View Javadoc
1   /*
2    * Copyright (c) 2002-2022, City of Paris
3    * All rights reserved.
4    *
5    * Redistribution and use in source and binary forms, with or without
6    * modification, are permitted provided that the following conditions
7    * are met:
8    *
9    *  1. Redistributions of source code must retain the above copyright notice
10   *     and the following disclaimer.
11   *
12   *  2. Redistributions in binary form must reproduce the above copyright notice
13   *     and the following disclaimer in the documentation and/or other materials
14   *     provided with the distribution.
15   *
16   *  3. Neither the name of 'Mairie de Paris' nor 'Lutece' nor the names of its
17   *     contributors may be used to endorse or promote products derived from
18   *     this software without specific prior written permission.
19   *
20   * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
21   * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22   * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23   * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE
24   * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
25   * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
26   * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
27   * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
28   * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
29   * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
30   * POSSIBILITY OF SUCH DAMAGE.
31   *
32   * License 1.0
33   */
34  package fr.paris.lutece.plugins.profiles.web;
35  
36  import fr.paris.lutece.api.user.User;
37  import fr.paris.lutece.plugins.profiles.business.Profile;
38  import fr.paris.lutece.plugins.profiles.business.ProfileAction;
39  import fr.paris.lutece.plugins.profiles.business.ProfileFilter;
40  import fr.paris.lutece.plugins.profiles.business.views.View;
41  import fr.paris.lutece.plugins.profiles.service.IProfilesService;
42  import fr.paris.lutece.plugins.profiles.service.ProfilesPlugin;
43  import fr.paris.lutece.plugins.profiles.service.ProfilesResourceIdService;
44  import fr.paris.lutece.plugins.profiles.service.action.IProfileActionService;
45  import fr.paris.lutece.plugins.profiles.service.views.IViewsService;
46  import fr.paris.lutece.plugins.profiles.utils.constants.ProfilesConstants;
47  import fr.paris.lutece.portal.business.rbac.RBACRole;
48  import fr.paris.lutece.portal.business.rbac.RBACRoleHome;
49  import fr.paris.lutece.portal.business.rbac.RBAC;
50  import fr.paris.lutece.portal.business.right.Level;
51  import fr.paris.lutece.portal.business.right.LevelHome;
52  import fr.paris.lutece.portal.business.right.Right;
53  import fr.paris.lutece.portal.business.right.RightHome;
54  import fr.paris.lutece.portal.business.user.AdminUser;
55  import fr.paris.lutece.portal.business.user.AdminUserHome;
56  import fr.paris.lutece.portal.business.user.attribute.AttributeField;
57  import fr.paris.lutece.portal.business.user.attribute.IAttribute;
58  import fr.paris.lutece.portal.business.workgroup.AdminWorkgroup;
59  import fr.paris.lutece.portal.business.workgroup.AdminWorkgroupFilter;
60  import fr.paris.lutece.portal.business.workgroup.AdminWorkgroupHome;
61  import fr.paris.lutece.portal.service.admin.AdminUserService;
62  import fr.paris.lutece.portal.service.i18n.I18nService;
63  import fr.paris.lutece.portal.service.message.AdminMessage;
64  import fr.paris.lutece.portal.service.message.AdminMessageService;
65  import fr.paris.lutece.portal.service.rbac.RBACService;
66  import fr.paris.lutece.portal.service.spring.SpringContextService;
67  import fr.paris.lutece.portal.service.template.AppTemplateService;
68  import fr.paris.lutece.portal.service.user.attribute.AttributeService;
69  import fr.paris.lutece.portal.service.util.AppPathService;
70  import fr.paris.lutece.portal.service.util.AppPropertiesService;
71  import fr.paris.lutece.portal.service.workgroup.AdminWorkgroupResource;
72  import fr.paris.lutece.portal.service.workgroup.AdminWorkgroupService;
73  import fr.paris.lutece.portal.web.admin.PluginAdminPageJspBean;
74  import fr.paris.lutece.portal.web.constants.Messages;
75  import fr.paris.lutece.portal.web.constants.Parameters;
76  import fr.paris.lutece.portal.web.util.LocalizedPaginator;
77  import fr.paris.lutece.util.ReferenceItem;
78  import fr.paris.lutece.util.ReferenceList;
79  import fr.paris.lutece.util.html.AbstractPaginator;
80  import fr.paris.lutece.util.html.HtmlTemplate;
81  import fr.paris.lutece.util.html.ItemNavigator;
82  import fr.paris.lutece.util.sort.AttributeComparator;
83  import fr.paris.lutece.util.string.StringUtil;
84  import fr.paris.lutece.util.url.UrlItem;
85  
86  import java.util.ArrayList;
87  import java.util.Collection;
88  import java.util.Collections;
89  import java.util.HashMap;
90  import java.util.List;
91  import java.util.Map;
92  
93  import javax.servlet.http.HttpServletRequest;
94  
95  import org.apache.commons.lang3.StringUtils;
96  
97  /**
98   *
99   * ProfilesJspBean
100  *
101  */
102 public class ProfilesJspBean extends PluginAdminPageJspBean
103 {
104     private static final long serialVersionUID = 4019088465748996120L;
105 
106     public static final String RIGHT_MANAGE_PROFILES = "PROFILES_MANAGEMENT";
107 
108     // TEMPLATES
109     private static final String TEMPLATE_MANAGE_PROFILES = "admin/plugins/profiles/manage_profiles.html";
110     private static final String TEMPLATE_CREATE_PROFILE = "admin/plugins/profiles/create_profile.html";
111     private static final String TEMPLATE_MODIFY_PROFILE = "admin/plugins/profiles/modify_profile.html";
112     private static final String TEMPLATE_ASSIGN_RIGHTS_PROFILE = "admin/plugins/profiles/assign_rights_profile.html";
113     private static final String TEMPLATE_ASSIGN_WORKGROUPS_PROFILE = "admin/plugins/profiles/assign_workgroups_profile.html";
114     private static final String TEMPLATE_ASSIGN_ROLES_PROFILE = "admin/plugins/profiles/assign_roles_profile.html";
115     private static final String TEMPLATE_ASSIGN_USERS_PROFILE = "admin/plugins/profiles/assign_users_profile.html";
116     private static final String TEMPLATE_ASSIGN_VIEW_PROFILE = "admin/plugins/profiles/assign_view_profile.html";
117 
118     // JSP
119     private static final String JSP_MANAGE_PROFILES = "ManageProfiles.jsp";
120     private static final String JSP_URL_DO_REMOVE_PROFILE = "jsp/admin/plugins/profiles/DoRemoveProfile.jsp";
121     private static final String JSP_URL_MODIFY_PROFILE = "jsp/admin/plugins/profiles/ModifyProfile.jsp";
122     private static final String JSP_URL_ASSIGN_RIGHTS_PROFILE = "jsp/admin/plugins/profiles/AssignRightsProfile.jsp";
123     private static final String JSP_ASSIGN_RIGHTS_PROFILE = "AssignRightsProfile.jsp";
124     private static final String JSP_URL_ASSIGN_WORKGROUPS_PROFILE = "jsp/admin/plugins/profiles/AssignWorkgroupsProfile.jsp";
125     private static final String JSP_ASSIGN_WORKGROUPS_PROFILE = "AssignWorkgroupsProfile.jsp";
126     private static final String JSP_URL_ASSIGN_ROLES_PROFILE = "jsp/admin/plugins/profiles/AssignRolesProfile.jsp";
127     private static final String JSP_ASSIGN_ROLES_PROFILE = "AssignRolesProfile.jsp";
128     private static final String JSP_URL_ASSIGN_USERS_PROFILE = "jsp/admin/plugins/profiles/AssignUsersProfile.jsp";
129     private static final String JSP_ASSIGN_USERS_PROFILE = "AssignUsersProfile.jsp";
130     private static final String JSP_URL_ASSIGN_VIEW_PROFILE = "jsp/admin/plugins/profiles/AssignViewProfile.jsp";
131     private static final String JSP_ASSIGN_VIEW_PROFILE = "AssignViewProfile.jsp";
132 
133     // VARIABLES
134     private int _nItemsPerPage;
135     private int _nDefaultItemsPerPage;
136     private String _strCurrentPageIndex;
137     private Map<String, ItemNavigator> _itemNavigators = new HashMap<>( );
138     private IProfilesService _profilesService = SpringContextService.getBean( ProfilesConstants.BEAN_PROFILES_SERVICE );
139     private IProfileActionService _profileActionService = SpringContextService.getBean( ProfilesConstants.BEAN_PROFILE_ACTION_SERVICE );
140     private IViewsService _viewsService = SpringContextService.getBean( ProfilesConstants.BEAN_VIEWS_SERVICE );
141     private ProfileFilter _pFilter;
142 
143     /**
144      * Return management page of plugin profiles
145      * 
146      * @param request
147      *            The Http request
148      * @return Html management page of plugin profiles
149      */
150     public String getManageProfiles( HttpServletRequest request )
151     {
152         setPageTitleProperty( ProfilesConstants.PROPERTY_MANAGE_PROFILES_PAGETITLE );
153 
154         // Reinit item navigator
155         reinitItemNavigators( );
156 
157         // FILTER
158         _pFilter = new ProfileFilter( );
159 
160         boolean bIsSearch = _pFilter.setFilter( request );
161 
162         List<Profile> filteredProfiles = _profilesService.findProfilesByFilter( _pFilter, getPlugin( ) );
163 
164         // SORT
165         String strSortedAttributeName = request.getParameter( Parameters.SORTED_ATTRIBUTE_NAME );
166         String strAscSort = null;
167 
168         if ( strSortedAttributeName != null )
169         {
170             strAscSort = request.getParameter( Parameters.SORTED_ASC );
171 
172             boolean bIsAscSort = Boolean.parseBoolean( strAscSort );
173 
174             Collections.sort( filteredProfiles, new AttributeComparator( strSortedAttributeName, bIsAscSort ) );
175         }
176 
177         _strCurrentPageIndex = AbstractPaginator.getPageIndex( request, AbstractPaginator.PARAMETER_PAGE_INDEX, _strCurrentPageIndex );
178         _nDefaultItemsPerPage = AppPropertiesService.getPropertyInt( ProfilesConstants.PROPERTY_ITEM_PER_PAGE, 50 );
179         _nItemsPerPage = AbstractPaginator.getItemsPerPage( request, AbstractPaginator.PARAMETER_ITEMS_PER_PAGE, _nItemsPerPage, _nDefaultItemsPerPage );
180 
181         String strURL = getHomeUrl( request );
182         UrlItem url = new UrlItem( strURL );
183 
184         if ( strSortedAttributeName != null )
185         {
186             url.addParameter( Parameters.SORTED_ATTRIBUTE_NAME, strSortedAttributeName );
187         }
188 
189         if ( strAscSort != null )
190         {
191             url.addParameter( Parameters.SORTED_ASC, strAscSort );
192         }
193 
194         String strSortSearchAttribute = StringUtils.EMPTY;
195 
196         if ( bIsSearch )
197         {
198             _pFilter.setUrlAttributes( url );
199             strSortSearchAttribute = ProfilesConstants.AMPERSAND + _pFilter.getUrlAttributes( );
200         }
201 
202         // PAGINATOR
203         LocalizedPaginator<Profile> paginator = new LocalizedPaginator<>( filteredProfiles, _nItemsPerPage, url.getUrl( ),
204                 AbstractPaginator.PARAMETER_PAGE_INDEX, _strCurrentPageIndex, getLocale( ) );
205 
206         // PERMISSIONS
207         for ( Profile profile : filteredProfiles )
208         {
209             List<ProfileAction> listActions = _profileActionService.selectActionsList( getLocale( ), getPlugin( ) );
210             listActions = (List<ProfileAction>) RBACService.getAuthorizedActionsCollection( listActions, profile, (User) getUser( ) );
211             profile.setActions( listActions );
212         }
213 
214         boolean bPermission = RBACService.isAuthorized( Profile.RESOURCE_TYPE, RBAC.WILDCARD_RESOURCES_ID, ProfilesResourceIdService.PERMISSION_CREATE_PROFILE,
215                 (User) getUser( ) );
216 
217         Map<String, Object> model = new HashMap<>( );
218         model.put( ProfilesConstants.MARK_NB_ITEMS_PER_PAGE, StringUtils.EMPTY + _nItemsPerPage );
219         model.put( ProfilesConstants.MARK_PAGINATOR, paginator );
220         model.put( ProfilesConstants.MARK_LIST_PROFILES, paginator.getPageItems( ) );
221         model.put( ProfilesConstants.MARK_SEARCH_FILTER, _pFilter );
222         model.put( ProfilesConstants.MARK_SEARCH_IS_SEARCH, bIsSearch );
223         model.put( ProfilesConstants.MARK_SORT_SEARCH_ATTRIBUTE, strSortSearchAttribute );
224         model.put( ProfilesConstants.MARK_PERMISSION, bPermission );
225 
226         HtmlTemplate templateList = AppTemplateService.getTemplate( TEMPLATE_MANAGE_PROFILES, getLocale( ), model );
227 
228         return getAdminPage( templateList.getHtml( ) );
229     }
230 
231     /* CREATE PROFILE */
232 
233     /**
234      * Returns the profile creation form
235      *
236      * @param request
237      *            The Http request
238      * @return Html creation form
239      */
240     public String getCreateProfile( HttpServletRequest request )
241     {
242         setPageTitleProperty( ProfilesConstants.PROPERTY_CREATE_PROFILE_PAGETITLE );
243 
244         Map<String, Object> model = new HashMap<>( );
245 
246         HtmlTemplate template = AppTemplateService.getTemplate( TEMPLATE_CREATE_PROFILE, getLocale( ), model );
247 
248         return getAdminPage( template.getHtml( ) );
249     }
250 
251     /**
252      * Process the data capture form of a new profile
253      *
254      * @param request
255      *            The HTTP Request
256      * @return The Jsp URL of the process result
257      */
258     public String doCreateProfile( HttpServletRequest request )
259     {
260         if ( !RBACService.isAuthorized( Profile.RESOURCE_TYPE, RBAC.WILDCARD_RESOURCES_ID, ProfilesResourceIdService.PERMISSION_CREATE_PROFILE,
261                 (User) getUser( ) ) )
262         {
263             return AdminMessageService.getMessageUrl( request, Messages.USER_ACCESS_DENIED, AdminMessage.TYPE_STOP );
264         }
265 
266         String strKey = request.getParameter( ProfilesConstants.PARAMETER_PROFILE_KEY );
267         String strDescription = request.getParameter( ProfilesConstants.PARAMETER_PROFILE_DESCRIPTION );
268 
269         if ( StringUtils.isBlank( strKey ) )
270         {
271             return AdminMessageService.getMessageUrl( request, Messages.MANDATORY_FIELDS, AdminMessage.TYPE_STOP );
272         }
273 
274         if ( StringUtils.isBlank( strDescription ) )
275         {
276             return AdminMessageService.getMessageUrl( request, Messages.MANDATORY_FIELDS, AdminMessage.TYPE_STOP );
277         }
278 
279         // Check if profile already exist
280         if ( _profilesService.checkExistProfile( strKey, getPlugin( ) ) )
281         {
282             return AdminMessageService.getMessageUrl( request, ProfilesConstants.MESSAGE_PROFILE_ALREADY_EXISTS, AdminMessage.TYPE_STOP );
283         }
284 
285         // Check if strKey contains accentuated characters
286         if ( !StringUtil.checkCodeKey( strKey ) )
287         {
288             return AdminMessageService.getMessageUrl( request, ProfilesConstants.MESSAGE_ACCENTUATED_CHARACTER, AdminMessage.TYPE_STOP );
289         }
290 
291         Profileprofiles/business/Profile.html#Profile">Profile profile = new Profile( );
292         profile.setKey( strKey.trim( ) );
293         profile.setDescription( strDescription );
294         _profilesService.create( profile, getLocale( ), getPlugin( ) );
295 
296         return JSP_MANAGE_PROFILES;
297     }
298 
299     /* REMOVE PROFILE */
300 
301     /**
302      * Returns the confirmation to remove the profile
303      *
304      * @param request
305      *            The Http request
306      * @return the confirmation page
307      */
308     public String getConfirmRemoveProfile( HttpServletRequest request )
309     {
310         String strProfileKey = request.getParameter( ProfilesConstants.PARAMETER_PROFILE_KEY );
311 
312         UrlItem url = new UrlItem( JSP_URL_DO_REMOVE_PROFILE );
313         url.addParameter( ProfilesConstants.PARAMETER_PROFILE_KEY, strProfileKey );
314 
315         return AdminMessageService.getMessageUrl( request, ProfilesConstants.MESSAGE_CONFIRM_REMOVE_PROFILE, url.getUrl( ), AdminMessage.TYPE_CONFIRMATION );
316     }
317 
318     /**
319      * Remove a profile
320      *
321      * @param request
322      *            The Http request
323      * @return Html form
324      */
325     public String doRemoveProfile( HttpServletRequest request )
326     {
327         String strProfileKey = request.getParameter( ProfilesConstants.PARAMETER_PROFILE_KEY );
328 
329         if ( !RBACService.isAuthorized( Profile.RESOURCE_TYPE, strProfileKey, ProfilesResourceIdService.PERMISSION_DELETE_PROFILE, (User) getUser( ) ) )
330         {
331             return AdminMessageService.getMessageUrl( request, Messages.USER_ACCESS_DENIED, AdminMessage.TYPE_STOP );
332         }
333 
334         // check that no user has this profile
335         if ( _profilesService.checkProfileAttributed( strProfileKey, getPlugin( ) ) )
336         {
337             return AdminMessageService.getMessageUrl( request, ProfilesConstants.PROPERTY_PROFILE_ATTRIBUTED, AdminMessage.TYPE_STOP );
338         }
339 
340         _profilesService.removeRights( strProfileKey, getPlugin( ) );
341         _profilesService.removeWorkgroups( strProfileKey, getPlugin( ) );
342         _profilesService.removeRoles( strProfileKey, getPlugin( ) );
343         _profilesService.removeView( strProfileKey, getPlugin( ) );
344         _profilesService.remove( strProfileKey, getLocale( ), getPlugin( ) );
345 
346         return JSP_MANAGE_PROFILES;
347     }
348 
349     /* MODIFY PROFILE */
350 
351     /**
352      * Returns the form for profile modification
353      *
354      * @param request
355      *            The Http request
356      * @return Html form
357      */
358     public String getModifyProfile( HttpServletRequest request )
359     {
360         setPageTitleProperty( ProfilesConstants.PROPERTY_MODIFY_PROFILE_PAGETITLE );
361 
362         String strProfileKey = request.getParameter( ProfilesConstants.PARAMETER_PROFILE_KEY );
363         Profile profile = _profilesService.findByPrimaryKey( strProfileKey, getPlugin( ) );
364 
365         String strPermission = ProfilesResourceIdService.PERMISSION_MODIFY_PROFILE;
366         boolean bPermission = RBACService.isAuthorized( Profile.RESOURCE_TYPE, strProfileKey, strPermission, (User) getUser( ) );
367         String strBaseUrl = AppPathService.getBaseUrl( request ) + JSP_URL_MODIFY_PROFILE;
368         UrlItem url = new UrlItem( strBaseUrl );
369 
370         // ITEM NAVIGATION
371         setItemNavigator( ProfilesConstants.PARAMETER_MODIFY_PROFILE, profile, url );
372 
373         // PERMISSIONS
374         List<ProfileAction> listActions = _profilesService.getListActions( getUser( ), profile, strPermission, getLocale( ), getPlugin( ) );
375         profile.setActions( listActions );
376 
377         Map<String, Object> model = new HashMap<>( );
378         model.put( ProfilesConstants.MARK_PROFILE, profile );
379         model.put( ProfilesConstants.MARK_ITEM_NAVIGATOR, _itemNavigators.get( ProfilesConstants.PARAMETER_MODIFY_PROFILE ) );
380         model.put( ProfilesConstants.MARK_PERMISSION, bPermission );
381 
382         HtmlTemplate template = AppTemplateService.getTemplate( TEMPLATE_MODIFY_PROFILE, getLocale( ), model );
383 
384         return getAdminPage( template.getHtml( ) );
385     }
386 
387     /**
388      * Update a profile
389      * 
390      * @param request
391      *            The Http request
392      * @return Html form
393      */
394     public String doModifyProfile( HttpServletRequest request )
395     {
396         String strProfileKey = request.getParameter( ProfilesConstants.PARAMETER_PROFILE_KEY );
397 
398         if ( !RBACService.isAuthorized( Profile.RESOURCE_TYPE, strProfileKey, ProfilesResourceIdService.PERMISSION_MODIFY_PROFILE, (User) getUser( ) ) )
399         {
400             return AdminMessageService.getMessageUrl( request, Messages.USER_ACCESS_DENIED, AdminMessage.TYPE_STOP );
401         }
402 
403         String strDescription = request.getParameter( ProfilesConstants.PARAMETER_PROFILE_DESCRIPTION );
404 
405         if ( StringUtils.isBlank( strDescription ) )
406         {
407             return AdminMessageService.getMessageUrl( request, Messages.MANDATORY_FIELDS, AdminMessage.TYPE_STOP );
408         }
409 
410         Profileprofiles/business/Profile.html#Profile">Profile profile = new Profile( );
411         profile.setKey( strProfileKey.trim( ) );
412         profile.setDescription( strDescription );
413         _profilesService.update( profile, getLocale( ), getPlugin( ) );
414 
415         return JSP_MANAGE_PROFILES;
416     }
417 
418     /* ASSIGN RIGHTS */
419 
420     /**
421      * Returns the right assignation form
422      *
423      * @param request
424      *            The Http request
425      * @return the html code for display the modes list
426      */
427     public String getAssignRightsProfile( HttpServletRequest request )
428     {
429         Map<String, Object> model = new HashMap<>( );
430         setPageTitleProperty( ProfilesConstants.PROPERTY_ASSIGN_RIGHTS_PROFILE_PAGETITLE );
431 
432         // PROFILE
433         String strProfileKey = request.getParameter( ProfilesConstants.PARAMETER_PROFILE_KEY );
434         Profile profile = _profilesService.findByPrimaryKey( strProfileKey, getPlugin( ) );
435 
436         // ASSIGNED RIGHTS
437         List<Right> listAssignedRights = new ArrayList<>( );
438 
439         for ( Right right : _profilesService.getRightsListForProfile( strProfileKey, getPlugin( ) ) )
440         {
441             right = RightHome.findByPrimaryKey( right.getId( ) );
442 
443             // Add right with higher level then connected user or add all rights if connected user is administrator
444             if ( ( right != null ) && ( ( right.getLevel( ) > getUser( ).getUserLevel( ) ) || ( getUser( ).isAdmin( ) ) ) )
445             {
446                 right.setLocale( getLocale( ) );
447                 listAssignedRights.add( right );
448             }
449         }
450 
451         // AVAILABLE RIGHTS
452         ReferenceList listAvailableRights = new ReferenceList( );
453         ReferenceItem itemRight = null;
454         boolean bAssigned;
455 
456         for ( Right right : RightHome.getRightsList( ) )
457         {
458             right.setLocale( getLocale( ) );
459             itemRight = new ReferenceItem( );
460             itemRight.setCode( right.getId( ) );
461             itemRight.setName( right.getName( ) + ProfilesConstants.SPACE + ProfilesConstants.OPEN_BRACKET
462                     + I18nService.getLocalizedString( ProfilesConstants.PROPERTY_ASSIGN_RIGHTS_PROFILE_LABEL_LEVEL, getLocale( ) ) + ProfilesConstants.SPACE
463                     + right.getLevel( ) + ProfilesConstants.CLOSED_BRACKET );
464             bAssigned = false;
465 
466             for ( Right assignedRight : listAssignedRights )
467             {
468                 if ( assignedRight.getId( ).equals( itemRight.getCode( ) ) )
469                 {
470                     bAssigned = true;
471 
472                     break;
473                 }
474             }
475 
476             // Add right with higher level then connected user or add all users if connected user is administrator
477             if ( !bAssigned && ( ( right.getLevel( ) > getUser( ).getUserLevel( ) ) || ( getUser( ).isAdmin( ) ) ) )
478             {
479                 listAvailableRights.add( itemRight );
480             }
481         }
482 
483         String strPermission = ProfilesResourceIdService.PERMISSION_MANAGE_RIGHTS_ASSIGNMENT;
484         boolean bPermission = RBACService.isAuthorized( Profile.RESOURCE_TYPE, strProfileKey, strPermission, (User) getUser( ) );
485         String strBaseUrl = AppPathService.getBaseUrl( request ) + JSP_URL_ASSIGN_RIGHTS_PROFILE;
486         UrlItem url = new UrlItem( strBaseUrl );
487 
488         // ITEM NAVIGATION
489         setItemNavigator( ProfilesConstants.PARAMETER_ASSIGN_RIGHT, profile, url );
490 
491         // PERMISSIONS
492         List<ProfileAction> listActions = _profilesService.getListActions( getUser( ), profile, strPermission, getLocale( ), getPlugin( ) );
493         profile.setActions( listActions );
494 
495         model.put( ProfilesConstants.MARK_PROFILE, profile );
496         model.put( ProfilesConstants.MARK_AVAILABLE_LIST, listAvailableRights );
497         model.put( ProfilesConstants.MARK_ASSIGNED_LIST, listAssignedRights );
498         model.put( ProfilesConstants.MARK_ASSIGNED_NUMBER, listAssignedRights.size( ) );
499         model.put( ProfilesConstants.MARK_ITEM_NAVIGATOR, _itemNavigators.get( ProfilesConstants.PARAMETER_ASSIGN_RIGHT ) );
500         model.put( ProfilesConstants.MARK_PERMISSION, bPermission );
501 
502         HtmlTemplate template = AppTemplateService.getTemplate( TEMPLATE_ASSIGN_RIGHTS_PROFILE, getLocale( ), model );
503 
504         return getAdminPage( template.getHtml( ) );
505     }
506 
507     /**
508      * Process the data capture form for assign rights to a profile
509      *
510      * @param request
511      *            The HTTP Request
512      * @return The Jsp URL of the process result
513      */
514     public String doAssignRightsProfile( HttpServletRequest request )
515     {
516         String strActionCancel = request.getParameter( ProfilesConstants.PARAMETER_CANCEL );
517 
518         if ( strActionCancel != null )
519         {
520             return JSP_MANAGE_PROFILES;
521         }
522         String strProfileKey = request.getParameter( ProfilesConstants.PARAMETER_PROFILE_KEY );
523 
524         if ( !RBACService.isAuthorized( Profile.RESOURCE_TYPE, strProfileKey, ProfilesResourceIdService.PERMISSION_MANAGE_RIGHTS_ASSIGNMENT,
525                 (User) getUser( ) ) )
526         {
527             return AdminMessageService.getMessageUrl( request, Messages.USER_ACCESS_DENIED, AdminMessage.TYPE_STOP );
528         }
529 
530         // retrieve the selected portlets ids
531         String [ ] arrayRightsIds = request.getParameterValues( ProfilesConstants.PARAMETER_RIGHTS_LIST );
532 
533         if ( ( arrayRightsIds != null ) )
534         {
535             for ( int i = 0; i < arrayRightsIds.length; i++ )
536             {
537                 if ( _profilesService.hasRight( strProfileKey, arrayRightsIds [i], getPlugin( ) ) )
538                 {
539                     continue;
540                 }
541                 _profilesService.addRightForProfile( strProfileKey, arrayRightsIds [i], getPlugin( ) );
542 
543                 // Update users rights
544                 Right right = RightHome.findByPrimaryKey( arrayRightsIds [i] );
545 
546                 for ( AdminUser user : _profilesService.getUsersListForProfile( strProfileKey, getPlugin( ) ) )
547                 {
548                     if ( !AdminUserHome.hasRight( user, right.getId( ) ) && ( user.getUserLevel( ) <= right.getLevel( ) ) )
549                     {
550                         AdminUserHome.createRightForUser( user.getUserId( ), right.getId( ) );
551                     }
552                 }
553             }
554         }
555 
556         return JSP_ASSIGN_RIGHTS_PROFILE + ProfilesConstants.INTERROGATION_MARK + ProfilesConstants.PARAMETER_PROFILE_KEY + ProfilesConstants.EQUAL
557                 + strProfileKey;
558     }
559 
560     /**
561      * unassigns right from profile
562      * 
563      * @param request
564      *            The HttpRequest
565      * @return the HTML code of list assignations
566      */
567     public String doUnassignRightProfile( HttpServletRequest request )
568     {
569         String strProfileKey = request.getParameter( ProfilesConstants.PARAMETER_PROFILE_KEY );
570 
571         if ( !RBACService.isAuthorized( Profile.RESOURCE_TYPE, strProfileKey, ProfilesResourceIdService.PERMISSION_MANAGE_RIGHTS_ASSIGNMENT,
572                 (User) getUser( ) ) )
573         {
574             return AdminMessageService.getMessageUrl( request, Messages.USER_ACCESS_DENIED, AdminMessage.TYPE_STOP );
575         }
576 
577         String strIdRight = request.getParameter( ProfilesConstants.PARAMETER_ID_RIGHT );
578         String strAnchor = request.getParameter( ProfilesConstants.PARAMETER_ANCHOR );
579 
580         _profilesService.removeRightFromProfile( strProfileKey, strIdRight, getPlugin( ) );
581 
582         // Update users rights
583         Right right = RightHome.findByPrimaryKey( strIdRight );
584 
585         for ( AdminUser user : _profilesService.getUsersListForProfile( strProfileKey, getPlugin( ) ) )
586         {
587             if ( AdminUserHome.hasRight( user, right.getId( ) ) && ( ( user.getUserLevel( ) > getUser( ).getUserLevel( ) ) || getUser( ).isAdmin( ) ) )
588             {
589                 AdminUserHome.removeRightForUser( user.getUserId( ), right.getId( ) );
590             }
591         }
592 
593         return JSP_ASSIGN_RIGHTS_PROFILE + ProfilesConstants.INTERROGATION_MARK + ProfilesConstants.PARAMETER_PROFILE_KEY + ProfilesConstants.EQUAL
594                 + strProfileKey + ProfilesConstants.SHARP + strAnchor;
595     }
596 
597     /* ASSIGN WORKGROUPS */
598 
599     /**
600      * Returns the workgroup assignation form
601      *
602      * @param request
603      *            The Http request
604      * @return the html code for display the modes list
605      */
606     public String getAssignWorkgroupsProfile( HttpServletRequest request )
607     {
608         Map<String, Object> model = new HashMap<>( );
609         setPageTitleProperty( ProfilesConstants.PROPERTY_ASSIGN_WORKGROUPS_PROFILE_PAGETITLE );
610 
611         // PROFILE
612         String strProfileKey = request.getParameter( ProfilesConstants.PARAMETER_PROFILE_KEY );
613         Profile profile = _profilesService.findByPrimaryKey( strProfileKey, getPlugin( ) );
614 
615         // ASSIGNED WORKGROUPS
616         List<AdminWorkgroup> listAssignedWorkgroups = new ArrayList<>( );
617 
618         for ( AdminWorkgroup workgroup : _profilesService.getWorkgroupsListForProfile( strProfileKey, getPlugin( ) ) )
619         {
620             workgroup = AdminWorkgroupHome.findByPrimaryKey( workgroup.getKey( ) );
621 
622             if ( workgroup != null )
623             {
624                 listAssignedWorkgroups.add( workgroup );
625             }
626         }
627 
628         // FILTER
629         AdminWorkgroupFilter awFilter = new AdminWorkgroupFilter( );
630         List<AdminWorkgroup> listFilteredWorkgroups = new ArrayList<>( );
631         boolean bIsSearch = awFilter.setAdminWorkgroupFilter( request );
632         boolean bIsFiltered;
633 
634         for ( AdminWorkgroup filteredWorkgroup : AdminWorkgroupHome.findByFilter( awFilter ) )
635         {
636             bIsFiltered = false;
637 
638             for ( AdminWorkgroup assignedWorkgroup : listAssignedWorkgroups )
639             {
640                 if ( assignedWorkgroup.getKey( ).equals( filteredWorkgroup.getKey( ) ) )
641                 {
642                     bIsFiltered = true;
643 
644                     break;
645                 }
646             }
647 
648             if ( bIsFiltered )
649             {
650                 listFilteredWorkgroups.add( filteredWorkgroup );
651             }
652         }
653 
654         if ( !getUser( ).isAdmin( ) )
655         {
656             listFilteredWorkgroups = (List<AdminWorkgroup>) AdminWorkgroupService
657                     .getAuthorizedCollection( (Collection<? extends AdminWorkgroupResource>) listFilteredWorkgroups, (User) getUser( ) );
658         }
659 
660         // AVAILABLE WORKGROUPS
661         ReferenceList listAvailableWorkgroups = new ReferenceList( );
662         ReferenceItem itemWorkgroup = null;
663         boolean bAssigned;
664 
665         for ( AdminWorkgroup workgroup : AdminWorkgroupHome.findAll( ) )
666         {
667             itemWorkgroup = new ReferenceItem( );
668             itemWorkgroup.setCode( workgroup.getKey( ) );
669             itemWorkgroup.setName( workgroup.getKey( ) );
670             bAssigned = false;
671 
672             for ( AdminWorkgroup assignedWorkgroup : listAssignedWorkgroups )
673             {
674                 if ( assignedWorkgroup.getKey( ).equals( itemWorkgroup.getCode( ) ) )
675                 {
676                     bAssigned = true;
677                 }
678             }
679 
680             if ( !bAssigned )
681             {
682                 listAvailableWorkgroups.add( itemWorkgroup );
683             }
684         }
685 
686         // SORT
687         String strSortedAttributeName = request.getParameter( Parameters.SORTED_ATTRIBUTE_NAME );
688         String strAscSort = null;
689 
690         if ( strSortedAttributeName != null )
691         {
692             strAscSort = request.getParameter( Parameters.SORTED_ASC );
693 
694             boolean bIsAscSort = Boolean.parseBoolean( strAscSort );
695 
696             Collections.sort( listFilteredWorkgroups, new AttributeComparator( strSortedAttributeName, bIsAscSort ) );
697         }
698 
699         _strCurrentPageIndex = AbstractPaginator.getPageIndex( request, AbstractPaginator.PARAMETER_PAGE_INDEX, _strCurrentPageIndex );
700         _nDefaultItemsPerPage = AppPropertiesService.getPropertyInt( ProfilesConstants.PROPERTY_ITEM_PER_PAGE, 50 );
701         _nItemsPerPage = AbstractPaginator.getItemsPerPage( request, AbstractPaginator.PARAMETER_ITEMS_PER_PAGE, _nItemsPerPage, _nDefaultItemsPerPage );
702 
703         String strBaseUrl = AppPathService.getBaseUrl( request ) + JSP_URL_ASSIGN_WORKGROUPS_PROFILE;
704         UrlItem url = new UrlItem( strBaseUrl );
705 
706         if ( strSortedAttributeName != null )
707         {
708             url.addParameter( Parameters.SORTED_ATTRIBUTE_NAME, strSortedAttributeName );
709         }
710 
711         if ( strAscSort != null )
712         {
713             url.addParameter( Parameters.SORTED_ASC, strAscSort );
714         }
715 
716         String strSortSearchAttribute = StringUtils.EMPTY;
717 
718         if ( bIsSearch )
719         {
720             awFilter.setUrlAttributes( url );
721             strSortSearchAttribute = ProfilesConstants.AMPERSAND + awFilter.getUrlAttributes( );
722         }
723 
724         String strPermission = ProfilesResourceIdService.PERMISSION_MANAGE_WORKGROUPS_ASSIGNMENT;
725         boolean bPermission = RBACService.isAuthorized( Profile.RESOURCE_TYPE, strProfileKey, strPermission, (User) getUser( ) );
726 
727         // ITEM NAVIGATION
728         setItemNavigator( ProfilesConstants.PARAMETER_ASSIGN_WORKGROUP, profile, url );
729 
730         // PAGINATOR
731         url.addParameter( ProfilesConstants.PARAMETER_PROFILE_KEY, profile.getKey( ) );
732 
733         LocalizedPaginator<AdminWorkgroup> paginator = new LocalizedPaginator<>( listFilteredWorkgroups, _nItemsPerPage, url.getUrl( ),
734                 AbstractPaginator.PARAMETER_PAGE_INDEX, _strCurrentPageIndex, getLocale( ) );
735 
736         // PERMISSIONS
737         List<ProfileAction> listActions = _profilesService.getListActions( getUser( ), profile, strPermission, getLocale( ), getPlugin( ) );
738         profile.setActions( listActions );
739 
740         model.put( ProfilesConstants.MARK_PROFILE, profile );
741         model.put( ProfilesConstants.MARK_AVAILABLE_LIST, listAvailableWorkgroups );
742         model.put( ProfilesConstants.MARK_ASSIGNED_LIST, paginator.getPageItems( ) );
743         model.put( ProfilesConstants.MARK_ASSIGNED_NUMBER, listAssignedWorkgroups.size( ) );
744         model.put( ProfilesConstants.MARK_ITEM_NAVIGATOR, _itemNavigators.get( ProfilesConstants.PARAMETER_ASSIGN_WORKGROUP ) );
745         model.put( ProfilesConstants.MARK_NB_ITEMS_PER_PAGE, StringUtils.EMPTY + _nItemsPerPage );
746         model.put( ProfilesConstants.MARK_PAGINATOR, paginator );
747         model.put( ProfilesConstants.MARK_SEARCH_IS_SEARCH, bIsSearch );
748         model.put( ProfilesConstants.MARK_SEARCH_FILTER, awFilter );
749         model.put( ProfilesConstants.MARK_SORT_SEARCH_ATTRIBUTE, strSortSearchAttribute );
750         model.put( ProfilesConstants.MARK_PERMISSION, bPermission );
751 
752         HtmlTemplate template = AppTemplateService.getTemplate( TEMPLATE_ASSIGN_WORKGROUPS_PROFILE, getLocale( ), model );
753 
754         return getAdminPage( template.getHtml( ) );
755     }
756 
757     /**
758      * Process the data capture form for assign workgroups to a profile
759      *
760      * @param request
761      *            The HTTP Request
762      * @return The Jsp URL of the process result
763      */
764     public String doAssignWorkgroupsProfile( HttpServletRequest request )
765     {
766         String strActionCancel = request.getParameter( ProfilesConstants.PARAMETER_CANCEL );
767 
768         if ( strActionCancel != null )
769         {
770             return JSP_MANAGE_PROFILES;
771         }
772 
773         String strProfileKey = request.getParameter( ProfilesConstants.PARAMETER_PROFILE_KEY );
774         if ( !RBACService.isAuthorized( Profile.RESOURCE_TYPE, strProfileKey, ProfilesResourceIdService.PERMISSION_MANAGE_WORKGROUPS_ASSIGNMENT,
775                 (User) getUser( ) ) )
776         {
777             return AdminMessageService.getMessageUrl( request, Messages.USER_ACCESS_DENIED, AdminMessage.TYPE_STOP );
778         }
779 
780         // retrieve the selected portlets ids
781         String [ ] arrayWorkgroupsIds = request.getParameterValues( ProfilesConstants.PARAMETER_WORKGROUPS_LIST );
782 
783         if ( arrayWorkgroupsIds != null )
784         {
785             for ( int i = 0; i < arrayWorkgroupsIds.length; i++ )
786             {
787                 if ( _profilesService.hasWorkgroup( strProfileKey, arrayWorkgroupsIds [i], getPlugin( ) ) )
788                 {
789                     continue;
790                 }
791 
792                 _profilesService.addWorkgroupForProfile( strProfileKey, arrayWorkgroupsIds [i], getPlugin( ) );
793 
794                 // Update users workgroups
795                 AdminWorkgroup workgroup = AdminWorkgroupHome.findByPrimaryKey( arrayWorkgroupsIds [i] );
796 
797                 for ( AdminUser user : _profilesService.getUsersListForProfile( strProfileKey, getPlugin( ) ) )
798                 {
799                     if ( !AdminWorkgroupHome.isUserInWorkgroup( user, workgroup.getKey( ) ) )
800                     {
801                         AdminWorkgroupHome.addUserForWorkgroup( user, workgroup.getKey( ) );
802                     }
803                 }
804             }
805         }
806         return JSP_ASSIGN_WORKGROUPS_PROFILE + ProfilesConstants.INTERROGATION_MARK + ProfilesConstants.PARAMETER_PROFILE_KEY + ProfilesConstants.EQUAL
807                 + strProfileKey;
808     }
809 
810     /**
811      * unassigns workgroup from profile
812      * 
813      * @param request
814      *            The HttpRequest
815      * @return the HTML code of list assignations
816      */
817     public String doUnassignWorkgroupProfile( HttpServletRequest request )
818     {
819         String strProfileKey = request.getParameter( ProfilesConstants.PARAMETER_PROFILE_KEY );
820 
821         if ( !RBACService.isAuthorized( Profile.RESOURCE_TYPE, strProfileKey, ProfilesResourceIdService.PERMISSION_MANAGE_WORKGROUPS_ASSIGNMENT,
822                 (User) getUser( ) ) )
823         {
824             return AdminMessageService.getMessageUrl( request, Messages.USER_ACCESS_DENIED, AdminMessage.TYPE_STOP );
825         }
826 
827         String strWorkgroupKey = request.getParameter( ProfilesConstants.PARAMETER_WORKGROUP_KEY );
828         String strAnchor = request.getParameter( ProfilesConstants.PARAMETER_ANCHOR );
829 
830         _profilesService.removeWorkgroupFromProfile( strProfileKey, strWorkgroupKey, getPlugin( ) );
831 
832         // Update users workgroups
833         AdminWorkgroup workgroup = AdminWorkgroupHome.findByPrimaryKey( strWorkgroupKey );
834 
835         for ( AdminUser user : _profilesService.getUsersListForProfile( strProfileKey, getPlugin( ) ) )
836         {
837             if ( AdminWorkgroupHome.isUserInWorkgroup( user, workgroup.getKey( ) ) )
838             {
839                 AdminWorkgroupHome.removeUserFromWorkgroup( user, workgroup.getKey( ) );
840             }
841         }
842 
843         return JSP_ASSIGN_WORKGROUPS_PROFILE + ProfilesConstants.INTERROGATION_MARK + ProfilesConstants.PARAMETER_PROFILE_KEY + ProfilesConstants.EQUAL
844                 + strProfileKey + ProfilesConstants.SHARP + strAnchor;
845     }
846 
847     /* ASSIGN ROLES */
848 
849     /**
850      * Returns the role assignation form
851      *
852      * @param request
853      *            The Http request
854      * @return the html code for display the modes list
855      */
856     public String getAssignRolesProfile( HttpServletRequest request )
857     {
858         Map<String, Object> model = new HashMap<>( );
859         setPageTitleProperty( ProfilesConstants.PROPERTY_ASSIGN_ROLES_PROFILE_PAGETITLE );
860 
861         // PROFILE
862         String strProfileKey = request.getParameter( ProfilesConstants.PARAMETER_PROFILE_KEY );
863         Profile profile = _profilesService.findByPrimaryKey( strProfileKey, getPlugin( ) );
864 
865         // ASSIGNED ROLES
866         List<RBACRole> listAssignedRoles = new ArrayList<>( );
867 
868         for ( RBACRole role : _profilesService.getRolesListForProfile( strProfileKey, getPlugin( ) ) )
869         {
870             role = RBACRoleHome.findByPrimaryKey( role.getKey( ) );
871 
872             if ( role != null )
873             {
874                 listAssignedRoles.add( role );
875             }
876         }
877 
878         // AVAILABLE ROLES
879         ReferenceList listAvailableRoles = new ReferenceList( );
880         ReferenceItem itemRole = null;
881         boolean bAssigned;
882 
883         for ( RBACRole role : RBACRoleHome.findAll( ) )
884         {
885             itemRole = new ReferenceItem( );
886             itemRole.setCode( role.getKey( ) );
887             itemRole.setName( role.getKey( ) );
888             bAssigned = false;
889 
890             for ( RBACRole assignedRole : listAssignedRoles )
891             {
892                 if ( assignedRole.getKey( ).equals( itemRole.getCode( ) ) )
893                 {
894                     bAssigned = true;
895 
896                     break;
897                 }
898             }
899 
900             if ( !bAssigned )
901             {
902                 listAvailableRoles.add( itemRole );
903             }
904         }
905 
906         // SORT
907         String strSortedAttributeName = request.getParameter( Parameters.SORTED_ATTRIBUTE_NAME );
908         String strAscSort = null;
909 
910         if ( strSortedAttributeName != null )
911         {
912             strAscSort = request.getParameter( Parameters.SORTED_ASC );
913 
914             boolean bIsAscSort = Boolean.parseBoolean( strAscSort );
915 
916             Collections.sort( listAssignedRoles, new AttributeComparator( strSortedAttributeName, bIsAscSort ) );
917         }
918 
919         _strCurrentPageIndex = AbstractPaginator.getPageIndex( request, AbstractPaginator.PARAMETER_PAGE_INDEX, _strCurrentPageIndex );
920         _nDefaultItemsPerPage = AppPropertiesService.getPropertyInt( ProfilesConstants.PROPERTY_ITEM_PER_PAGE, 50 );
921         _nItemsPerPage = AbstractPaginator.getItemsPerPage( request, AbstractPaginator.PARAMETER_ITEMS_PER_PAGE, _nItemsPerPage, _nDefaultItemsPerPage );
922 
923         String strBaseUrl = AppPathService.getBaseUrl( request ) + JSP_URL_ASSIGN_ROLES_PROFILE;
924         UrlItem url = new UrlItem( strBaseUrl );
925 
926         if ( strSortedAttributeName != null )
927         {
928             url.addParameter( Parameters.SORTED_ATTRIBUTE_NAME, strSortedAttributeName );
929         }
930 
931         if ( strAscSort != null )
932         {
933             url.addParameter( Parameters.SORTED_ASC, strAscSort );
934         }
935 
936         String strPermission = ProfilesResourceIdService.PERMISSION_MANAGE_ROLES_ASSIGNMENT;
937         boolean bPermission = RBACService.isAuthorized( Profile.RESOURCE_TYPE, strProfileKey, strPermission, (User) getUser( ) );
938 
939         // ITEM NAVIGATION
940         setItemNavigator( ProfilesConstants.PARAMETER_ASSIGN_ROLE, profile, url );
941 
942         // PAGINATOR
943         url.addParameter( ProfilesConstants.PARAMETER_PROFILE_KEY, profile.getKey( ) );
944 
945         LocalizedPaginator<RBACRole> paginator = new LocalizedPaginator<>( listAssignedRoles, _nItemsPerPage, url.getUrl( ),
946                 AbstractPaginator.PARAMETER_PAGE_INDEX, _strCurrentPageIndex, getLocale( ) );
947 
948         // PERMISSIONS
949         List<ProfileAction> listActions = _profilesService.getListActions( getUser( ), profile, strPermission, getLocale( ), getPlugin( ) );
950         profile.setActions( listActions );
951 
952         model.put( ProfilesConstants.MARK_PROFILE, profile );
953         model.put( ProfilesConstants.MARK_AVAILABLE_LIST, listAvailableRoles );
954         model.put( ProfilesConstants.MARK_ASSIGNED_LIST, paginator.getPageItems( ) );
955         model.put( ProfilesConstants.MARK_ASSIGNED_NUMBER, listAssignedRoles.size( ) );
956         model.put( ProfilesConstants.MARK_ITEM_NAVIGATOR, _itemNavigators.get( ProfilesConstants.PARAMETER_ASSIGN_ROLE ) );
957         model.put( ProfilesConstants.MARK_NB_ITEMS_PER_PAGE, StringUtils.EMPTY + _nItemsPerPage );
958         model.put( ProfilesConstants.MARK_PAGINATOR, paginator );
959         model.put( ProfilesConstants.MARK_PERMISSION, bPermission );
960 
961         HtmlTemplate template = AppTemplateService.getTemplate( TEMPLATE_ASSIGN_ROLES_PROFILE, getLocale( ), model );
962 
963         return getAdminPage( template.getHtml( ) );
964     }
965 
966     /**
967      * Process the data capture form for assign roles to a profile
968      *
969      * @param request
970      *            The HTTP Request
971      * @return The Jsp URL of the process result
972      */
973     public String doAssignRolesProfile( HttpServletRequest request )
974     {
975         String strActionCancel = request.getParameter( ProfilesConstants.PARAMETER_CANCEL );
976 
977         if ( strActionCancel != null )
978         {
979             return JSP_MANAGE_PROFILES;
980         }
981         String strProfileKey = request.getParameter( ProfilesConstants.PARAMETER_PROFILE_KEY );
982 
983         if ( !RBACService.isAuthorized( Profile.RESOURCE_TYPE, strProfileKey, ProfilesResourceIdService.PERMISSION_MANAGE_ROLES_ASSIGNMENT,
984                 (User) getUser( ) ) )
985         {
986             return AdminMessageService.getMessageUrl( request, Messages.USER_ACCESS_DENIED, AdminMessage.TYPE_STOP );
987         }
988 
989         // retrieve the selected portlets ids
990         String [ ] arrayRoleIds = request.getParameterValues( ProfilesConstants.PARAMETER_ROLES_LIST );
991 
992         if ( ( arrayRoleIds != null ) )
993         {
994             for ( int i = 0; i < arrayRoleIds.length; i++ )
995             {
996                 if ( _profilesService.hasRole( strProfileKey, arrayRoleIds [i], getPlugin( ) ) )
997                 {
998                     continue;
999                 }
1000                 _profilesService.addRoleForProfile( strProfileKey, arrayRoleIds [i], getPlugin( ) );
1001 
1002                 // Update users roles
1003                 RBACRole role = RBACRoleHome.findByPrimaryKey( arrayRoleIds [i] );
1004 
1005                 for ( AdminUser user : _profilesService.getUsersListForProfile( strProfileKey, getPlugin( ) ) )
1006                 {
1007                     if ( !AdminUserHome.hasRole( user, role.getKey( ) ) )
1008                     {
1009                         AdminUserHome.createRoleForUser( user.getUserId( ), role.getKey( ) );
1010                     }
1011                 }
1012             }
1013         }
1014 
1015         return JSP_ASSIGN_ROLES_PROFILE + ProfilesConstants.INTERROGATION_MARK + ProfilesConstants.PARAMETER_PROFILE_KEY + ProfilesConstants.EQUAL
1016                 + strProfileKey;
1017     }
1018 
1019     /**
1020      * unassigns roles from profile
1021      * 
1022      * @param request
1023      *            The HttpRequest
1024      * @return the HTML code of list assignations
1025      */
1026     public String doUnassignRoleProfile( HttpServletRequest request )
1027     {
1028         String strProfileKey = request.getParameter( ProfilesConstants.PARAMETER_PROFILE_KEY );
1029 
1030         if ( !RBACService.isAuthorized( Profile.RESOURCE_TYPE, strProfileKey, ProfilesResourceIdService.PERMISSION_MANAGE_ROLES_ASSIGNMENT,
1031                 (User) getUser( ) ) )
1032         {
1033             return AdminMessageService.getMessageUrl( request, Messages.USER_ACCESS_DENIED, AdminMessage.TYPE_STOP );
1034         }
1035 
1036         String strRoleKey = request.getParameter( ProfilesConstants.PARAMETER_ROLE_KEY );
1037         String strAnchor = request.getParameter( ProfilesConstants.PARAMETER_ANCHOR );
1038 
1039         _profilesService.removeRoleFromProfile( strProfileKey, strRoleKey, getPlugin( ) );
1040 
1041         // Update users roles
1042         RBACRole role = RBACRoleHome.findByPrimaryKey( strRoleKey );
1043 
1044         for ( AdminUser user : _profilesService.getUsersListForProfile( strProfileKey, getPlugin( ) ) )
1045         {
1046             if ( AdminUserHome.hasRole( user, role.getKey( ) ) )
1047             {
1048                 AdminUserHome.removeRoleForUser( user.getUserId( ), role.getKey( ) );
1049             }
1050         }
1051 
1052         return JSP_ASSIGN_ROLES_PROFILE + ProfilesConstants.INTERROGATION_MARK + ProfilesConstants.PARAMETER_PROFILE_KEY + ProfilesConstants.EQUAL
1053                 + strProfileKey + ProfilesConstants.SHARP + strAnchor;
1054     }
1055 
1056     /* ASSIGN USERS */
1057 
1058     /**
1059      * Returns the user assignation form
1060      *
1061      * @param request
1062      *            The Http request
1063      * @return the html code for display the modes list
1064      */
1065     public String getAssignUsersProfile( HttpServletRequest request )
1066     {
1067         Map<String, Object> model = new HashMap<>( );
1068         setPageTitleProperty( ProfilesConstants.PROPERTY_ASSIGN_USERS_PROFILE_PAGETITLE );
1069 
1070         String strBaseUrl = AppPathService.getBaseUrl( request ) + JSP_URL_ASSIGN_USERS_PROFILE;
1071         UrlItem url = new UrlItem( strBaseUrl );
1072 
1073         // PROFILE
1074         String strProfileKey = request.getParameter( ProfilesConstants.PARAMETER_PROFILE_KEY );
1075         Profile profile = _profilesService.findByPrimaryKey( strProfileKey, getPlugin( ) );
1076 
1077         // ASSIGNED USERS
1078         List<AdminUser> listAssignedUsers = new ArrayList<>( );
1079 
1080         for ( AdminUser user : _profilesService.getUsersListForProfile( strProfileKey, getPlugin( ) ) )
1081         {
1082             user = AdminUserHome.findByPrimaryKey( user.getUserId( ) );
1083 
1084             // Add users with higher level then connected user or add all users if connected user is administrator
1085             if ( ( user != null ) && ( ( user.getUserLevel( ) > getUser( ).getUserLevel( ) ) || ( getUser( ).isAdmin( ) ) ) )
1086             {
1087                 listAssignedUsers.add( user );
1088             }
1089         }
1090 
1091         Collections.sort( listAssignedUsers, new AttributeComparator( ProfilesConstants.LAST_NAME, true ) );
1092 
1093         List<AdminUser> listFilteredUsers = AdminUserService.getFilteredUsersInterface( listAssignedUsers, request, model, url );
1094 
1095         // AVAILABLE USERS
1096         ReferenceList listAvailableUsers = new ReferenceList( );
1097         ReferenceItem itemUser = null;
1098         boolean bAssigned;
1099 
1100         for ( AdminUser user : AdminUserHome.findUserList( ) )
1101         {
1102             itemUser = new ReferenceItem( );
1103             itemUser.setCode( Integer.toString( user.getUserId( ) ) );
1104             itemUser.setName( user.getLastName( ) + ProfilesConstants.SPACE + user.getFirstName( ) + ProfilesConstants.SPACE + ProfilesConstants.OPEN_BRACKET
1105                     + user.getAccessCode( ) + ProfilesConstants.CLOSED_BRACKET );
1106             bAssigned = false;
1107 
1108             for ( AdminUser assignedUser : listAssignedUsers )
1109             {
1110                 if ( Integer.toString( assignedUser.getUserId( ) ).equals( itemUser.getCode( ) ) )
1111                 {
1112                     bAssigned = true;
1113 
1114                     break;
1115                 }
1116             }
1117 
1118             // Add user with higher level then connected user or add all users if connected user is administrator
1119             if ( !bAssigned && ( ( user.getUserLevel( ) > getUser( ).getUserLevel( ) ) || ( getUser( ).isAdmin( ) ) ) )
1120             {
1121                 listAvailableUsers.add( itemUser );
1122             }
1123         }
1124 
1125         // SORT
1126         String strSortedAttributeName = request.getParameter( Parameters.SORTED_ATTRIBUTE_NAME );
1127         String strAscSort = null;
1128 
1129         if ( strSortedAttributeName != null )
1130         {
1131             strAscSort = request.getParameter( Parameters.SORTED_ASC );
1132 
1133             boolean bIsAscSort = Boolean.parseBoolean( strAscSort );
1134 
1135             Collections.sort( listFilteredUsers, new AttributeComparator( strSortedAttributeName, bIsAscSort ) );
1136         }
1137 
1138         _strCurrentPageIndex = AbstractPaginator.getPageIndex( request, AbstractPaginator.PARAMETER_PAGE_INDEX, _strCurrentPageIndex );
1139         _nDefaultItemsPerPage = AppPropertiesService.getPropertyInt( ProfilesConstants.PROPERTY_ITEM_PER_PAGE, 50 );
1140         _nItemsPerPage = AbstractPaginator.getItemsPerPage( request, AbstractPaginator.PARAMETER_ITEMS_PER_PAGE, _nItemsPerPage, _nDefaultItemsPerPage );
1141 
1142         if ( strSortedAttributeName != null )
1143         {
1144             url.addParameter( Parameters.SORTED_ATTRIBUTE_NAME, strSortedAttributeName );
1145         }
1146 
1147         if ( strAscSort != null )
1148         {
1149             url.addParameter( Parameters.SORTED_ASC, strAscSort );
1150         }
1151 
1152         String strPermission = ProfilesResourceIdService.PERMISSION_MANAGE_USERS_ASSIGNMENT;
1153         boolean bPermission = RBACService.isAuthorized( Profile.RESOURCE_TYPE, strProfileKey, strPermission, (User) getUser( ) );
1154 
1155         // ITEM NAVIGATION
1156         setItemNavigator( ProfilesConstants.PARAMETER_ASSIGN_USER, profile, url );
1157 
1158         // PAGINATOR
1159         url.addParameter( ProfilesConstants.PARAMETER_PROFILE_KEY, profile.getKey( ) );
1160 
1161         LocalizedPaginator<AdminUser> paginator = new LocalizedPaginator<>( listFilteredUsers, _nItemsPerPage, url.getUrl( ),
1162                 AbstractPaginator.PARAMETER_PAGE_INDEX, _strCurrentPageIndex, getLocale( ) );
1163 
1164         // USER LEVEL
1165         Collection<Level> filteredLevels = new ArrayList<>( );
1166 
1167         for ( Level level : LevelHome.getLevelsList( ) )
1168         {
1169             if ( getUser( ).isAdmin( ) || getUser( ).hasRights( level.getId( ) ) )
1170             {
1171                 filteredLevels.add( level );
1172             }
1173         }
1174 
1175         // PERMISSIONS
1176         List<ProfileAction> listActions = _profilesService.getListActions( getUser( ), profile, strPermission, getLocale( ), getPlugin( ) );
1177         profile.setActions( listActions );
1178 
1179         // Attribute
1180         List<IAttribute> listAttributes = AttributeService.getInstance( ).getPluginAttributesWithFields( ProfilesPlugin.PLUGIN_NAME, getLocale( ) );
1181         AttributeField attributeField = new AttributeField( );
1182         attributeField.setTitle( profile.getKey( ) );
1183         attributeField.setValue( profile.getDescription( ) );
1184         attributeField.setDefaultValue( false );
1185         attributeField.setAttribute( listAttributes.get( 0 ) );
1186 
1187         for ( IAttribute attribute : listAttributes )
1188         {
1189             if ( ( attribute == null ) || ( attribute.getListAttributeFields( ) == null ) || attribute.getListAttributeFields( ).isEmpty( ) )
1190             {
1191                 continue;
1192             }
1193 
1194             for ( AttributeField aField : attribute.getListAttributeFields( ) )
1195             {
1196                 if ( strProfileKey.equals( aField.getTitle( ) ) )
1197                 {
1198                     attributeField.setIdField( aField.getIdField( ) );
1199 
1200                     break;
1201                 }
1202             }
1203         }
1204 
1205         model.put( ProfilesConstants.MARK_USER_LEVELS, filteredLevels );
1206         model.put( ProfilesConstants.MARK_PROFILE, profile );
1207         model.put( ProfilesConstants.MARK_AVAILABLE_LIST, listAvailableUsers );
1208         model.put( ProfilesConstants.MARK_ASSIGNED_LIST, paginator.getPageItems( ) );
1209         model.put( ProfilesConstants.MARK_ASSIGNED_NUMBER, listAssignedUsers.size( ) );
1210         model.put( ProfilesConstants.MARK_ITEM_NAVIGATOR, _itemNavigators.get( ProfilesConstants.PARAMETER_ASSIGN_USER ) );
1211         model.put( ProfilesConstants.MARK_NB_ITEMS_PER_PAGE, StringUtils.EMPTY + _nItemsPerPage );
1212         model.put( ProfilesConstants.MARK_PAGINATOR, paginator );
1213         model.put( ProfilesConstants.MARK_PERMISSION, bPermission );
1214         model.put( ProfilesConstants.MARK_ATTRIBUTE, listAttributes.get( 0 ) );
1215         model.put( ProfilesConstants.MARK_ATTRIBUTE_FIELD, attributeField );
1216 
1217         HtmlTemplate template = AppTemplateService.getTemplate( TEMPLATE_ASSIGN_USERS_PROFILE, getLocale( ), model );
1218 
1219         return getAdminPage( template.getHtml( ) );
1220     }
1221 
1222     /**
1223      * Process the data capture form for assign users to a profile
1224      *
1225      * @param request
1226      *            The HTTP Request
1227      * @return The Jsp URL of the process result
1228      */
1229     public String doAssignUsersProfile( HttpServletRequest request )
1230     {
1231         String strReturn;
1232 
1233         String strActionCancel = request.getParameter( ProfilesConstants.PARAMETER_CANCEL );
1234 
1235         if ( strActionCancel != null )
1236         {
1237             strReturn = JSP_MANAGE_PROFILES;
1238         }
1239         else
1240         {
1241             String strProfileKey = request.getParameter( ProfilesConstants.PARAMETER_PROFILE_KEY );
1242 
1243             if ( !RBACService.isAuthorized( Profile.RESOURCE_TYPE, strProfileKey, ProfilesResourceIdService.PERMISSION_MANAGE_USERS_ASSIGNMENT,
1244                     (User) getUser( ) ) )
1245             {
1246                 return AdminMessageService.getMessageUrl( request, Messages.USER_ACCESS_DENIED, AdminMessage.TYPE_STOP );
1247             }
1248 
1249             // retrieve the selected user ids
1250             String [ ] arrayUserIds = request.getParameterValues( ProfilesConstants.PARAMETER_USERS_LIST );
1251 
1252             if ( ( arrayUserIds != null ) )
1253             {
1254                 for ( int i = 0; i < arrayUserIds.length; i++ )
1255                 {
1256                     int nIdUser = Integer.parseInt( arrayUserIds [i] );
1257                     _profilesService.doAssignUserToProfile( nIdUser, request, getLocale( ) );
1258                 }
1259             }
1260 
1261             strReturn = JSP_ASSIGN_USERS_PROFILE + ProfilesConstants.INTERROGATION_MARK + ProfilesConstants.PARAMETER_PROFILE_KEY + ProfilesConstants.EQUAL
1262                     + strProfileKey;
1263         }
1264 
1265         return strReturn;
1266     }
1267 
1268     /**
1269      * unassigns users from profile
1270      * 
1271      * @param request
1272      *            The HttpRequest
1273      * @return the HTML code of list assignations
1274      */
1275     public String doUnassignUserProfile( HttpServletRequest request )
1276     {
1277         String strProfileKey = request.getParameter( ProfilesConstants.PARAMETER_PROFILE_KEY );
1278 
1279         if ( !RBACService.isAuthorized( Profile.RESOURCE_TYPE, strProfileKey, ProfilesResourceIdService.PERMISSION_MANAGE_USERS_ASSIGNMENT,
1280                 (User) getUser( ) ) )
1281         {
1282             return AdminMessageService.getMessageUrl( request, Messages.USER_ACCESS_DENIED, AdminMessage.TYPE_STOP );
1283         }
1284 
1285         String strIdUser = request.getParameter( ProfilesConstants.PARAMETER_ID_USER );
1286         int nIdUser = Integer.parseInt( strIdUser );
1287         String strAnchor = request.getParameter( ProfilesConstants.PARAMETER_ANCHOR );
1288 
1289         _profilesService.doUnassignUserFromProfile( nIdUser, strProfileKey, getUser( ), request, getLocale( ), getPlugin( ) );
1290 
1291         return JSP_ASSIGN_USERS_PROFILE + ProfilesConstants.INTERROGATION_MARK + ProfilesConstants.PARAMETER_PROFILE_KEY + ProfilesConstants.EQUAL
1292                 + strProfileKey + ProfilesConstants.SHARP + strAnchor;
1293     }
1294 
1295     /* ASSIGN VIEW */
1296 
1297     /**
1298      * Returns the view assignation form
1299      *
1300      * @param request
1301      *            HttpServletRequest
1302      * @return the html code
1303      */
1304     public String getAssignViewProfile( HttpServletRequest request )
1305     {
1306         Map<String, Object> model = new HashMap<>( );
1307         setPageTitleProperty( ProfilesConstants.PROPERTY_ASSIGN_VIEW_PROFILE_PAGETITLE );
1308 
1309         // PROFILE
1310         String strProfileKey = request.getParameter( ProfilesConstants.PARAMETER_PROFILE_KEY );
1311         Profile profile = _profilesService.findByPrimaryKey( strProfileKey, getPlugin( ) );
1312 
1313         // ASSIGNED VIEW
1314         View assignedView = _profilesService.getViewForProfile( strProfileKey, getPlugin( ) );
1315 
1316         ReferenceList listViews = _viewsService.getViewsList( getPlugin( ) );
1317 
1318         String strPermission = ProfilesResourceIdService.PERMISSION_MANAGE_VIEW_ASSIGNMENT;
1319         boolean bPermission = RBACService.isAuthorized( Profile.RESOURCE_TYPE, strProfileKey, strPermission, (User) getUser( ) );
1320 
1321         String strBaseUrl = AppPathService.getBaseUrl( request ) + JSP_URL_ASSIGN_VIEW_PROFILE;
1322         UrlItem url = new UrlItem( strBaseUrl );
1323 
1324         // ITEM NAVIGATION
1325         setItemNavigator( ProfilesConstants.PARAMETER_ASSIGN_VIEW, profile, url );
1326 
1327         // PERMISSIONS
1328         List<ProfileAction> listActions = _profilesService.getListActions( getUser( ), profile, strPermission, getLocale( ), getPlugin( ) );
1329         profile.setActions( listActions );
1330 
1331         model.put( ProfilesConstants.MARK_PROFILE, profile );
1332         model.put( ProfilesConstants.MARK_AVAILABLE_LIST, listViews );
1333         model.put( ProfilesConstants.MARK_ITEM_NAVIGATOR, _itemNavigators.get( ProfilesConstants.PARAMETER_ASSIGN_VIEW ) );
1334         model.put( ProfilesConstants.MARK_PERMISSION, bPermission );
1335         model.put( ProfilesConstants.MARK_ASSIGNED_VIEW, assignedView );
1336 
1337         HtmlTemplate template = AppTemplateService.getTemplate( TEMPLATE_ASSIGN_VIEW_PROFILE, getLocale( ), model );
1338 
1339         return getAdminPage( template.getHtml( ) );
1340     }
1341 
1342     /**
1343      * Process the data capture form for assign a view to a profile
1344      *
1345      * @param request
1346      *            HttpServletRequest
1347      * @return The Jsp URL of the process result
1348      */
1349     public String doAssignViewProfile( HttpServletRequest request )
1350     {
1351         String strReturn;
1352 
1353         String strActionCancel = request.getParameter( ProfilesConstants.PARAMETER_CANCEL );
1354 
1355         if ( strActionCancel != null )
1356         {
1357             strReturn = JSP_MANAGE_PROFILES;
1358         }
1359         else
1360         {
1361             String strProfileKey = request.getParameter( ProfilesConstants.PARAMETER_PROFILE_KEY );
1362 
1363             if ( !RBACService.isAuthorized( Profile.RESOURCE_TYPE, strProfileKey, ProfilesResourceIdService.PERMISSION_MANAGE_VIEW_ASSIGNMENT,
1364                     (User) getUser( ) ) )
1365             {
1366                 return AdminMessageService.getMessageUrl( request, Messages.USER_ACCESS_DENIED, AdminMessage.TYPE_STOP );
1367             }
1368 
1369             String strViewKey = request.getParameter( ProfilesConstants.PARAMETER_VIEW_KEY );
1370 
1371             if ( strViewKey != null )
1372             {
1373                 if ( StringUtils.isBlank( strViewKey ) )
1374                 {
1375                     _profilesService.removeView( strProfileKey, getPlugin( ) );
1376                 }
1377                 else
1378                 {
1379                     _profilesService.removeView( strProfileKey, getPlugin( ) );
1380                     _viewsService.addProfileForView( strViewKey, strProfileKey, getPlugin( ) );
1381                 }
1382             }
1383 
1384             strReturn = JSP_ASSIGN_VIEW_PROFILE + ProfilesConstants.INTERROGATION_MARK + ProfilesConstants.PARAMETER_PROFILE_KEY + ProfilesConstants.EQUAL
1385                     + strProfileKey;
1386         }
1387 
1388         return strReturn;
1389     }
1390 
1391     /**
1392      * Get the item navigator
1393      * 
1394      * @param strItemNavigatorKey
1395      *            the item navigator key
1396      * @param profile
1397      *            the profile
1398      * @param url
1399      *            the url
1400      */
1401     private void setItemNavigator( String strItemNavigatorKey, Profile profile, UrlItem url )
1402     {
1403         ItemNavigator itemNavigator = _itemNavigators.get( strItemNavigatorKey );
1404 
1405         if ( itemNavigator == null )
1406         {
1407             if ( _pFilter == null )
1408             {
1409                 _pFilter = new ProfileFilter( );
1410             }
1411 
1412             itemNavigator = _profilesService.getItemNavigator( _pFilter, profile, url );
1413         }
1414         else
1415         {
1416             itemNavigator.setCurrentItemId( profile.getKey( ) );
1417         }
1418 
1419         _itemNavigators.put( strItemNavigatorKey, itemNavigator );
1420     }
1421 
1422     /**
1423      * Reinit the item navigator
1424      */
1425     private void reinitItemNavigators( )
1426     {
1427         _itemNavigators = new HashMap<>( );
1428     }
1429 }