr(OABPKEncryption formOA) { formList.put(formOA.getName(), formOA); } }