View Javadoc

1   /*
2    * Copyright 2000-2001,2004 The Apache Software Foundation.
3    * 
4    * Licensed under the Apache License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    * 
8    *      http://www.apache.org/licenses/LICENSE-2.0
9    * 
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   */
16  
17  package org.apache.jetspeed.modules.actions.portlets.security;
18  
19  // velocity
20  import org.apache.jetspeed.modules.actions.portlets.SecureVelocityPortletAction;
21  import org.apache.jetspeed.om.security.JetspeedRoleFactory;
22  import org.apache.jetspeed.om.security.Role;
23  import org.apache.jetspeed.portal.portlets.VelocityPortlet;
24  import org.apache.jetspeed.services.JetspeedSecurity;
25  import org.apache.jetspeed.services.logging.JetspeedLogFactoryService;
26  import org.apache.jetspeed.services.logging.JetspeedLogger;
27  import org.apache.jetspeed.services.resources.JetspeedResources;
28  import org.apache.jetspeed.services.security.RoleException;
29  import org.apache.turbine.util.DynamicURI;
30  import org.apache.turbine.util.RunData;
31  import org.apache.turbine.util.StringUtils;
32  import org.apache.velocity.context.Context;
33  
34  
35  /***
36   * This action sets up the template context for editing security roles in the Turbine database.
37   *
38   * @author <a href="mailto:taylor@apache.org">David Sean Taylor</a>
39   * @version $Id: RoleUpdateAction.java,v 1.14 2004/03/31 04:49:10 morciuch Exp $
40   */
41  public class RoleUpdateAction extends SecureVelocityPortletAction
42  {
43      private static final String TEMP_ROLE = "tempRole";
44  
45      /***
46       * Static initialization of the logger for this class
47       */    
48      private static final JetspeedLogger logger = JetspeedLogFactoryService.getLogger(RoleUpdateAction.class.getName());     
49      
50      /***
51       * Build the maximized state content for this portlet. (Same as normal state).
52       *
53       * @param portlet The velocity-based portlet that is being built.
54       * @param context The velocity context for this request.
55       * @param rundata The turbine rundata context for this request.
56       */
57      protected void buildMaximizedContext( VelocityPortlet portlet,
58                                            Context context,
59                                            RunData rundata )
60      {
61          buildNormalContext( portlet, context, rundata);
62      }
63  
64      /***
65       * Build the configure state content for this portlet.
66       * TODO: we could configure this portlet with configurable skins, etc..
67       *
68       * @param portlet The velocity-based portlet that is being built.
69       * @param context The velocity context for this request.
70       * @param rundata The turbine rundata context for this request.
71       */
72      protected void buildConfigureContext( VelocityPortlet portlet,
73                                            Context context,
74                                            RunData rundata )
75      {
76  
77          buildNormalContext( portlet, context, rundata);
78      }
79  
80      /***
81       * Build the normal state content for this portlet.
82       *
83       * @param portlet The velocity-based portlet that is being built.
84       * @param context The velocity context for this request.
85       * @param rundata The turbine rundata context for this request.
86       */
87      protected void buildNormalContext( VelocityPortlet portlet,
88                                         Context context,
89                                         RunData rundata )
90      {
91          try
92          {
93              Role role = null;
94  
95              /*
96               * Grab the mode for the user form.
97               */
98              String mode = rundata.getParameters().getString(SecurityConstants.PARAM_MODE);
99  
100             // if we are updating or deleting - put the name in the context
101             //
102             if (mode != null && (mode.equals(SecurityConstants.PARAM_MODE_UPDATE) ||
103                                  mode.equals(SecurityConstants.PARAM_MODE_DELETE)))
104             {
105                 // get the primary key and put the object in the context
106                 String rolename = rundata.getParameters().getString(SecurityConstants.PARAM_ENTITY_ID);
107                 role = JetspeedSecurity.getRole(rolename);
108                 context.put(SecurityConstants.CONTEXT_ROLE, role);
109             }
110 
111             //
112             // if there was an error, display the message
113             //
114             String msgid = rundata.getParameters().getString(SecurityConstants.PARAM_MSGID);
115             if (msgid != null)
116             {
117                 int id = Integer.parseInt(msgid);
118                 if (id < SecurityConstants.MESSAGES.length)
119                     context.put(SecurityConstants.PARAM_MSG, SecurityConstants.MESSAGES[id]);
120 
121                 // get the bad entered data and put it back for convenient update
122                 Role tempRole = (Role)rundata.getUser().getTemp(TEMP_ROLE);
123                 if (tempRole != null)
124                     context.put(SecurityConstants.CONTEXT_ROLE, tempRole);
125             }
126             context.put(SecurityConstants.PARAM_MODE, mode);
127 
128         }
129         catch (Exception e)
130         {
131             logger.error("Error in Jetspeed User Security", e);
132             rundata.setMessage("Error in Jetspeed User Security: " + e.toString());
133             rundata.setStackTrace(StringUtils.stackTrace(e), e);
134             rundata.setScreenTemplate(JetspeedResources.getString("template.error","Error"));
135         }
136     }
137 
138     /***
139      * Database Insert Action for Security Roles. Performs inserts into security database.
140      *
141      * @param rundata The turbine rundata context for this request.
142      * @param context The velocity context for this request.
143      */
144     public void doInsert(RunData rundata, Context context)
145         throws Exception
146     {
147         Role role = null;
148         try
149         {
150             //
151             // validate that its not an 'blank' rolename -- not allowed
152             //
153             String name = rundata.getParameters().getString("name");
154             if (name == null || name.trim().length() == 0)
155             {
156                 DynamicURI duri = new DynamicURI (rundata);
157                 duri.addPathInfo(SecurityConstants.PANE_NAME, SecurityConstants.PANEID_ROLE_UPDATE);
158                 duri.addPathInfo(SecurityConstants.PARAM_MSGID, SecurityConstants.MID_INVALID_ENTITY_NAME);
159                 rundata.setRedirectURI(duri.toString());
160                 rundata.getUser().setTemp(TEMP_ROLE, null);
161                 return;
162             }
163 
164             //
165             // generate a new role
166             //           
167             
168             role = JetspeedRoleFactory.getInstance();
169             role.setName(name);
170 
171             //
172             // add the role
173             ///
174             JetspeedSecurity.addRole(role);
175 
176         }
177         catch (RoleException e)
178         {
179             // log the error msg
180             logger.error("Exception", e);
181 
182             //
183             // dup key found - display error message - bring back to same screen
184             //
185             DynamicURI duri = new DynamicURI (rundata);
186             duri.addPathInfo(SecurityConstants.PANE_NAME, SecurityConstants.PANEID_ROLE_UPDATE);
187             duri.addPathInfo(SecurityConstants.PARAM_MSGID, SecurityConstants.MID_ENTITY_ALREADY_EXISTS);
188             rundata.setRedirectURI(duri.toString());
189 
190             // save values that user just entered so they don't have to re-enter
191            if (role != null)
192                rundata.getUser().setTemp(TEMP_ROLE, role);
193         }
194     }
195 
196     /***
197      * Database Update Action for Security Roles. Performs updates into security database.
198      *
199      * @param rundata The turbine rundata context for this request.
200      * @param context The velocity context for this request.
201      */
202     public void doUpdate(RunData rundata, Context context)
203         throws Exception
204     {
205         Role role = null;
206         try
207         {
208             //
209             // get the role object from the selected role entry in the browser
210             //
211             role = JetspeedSecurity.getRole(
212                      rundata.getParameters().getString(SecurityConstants.PARAM_ENTITY_ID));
213 
214             //
215             // update the role in the database
216             //
217             JetspeedSecurity.saveRole(role);
218 
219         }
220         catch (Exception e)
221         {
222            // log the error msg
223             logger.error("Exception", e);
224 
225             //
226             // error on update - display error message
227             //
228             DynamicURI duri = new DynamicURI (rundata);
229             duri.addPathInfo(SecurityConstants.PANE_NAME, SecurityConstants.PANEID_ROLE_UPDATE);
230             duri.addPathInfo(SecurityConstants.PARAM_MSGID, SecurityConstants.MID_UPDATE_FAILED);
231             if (role != null)
232                 duri.addPathInfo(SecurityConstants.PARAM_ENTITY_ID, role.getName());
233             duri.addQueryData(SecurityConstants.PARAM_MODE, SecurityConstants.PARAM_MODE_UPDATE);
234             rundata.setRedirectURI(duri.toString());
235 
236            // save values that user just entered so they don't have to re-enter
237            if (role != null)
238                rundata.getUser().setTemp(TEMP_ROLE, role);
239 
240         }
241     }
242 
243     /***
244      * Database Delete Action for Security Roles. Performs deletes into security database.
245      *
246      * @param rundata The turbine rundata context for this request.
247      * @param context The velocity context for this request.
248      */
249     public void doDelete(RunData rundata, Context context)
250         throws Exception
251     {
252         Role role = null;
253 
254         try
255         {
256             //
257             // get the role object from the selected role entry in the browser
258             //
259             role = JetspeedSecurity.getRole(
260                         rundata.getParameters().getString( SecurityConstants.PARAM_ENTITY_ID) );
261 
262             //
263             // remove the role
264             //
265             JetspeedSecurity.removeRole(role.getName());
266 
267         }
268         catch (Exception e)
269         {
270            // log the error msg
271             logger.error("Exception", e);
272 
273             //
274             // error on delete - display error message
275             //
276             DynamicURI duri = new DynamicURI (rundata);
277             duri.addPathInfo(SecurityConstants.PANE_NAME, SecurityConstants.PANEID_ROLE_UPDATE);
278             duri.addPathInfo(SecurityConstants.PARAM_MSGID, SecurityConstants.MID_DELETE_FAILED);
279             if (role != null)
280                 duri.addPathInfo(SecurityConstants.PARAM_ENTITY_ID, role.getName());
281             duri.addQueryData(SecurityConstants.PARAM_MODE, SecurityConstants.PARAM_MODE_DELETE);
282             rundata.setRedirectURI(duri.toString());
283 
284             // save values that user just entered so they don't have to re-enter
285            if (role != null)
286                rundata.getUser().setTemp(TEMP_ROLE, role);
287 
288         }
289 
290     }
291 
292 
293 }