View Javadoc
1   /*
2    * Copyright (c) 2002-2025, City of Paris
3    * All rights reserved.
4    *
5    * Redistribution and use in source and binary forms, with or without
6    * modification, are permitted provided that the following conditions
7    * are met:
8    *
9    *  1. Redistributions of source code must retain the above copyright notice
10   *     and the following disclaimer.
11   *
12   *  2. Redistributions in binary form must reproduce the above copyright notice
13   *     and the following disclaimer in the documentation and/or other materials
14   *     provided with the distribution.
15   *
16   *  3. Neither the name of 'Mairie de Paris' nor 'Lutece' nor the names of its
17   *     contributors may be used to endorse or promote products derived from
18   *     this software without specific prior written permission.
19   *
20   * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
21   * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22   * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23   * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE
24   * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
25   * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
26   * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
27   * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
28   * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
29   * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
30   * POSSIBILITY OF SUCH DAMAGE.
31   *
32   * License 1.0
33   */
34  package fr.paris.lutece.portal.web.user.attribute;
35  
36  import fr.paris.lutece.portal.business.user.attribute.AttributeField;
37  import fr.paris.lutece.portal.business.user.attribute.IAttribute;
38  import fr.paris.lutece.portal.service.admin.AccessDeniedException;
39  import fr.paris.lutece.portal.service.message.AdminMessage;
40  import fr.paris.lutece.portal.service.message.AdminMessageService;
41  import fr.paris.lutece.portal.service.security.SecurityTokenService;
42  import fr.paris.lutece.portal.service.template.AppTemplateService;
43  import fr.paris.lutece.portal.service.user.attribute.AdminUserFieldService;
44  import fr.paris.lutece.portal.service.user.attribute.AttributeFieldService;
45  import fr.paris.lutece.portal.service.user.attribute.AttributeService;
46  import fr.paris.lutece.portal.web.admin.AdminFeaturesPageJspBean;
47  import fr.paris.lutece.portal.web.constants.Messages;
48  import fr.paris.lutece.util.html.HtmlTemplate;
49  
50  import org.apache.commons.collections.CollectionUtils;
51  import org.apache.commons.lang3.StringUtils;
52  
53  import java.util.HashMap;
54  import java.util.Iterator;
55  import java.util.List;
56  import java.util.Map;
57  
58  import javax.servlet.http.HttpServletRequest;
59  
60  /**
61   * AttributeFieldJspBean
62   */
63  public class AttributeFieldJspBean extends AdminFeaturesPageJspBean
64  {
65      /**
66       * Generated serial version UID
67       */
68      private static final long serialVersionUID = 3304151197655135630L;
69  
70      // CONSTANTS
71      private static final String QUESTION_MARK = "?";
72      private static final String EQUAL = "=";
73  
74      // PROPERTIES
75      private static final String PROPERTY_CREATE_ATTRIBUTE_FIELDS_PAGETITLE = "portal.users.create_attribute_field.pageTitle";
76      private static final String PROPERTY_MODIFY_ATTRIBUTE_FIELDS_PAGETITLE = "portal.users.modify_attribute_field.pageTitle";
77      private static final String PROPERTY_MESSAGE_CONFIRM_REMOVE_ATTRIBUTE_FIELD = "portal.users.modify_attribute.message.removeAttributeField";
78  
79      // TEMPLATES
80      private static final String TEMPLATE_CREATE_ATTRIBUTE_FIELD = "admin/user/attribute/create_attribute_field.html";
81      private static final String TEMPLATE_MODIFY_ATTRIBUTE_FIELD = "admin/user/attribute/modify_attribute_field.html";
82  
83      // PARAMETERS
84      private static final String PARAMETER_CANCEL = "cancel";
85      private static final String PARAMETER_ID_ATTRIBUTE = "id_attribute";
86      private static final String PARAMETER_TITLE = "title";
87      private static final String PARAMETER_VALUE = "value";
88      private static final String PARAMETER_DEFAULT_VALUE = "default_value";
89      private static final String PARAMETER_ID_FIELD = "id_field";
90  
91      // MARKS
92      private static final String MARK_ATTRIBUTE_FIELD = "attribute_field";
93      private static final String MARK_ATTRIBUTE = "attribute";
94  
95      // JSP
96      private static final String JSP_MODIFY_ATTRIBUTE = "ModifyAttribute.jsp";
97      private static final String JSP_URL_REMOVE_ATTRIBUTE_FIELD = "jsp/admin/user/attribute/DoRemoveAttributeField.jsp";
98      private static final AttributeService _attributeService = AttributeService.getInstance( );
99      private static final AttributeFieldService _attributeFieldService = AttributeFieldService.getInstance( );
100     private static final String JSP_ATTRIBUTES_LIST = "jsp/admin/AdminTechnicalMenu.jsp?tab=attributes_management#users_advanced_parameters";
101 
102     /**
103      * Create attribute field
104      * 
105      * @param request
106      *            HttpServletRequest
107      * @return the html form
108      */
109     public String getCreateAttributeField( HttpServletRequest request )
110     {
111         setPageTitleProperty( PROPERTY_CREATE_ATTRIBUTE_FIELDS_PAGETITLE );
112 
113         String strIdAttribute = request.getParameter( PARAMETER_ID_ATTRIBUTE );
114         int nIdAttribute = Integer.parseInt( strIdAttribute );
115 
116         IAttribute attribute = _attributeService.getAttributeWithoutFields( nIdAttribute, getLocale( ) );
117 
118         HtmlTemplate template;
119         Map<String, Object> model = new HashMap<>( );
120         model.put( MARK_ATTRIBUTE, attribute );
121         model.put( SecurityTokenService.MARK_TOKEN, SecurityTokenService.getInstance( ).getToken( request, TEMPLATE_CREATE_ATTRIBUTE_FIELD ) );
122 
123         template = AppTemplateService.getTemplate( TEMPLATE_CREATE_ATTRIBUTE_FIELD, getLocale( ), model );
124 
125         return getAdminPage( template.getHtml( ) );
126     }
127 
128     /**
129      *
130      * @param request
131      *            the HttpServletRequest
132      * @return Url
133      * @throws AccessDeniedException
134      *             if the security token is invalid
135      */
136     public String doCreateAttributeField( HttpServletRequest request ) throws AccessDeniedException
137     {
138         String strIdAttribute = request.getParameter( PARAMETER_ID_ATTRIBUTE );
139         int nIdAttribute = Integer.parseInt( strIdAttribute );
140         String strTitle = request.getParameter( PARAMETER_TITLE );
141         String strValue = request.getParameter( PARAMETER_VALUE );
142         String strDefaultValue = request.getParameter( PARAMETER_DEFAULT_VALUE );
143         String strCancel = request.getParameter( PARAMETER_CANCEL );
144 
145         if ( StringUtils.isEmpty( strCancel ) )
146         {
147             if ( StringUtils.isBlank( strTitle ) )
148             {
149                 return AdminMessageService.getMessageUrl( request, Messages.MANDATORY_FIELDS, JSP_ATTRIBUTES_LIST, AdminMessage.TYPE_STOP );
150             }
151 
152             if ( StringUtils.isBlank( strValue ) )
153             {
154                 return AdminMessageService.getMessageUrl( request, Messages.MANDATORY_FIELDS, JSP_ATTRIBUTES_LIST, AdminMessage.TYPE_STOP );
155             }
156 
157             if ( !SecurityTokenService.getInstance( ).validate( request, TEMPLATE_CREATE_ATTRIBUTE_FIELD ) )
158             {
159                 throw new AccessDeniedException( ERROR_INVALID_TOKEN );
160             }
161             AttributeFieldr/attribute/AttributeField.html#AttributeField">AttributeField attributeField = new AttributeField( );
162             attributeField.setTitle( strTitle );
163             attributeField.setValue( strValue );
164             attributeField.setDefaultValue( strDefaultValue != null );
165 
166             IAttribute attribute = _attributeService.getAttributeWithoutFields( nIdAttribute, getLocale( ) );
167             attributeField.setAttribute( attribute );
168             _attributeFieldService.createAttributeField( attributeField );
169         }
170 
171         return JSP_MODIFY_ATTRIBUTE + QUESTION_MARK + PARAMETER_ID_ATTRIBUTE + EQUAL + nIdAttribute;
172     }
173 
174     /**
175      * Modify an attribute field
176      * 
177      * @param request
178      *            HttpServletRequest
179      * @return the html form
180      */
181     public String getModifyAttributeField( HttpServletRequest request )
182     {
183         setPageTitleProperty( PROPERTY_MODIFY_ATTRIBUTE_FIELDS_PAGETITLE );
184 
185         String strIdField = request.getParameter( PARAMETER_ID_FIELD );
186         int nIdField = Integer.parseInt( strIdField );
187         String strIdAttribute = request.getParameter( PARAMETER_ID_ATTRIBUTE );
188         int nIdAttribute = Integer.parseInt( strIdAttribute );
189 
190         IAttribute attribute = _attributeService.getAttributeWithoutFields( nIdAttribute, getLocale( ) );
191 
192         AttributeField attributeField = _attributeFieldService.getAttributeField( nIdField );
193 
194         HtmlTemplate template;
195         Map<String, Object> model = new HashMap<>( );
196         model.put( MARK_ATTRIBUTE_FIELD, attributeField );
197         model.put( MARK_ATTRIBUTE, attribute );
198         model.put( SecurityTokenService.MARK_TOKEN, SecurityTokenService.getInstance( ).getToken( request, TEMPLATE_MODIFY_ATTRIBUTE_FIELD ) );
199 
200         template = AppTemplateService.getTemplate( TEMPLATE_MODIFY_ATTRIBUTE_FIELD, getLocale( ), model );
201 
202         return getAdminPage( template.getHtml( ) );
203     }
204 
205     /**
206      * Modify an attribute field
207      * 
208      * @param request
209      *            HttpServletRequest
210      * @return The Jsp URL of the process result
211      * @throws AccessDeniedException
212      *             if the security token is invalid
213      */
214     public String doModifyAttributeField( HttpServletRequest request ) throws AccessDeniedException
215     {
216         String strTitle = request.getParameter( PARAMETER_TITLE );
217         String strValue = request.getParameter( PARAMETER_VALUE );
218         String strDefaultValue = request.getParameter( PARAMETER_DEFAULT_VALUE );
219         String strIdField = request.getParameter( PARAMETER_ID_FIELD );
220         int nIdField = Integer.parseInt( strIdField );
221         String strIdAttribute = request.getParameter( PARAMETER_ID_ATTRIBUTE );
222         String strCancel = request.getParameter( PARAMETER_CANCEL );
223 
224         if ( StringUtils.isEmpty( strCancel ) )
225         {
226             if ( StringUtils.isBlank( strTitle ) )
227             {
228                 return AdminMessageService.getMessageUrl( request, Messages.MANDATORY_FIELDS, AdminMessage.TYPE_STOP );
229             }
230 
231             if ( StringUtils.isBlank( strValue ) )
232             {
233                 return AdminMessageService.getMessageUrl( request, Messages.MANDATORY_FIELDS, AdminMessage.TYPE_STOP );
234             }
235 
236             if ( !SecurityTokenService.getInstance( ).validate( request, TEMPLATE_MODIFY_ATTRIBUTE_FIELD ) )
237             {
238                 throw new AccessDeniedException( ERROR_INVALID_TOKEN );
239             }
240             AttributeField currentAttributeField = _attributeFieldService.getAttributeField( nIdField );
241             int nPosition = currentAttributeField.getPosition( );
242 
243             AttributeFieldr/attribute/AttributeField.html#AttributeField">AttributeField attributeField = new AttributeField( );
244             attributeField.setIdField( nIdField );
245             attributeField.setTitle( strTitle );
246             attributeField.setValue( strValue );
247             attributeField.setDefaultValue( strDefaultValue != null );
248             attributeField.setPosition( nPosition );
249             _attributeFieldService.updateAttributeField( attributeField );
250         }
251 
252         return JSP_MODIFY_ATTRIBUTE + QUESTION_MARK + PARAMETER_ID_ATTRIBUTE + EQUAL + strIdAttribute;
253     }
254 
255     /**
256      * Confirm the removal of the attribute field
257      * 
258      * @param request
259      *            HttpServletRequest
260      * @return the html form
261      */
262     public String doConfirmRemoveAttributeField( HttpServletRequest request )
263     {
264         String strIdAttribute = request.getParameter( PARAMETER_ID_ATTRIBUTE );
265         String strIdField = request.getParameter( PARAMETER_ID_FIELD );
266 
267         Map<String, String> parameters = new HashMap<>( );
268         parameters.put( PARAMETER_ID_ATTRIBUTE, strIdAttribute );
269         parameters.put( PARAMETER_ID_FIELD, strIdField );
270         parameters.put( SecurityTokenService.PARAMETER_TOKEN, SecurityTokenService.getInstance( ).getToken( request, JSP_URL_REMOVE_ATTRIBUTE_FIELD ) );
271 
272         return AdminMessageService.getMessageUrl( request, PROPERTY_MESSAGE_CONFIRM_REMOVE_ATTRIBUTE_FIELD, JSP_URL_REMOVE_ATTRIBUTE_FIELD,
273                 AdminMessage.TYPE_CONFIRMATION, parameters );
274     }
275 
276     /**
277      * Remove the attribute field
278      * 
279      * @param request
280      *            HttpServletRequest
281      * @return The Jsp URL of the process result
282      * @throws AccessDeniedException
283      *             if the security token is invalid
284      */
285     public String doRemoveAttributeField( HttpServletRequest request ) throws AccessDeniedException
286     {
287         String strIdAttribute = request.getParameter( PARAMETER_ID_ATTRIBUTE );
288         String strIdField = request.getParameter( PARAMETER_ID_FIELD );
289 
290         if ( !SecurityTokenService.getInstance( ).validate( request, JSP_URL_REMOVE_ATTRIBUTE_FIELD ) )
291         {
292             throw new AccessDeniedException( ERROR_INVALID_TOKEN );
293         }
294         if ( StringUtils.isNotBlank( strIdField ) && StringUtils.isNumeric( strIdField ) )
295         {
296             int nIdField = Integer.parseInt( strIdField );
297 
298             _attributeFieldService.removeAttributeFieldFromIdField( nIdField );
299             AdminUserFieldService.doRemoveUserFieldsByIdField( nIdField );
300         }
301 
302         return JSP_MODIFY_ATTRIBUTE + QUESTION_MARK + PARAMETER_ID_ATTRIBUTE + EQUAL + strIdAttribute;
303     }
304 
305     /**
306      * Move up the position of the attribute field
307      * 
308      * @param request
309      *            HttpServletRequest
310      * @return The Jsp URL of the process result
311      * @throws AccessDeniedException
312      *             if the security token is invalid
313      */
314     public String doMoveUpAttributeField( HttpServletRequest request ) throws AccessDeniedException
315     {
316         String strIdAttribute = request.getParameter( PARAMETER_ID_ATTRIBUTE );
317         String strIdField = request.getParameter( PARAMETER_ID_FIELD );
318 
319         if ( StringUtils.isNotBlank( strIdField ) && StringUtils.isNumeric( strIdField ) && StringUtils.isNotBlank( strIdAttribute )
320                 && StringUtils.isNumeric( strIdAttribute ) )
321         {
322             int nIdAttribute = Integer.parseInt( strIdAttribute );
323             int nIdField = Integer.parseInt( strIdField );
324 
325             IAttribute attribute = _attributeService.getAttributeWithFields( nIdAttribute, getLocale( ) );
326             List<AttributeField> listAttributeFields = attribute.getListAttributeFields( );
327 
328             if ( !SecurityTokenService.getInstance( ).validate( request, attribute.getTemplateModifyAttribute( ) ) )
329             {
330                 throw new AccessDeniedException( ERROR_INVALID_TOKEN );
331             }
332             if ( CollectionUtils.isNotEmpty( listAttributeFields ) )
333             {
334                 AttributeField previousField = null;
335                 AttributeField currentField = null;
336 
337                 Iterator<AttributeField> it = listAttributeFields.iterator( );
338                 previousField = it.next( );
339                 currentField = it.next( );
340 
341                 while ( it.hasNext( ) && ( currentField.getIdField( ) != nIdField ) )
342                 {
343                     previousField = currentField;
344                     currentField = it.next( );
345                 }
346 
347                 int previousFieldPosition = previousField.getPosition( );
348                 int currentFieldPosition = currentField.getPosition( );
349                 previousField.setPosition( currentFieldPosition );
350                 currentField.setPosition( previousFieldPosition );
351                 _attributeFieldService.updateAttributeField( previousField );
352                 _attributeFieldService.updateAttributeField( currentField );
353             }
354         }
355 
356         return JSP_MODIFY_ATTRIBUTE + "?" + PARAMETER_ID_ATTRIBUTE + "=" + strIdAttribute;
357     }
358 
359     /**
360      * Move down the position of the attribute field
361      * 
362      * @param request
363      *            HttpServletRequest
364      * @return The Jsp URL of the process result
365      * @throws AccessDeniedException
366      *             if the security token is invalid
367      */
368     public String doMoveDownAttributeField( HttpServletRequest request ) throws AccessDeniedException
369     {
370         String strIdAttribute = request.getParameter( PARAMETER_ID_ATTRIBUTE );
371         String strIdField = request.getParameter( PARAMETER_ID_FIELD );
372 
373         if ( StringUtils.isNotBlank( strIdField ) && StringUtils.isNumeric( strIdField ) && StringUtils.isNotBlank( strIdAttribute )
374                 && StringUtils.isNumeric( strIdAttribute ) )
375         {
376             int nIdAttribute = Integer.parseInt( strIdAttribute );
377             int nIdField = Integer.parseInt( strIdField );
378 
379             IAttribute attribute = _attributeService.getAttributeWithFields( nIdAttribute, getLocale( ) );
380             List<AttributeField> listAttributeFields = attribute.getListAttributeFields( );
381             if ( !SecurityTokenService.getInstance( ).validate( request, attribute.getTemplateModifyAttribute( ) ) )
382             {
383                 throw new AccessDeniedException( ERROR_INVALID_TOKEN );
384             }
385             if ( CollectionUtils.isNotEmpty( listAttributeFields ) )
386             {
387                 AttributeField currentField = null;
388                 AttributeField nextField = null;
389 
390                 Iterator<AttributeField> it = listAttributeFields.iterator( );
391                 currentField = it.next( );
392                 nextField = it.next( );
393 
394                 while ( it.hasNext( ) && ( currentField.getIdField( ) != nIdField ) )
395                 {
396                     currentField = nextField;
397                     nextField = it.next( );
398                 }
399 
400                 int nextFieldPosition = nextField.getPosition( );
401                 int currentFieldPosition = currentField.getPosition( );
402                 nextField.setPosition( currentFieldPosition );
403                 currentField.setPosition( nextFieldPosition );
404 
405                 _attributeFieldService.updateAttributeField( nextField );
406                 _attributeFieldService.updateAttributeField( currentField );
407             }
408         }
409 
410         return JSP_MODIFY_ATTRIBUTE + "?" + PARAMETER_ID_ATTRIBUTE + "=" + strIdAttribute;
411     }
412 }