View Javadoc
1   /*
2    * Copyright (c) 2002-2022, City of Paris
3    * All rights reserved.
4    *
5    * Redistribution and use in source and binary forms, with or without
6    * modification, are permitted provided that the following conditions
7    * are met:
8    *
9    *  1. Redistributions of source code must retain the above copyright notice
10   *     and the following disclaimer.
11   *
12   *  2. Redistributions in binary form must reproduce the above copyright notice
13   *     and the following disclaimer in the documentation and/or other materials
14   *     provided with the distribution.
15   *
16   *  3. Neither the name of 'Mairie de Paris' nor 'Lutece' nor the names of its
17   *     contributors may be used to endorse or promote products derived from
18   *     this software without specific prior written permission.
19   *
20   * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
21   * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22   * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23   * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE
24   * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
25   * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
26   * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
27   * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
28   * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
29   * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
30   * POSSIBILITY OF SUCH DAMAGE.
31   *
32   * License 1.0
33   */
34  package fr.paris.lutece.plugins.accesscontrol.web;
35  
36  import java.sql.Date;
37  import java.util.Comparator;
38  import java.util.HashMap;
39  import java.util.List;
40  import java.util.Locale;
41  import java.util.Map;
42  import java.util.stream.Collectors;
43  
44  import javax.servlet.http.HttpServletRequest;
45  
46  import fr.paris.lutece.plugins.accesscontrol.business.AccessControl;
47  import fr.paris.lutece.plugins.accesscontrol.business.AccessControlHome;
48  import fr.paris.lutece.plugins.accesscontrol.business.AccessController;
49  import fr.paris.lutece.plugins.accesscontrol.business.AccessControllerHome;
50  import fr.paris.lutece.plugins.accesscontrol.service.AccessControlService;
51  import fr.paris.lutece.plugins.accesscontrol.service.IAccessControlService;
52  import fr.paris.lutece.plugins.accesscontrol.service.IAccessControllerType;
53  import fr.paris.lutece.plugins.accesscontrol.util.BoolCondition;
54  import fr.paris.lutece.portal.business.user.AdminUser;
55  import fr.paris.lutece.portal.service.admin.AccessDeniedException;
56  import fr.paris.lutece.portal.service.message.AdminMessage;
57  import fr.paris.lutece.portal.service.message.AdminMessageService;
58  import fr.paris.lutece.portal.service.security.SecurityTokenService;
59  import fr.paris.lutece.portal.service.spring.SpringContextService;
60  import fr.paris.lutece.portal.service.template.AppTemplateService;
61  import fr.paris.lutece.portal.service.workgroup.AdminWorkgroupService;
62  import fr.paris.lutece.portal.util.mvc.admin.annotations.Controller;
63  import fr.paris.lutece.portal.util.mvc.commons.annotations.Action;
64  import fr.paris.lutece.portal.util.mvc.commons.annotations.View;
65  import fr.paris.lutece.util.ReferenceList;
66  import fr.paris.lutece.util.html.HtmlTemplate;
67  import fr.paris.lutece.util.url.UrlItem;
68  
69  /**
70   * This class provides the user interface to manage AccessControl features ( manage, create, modify, remove )
71   */
72  @Controller( controllerJsp = "ManageAccessControls.jsp", controllerPath = "jsp/admin/plugins/accesscontrol/", right = "ACCESSCONTROL_MANAGEMENT" )
73  public class AccessControlJspBean extends AbstractManageAccessControlJspBean
74  {
75      private static final long serialVersionUID = 128971112958212947L;
76  
77      public static final String RIGHT_MANAGE_ACCESS_CONTROL = "ACCESSCONTROL_MANAGEMENT";
78  
79      // Templates
80      private static final String TEMPLATE_MANAGE_ACCESSCONTROLS = "/admin/plugins/accesscontrol/manage_accesscontrols.html";
81      private static final String TEMPLATE_CREATE_ACCESSCONTROL = "/admin/plugins/accesscontrol/create_accesscontrol.html";
82      private static final String TEMPLATE_MODIFY_ACCESSCONTROL = "/admin/plugins/accesscontrol/modify_accesscontrol.html";
83      private static final String TEMPLATE_MODIFY_CONTROLLER = "/admin/plugins/accesscontrol/modify_controller.html";
84  
85      // Parameters
86      private static final String PARAMETER_ID_ACCESSCONTROL = "id";
87      private static final String PARAMETER_ID_CONTROLLER = "id_controller";
88      private static final String PARAMETER_ORDER = "new_order";
89      private static final String PARAMETER_BOOL_CONDITON = "boolCond";
90      private static final String PARAMETER_CONTROLLER_TYPE = "controller_type";
91      private static final String PARAMETER_CANCEL = "cancel";
92      private static final String PARAMETER_ACTION = "apply";
93  
94      // Properties for page titles
95      private static final String PROPERTY_PAGE_TITLE_MANAGE_ACCESSCONTROLS = "accesscontrol.manage_accesscontrols.pageTitle";
96      private static final String PROPERTY_PAGE_TITLE_MODIFY_ACCESSCONTROL = "accesscontrol.modify_accesscontrol.pageTitle";
97      private static final String PROPERTY_PAGE_TITLE_CREATE_ACCESSCONTROL = "accesscontrol.create_accesscontrol.pageTitle";
98      private static final String PROPERTY_MODIFY_CONTROLLER_PAGE_TITLE = "accesscontrol.modify_controller.page_title";
99  
100     // Markers
101     private static final String MARK_ACCESSCONTROL_LIST = "accesscontrol_list";
102     private static final String MARK_ACCESSCONTROL = "accesscontrol";
103     private static final String MARK_DEFAULT_VALUE_WORKGROUP_KEY = "workgroup_key_default_value";
104     private static final String MARK_USER_WORKGROUP_REF_LIST = "user_workgroup_list";
105     private static final String MARK_CONTROLLER_TYPE_LIST = "controller_type_list";
106     private static final String MARK_CONTROLLER_LIST = "controller_list";
107     private static final String MARK_CONDITION_LIST = "condition_list";
108     private static final String MARK_CONTROLLER_CONFIG = "controller_config";
109     private static final String JSP_MANAGE_ACCESSCONTROLS = "jsp/admin/plugins/accesscontrol/ManageAccessControls.jsp";
110 
111     // Properties
112     private static final String MESSAGE_CONFIRM_REMOVE_ACCESSCONTROL = "accesscontrol.message.confirmRemoveAccessControl";
113     private static final String MESSAGE_CONFIRM_REMOVE_ACCESSCONTROLLER = "accesscontrol.message.confirmRemoveAccessController";
114 
115     // Validations
116     private static final String VALIDATION_ATTRIBUTES_PREFIX = "accesscontrol.model.entity.accesscontrol.attribute.";
117 
118     // Views
119     private static final String VIEW_MANAGE_ACCESSCONTROLS = "manageAccessControls";
120     private static final String VIEW_CREATE_ACCESSCONTROL = "createAccessControl";
121     private static final String VIEW_MODIFY_ACCESSCONTROL = "modifyAccessControl";
122     private static final String VIEW_MODIFY_CONFIG_CONTROLLER = "modifyConfigController";
123 
124     // Actions
125     private static final String ACTION_CREATE_ACCESSCONTROL = "createAccessControl";
126     private static final String ACTION_MODIFY_ACCESSCONTROL = "modifyAccessControl";
127     private static final String ACTION_REMOVE_ACCESSCONTROL = "removeAccessControl";
128     private static final String ACTION_CONFIRM_REMOVE_ACCESSCONTROL = "confirmRemoveAccessControl";
129     private static final String ACTION_CONFIRM_REMOVE_ACCESSCONTROLLER = "confirmRemoveAccessController";
130     private static final String ACTION_ENABLE_ACCESSCONTROL = "enableAccessControl";
131     private static final String ACTION_DISABLE_ACCESSCONTROL = "disableAccessControl";
132     private static final String ACTION_CREATE_CONTROLLER = "createController";
133     private static final String ACTION_CHANGE_CONDITON = "changeCondition";
134     private static final String ACTION_CHANGE_ORDER = "changeOrder";
135     private static final String ACTION_REMOVE_ACCESSCONTROLLER = "removeAccessController";
136     private static final String ACTION_MODIFY_CONTROLLER = "modifyController";
137 
138     // Infos
139     private static final String INFO_ACCESSCONTROL_CREATED = "accesscontrol.info.accesscontrol.created";
140     private static final String INFO_ACCESSCONTROL_UPDATED = "accesscontrol.info.accesscontrol.updated";
141     private static final String INFO_ACCESSCONTROL_REMOVED = "accesscontrol.info.accesscontrol.removed";
142 
143     private IAccessControlService _accessControlService = SpringContextService.getBean( AccessControlService.BEAN_NAME );
144 
145     // Session variable to store working values
146     private AccessControl _accesControl;
147 
148     /**
149      * Build the Manage View
150      * 
151      * @param request
152      *            The HTTP request
153      * @return The page
154      */
155     @View( value = VIEW_MANAGE_ACCESSCONTROLS, defaultView = true )
156     public String getManageAccessControls( HttpServletRequest request )
157     {
158         _accesControl = null;
159         List<AccessControl> listAccessControls = AccessControlHome.getAccessControlsList( );
160         Map<String, Object> model = getPaginatedListModel( request, MARK_ACCESSCONTROL_LIST, listAccessControls, JSP_MANAGE_ACCESSCONTROLS );
161 
162         return getPage( PROPERTY_PAGE_TITLE_MANAGE_ACCESSCONTROLS, TEMPLATE_MANAGE_ACCESSCONTROLS, model );
163     }
164 
165     /**
166      * Returns the form to create a accesscontrol
167      *
168      * @param request
169      *            The Http request
170      * @return the html code of the accesscontrol form
171      */
172     @View( VIEW_CREATE_ACCESSCONTROL )
173     public String getCreateAccessControl( HttpServletRequest request )
174     {
175         _accesControl = ( _accesControl != null ) ? _accesControl : new AccessControl( );
176         AdminUser adminUser = getUser( );
177         Locale locale = getLocale( );
178 
179         Map<String, Object> model = getModel( );
180         model.put( MARK_ACCESSCONTROL, _accesControl );
181         model.put( MARK_USER_WORKGROUP_REF_LIST, AdminWorkgroupService.getUserWorkgroups( adminUser, locale ) );
182         model.put( MARK_DEFAULT_VALUE_WORKGROUP_KEY, AdminWorkgroupService.ALL_GROUPS );
183         model.put( SecurityTokenService.MARK_TOKEN, SecurityTokenService.getInstance( ).getToken( request, ACTION_CREATE_ACCESSCONTROL ) );
184 
185         return getPage( PROPERTY_PAGE_TITLE_CREATE_ACCESSCONTROL, TEMPLATE_CREATE_ACCESSCONTROL, model );
186     }
187 
188     /**
189      * Process the data capture form of a new accesscontrol
190      *
191      * @param request
192      *            The Http Request
193      * @return The Jsp URL of the process result
194      * @throws AccessDeniedException
195      */
196     @Action( ACTION_CREATE_ACCESSCONTROL )
197     public String doCreateAccessControl( HttpServletRequest request ) throws AccessDeniedException
198     {
199         populate( _accesControl, request, getLocale( ) );
200 
201         if ( !SecurityTokenService.getInstance( ).validate( request, ACTION_CREATE_ACCESSCONTROL ) )
202         {
203             throw new AccessDeniedException( "Invalid security token" );
204         }
205 
206         // Check constraints
207         if ( !validateBean( _accesControl, VALIDATION_ATTRIBUTES_PREFIX ) )
208         {
209             return redirectView( request, VIEW_CREATE_ACCESSCONTROL );
210         }
211 
212         _accesControl.setCreationDate( new Date( System.currentTimeMillis( ) ) );
213         AccessControlHome.create( _accesControl );
214         addInfo( INFO_ACCESSCONTROL_CREATED, getLocale( ) );
215 
216         return redirectView( request, VIEW_MANAGE_ACCESSCONTROLS );
217     }
218 
219     /**
220      * Manages the removal form of a accesscontrol whose identifier is in the http request
221      *
222      * @param request
223      *            The Http request
224      * @return the html code to confirm
225      */
226     @Action( ACTION_CONFIRM_REMOVE_ACCESSCONTROL )
227     public String getConfirmRemoveAccessControl( HttpServletRequest request )
228     {
229         int nId = Integer.parseInt( request.getParameter( PARAMETER_ID_ACCESSCONTROL ) );
230         UrlItem url = new UrlItem( getActionUrl( ACTION_REMOVE_ACCESSCONTROL ) );
231         url.addParameter( PARAMETER_ID_ACCESSCONTROL, nId );
232 
233         String strMessageUrl = AdminMessageService.getMessageUrl( request, MESSAGE_CONFIRM_REMOVE_ACCESSCONTROL, url.getUrl( ),
234                 AdminMessage.TYPE_CONFIRMATION );
235 
236         return redirect( request, strMessageUrl );
237     }
238 
239     /**
240      * Manages the removal form of a accesscontroller whose identifier is in the http request
241      *
242      * @param request
243      *            The Http request
244      * @return the html code to confirm
245      */
246     @Action( ACTION_CONFIRM_REMOVE_ACCESSCONTROLLER )
247     public String getConfirmRemoveAccessController( HttpServletRequest request )
248     {
249         int nId = Integer.parseInt( request.getParameter( PARAMETER_ID_CONTROLLER ) );
250         UrlItem url = new UrlItem( getActionUrl( ACTION_REMOVE_ACCESSCONTROLLER ) );
251         url.addParameter( PARAMETER_ID_CONTROLLER, nId );
252 
253         String strMessageUrl = AdminMessageService.getMessageUrl( request, MESSAGE_CONFIRM_REMOVE_ACCESSCONTROLLER, url.getUrl( ),
254                 AdminMessage.TYPE_CONFIRMATION );
255 
256         return redirect( request, strMessageUrl );
257     }
258 
259     /**
260      * Manages the modificaqtion form of a accesscontroller whose identifier is in the http request
261      *
262      * @param request
263      *            The Http request
264      * @return the html code to confirm
265      */
266     @View( VIEW_MODIFY_CONFIG_CONTROLLER )
267     public String getModifyConfigController( HttpServletRequest request ) throws AccessDeniedException
268     {
269         int nId = Integer.parseInt( request.getParameter( PARAMETER_ID_CONTROLLER ) );
270 
271         AccessController controller = AccessControllerHome.findByPrimaryKey( nId );
272         if ( controller == null )
273         {
274             throw new AccessDeniedException( "AccessController not found for ID " + nId );
275         }
276 
277         IAccessControllerType controllerType = SpringContextService.getBean( controller.getType( ) );
278         if ( controllerType == null )
279         {
280             throw new AccessDeniedException( "Unknown controller type " + controller.getType( ) );
281         }
282 
283         Map<String, Object> model = new HashMap<>( );
284         model.put( MARK_CONTROLLER_CONFIG, controllerType.getControllerConfigForm( request, getLocale( ), controller ) );
285         model.put( SecurityTokenService.MARK_TOKEN, SecurityTokenService.getInstance( ).getToken( request, ACTION_MODIFY_CONTROLLER ) );
286 
287         setPageTitleProperty( PROPERTY_MODIFY_CONTROLLER_PAGE_TITLE );
288 
289         HtmlTemplate template = AppTemplateService.getTemplate( TEMPLATE_MODIFY_CONTROLLER, getLocale( ), model );
290 
291         return getAdminPage( template.getHtml( ) );
292     }
293 
294     /**
295      * Do the modificaqtion form of a accesscontroller whose identifier is in the http request
296      *
297      * @param request
298      *            The Http request
299      * @return the html code to confirm
300      */
301     @Action( ACTION_MODIFY_CONTROLLER )
302     public String doModifyConfigController( HttpServletRequest request ) throws AccessDeniedException
303     {
304         int nId = Integer.parseInt( request.getParameter( PARAMETER_ID_CONTROLLER ) );
305 
306         AccessController controller = AccessControllerHome.findByPrimaryKey( nId );
307         if ( controller == null )
308         {
309             throw new AccessDeniedException( "AccessController not found for ID " + nId );
310         }
311 
312         if ( request.getParameter( PARAMETER_CANCEL ) == null )
313         {
314             IAccessControllerType controllerType = SpringContextService.getBean( controller.getType( ) );
315             if ( controllerType == null )
316             {
317                 throw new AccessDeniedException( "Unknown controller type " + controller.getType( ) );
318             }
319 
320             controllerType.saveControllerConfig( request, getLocale( ), controller );
321             String action = request.getParameter( PARAMETER_ACTION );
322             if ( action != null )
323             {
324                 return redirect( request, VIEW_MODIFY_CONFIG_CONTROLLER, PARAMETER_ID_CONTROLLER, nId );
325             }
326         }
327         return redirect( request, VIEW_MODIFY_ACCESSCONTROL, PARAMETER_ID_ACCESSCONTROL, controller.getIdAccesscontrol( ) );
328     }
329 
330     /**
331      * Handles the removal form of a accesscontrol
332      *
333      * @param request
334      *            The Http request
335      * @return the jsp URL to display the form to manage accesscontrols
336      */
337     @Action( ACTION_REMOVE_ACCESSCONTROL )
338     public String doRemoveAccessControl( HttpServletRequest request )
339     {
340         int nId = Integer.parseInt( request.getParameter( PARAMETER_ID_ACCESSCONTROL ) );
341 
342         List<AccessController> controllerList = AccessControllerHome.getAccessControllersListByAccessControlId( nId );
343         for ( AccessController controller : controllerList )
344         {
345             _accessControlService.deleteAccessController( controller.getId( ) );
346         }
347         AccessControlHome.remove( nId );
348         addInfo( INFO_ACCESSCONTROL_REMOVED, getLocale( ) );
349 
350         return redirectView( request, VIEW_MANAGE_ACCESSCONTROLS );
351     }
352 
353     /**
354      * Handles the removal form of a accesscontroller
355      *
356      * @param request
357      *            The Http request
358      * @return the jsp URL to display the form to manage accesscontrols
359      */
360     @Action( ACTION_REMOVE_ACCESSCONTROLLER )
361     public String doRemoveAccessController( HttpServletRequest request )
362     {
363         int nId = Integer.parseInt( request.getParameter( PARAMETER_ID_CONTROLLER ) );
364 
365         AccessController controllerToDelete = AccessControllerHome.findByPrimaryKey( nId );
366         int idAccessControl = controllerToDelete.getIdAccesscontrol( );
367 
368         _accessControlService.deleteAccessController( nId );
369         List<AccessController> controllerList = AccessControllerHome.getAccessControllersListByAccessControlId( idAccessControl );
370         int newOrder = 1;
371         for ( AccessController controller : controllerList )
372         {
373             controller.setOrder( newOrder++ );
374             AccessControllerHome.update( controller );
375         }
376         addInfo( INFO_ACCESSCONTROL_REMOVED, getLocale( ) );
377         return redirect( request, VIEW_MODIFY_ACCESSCONTROL, PARAMETER_ID_ACCESSCONTROL, idAccessControl );
378     }
379 
380     /**
381      * Returns the form to update info about a accesscontrol
382      *
383      * @param request
384      *            The Http request
385      * @return The HTML form to update info
386      */
387     @View( VIEW_MODIFY_ACCESSCONTROL )
388     public String getModifyAccessControl( HttpServletRequest request )
389     {
390         int nId = Integer.parseInt( request.getParameter( PARAMETER_ID_ACCESSCONTROL ) );
391 
392         AdminUser adminUser = getUser( );
393         Locale locale = getLocale( );
394 
395         if ( _accesControl == null || ( _accesControl.getId( ) != nId ) )
396         {
397             _accesControl = AccessControlHome.findByPrimaryKey( nId );
398         }
399 
400         List<AccessController> listController = AccessControllerHome.getAccessControllersListByAccessControlId( nId );
401         listController.forEach( ac -> ac.setTitle( locale ) );
402 
403         ReferenceList conditionList = new ReferenceList( );
404         for ( BoolCondition bc : BoolCondition.values( ) )
405         {
406             conditionList.addItem( bc.name( ), bc.getLabel( locale ) );
407         }
408 
409         Map<String, Object> model = getModel( );
410         model.put( MARK_ACCESSCONTROL, _accesControl );
411         model.put( MARK_CONDITION_LIST, conditionList );
412         model.put( MARK_USER_WORKGROUP_REF_LIST, AdminWorkgroupService.getUserWorkgroups( adminUser, locale ) );
413         model.put( MARK_CONTROLLER_LIST, listController );
414         model.put( MARK_CONTROLLER_TYPE_LIST, _accessControlService.createAccessControllerReferenceList( locale ) );
415         model.put( SecurityTokenService.MARK_TOKEN, SecurityTokenService.getInstance( ).getToken( request, ACTION_MODIFY_ACCESSCONTROL ) );
416 
417         return getPage( PROPERTY_PAGE_TITLE_MODIFY_ACCESSCONTROL, TEMPLATE_MODIFY_ACCESSCONTROL, model );
418     }
419 
420     /**
421      * Process the change form of a accesscontrol
422      *
423      * @param request
424      *            The Http request
425      * @return The Jsp URL of the process result
426      * @throws AccessDeniedException
427      */
428     @Action( ACTION_MODIFY_ACCESSCONTROL )
429     public String doModifyAccessControl( HttpServletRequest request ) throws AccessDeniedException
430     {
431 
432         if ( request.getParameter( PARAMETER_CANCEL ) == null )
433         {
434             populate( _accesControl, request, getLocale( ) );
435 
436             if ( !SecurityTokenService.getInstance( ).validate( request, ACTION_MODIFY_ACCESSCONTROL ) )
437             {
438                 throw new AccessDeniedException( "Invalid security token" );
439             }
440 
441             // Check constraints
442             if ( !validateBean( _accesControl, VALIDATION_ATTRIBUTES_PREFIX ) )
443             {
444                 return redirect( request, VIEW_MODIFY_ACCESSCONTROL, PARAMETER_ID_ACCESSCONTROL, _accesControl.getId( ) );
445             }
446 
447             AccessControlHome.update( _accesControl );
448             addInfo( INFO_ACCESSCONTROL_UPDATED, getLocale( ) );
449         }
450         return redirectView( request, VIEW_MANAGE_ACCESSCONTROLS );
451     }
452 
453     /**
454      * Enables the accesscontrol
455      *
456      * @param request
457      *            The Http Request
458      * @return The Jsp URL of the process result
459      */
460     @Action( ACTION_ENABLE_ACCESSCONTROL )
461     public String doEnableAccessControl( HttpServletRequest request )
462     {
463         int nId = Integer.parseInt( request.getParameter( PARAMETER_ID_ACCESSCONTROL ) );
464 
465         AccessControl accessControl = AccessControlHome.findByPrimaryKey( nId );
466         if ( accessControl != null )
467         {
468             accessControl.setEnabled( true );
469             AccessControlHome.update( accessControl );
470         }
471         return redirectView( request, VIEW_MANAGE_ACCESSCONTROLS );
472     }
473 
474     /**
475      * Disables the accesscontrol
476      *
477      * @param request
478      *            The Http Request
479      * @return The Jsp URL of the process result
480      */
481     @Action( ACTION_DISABLE_ACCESSCONTROL )
482     public String doDisableAccessControl( HttpServletRequest request )
483     {
484         int nId = Integer.parseInt( request.getParameter( PARAMETER_ID_ACCESSCONTROL ) );
485 
486         AccessControl accessControl = AccessControlHome.findByPrimaryKey( nId );
487         if ( accessControl != null )
488         {
489             accessControl.setEnabled( false );
490             AccessControlHome.update( accessControl );
491         }
492         return redirectView( request, VIEW_MANAGE_ACCESSCONTROLS );
493     }
494 
495     /**
496      * Create a new {@link AccessController}
497      * 
498      * @param request
499      * @return
500      */
501     @Action( ACTION_CREATE_CONTROLLER )
502     public String doCreateController( HttpServletRequest request )
503     {
504         int nId = Integer.parseInt( request.getParameter( PARAMETER_ID_ACCESSCONTROL ) );
505 
506         AccessControl accessControl = AccessControlHome.findByPrimaryKey( nId );
507         if ( accessControl != null )
508         {
509             AccessControllerl/business/AccessController.html#AccessController">AccessController controller = new AccessController( );
510             controller.setIdAccesscontrol( nId );
511             controller.setType( request.getParameter( PARAMETER_CONTROLLER_TYPE ) );
512             controller.setBoolCond( BoolCondition.AND.name( ) );
513 
514             List<AccessController> listController = AccessControllerHome.getAccessControllersListByAccessControlId( nId );
515 
516             int maxOrder = listController.stream( ).max( Comparator.comparingInt( AccessController::getOrder ) ).map( AccessController::getOrder ).orElse( 0 );
517             controller.setOrder( maxOrder + 1 );
518             AccessControllerHome.create( controller );
519 
520         }
521 
522         return redirect( request, VIEW_MODIFY_ACCESSCONTROL, PARAMETER_ID_ACCESSCONTROL, nId );
523     }
524 
525     /**
526      * Change the condition of the controller
527      * 
528      * @param request
529      * @return
530      */
531     @Action( ACTION_CHANGE_CONDITON )
532     public String doChangeControllerCondition( HttpServletRequest request )
533     {
534         int nIdController = Integer.parseInt( request.getParameter( PARAMETER_ID_CONTROLLER ) );
535         AccessController controller = AccessControllerHome.findByPrimaryKey( nIdController );
536         if ( controller != null )
537         {
538             controller.setBoolCond( request.getParameter( PARAMETER_BOOL_CONDITON ) );
539             AccessControllerHome.update( controller );
540         }
541 
542         int nId = Integer.parseInt( request.getParameter( PARAMETER_ID_ACCESSCONTROL ) );
543         return redirect( request, VIEW_MODIFY_ACCESSCONTROL, PARAMETER_ID_ACCESSCONTROL, nId );
544     }
545 
546     /**
547      * Change the order of the controller
548      * 
549      * @param request
550      * @return
551      */
552     @Action( ACTION_CHANGE_ORDER )
553     public String doChangeControllerOrder( HttpServletRequest request )
554     {
555         int nId = Integer.parseInt( request.getParameter( PARAMETER_ID_ACCESSCONTROL ) );
556         int nIdController = Integer.parseInt( request.getParameter( PARAMETER_ID_CONTROLLER ) );
557         AccessController controllerToChange = AccessControllerHome.findByPrimaryKey( nIdController );
558         if ( controllerToChange == null )
559         {
560             return redirect( request, VIEW_MODIFY_ACCESSCONTROL, PARAMETER_ID_ACCESSCONTROL, nId );
561         }
562 
563         int nOrderToSet = Integer.parseInt( request.getParameter( PARAMETER_ORDER ) );
564         List<AccessController> controllerList = AccessControllerHome.getAccessControllersListByAccessControlId( nId );
565 
566         // order goes up
567         if ( nOrderToSet < controllerToChange.getOrder( ) )
568         {
569             controllerList = controllerList.stream( ).filter( ac -> ac.getOrder( ) >= nOrderToSet && ac.getOrder( ) < controllerToChange.getOrder( ) )
570                     .collect( Collectors.toList( ) );
571             for ( AccessController controller : controllerList )
572             {
573                 if ( controller.getOrder( ) < controllerToChange.getOrder( ) )
574                 {
575                     controller.setOrder( controller.getOrder( ) + 1 );
576                     AccessControllerHome.update( controller );
577                 }
578             }
579         }
580         // order goes down
581         else
582             if ( nOrderToSet > controllerToChange.getOrder( ) )
583             {
584                 controllerList = controllerList.stream( ).filter( ac -> ac.getOrder( ) < nOrderToSet && ac.getOrder( ) > controllerToChange.getOrder( ) )
585                         .collect( Collectors.toList( ) );
586                 for ( AccessController controller : controllerList )
587                 {
588                     if ( controller.getOrder( ) > controllerToChange.getOrder( ) )
589                     {
590                         controller.setOrder( controller.getOrder( ) - 1 );
591                         AccessControllerHome.update( controller );
592                     }
593                 }
594             }
595         controllerToChange.setOrder( nOrderToSet );
596         AccessControllerHome.update( controllerToChange );
597 
598         return redirect( request, VIEW_MODIFY_ACCESSCONTROL, PARAMETER_ID_ACCESSCONTROL, nId );
599     }
600 }