package at.gv.egovernment.moa.id.configuration.struts.action; import java.util.ArrayList; import java.util.List; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; import org.apache.log4j.Logger; import org.apache.struts2.interceptor.ServletRequestAware; import org.apache.struts2.interceptor.ServletResponseAware; import com.opensymphony.xwork2.ActionSupport; import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead; import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils; import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication; import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplicationType; import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase; import at.gv.egovernment.moa.id.configuration.Constants; import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser; import at.gv.egovernment.moa.id.configuration.config.ConfigurationProvider; import at.gv.egovernment.moa.id.configuration.data.OAListElement; import at.gv.egovernment.moa.id.configuration.exception.ConfigurationException; import at.gv.egovernment.moa.id.configuration.helper.FormDataHelper; import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; import at.gv.egovernment.moa.id.configuration.validation.ValidationHelper; import at.gv.egovernment.moa.util.MiscUtil; public class ListOAsAction extends ActionSupport implements ServletRequestAware, ServletResponseAware { private final Logger log = Logger.getLogger(ListOAsAction.class); private static final long serialVersionUID = 1L; private HttpServletRequest request; private HttpServletResponse response; private ConfigurationProvider configuration; private List formOAs; private AuthenticatedUser authUser; private String friendlyname; public ListOAsAction() throws ConfigurationException { configuration = ConfigurationProvider.getInstance(); } public String listAllOnlineAppliactions() { HttpSession session = request.getSession(); if (session == null) { log.info("No http Session found."); return Constants.STRUTS_ERROR; } Object authUserObj = session.getAttribute(Constants.SESSION_AUTH); authUser = (AuthenticatedUser) authUserObj; List dbOAs = null; if (authUser.isAdmin()) { dbOAs = ConfigurationDBRead.getAllOnlineApplications(); } else { UserDatabase authUserDB = ConfigurationDBRead.getUserWithID(authUser.getUserID()); if (authUserDB != null) dbOAs = authUserDB.getOnlineApplication(); } if (dbOAs == null || dbOAs.size() == 0) { addActionError(LanguageHelper.getErrorString("errors.listOAs.noOA")); } else { formOAs = FormDataHelper.addFormOAs(dbOAs); } session.setAttribute(Constants.SESSION_RETURNAREA, Constants.STRUTS_RETURNAREA_VALUES.main.name()); ConfigurationDBUtils.closeSession(); return Constants.STRUTS_SUCCESS; } public String searchOAInit() { Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH); authUser = (AuthenticatedUser) authUserObj; formOAs = null; friendlyname = ""; return Constants.STRUTS_SUCCESS; } public String searchOA() { HttpSession session = request.getSession(); if (session == null) { log.info("No http Session found."); return Constants.STRUTS_ERROR; } Object authUserObj = session.getAttribute(Constants.SESSION_AUTH); authUser = (AuthenticatedUser) authUserObj; if (MiscUtil.isEmpty(friendlyname)) { log.info("SearchOA textfield is empty"); addActionError(LanguageHelper.getErrorString("validation.general.oafriendlyname.empty", request)); return Constants.STRUTS_SUCCESS; } else { if (ValidationHelper.containsPotentialCSSCharacter(friendlyname, false)) { log.warn("SearchOA textfield contains potential XSS characters"); addActionError(LanguageHelper.getErrorString("validation.general.oafriendlyname", new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request)); return Constants.STRUTS_SUCCESS; } } List dbOAs = null; if (authUser.isAdmin()) { dbOAs = ConfigurationDBRead.searchOnlineApplications(friendlyname); } else { UserDatabase authUserDB = ConfigurationDBRead.getUserWithID(authUser.getUserID()); if (authUserDB != null) { List alldbOAs = authUserDB.getOnlineApplication(); dbOAs = new ArrayList(); for (OnlineApplication el : alldbOAs) { if (el.getPublicURLPrefix() .toLowerCase().indexOf(friendlyname.toLowerCase()) > -1) dbOAs.add(el); } } } if (dbOAs == null || dbOAs.size() == 0) { log.debug("No OAs found with Identifier " + friendlyname); addActionError(LanguageHelper.getErrorString("errors.listOAs.noOA")); } else { formOAs = FormDataHelper.addFormOAs(dbOAs); session.setAttribute(Constants.SESSION_RETURNAREA, Constants.STRUTS_RETURNAREA_VALUES.main.name()); } ConfigurationDBUtils.closeSession(); return Constants.STRUTS_SUCCESS; } public void setServletResponse(HttpServletResponse arg0) { this.response = arg0; } public void setServletRequest(HttpServletRequest arg0) { this.request = arg0; } /** * @return the authUser */ public AuthenticatedUser getAuthUser() { return authUser; } /** * @return the formOAs */ public List getFormOAs() { return formOAs; } /** * @return the friendlyname */ public String getFriendlyname() { return friendlyname; } /** * @param friendlyname the friendlyname to set */ public void setFriendlyname(String friendlyname) { this.friendlyname = friendlyname; } }