1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34 package fr.paris.lutece.portal.web.user;
35
36 import fr.paris.lutece.portal.business.rbac.AdminRole;
37 import fr.paris.lutece.portal.business.rbac.AdminRoleHome;
38 import fr.paris.lutece.portal.business.rbac.RBAC;
39 import fr.paris.lutece.portal.business.right.Level;
40 import fr.paris.lutece.portal.business.right.LevelHome;
41 import fr.paris.lutece.portal.business.right.Right;
42 import fr.paris.lutece.portal.business.right.RightHome;
43 import fr.paris.lutece.portal.business.user.AdminUser;
44 import fr.paris.lutece.portal.business.user.AdminUserHome;
45 import fr.paris.lutece.portal.business.user.attribute.IAttribute;
46 import fr.paris.lutece.portal.business.user.attribute.ISimpleValuesAttributes;
47 import fr.paris.lutece.portal.business.user.authentication.LuteceDefaultAdminUser;
48 import fr.paris.lutece.portal.business.user.parameter.DefaultUserParameterHome;
49 import fr.paris.lutece.portal.business.workgroup.AdminWorkgroupHome;
50 import fr.paris.lutece.portal.business.xsl.XslExport;
51 import fr.paris.lutece.portal.business.xsl.XslExportHome;
52 import fr.paris.lutece.portal.service.admin.AccessDeniedException;
53 import fr.paris.lutece.portal.service.admin.AdminAuthenticationService;
54 import fr.paris.lutece.portal.service.admin.AdminUserService;
55 import fr.paris.lutece.portal.service.admin.ImportAdminUserService;
56 import fr.paris.lutece.portal.service.csv.CSVMessageDescriptor;
57 import fr.paris.lutece.portal.service.fileupload.FileUploadService;
58 import fr.paris.lutece.portal.service.i18n.I18nService;
59 import fr.paris.lutece.portal.service.mail.MailService;
60 import fr.paris.lutece.portal.service.message.AdminMessage;
61 import fr.paris.lutece.portal.service.message.AdminMessageService;
62 import fr.paris.lutece.portal.service.plugin.PluginService;
63 import fr.paris.lutece.portal.service.rbac.RBACService;
64 import fr.paris.lutece.portal.service.security.UserNotSignedException;
65 import fr.paris.lutece.portal.service.template.AppTemplateService;
66 import fr.paris.lutece.portal.service.template.DatabaseTemplateService;
67 import fr.paris.lutece.portal.service.user.AdminUserResourceIdService;
68 import fr.paris.lutece.portal.service.user.attribute.AdminUserFieldService;
69 import fr.paris.lutece.portal.service.user.attribute.AttributeService;
70 import fr.paris.lutece.portal.service.util.AppLogService;
71 import fr.paris.lutece.portal.service.util.AppPathService;
72 import fr.paris.lutece.portal.service.util.AppPropertiesService;
73 import fr.paris.lutece.portal.service.workgroup.AdminWorkgroupService;
74 import fr.paris.lutece.portal.service.xsl.XslExportService;
75 import fr.paris.lutece.portal.web.admin.AdminFeaturesPageJspBean;
76 import fr.paris.lutece.portal.web.constants.Messages;
77 import fr.paris.lutece.portal.web.constants.Parameters;
78 import fr.paris.lutece.portal.web.l10n.LocaleService;
79 import fr.paris.lutece.portal.web.pluginaction.DefaultPluginActionResult;
80 import fr.paris.lutece.portal.web.upload.MultipartHttpServletRequest;
81 import fr.paris.lutece.portal.web.util.LocalizedPaginator;
82 import fr.paris.lutece.util.ReferenceItem;
83 import fr.paris.lutece.util.ReferenceList;
84 import fr.paris.lutece.util.date.DateUtil;
85 import fr.paris.lutece.util.filesystem.FileSystemUtil;
86 import fr.paris.lutece.util.html.HtmlTemplate;
87 import fr.paris.lutece.util.html.ItemNavigator;
88 import fr.paris.lutece.util.html.Paginator;
89 import fr.paris.lutece.util.sort.AttributeComparator;
90 import fr.paris.lutece.util.string.StringUtil;
91 import fr.paris.lutece.util.url.UrlItem;
92 import fr.paris.lutece.util.xml.XmlUtil;
93
94 import org.apache.commons.fileupload.FileItem;
95 import org.apache.commons.lang.StringUtils;
96
97 import java.io.IOException;
98 import java.io.PrintWriter;
99
100 import java.sql.Timestamp;
101
102 import java.util.ArrayList;
103 import java.util.Collection;
104 import java.util.Collections;
105 import java.util.HashMap;
106 import java.util.List;
107 import java.util.Locale;
108 import java.util.Map;
109
110 import javax.servlet.http.HttpServletRequest;
111 import javax.servlet.http.HttpServletResponse;
112
113
114
115
116
117
118 public class AdminUserJspBean extends AdminFeaturesPageJspBean
119 {
120 private static final String ATTRIBUTE_IMPORT_USERS_LIST_MESSAGES = "importUsersListMessages";
121 private static final long serialVersionUID = -6323157489236186522L;
122
123
124
125 private static final String CONSTANTE_UN = "1";
126 private static final String CONSTANT_EMPTY_STRING = "";
127
128
129 private static final String MESSAGE_EMAIL_SUBJECT = "portal.admin.admin_forgot_password.email.subject";
130
131
132 private static final String TEMPLATE_MANAGE_USERS = "admin/user/manage_users.html";
133 private static final String TEMPLATE_CREATE_USER = "admin/user/create_user.html";
134 private static final String TEMPLATE_MODIFY_USER = "admin/user/modify_user.html";
135 private static final String TEMPLATE_MANAGE_USER_RIGHTS = "admin/user/manage_user_rights.html";
136 private static final String TEMPLATE_MODIFY_USER_RIGHTS = "admin/user/modify_user_rights.html";
137 private static final String TEMPLATE_MANAGE_USER_ROLES = "admin/user/manage_user_roles.html";
138 private static final String TEMPLATE_MODIFY_USER_ROLES = "admin/user/modify_user_roles.html";
139 private static final String TEMPLATE_IMPORT_USER = "admin/user/import_module_user.html";
140 private static final String TEMPLATE_DEFAULT_CREATE_USER = "admin/user/create_user_default_module.html";
141 private static final String TEMPLATE_DEFAULT_MODIFY_USER = "admin/user/modify_user_default_module.html";
142 private static final String TEMPLATE_MANAGE_USER_WORKGROUPS = "admin/user/manage_user_workgroups.html";
143 private static final String TEMPLATE_MODIFY_USER_WORKGROUPS = "admin/user/modify_user_workgroups.html";
144 private static final String TEMPLATE_ADMIN_EMAIL_CHANGE_STATUS = "admin/user/user_email_change_status.html";
145 private static final String TEMPLATE_NOTIFY_USER = "admin/user/notify_user_account_created.html";
146 private static final String TEMPLATE_MANAGE_ADVANCED_PARAMETERS = "admin/user/manage_advanced_parameters.html";
147 private static final String TEMPLATE_ADMIN_EMAIL_FORGOT_PASSWORD = "admin/admin_email_forgot_password.html";
148 private static final String TEMPLATE_FIELD_ANONYMIZE_ADMIN_USER = "admin/user/field_anonymize_admin_user.html";
149 private static final String TEMPLATE_ACCOUNT_LIFE_TIME_EMAIL = "admin/user/account_life_time_email.html";
150 private static final String TEMPLATE_IMPORT_USERS_FROM_FILE = "admin/user/import_users_from_file.html";
151 private static final String TEMPLATE_EXPORT_USERS_FROM_FILE = "admin/user/export_users.html";
152
153
154 private static final String PROPERTY_MANAGE_USERS_PAGETITLE = "portal.users.manage_users.pageTitle";
155 private static final String PROPERTY_MODIFY_USER_PAGETITLE = "portal.users.modify_user.pageTitle";
156 private static final String PROPERTY_CREATE_USER_PAGETITLE = "portal.users.create_user.pageTitle";
157 private static final String PROPERTY_IMPORT_MODULE_USER_PAGETITLE = "portal.users.import_module_user.pageTitle";
158 private static final String PROPERTY_MANAGE_USER_RIGHTS_PAGETITLE = "portal.users.manage_user_rights.pageTitle";
159 private static final String PROPERTY_MODIFY_USER_RIGHTS_PAGETITLE = "portal.users.modify_user_rights.pageTitle";
160 private static final String PROPERTY_MANAGE_USER_ROLES_PAGETITLE = "portal.users.manage_user_roles.pageTitle";
161 private static final String PROPERTY_MODIFY_USER_ROLES_PAGETITLE = "portal.users.modify_user_roles.pageTitle";
162 private static final String PROPERTY_IMPORT_USERS_FROM_FILE_PAGETITLE = "portal.users.import_users_from_file.pageTitle";
163 private static final String PROPERTY_EXPORT_USERS_PAGETITLE = "portal.users.export_users.pageTitle";
164 private static final String PROPERTY_MESSAGE_CONFIRM_REMOVE = "portal.users.message.confirmRemoveUser";
165 private static final String PROPERTY_USERS_PER_PAGE = "paginator.user.itemsPerPage";
166 private static final String PROPERTY_DELEGATE_USER_RIGHTS_PAGETITLE = "portal.users.delegate_user_rights.pageTitle";
167 private static final String PROPERTY_MANAGE_USER_WORKGROUPS_PAGETITLE = "portal.users.manage_user_workgroups.pageTitle";
168 private static final String PROPERTY_MODIFY_USER_WORKGROUPS_PAGETITLE = "portal.users.modify_user_workgroups.pageTitle";
169 private static final String PROPERTY_MESSAGE_ACCESS_CODE_ALREADY_USED = "portal.users.message.user.accessCodeAlreadyUsed";
170 private static final String PROPERTY_MESSAGE_EMAIL_ALREADY_USED = "portal.users.message.user.accessEmailUsed";
171 private static final String PROPERTY_MESSAGE_DIFFERENTS_PASSWORD = "portal.users.message.differentsPassword";
172 private static final String PROPERTY_MESSAGE_EMAIL_SUBJECT_CHANGE_STATUS = "portal.users.user_change_status.email.subject";
173 private static final String PROPERTY_MESSAGE_EMAIL_SUBJECT_NOTIFY_USER = "portal.users.notify_user.email.subject";
174 private static final String PROPERTY_MANAGE_ADVANCED_PARAMETERS_PAGETITLE = "portal.users.manage_advanced_parameters.pageTitle";
175 private static final String PROPERTY_MESSAGE_ERROR_EMAIL_PATTERN = "portal.users.manage_advanced_parameters.message.errorEmailPattern";
176 private static final String PROPERTY_MESSAGE_CONFIRM_USE_ASP = "portal.users.manage_advanced_parameters.message.confirmUseAdvancedSecurityParameters";
177 private static final String PROPERTY_MESSAGE_CONFIRM_REMOVE_ASP = "portal.users.manage_advanced_parameters.message.confirmRemoveAdvancedSecurityParameters";
178 private static final String PROPERTY_MESSAGE_NO_ADMIN_USER_SELECTED = "portal.users.message.noUserSelected";
179 private static final String PROPERTY_MESSAGE_CONFIRM_ANONYMIZE_USER = "portal.users.message.confirmAnonymizeUser";
180 private static final String PROPERTY_MESSAGE_TITLE_CHANGE_ANONYMIZE_USER = "portal.users.anonymize_user.titleAnonymizeUser";
181 private static final String PROPERTY_MESSAGE_NO_ACCOUNT_TO_REACTIVATED = "portal.users.message.noAccountToReactivate";
182 private static final String PROPERTY_MESSAGE_ACCOUNT_REACTIVATED = "portal.users.message.messageAccountReactivated";
183 private static final String PROPERTY_FIRST_EMAIL = "portal.users.accountLifeTime.labelFirstEmail";
184 private static final String PROPERTY_OTHER_EMAIL = "portal.users.accountLifeTime.labelOtherEmail";
185 private static final String PROPERTY_ACCOUNT_DEACTIVATES_EMAIL = "portal.users.accountLifeTime.labelAccountDeactivatedEmail";
186 private static final String PROPERTY_ACCOUNT_UPDATED_EMAIL = "portal.users.accountLifeTime.labelAccountUpdatedEmail";
187 private static final String PROPERTY_NOTIFY_PASSWORD_EXPIRED = "portal.users.accountLifeTime.labelPasswordExpired";
188 private static final String PROPERTY_MESSAGE_USER_ERROR_SESSION = "portal.users.message.user.error.session";
189 private static final String MESSAGE_NOT_AUTHORIZED = "Action not permited to current user";
190 private static final String MESSAGE_MANDATORY_FIELD = "portal.util.message.mandatoryField";
191 private static final String MESSAGE_ERROR_CSV_FILE_IMPORT = "portal.users.import_users_from_file.error_csv_file_import";
192 private static final String FIELD_IMPORT_USERS_FILE = "portal.users.import_users_from_file.labelImportFile";
193 private static final String FIELD_XSL_EXPORT = "portal.users.export_users.labelXslt";
194
195
196 private static final String PARAMETER_ACCESS_CODE = "access_code";
197 private static final String PARAMETER_LAST_NAME = "last_name";
198 private static final String PARAMETER_FIRST_NAME = "first_name";
199 private static final String PARAMETER_EMAIL = "email";
200 private static final String PARAMETER_NOTIFY_USER = "notify_user";
201 private static final String PARAMETER_STATUS = "status";
202 private static final String PARAMETER_USER_ID = "id_user";
203 private static final String PARAMETER_ROLE = "roles";
204 private static final String PARAMETER_RIGHT = "right";
205 private static final String PARAMETER_FIRST_PASSWORD = "first_password";
206 private static final String PARAMETER_SECOND_PASSWORD = "second_password";
207 private static final String PARAMETER_LANGUAGE = "language";
208 private static final String PARAMETER_DELEGATE_RIGHTS = "delegate_rights";
209 private static final String PARAMETER_USER_LEVEL = "user_level";
210 private static final String PARAMETER_WORKGROUP = "workgroup";
211 private static final String PARAMETER_SELECT = "select";
212 private static final String PARAMETER_SELECT_ALL = "all";
213 private static final String PARAMETER_ACCESSIBILITY_MODE = "accessibility_mode";
214 private static final String PARAMETER_WORKGROUP_KEY = "workgroup_key";
215 private static final String PARAMETER_EMAIL_PATTERN = "email_pattern";
216 private static final String PARAMETER_IS_EMAIL_PATTERN_SET_MANUALLY = "is_email_pattern_set_manually";
217 private static final String PARAMETER_ID_EXPRESSION = "id_expression";
218 private static final String PARAMETER_FORCE_CHANGE_PASSWORD_REINIT = "force_change_password_reinit";
219 private static final String PARAMETER_PASSWORD_MINIMUM_LENGTH = "password_minimum_length";
220 private static final String PARAMETER_PASSWORD_FORMAT_UPPER_LOWER_CASE = "password_format_upper_lower_case";
221 private static final String PARAMETER_PASSWORD_FORMAT_NUMERO = "password_format_numero";
222 private static final String PARAMETER_PASSWORD_FORMAT_SPECIAL_CHARACTERS = "password_format_special_characters";
223 private static final String PARAMETER_PASSWORD_DURATION = "password_duration";
224 private static final String PARAMETER_PASSWORD_HISTORY_SIZE = "password_history_size";
225 private static final String PARAMETER_MAXIMUM_NUMBER_PASSWORD_CHANGE = "maximum_number_password_change";
226 private static final String PARAMETER_TSW_SIZE_PASSWORD_CHANGE = "tsw_size_password_change";
227 private static final String PARAMETER_ACCOUNT_LIFE_TIME = "account_life_time";
228 private static final String PARAMETER_TIME_BEFORE_ALERT_ACCOUNT = "time_before_alert_account";
229 private static final String PARAMETER_NB_ALERT_ACCOUNT = "nb_alert_account";
230 private static final String PARAMETER_TIME_BETWEEN_ALERTS_ACCOUNT = "time_between_alerts_account";
231 private static final String PARAMETER_ATTRIBUTE = "attribute_";
232 private static final String PARAMETER_EMAIL_TYPE = "email_type";
233 private static final String PARAMETER_FIRST_ALERT_MAIL_SENDER = "first_alert_mail_sender";
234 private static final String PARAMETER_OTHER_ALERT_MAIL_SENDER = "other_alert_mail_sender";
235 private static final String PARAMETER_EXPIRED_ALERT_MAIL_SENDER = "expired_alert_mail_sender";
236 private static final String PARAMETER_REACTIVATED_ALERT_MAIL_SENDER = "account_reactivated_mail_sender";
237 private static final String PARAMETER_FIRST_ALERT_MAIL_SUBJECT = "first_alert_mail_subject";
238 private static final String PARAMETER_OTHER_ALERT_MAIL_SUBJECT = "other_alert_mail_subject";
239 private static final String PARAMETER_EXPIRED_ALERT_MAIL_SUBJECT = "expired_alert_mail_subject";
240 private static final String PARAMETER_REACTIVATED_ALERT_MAIL_SUBJECT = "account_reactivated_mail_subject";
241 private static final String PARAMETER_FIRST_ALERT_MAIL = "core_first_alert_mail";
242 private static final String PARAMETER_OTHER_ALERT_MAIL = "core_other_alert_mail";
243 private static final String PARAMETER_EXPIRATION_MAIL = "core_expiration_mail";
244 private static final String PARAMETER_ACCOUNT_REACTIVATED = "core_account_reactivated_mail";
245 private static final String PARAMETER_CANCEL = "cancel";
246 private static final String PARAMETER_NOTIFY_USER_PASSWORD_EXPIRED = "notify_user_password_expired";
247 private static final String PARAMETER_PASSWORD_EXPIRED_MAIL_SENDER = "password_expired_mail_sender";
248 private static final String PARAMETER_PASSWORD_EXPIRED_MAIL_SUBJECT = "password_expired_mail_subject";
249 private static final String PARAMETER_NOTIFY_PASSWORD_EXPIRED = "core_password_expired";
250 private static final String PARAMETER_IMPORT_USERS_FILE = "import_file";
251 private static final String PARAMETER_SKIP_FIRST_LINE = "ignore_first_line";
252 private static final String PARAMETER_UPDATE_USERS = "update_existing_users";
253 private static final String PARAMETER_XSL_EXPORT_ID = "xsl_export_id";
254 private static final String PARAMETER_EXPORT_ROLES = "export_roles";
255 private static final String PARAMETER_EXPORT_ATTRIBUTES = "export_attributes";
256 private static final String PARAMETER_EXPORT_RIGHTS = "export_rights";
257 private static final String PARAMETER_EXPORT_WORKGROUPS = "export_workgroups";
258
259
260 private static final String JSP_MANAGE_USER_RIGHTS = "ManageUserRights.jsp";
261 private static final String JSP_MANAGE_USER_ROLES = "ManageUserRoles.jsp";
262 private static final String JSP_MANAGE_USER = "ManageUsers.jsp";
263 private static final String JSP_MANAGE_USER_WORKGROUPS = "ManageUserWorkgroups.jsp";
264 private static final String JSP_MANAGE_ADVANCED_PARAMETERS = "ManageAdvancedParameters.jsp";
265 private static final String JSP_URL_REMOVE_USER = "jsp/admin/user/DoRemoveUser.jsp";
266 private static final String JSP_URL_CREATE_USER = "jsp/admin/user/CreateUser.jsp";
267 private static final String JSP_URL_IMPORT_USER = "jsp/admin/user/ImportUser.jsp";
268 private static final String JSP_URL_MODIFY_USER = "jsp/admin/user/ModifyUser.jsp";
269 private static final String JSP_URL_MANAGE_USER_RIGHTS = "jsp/admin/user/ManageUserRights.jsp";
270 private static final String JSP_URL_MANAGE_USER_ROLES = "jsp/admin/user/ManageUserRoles.jsp";
271 private static final String JSP_URL_MANAGE_USER_WORKGROUPS = "jsp/admin/user/ManageUserWorkgroups.jsp";
272 private static final String JSP_URL_USE_ADVANCED_SECUR_PARAM = "jsp/admin/user/DoUseAdvancedSecurityParameters.jsp";
273 private static final String JSP_URL_REMOVE_ADVANCED_SECUR_PARAM = "jsp/admin/user/DoRemoveAdvancedSecurityParameters.jsp";
274 private static final String JSP_URL_ANONYMIZE_ADMIN_USER = "jsp/admin/user/DoAnonymizeAdminUser.jsp";
275
276
277 private static final String MARK_USER_LIST = "user_list";
278 private static final String MARK_IMPORT_USER_LIST = "import_user_list";
279 private static final String MARK_ACCESS_CODE = "access_code";
280 private static final String MARK_LAST_NAME = "last_name";
281 private static final String MARK_FIRST_NAME = "first_name";
282 private static final String MARK_EMAIL = "email";
283 private static final String MARK_IMPORT_USER = "import_user";
284 private static final String MARK_USER = "user";
285 private static final String MARK_LEVEL = "level";
286 private static final String MARK_USER_RIGHT_LIST = "user_right_list";
287 private static final String MARK_ALL_ROLE_LIST = "all_role_list";
288 private static final String MARK_USER_ROLE_LIST = "user_role_list";
289 private static final String MARK_ALL_RIGHT_LIST = "all_right_list";
290 private static final String MARK_PAGINATOR = "paginator";
291 private static final String MARK_NB_ITEMS_PER_PAGE = "nb_items_per_page";
292 private static final String MARK_LANGUAGES_LIST = "languages_list";
293 private static final String MARK_CURRENT_LANGUAGE = "current_language";
294 private static final String MARK_USER_CREATION_URL = "url_user_creation";
295 private static final String MARK_CAN_DELEGATE = "can_delegate";
296 private static final String MARK_CAN_MODIFY = "can_modify";
297 private static final String MARK_USER_LEVELS_LIST = "user_levels";
298 private static final String MARK_CURRENT_USER = "current_user";
299 private static final String MARK_USER_WORKGROUP_LIST = "user_workgroup_list";
300 private static final String MARK_ALL_WORKSGROUP_LIST = "all_workgroup_list";
301 private static final String MARK_SELECT_ALL = "select_all";
302 private static final String MARK_LOGIN_URL = "login_url";
303 private static final String MARK_NEW_PASSWORD = "new_password";
304 private static final String MARK_PERMISSION_ADVANCED_PARAMETER = "permission_advanced_parameter";
305 private static final String MARK_PERMISSION_IMPORT_EXPORT_USERS = "permission_import_export_users";
306 private static final String MARK_ITEM_NAVIGATOR = "item_navigator";
307 private static final String MARK_ATTRIBUTES_LIST = "attributes_list";
308 private static final String MARK_LOCALE = "locale";
309 private static final String MARK_MAP_LIST_ATTRIBUTE_DEFAULT_VALUES = "map_list_attribute_default_values";
310 private static final String MARK_DEFAULT_USER_LEVEL = "default_user_level";
311 private static final String MARK_DEFAULT_USER_NOTIFICATION = "default_user_notification";
312 private static final String MARK_DEFAULT_USER_LANGUAGE = "default_user_language";
313 private static final String MARK_DEFAULT_USER_STATUS = "default_user_status";
314 private static final String MARK_ACCESS_FAILURES_MAX = "access_failures_max";
315 private static final String MARK_ACCESS_FAILURES_INTERVAL = "access_failures_interval";
316 private static final String MARK_BANNED_DOMAIN_NAMES = "banned_domain_names";
317 private static final String MARK_EMAIL_SENDER = "email_sender";
318 private static final String MARK_EMAIL_SUBJECT = "email_subject";
319 private static final String MARK_EMAIL_BODY = "email_body";
320 private static final String MARK_EMAIL_LABEL = "emailLabel";
321 private static final String MARK_WEBAPP_URL = "webapp_url";
322 private static final String MARK_SITE_LINK = "site_link";
323 private static final String MARK_LIST_MESSAGES = "messages";
324 private static final String MARK_CSV_SEPARATOR = "csv_separator";
325 private static final String MARK_CSV_ESCAPE = "csv_escape";
326 private static final String MARK_ATTRIBUTES_SEPARATOR = "attributes_separator";
327 private static final String MARK_LIST_XSL_EXPORT = "refListXsl";
328 private static final String MARK_DEFAULT_VALUE_WORKGROUP_KEY = "workgroup_key_default_value";
329 private static final String MARK_WORKGROUP_KEY_LIST = "workgroup_key_list";
330 private static final String MARK_ADMIN_AVATAR = "adminAvatar";
331
332 private static final String CONSTANT_EMAIL_TYPE_FIRST = "first";
333 private static final String CONSTANT_EMAIL_TYPE_OTHER = "other";
334 private static final String CONSTANT_EMAIL_TYPE_EXPIRED = "expired";
335 private static final String CONSTANT_EMAIL_TYPE_REACTIVATED = "reactivated";
336 private static final String CONSTANT_EMAIL_PASSWORD_EXPIRED = "password_expired";
337 private static final String CONSTANT_EXTENSION_CSV_FILE = ".csv";
338 private static final String CONSTANT_EXTENSION_XML_FILE = ".xml";
339 private static final String CONSTANT_MIME_TYPE_CSV = "application/csv";
340 private static final String CONSTANT_MIME_TYPE_XML = "application/xml";
341 private static final String CONSTANT_MIME_TYPE_TEXT_CSV = "text/csv";
342 private static final String CONSTANT_MIME_TYPE_OCTETSTREAM = "application/octet-stream";
343 private static final String CONSTANT_EXPORT_USERS_FILE_NAME = "users";
344 private static final String CONSTANT_POINT = ".";
345 private static final String CONSTANT_QUOTE = "\"";
346 private static final String CONSTANT_ATTACHEMENT_FILE_NAME = "attachement; filename=\"";
347 private static final String CONSTANT_ATTACHEMENT_DISPOSITION = "Content-Disposition";
348 private static final String CONSTANT_XML_USERS = "users";
349
350 private static ImportAdminUserService _importAdminUserService = new ImportAdminUserService( );
351 private boolean _bAdminAvatar = PluginService.isPluginEnable( "adminavatar" );
352
353 private int _nItemsPerPage;
354 private int _nDefaultItemsPerPage;
355 private String _strCurrentPageIndex;
356 private ItemNavigator _itemNavigator;
357
358
359
360
361
362
363
364 public String getManageAdminUsers( HttpServletRequest request )
365 {
366 setPageTitleProperty( PROPERTY_MANAGE_USERS_PAGETITLE );
367
368
369 reinitItemNavigator( );
370
371 String strCreateUrl;
372 AdminUser currentUser = getUser( );
373
374 Map<String, Object> model = new HashMap<String, Object>( );
375
376
377 if ( AdminAuthenticationService.getInstance( ).isDefaultModuleUsed( ) )
378 {
379 strCreateUrl = JSP_URL_CREATE_USER;
380 }
381 else
382 {
383 strCreateUrl = JSP_URL_IMPORT_USER;
384 }
385
386 String strURL = getHomeUrl( request );
387 UrlItem url = new UrlItem( strURL );
388
389 Collection<AdminUser> listUsers = (List<AdminUser>) AdminUserHome.findUserList( );
390 listUsers = AdminWorkgroupService.getAuthorizedCollection( listUsers, getUser( ) );
391
392 List<AdminUser> availableUsers = AdminUserService.getFilteredUsersInterface( listUsers, request, model, url );
393 List<AdminUser> listDisplayUsers = new ArrayList<AdminUser>( );
394
395 for ( AdminUser user : availableUsers )
396 {
397 if ( isUserAuthorizedToModifyUser( currentUser, user ) )
398 {
399 listDisplayUsers.add( user );
400 }
401 }
402
403
404 String strSortedAttributeName = request.getParameter( Parameters.SORTED_ATTRIBUTE_NAME );
405 String strAscSort = null;
406
407 if ( strSortedAttributeName != null )
408 {
409 strAscSort = request.getParameter( Parameters.SORTED_ASC );
410
411 boolean bIsAscSort = Boolean.parseBoolean( strAscSort );
412
413 Collections.sort( listDisplayUsers, new AttributeComparator( strSortedAttributeName, bIsAscSort ) );
414 }
415
416 _strCurrentPageIndex = Paginator.getPageIndex( request, Paginator.PARAMETER_PAGE_INDEX, _strCurrentPageIndex );
417 _nDefaultItemsPerPage = AppPropertiesService.getPropertyInt( PROPERTY_USERS_PER_PAGE, 50 );
418 _nItemsPerPage = Paginator.getItemsPerPage( request, Paginator.PARAMETER_ITEMS_PER_PAGE, _nItemsPerPage,
419 _nDefaultItemsPerPage );
420
421 if ( strSortedAttributeName != null )
422 {
423 url.addParameter( Parameters.SORTED_ATTRIBUTE_NAME, strSortedAttributeName );
424 }
425
426 if ( strAscSort != null )
427 {
428 url.addParameter( Parameters.SORTED_ASC, strAscSort );
429 }
430
431
432 LocalizedPaginator<AdminUser> paginator = new LocalizedPaginator<AdminUser>( listDisplayUsers, _nItemsPerPage,
433 url.getUrl( ), Paginator.PARAMETER_PAGE_INDEX, _strCurrentPageIndex, getLocale( ) );
434
435
436 Collection<Level> filteredLevels = new ArrayList<Level>( );
437
438 for ( Level level : LevelHome.getLevelsList( ) )
439 {
440 if ( currentUser.isAdmin( ) || currentUser.hasRights( level.getId( ) ) )
441 {
442 filteredLevels.add( level );
443 }
444 }
445
446 boolean bPermissionAdvancedParameter = RBACService.isAuthorized( AdminUser.RESOURCE_TYPE,
447 RBAC.WILDCARD_RESOURCES_ID, AdminUserResourceIdService.PERMISSION_MANAGE_ADVANCED_PARAMETERS,
448 getUser( ) );
449 boolean bPermissionImportExportUsers = RBACService.isAuthorized( AdminUser.RESOURCE_TYPE,
450 RBAC.WILDCARD_RESOURCES_ID, AdminUserResourceIdService.PERMISSION_IMPORT_EXPORT_USERS, getUser( ) );
451
452 model.put( MARK_NB_ITEMS_PER_PAGE, "" + _nItemsPerPage );
453 model.put( MARK_USER_LEVELS_LIST, filteredLevels );
454 model.put( MARK_PAGINATOR, paginator );
455 model.put( MARK_USER_LIST, paginator.getPageItems( ) );
456 model.put( MARK_USER_CREATION_URL, strCreateUrl );
457 model.put( MARK_PERMISSION_ADVANCED_PARAMETER, bPermissionAdvancedParameter );
458 model.put( MARK_PERMISSION_IMPORT_EXPORT_USERS, bPermissionImportExportUsers );
459 model.put( MARK_ADMIN_AVATAR , _bAdminAvatar );
460
461 HtmlTemplate template = AppTemplateService.getTemplate( TEMPLATE_MANAGE_USERS, getLocale( ), model );
462
463 return getAdminPage( template.getHtml( ) );
464 }
465
466
467
468
469
470
471
472
473
474 public String getFindImportAdminUser( HttpServletRequest request )
475 {
476 setPageTitleProperty( PROPERTY_IMPORT_MODULE_USER_PAGETITLE );
477
478 String strAccessCode = request.getParameter( PARAMETER_ACCESS_CODE );
479 String strLastName = request.getParameter( PARAMETER_LAST_NAME );
480 String strFirstName = request.getParameter( PARAMETER_FIRST_NAME );
481 String strEmail = request.getParameter( PARAMETER_EMAIL );
482
483 Map<String, Object> model = new HashMap<String, Object>( );
484 Collection<?> allImportUsers = null;
485
486 if ( !( ( strLastName == null ) && ( strFirstName == null ) && ( strEmail == null ) ) )
487 {
488 if ( !( StringUtils.EMPTY.equals( strLastName ) && StringUtils.EMPTY.equals( strFirstName ) &&
489 StringUtils.EMPTY.equals( strEmail ) ) )
490 {
491 allImportUsers = AdminAuthenticationService.getInstance( )
492 .getUserListFromModule( strLastName, strFirstName, strEmail );
493 }
494 }
495
496 model.put( MARK_IMPORT_USER_LIST, allImportUsers );
497 model.put( MARK_ACCESS_CODE, strAccessCode );
498 model.put( MARK_LAST_NAME, strLastName );
499 model.put( MARK_FIRST_NAME, strFirstName );
500 model.put( MARK_EMAIL, strEmail );
501
502 HtmlTemplate template = AppTemplateService.getTemplate( TEMPLATE_IMPORT_USER, getLocale( ), model );
503
504 return getAdminPage( template.getHtml( ) );
505 }
506
507
508
509
510
511
512
513
514 public String doSelectImportUser( HttpServletRequest request )
515 {
516 String strAccessCode = request.getParameter( PARAMETER_ACCESS_CODE );
517
518 if ( ( strAccessCode == null ) || ( strAccessCode.equals( "" ) ) )
519 {
520 return AdminMessageService.getMessageUrl( request, Messages.MANDATORY_FIELDS, AdminMessage.TYPE_STOP );
521 }
522
523
524 if ( AdminUserHome.checkAccessCodeAlreadyInUse( strAccessCode ) != -1 )
525 {
526 return AdminMessageService.getMessageUrl( request, PROPERTY_MESSAGE_ACCESS_CODE_ALREADY_USED,
527 AdminMessage.TYPE_STOP );
528 }
529
530 return AppPathService.getBaseUrl( request ) + JSP_URL_CREATE_USER + "?" + PARAMETER_ACCESS_CODE + "=" +
531 strAccessCode;
532 }
533
534
535
536
537
538
539
540 public String getCreateAdminUser( HttpServletRequest request )
541 {
542 setPageTitleProperty( PROPERTY_CREATE_USER_PAGETITLE );
543
544 HtmlTemplate template;
545 AdminUser currentUser = getUser( );
546 Collection<Level> filteredLevels = new ArrayList<Level>( );
547
548 for ( Level level : LevelHome.getLevelsList( ) )
549 {
550 if ( currentUser.isAdmin( ) || currentUser.hasRights( level.getId( ) ) )
551 {
552 filteredLevels.add( level );
553 }
554 }
555
556
557 String strDefaultLevel = DefaultUserParameterHome.findByKey( AdminUserService.DSKEY_DEFAULT_USER_LEVEL );
558 Level defaultLevel = LevelHome.findByPrimaryKey( Integer.parseInt( strDefaultLevel ) );
559 int nDefaultUserNotification = Integer.parseInt( DefaultUserParameterHome.findByKey(
560 AdminUserService.DSKEY_DEFAULT_USER_NOTIFICATION ) );
561 String strDefaultUserLanguage = DefaultUserParameterHome.findByKey( AdminUserService.DSKEY_DEFAULT_USER_LANGUAGE );
562 int nDefaultUserStatus = Integer.parseInt( DefaultUserParameterHome.findByKey(
563 AdminUserService.DSKEY_DEFAULT_USER_STATUS ) );
564
565
566 List<IAttribute> listAttributes = AttributeService.getInstance( ).getAllAttributesWithFields( getLocale( ) );
567
568
569 if ( AdminAuthenticationService.getInstance( ).isDefaultModuleUsed( ) )
570 {
571 Map<String, Object> model = new HashMap<String, Object>( );
572
573 model.put( MARK_USER_LEVELS_LIST, filteredLevels );
574 model.put( MARK_CURRENT_USER, currentUser );
575 model.put( MARK_LANGUAGES_LIST, I18nService.getAdminLocales( getLocale( ) ) );
576 model.put( MARK_DEFAULT_USER_LEVEL, defaultLevel );
577 model.put( MARK_DEFAULT_USER_NOTIFICATION, nDefaultUserNotification );
578 model.put( MARK_DEFAULT_USER_LANGUAGE, strDefaultUserLanguage );
579 model.put( MARK_DEFAULT_USER_STATUS, nDefaultUserStatus );
580 model.put( MARK_ATTRIBUTES_LIST, listAttributes );
581 model.put( MARK_LOCALE, getLocale( ) );
582 model.put( MARK_DEFAULT_VALUE_WORKGROUP_KEY, AdminWorkgroupService.ALL_GROUPS );
583 model.put( MARK_WORKGROUP_KEY_LIST, AdminWorkgroupService.getUserWorkgroups( getUser( ), getLocale( ) ) );
584
585 template = AppTemplateService.getTemplate( TEMPLATE_DEFAULT_CREATE_USER, getLocale( ), model );
586 }
587 else
588 {
589
590 String strAccessCode = request.getParameter( PARAMETER_ACCESS_CODE );
591 AdminUser user = null;
592
593 if ( ( strAccessCode != null ) && ( !strAccessCode.equals( "" ) ) )
594 {
595 user = AdminAuthenticationService.getInstance( ).getUserPublicDataFromModule( strAccessCode );
596 }
597
598 Map<String, Object> model = new HashMap<String, Object>( );
599
600 if ( user != null )
601 {
602 model.put( MARK_USER_LEVELS_LIST, filteredLevels );
603 model.put( MARK_CURRENT_USER, currentUser );
604 model.put( MARK_IMPORT_USER, user );
605 model.put( MARK_LANGUAGES_LIST, I18nService.getAdminLocales( user.getLocale( ) ) );
606 model.put( MARK_DEFAULT_USER_LEVEL, defaultLevel );
607 model.put( MARK_DEFAULT_USER_NOTIFICATION, nDefaultUserNotification );
608 model.put( MARK_DEFAULT_USER_LANGUAGE, strDefaultUserLanguage );
609 model.put( MARK_DEFAULT_USER_STATUS, nDefaultUserStatus );
610 model.put( MARK_ATTRIBUTES_LIST, listAttributes );
611 model.put( MARK_LOCALE, getLocale( ) );
612 model.put( MARK_DEFAULT_VALUE_WORKGROUP_KEY, AdminWorkgroupService.ALL_GROUPS );
613 model.put( MARK_WORKGROUP_KEY_LIST,
614 AdminWorkgroupService.getUserWorkgroups( getUser( ), getLocale( ) ) );
615 }
616
617 template = AppTemplateService.getTemplate( TEMPLATE_CREATE_USER, getLocale( ), model );
618 }
619
620 return getAdminPage( template.getHtml( ) );
621 }
622
623
624
625
626
627
628
629 public String doCreateAdminUser( HttpServletRequest request )
630 {
631 String strAccessCode = request.getParameter( PARAMETER_ACCESS_CODE );
632 String strLastName = request.getParameter( PARAMETER_LAST_NAME );
633 String strFirstName = request.getParameter( PARAMETER_FIRST_NAME );
634 String strEmail = request.getParameter( PARAMETER_EMAIL );
635 String strStatus = request.getParameter( PARAMETER_STATUS );
636 String strUserLevel = request.getParameter( PARAMETER_USER_LEVEL );
637 String strNotifyUser = request.getParameter( PARAMETER_NOTIFY_USER );
638 String strAccessibilityMode = request.getParameter( PARAMETER_ACCESSIBILITY_MODE );
639 String strWorkgroupKey = request.getParameter( PARAMETER_WORKGROUP_KEY );
640
641 if ( StringUtils.isEmpty( strAccessCode ) )
642 {
643 return AdminMessageService.getMessageUrl( request, Messages.MANDATORY_FIELDS, AdminMessage.TYPE_STOP );
644 }
645
646 if ( StringUtils.isEmpty( strLastName ) )
647 {
648 return AdminMessageService.getMessageUrl( request, Messages.MANDATORY_FIELDS, AdminMessage.TYPE_STOP );
649 }
650
651 if ( StringUtils.isEmpty( strFirstName ) )
652 {
653 return AdminMessageService.getMessageUrl( request, Messages.MANDATORY_FIELDS, AdminMessage.TYPE_STOP );
654 }
655
656 if ( StringUtils.isBlank( strEmail ) )
657 {
658 return AdminMessageService.getMessageUrl( request, Messages.MANDATORY_FIELDS, AdminMessage.TYPE_STOP );
659 }
660
661 if ( !AdminUserService.checkEmail( strEmail ) )
662 {
663 return AdminUserService.getEmailErrorMessageUrl( request );
664 }
665
666
667 if ( AdminUserHome.checkAccessCodeAlreadyInUse( strAccessCode ) != -1 )
668 {
669 return AdminMessageService.getMessageUrl( request, PROPERTY_MESSAGE_ACCESS_CODE_ALREADY_USED,
670 AdminMessage.TYPE_STOP );
671 }
672
673
674 if ( AdminUserHome.checkEmailAlreadyInUse( strEmail ) != -1 )
675 {
676 return AdminMessageService.getMessageUrl( request, PROPERTY_MESSAGE_EMAIL_ALREADY_USED,
677 AdminMessage.TYPE_STOP );
678 }
679
680
681 int nNewUserLevel = Integer.valueOf( strUserLevel );
682
683
684 if ( !( getUser( ).hasRights( nNewUserLevel ) || getUser( ).isAdmin( ) ) )
685 {
686 return AdminMessageService.getMessageUrl( request, Messages.USER_ACCESS_DENIED, AdminMessage.TYPE_STOP );
687 }
688
689
690 if ( AdminAuthenticationService.getInstance( ).isDefaultModuleUsed( ) )
691 {
692 LuteceDefaultAdminUser user = new LuteceDefaultAdminUser( );
693 String strFirstPassword = request.getParameter( PARAMETER_FIRST_PASSWORD );
694 String strSecondPassword = request.getParameter( PARAMETER_SECOND_PASSWORD );
695
696 if ( StringUtils.isEmpty( strFirstPassword ) )
697 {
698 return AdminMessageService.getMessageUrl( request, Messages.MANDATORY_FIELDS, AdminMessage.TYPE_STOP );
699 }
700
701 if ( !strFirstPassword.equals( strSecondPassword ) )
702 {
703 return AdminMessageService.getMessageUrl( request, PROPERTY_MESSAGE_DIFFERENTS_PASSWORD,
704 AdminMessage.TYPE_STOP );
705 }
706
707 String strUrl = AdminUserService.checkPassword( request, strFirstPassword, 0 );
708
709 if ( StringUtils.isNotEmpty( strUrl ) )
710 {
711 return strUrl;
712 }
713
714 user.setPassword( AdminUserService.encryptPassword( strFirstPassword ) );
715
716 user.setPasswordMaxValidDate( AdminUserService.getPasswordMaxValidDate( ) );
717 user.setAccountMaxValidDate( AdminUserService.getAccountMaxValidDate( ) );
718
719 user.setAccessCode( strAccessCode );
720 user.setLastName( strLastName );
721 user.setFirstName( strFirstName );
722 user.setEmail( strEmail );
723 user.setStatus( Integer.parseInt( strStatus ) );
724 user.setLocale( new Locale( request.getParameter( PARAMETER_LANGUAGE ) ) );
725
726 user.setUserLevel( nNewUserLevel );
727 user.setPasswordReset( Boolean.TRUE );
728 user.setAccessibilityMode( strAccessibilityMode != null );
729 user.setWorkgroupKey( strWorkgroupKey );
730
731 String strError = AdminUserFieldService.checkUserFields( request, getLocale( ) );
732
733 if ( strError != null )
734 {
735 return strError;
736 }
737
738 AdminUserHome.create( user );
739 AdminUserFieldService.doCreateUserFields( user, request, getLocale( ) );
740
741 if ( ( strNotifyUser != null ) && strNotifyUser.equals( CONSTANTE_UN ) )
742 {
743
744 AdminUserService.notifyUser( AppPathService.getBaseUrl( request ), user,
745 strFirstPassword, PROPERTY_MESSAGE_EMAIL_SUBJECT_NOTIFY_USER, TEMPLATE_NOTIFY_USER );
746 }
747 }
748 else
749 {
750 AdminUser user = new AdminUser( );
751 user.setAccessCode( strAccessCode );
752 user.setLastName( strLastName );
753 user.setFirstName( strFirstName );
754 user.setEmail( strEmail );
755 user.setStatus( Integer.parseInt( strStatus ) );
756 user.setLocale( new Locale( request.getParameter( PARAMETER_LANGUAGE ) ) );
757
758 user.setUserLevel( nNewUserLevel );
759 user.setAccessibilityMode( strAccessibilityMode != null );
760 user.setWorkgroupKey( strWorkgroupKey );
761
762 String strError = AdminUserFieldService.checkUserFields( request, getLocale( ) );
763
764 if ( strError != null )
765 {
766 return strError;
767 }
768
769 AdminUserHome.create( user );
770 AdminUserFieldService.doCreateUserFields( user, request, getLocale( ) );
771 }
772
773 return JSP_MANAGE_USER;
774 }
775
776
777
778
779
780
781
782
783
784 public String getModifyAdminUser( HttpServletRequest request )
785 throws AccessDeniedException
786 {
787 setPageTitleProperty( PROPERTY_MODIFY_USER_PAGETITLE );
788
789 String strUserId = request.getParameter( PARAMETER_USER_ID );
790
791 int nUserId = Integer.parseInt( strUserId );
792
793 Map<String, Object> model = new HashMap<String, Object>( );
794 HtmlTemplate template;
795
796 AdminUser user = null;
797 String strTemplateUrl = "";
798
799
800 if ( AdminAuthenticationService.getInstance( ).isDefaultModuleUsed( ) )
801 {
802 user = AdminUserHome.findLuteceDefaultAdminUserByPrimaryKey( nUserId );
803 strTemplateUrl = TEMPLATE_DEFAULT_MODIFY_USER;
804 }
805 else
806 {
807 user = AdminUserHome.findByPrimaryKey( nUserId );
808 strTemplateUrl = TEMPLATE_MODIFY_USER;
809 }
810
811 if ( ( user == null ) || ( user.getUserId( ) == 0 ) )
812 {
813 return getManageAdminUsers( request );
814 }
815
816 AdminUser currentUser = AdminUserService.getAdminUser( request );
817
818 if ( !isUserAuthorizedToModifyUser( currentUser, user ) )
819 {
820 throw new fr.paris.lutece.portal.service.admin.AccessDeniedException( MESSAGE_NOT_AUTHORIZED );
821 }
822
823 Level level = LevelHome.findByPrimaryKey( user.getUserLevel( ) );
824
825
826 setItemNavigator( user.getUserId( ), AppPathService.getBaseUrl( request ) + JSP_URL_MODIFY_USER );
827
828 List<IAttribute> listAttributes = AttributeService.getInstance( ).getAllAttributesWithFields( getLocale( ) );
829 Map<String, Object> map = AdminUserFieldService.getAdminUserFields( listAttributes, nUserId, getLocale( ) );
830
831 model.put( MARK_USER, user );
832 model.put( MARK_LEVEL, level );
833 model.put( MARK_LANGUAGES_LIST, I18nService.getAdminLocales( user.getLocale( ) ) );
834 model.put( MARK_CURRENT_LANGUAGE, user.getLocale( ).getLanguage( ) );
835 model.put( MARK_ITEM_NAVIGATOR, _itemNavigator );
836 model.put( MARK_ATTRIBUTES_LIST, listAttributes );
837 model.put( MARK_LOCALE, getLocale( ) );
838 model.put( MARK_MAP_LIST_ATTRIBUTE_DEFAULT_VALUES, map );
839 model.put( MARK_WORKGROUP_KEY_LIST, AdminWorkgroupService.getUserWorkgroups( getUser( ), getLocale( ) ) );
840
841 template = AppTemplateService.getTemplate( strTemplateUrl, getLocale( ), model );
842
843 return getAdminPage( template.getHtml( ) );
844 }
845
846
847
848
849
850
851
852
853
854 public String doModifyAdminUser( HttpServletRequest request )
855 throws AccessDeniedException
856 {
857 String strUserId = request.getParameter( PARAMETER_USER_ID );
858 String strAccessCode = request.getParameter( PARAMETER_ACCESS_CODE );
859 String strLastName = request.getParameter( PARAMETER_LAST_NAME );
860 String strFirstName = request.getParameter( PARAMETER_FIRST_NAME );
861 String strEmail = request.getParameter( PARAMETER_EMAIL );
862 String strStatus = request.getParameter( PARAMETER_STATUS );
863 String strAccessibilityMode = request.getParameter( PARAMETER_ACCESSIBILITY_MODE );
864 String strWorkgroupKey = request.getParameter( PARAMETER_WORKGROUP_KEY );
865
866 int nUserId = Integer.parseInt( strUserId );
867
868 AdminUser userToModify = AdminUserHome.findByPrimaryKey( nUserId );
869 AdminUser currentUser = AdminUserService.getAdminUser( request );
870
871 if ( !isUserAuthorizedToModifyUser( currentUser, userToModify ) )
872 {
873 throw new AccessDeniedException( MESSAGE_NOT_AUTHORIZED );
874 }
875
876 if ( StringUtils.isEmpty( strAccessCode ) )
877 {
878 return AdminMessageService.getMessageUrl( request, Messages.MANDATORY_FIELDS, AdminMessage.TYPE_STOP );
879 }
880
881 if ( StringUtils.isEmpty( strLastName ) )
882 {
883 return AdminMessageService.getMessageUrl( request, Messages.MANDATORY_FIELDS, AdminMessage.TYPE_STOP );
884 }
885
886 if ( StringUtils.isEmpty( strFirstName ) )
887 {
888 return AdminMessageService.getMessageUrl( request, Messages.MANDATORY_FIELDS, AdminMessage.TYPE_STOP );
889 }
890
891 if ( StringUtils.isBlank( strEmail ) )
892 {
893 return AdminMessageService.getMessageUrl( request, Messages.MANDATORY_FIELDS, AdminMessage.TYPE_STOP );
894 }
895
896 if ( !AdminUserService.checkEmail( strEmail ) )
897 {
898 return AdminUserService.getEmailErrorMessageUrl( request );
899 }
900
901 int checkCode = AdminUserHome.checkAccessCodeAlreadyInUse( strAccessCode );
902
903
904 if ( ( checkCode != -1 ) && ( checkCode != nUserId ) )
905 {
906 return AdminMessageService.getMessageUrl( request, PROPERTY_MESSAGE_ACCESS_CODE_ALREADY_USED,
907 AdminMessage.TYPE_STOP );
908 }
909
910 checkCode = AdminUserHome.checkEmailAlreadyInUse( strEmail );
911
912
913 if ( ( checkCode != -1 ) && ( checkCode != nUserId ) )
914 {
915 return AdminMessageService.getMessageUrl( request, PROPERTY_MESSAGE_EMAIL_ALREADY_USED,
916 AdminMessage.TYPE_STOP );
917 }
918
919
920 if ( AdminAuthenticationService.getInstance( ).isDefaultModuleUsed( ) )
921 {
922 LuteceDefaultAdminUser user = AdminUserHome.findLuteceDefaultAdminUserByPrimaryKey( nUserId );
923
924 String strFirstPassword = request.getParameter( PARAMETER_FIRST_PASSWORD );
925 String strSecondPassword = request.getParameter( PARAMETER_SECOND_PASSWORD );
926
927 if ( StringUtils.isEmpty( strFirstPassword ) && StringUtils.isNotEmpty( strSecondPassword ) )
928 {
929
930 return AdminMessageService.getMessageUrl( request, PROPERTY_MESSAGE_DIFFERENTS_PASSWORD,
931 AdminMessage.TYPE_STOP );
932 }
933
934 if ( StringUtils.isEmpty( strSecondPassword ) && StringUtils.isNotEmpty( strFirstPassword ) )
935 {
936
937 return AdminMessageService.getMessageUrl( request, PROPERTY_MESSAGE_DIFFERENTS_PASSWORD,
938 AdminMessage.TYPE_STOP );
939 }
940
941 if ( !StringUtils.equals( strFirstPassword, strSecondPassword ) )
942 {
943
944 return AdminMessageService.getMessageUrl( request, PROPERTY_MESSAGE_DIFFERENTS_PASSWORD,
945 AdminMessage.TYPE_STOP );
946 }
947
948 if ( StringUtils.isNotEmpty( strFirstPassword ) )
949 {
950 String strUrl = AdminUserService.checkPassword( request, strFirstPassword, nUserId, Boolean.TRUE );
951
952 if ( StringUtils.isNotEmpty( strUrl ) )
953 {
954 return strUrl;
955 }
956
957 user.setPassword( AdminUserService.encryptPassword( strFirstPassword ) );
958 user.setPasswordReset( Boolean.FALSE );
959 user.setPasswordMaxValidDate( AdminUserService.getPasswordMaxValidDate( ) );
960 }
961
962 user.setUserId( nUserId );
963 user.setAccessCode( strAccessCode );
964 user.setLastName( strLastName );
965 user.setFirstName( strFirstName );
966 user.setEmail( strEmail );
967 user.setWorkgroupKey( strWorkgroupKey );
968
969 int nStatus = Integer.parseInt( strStatus );
970
971 if ( nStatus != user.getStatus( ) )
972 {
973 user.setStatus( nStatus );
974 AdminUserService.notifyUser( AppPathService.getBaseUrl( request ), user,
975 PROPERTY_MESSAGE_EMAIL_SUBJECT_CHANGE_STATUS, TEMPLATE_ADMIN_EMAIL_CHANGE_STATUS );
976 }
977
978 user.setLocale( new Locale( request.getParameter( PARAMETER_LANGUAGE ) ) );
979 user.setAccessibilityMode( strAccessibilityMode != null );
980
981 String strError = AdminUserFieldService.checkUserFields( request, getLocale( ) );
982
983 if ( strError != null )
984 {
985 return strError;
986 }
987
988 AdminUserHome.update( user );
989
990 AdminUserFieldService.doModifyUserFields( user, request, getLocale( ), getUser( ) );
991 }
992 else
993 {
994 AdminUser user = new AdminUser( );
995 user.setUserId( nUserId );
996 user.setAccessCode( strAccessCode );
997 user.setLastName( strLastName );
998 user.setFirstName( strFirstName );
999 user.setEmail( strEmail );
1000 user.setStatus( Integer.parseInt( strStatus ) );
1001 user.setLocale( new Locale( request.getParameter( PARAMETER_LANGUAGE ) ) );
1002 user.setAccessibilityMode( strAccessibilityMode != null );
1003 user.setWorkgroupKey( strWorkgroupKey );
1004
1005 String strError = AdminUserFieldService.checkUserFields( request, getLocale( ) );
1006
1007 if ( strError != null )
1008 {
1009 return strError;
1010 }
1011
1012 AdminUserHome.update( user );
1013
1014 AdminUserFieldService.doModifyUserFields( user, request, getLocale( ), getUser( ) );
1015 }
1016
1017 return JSP_MANAGE_USER;
1018 }
1019
1020
1021
1022
1023
1024
1025 public String getImportUsersFromFile( HttpServletRequest request )
1026 {
1027 if ( !RBACService.isAuthorized( AdminUser.RESOURCE_TYPE, RBAC.WILDCARD_RESOURCES_ID,
1028 AdminUserResourceIdService.PERMISSION_MANAGE_ADVANCED_PARAMETERS, getUser( ) ) )
1029 {
1030 return getManageAdminUsers( request );
1031 }
1032
1033 setPageTitleProperty( PROPERTY_IMPORT_USERS_FROM_FILE_PAGETITLE );
1034
1035 Map<String, Object> model = new HashMap<String, Object>( );
1036
1037 model.put( MARK_LIST_MESSAGES, request.getAttribute( ATTRIBUTE_IMPORT_USERS_LIST_MESSAGES ) );
1038
1039 String strCsvSeparator = StringUtils.EMPTY + _importAdminUserService.getCSVSeparator( );
1040 String strCsvEscapeCharacter = StringUtils.EMPTY + _importAdminUserService.getCSVEscapeCharacter( );
1041 String strAttributesSeparator = StringUtils.EMPTY + _importAdminUserService.getAttributesSeparator( );
1042 model.put( MARK_CSV_SEPARATOR, strCsvSeparator );
1043 model.put( MARK_CSV_ESCAPE, strCsvEscapeCharacter );
1044 model.put( MARK_ATTRIBUTES_SEPARATOR, strAttributesSeparator );
1045
1046 HtmlTemplate template = AppTemplateService.getTemplate( TEMPLATE_IMPORT_USERS_FROM_FILE,
1047 AdminUserService.getLocale( request ), model );
1048
1049 return getAdminPage( template.getHtml( ) );
1050 }
1051
1052
1053
1054
1055
1056
1057
1058 public DefaultPluginActionResult doImportUsersFromFile( HttpServletRequest request )
1059 {
1060 DefaultPluginActionResult result = new DefaultPluginActionResult( );
1061
1062 if ( !RBACService.isAuthorized( AdminUser.RESOURCE_TYPE, RBAC.WILDCARD_RESOURCES_ID,
1063 AdminUserResourceIdService.PERMISSION_MANAGE_ADVANCED_PARAMETERS, getUser( ) ) )
1064 {
1065 result.setHtmlContent( getManageAdminUsers( request ) );
1066
1067 return result;
1068 }
1069
1070 if ( request instanceof MultipartHttpServletRequest )
1071 {
1072 MultipartHttpServletRequest multipartRequest = (MultipartHttpServletRequest) request;
1073 FileItem fileItem = multipartRequest.getFile( PARAMETER_IMPORT_USERS_FILE );
1074 String strMimeType = FileSystemUtil.getMIMEType( FileUploadService.getFileNameOnly( fileItem ) );
1075
1076 if ( !( ( fileItem != null ) && !StringUtils.EMPTY.equals( fileItem.getName( ) ) ) )
1077 {
1078 Object[] tabRequiredFields = { I18nService.getLocalizedString( FIELD_IMPORT_USERS_FILE, getLocale( ) ) };
1079 result.setRedirect( AdminMessageService.getMessageUrl( request, MESSAGE_MANDATORY_FIELD,
1080 tabRequiredFields, AdminMessage.TYPE_STOP ) );
1081
1082 return result;
1083 }
1084
1085 if ( ( !strMimeType.equals( CONSTANT_MIME_TYPE_CSV ) &&
1086 !strMimeType.equals( CONSTANT_MIME_TYPE_OCTETSTREAM ) &&
1087 !strMimeType.equals( CONSTANT_MIME_TYPE_TEXT_CSV ) ) ||
1088 !fileItem.getName( ).toLowerCase( ).endsWith( CONSTANT_EXTENSION_CSV_FILE ) )
1089 {
1090 result.setRedirect( AdminMessageService.getMessageUrl( request, MESSAGE_ERROR_CSV_FILE_IMPORT,
1091 AdminMessage.TYPE_STOP ) );
1092
1093 return result;
1094 }
1095
1096 String strSkipFirstLine = multipartRequest.getParameter( PARAMETER_SKIP_FIRST_LINE );
1097 boolean bSkipFirstLine = StringUtils.isNotEmpty( strSkipFirstLine );
1098 String strUpdateUsers = multipartRequest.getParameter( PARAMETER_UPDATE_USERS );
1099 boolean bUpdateUsers = StringUtils.isNotEmpty( strUpdateUsers );
1100
1101 _importAdminUserService.setUpdateExistingUsers( bUpdateUsers );
1102
1103 List<CSVMessageDescriptor> listMessages = _importAdminUserService.readCSVFile( fileItem, 0, false, false,
1104 bSkipFirstLine, AdminUserService.getLocale( request ), AppPathService.getBaseUrl( request ) );
1105
1106 request.setAttribute( ATTRIBUTE_IMPORT_USERS_LIST_MESSAGES, listMessages );
1107
1108 String strHtmlResult = getImportUsersFromFile( request );
1109 result.setHtmlContent( strHtmlResult );
1110 }
1111 else
1112 {
1113 Object[] tabRequiredFields = { I18nService.getLocalizedString( FIELD_IMPORT_USERS_FILE, getLocale( ) ) };
1114 result.setRedirect( AdminMessageService.getMessageUrl( request, MESSAGE_MANDATORY_FIELD, tabRequiredFields,
1115 AdminMessage.TYPE_STOP ) );
1116 }
1117
1118 return result;
1119 }
1120
1121
1122
1123
1124
1125
1126 public String getExportUsers( HttpServletRequest request )
1127 {
1128 if ( !RBACService.isAuthorized( AdminUser.RESOURCE_TYPE, RBAC.WILDCARD_RESOURCES_ID,
1129 AdminUserResourceIdService.PERMISSION_MANAGE_ADVANCED_PARAMETERS, getUser( ) ) )
1130 {
1131 return getManageAdminUsers( request );
1132 }
1133
1134 setPageTitleProperty( PROPERTY_EXPORT_USERS_PAGETITLE );
1135
1136 Map<String, Object> model = new HashMap<String, Object>( );
1137
1138 ReferenceList refListXsl = XslExportHome.getRefListByPlugin( PluginService.getCore( ) );
1139
1140 model.put( MARK_LIST_XSL_EXPORT, refListXsl );
1141
1142 HtmlTemplate template = AppTemplateService.getTemplate( TEMPLATE_EXPORT_USERS_FROM_FILE,
1143 AdminUserService.getLocale( request ), model );
1144
1145 return getAdminPage( template.getHtml( ) );
1146 }
1147
1148
1149
1150
1151
1152
1153
1154
1155
1156 public DefaultPluginActionResult doExportUsers( HttpServletRequest request, HttpServletResponse response )
1157 throws IOException
1158 {
1159 DefaultPluginActionResult result = new DefaultPluginActionResult( );
1160
1161 if ( !RBACService.isAuthorized( AdminUser.RESOURCE_TYPE, RBAC.WILDCARD_RESOURCES_ID,
1162 AdminUserResourceIdService.PERMISSION_IMPORT_EXPORT_USERS, getUser( ) ) )
1163 {
1164 result.setHtmlContent( getManageAdminUsers( request ) );
1165
1166 return result;
1167 }
1168
1169 String strXslExportId = request.getParameter( PARAMETER_XSL_EXPORT_ID );
1170 String strExportAttributes = request.getParameter( PARAMETER_EXPORT_ATTRIBUTES );
1171 String strExportRoles = request.getParameter( PARAMETER_EXPORT_ROLES );
1172 String strExportRights = request.getParameter( PARAMETER_EXPORT_RIGHTS );
1173 String strExportWorkgroups = request.getParameter( PARAMETER_EXPORT_WORKGROUPS );
1174 boolean bExportAttributes = StringUtils.isNotEmpty( strExportAttributes );
1175 boolean bExportRoles = StringUtils.isNotEmpty( strExportRoles );
1176 boolean bExportRights = StringUtils.isNotEmpty( strExportRights );
1177 boolean bExportWorkgroups = StringUtils.isNotEmpty( strExportWorkgroups );
1178
1179 if ( StringUtils.isBlank( strXslExportId ) )
1180 {
1181 Object[] tabRequiredFields = { I18nService.getLocalizedString( FIELD_XSL_EXPORT, getLocale( ) ) };
1182 result.setRedirect( AdminMessageService.getMessageUrl( request, MESSAGE_MANDATORY_FIELD, tabRequiredFields,
1183 AdminMessage.TYPE_STOP ) );
1184
1185 return result;
1186 }
1187
1188 int nIdXslExport = Integer.parseInt( strXslExportId );
1189
1190 XslExport xslExport = XslExportHome.findByPrimaryKey( nIdXslExport );
1191
1192 Collection<AdminUser> listUsers = AdminUserHome.findUserList( );
1193
1194 List<IAttribute> listAttributes = AttributeService.getInstance( )
1195 .getAllAttributesWithFields( LocaleService.getDefault( ) );
1196 List<IAttribute> listAttributesFiltered = new ArrayList<IAttribute>( );
1197
1198 for ( IAttribute attribute : listAttributes )
1199 {
1200 if ( attribute instanceof ISimpleValuesAttributes )
1201 {
1202 listAttributesFiltered.add( attribute );
1203 }
1204 }
1205
1206 StringBuffer sbXml = new StringBuffer( XmlUtil.getXmlHeader( ) );
1207 XmlUtil.beginElement( sbXml, CONSTANT_XML_USERS );
1208
1209 for ( AdminUser user : listUsers )
1210 {
1211 if ( !user.isStatusAnonymized( ) )
1212 {
1213 sbXml.append( AdminUserService.getXmlFromUser( user, bExportRoles, bExportRights, bExportWorkgroups,
1214 bExportAttributes, listAttributesFiltered ) );
1215 }
1216 }
1217
1218 XmlUtil.endElement( sbXml, CONSTANT_XML_USERS );
1219
1220 String strXml = StringUtil.replaceAccent( sbXml.toString( ) );
1221 String strExportedUsers = XslExportService.exportXMLWithXSL( nIdXslExport, strXml );
1222
1223 if ( CONSTANT_MIME_TYPE_CSV.contains( xslExport.getExtension( ) ) )
1224 {
1225 response.setContentType( CONSTANT_MIME_TYPE_CSV );
1226 }
1227 else if ( CONSTANT_EXTENSION_XML_FILE.contains( xslExport.getExtension( ) ) )
1228 {
1229 response.setContentType( CONSTANT_MIME_TYPE_XML );
1230 }
1231 else
1232 {
1233 response.setContentType( CONSTANT_MIME_TYPE_OCTETSTREAM );
1234 }
1235
1236 String strFileName = CONSTANT_EXPORT_USERS_FILE_NAME + CONSTANT_POINT + xslExport.getExtension( );
1237 response.setHeader( CONSTANT_ATTACHEMENT_DISPOSITION,
1238 CONSTANT_ATTACHEMENT_FILE_NAME + strFileName + CONSTANT_QUOTE );
1239
1240 PrintWriter out = response.getWriter( );
1241 out.write( strExportedUsers );
1242 out.flush( );
1243 out.close( );
1244
1245 return null;
1246 }
1247
1248
1249
1250
1251
1252
1253
1254
1255 public String doConfirmRemoveAdminUser( HttpServletRequest request ) throws AccessDeniedException
1256 {
1257 String strUserId = request.getParameter( PARAMETER_USER_ID );
1258 int nUserId = Integer.parseInt( strUserId );
1259 AdminUser user = AdminUserHome.findByPrimaryKey( nUserId );
1260
1261 if ( user == null )
1262 {
1263 return AdminMessageService.getMessageUrl( request, PROPERTY_MESSAGE_USER_ERROR_SESSION,
1264 AdminMessage.TYPE_ERROR );
1265 }
1266
1267 AdminUser currentUser = AdminUserService.getAdminUser( request );
1268
1269 if ( !isUserAuthorizedToModifyUser( currentUser, user ) )
1270 {
1271 throw new fr.paris.lutece.portal.service.admin.AccessDeniedException( MESSAGE_NOT_AUTHORIZED );
1272 }
1273
1274 String strUrlRemove = JSP_URL_REMOVE_USER + "?" + PARAMETER_USER_ID + "=" + nUserId;
1275
1276 String strUrl = AdminMessageService.getMessageUrl( request, PROPERTY_MESSAGE_CONFIRM_REMOVE,
1277 new Object[] { user.getFirstName( ), user.getLastName( ), user.getAccessCode( ) },
1278 strUrlRemove, AdminMessage.TYPE_CONFIRMATION );
1279
1280 return strUrl;
1281 }
1282
1283
1284
1285
1286
1287
1288
1289
1290 public String doRemoveAdminUser( HttpServletRequest request )
1291 throws AccessDeniedException
1292 {
1293 String strUserId = request.getParameter( PARAMETER_USER_ID );
1294 int nUserId = Integer.parseInt( strUserId );
1295 AdminUser user = AdminUserHome.findByPrimaryKey( nUserId );
1296
1297 if ( user == null )
1298 {
1299 return AdminMessageService.getMessageUrl( request, PROPERTY_MESSAGE_USER_ERROR_SESSION,
1300 AdminMessage.TYPE_ERROR );
1301 }
1302
1303 AdminUser currentUser = AdminUserService.getAdminUser( request );
1304
1305 if ( !isUserAuthorizedToModifyUser( currentUser, user ) )
1306 {
1307 throw new fr.paris.lutece.portal.service.admin.AccessDeniedException( MESSAGE_NOT_AUTHORIZED );
1308 }
1309
1310 AdminUserFieldService.doRemoveUserFields( user, request, getLocale( ) );
1311 AdminUserHome.removeAllRightsForUser( nUserId );
1312 AdminUserHome.removeAllRolesForUser( nUserId );
1313 AdminUserHome.removeAllPasswordHistoryForUser( nUserId );
1314 AdminUserHome.remove( nUserId );
1315
1316 return JSP_MANAGE_USER;
1317 }
1318
1319
1320
1321
1322
1323
1324
1325
1326 public String getManageAdminUserRights( HttpServletRequest request )
1327 throws AccessDeniedException
1328 {
1329 setPageTitleProperty( PROPERTY_MANAGE_USER_RIGHTS_PAGETITLE );
1330
1331 String strUserId = request.getParameter( PARAMETER_USER_ID );
1332 int nUserId = Integer.parseInt( strUserId );
1333
1334 AdminUser selectedUser = AdminUserHome.findByPrimaryKey( nUserId );
1335
1336 AdminUser currentUser = AdminUserService.getAdminUser( request );
1337
1338 if ( !isUserAuthorizedToModifyUser( currentUser, selectedUser ) )
1339 {
1340 throw new fr.paris.lutece.portal.service.admin.AccessDeniedException( MESSAGE_NOT_AUTHORIZED );
1341 }
1342
1343 Collection<Right> rightList = AdminUserHome.getRightsListForUser( nUserId ).values( );
1344
1345
1346 setItemNavigator( selectedUser.getUserId( ), AppPathService.getBaseUrl( request ) +
1347 JSP_URL_MANAGE_USER_RIGHTS );
1348
1349 HashMap<String, Object> model = new HashMap<String, Object>( );
1350 model.put( MARK_CAN_MODIFY, getUser( ).isParent( selectedUser ) || getUser( ).isAdmin( ) );
1351 model.put( MARK_CAN_DELEGATE, getUser( ).getUserId( ) != nUserId );
1352 model.put( MARK_USER, AdminUserHome.findByPrimaryKey( nUserId ) );
1353 model.put( MARK_USER_RIGHT_LIST, I18nService.localizeCollection( rightList, getLocale( ) ) );
1354 model.put( MARK_ITEM_NAVIGATOR, _itemNavigator );
1355
1356 HtmlTemplate template = AppTemplateService.getTemplate( TEMPLATE_MANAGE_USER_RIGHTS, getLocale( ), model );
1357
1358 return getAdminPage( template.getHtml( ) );
1359 }
1360
1361
1362
1363
1364
1365
1366
1367
1368 public String getManageAdminUserWorkgroups( HttpServletRequest request )
1369 throws AccessDeniedException
1370 {
1371 setPageTitleProperty( PROPERTY_MANAGE_USER_WORKGROUPS_PAGETITLE );
1372
1373 String strUserId = request.getParameter( PARAMETER_USER_ID );
1374 int nUserId = Integer.parseInt( strUserId );
1375
1376 AdminUser selectedUser = AdminUserHome.findByPrimaryKey( nUserId );
1377 AdminUser currentUser = AdminUserService.getAdminUser( request );
1378
1379 if ( !isUserAuthorizedToModifyUser( currentUser, selectedUser ) )
1380 {
1381 throw new fr.paris.lutece.portal.service.admin.AccessDeniedException( MESSAGE_NOT_AUTHORIZED );
1382 }
1383
1384 ReferenceList workgroupsList = AdminWorkgroupHome.getUserWorkgroups( selectedUser );
1385
1386
1387 setItemNavigator( nUserId, AppPathService.getBaseUrl( request ) + JSP_URL_MANAGE_USER_WORKGROUPS );
1388
1389
1390 Map<String, Object> model = new HashMap<String, Object>( );
1391 model.put( MARK_CAN_MODIFY, getUser( ).isParent( selectedUser ) || getUser( ).isAdmin( ) );
1392 model.put( MARK_CAN_DELEGATE, getUser( ).getUserId( ) != nUserId );
1393 model.put( MARK_USER, AdminUserHome.findByPrimaryKey( nUserId ) );
1394 model.put( MARK_USER_WORKGROUP_LIST, workgroupsList );
1395 model.put( MARK_ITEM_NAVIGATOR, _itemNavigator );
1396
1397 HtmlTemplate template = AppTemplateService.getTemplate( TEMPLATE_MANAGE_USER_WORKGROUPS, getLocale( ), model );
1398
1399 return getAdminPage( template.getHtml( ) );
1400 }
1401
1402
1403
1404
1405
1406
1407
1408
1409 public String getModifyAdminUserWorkgroups( HttpServletRequest request )
1410 throws AccessDeniedException
1411 {
1412 boolean bDelegateWorkgroups = Boolean.valueOf( request.getParameter( PARAMETER_DELEGATE_RIGHTS ) );
1413
1414 setPageTitleProperty( bDelegateWorkgroups ? PROPERTY_DELEGATE_USER_RIGHTS_PAGETITLE
1415 : PROPERTY_MODIFY_USER_WORKGROUPS_PAGETITLE );
1416
1417 String strUserId = request.getParameter( PARAMETER_USER_ID );
1418 int nUserId = Integer.parseInt( strUserId );
1419
1420 AdminUser user = AdminUserHome.findByPrimaryKey( nUserId );
1421 AdminUser currentUser = getUser( );
1422
1423 if ( ( user == null ) || ( user.getUserId( ) == 0 ) )
1424 {
1425 return getManageAdminUsers( request );
1426 }
1427
1428 if ( !isUserAuthorizedToModifyUser( currentUser, user ) )
1429 {
1430 throw new fr.paris.lutece.portal.service.admin.AccessDeniedException( MESSAGE_NOT_AUTHORIZED );
1431 }
1432
1433 ReferenceList userWorkspaces = AdminWorkgroupHome.getUserWorkgroups( user );
1434 ReferenceList assignableWorkspaces = AdminWorkgroupHome.getUserWorkgroups( currentUser );
1435
1436 ArrayList<String> checkedValues = new ArrayList<String>( );
1437
1438 for ( ReferenceItem item : userWorkspaces )
1439 {
1440 checkedValues.add( item.getCode( ) );
1441 }
1442
1443 assignableWorkspaces.checkItems( checkedValues.toArray( new String[checkedValues.size( )] ) );
1444
1445
1446 setItemNavigator( nUserId, AppPathService.getBaseUrl( request ) + JSP_URL_MANAGE_USER_WORKGROUPS );
1447
1448 Map<String, Object> model = new HashMap<String, Object>( );
1449 model.put( MARK_USER, AdminUserHome.findByPrimaryKey( nUserId ) );
1450 model.put( MARK_ALL_WORKSGROUP_LIST, assignableWorkspaces );
1451 model.put( MARK_CAN_DELEGATE, String.valueOf( bDelegateWorkgroups ) );
1452 model.put( MARK_ITEM_NAVIGATOR, _itemNavigator );
1453
1454 HtmlTemplate template = AppTemplateService.getTemplate( TEMPLATE_MODIFY_USER_WORKGROUPS, getLocale( ), model );
1455
1456 return getAdminPage( template.getHtml( ) );
1457 }
1458
1459
1460
1461
1462
1463
1464
1465
1466 public String getModifyAdminUserRights( HttpServletRequest request )
1467 throws AccessDeniedException
1468 {
1469 boolean bDelegateRights = Boolean.valueOf( request.getParameter( PARAMETER_DELEGATE_RIGHTS ) );
1470
1471 String strSelectAll = request.getParameter( PARAMETER_SELECT );
1472 boolean bSelectAll = ( ( strSelectAll != null ) && strSelectAll.equals( PARAMETER_SELECT_ALL ) ) ? true : false;
1473
1474 setPageTitleProperty( bDelegateRights ? PROPERTY_DELEGATE_USER_RIGHTS_PAGETITLE
1475 : PROPERTY_MODIFY_USER_RIGHTS_PAGETITLE );
1476
1477 String strUserId = request.getParameter( PARAMETER_USER_ID );
1478 int nUserId = Integer.parseInt( strUserId );
1479
1480 AdminUser user = AdminUserHome.findByPrimaryKey( nUserId );
1481 AdminUser currentUser = getUser( );
1482
1483 if ( ( user == null ) || ( user.getUserId( ) == 0 ) )
1484 {
1485 return getManageAdminUsers( request );
1486 }
1487
1488 if ( !isUserAuthorizedToModifyUser( currentUser, user ) )
1489 {
1490 throw new fr.paris.lutece.portal.service.admin.AccessDeniedException( MESSAGE_NOT_AUTHORIZED );
1491 }
1492
1493 Collection<Right> rightList;
1494 Collection<Right> allRightList = RightHome.getRightsList( user.getUserLevel( ) );
1495
1496 if ( bDelegateRights )
1497 {
1498 Map<String, Right> rights = AdminUserHome.getRightsListForUser( currentUser.getUserId( ) );
1499 rightList = new ArrayList<Right>( );
1500
1501 for ( Right right : rights.values( ) )
1502 {
1503
1504 if ( right.getLevel( ) >= user.getUserLevel( ) )
1505 {
1506 rightList.add( right );
1507 }
1508 }
1509 }
1510 else
1511 {
1512 rightList = AdminUserHome.getRightsListForUser( nUserId ).values( );
1513 }
1514
1515
1516 setItemNavigator( nUserId, AppPathService.getBaseUrl( request ) + JSP_URL_MANAGE_USER_RIGHTS );
1517
1518 Map<String, Object> model = new HashMap<String, Object>( );
1519 model.put( MARK_USER, AdminUserHome.findByPrimaryKey( nUserId ) );
1520 model.put( MARK_USER_RIGHT_LIST, I18nService.localizeCollection( rightList, getLocale( ) ) );
1521 model.put( MARK_ALL_RIGHT_LIST, I18nService.localizeCollection( allRightList, getLocale( ) ) );
1522 model.put( MARK_CAN_DELEGATE, String.valueOf( bDelegateRights ) );
1523 model.put( MARK_SELECT_ALL, bSelectAll );
1524 model.put( MARK_ITEM_NAVIGATOR, _itemNavigator );
1525
1526 HtmlTemplate template = AppTemplateService.getTemplate( TEMPLATE_MODIFY_USER_RIGHTS, getLocale( ), model );
1527
1528 return getAdminPage( template.getHtml( ) );
1529 }
1530
1531
1532
1533
1534
1535
1536
1537
1538 public String doModifyAdminUserRights( HttpServletRequest request )
1539 throws AccessDeniedException
1540 {
1541 String strUserId = request.getParameter( PARAMETER_USER_ID );
1542 int nUserId = Integer.parseInt( strUserId );
1543
1544 String[] arrayRights = request.getParameterValues( PARAMETER_RIGHT );
1545
1546 AdminUser user = AdminUserHome.findByPrimaryKey( nUserId );
1547 AdminUser userCurrent = AdminUserService.getAdminUser( request );
1548
1549 if ( !isUserAuthorizedToModifyUser( userCurrent, user ) )
1550 {
1551 throw new fr.paris.lutece.portal.service.admin.AccessDeniedException( MESSAGE_NOT_AUTHORIZED );
1552 }
1553
1554 AdminUserHome.removeAllOwnRightsForUser( user );
1555
1556 if ( arrayRights != null )
1557 {
1558 for ( int i = 0; i < arrayRights.length; i++ )
1559 {
1560 AdminUserHome.createRightForUser( nUserId, arrayRights[i] );
1561 }
1562 }
1563
1564 if ( ( user != null ) && ( userCurrent != null ) && ( user.getUserId( ) == userCurrent.getUserId( ) ) )
1565 {
1566 try
1567 {
1568 AdminAuthenticationService.getInstance( ).registerUser( request, user );
1569 }
1570 catch ( AccessDeniedException e )
1571 {
1572 AppLogService.error( e.getMessage( ), e );
1573 }
1574 catch ( UserNotSignedException e )
1575 {
1576 AppLogService.error( e.getMessage( ), e );
1577 }
1578 }
1579
1580 return JSP_MANAGE_USER_RIGHTS + "?" + PARAMETER_USER_ID + "=" + nUserId;
1581 }
1582
1583
1584
1585
1586
1587
1588
1589
1590 public String getManageAdminUserRoles( HttpServletRequest request )
1591 throws AccessDeniedException
1592 {
1593 setPageTitleProperty( PROPERTY_MANAGE_USER_ROLES_PAGETITLE );
1594
1595 String strUserId = request.getParameter( PARAMETER_USER_ID );
1596 int nUserId = Integer.parseInt( strUserId );
1597 AdminUser selectedUser = AdminUserHome.findByPrimaryKey( nUserId );
1598 AdminUser userCurrent = AdminUserService.getAdminUser( request );
1599
1600 if ( !isUserAuthorizedToModifyUser( userCurrent, selectedUser ) )
1601 {
1602 throw new fr.paris.lutece.portal.service.admin.AccessDeniedException( MESSAGE_NOT_AUTHORIZED );
1603 }
1604
1605 Collection<AdminRole> roleList = AdminUserHome.getRolesListForUser( nUserId ).values( );
1606
1607
1608 setItemNavigator( nUserId, AppPathService.getBaseUrl( request ) + JSP_URL_MANAGE_USER_ROLES );
1609
1610 Map<String, Object> model = new HashMap<String, Object>( );
1611 model.put( MARK_CAN_MODIFY, getUser( ).isParent( selectedUser ) || getUser( ).isAdmin( ) );
1612 model.put( MARK_CAN_DELEGATE, getUser( ).getUserId( ) != nUserId );
1613 model.put( MARK_USER, AdminUserHome.findByPrimaryKey( nUserId ) );
1614 model.put( MARK_USER_ROLE_LIST, roleList );
1615 model.put( MARK_ITEM_NAVIGATOR, _itemNavigator );
1616
1617 HtmlTemplate template = AppTemplateService.getTemplate( TEMPLATE_MANAGE_USER_ROLES, getLocale( ), model );
1618
1619 return getAdminPage( template.getHtml( ) );
1620 }
1621
1622
1623
1624
1625
1626
1627
1628
1629 public String getModifyAdminUserRoles( HttpServletRequest request )
1630 throws AccessDeniedException
1631 {
1632 boolean bDelegateRoles = Boolean.valueOf( request.getParameter( PARAMETER_DELEGATE_RIGHTS ) );
1633 setPageTitleProperty( PROPERTY_MODIFY_USER_ROLES_PAGETITLE );
1634
1635 String strUserId = request.getParameter( PARAMETER_USER_ID );
1636 int nUserId = Integer.parseInt( strUserId );
1637
1638 AdminUser selectedUser = AdminUserHome.findByPrimaryKey( nUserId );
1639 AdminUser userCurrent = AdminUserService.getAdminUser( request );
1640
1641 if ( ( selectedUser == null ) || ( selectedUser.getUserId( ) == 0 ) )
1642 {
1643 return getManageAdminUsers( request );
1644 }
1645
1646 if ( !isUserAuthorizedToModifyUser( userCurrent, selectedUser ) )
1647 {
1648 throw new fr.paris.lutece.portal.service.admin.AccessDeniedException( MESSAGE_NOT_AUTHORIZED );
1649 }
1650
1651 Collection<AdminRole> roleList = AdminUserHome.getRolesListForUser( nUserId ).values( );
1652 Collection<AdminRole> assignableRoleList;
1653
1654 if ( bDelegateRoles )
1655 {
1656
1657 assignableRoleList = new ArrayList<AdminRole>( );
1658
1659 AdminUser currentUser = getUser( );
1660
1661 for ( AdminRole role : AdminRoleHome.findAll( ) )
1662 {
1663 if ( currentUser.isAdmin( ) || RBACService.isUserInRole( currentUser, role.getKey( ) ) )
1664 {
1665 assignableRoleList.add( role );
1666 }
1667 }
1668 }
1669 else
1670 {
1671
1672 assignableRoleList = AdminRoleHome.findAll( );
1673 }
1674
1675
1676 setItemNavigator( nUserId, AppPathService.getBaseUrl( request ) + JSP_URL_MANAGE_USER_ROLES );
1677
1678 Map<String, Object> model = new HashMap<String, Object>( );
1679 model.put( MARK_USER, AdminUserHome.findByPrimaryKey( nUserId ) );
1680 model.put( MARK_USER_ROLE_LIST, roleList );
1681 model.put( MARK_ALL_ROLE_LIST, assignableRoleList );
1682 model.put( MARK_ITEM_NAVIGATOR, _itemNavigator );
1683
1684 HtmlTemplate template = AppTemplateService.getTemplate( TEMPLATE_MODIFY_USER_ROLES, getLocale( ), model );
1685
1686 return getAdminPage( template.getHtml( ) );
1687 }
1688
1689
1690
1691
1692
1693
1694
1695
1696 public String doModifyAdminUserRoles( HttpServletRequest request )
1697 throws AccessDeniedException
1698 {
1699 String strUserId = request.getParameter( PARAMETER_USER_ID );
1700 int nUserId = Integer.parseInt( strUserId );
1701 AdminUser selectedUser = AdminUserHome.findByPrimaryKey( nUserId );
1702 AdminUser userCurrent = AdminUserService.getAdminUser( request );
1703
1704 if ( !isUserAuthorizedToModifyUser( userCurrent, selectedUser ) )
1705 {
1706 throw new fr.paris.lutece.portal.service.admin.AccessDeniedException( MESSAGE_NOT_AUTHORIZED );
1707 }
1708
1709 String[] arrayRoles = request.getParameterValues( PARAMETER_ROLE );
1710
1711 AdminUserHome.removeAllRolesForUser( nUserId );
1712
1713 if ( arrayRoles != null )
1714 {
1715 for ( int i = 0; i < arrayRoles.length; i++ )
1716 {
1717 AdminUserHome.createRoleForUser( nUserId, arrayRoles[i] );
1718 }
1719 }
1720
1721 return JSP_MANAGE_USER_ROLES + "?" + PARAMETER_USER_ID + "=" + nUserId;
1722 }
1723
1724
1725
1726
1727
1728
1729
1730
1731 public String doModifyAdminUserWorkgroups( HttpServletRequest request )
1732 throws AccessDeniedException
1733 {
1734 String strUserId = request.getParameter( PARAMETER_USER_ID );
1735 int nUserId = Integer.parseInt( strUserId );
1736 AdminUser user = AdminUserHome.findByPrimaryKey( nUserId );
1737 AdminUser currentUser = getUser( );
1738
1739 if ( !isUserAuthorizedToModifyUser( currentUser, user ) )
1740 {
1741 throw new fr.paris.lutece.portal.service.admin.AccessDeniedException( MESSAGE_NOT_AUTHORIZED );
1742 }
1743
1744 String[] arrayWorkspaces = request.getParameterValues( PARAMETER_WORKGROUP );
1745 ReferenceList assignableWorkgroups = AdminWorkgroupHome.getUserWorkgroups( currentUser );
1746
1747 for ( ReferenceItem item : assignableWorkgroups )
1748 {
1749 AdminWorkgroupHome.removeUserFromWorkgroup( user, item.getCode( ) );
1750 }
1751
1752 if ( arrayWorkspaces != null )
1753 {
1754 for ( String strWorkgroupKey : arrayWorkspaces )
1755 {
1756 AdminWorkgroupHome.addUserForWorkgroup( user, strWorkgroupKey );
1757 }
1758 }
1759
1760 return JSP_MANAGE_USER_WORKGROUPS + "?" + PARAMETER_USER_ID + "=" + nUserId;
1761 }
1762
1763
1764
1765
1766
1767
1768
1769 private boolean haveCommonWorkgroups( AdminUser user1, AdminUser user2 )
1770 {
1771 ReferenceList workgroups = AdminWorkgroupHome.getUserWorkgroups( user1 );
1772
1773 if ( workgroups.size( ) == 0 )
1774 {
1775 return true;
1776 }
1777
1778 for ( ReferenceItem item : workgroups )
1779 {
1780 if ( AdminWorkgroupHome.isUserInWorkgroup( user2, item.getCode( ) ) )
1781 {
1782 return true;
1783 }
1784 }
1785
1786 return false;
1787 }
1788
1789
1790
1791
1792
1793
1794 public String getManageAdvancedParameters( HttpServletRequest request )
1795 {
1796 if ( !RBACService.isAuthorized( AdminUser.RESOURCE_TYPE, RBAC.WILDCARD_RESOURCES_ID,
1797 AdminUserResourceIdService.PERMISSION_MANAGE_ADVANCED_PARAMETERS, getUser( ) ) )
1798 {
1799 return getManageAdminUsers( request );
1800 }
1801
1802 setPageTitleProperty( PROPERTY_MANAGE_ADVANCED_PARAMETERS_PAGETITLE );
1803
1804 Map<String, Object> model = AdminUserService.getManageAdvancedParameters( getUser( ) );
1805
1806 HtmlTemplate template = AppTemplateService.getTemplate( TEMPLATE_MANAGE_ADVANCED_PARAMETERS,
1807 getUser( ).getLocale( ), model );
1808
1809 return getAdminPage( template.getHtml( ) );
1810 }
1811
1812
1813
1814
1815
1816
1817
1818 public String doModifyDefaultUserParameterValues( HttpServletRequest request )
1819 throws AccessDeniedException
1820 {
1821 if ( !RBACService.isAuthorized( AdminUser.RESOURCE_TYPE, RBAC.WILDCARD_RESOURCES_ID,
1822 AdminUserResourceIdService.PERMISSION_MANAGE_ADVANCED_PARAMETERS, getUser( ) ) )
1823 {
1824 throw new AccessDeniedException( "User " + getUser( ) + " is not authorized to permission " +
1825 AdminUserResourceIdService.PERMISSION_MANAGE_ADVANCED_PARAMETERS );
1826 }
1827
1828 DefaultUserParameterHome.update( AdminUserService.DSKEY_DEFAULT_USER_STATUS,
1829 request.getParameter( PARAMETER_STATUS ) );
1830 DefaultUserParameterHome.update( AdminUserService.DSKEY_DEFAULT_USER_LEVEL,
1831 request.getParameter( PARAMETER_USER_LEVEL ) );
1832 DefaultUserParameterHome.update( AdminUserService.DSKEY_DEFAULT_USER_NOTIFICATION,
1833 request.getParameter( PARAMETER_NOTIFY_USER ) );
1834 DefaultUserParameterHome.update( AdminUserService.DSKEY_DEFAULT_USER_LANGUAGE,
1835 request.getParameter( PARAMETER_LANGUAGE ) );
1836
1837 return JSP_MANAGE_ADVANCED_PARAMETERS;
1838 }
1839
1840
1841
1842
1843
1844
1845
1846 public String doModifyDefaultUserSecurityValues( HttpServletRequest request )
1847 throws AccessDeniedException
1848 {
1849 if ( !RBACService.isAuthorized( AdminUser.RESOURCE_TYPE, RBAC.WILDCARD_RESOURCES_ID,
1850 AdminUserResourceIdService.PERMISSION_MANAGE_ADVANCED_PARAMETERS, getUser( ) ) )
1851 {
1852 throw new AccessDeniedException( "User " + getUser( ) + " is not authorized to permission " +
1853 AdminUserResourceIdService.PERMISSION_MANAGE_ADVANCED_PARAMETERS );
1854 }
1855
1856 String strForceChangePasswordValue = request.getParameter( PARAMETER_FORCE_CHANGE_PASSWORD_REINIT );
1857 strForceChangePasswordValue = StringUtils.isNotBlank( strForceChangePasswordValue )
1858 ? strForceChangePasswordValue : StringUtils.EMPTY;
1859
1860 DefaultUserParameterHome.update( AdminUserService.DSKEY_FORCE_CHANGE_PASSWORD_REINIT,
1861 strForceChangePasswordValue );
1862
1863
1864 AdminUserService.updateSecurityParameter( AdminUserService.DSKEY_PASSWORD_MINIMUM_LENGTH,
1865 request.getParameter( PARAMETER_PASSWORD_MINIMUM_LENGTH ) );
1866
1867 boolean bUseAdvancedSecurityParameter = AdminUserService.getBooleanSecurityParameter( AdminUserService.DSKEY_USE_ADVANCED_SECURITY_PARAMETERS );
1868
1869 if ( bUseAdvancedSecurityParameter )
1870 {
1871
1872 AdminUserService.updateSecurityParameter( AdminUserService.DSKEY_PASSWORD_FORMAT_UPPER_LOWER_CASE,
1873 request.getParameter( PARAMETER_PASSWORD_FORMAT_UPPER_LOWER_CASE ) );
1874 AdminUserService.updateSecurityParameter( AdminUserService.DSKEY_PASSWORD_FORMAT_NUMERO,
1875 request.getParameter( PARAMETER_PASSWORD_FORMAT_NUMERO ) );
1876 AdminUserService.updateSecurityParameter( AdminUserService.DSKEY_PASSWORD_FORMAT_SPECIAL_CHARACTERS,
1877 request.getParameter( PARAMETER_PASSWORD_FORMAT_SPECIAL_CHARACTERS ) );
1878
1879 AdminUserService.updateSecurityParameter( AdminUserService.DSKEY_PASSWORD_DURATION,
1880 request.getParameter( PARAMETER_PASSWORD_DURATION ) );
1881
1882
1883 AdminUserService.updateSecurityParameter( AdminUserService.DSKEY_PASSWORD_HISTORY_SIZE,
1884 request.getParameter( PARAMETER_PASSWORD_HISTORY_SIZE ) );
1885
1886
1887 AdminUserService.updateSecurityParameter( AdminUserService.DSKEY_MAXIMUM_NUMBER_PASSWORD_CHANGE,
1888 request.getParameter( PARAMETER_MAXIMUM_NUMBER_PASSWORD_CHANGE ) );
1889
1890
1891 AdminUserService.updateSecurityParameter( AdminUserService.DSKEY_TSW_SIZE_PASSWORD_CHANGE,
1892 request.getParameter( PARAMETER_TSW_SIZE_PASSWORD_CHANGE ) );
1893
1894
1895 AdminUserService.updateSecurityParameter( AdminUserService.DSKEY_NOTIFY_USER_PASSWORD_EXPIRED,
1896 request.getParameter( PARAMETER_NOTIFY_USER_PASSWORD_EXPIRED ) );
1897 }
1898
1899
1900 AdminUserService.updateSecurityParameter( AdminUserService.DSKEY_ACCOUNT_LIFE_TIME,
1901 request.getParameter( PARAMETER_ACCOUNT_LIFE_TIME ) );
1902
1903
1904 AdminUserService.updateSecurityParameter( AdminUserService.DSKEY_TIME_BEFORE_ALERT_ACCOUNT,
1905 request.getParameter( PARAMETER_TIME_BEFORE_ALERT_ACCOUNT ) );
1906
1907
1908 AdminUserService.updateSecurityParameter( AdminUserService.DSKEY_NB_ALERT_ACCOUNT,
1909 request.getParameter( PARAMETER_NB_ALERT_ACCOUNT ) );
1910
1911
1912 AdminUserService.updateSecurityParameter( AdminUserService.DSKEY_TIME_BETWEEN_ALERTS_ACCOUNT,
1913 request.getParameter( PARAMETER_TIME_BETWEEN_ALERTS_ACCOUNT ) );
1914
1915
1916 AdminUserService.updateSecurityParameter( AdminUserService.DSKEY_ACCES_FAILURES_MAX,
1917 request.getParameter( MARK_ACCESS_FAILURES_MAX ) );
1918
1919
1920 AdminUserService.updateSecurityParameter( AdminUserService.DSKEY_ACCES_FAILURES_INTERVAL,
1921 request.getParameter( MARK_ACCESS_FAILURES_INTERVAL ) );
1922
1923
1924 AdminUserService.updateLargeSecurityParameter( AdminUserService.DSKEY_BANNED_DOMAIN_NAMES,
1925 request.getParameter( MARK_BANNED_DOMAIN_NAMES ) );
1926
1927 return JSP_MANAGE_ADVANCED_PARAMETERS;
1928 }
1929
1930
1931
1932
1933
1934
1935
1936 public String doModifyEmailPattern( HttpServletRequest request )
1937 throws AccessDeniedException
1938 {
1939 if ( !RBACService.isAuthorized( AdminUser.RESOURCE_TYPE, RBAC.WILDCARD_RESOURCES_ID,
1940 AdminUserResourceIdService.PERMISSION_MANAGE_ADVANCED_PARAMETERS, getUser( ) ) )
1941 {
1942 throw new AccessDeniedException( "User " + getUser( ) + " is not authorized to permission " +
1943 AdminUserResourceIdService.PERMISSION_MANAGE_ADVANCED_PARAMETERS );
1944 }
1945
1946 String strJsp = StringUtils.EMPTY;
1947 String strSetManually = request.getParameter( PARAMETER_IS_EMAIL_PATTERN_SET_MANUALLY );
1948 String strEmailPattern = request.getParameter( PARAMETER_EMAIL_PATTERN );
1949
1950 if ( StringUtils.isNotBlank( strEmailPattern ) )
1951 {
1952 AdminUserService.doModifyEmailPattern( strEmailPattern, strSetManually != null );
1953 strJsp = JSP_MANAGE_ADVANCED_PARAMETERS;
1954 }
1955 else
1956 {
1957 strJsp = AdminMessageService.getMessageUrl( request, PROPERTY_MESSAGE_ERROR_EMAIL_PATTERN,
1958 AdminMessage.TYPE_STOP );
1959 }
1960
1961 return strJsp;
1962 }
1963
1964
1965
1966
1967
1968
1969
1970
1971 public String doResetEmailPattern( HttpServletRequest request )
1972 throws AccessDeniedException
1973 {
1974 if ( !RBACService.isAuthorized( AdminUser.RESOURCE_TYPE, RBAC.WILDCARD_RESOURCES_ID,
1975 AdminUserResourceIdService.PERMISSION_MANAGE_ADVANCED_PARAMETERS, getUser( ) ) )
1976 {
1977 throw new AccessDeniedException( "User " + getUser( ) + " is not authorized to permission " +
1978 AdminUserResourceIdService.PERMISSION_MANAGE_ADVANCED_PARAMETERS );
1979 }
1980
1981 AdminUserService.doResetEmailPattern( );
1982
1983 return JSP_MANAGE_ADVANCED_PARAMETERS;
1984 }
1985
1986
1987
1988
1989
1990
1991
1992
1993 public String doInsertRegularExpression( HttpServletRequest request )
1994 throws AccessDeniedException
1995 {
1996 if ( !RBACService.isAuthorized( AdminUser.RESOURCE_TYPE, RBAC.WILDCARD_RESOURCES_ID,
1997 AdminUserResourceIdService.PERMISSION_MANAGE_ADVANCED_PARAMETERS, getUser( ) ) )
1998 {
1999 throw new AccessDeniedException( "User " + getUser( ) + " is not authorized to permission " +
2000 AdminUserResourceIdService.PERMISSION_MANAGE_ADVANCED_PARAMETERS );
2001 }
2002
2003 String strRegularExpressionId = request.getParameter( PARAMETER_ID_EXPRESSION );
2004
2005 if ( StringUtils.isNotBlank( strRegularExpressionId ) && StringUtils.isNumeric( strRegularExpressionId ) )
2006 {
2007 int nRegularExpressionId = Integer.parseInt( strRegularExpressionId );
2008 AdminUserService.doInsertRegularExpression( nRegularExpressionId );
2009 }
2010
2011 return JSP_MANAGE_ADVANCED_PARAMETERS;
2012 }
2013
2014
2015
2016
2017
2018
2019
2020
2021 public String doRemoveRegularExpression( HttpServletRequest request )
2022 throws AccessDeniedException
2023 {
2024 if ( !RBACService.isAuthorized( AdminUser.RESOURCE_TYPE, RBAC.WILDCARD_RESOURCES_ID,
2025 AdminUserResourceIdService.PERMISSION_MANAGE_ADVANCED_PARAMETERS, getUser( ) ) )
2026 {
2027 throw new AccessDeniedException( "User " + getUser( ) + " is not authorized to permission " +
2028 AdminUserResourceIdService.PERMISSION_MANAGE_ADVANCED_PARAMETERS );
2029 }
2030
2031 String strRegularExpressionId = request.getParameter( PARAMETER_ID_EXPRESSION );
2032
2033 if ( StringUtils.isNotBlank( strRegularExpressionId ) && StringUtils.isNumeric( strRegularExpressionId ) )
2034 {
2035 int nRegularExpressionId = Integer.parseInt( strRegularExpressionId );
2036 AdminUserService.doRemoveRegularExpression( nRegularExpressionId );
2037 }
2038
2039 return JSP_MANAGE_ADVANCED_PARAMETERS;
2040 }
2041
2042
2043
2044
2045
2046
2047
2048 public String getChangeUseAdvancedSecurityParameters( HttpServletRequest request )
2049 {
2050 if ( AdminUserService.getBooleanSecurityParameter( AdminUserService.DSKEY_USE_ADVANCED_SECURITY_PARAMETERS ) )
2051 {
2052 return AdminMessageService.getMessageUrl( request, PROPERTY_MESSAGE_CONFIRM_REMOVE_ASP,
2053 JSP_URL_REMOVE_ADVANCED_SECUR_PARAM, AdminMessage.TYPE_CONFIRMATION );
2054 }
2055
2056 return AdminMessageService.getMessageUrl( request, PROPERTY_MESSAGE_CONFIRM_USE_ASP,
2057 JSP_URL_USE_ADVANCED_SECUR_PARAM, AdminMessage.TYPE_CONFIRMATION );
2058 }
2059
2060
2061
2062
2063
2064
2065 public String doUseAdvancedSecurityParameters( HttpServletRequest request )
2066 {
2067 AdminUserService.useAdvancedSecurityParameters( );
2068
2069 return JSP_MANAGE_ADVANCED_PARAMETERS;
2070 }
2071
2072
2073
2074
2075
2076
2077 public String doRemoveAdvancedSecurityParameters( HttpServletRequest request )
2078 {
2079 AdminUserService.removeAdvancedSecurityParameters( );
2080
2081 return JSP_MANAGE_ADVANCED_PARAMETERS;
2082 }
2083
2084
2085
2086
2087
2088
2089 public String getChangeFieldAnonymizeAdminUsers( HttpServletRequest request )
2090 {
2091 Map<String, Object> model = new HashMap<String, Object>( );
2092
2093 List<IAttribute> listAllAttributes = AttributeService.getInstance( )
2094 .getAllAttributesWithoutFields( getLocale( ) );
2095 List<IAttribute> listAttributesText = new ArrayList<IAttribute>( );
2096
2097 for ( IAttribute attribut : listAllAttributes )
2098 {
2099 if ( attribut.isAnonymizable( ) )
2100 {
2101 listAttributesText.add( attribut );
2102 }
2103 }
2104
2105 model.put( MARK_ATTRIBUTES_LIST, listAttributesText );
2106
2107 model.putAll( AdminUserHome.getAnonymizationStatusUserStaticField( ) );
2108
2109 setPageTitleProperty( PROPERTY_MESSAGE_TITLE_CHANGE_ANONYMIZE_USER );
2110
2111 HtmlTemplate template = AppTemplateService.getTemplate( TEMPLATE_FIELD_ANONYMIZE_ADMIN_USER, getLocale( ),
2112 model );
2113
2114 return getAdminPage( template.getHtml( ) );
2115 }
2116
2117
2118
2119
2120
2121
2122 public String doChangeFieldAnonymizeAdminUsers( HttpServletRequest request )
2123 {
2124 if ( request.getParameter( PARAMETER_CANCEL ) != null )
2125 {
2126 return JSP_MANAGE_ADVANCED_PARAMETERS;
2127 }
2128
2129 AdminUserHome.updateAnonymizationStatusUserStaticField( PARAMETER_ACCESS_CODE,
2130 Boolean.valueOf( request.getParameter( PARAMETER_ACCESS_CODE ) ) );
2131 AdminUserHome.updateAnonymizationStatusUserStaticField( PARAMETER_FIRST_NAME,
2132 Boolean.valueOf( request.getParameter( PARAMETER_FIRST_NAME ) ) );
2133 AdminUserHome.updateAnonymizationStatusUserStaticField( PARAMETER_LAST_NAME,
2134 Boolean.valueOf( request.getParameter( PARAMETER_LAST_NAME ) ) );
2135 AdminUserHome.updateAnonymizationStatusUserStaticField( PARAMETER_EMAIL,
2136 Boolean.valueOf( request.getParameter( PARAMETER_EMAIL ) ) );
2137
2138 AttributeService attributeService = AttributeService.getInstance( );
2139
2140 List<IAttribute> listAllAttributes = attributeService.getAllAttributesWithoutFields( getLocale( ) );
2141 List<IAttribute> listAttributesText = new ArrayList<IAttribute>( );
2142
2143 for ( IAttribute attribut : listAllAttributes )
2144 {
2145 if ( attribut.isAnonymizable( ) )
2146 {
2147 listAttributesText.add( attribut );
2148 }
2149 }
2150
2151 for ( IAttribute attribute : listAttributesText )
2152 {
2153 Boolean bNewValue = Boolean.valueOf( request.getParameter( PARAMETER_ATTRIBUTE +
2154 Integer.toString( attribute.getIdAttribute( ) ) ) );
2155 attributeService.updateAnonymizationStatusUserField( attribute.getIdAttribute( ), bNewValue );
2156 }
2157
2158 return JSP_MANAGE_ADVANCED_PARAMETERS;
2159 }
2160
2161
2162
2163
2164
2165
2166 public String getAnonymizeAdminUser( HttpServletRequest request )
2167 {
2168 String strAdminUserId = request.getParameter( PARAMETER_USER_ID );
2169
2170 if ( !StringUtils.isNumeric( strAdminUserId ) || strAdminUserId.isEmpty( ) )
2171 {
2172 return AdminMessageService.getMessageUrl( request, PROPERTY_MESSAGE_NO_ADMIN_USER_SELECTED,
2173 AdminMessage.TYPE_STOP );
2174 }
2175
2176 int nUserId = Integer.parseInt( strAdminUserId );
2177 AdminUser user = AdminUserHome.findByPrimaryKey( nUserId );
2178
2179 if ( user == null )
2180 {
2181 return AdminMessageService.getMessageUrl( request, PROPERTY_MESSAGE_USER_ERROR_SESSION,
2182 AdminMessage.TYPE_ERROR );
2183 }
2184
2185 UrlItem url = new UrlItem( JSP_URL_ANONYMIZE_ADMIN_USER );
2186 url.addParameter( PARAMETER_USER_ID, strAdminUserId );
2187
2188 return AdminMessageService.getMessageUrl( request, PROPERTY_MESSAGE_CONFIRM_ANONYMIZE_USER,
2189 new Object[] { user.getFirstName( ), user.getLastName( ), user.getAccessCode( ) },
2190 url.getUrl( ), AdminMessage.TYPE_CONFIRMATION );
2191 }
2192
2193
2194
2195
2196
2197
2198 public String doAnonymizeAdminUser( HttpServletRequest request )
2199 {
2200 String strAdminUserId = request.getParameter( PARAMETER_USER_ID );
2201
2202 if ( !StringUtils.isNumeric( strAdminUserId ) || strAdminUserId.isEmpty( ) )
2203 {
2204 return AdminMessageService.getMessageUrl( request, PROPERTY_MESSAGE_NO_ADMIN_USER_SELECTED,
2205 AdminMessage.TYPE_STOP );
2206 }
2207
2208 int nUserId = Integer.parseInt( strAdminUserId );
2209 AdminUser user = AdminUserHome.findByPrimaryKey( nUserId );
2210
2211 if ( user == null )
2212 {
2213 return AdminMessageService.getMessageUrl( request, PROPERTY_MESSAGE_USER_ERROR_SESSION,
2214 AdminMessage.TYPE_ERROR );
2215 }
2216
2217 AdminUserService.anonymizeUser( nUserId, getLocale( ) );
2218
2219 return JSP_MANAGE_USER;
2220 }
2221
2222
2223
2224
2225
2226
2227 public String reactivateAccount( HttpServletRequest request )
2228 {
2229 AdminUser user = AdminUserHome.findByPrimaryKey( AdminUserService.getAdminUser( request ).getUserId( ) );
2230 String strUrl = StringUtils.EMPTY;
2231 int nbDaysBeforeFirstAlert = AdminUserService.getIntegerSecurityParameter( PARAMETER_TIME_BEFORE_ALERT_ACCOUNT );
2232 Timestamp firstAlertMaxDate = new Timestamp( new java.util.Date( ).getTime( ) +
2233 DateUtil.convertDaysInMiliseconds( nbDaysBeforeFirstAlert ) );
2234
2235 if ( user.getAccountMaxValidDate( ) != null )
2236 {
2237
2238 if ( ( user.getAccountMaxValidDate( ).getTime( ) < firstAlertMaxDate.getTime( ) ) &&
2239 ( user.getStatus( ) < AdminUser.EXPIRED_CODE ) )
2240 {
2241 AdminUserService.updateUserExpirationDate( user );
2242 }
2243
2244 strUrl = AdminMessageService.getMessageUrl( request, PROPERTY_MESSAGE_ACCOUNT_REACTIVATED,
2245 AppPathService.getAdminMenuUrl( ), AdminMessage.TYPE_INFO );
2246 }
2247 else
2248 {
2249 strUrl = AdminMessageService.getMessageUrl( request, PROPERTY_MESSAGE_NO_ACCOUNT_TO_REACTIVATED,
2250 AppPathService.getAdminMenuUrl( ), AdminMessage.TYPE_ERROR );
2251 }
2252
2253 return strUrl;
2254 }
2255
2256
2257
2258
2259
2260
2261 public String getModifyAccountLifeTimeEmails( HttpServletRequest request )
2262 {
2263 String strEmailType = request.getParameter( PARAMETER_EMAIL_TYPE );
2264
2265 Map<String, Object> model = new HashMap<String, Object>( );
2266 String strSenderKey = StringUtils.EMPTY;
2267 String strSubjectKey = StringUtils.EMPTY;
2268 String strBodyKey = StringUtils.EMPTY;
2269 String strTitle = StringUtils.EMPTY;
2270
2271 if ( CONSTANT_EMAIL_TYPE_FIRST.equalsIgnoreCase( strEmailType ) )
2272 {
2273 strSenderKey = "core.advanced_parameters." + PARAMETER_FIRST_ALERT_MAIL_SENDER;
2274 strSubjectKey = "core.advanced_parameters." + PARAMETER_FIRST_ALERT_MAIL_SUBJECT;
2275 strBodyKey = PARAMETER_FIRST_ALERT_MAIL;
2276 strTitle = PROPERTY_FIRST_EMAIL;
2277 }
2278 else if ( CONSTANT_EMAIL_TYPE_OTHER.equalsIgnoreCase( strEmailType ) )
2279 {
2280 strSenderKey = "core.advanced_parameters." + PARAMETER_OTHER_ALERT_MAIL_SENDER;
2281 strSubjectKey = "core.advanced_parameters." + PARAMETER_OTHER_ALERT_MAIL_SUBJECT;
2282 strBodyKey = PARAMETER_OTHER_ALERT_MAIL;
2283 strTitle = PROPERTY_OTHER_EMAIL;
2284 }
2285 else if ( CONSTANT_EMAIL_TYPE_EXPIRED.equalsIgnoreCase( strEmailType ) )
2286 {
2287 strSenderKey = "core.advanced_parameters." + PARAMETER_EXPIRED_ALERT_MAIL_SENDER;
2288 strSubjectKey = "core.advanced_parameters." + PARAMETER_EXPIRED_ALERT_MAIL_SUBJECT;
2289 strBodyKey = PARAMETER_EXPIRATION_MAIL;
2290 strTitle = PROPERTY_ACCOUNT_DEACTIVATES_EMAIL;
2291 }
2292 else if ( CONSTANT_EMAIL_TYPE_REACTIVATED.equalsIgnoreCase( strEmailType ) )
2293 {
2294 strSenderKey = "core.advanced_parameters." + PARAMETER_REACTIVATED_ALERT_MAIL_SENDER;
2295 strSubjectKey = "core.advanced_parameters." + PARAMETER_REACTIVATED_ALERT_MAIL_SUBJECT;
2296 strBodyKey = PARAMETER_ACCOUNT_REACTIVATED;
2297 strTitle = PROPERTY_ACCOUNT_UPDATED_EMAIL;
2298 }
2299 else if ( CONSTANT_EMAIL_PASSWORD_EXPIRED.equalsIgnoreCase( strEmailType ) )
2300 {
2301 strSenderKey = "core.advanced_parameters." + PARAMETER_PASSWORD_EXPIRED_MAIL_SENDER;
2302 strSubjectKey = "core.advanced_parameters." + PARAMETER_PASSWORD_EXPIRED_MAIL_SUBJECT;
2303 strBodyKey = PARAMETER_NOTIFY_PASSWORD_EXPIRED;
2304 strTitle = PROPERTY_NOTIFY_PASSWORD_EXPIRED;
2305 }
2306
2307 String defaultUserParameter = DefaultUserParameterHome.findByKey( strSenderKey );
2308 String strSender = ( defaultUserParameter == null ) ? StringUtils.EMPTY : defaultUserParameter;
2309
2310 defaultUserParameter = DefaultUserParameterHome.findByKey( strSubjectKey );
2311
2312 String strSubject = ( defaultUserParameter == null ) ? StringUtils.EMPTY : defaultUserParameter;
2313
2314 model.put( PARAMETER_EMAIL_TYPE, strEmailType );
2315 model.put( MARK_EMAIL_SENDER, strSender );
2316 model.put( MARK_EMAIL_SUBJECT, strSubject );
2317 model.put( MARK_EMAIL_BODY, DatabaseTemplateService.getTemplateFromKey( strBodyKey ) );
2318 model.put( MARK_EMAIL_LABEL, strTitle );
2319 model.put( MARK_WEBAPP_URL, AppPathService.getBaseUrl( request ) );
2320 model.put( MARK_LOCALE, getLocale( ) );
2321
2322 HtmlTemplate template = AppTemplateService.getTemplate( TEMPLATE_ACCOUNT_LIFE_TIME_EMAIL, getLocale( ), model );
2323
2324 return getAdminPage( template.getHtml( ) );
2325 }
2326
2327
2328
2329
2330
2331
2332 public String doModifyAccountLifeTimeEmails( HttpServletRequest request )
2333 {
2334 String strEmailType = request.getParameter( PARAMETER_EMAIL_TYPE );
2335
2336 String strSenderKey = StringUtils.EMPTY;
2337 String strSubjectKey = StringUtils.EMPTY;
2338 String strBodyKey = StringUtils.EMPTY;
2339
2340 if ( CONSTANT_EMAIL_TYPE_FIRST.equalsIgnoreCase( strEmailType ) )
2341 {
2342 strSenderKey = "core.advanced_parameters." + PARAMETER_FIRST_ALERT_MAIL_SENDER;
2343 strSubjectKey = "core.advanced_parameters." + PARAMETER_FIRST_ALERT_MAIL_SUBJECT;
2344 strBodyKey = PARAMETER_FIRST_ALERT_MAIL;
2345 }
2346 else if ( CONSTANT_EMAIL_TYPE_OTHER.equalsIgnoreCase( strEmailType ) )
2347 {
2348 strSenderKey = "core.advanced_parameters." + PARAMETER_OTHER_ALERT_MAIL_SENDER;
2349 strSubjectKey = "core.advanced_parameters." + PARAMETER_OTHER_ALERT_MAIL_SUBJECT;
2350 strBodyKey = PARAMETER_OTHER_ALERT_MAIL;
2351 }
2352 else if ( CONSTANT_EMAIL_TYPE_EXPIRED.equalsIgnoreCase( strEmailType ) )
2353 {
2354 strSenderKey = "core.advanced_parameters." + PARAMETER_EXPIRED_ALERT_MAIL_SENDER;
2355 strSubjectKey = "core.advanced_parameters." + PARAMETER_EXPIRED_ALERT_MAIL_SUBJECT;
2356 strBodyKey = PARAMETER_EXPIRATION_MAIL;
2357 }
2358 else if ( CONSTANT_EMAIL_TYPE_REACTIVATED.equalsIgnoreCase( strEmailType ) )
2359 {
2360 strSenderKey = "core.advanced_parameters." + PARAMETER_REACTIVATED_ALERT_MAIL_SENDER;
2361 strSubjectKey = "core.advanced_parameters." + PARAMETER_REACTIVATED_ALERT_MAIL_SUBJECT;
2362 strBodyKey = PARAMETER_ACCOUNT_REACTIVATED;
2363 }
2364 else if ( CONSTANT_EMAIL_PASSWORD_EXPIRED.equalsIgnoreCase( strEmailType ) )
2365 {
2366 strSenderKey = "core.advanced_parameters." + PARAMETER_PASSWORD_EXPIRED_MAIL_SENDER;
2367 strSubjectKey = "core.advanced_parameters." + PARAMETER_PASSWORD_EXPIRED_MAIL_SUBJECT;
2368 strBodyKey = PARAMETER_NOTIFY_PASSWORD_EXPIRED;
2369 }
2370
2371 AdminUserService.updateSecurityParameter( strSenderKey, request.getParameter( MARK_EMAIL_SENDER ) );
2372 AdminUserService.updateSecurityParameter( strSubjectKey, request.getParameter( MARK_EMAIL_SUBJECT ) );
2373 DatabaseTemplateService.updateTemplate( strBodyKey, request.getParameter( MARK_EMAIL_BODY ) );
2374
2375 return JSP_MANAGE_ADVANCED_PARAMETERS;
2376 }
2377
2378
2379
2380
2381
2382
2383 private void setItemNavigator( int nIdAdminUser, String strUrl )
2384 {
2385 if ( _itemNavigator == null )
2386 {
2387 List<String> listIdsRight = new ArrayList<String>( );
2388 int nCurrentItemId = 0;
2389 int nIndex = 0;
2390
2391 AdminUser currentUser = getUser( );
2392
2393 for ( AdminUser adminUser : AdminUserHome.findUserList( ) )
2394 {
2395 if ( ( adminUser != null ) && isUserAuthorizedToModifyUser( currentUser, adminUser ) )
2396 {
2397 listIdsRight.add( Integer.toString( adminUser.getUserId( ) ) );
2398
2399 if ( adminUser.getUserId( ) == nIdAdminUser )
2400 {
2401 nCurrentItemId = nIndex;
2402 }
2403
2404 nIndex++;
2405 }
2406 }
2407
2408 _itemNavigator = new ItemNavigator( listIdsRight, nCurrentItemId, strUrl, PARAMETER_USER_ID );
2409 }
2410 else
2411 {
2412 _itemNavigator.setCurrentItemId( Integer.toString( nIdAdminUser ) );
2413 _itemNavigator.setBaseUrl( strUrl );
2414 }
2415 }
2416
2417
2418
2419
2420 private void reinitItemNavigator( )
2421 {
2422 _itemNavigator = null;
2423 }
2424
2425
2426
2427
2428
2429 private void reinitUserPasswordsAndNotify( HttpServletRequest request )
2430 {
2431
2432 Collection<AdminUser> listUser = AdminUserHome.findUserList( );
2433
2434 for ( AdminUser user : listUser )
2435 {
2436 Locale locale = getLocale( );
2437
2438
2439 String strPassword = AdminUserService.makePassword( );
2440
2441
2442 if ( StringUtils.isNotEmpty( strPassword ) )
2443 {
2444 LuteceDefaultAdminUser userStored = AdminUserHome.findLuteceDefaultAdminUserByPrimaryKey( user.getUserId( ) );
2445 userStored.setPassword( AdminUserService.encryptPassword( strPassword ) );
2446 userStored.setPasswordMaxValidDate( AdminUserService.getPasswordMaxValidDate( ) );
2447 userStored.setPasswordReset( Boolean.TRUE );
2448 AdminUserHome.update( userStored );
2449 }
2450
2451 if ( !( ( user.getEmail( ) == null ) || user.getEmail( ).equals( CONSTANT_EMPTY_STRING ) ) )
2452 {
2453
2454 String strSenderEmail = MailService.getNoReplyEmail( );
2455 String strEmailSubject = I18nService.getLocalizedString( MESSAGE_EMAIL_SUBJECT, locale );
2456 HashMap<String, Object> model = new HashMap<String, Object>( );
2457 model.put( MARK_NEW_PASSWORD, strPassword );
2458 model.put( MARK_LOGIN_URL,
2459 AppPathService.getBaseUrl( request ) +
2460 AdminAuthenticationService.getInstance( ).getLoginPageUrl( ) );
2461 model.put( MARK_SITE_LINK, MailService.getSiteLink( AppPathService.getBaseUrl( request ), false ) );
2462
2463 HtmlTemplate template = AppTemplateService.getTemplate( TEMPLATE_ADMIN_EMAIL_FORGOT_PASSWORD, locale,
2464 model );
2465
2466 MailService.sendMailHtml( user.getEmail( ), strSenderEmail, strSenderEmail, strEmailSubject,
2467 template.getHtml( ) );
2468 }
2469 }
2470 }
2471
2472
2473
2474
2475
2476
2477
2478
2479 private boolean isUserAuthorizedToModifyUser( AdminUser currentUser, AdminUser userToModify )
2480 {
2481 return currentUser.isAdmin( ) ||
2482 ( currentUser.isParent( userToModify ) &&
2483 ( ( haveCommonWorkgroups( currentUser, userToModify ) ) ||
2484 ( !AdminWorkgroupHome.checkUserHasWorkgroup( userToModify.getUserId( ) ) ) ) );
2485 }
2486 }