RoleJspBean.java
- /*
- * Copyright (c) 2002-2022, City of Paris
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright notice
- * and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright notice
- * and the following disclaimer in the documentation and/or other materials
- * provided with the distribution.
- *
- * 3. Neither the name of 'Mairie de Paris' nor 'Lutece' nor the names of its
- * contributors may be used to endorse or promote products derived from
- * this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
- * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
- *
- * License 1.0
- */
- package fr.paris.lutece.portal.web.role;
- import fr.paris.lutece.portal.business.rbac.RBACRole;
- import fr.paris.lutece.portal.business.rbac.RBACRoleHome;
- import fr.paris.lutece.portal.business.role.Role;
- import fr.paris.lutece.portal.business.role.RoleHome;
- import fr.paris.lutece.portal.service.admin.AccessDeniedException;
- import fr.paris.lutece.portal.service.message.AdminMessage;
- import fr.paris.lutece.portal.service.message.AdminMessageService;
- import fr.paris.lutece.portal.service.role.RoleRemovalListenerService;
- import fr.paris.lutece.portal.service.security.SecurityTokenService;
- import fr.paris.lutece.portal.service.template.AppTemplateService;
- import fr.paris.lutece.portal.service.workgroup.AdminWorkgroupService;
- import fr.paris.lutece.portal.web.admin.AdminFeaturesPageJspBean;
- import fr.paris.lutece.portal.web.constants.Messages;
- import fr.paris.lutece.util.html.HtmlTemplate;
- import fr.paris.lutece.util.string.StringUtil;
- import java.util.ArrayList;
- import java.util.Collection;
- import java.util.HashMap;
- import java.util.Map;
- import java.util.stream.Collectors;
- import javax.servlet.http.HttpServletRequest;
- import org.apache.commons.lang3.StringUtils;
- import org.apache.james.mime4j.io.LineReaderInputStreamAdaptor;
- /**
- * JspBean for Role management
- */
- public class RoleJspBean extends AdminFeaturesPageJspBean
- {
- // //////////////////////////////////////////////////////////////////////////////
- // Constant
- // Right
- /**
- * Right to manage roles
- */
- public static final String RIGHT_ROLES_MANAGEMENT = "CORE_ROLES_MANAGEMENT";
- /**
- * Serial version UID
- */
- private static final long serialVersionUID = -764350969432795013L;
- // Markers
- private static final String MARK_ROLES_LIST = "roles_list";
- private static final String MARK_EXIST_RBAC_MAP = "exist_rbac_map";
- private static final String MARK_ROLE = "role";
- private static final String MARK_DEFAULT_VALUE_WORKGROUP_KEY = "workgroup_key_default_value";
- private static final String MARK_WORKGROUP_KEY_LIST = "workgroup_key_list";
- // Parameters
- private static final String PARAMETER_PAGE_ROLE = "role";
- private static final String PARAMETER_PAGE_ROLE_DESCRIPTION = "role_description";
- private static final String PARAMETER_PAGE_WORKGROUP = "workgroup_key";
- // Templates
- private static final String TEMPLATE_MANAGE_ROLES = "admin/role/manage_roles.html";
- private static final String TEMPLATE_PAGE_ROLE_MODIFY = "admin/role/modify_page_role.html";
- private static final String TEMPLATE_CREATE_PAGE_ROLE = "admin/role/create_page_role.html";
- // Jsp
- private static final String PATH_JSP = "jsp/admin/role/";
- private static final String JSP_REMOVE_ROLE = "DoRemovePageRole.jsp";
- // Properties
- private static final String PROPERTY_PAGE_TITLE_CREATE_ROLE = "portal.role.create_role.pageTitle";
- private static final String PROPERTY_PAGE_TITLE_MODIFY_ROLE = "portal.role.modify_role.pageTitle";
- // Message
- private static final String MESSAGE_ROLE_EXIST = "portal.role.message.roleexist";
- private static final String MESSAGE_ROLE_FORMAT = "portal.role.message.roleformat";
- private static final String MESSAGE_CONFIRM_REMOVE = "portal.role.message.confirmRemoveRole";
- private static final String MESSAGE_CANNOT_REMOVE_ROLE = "portal.role.message.cannotRemoveRole";
- /**
- * Creates a new RoleJspBean object.
- */
- public RoleJspBean( )
- {
- // Ctor
- }
- /**
- * Returns Page Role management form
- *
- * @param request
- * The Http request
- * @return Html form
- */
- public String getManagePageRole( HttpServletRequest request )
- {
- setPageTitleProperty( null );
- Map<String, Object> model = new HashMap<>( );
- Collection<Role> listRoles = RoleHome.findAll( );
- listRoles = AdminWorkgroupService.getAuthorizedCollection( listRoles, getUser( ) );
- Map<String, Boolean> mapExistRbac = listRoles.stream( ).collect( Collectors.toMap( Role::getRole, x -> RBACRoleHome.checkExistRole( x.getRole( ) ) ) );
- model.put( MARK_ROLES_LIST, listRoles );
- model.put( MARK_EXIST_RBAC_MAP, mapExistRbac );
- HtmlTemplate template = AppTemplateService.getTemplate( TEMPLATE_MANAGE_ROLES, getLocale( ), model );
- return getAdminPage( template.getHtml( ) );
- }
- /**
- * Insert a new PageRole
- *
- * @param request
- * The HTTP request
- * @return String The html code page
- */
- public String getCreatePageRole( HttpServletRequest request )
- {
- setPageTitleProperty( PROPERTY_PAGE_TITLE_CREATE_ROLE );
- Map<String, Object> model = new HashMap<>( );
- model.put( MARK_DEFAULT_VALUE_WORKGROUP_KEY, AdminWorkgroupService.ALL_GROUPS );
- model.put( MARK_WORKGROUP_KEY_LIST, AdminWorkgroupService.getUserWorkgroups( getUser( ), getLocale( ) ) );
- model.put( SecurityTokenService.MARK_TOKEN, SecurityTokenService.getInstance( ).getToken( request, TEMPLATE_CREATE_PAGE_ROLE ) );
- HtmlTemplate template = AppTemplateService.getTemplate( TEMPLATE_CREATE_PAGE_ROLE, getLocale( ), model );
- return getAdminPage( template.getHtml( ) );
- }
- /**
- * Create PageRole
- *
- * @param request
- * The HTTP request
- * @return String The url page
- * @throws AccessDeniedException
- * if the security token is invalid
- */
- public String doCreatePageRole( HttpServletRequest request ) throws AccessDeniedException
- {
- String strPageRole = request.getParameter( PARAMETER_PAGE_ROLE );
- String strPageRoleDescription = request.getParameter( PARAMETER_PAGE_ROLE_DESCRIPTION );
- String strPageWorkgroup = request.getParameter( PARAMETER_PAGE_WORKGROUP );
- // Mandatory field
- if ( StringUtil.isAnyEmpty( strPageRole, strPageRoleDescription ) || ( strPageWorkgroup == null ) )
- {
- return AdminMessageService.getMessageUrl( request, Messages.MANDATORY_FIELDS, AdminMessage.TYPE_STOP );
- }
- // Check if code is valid
- if ( !StringUtil.checkCodeKey( strPageRole ) )
- {
- return AdminMessageService.getMessageUrl( request, MESSAGE_ROLE_FORMAT, AdminMessage.TYPE_STOP );
- }
- // Check if role exist
- if ( RoleHome.findExistRole( strPageRole ) )
- {
- return AdminMessageService.getMessageUrl( request, MESSAGE_ROLE_EXIST, AdminMessage.TYPE_STOP );
- }
- if ( !SecurityTokenService.getInstance( ).validate( request, TEMPLATE_CREATE_PAGE_ROLE ) )
- {
- throw new AccessDeniedException( ERROR_INVALID_TOKEN );
- }
- Role role = new Role( );
- role.setRole( strPageRole );
- role.setRoleDescription( strPageRoleDescription );
- role.setWorkgroup( strPageWorkgroup );
- RoleHome.create( role );
- return getHomeUrl( request );
- }
- /**
- *
- * @param request
- * The HTTP request
- * @return String The html code page
- */
- public String getModifyPageRole( HttpServletRequest request )
- {
- setPageTitleProperty( PROPERTY_PAGE_TITLE_MODIFY_ROLE );
- Map<String, Object> model = new HashMap<>( );
- String strPageRole = request.getParameter( PARAMETER_PAGE_ROLE );
- Role role = RoleHome.findByPrimaryKey( strPageRole );
- if ( role == null )
- {
- return getManagePageRole( request );
- }
- model.put( MARK_ROLE, role );
- model.put( MARK_WORKGROUP_KEY_LIST, AdminWorkgroupService.getUserWorkgroups( getUser( ), getLocale( ) ) );
- model.put( SecurityTokenService.MARK_TOKEN, SecurityTokenService.getInstance( ).getToken( request, TEMPLATE_PAGE_ROLE_MODIFY ) );
- HtmlTemplate template = AppTemplateService.getTemplate( TEMPLATE_PAGE_ROLE_MODIFY, getLocale( ), model );
- return getAdminPage( template.getHtml( ) );
- }
- /**
- * Modify PageRole
- *
- * @param request
- * The HTTP request
- * @return String The url page
- * @throws AccessDeniedException
- * if the security token is invalid
- */
- public String doModifyPageRole( HttpServletRequest request ) throws AccessDeniedException
- {
- String strPageRole = request.getParameter( PARAMETER_PAGE_ROLE );
- String strPageRoleDescription = request.getParameter( PARAMETER_PAGE_ROLE_DESCRIPTION );
- String strPageWorkgroup = request.getParameter( PARAMETER_PAGE_WORKGROUP );
- // Mandatory field
- if ( ( strPageRoleDescription == null ) || strPageRoleDescription.equals( "" ) || ( strPageWorkgroup == null ) )
- {
- return AdminMessageService.getMessageUrl( request, Messages.MANDATORY_FIELDS, AdminMessage.TYPE_STOP );
- }
- if ( !SecurityTokenService.getInstance( ).validate( request, TEMPLATE_PAGE_ROLE_MODIFY ) )
- {
- throw new AccessDeniedException( ERROR_INVALID_TOKEN );
- }
- Role role = new Role( );
- role.setRole( strPageRole );
- role.setRoleDescription( strPageRoleDescription );
- role.setWorkgroup( strPageWorkgroup );
- RoleHome.update( role );
- return getHomeUrl( request );
- }
- /**
- * confirm Delete PageRole
- *
- * @param request
- * The HTTP request
- * @return String The html code page
- */
- public String getRemovePageRole( HttpServletRequest request )
- {
- String strPageRole = request.getParameter( PARAMETER_PAGE_ROLE );
- if ( StringUtils.isBlank( strPageRole ) )
- {
- return AdminMessageService.getMessageUrl( request, Messages.MESSAGE_INVALID_ENTRY, new Object [ ] {
- PARAMETER_PAGE_ROLE
- }, AdminMessage.TYPE_STOP );
- }
- Role role = RoleHome.findByPrimaryKey( strPageRole );
- if ( role == null || !strPageRole.equals( role.getRole( ) ) )
- {
- return AdminMessageService.getMessageUrl( request, Messages.MESSAGE_INVALID_ENTRY, new Object [ ] {
- strPageRole
- }, AdminMessage.TYPE_STOP );
- }
- String strURL = PATH_JSP + JSP_REMOVE_ROLE;
- Map<String, Object> parameters = new HashMap<>( );
- parameters.put( PARAMETER_PAGE_ROLE, request.getParameter( PARAMETER_PAGE_ROLE ) );
- parameters.put( SecurityTokenService.PARAMETER_TOKEN, SecurityTokenService.getInstance( ).getToken( request, JSP_REMOVE_ROLE ) );
- return AdminMessageService.getMessageUrl( request, MESSAGE_CONFIRM_REMOVE, new Object [ ] {
- strPageRole
- }, null, strURL, null, AdminMessage.TYPE_CONFIRMATION, parameters );
- }
- /**
- * Delete PageRole
- *
- * @param request
- * The HTTP request
- * @return String The url page
- * @throws AccessDeniedException
- * if the security token is invalid
- */
- public String doRemovePageRole( HttpServletRequest request ) throws AccessDeniedException
- {
- String strPageRole = request.getParameter( PARAMETER_PAGE_ROLE );
- ArrayList<String> listErrors = new ArrayList<>( );
- if ( !RoleRemovalListenerService.getService( ).checkForRemoval( strPageRole, listErrors, getLocale( ) ) )
- {
- String strCause = AdminMessageService.getFormattedList( listErrors, getLocale( ) );
- Object [ ] args = {
- strPageRole, strCause
- };
- return AdminMessageService.getMessageUrl( request, MESSAGE_CANNOT_REMOVE_ROLE, args, AdminMessage.TYPE_STOP );
- }
- if ( !SecurityTokenService.getInstance( ).validate( request, JSP_REMOVE_ROLE ) )
- {
- throw new AccessDeniedException( ERROR_INVALID_TOKEN );
- }
- RoleHome.remove( strPageRole );
- return getHomeUrl( request );
- }
- }