📄 showavailableaccountsdispatchaction.java
字号:
/*
* SSL-Explorer
*
* Copyright (C) 2003-2006 3SP LTD. All Rights Reserved
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2 of
* the License, or (at your option) any later version.
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public
* License along with this program; if not, write to the Free Software
* Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/
package com.sslexplorer.security.actions;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.struts.Globals;
import org.apache.struts.action.ActionForm;
import org.apache.struts.action.ActionForward;
import org.apache.struts.action.ActionMapping;
import org.apache.struts.action.ActionMessage;
import org.apache.struts.action.ActionMessages;
import com.sslexplorer.boot.Util;
import com.sslexplorer.core.CoreAttributeConstants;
import com.sslexplorer.core.CoreEvent;
import com.sslexplorer.core.CoreEventConstants;
import com.sslexplorer.core.CoreServlet;
import com.sslexplorer.core.CoreUtil;
import com.sslexplorer.policyframework.Permission;
import com.sslexplorer.policyframework.PolicyConstants;
import com.sslexplorer.policyframework.PolicyUtil;
import com.sslexplorer.security.SessionInfo;
import com.sslexplorer.security.User;
import com.sslexplorer.security.UserDatabase;
import com.sslexplorer.security.forms.ShowAvailableAccountsForm;
import com.sslexplorer.security.forms.UserAccountForm;
import com.sslexplorer.table.actions.AbstractPagerAction;
public class ShowAvailableAccountsDispatchAction extends AbstractPagerAction {
final static Log log = LogFactory.getLog(SetPasswordAction.class);
public ShowAvailableAccountsDispatchAction() {
super(PolicyConstants.ACCOUNTS_RESOURCE_TYPE, new Permission[] { PolicyConstants.PERM_CREATE, PolicyConstants.PERM_EDIT,
PolicyConstants.PERM_DELETE });
}
public ActionForward unspecified(ActionMapping mapping, ActionForm form, HttpServletRequest request,
HttpServletResponse response) throws Exception {
return list(mapping, form, request, response);
}
public ActionForward list(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response)
throws Exception {
ShowAvailableAccountsForm accountsForm = (ShowAvailableAccountsForm) form;
UserDatabase udb = CoreServlet.getServlet().getUserDatabase();
User[] users = null;
try {
users = udb.listAllUsers("*");
} catch (Exception e) {
log.error("Could not list users.", e);
ActionMessages errs = new ActionMessages();
errs
.add(Globals.ERROR_KEY, new ActionMessage("availableAccounts.cannotListAccounts", Util
.getExceptionMessageChain(e)));
saveErrors(request, errs);
users = new User[0];
accountsForm.setErrored(true);
}
accountsForm.initialize(users, isSetupMode() ? null : CoreServlet.getServlet().getLogonController().getUser(request),
request.getSession());
accountsForm.setEditable(CoreServlet.getServlet().getUserDatabase().supportsAccountCreation());
ActionMessages msgs = new ActionMessages();
if (udb.supportsAccountCreation() && !udb.supportsPasswordChange()) {
msgs.add(Globals.MESSAGE_KEY, new ActionMessage("availableAccounts.noPasswordChange.text"));
}
if (!udb.supportsAccountCreation() && udb.supportsPasswordChange()) {
msgs.add(Globals.MESSAGE_KEY, new ActionMessage("availableAccounts.noAccountCreation.text"));
} else if (!udb.supportsAccountCreation() && !udb.supportsPasswordChange()) {
msgs.add(Globals.MESSAGE_KEY, new ActionMessage("availableAccounts.noAccountCreationAndNoPasswordChange.text"));
}
if (msgs.size() > 0) {
saveMessages(request, msgs);
}
return mapping.findForward("display");
}
public ActionForward create(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response)
throws Exception {
return mapping.findForward("create");
}
public ActionForward commit(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response)
throws Exception {
return mapping.findForward("display");
}
public ActionForward password(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response)
throws Exception {
PolicyUtil.checkPermission(PolicyConstants.ACCOUNTS_RESOURCE_TYPE, PolicyConstants.PERM_EDIT, request);
String[] accounts = request.getParameterValues("username");
if (accounts == null || accounts.length != 1) {
ActionMessages mesgs = new ActionMessages();
mesgs.add(Globals.ERROR_KEY, new ActionMessage("availableAccounts.singleAccountNotSelected"));
saveErrors(request, mesgs);
return list(mapping, form, request, response);
} else {
User user = CoreServlet.getServlet().getUserDatabase().getAccount(accounts[0]);
request.getSession().setAttribute("setPassword.user", user);
return mapping.findForward("setPassword");
}
}
public ActionForward setPassword(ActionMapping mapping, ActionForm form, HttpServletRequest request,
HttpServletResponse response) throws Exception {
PolicyUtil.checkPermission(PolicyConstants.ACCOUNTS_RESOURCE_TYPE, PolicyConstants.PERM_EDIT, request);
User user = CoreServlet.getServlet().getUserDatabase().getAccount(((UserAccountForm) form).getUsername());
request.getSession().setAttribute("setPassword.user", user);
return mapping.findForward("setPassword");
}
public ActionForward edit(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response)
throws Exception {
PolicyUtil.checkPermission(PolicyConstants.ACCOUNTS_RESOURCE_TYPE, PolicyConstants.PERM_EDIT, request);
String[] accounts = request.getParameterValues("username");
if (accounts == null || accounts.length != 1) {
ActionMessages mesgs = new ActionMessages();
mesgs.add(Globals.ERROR_KEY, new ActionMessage("availableAccounts.singleAccountNotSelected"));
saveErrors(request, mesgs);
return list(mapping, form, request, response);
} else {
return mapping.findForward("edit");
}
}
public ActionForward confirmAccountDeletion(ActionMapping mapping, ActionForm form, HttpServletRequest request,
HttpServletResponse response) throws Exception {
PolicyUtil.checkPermission(PolicyConstants.ACCOUNTS_RESOURCE_TYPE, PolicyConstants.PERM_DELETE, request);
String[] accounts = request.getParameterValues("username");
if (accounts == null || accounts.length != 1) {
ActionMessages mesgs = new ActionMessages();
mesgs.add(Globals.ERROR_KEY, new ActionMessage("availableAccounts.singleAccountNotSelected"));
saveErrors(request, mesgs);
return list(mapping, form, request, response);
} else {
return mapping.findForward("confirmAccountDeletion");
}
}
public ActionForward accountDeletion(ActionMapping mapping, ActionForm form, HttpServletRequest request,
HttpServletResponse response) throws Exception {
PolicyUtil.checkPermission(PolicyConstants.ACCOUNTS_RESOURCE_TYPE, PolicyConstants.PERM_DELETE, request);
User currentUser = isSetupMode() ? null : CoreServlet.getServlet().getLogonController().getUser(request);
String[] accounts = request.getParameterValues("username");
boolean found = false;
for (int i = 0; i < accounts.length; i++) {
if (currentUser != null && accounts[i].equals(currentUser.getPrincipalName())) {
found = true;
}
}
if (!found) {
UserDatabase udb = CoreServlet.getServlet().getUserDatabase();
for (int i = 0; accounts != null && i < accounts.length; i++) {
User user = udb.getAccount(accounts[i]);
if (udb.supportsAccountCreation()) {
try {
// check to see if the user has a session, if so then logoff.
Iterator loggedOnUserSessions = CoreServlet.getServlet().getLogonController().getActiveSessions().values()
.iterator();
while (loggedOnUserSessions.hasNext()) {
SessionInfo element = (SessionInfo) loggedOnUserSessions.next();
if (element.getUser().equals(user)) {
element.getHttpSession().invalidate();
}
}
// Revoke all polices from the user
CoreServlet.getServlet().getPolicyDatabase().revokeAllPoliciesFromPrincipal(user);
udb.deleteAccount(user);
CoreServlet.getServlet().fireCoreEvent(
new CoreEvent(this, CoreEventConstants.USER_REMOVED, null, null, CoreEvent.STATE_SUCCESSFUL)
.addAttribute(CoreAttributeConstants.EVENT_ATTR_PRINCIPAL_ID, user.getPrincipalName())
.addAttribute(CoreAttributeConstants.EVENT_ATTR_FULL_NAME, user.getFullname()));
} catch (Exception e) {
CoreServlet.getServlet().fireCoreEvent(
new CoreEvent(this, CoreEventConstants.USER_REMOVED, null, null, e)
.addAttribute(CoreAttributeConstants.EVENT_ATTR_PRINCIPAL_ID, user.getPrincipalName())
.addAttribute(CoreAttributeConstants.EVENT_ATTR_FULL_NAME, user.getFullname()));
throw e;
}
}
}
} else {
ActionMessages mesgs = new ActionMessages();
mesgs.add(Globals.ERROR_KEY, new ActionMessage("availableAccounts.cannotDeleteOwnAccount"));
saveErrors(request, mesgs);
}
return mapping.findForward("refresh");
}
public ActionForward enable(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response)
throws Exception {
PolicyUtil.checkPermission(PolicyConstants.ACCOUNTS_RESOURCE_TYPE, PolicyConstants.PERM_EDIT, request);
String[] accounts = request.getParameterValues("username");
ActionMessages mesgs = new ActionMessages();
if (accounts == null || accounts.length == 0) {
mesgs.add(Globals.ERROR_KEY, new ActionMessage("availableAccounts.atLeastOneAccountNotSelected"));
saveErrors(request, mesgs);
} else {
UserDatabase udb = CoreServlet.getServlet().getUserDatabase();
for (int i = 0; accounts != null && i < accounts.length; i++) {
User user = udb.getAccount(accounts[i]);
boolean disabled = !PolicyUtil.isEnabled(user);
SessionInfo session = this.getSessionInfo();
if (disabled) {
if (log.isInfoEnabled())
log.info("Re-enabling user " + user.getPrincipalName());
PolicyUtil.setEnabled(user, true, null, session);
}
CoreServlet.getServlet().getLogonController().unlockUser(user.getPrincipalName());
}
}
return list(mapping, form, request, response);
}
public ActionForward disable(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response)
throws Exception {
PolicyUtil.checkPermission(PolicyConstants.ACCOUNTS_RESOURCE_TYPE, PolicyConstants.PERM_EDIT, request);
String[] accounts = request.getParameterValues("username");
ActionMessages mesgs = new ActionMessages();
if (accounts == null || accounts.length == 0) {
mesgs.add(Globals.ERROR_KEY, new ActionMessage("availableAccounts.atLeastOneAccountNotSelected"));
saveErrors(request, mesgs);
} else {
UserDatabase udb = CoreServlet.getServlet().getUserDatabase();
for (int i = 0; accounts != null && i < accounts.length; i++) {
User user = udb.getAccount(accounts[i]);
SessionInfo info = this.getSessionInfo();
boolean disabled = !PolicyUtil.isEnabled(user);
if (!disabled) {
if (log.isInfoEnabled())
log.info("Disabling user " + user.getPrincipalName());
PolicyUtil.setEnabled(user, false, null, info);
if (CoreServlet.getServlet().getLogonController().isAdministrator(user)) {
mesgs.add(Globals.MESSAGE_KEY, new ActionMessage("info.superUserDisabled"));
saveErrors(request, mesgs);
}
}
}
}
return list(mapping, form, request, response);
}
public int getNavigationContext(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) {
return SessionInfo.MANAGEMENT_CONSOLE_CONTEXT;
}
}⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -