View Javadoc
1   /*
2    * Copyright (c) 2002-2020, City of Paris
3    * All rights reserved.
4    *
5    * Redistribution and use in source and binary forms, with or without
6    * modification, are permitted provided that the following conditions
7    * are met:
8    *
9    *  1. Redistributions of source code must retain the above copyright notice
10   *     and the following disclaimer.
11   *
12   *  2. Redistributions in binary form must reproduce the above copyright notice
13   *     and the following disclaimer in the documentation and/or other materials
14   *     provided with the distribution.
15   *
16   *  3. Neither the name of 'Mairie de Paris' nor 'Lutece' nor the names of its
17   *     contributors may be used to endorse or promote products derived from
18   *     this software without specific prior written permission.
19   *
20   * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
21   * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22   * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23   * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE
24   * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
25   * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
26   * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
27   * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
28   * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
29   * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
30   * POSSIBILITY OF SUCH DAMAGE.
31   *
32   * License 1.0
33   */
34  package fr.paris.lutece.plugins.announce.web;
35  
36  import java.util.Collection;
37  import java.util.HashMap;
38  import java.util.List;
39  import java.util.Map;
40  
41  import javax.servlet.http.HttpServletRequest;
42  
43  import org.apache.commons.lang.StringUtils;
44  
45  import fr.paris.lutece.plugins.announce.business.Sector;
46  import fr.paris.lutece.plugins.announce.business.SectorHome;
47  import fr.paris.lutece.plugins.announce.service.SectorResourceIdService;
48  import fr.paris.lutece.plugins.announce.utils.AnnounceUtils;
49  import fr.paris.lutece.portal.business.rbac.RBAC;
50  import fr.paris.lutece.portal.service.admin.AccessDeniedException;
51  import fr.paris.lutece.portal.service.message.AdminMessage;
52  import fr.paris.lutece.portal.service.message.AdminMessageService;
53  import fr.paris.lutece.portal.service.plugin.Plugin;
54  import fr.paris.lutece.portal.service.rbac.RBACService;
55  import fr.paris.lutece.portal.service.template.AppTemplateService;
56  import fr.paris.lutece.portal.service.util.AppPropertiesService;
57  import fr.paris.lutece.portal.web.admin.PluginAdminPageJspBean;
58  import fr.paris.lutece.portal.web.constants.Messages;
59  import fr.paris.lutece.util.ReferenceList;
60  import fr.paris.lutece.util.html.AbstractPaginator;
61  import fr.paris.lutece.util.html.HtmlTemplate;
62  import fr.paris.lutece.util.html.Paginator;
63  import fr.paris.lutece.util.url.UrlItem;
64  
65  /**
66   * This class provides the user interface to manage sector features ( manage, create, modify, remove )
67   */
68  public class SectorJspBean extends PluginAdminPageJspBean
69  {
70      /**
71       * Right to manage this feature
72       */
73      public static final String RIGHT_MANAGE_ANNOUNCE = "ANNOUNCE_MANAGEMENT";
74      private static final long serialVersionUID = 4236427473368477581L;
75  
76      /* parameter */
77      private static final String PARAMETER_PAGE_INDEX = "page_index";
78      private static final String PARAMETER_FIELD_ID = "sector_id";
79      private static final String PARAMETER_FIELD_LABEL = "sector_label";
80      private static final String PARAMETER_FIELD_DESCRIPTION = "sector_description";
81      private static final String PARAMETER_FIELD_ANNOUNCES_VALIDATION = "sector_announces_validation";
82      private static final String CHECKBOX_ON = "on";
83      private static final String PARAMETER_FIELD_ORDER = "sector_order";
84      private static final String PARAMETER_TAGS = "tags";
85      private static final String UNAUTHORIZED = "Unauthorized";
86  
87      /* properties */
88      private static final String PROPERTY_PAGE_TITLE_MANAGE_FIELDS = "announce.manage_sector.pageTitle";
89      private static final String PROPERTY_PAGE_TITLE_CREATE_FIELD = "announce.create_sector.pageTitle";
90      private static final String PROPERTY_PAGE_TITLE_MODIFY_FIELD = "announce.modify_sector.pageTitle";
91      private static final String PROPERTY_DEFAULT_LIST_FIELD_PER_PAGE = "announce.sector.itemsPerPage";
92  
93      /* templates */
94      private static final String TEMPLATE_MANAGE_FIELDS = "admin/plugins/announce/manage_sectors.html";
95      private static final String TEMPLATE_CREATE_FIELD = "admin/plugins/announce/create_sector.html";
96      private static final String TEMPLATE_MODIFY_FIELD = "admin/plugins/announce/modify_sector.html";
97  
98      /* Jsp Definition */
99      private static final String JSP_DO_REMOVE_FIELD = "jsp/admin/plugins/announce/DoRemoveSector.jsp";
100     private static final String JSP_MANAGE_FIELDS = "jsp/admin/plugins/announce/ManageSectors.jsp";
101     private static final String JSP_REDIRECT_TO_MANAGE_FIELDS = "ManageSectors.jsp";
102 
103     /* Messages */
104     private static final String MESSAGE_CONFIRM_REMOVE_FIELD = "announce.message.confirmRemoveSector";
105     private static final String MESSAGE_CANNOT_REMOVE_FIELD = "announce.message.cannotRemoveSector";
106 
107     /* Markers */
108     private static final String MARK_FIELD = "sector";
109     private static final String MARK_LIST_FIELDS = "list_sectors";
110     private static final String MARK_PAGINATOR = "paginator";
111     private static final String MARK_NB_ITEMS_PER_PAGE = "nb_items_per_page";
112     private static final String MARK_FIELD_ORDER_LIST = "sector_order_list";
113 
114     /* Misc */
115     private static final String REGEX_ID = "^[\\d]+$";
116 
117     /* Variables */
118     private String _strCurrentPageIndex;
119     private int _nItemsPerPage;
120 
121     /**
122      * {@inheritDoc}
123      */
124     @Override
125     public Plugin getPlugin( )
126     {
127         Plugin plugin = super.getPlugin( );
128 
129         if ( plugin == null )
130         {
131             plugin = AnnounceUtils.getPlugin( );
132         }
133 
134         return plugin;
135     }
136 
137     /**
138      * Returns the list of sector
139      *
140      * @param request
141      *            The Http request
142      * @return the sectors list
143      */
144     public String getManageSectors( HttpServletRequest request )
145     {
146         setPageTitleProperty( PROPERTY_PAGE_TITLE_MANAGE_FIELDS );
147 
148         _strCurrentPageIndex = AbstractPaginator.getPageIndex( request, AbstractPaginator.PARAMETER_PAGE_INDEX, _strCurrentPageIndex );
149         int defaultItemsPerPage = AppPropertiesService.getPropertyInt( PROPERTY_DEFAULT_LIST_FIELD_PER_PAGE, 50 );
150         _nItemsPerPage = AbstractPaginator.getItemsPerPage( request, AbstractPaginator.PARAMETER_ITEMS_PER_PAGE, _nItemsPerPage, defaultItemsPerPage );
151 
152         Collection<Sector> listSectors = SectorHome.findAll( );
153 
154         Paginator<Sector> paginator = new Paginator<>( (List<Sector>) listSectors, _nItemsPerPage, getUrlPage( ), PARAMETER_PAGE_INDEX, _strCurrentPageIndex );
155 
156         Map<String, Object> model = new HashMap<>( );
157 
158         model.put( MARK_NB_ITEMS_PER_PAGE, "" + _nItemsPerPage );
159         model.put( MARK_PAGINATOR, paginator );
160         model.put( MARK_LIST_FIELDS, paginator.getPageItems( ) );
161         model.put( MARK_FIELD_ORDER_LIST, getSectorOrderList( ) );
162 
163         HtmlTemplate templateList = AppTemplateService.getTemplate( TEMPLATE_MANAGE_FIELDS, getLocale( ), model );
164 
165         return getAdminPage( templateList.getHtml( ) );
166     }
167 
168     /**
169      * Returns the form to create a sector
170      * 
171      * @return the html code of the sector form
172      * @param request
173      *            The Http request
174      * @throws fr.paris.lutece.portal.service.admin.AccessDeniedException
175      *             access denied exception
176      */
177     public String getCreateSector( HttpServletRequest request ) throws AccessDeniedException
178     {
179         if ( !RBACService.isAuthorized( Sector.RESOURCE_TYPE, RBAC.WILDCARD_RESOURCES_ID, SectorResourceIdService.PERMISSION_CREATE, getUser( ) ) )
180         {
181             throw new AccessDeniedException( UNAUTHORIZED );
182         }
183 
184         setPageTitleProperty( PROPERTY_PAGE_TITLE_CREATE_FIELD );
185 
186         Collection<Sector> listSectors = SectorHome.findAll( );
187 
188         HashMap<String, Object> model = new HashMap<>( );
189         model.put( MARK_LIST_FIELDS, listSectors );
190 
191         HtmlTemplate template = AppTemplateService.getTemplate( TEMPLATE_CREATE_FIELD, getLocale( ), model );
192 
193         return getAdminPage( template.getHtml( ) );
194     }
195 
196     /**
197      * Process the data capture form of a new sector
198      * 
199      * @return The Jsp URL of the process result
200      * @param request
201      *            The Http Request
202      * @throws fr.paris.lutece.portal.service.admin.AccessDeniedException
203      *             access denied exception
204      */
205     public String doCreateSector( HttpServletRequest request ) throws AccessDeniedException
206     {
207         if ( !RBACService.isAuthorized( Sector.RESOURCE_TYPE, RBAC.WILDCARD_RESOURCES_ID, SectorResourceIdService.PERMISSION_CREATE, getUser( ) ) )
208         {
209             throw new AccessDeniedException( UNAUTHORIZED );
210         }
211 
212         String strSectorLabel = request.getParameter( PARAMETER_FIELD_LABEL );
213         String strSectorDescription = request.getParameter( PARAMETER_FIELD_DESCRIPTION );
214         String strTags = request.getParameter( PARAMETER_TAGS );
215 
216         String strAnnouncesValidation = request.getParameter( PARAMETER_FIELD_ANNOUNCES_VALIDATION );
217 
218         Sectors/announce/business/Sector.html#Sector">Sector sector = new Sector( );
219         sector.setLabel( strSectorLabel );
220         sector.setDescription( strSectorDescription );
221         sector.setTags( strTags );
222 
223         if ( strAnnouncesValidation == null )
224         {
225             sector.setAnnouncesValidation( false );
226         }
227         else
228             if ( strAnnouncesValidation.equals( CHECKBOX_ON ) )
229             {
230                 sector.setAnnouncesValidation( true );
231             }
232 
233         // Mandatory sectors
234         if ( ( strSectorLabel == null ) || ( strSectorDescription == null ) || strSectorDescription.equals( "" ) || strSectorLabel.equals( "" ) )
235         {
236             return AdminMessageService.getMessageUrl( request, Messages.MANDATORY_FIELDS, AdminMessage.TYPE_STOP );
237         }
238 
239         SectorHome.create( sector, getPlugin( ) );
240 
241         // if the operation occurred well, redirects towards the list
242         return JSP_REDIRECT_TO_MANAGE_FIELDS;
243     }
244 
245     /**
246      * Returns the form to update info about a sector
247      * 
248      * @return The HTML form to update info
249      * @param request
250      *            The Http request
251      * @throws fr.paris.lutece.portal.service.admin.AccessDeniedException
252      *             access denied exception
253      */
254     public String getModifySector( HttpServletRequest request ) throws AccessDeniedException
255     {
256         setPageTitleProperty( PROPERTY_PAGE_TITLE_MODIFY_FIELD );
257 
258         Sector sector = getAuthorizedSector( request, SectorResourceIdService.PERMISSION_MODIFY );
259         HashMap<String, Object> model = new HashMap<>( );
260         model.put( MARK_FIELD, sector );
261 
262         HtmlTemplate template = AppTemplateService.getTemplate( TEMPLATE_MODIFY_FIELD, getLocale( ), model );
263 
264         return getAdminPage( template.getHtml( ) );
265     }
266 
267     /**
268      * Process the change form of a sector
269      * 
270      * @return The Jsp URL of the process result
271      * @param request
272      *            The Http request
273      * @throws fr.paris.lutece.portal.service.admin.AccessDeniedException
274      *             access denied exception
275      */
276     public String doModifySector( HttpServletRequest request ) throws AccessDeniedException
277     {
278         String strSectorLabel = request.getParameter( PARAMETER_FIELD_LABEL );
279         String strSectorDescription = request.getParameter( PARAMETER_FIELD_DESCRIPTION );
280         String strAnnouncesValidation = request.getParameter( PARAMETER_FIELD_ANNOUNCES_VALIDATION );
281         String strTags = request.getParameter( PARAMETER_TAGS );
282 
283         // Mandatory sectors
284         if ( StringUtils.isEmpty( strSectorLabel ) || StringUtils.isEmpty( strSectorDescription ) )
285         {
286             return AdminMessageService.getMessageUrl( request, Messages.MANDATORY_FIELDS, AdminMessage.TYPE_STOP );
287         }
288 
289         Sector sector = getAuthorizedSector( request, SectorResourceIdService.PERMISSION_MODIFY );
290 
291         if ( strAnnouncesValidation == null )
292         {
293             sector.setAnnouncesValidation( false );
294         }
295         else
296             if ( strAnnouncesValidation.equals( CHECKBOX_ON ) )
297             {
298                 sector.setAnnouncesValidation( true );
299             }
300 
301         sector.setLabel( strSectorLabel );
302         sector.setDescription( strSectorDescription );
303         sector.setTags( strTags );
304         SectorHome.update( sector, getPlugin( ) );
305 
306         // if the operation occurred well, redirects towards the list
307         return JSP_REDIRECT_TO_MANAGE_FIELDS;
308     }
309 
310     /**
311      * Manages the removal form of a sector whose identifier is in the http request
312      * 
313      * @return the html code to confirm
314      * @param request
315      *            The Http request
316      * @throws fr.paris.lutece.portal.service.admin.AccessDeniedException
317      *             access denied exception
318      */
319     public String getConfirmRemoveSector( HttpServletRequest request ) throws AccessDeniedException
320     {
321         int nIdSector = Integer.parseInt( request.getParameter( PARAMETER_FIELD_ID ) );
322         Sector sector = getAuthorizedSector( request, SectorResourceIdService.PERMISSION_DELETE );
323 
324         if ( sector.getNumberCategories( ) == 0 )
325         {
326             UrlItem url = new UrlItem( JSP_DO_REMOVE_FIELD );
327             url.addParameter( PARAMETER_FIELD_ID, nIdSector );
328 
329             return AdminMessageService.getMessageUrl( request, MESSAGE_CONFIRM_REMOVE_FIELD, url.getUrl( ), AdminMessage.TYPE_CONFIRMATION );
330         }
331 
332         return AdminMessageService.getMessageUrl( request, MESSAGE_CANNOT_REMOVE_FIELD, AdminMessage.TYPE_STOP );
333     }
334 
335     /**
336      * Treats the removal form of a sector
337      * 
338      * @return the jsp URL to display the form to manage sectors
339      * @param request
340      *            The Http request
341      * @throws fr.paris.lutece.portal.service.admin.AccessDeniedException
342      *             access denied exception
343      */
344     public String doDeleteSector( HttpServletRequest request ) throws AccessDeniedException
345     {
346         int nIdSector = Integer.parseInt( request.getParameter( PARAMETER_FIELD_ID ) );
347 
348         Sector sector = getAuthorizedSector( request, SectorResourceIdService.PERMISSION_DELETE );
349         int nOrder = SectorHome.getOrderById( nIdSector );
350         int nNewOrder = SectorHome.getMaxOrderSector( );
351         modifySectorOrder( nOrder, nNewOrder, nIdSector );
352         SectorHome.remove( sector, getPlugin( ) );
353 
354         // if the operation occurred well, redirects towards the list
355         return JSP_REDIRECT_TO_MANAGE_FIELDS;
356     }
357 
358     /**
359      * Modifies the order in the list of contactLists
360      *
361      * @param request
362      *            The Http request
363      * @return The Jsp URL of the process result
364      */
365     public String doModifySectorOrder( HttpServletRequest request )
366     {
367         int nIdSector = Integer.parseInt( request.getParameter( PARAMETER_FIELD_ID ) );
368 
369         int nOrder = SectorHome.getOrderById( nIdSector );
370         int nNewOrder = Integer.parseInt( request.getParameter( PARAMETER_FIELD_ORDER ) );
371         modifySectorOrder( nOrder, nNewOrder, nIdSector );
372 
373         return JSP_REDIRECT_TO_MANAGE_FIELDS;
374     }
375 
376     /**
377      * Builts a list of sequence numbers
378      * 
379      * @return the list of sequence numbers
380      */
381     private ReferenceList getSectorOrderList( )
382     {
383         int nMax = SectorHome.getMaxOrderSector( );
384         ReferenceList list = new ReferenceList( );
385 
386         for ( int i = 1; i < ( nMax + 1 ); i++ )
387         {
388             list.addItem( i, Integer.toString( i ) );
389         }
390 
391         return list;
392     }
393 
394     /**
395      * Modify the place in the list for sector
396      * 
397      * @param nOrder
398      *            the actual place in the list
399      * @param nNewOrder
400      *            the new place in the list
401      * @param nIdSector
402      *            the id of the sector
403      */
404     private void modifySectorOrder( int nOrder, int nNewOrder, int nIdSector )
405     {
406         if ( nNewOrder < nOrder )
407         {
408             for ( int i = nOrder - 1; i > ( nNewOrder - 1 ); i-- )
409             {
410                 int nIdSectorOrder = SectorHome.getIdByOrder( i );
411                 SectorHome.updateOrder( i + 1, nIdSectorOrder );
412             }
413 
414             SectorHome.updateOrder( nNewOrder, nIdSector );
415         }
416         else
417         {
418             for ( int i = nOrder; i < ( nNewOrder + 1 ); i++ )
419             {
420                 int nIdSectorOrder = SectorHome.getIdByOrder( i );
421                 SectorHome.updateOrder( i - 1, nIdSectorOrder );
422             }
423 
424             SectorHome.updateOrder( nNewOrder, nIdSector );
425         }
426     }
427 
428     /**
429      * Return UrlPage Url
430      * 
431      * @return url
432      */
433     private String getUrlPage( )
434     {
435         UrlItem url = new UrlItem( JSP_MANAGE_FIELDS );
436 
437         return url.getUrl( );
438     }
439 
440     /**
441      * Get the authorized Sector
442      *
443      * @param request
444      *            The {@link HttpServletRequest}
445      * @param strPermissionType
446      *            The type of permission (see {@link SectorResourceIdService} class)
447      * @return The sector or null if user have no access
448      * @throws AccessDeniedException
449      *             If the user is not authorized to access this feature
450      */
451     private Sector getAuthorizedSector( HttpServletRequest request, String strPermissionType ) throws AccessDeniedException
452     {
453         String strIdSector = request.getParameter( PARAMETER_FIELD_ID );
454 
455         if ( ( strIdSector == null ) || !strIdSector.matches( REGEX_ID ) )
456         {
457             throw new AccessDeniedException( UNAUTHORIZED );
458         }
459 
460         int nIdSector = Integer.parseInt( strIdSector );
461         Sector sector = SectorHome.findByPrimaryKey( nIdSector );
462 
463         if ( ( sector == null ) || !RBACService.isAuthorized( Sector.RESOURCE_TYPE, String.valueOf( sector.getId( ) ), strPermissionType, getUser( ) ) )
464         {
465             throw new AccessDeniedException( UNAUTHORIZED );
466         }
467 
468         return sector;
469     }
470 }