AttributeJspBean.java
/*
* Copyright (c) 2002-2022, City of Paris
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright notice
* and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright notice
* and the following disclaimer in the documentation and/or other materials
* provided with the distribution.
*
* 3. Neither the name of 'Mairie de Paris' nor 'Lutece' nor the names of its
* contributors may be used to endorse or promote products derived from
* this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
* AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE
* LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*
* License 1.0
*/
package fr.paris.lutece.portal.web.user.attribute;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.lang3.StringUtils;
import fr.paris.lutece.portal.business.user.attribute.IAttribute;
import fr.paris.lutece.portal.service.admin.AccessDeniedException;
import fr.paris.lutece.portal.service.message.AdminMessage;
import fr.paris.lutece.portal.service.message.AdminMessageService;
import fr.paris.lutece.portal.service.security.SecurityTokenService;
import fr.paris.lutece.portal.service.template.AppTemplateService;
import fr.paris.lutece.portal.service.user.attribute.AttributeService;
import fr.paris.lutece.portal.service.util.AppLogService;
import fr.paris.lutece.portal.web.admin.AdminFeaturesPageJspBean;
import fr.paris.lutece.portal.web.dashboard.AdminDashboardJspBean;
import fr.paris.lutece.util.html.HtmlTemplate;
/**
*
* AttributeJspBean
*
*/
public class AttributeJspBean extends AdminFeaturesPageJspBean
{
/**
* Generated serial version UID
*/
private static final long serialVersionUID = 183073111112521149L;
// CONSTANTS
private static final String QUESTION_MARK = "?";
private static final String EQUAL = "=";
// PARAMETERS
private static final String PARAMETER_ATTRIBUTE_TYPE_CLASS_NAME = "attribute_type_class_name";
private static final String PARAMETER_CANCEL = "cancel";
private static final String PARAMETER_APPLY = "apply";
private static final String PARAMETER_ID_ATTRIBUTE = "id_attribute";
// MARKS
private static final String MARK_ATTRIBUTE_TYPE = "attribute_type";
private static final String MARK_ATTRIBUTE = "attribute";
private static final String MARK_ATTRIBUTE_FIELDS_LIST = "attribute_fields_list";
// PROPERTIES
private static final String PROPERTY_MESSAGE_CONFIRM_REMOVE_ATTRIBUTE = "portal.users.manage_attributes.message.confirmRemoveAttribute";
// JSP
private static final String JSP_URL_REMOVE_ATTRIBUTE = "jsp/admin/user/attribute/DoRemoveAttribute.jsp";
private static final String ANCHOR_ADMIN_DASHBOARDS = "attributes_management";
private static final String JSP_MODIFY_ATTRIBUTE = "ModifyAttribute.jsp";
private static final AttributeService _attributeService = AttributeService.getInstance( );
/**
* Get user attribute creation interface
*
* @param request
* HttpServletRequest
* @return the Html form
*/
public String getCreateAttribute( HttpServletRequest request )
{
String strAttributeTypeClassName = request.getParameter( PARAMETER_ATTRIBUTE_TYPE_CLASS_NAME );
IAttribute attribute = null;
try
{
attribute = (IAttribute) Class.forName( strAttributeTypeClassName ).newInstance( );
}
catch( IllegalAccessException | InstantiationException | ClassNotFoundException e )
{
AppLogService.error( e.getMessage( ), e );
}
if ( attribute == null )
{
return getAdminDashboardsUrl( request, ANCHOR_ADMIN_DASHBOARDS );
}
setPageTitleProperty( attribute.getPropertyCreatePageTitle( ) );
attribute.setAttributeType( getLocale( ) );
HtmlTemplate template;
Map<String, Object> model = new HashMap<>( );
model.put( MARK_ATTRIBUTE_TYPE, attribute.getAttributeType( ) );
model.put( SecurityTokenService.MARK_TOKEN, SecurityTokenService.getInstance( ).getToken( request, attribute.getTemplateCreateAttribute( ) ) );
template = AppTemplateService.getTemplate( attribute.getTemplateCreateAttribute( ), getLocale( ), model );
return getAdminPage( template.getHtml( ) );
}
/**
* Create an user attribute
*
* @param request
* HttpServletRequest
* @return The Jsp URL of the process result
* @throws AccessDeniedException
* if the security token is invalid
*/
public String doCreateAttribute( HttpServletRequest request ) throws AccessDeniedException
{
String strAttributeTypeClassName = request.getParameter( PARAMETER_ATTRIBUTE_TYPE_CLASS_NAME );
String strActionCancel = request.getParameter( PARAMETER_CANCEL );
String strActionApply = request.getParameter( PARAMETER_APPLY );
if ( StringUtils.isEmpty( strActionCancel ) )
{
IAttribute attribute = null;
try
{
attribute = (IAttribute) Class.forName( strAttributeTypeClassName ).newInstance( );
}
catch( IllegalAccessException | InstantiationException | ClassNotFoundException e )
{
AppLogService.error( e.getMessage( ), e );
}
if ( attribute == null )
{
getAdminDashboardsUrl( request, ANCHOR_ADMIN_DASHBOARDS );
}
else
{
String strError = attribute.setAttributeData( request );
if ( StringUtils.isNotBlank( strError ) )
{
return strError;
}
if ( !SecurityTokenService.getInstance( ).validate( request, attribute.getTemplateCreateAttribute( ) ) )
{
throw new AccessDeniedException( ERROR_INVALID_TOKEN );
}
_attributeService.createAttribute( attribute );
if ( strActionApply != null )
{
return JSP_MODIFY_ATTRIBUTE + QUESTION_MARK + PARAMETER_ID_ATTRIBUTE + EQUAL + attribute.getIdAttribute( );
}
}
}
return getAdminDashboardsUrl( request, ANCHOR_ADMIN_DASHBOARDS );
}
/**
* Get the user attribute modification interface
*
* @param request
* HttpServletRequest
* @return the html form
*/
public String getModifyAttribute( HttpServletRequest request )
{
String strIdAttribute = request.getParameter( PARAMETER_ID_ATTRIBUTE );
if ( StringUtils.isNotBlank( strIdAttribute ) && StringUtils.isNumeric( strIdAttribute ) )
{
// Check if the ID attribute is correct
int nIdAttribute = Integer.parseInt( strIdAttribute );
IAttribute attribute = _attributeService.getAttributeWithFields( nIdAttribute, getLocale( ) );
setPageTitleProperty( attribute.getPropertyModifyPageTitle( ) );
HtmlTemplate template;
Map<String, Object> model = new HashMap<>( );
model.put( MARK_ATTRIBUTE, attribute );
model.put( MARK_ATTRIBUTE_FIELDS_LIST, attribute.getListAttributeFields( ) );
model.put( SecurityTokenService.MARK_TOKEN, SecurityTokenService.getInstance( ).getToken( request, attribute.getTemplateModifyAttribute( ) ) );
template = AppTemplateService.getTemplate( attribute.getTemplateModifyAttribute( ), getLocale( ), model );
return getAdminPage( template.getHtml( ) );
}
// Otherwise, we redirect the user to the attribute management interface
return getAdminDashboardsUrl( request, ANCHOR_ADMIN_DASHBOARDS );
}
/**
* Modify the attribute
*
* @param request
* HttpServletRequest
* @return The Jsp URL of the process result
* @throws AccessDeniedException
* if the security token is invalid
*/
public String doModifyAttribute( HttpServletRequest request ) throws AccessDeniedException
{
String strIdAttribute = request.getParameter( PARAMETER_ID_ATTRIBUTE );
int nIdAttribute = Integer.parseInt( strIdAttribute );
String strActionCancel = request.getParameter( PARAMETER_CANCEL );
String strActionApply = request.getParameter( PARAMETER_APPLY );
if ( StringUtils.isEmpty( strActionCancel ) )
{
IAttribute attribute = _attributeService.getAttributeWithFields( nIdAttribute, getLocale( ) );
if ( attribute != null )
{
String strError = attribute.setAttributeData( request );
if ( strError != null )
{
return strError;
}
if ( !SecurityTokenService.getInstance( ).validate( request, attribute.getTemplateModifyAttribute( ) ) )
{
throw new AccessDeniedException( ERROR_INVALID_TOKEN );
}
_attributeService.updateAttribute( attribute );
if ( strActionApply != null )
{
return JSP_MODIFY_ATTRIBUTE + QUESTION_MARK + PARAMETER_ID_ATTRIBUTE + EQUAL + attribute.getIdAttribute( );
}
}
}
return getAdminDashboardsUrl( request, ANCHOR_ADMIN_DASHBOARDS );
}
/**
* Get the confirmation to remove an user attribute
*
* @param request
* HttpServletRequest
* @return The Jsp URL of the confirmation window
*/
public String doConfirmRemoveAttribute( HttpServletRequest request )
{
String strIdAttribute = request.getParameter( PARAMETER_ID_ATTRIBUTE );
Map<String, String> parameters = new HashMap<>( );
parameters.put( PARAMETER_ID_ATTRIBUTE, strIdAttribute );
parameters.put( SecurityTokenService.PARAMETER_TOKEN, SecurityTokenService.getInstance( ).getToken( request, JSP_URL_REMOVE_ATTRIBUTE ) );
return AdminMessageService.getMessageUrl( request, PROPERTY_MESSAGE_CONFIRM_REMOVE_ATTRIBUTE, JSP_URL_REMOVE_ATTRIBUTE, AdminMessage.TYPE_CONFIRMATION,
parameters );
}
/**
* Remove an user attribute
*
* @param request
* HttpServletRequest
* @return The Jsp URL of the process result
* @throws AccessDeniedException
* if the security token is invalid
*/
public String doRemoveAttribute( HttpServletRequest request ) throws AccessDeniedException
{
String strIdAttribute = request.getParameter( PARAMETER_ID_ATTRIBUTE );
if ( StringUtils.isNotBlank( strIdAttribute ) && StringUtils.isNumeric( strIdAttribute ) )
{
if ( !SecurityTokenService.getInstance( ).validate( request, JSP_URL_REMOVE_ATTRIBUTE ) )
{
throw new AccessDeniedException( ERROR_INVALID_TOKEN );
}
int nIdAttribute = Integer.parseInt( strIdAttribute );
_attributeService.removeAttribute( nIdAttribute );
}
return getAdminDashboardsUrl( request, ANCHOR_ADMIN_DASHBOARDS );
}
/**
* Move up the position of the attribute field
*
* @param request
* HttpServletRequest
* @return The Jsp URL of the process result
* @throws AccessDeniedException
* if the security token is invalid
*/
public String doMoveUpAttribute( HttpServletRequest request ) throws AccessDeniedException
{
String strIdAttribute = request.getParameter( PARAMETER_ID_ATTRIBUTE );
if ( StringUtils.isNotBlank( strIdAttribute ) && StringUtils.isNumeric( strIdAttribute ) )
{
if ( !SecurityTokenService.getInstance( ).validate( request, AdminDashboardJspBean.TEMPLATE_MANAGE_DASHBOARDS ) )
{
throw new AccessDeniedException( ERROR_INVALID_TOKEN );
}
int nIdAttribute = Integer.parseInt( strIdAttribute );
List<IAttribute> listAttributes = _attributeService.getAllAttributesWithoutFields( getLocale( ) );
IAttribute previousAttribute;
IAttribute currentAttribute;
Iterator<IAttribute> it = listAttributes.iterator( );
previousAttribute = it.next( );
currentAttribute = it.next( );
while ( it.hasNext( ) && ( currentAttribute.getIdAttribute( ) != nIdAttribute ) )
{
previousAttribute = currentAttribute;
currentAttribute = it.next( );
}
int previousAttributePosition = previousAttribute.getPosition( );
int currentAttributePosition = currentAttribute.getPosition( );
previousAttribute.setPosition( currentAttributePosition );
currentAttribute.setPosition( previousAttributePosition );
_attributeService.updateAttribute( previousAttribute );
_attributeService.updateAttribute( currentAttribute );
}
return getAdminDashboardsUrl( request, ANCHOR_ADMIN_DASHBOARDS );
}
/**
* Move down the position of the attribute field
*
* @param request
* HttpServletRequest
* @return The Jsp URL of the process result
* @throws AccessDeniedException
* if the security token is invalid
*/
public String doMoveDownAttribute( HttpServletRequest request ) throws AccessDeniedException
{
String strIdAttribute = request.getParameter( PARAMETER_ID_ATTRIBUTE );
if ( StringUtils.isNotBlank( strIdAttribute ) && StringUtils.isNumeric( strIdAttribute ) )
{
if ( !SecurityTokenService.getInstance( ).validate( request, AdminDashboardJspBean.TEMPLATE_MANAGE_DASHBOARDS ) )
{
throw new AccessDeniedException( ERROR_INVALID_TOKEN );
}
int nIdAttribute = Integer.parseInt( strIdAttribute );
List<IAttribute> listAttributes = _attributeService.getAllAttributesWithoutFields( getLocale( ) );
IAttribute nextAttribute = null;
IAttribute currentAttribute = null;
Iterator<IAttribute> it = listAttributes.iterator( );
currentAttribute = it.next( );
nextAttribute = it.next( );
while ( it.hasNext( ) && ( currentAttribute.getIdAttribute( ) != nIdAttribute ) )
{
currentAttribute = nextAttribute;
nextAttribute = it.next( );
}
int nextAttributePosition = nextAttribute.getPosition( );
int currentAttributePosition = currentAttribute.getPosition( );
nextAttribute.setPosition( currentAttributePosition );
currentAttribute.setPosition( nextAttributePosition );
_attributeService.updateAttribute( nextAttribute );
_attributeService.updateAttribute( currentAttribute );
}
return getAdminDashboardsUrl( request, ANCHOR_ADMIN_DASHBOARDS );
}
}