package org.appfuse.webapp.action;
import java.util.List;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.acegisecurity.Authentication;
import org.acegisecurity.AuthenticationTrustResolver;
import org.acegisecurity.AuthenticationTrustResolverImpl;
import org.acegisecurity.context.SecurityContextHolder;
import org.acegisecurity.context.SecurityContext;
import org.apache.commons.beanutils.BeanUtils;
import org.apache.commons.lang.StringUtils;
import org.apache.struts.action.ActionForm;
import org.apache.struts.action.ActionForward;
import org.apache.struts.action.ActionMapping;
import org.apache.struts.action.ActionMessage;
import org.apache.struts.action.ActionMessages;
import org.apache.struts.util.MessageResources;
import org.appfuse.Constants;
import org.appfuse.model.Role;
import org.appfuse.model.User;
import org.appfuse.service.MailEngine;
import org.appfuse.service.RoleManager;
import org.appfuse.service.UserExistsException;
import org.appfuse.service.UserManager;
import org.appfuse.util.StringUtil;
import org.appfuse.webapp.form.UserForm;
import org.appfuse.webapp.util.RequestUtil;
import org.springframework.mail.SimpleMailMessage;
public final class UserAction extends BaseAction {
public ActionForward add(ActionMapping mapping, ActionForm form,
HttpServletRequest request,
HttpServletResponse response)
throws Exception {
if (log.isDebugEnabled()) {
log.debug("Entering 'add' method");
}
User user = new User();
user.addRole(new Role(Constants.USER_ROLE));
UserForm userForm = (UserForm) convert(user);
updateFormBean(mapping, request, userForm);
checkForRememberMeLogin(request);
return mapping.findForward("edit");
}
public ActionForward cancel(ActionMapping mapping, ActionForm form,
HttpServletRequest request,
HttpServletResponse response)
throws Exception {
if (log.isDebugEnabled()) {
log.debug("Entering 'cancel' method");
}
if (!StringUtils.equals(request.getParameter("from"), "list")) {
return mapping.findForward("mainMenu");
} else {
return mapping.findForward("viewUsers");
}
}
public ActionForward delete(ActionMapping mapping, ActionForm form,
HttpServletRequest request,
HttpServletResponse response)
throws Exception {
if (log.isDebugEnabled()) {
log.debug("Entering 'delete' method");
}
ActionMessages messages = new ActionMessages();
UserForm userForm = (UserForm) form;
UserManager mgr = (UserManager) getBean("userManager");
mgr.removeUser(userForm.getId());
messages.add(ActionMessages.GLOBAL_MESSAGE,
new ActionMessage("user.deleted", userForm.getFirstName()
+ ' ' + userForm.getLastName()));
saveMessages(request.getSession(), messages);
return mapping.findForward("viewUsers");
}
public ActionForward edit(ActionMapping mapping, ActionForm form,
HttpServletRequest request,
HttpServletResponse response)
throws Exception {
if (log.isDebugEnabled()) {
log.debug("Entering 'edit' method");
}
UserForm userForm = (UserForm) form;
if (request.getRequestURI().indexOf("editProfile") > -1) {
if ((request.getParameter("username") != null) ||
(request.getParameter("from") != null)) {
response.sendError(HttpServletResponse.SC_FORBIDDEN);
log.warn("User '" + request.getRemoteUser() + "' is trying to edit user '" +
request.getParameter("username") + "'");
return null;
}
}
UserManager mgr = (UserManager) getBean("userManager");
User user = null;
if (request.getParameter("username") != null) {
user = mgr.getUserByUsername(userForm.getUsername());
} else {
user = mgr.getUserByUsername(request.getRemoteUser());
}
BeanUtils.copyProperties(userForm, convert(user));
userForm.setConfirmPassword(userForm.getPassword());
updateFormBean(mapping, request, userForm);
checkForRememberMeLogin(request);
return mapping.findForward("edit");
}
public ActionForward save(ActionMapping mapping, ActionForm form,
HttpServletRequest request,
HttpServletResponse response)
throws Exception {
if (log.isDebugEnabled()) {
log.debug("Entering 'save' method");
}
ActionMessages errors = form.validate(mapping, request);
if (!errors.isEmpty()) {
saveErrors(request, errors);
return mapping.findForward("edit");
}
ActionMessages messages = new ActionMessages();
UserForm userForm = (UserForm) form;
User user = new User();
BeanUtils.copyProperties(user, userForm);
Boolean encrypt = (Boolean) getConfiguration().get(Constants.ENCRYPT_PASSWORD);
if (StringUtils.equals(request.getParameter("encryptPass"), "true")
&& (encrypt != null && encrypt.booleanValue())) {
String algorithm = (String) getConfiguration().get(Constants.ENC_ALGORITHM);
if (algorithm == null) { log.debug("assuming testcase, setting algorithm to 'SHA'");
algorithm = "SHA";
}
user.setPassword(StringUtil.encodePassword(user.getPassword(), algorithm));
}
UserManager mgr = (UserManager) getBean("userManager");
RoleManager roleMgr = (RoleManager) getBean("roleManager");
String[] userRoles = request.getParameterValues("userRoles");
for (int i = 0; userRoles != null && i < userRoles.length; i++) {
String roleName = userRoles[i];
user.addRole(roleMgr.getRole(roleName));
}
try {
mgr.saveUser(user);
} catch (UserExistsException e) {
log.warn(e.getMessage());
errors.add(ActionMessages.GLOBAL_MESSAGE,
new ActionMessage("errors.existing.user",
userForm.getUsername(),
userForm.getEmail()));
saveErrors(request, errors);
BeanUtils.copyProperties(userForm, convert(user));
userForm.setConfirmPassword(userForm.getPassword());
userForm.setVersion(request.getParameter("version"));
updateFormBean(mapping, request, userForm);
return mapping.findForward("edit");
}
BeanUtils.copyProperties(userForm, convert(user));
userForm.setConfirmPassword(userForm.getPassword());
updateFormBean(mapping, request, userForm);
if (!StringUtils.equals(request.getParameter("from"), "list")) {
messages.add(ActionMessages.GLOBAL_MESSAGE,
new ActionMessage("user.saved"));
saveMessages(request.getSession(), messages);
return mapping.findForward("mainMenu");
} else {
if ("".equals(request.getParameter("version"))) {
messages.add(ActionMessages.GLOBAL_MESSAGE,
new ActionMessage("user.added", user.getFullName()));
saveMessages(request.getSession(), messages);
sendNewUserEmail(request, userForm);
return mapping.findForward("addUser");
} else {
messages.add(ActionMessages.GLOBAL_MESSAGE,
new ActionMessage("user.updated.byAdmin",
user.getFullName()));
saveMessages(request, messages);
return mapping.findForward("edit");
}
}
}
public ActionForward search(ActionMapping mapping, ActionForm form,
HttpServletRequest request,
HttpServletResponse response)
throws Exception {
if (log.isDebugEnabled()) {
log.debug("Entering 'search' method");
}
UserForm userForm = (UserForm) form;
UserManager mgr = (UserManager) getBean("userManager");
User user = (User) convert(userForm);
List users = mgr.getUsers(user);
request.setAttribute(Constants.USER_LIST, users);
return mapping.findForward("list");
}
public ActionForward unspecified(ActionMapping mapping, ActionForm form,
HttpServletRequest request,
HttpServletResponse response)
throws Exception {
return search(mapping, form, request, response);
}
private void sendNewUserEmail(HttpServletRequest request, UserForm userForm)
throws Exception {
MessageResources resources = getResources(request);
if (log.isDebugEnabled()) {
log.debug("Sending user '" + userForm.getUsername() +
"' an account information e-mail");
}
SimpleMailMessage message = (SimpleMailMessage) getBean("mailMessage");
message.setTo(userForm.getFullName() + "<" + userForm.getEmail() + ">");
StringBuffer msg = new StringBuffer();
msg.append(resources.getMessage("newuser.email.message",
userForm.getFullName()));
msg.append("\n\n" + resources.getMessage("userForm.username"));
msg.append(": " + userForm.getUsername() + "\n");
msg.append(resources.getMessage("userForm.password") + ": ");
msg.append(userForm.getPassword());
msg.append("\n\nLogin at: " + RequestUtil.getAppURL(request));
message.setText(msg.toString());
message.setSubject(resources.getMessage("signup.email.subject"));
MailEngine engine = (MailEngine) getBean("mailEngine");
engine.send(message);
}
private void checkForRememberMeLogin(HttpServletRequest request) {
log.debug("checking for remember me login...");
AuthenticationTrustResolver resolver = new AuthenticationTrustResolverImpl();
SecurityContext ctx = SecurityContextHolder.getContext();
if (ctx != null) {
Authentication auth = ctx.getAuthentication();
if (resolver.isRememberMe(auth)) {
request.getSession().setAttribute("cookieLogin", "true");
ActionMessages messages = new ActionMessages();
messages.add(ActionMessages.GLOBAL_MESSAGE, new ActionMessage("userProfile.cookieLogin"));
saveMessages(request, messages);
}
}
}
}