📄 showroledispatchaction.java
字号:
/*
* SSL-Explorer
*
* Copyright (C) 2003-2006 3SP LTD. All Rights Reserved
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2 of
* the License, or (at your option) any later version.
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public
* License along with this program; if not, write to the Free Software
* Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/
package com.sslexplorer.security.actions;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Iterator;
import java.util.List;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.struts.Globals;
import org.apache.struts.action.ActionForm;
import org.apache.struts.action.ActionForward;
import org.apache.struts.action.ActionMapping;
import org.apache.struts.action.ActionMessage;
import org.apache.struts.action.ActionMessages;
import com.sslexplorer.core.CoreAttributeConstants;
import com.sslexplorer.core.CoreEvent;
import com.sslexplorer.core.CoreEventConstants;
import com.sslexplorer.core.CoreServlet;
import com.sslexplorer.core.CoreUtil;
import com.sslexplorer.core.actions.AuthenticatedDispatchAction;
import com.sslexplorer.policyframework.Permission;
import com.sslexplorer.policyframework.PolicyConstants;
import com.sslexplorer.policyframework.PolicyUtil;
import com.sslexplorer.security.Constants;
import com.sslexplorer.security.Role;
import com.sslexplorer.security.SessionInfo;
import com.sslexplorer.security.User;
import com.sslexplorer.security.forms.RoleForm;
/**
* Implementation of an {@link AuthenticatedDispatchAction} that allows an
* administrator to create or edit a <i>Group</i> (previously known as a
* <i>Role</i>).
*
* @author Brett Smith <a href="mailto: brett@3sp.com"><brett@3sp.com></a>
* @version $Revision: 1.13 $
*/
public class ShowRoleDispatchAction extends AuthenticatedDispatchAction {
/**
* Constructor.
*/
public ShowRoleDispatchAction() {
super(PolicyConstants.ROLES_RESOURCE_TYPE, new Permission[] { PolicyConstants.PERM_CREATE, PolicyConstants.PERM_EDIT });
}
/*
* (non-Javadoc)
*
* @see org.apache.struts.actions.DispatchAction#unspecified(org.apache.struts.action.ActionMapping,
* org.apache.struts.action.ActionForm,
* javax.servlet.http.HttpServletRequest,
* javax.servlet.http.HttpServletResponse)
*/
public ActionForward unspecified(ActionMapping mapping, ActionForm form, HttpServletRequest request,
HttpServletResponse response) throws Exception {
return mapping.findForward("display");
}
/**
* Create a new role.
*
* @param mapping mapping
* @param form form
* @param request request
* @param response response
* @return forward
* @throws Exception on any error
*/
public ActionForward create(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response)
throws Exception {
if (!CoreServlet.getServlet().getUserDatabase().supportsAccountCreation()) {
throw new Exception("The underlying user database does not support role creation.");
}
PolicyUtil.checkPermission(PolicyConstants.ROLES_RESOURCE_TYPE, PolicyConstants.PERM_CREATE, request);
((RoleForm) form).initialize(new ArrayList());
((RoleForm) form).setReferer(CoreUtil.getReferer(request));
CoreUtil.addRequiredFieldMessage(this, request);
return mapping.findForward("display");
}
/**
* Edit an existing role. The role to edit must be placed in the request
* attribute
*
* @param mapping mapping
* @param form form
* @param request request
* @param response response
* @return forward
* @throws Exception on any error
*/
public ActionForward edit(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response)
throws Exception {
PolicyUtil.checkPermission(PolicyConstants.ROLES_RESOURCE_TYPE, PolicyConstants.PERM_EDIT, request);
Role r = (Role) request.getAttribute(Constants.EDITING_ITEM);
if (r == null) {
throw new Exception("No role configured for editing.");
}
((RoleForm) form).initialize(Arrays.asList(CoreServlet.getServlet().getUserDatabase().getUsersInRole(r)));
((RoleForm) form).setRolename(r.getPrincipalName());
((RoleForm) form).setReferer(CoreUtil.getReferer(request));
((RoleForm) form).setEditing();
CoreUtil.addRequiredFieldMessage(this, request);
return mapping.findForward("display");
}
/**
* Save the new role or update the existing one depending on whether the
* role is being edited or created.
*
* @param mapping mappng
* @param form form
* @param request request
* @param response response
* @return forward forward
* @throws Exception on any error
*/
public ActionForward commit(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response)
throws Exception {
PolicyUtil.checkPermission(PolicyConstants.ROLES_RESOURCE_TYPE, PolicyConstants.PERM_CREATE, request);
ActionMessages mesgs = new ActionMessages();
RoleForm roleForm = (RoleForm) form;
if (roleForm.getEditing()) {
try {
Role r = CoreServlet.getServlet().getUserDatabase().getRole(roleForm.getRolename());
List selectedUsers = roleForm.getUserList();
updateUserRoles(r, selectedUsers);
mesgs.add(Globals.MESSAGE_KEY, new ActionMessage("availableRoles.roleCreated", roleForm.getRolename()));
saveMessages(request, mesgs);
} catch (Exception ex) {
throw ex;
}
} else {
try {
Role r = CoreServlet.getServlet().getUserDatabase().createRole(roleForm.getRolename());
List selectedUsers = roleForm.getUserList();
updateUserRoles(r, selectedUsers);
mesgs.add(Globals.MESSAGE_KEY, new ActionMessage("availableRoles.roleCreated", roleForm.getRolename()));
saveMessages(request, mesgs);
} catch (Exception ex) {
throw ex;
}
}
return cancel(mapping, form, request, response);
}
void updateUserRoles(Role r, List selectedUsers) throws Exception {
/*
* TODO
*
* This could be a lot more efficient. The user database currently
* provides no way of setting roles for users, so we have to jump
* through hoops by iterating over all users and user updateAccount()
*/
User[] u = CoreServlet.getServlet().getUserDatabase().listAllUsers("*");
for (int i = 0; i < u.length; i++) {
Role[] roles = u[i].getRoles();
// Get if the current has the role we are editing
int found = -1;
for (int j = 0; j < roles.length && found == -1; j++) {
if (roles[j].getPrincipalName().equals(r.getPrincipalName())) {
found = j;
}
}
//
if(found != -1) {
if (selectedUsers.contains(u[i].getPrincipalName())) {
// Selected so leave alone
} else {
// Not selected, remove from role
Role[] r2 = new Role[roles.length - 1];
System.arraycopy(roles, 0, r2, 0, found);
System.arraycopy(roles, found + 1, r2, found, r2.length - found);
CoreServlet.getServlet().getUserDatabase().updateAccount(u[i], u[i].getEmail(), u[i].getEmail(), r2,
u[i].getAttributes());
}
}
else {
// User is not currently in role
if (selectedUsers.contains(u[i].getPrincipalName())) {
// Selected so add
Role[] r2 = new Role[roles.length + 1];
System.arraycopy(roles, 0, r2, 0, roles.length);
r2[roles.length] = r;
CoreServlet.getServlet().getUserDatabase().updateAccount(u[i], u[i].getEmail(), u[i].getEmail(), r2,
u[i].getAttributes());
}
}
}
}
/*
* (non-Javadoc)
*
* @see com.sslexplorer.core.actions.CoreAction#getNavigationContext(org.apache.struts.action.ActionMapping,
* org.apache.struts.action.ActionForm,
* javax.servlet.http.HttpServletRequest,
* javax.servlet.http.HttpServletResponse)
*/
public int getNavigationContext(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) {
return SessionInfo.MANAGEMENT_CONSOLE_CONTEXT;
}
}
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -