RightJspBean.java

  1. /*
  2.  * Copyright (c) 2002-2022, City of Paris
  3.  * All rights reserved.
  4.  *
  5.  * Redistribution and use in source and binary forms, with or without
  6.  * modification, are permitted provided that the following conditions
  7.  * are met:
  8.  *
  9.  *  1. Redistributions of source code must retain the above copyright notice
  10.  *     and the following disclaimer.
  11.  *
  12.  *  2. Redistributions in binary form must reproduce the above copyright notice
  13.  *     and the following disclaimer in the documentation and/or other materials
  14.  *     provided with the distribution.
  15.  *
  16.  *  3. Neither the name of 'Mairie de Paris' nor 'Lutece' nor the names of its
  17.  *     contributors may be used to endorse or promote products derived from
  18.  *     this software without specific prior written permission.
  19.  *
  20.  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
  21.  * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  22.  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  23.  * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE
  24.  * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
  25.  * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
  26.  * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
  27.  * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
  28.  * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
  29.  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
  30.  * POSSIBILITY OF SUCH DAMAGE.
  31.  *
  32.  * License 1.0
  33.  */
  34. package fr.paris.lutece.portal.web.features;

  35. import java.util.ArrayList;
  36. import java.util.Collection;
  37. import java.util.Collections;
  38. import java.util.HashMap;
  39. import java.util.List;
  40. import java.util.Map;
  41. import java.util.stream.Collectors;

  42. import javax.servlet.http.HttpServletRequest;

  43. import org.apache.commons.lang3.StringUtils;

  44. import fr.paris.lutece.portal.business.right.Level;
  45. import fr.paris.lutece.portal.business.right.LevelHome;
  46. import fr.paris.lutece.portal.business.right.Right;
  47. import fr.paris.lutece.portal.business.right.RightHome;
  48. import fr.paris.lutece.portal.business.user.AdminUser;
  49. import fr.paris.lutece.portal.business.user.AdminUserHome;
  50. import fr.paris.lutece.portal.service.admin.AccessDeniedException;
  51. import fr.paris.lutece.portal.service.admin.AdminUserService;
  52. import fr.paris.lutece.portal.service.i18n.I18nService;
  53. import fr.paris.lutece.portal.service.security.SecurityTokenService;
  54. import fr.paris.lutece.portal.service.template.AppTemplateService;
  55. import fr.paris.lutece.portal.service.util.AppPathService;
  56. import fr.paris.lutece.portal.service.util.AppPropertiesService;
  57. import fr.paris.lutece.portal.web.admin.AdminFeaturesPageJspBean;
  58. import fr.paris.lutece.portal.web.constants.Parameters;
  59. import fr.paris.lutece.portal.web.util.LocalizedPaginator;
  60. import fr.paris.lutece.util.ReferenceItem;
  61. import fr.paris.lutece.util.ReferenceList;
  62. import fr.paris.lutece.util.html.AbstractPaginator;
  63. import fr.paris.lutece.util.html.HtmlTemplate;
  64. import fr.paris.lutece.util.html.ItemNavigator;
  65. import fr.paris.lutece.util.sort.AttributeComparator;
  66. import fr.paris.lutece.util.url.UrlItem;

  67. /**
  68.  * This class provides the user interface to manage rights features ( manage, create, modify )
  69.  */
  70. public class RightJspBean extends AdminFeaturesPageJspBean
  71. {
  72.     private static final long serialVersionUID = 8074788265698162631L;

  73.     // Right
  74.     public static final String RIGHT_MANAGE_RIGHTS = "CORE_RIGHT_MANAGEMENT";

  75.     // Properties
  76.     private static final String PROPERTY_MANAGE_RIGHTS_PAGETITLE = "portal.features.manage_rights.pageTitle";
  77.     private static final String PROPERTY_ASSIGN_USERS_PAGETITLE = "portal.features.assign_users.pageTitle";
  78.     private static final String PROPERTY_USERS_PER_PAGE = "paginator.user.itemsPerPage";

  79.     // Markers
  80.     private static final String MARK_RIGHTS_LIST = "rights_list";
  81.     private static final String MARK_RIGHT = "right";
  82.     private static final String MARK_AVAILABLE_USERS_LIST = "available_users_list";
  83.     private static final String MARK_ASSIGNED_USERS_LIST = "assigned_users_list";
  84.     private static final String MARK_ASSIGNED_USERS_NUMBER = "assigned_users_number";
  85.     private static final String MARK_USER_LEVELS_LIST = "user_levels";
  86.     private static final String MARK_ITEM_NAVIGATOR = "item_navigator";
  87.     private static final String MARK_PAGINATOR = "paginator";
  88.     private static final String MARK_NB_ITEMS_PER_PAGE = "nb_items_per_page";

  89.     // Parameters
  90.     private static final String PARAMETER_ID_RIGHT = "id_right";
  91.     private static final String PARAMETER_AVAILABLE_USER_LIST = "available_users_list";
  92.     private static final String PARAMETER_ID_USER = "id_user";
  93.     private static final String PARAMETER_ANCHOR = "anchor";

  94.     // Templates files path
  95.     private static final String TEMPLATE_MANAGE_RIGHTS = "admin/features/manage_rights.html";
  96.     private static final String TEMPLATE_ASSIGN_USERS = "admin/features/assign_users_right.html";

  97.     // JSP
  98.     private static final String JSP_URL_ASSIGN_USERS_TO_RIGHT = "jsp/admin/features/AssignUsersRight.jsp";
  99.     private static final String JSP_ASSIGN_USERS_TO_RIGHT = "AssignUsersRight.jsp";
  100.     private int _nItemsPerPage;
  101.     private String _strCurrentPageIndex;
  102.     private ItemNavigator _itemNavigator;

  103.     /**
  104.      * Returns the list of rights
  105.      *
  106.      * @param request
  107.      *            The Http request
  108.      * @return the html code for display the rights list
  109.      */
  110.     public String getManageRights( HttpServletRequest request )
  111.     {
  112.         setPageTitleProperty( PROPERTY_MANAGE_RIGHTS_PAGETITLE );

  113.         // Reinit session
  114.         reinitItemNavigator( );

  115.         Map<String, Object> model = new HashMap<>( );
  116.         model.put( MARK_RIGHTS_LIST, I18nService.localizeCollection( RightHome.getRightsList( ), getLocale( ) ) );

  117.         HtmlTemplate template = AppTemplateService.getTemplate( TEMPLATE_MANAGE_RIGHTS, getLocale( ), model );

  118.         return getAdminPage( template.getHtml( ) );
  119.     }

  120.     /**
  121.      * Returns the users assignation form
  122.      *
  123.      * @param request
  124.      *            The Http request
  125.      * @return the html code for display the modes list
  126.      */
  127.     public String getAssignUsers( HttpServletRequest request )
  128.     {
  129.         Map<String, Object> model = new HashMap<>( );
  130.         setPageTitleProperty( PROPERTY_ASSIGN_USERS_PAGETITLE );

  131.         String strBaseUrl = AppPathService.getBaseUrl( request ) + JSP_URL_ASSIGN_USERS_TO_RIGHT;
  132.         UrlItem url = new UrlItem( strBaseUrl );

  133.         // RIGHT
  134.         String strIdRight = request.getParameter( PARAMETER_ID_RIGHT );
  135.         Right right = RightHome.findByPrimaryKey( strIdRight );

  136.         if ( right == null )
  137.         {
  138.             return getManageRights( request );
  139.         }

  140.         right.setLocale( getLocale( ) );

  141.         // ASSIGNED USERS
  142.         // Add users with higher level then connected user or add all users if connected
  143.         // user is administrator
  144.         List<AdminUser> listAssignedUsers = AdminUserHome.findByRight( strIdRight ).stream( ).filter( this::isUserHigherThanConnectedUser )
  145.                 .collect( Collectors.toList( ) );

  146.         List<AdminUser> listFilteredUsers = AdminUserService.getFilteredUsersInterface( listAssignedUsers, request, model, url );

  147.         // AVAILABLE USERS
  148.         ReferenceList listAvailableUsers = new ReferenceList( );

  149.         for ( AdminUser user : AdminUserHome.findUserList( ) )
  150.         {
  151.             final ReferenceItem itemUser = new ReferenceItem( );
  152.             itemUser.setCode( Integer.toString( user.getUserId( ) ) );
  153.             itemUser.setName( user.getFirstName( ) + " " + user.getLastName( ) + "(" + user.getAccessCode( ) + ")" );

  154.             boolean bAssigned = listAssignedUsers.stream( )
  155.                     .anyMatch( assignedUser -> Integer.toString( assignedUser.getUserId( ) ).equals( itemUser.getCode( ) ) );

  156.             // Add users with higher level then connected user or add all users if connected
  157.             // user is administrator
  158.             if ( !bAssigned && isUserHigherThanConnectedUser( user ) && ( user.getUserLevel( ) <= right.getLevel( ) ) )
  159.             {
  160.                 listAvailableUsers.add( itemUser );
  161.             }
  162.         }

  163.         // SORT
  164.         String strSortedAttributeName = request.getParameter( Parameters.SORTED_ATTRIBUTE_NAME );
  165.         String strAscSort = null;

  166.         if ( strSortedAttributeName != null )
  167.         {
  168.             strAscSort = request.getParameter( Parameters.SORTED_ASC );

  169.             boolean bIsAscSort = Boolean.parseBoolean( strAscSort );

  170.             Collections.sort( listFilteredUsers, new AttributeComparator( strSortedAttributeName, bIsAscSort ) );
  171.         }

  172.         _strCurrentPageIndex = AbstractPaginator.getPageIndex( request, AbstractPaginator.PARAMETER_PAGE_INDEX, _strCurrentPageIndex );
  173.         int defaultItemsPerPage = AppPropertiesService.getPropertyInt( PROPERTY_USERS_PER_PAGE, 50 );
  174.         _nItemsPerPage = AbstractPaginator.getItemsPerPage( request, AbstractPaginator.PARAMETER_ITEMS_PER_PAGE, _nItemsPerPage, defaultItemsPerPage );

  175.         if ( strSortedAttributeName != null )
  176.         {
  177.             url.addParameter( Parameters.SORTED_ATTRIBUTE_NAME, strSortedAttributeName );
  178.         }

  179.         if ( strAscSort != null )
  180.         {
  181.             url.addParameter( Parameters.SORTED_ASC, strAscSort );
  182.         }

  183.         // ITEM NAVITATOR
  184.         setItemNavigator( strIdRight, url.getUrl( ) );

  185.         // PAGINATOR
  186.         url.addParameter( PARAMETER_ID_RIGHT, right.getId( ) );

  187.         LocalizedPaginator<AdminUser> paginator = new LocalizedPaginator<>( listFilteredUsers, _nItemsPerPage, url.getUrl( ),
  188.                 AbstractPaginator.PARAMETER_PAGE_INDEX, _strCurrentPageIndex, getLocale( ) );

  189.         // USER LEVEL
  190.         Collection<Level> filteredLevels = LevelHome.getLevelsList( ).stream( )
  191.                 .filter( level -> getUser( ).isAdmin( ) || getUser( ).hasRights( level.getId( ) ) ).collect( Collectors.toList( ) );

  192.         model.put( MARK_RIGHT, right );
  193.         model.put( MARK_USER_LEVELS_LIST, filteredLevels );
  194.         model.put( MARK_AVAILABLE_USERS_LIST, listAvailableUsers );
  195.         model.put( MARK_ASSIGNED_USERS_LIST, paginator.getPageItems( ) );
  196.         model.put( MARK_ASSIGNED_USERS_NUMBER, listAssignedUsers.size( ) );
  197.         model.put( MARK_ITEM_NAVIGATOR, _itemNavigator );
  198.         model.put( MARK_PAGINATOR, paginator );
  199.         model.put( MARK_NB_ITEMS_PER_PAGE, Integer.toString( _nItemsPerPage ) );
  200.         model.put( SecurityTokenService.MARK_TOKEN, SecurityTokenService.getInstance( ).getToken( request, TEMPLATE_ASSIGN_USERS ) );

  201.         HtmlTemplate template = AppTemplateService.getTemplate( TEMPLATE_ASSIGN_USERS, getLocale( ), model );

  202.         return getAdminPage( template.getHtml( ) );
  203.     }

  204.     /**
  205.      * Process the data capture form for assign users to a role
  206.      *
  207.      * @param request
  208.      *            The HTTP Request
  209.      * @return The Jsp URL of the process result
  210.      * @throws AccessDeniedException
  211.      *             if the security token is invalid
  212.      */
  213.     public String doAssignUsers( HttpServletRequest request ) throws AccessDeniedException
  214.     {
  215.         if ( !SecurityTokenService.getInstance( ).validate( request, TEMPLATE_ASSIGN_USERS ) )
  216.         {
  217.             throw new AccessDeniedException( ERROR_INVALID_TOKEN );
  218.         }
  219.         String strIdRight = request.getParameter( PARAMETER_ID_RIGHT );

  220.         // retrieve the selected portlets ids
  221.         String [ ] arrayUsersIds = request.getParameterValues( PARAMETER_AVAILABLE_USER_LIST );

  222.         if ( ( arrayUsersIds != null ) )
  223.         {
  224.             for ( String arrayUsersId : arrayUsersIds )
  225.             {
  226.                 int nUserId = Integer.parseInt( arrayUsersId );
  227.                 AdminUser user = AdminUserHome.findByPrimaryKey( nUserId );
  228.                 if ( !AdminUserHome.hasRight( user, strIdRight ) )
  229.                 {
  230.                     AdminUserHome.createRightForUser( nUserId, strIdRight );
  231.                 }
  232.             }
  233.         }

  234.         return JSP_ASSIGN_USERS_TO_RIGHT + "?" + PARAMETER_ID_RIGHT + "=" + strIdRight;
  235.     }

  236.     /**
  237.      * unassigns user from role
  238.      *
  239.      * @param request
  240.      *            The HttpRequest
  241.      * @return the HTML code of list assignations
  242.      * @throws AccessDeniedException
  243.      *             if the security token is invalid
  244.      */
  245.     public String doUnAssignUser( HttpServletRequest request ) throws AccessDeniedException
  246.     {
  247.         if ( !SecurityTokenService.getInstance( ).validate( request, TEMPLATE_ASSIGN_USERS ) )
  248.         {
  249.             throw new AccessDeniedException( ERROR_INVALID_TOKEN );
  250.         }
  251.         String strIdRight = request.getParameter( PARAMETER_ID_RIGHT );
  252.         int nIdUser = Integer.parseInt( request.getParameter( PARAMETER_ID_USER ) );
  253.         String strAnchor = request.getParameter( PARAMETER_ANCHOR );

  254.         AdminUser adminUser = AdminUserHome.findByPrimaryKey( nIdUser );

  255.         if ( adminUser != null )
  256.         {
  257.             AdminUserHome.removeRightForUser( nIdUser, strIdRight );
  258.         }

  259.         return JSP_ASSIGN_USERS_TO_RIGHT + "?" + PARAMETER_ID_RIGHT + "=" + strIdRight + "#" + strAnchor;
  260.     }

  261.     /**
  262.      * Get the item navigator
  263.      *
  264.      * @param strIdRight
  265.      *            the id right
  266.      * @param strUrl
  267.      *            the url
  268.      */
  269.     private void setItemNavigator( String strIdRight, String strUrl )
  270.     {
  271.         if ( _itemNavigator == null )
  272.         {
  273.             List<String> listIdsRight = new ArrayList<>( );
  274.             int nCurrentItemId = 0;
  275.             int nIndex = 0;

  276.             for ( Right right : RightHome.getRightsList( ) )
  277.             {
  278.                 if ( ( right != null ) && StringUtils.isNotBlank( right.getId( ) ) )
  279.                 {
  280.                     listIdsRight.add( right.getId( ) );

  281.                     if ( right.getId( ).equals( strIdRight ) )
  282.                     {
  283.                         nCurrentItemId = nIndex;
  284.                     }

  285.                     nIndex++;
  286.                 }
  287.             }

  288.             _itemNavigator = new ItemNavigator( listIdsRight, nCurrentItemId, strUrl, PARAMETER_ID_RIGHT );
  289.         }
  290.         else
  291.         {
  292.             _itemNavigator.setCurrentItemId( strIdRight );
  293.         }
  294.     }

  295.     /**
  296.      * Reinit the item navigator
  297.      */
  298.     private void reinitItemNavigator( )
  299.     {
  300.         _itemNavigator = null;
  301.     }
  302. }