View Javadoc
1   /*
2    * Copyright (c) 2002-2014, Mairie de Paris
3    * All rights reserved.
4    *
5    * Redistribution and use in source and binary forms, with or without
6    * modification, are permitted provided that the following conditions
7    * are met:
8    *
9    *  1. Redistributions of source code must retain the above copyright notice
10   *     and the following disclaimer.
11   *
12   *  2. Redistributions in binary form must reproduce the above copyright notice
13   *     and the following disclaimer in the documentation and/or other materials
14   *     provided with the distribution.
15   *
16   *  3. Neither the name of 'Mairie de Paris' nor 'Lutece' nor the names of its
17   *     contributors may be used to endorse or promote products derived from
18   *     this software without specific prior written permission.
19   *
20   * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
21   * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22   * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23   * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE
24   * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
25   * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
26   * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
27   * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
28   * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
29   * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
30   * POSSIBILITY OF SUCH DAMAGE.
31   *
32   * License 1.0
33   */
34  package fr.paris.lutece.portal.web.features;
35  
36  import fr.paris.lutece.portal.business.right.Level;
37  import fr.paris.lutece.portal.business.right.LevelHome;
38  import fr.paris.lutece.portal.business.right.Right;
39  import fr.paris.lutece.portal.business.right.RightHome;
40  import fr.paris.lutece.portal.business.user.AdminUser;
41  import fr.paris.lutece.portal.business.user.AdminUserHome;
42  import fr.paris.lutece.portal.service.admin.AdminUserService;
43  import fr.paris.lutece.portal.service.i18n.I18nService;
44  import fr.paris.lutece.portal.service.template.AppTemplateService;
45  import fr.paris.lutece.portal.service.util.AppPathService;
46  import fr.paris.lutece.portal.service.util.AppPropertiesService;
47  import fr.paris.lutece.portal.web.admin.AdminFeaturesPageJspBean;
48  import fr.paris.lutece.portal.web.constants.Parameters;
49  import fr.paris.lutece.portal.web.util.LocalizedPaginator;
50  import fr.paris.lutece.util.ReferenceItem;
51  import fr.paris.lutece.util.ReferenceList;
52  import fr.paris.lutece.util.html.HtmlTemplate;
53  import fr.paris.lutece.util.html.ItemNavigator;
54  import fr.paris.lutece.util.html.Paginator;
55  import fr.paris.lutece.util.sort.AttributeComparator;
56  import fr.paris.lutece.util.url.UrlItem;
57  
58  import org.apache.commons.lang.StringUtils;
59  
60  import java.util.ArrayList;
61  import java.util.Collection;
62  import java.util.Collections;
63  import java.util.HashMap;
64  import java.util.List;
65  import java.util.Map;
66  
67  import javax.servlet.http.HttpServletRequest;
68  
69  
70  /**
71   * This class provides the user interface to manage rights features ( manage,
72   * create, modify )
73   */
74  public class RightJspBean extends AdminFeaturesPageJspBean
75  {
76      // Right 
77      public static final String RIGHT_MANAGE_RIGHTS = "CORE_RIGHT_MANAGEMENT";
78  
79      // Properties
80      private static final String PROPERTY_MANAGE_RIGHTS_PAGETITLE = "portal.features.manage_rights.pageTitle";
81      private static final String PROPERTY_ASSIGN_USERS_PAGETITLE = "portal.features.assign_users.pageTitle";
82      private static final String PROPERTY_USERS_PER_PAGE = "paginator.user.itemsPerPage";
83  
84      // Markers            
85      private static final String MARK_RIGHTS_LIST = "rights_list";
86      private static final String MARK_RIGHT = "right";
87      private static final String MARK_AVAILABLE_USERS_LIST = "available_users_list";
88      private static final String MARK_ASSIGNED_USERS_LIST = "assigned_users_list";
89      private static final String MARK_ASSIGNED_USERS_NUMBER = "assigned_users_number";
90      private static final String MARK_USER_LEVELS_LIST = "user_levels";
91      private static final String MARK_ITEM_NAVIGATOR = "item_navigator";
92      private static final String MARK_PAGINATOR = "paginator";
93      private static final String MARK_NB_ITEMS_PER_PAGE = "nb_items_per_page";
94  
95      // Parameters
96      private static final String PARAMETER_ID_RIGHT = "id_right";
97      private static final String PARAMETER_CANCEL = "cancel";
98      private static final String PARAMETER_AVAILABLE_USER_LIST = "available_users_list";
99      private static final String PARAMETER_ID_USER = "id_user";
100     private static final String PARAMETER_ANCHOR = "anchor";
101 
102     // Templates files path    
103     private static final String TEMPLATE_MANAGE_RIGHTS = "admin/features/manage_rights.html";
104     private static final String TEMPLATE_ASSIGN_USERS = "admin/features/assign_users_right.html";
105 
106     // JSP
107     private static final String JSP_URL_ASSIGN_USERS_TO_RIGHT = "jsp/admin/features/AssignUsersRight.jsp";
108     private static final String JSP_ASSIGN_USERS_TO_RIGHT = "AssignUsersRight.jsp";
109     private static final String JSP_URL_RIGHTS_MANAGEMENT = "ManageRights.jsp";
110     private int _nItemsPerPage;
111     private int _nDefaultItemsPerPage;
112     private String _strCurrentPageIndex;
113     private ItemNavigator _itemNavigator;
114 
115     /**
116      * Returns the list of rights
117      *
118      * @param request The Http request
119      * @return the html code for display the rights list
120      */
121     public String getManageRights( HttpServletRequest request )
122     {
123         setPageTitleProperty( PROPERTY_MANAGE_RIGHTS_PAGETITLE );
124 
125         // Reinit session
126         reinitItemNavigator(  );
127 
128         Map<String, Object> model = new HashMap<String, Object>(  );
129         model.put( MARK_RIGHTS_LIST, I18nService.localizeCollection( RightHome.getRightsList(  ), getLocale(  ) ) );
130 
131         HtmlTemplate template = AppTemplateService.getTemplate( TEMPLATE_MANAGE_RIGHTS, getLocale(  ), model );
132 
133         return getAdminPage( template.getHtml(  ) );
134     }
135 
136     /**
137      * Returns the users assignation form
138      *
139      * @param request The Http request
140      * @return the html code for display the modes list
141      */
142     public String getAssignUsers( HttpServletRequest request )
143     {
144         Map<String, Object> model = new HashMap<String, Object>(  );
145         setPageTitleProperty( PROPERTY_ASSIGN_USERS_PAGETITLE );
146 
147         String strBaseUrl = AppPathService.getBaseUrl( request ) + JSP_URL_ASSIGN_USERS_TO_RIGHT;
148         UrlItem url = new UrlItem( strBaseUrl );
149 
150         // RIGHT
151         String strIdRight = request.getParameter( PARAMETER_ID_RIGHT );
152         Right right = RightHome.findByPrimaryKey( strIdRight );
153 
154         if ( right == null )
155         {
156             return getManageRights( request );
157         }
158 
159         right.setLocale( getLocale(  ) );
160 
161         // ASSIGNED USERS
162         List<AdminUser> listAssignedUsers = new ArrayList<AdminUser>(  );
163 
164         for ( AdminUser user : AdminUserHome.findByRight( strIdRight ) )
165         {
166             //Add users with higher level then connected user or add all users if connected user is administrator
167             if ( ( user.getUserLevel(  ) > getUser(  ).getUserLevel(  ) ) || ( getUser(  ).isAdmin(  ) ) )
168             {
169                 listAssignedUsers.add( user );
170             }
171         }
172 
173         List<AdminUser> listFilteredUsers = AdminUserService.getFilteredUsersInterface( listAssignedUsers, request,
174                 model, url );
175 
176         // AVAILABLE USERS
177         ReferenceList listAvailableUsers = new ReferenceList(  );
178         ReferenceItem itemUser = null;
179         boolean bAssigned;
180 
181         for ( AdminUser user : AdminUserHome.findUserList(  ) )
182         {
183             itemUser = new ReferenceItem(  );
184             itemUser.setCode( Integer.toString( user.getUserId(  ) ) );
185             itemUser.setName( user.getAccessCode(  ) + "(" + user.getFirstName(  ) + " " + user.getLastName(  ) + ")" );
186             bAssigned = Boolean.FALSE;
187 
188             for ( AdminUser assignedUser : listAssignedUsers )
189             {
190                 if ( Integer.toString( assignedUser.getUserId(  ) ).equals( itemUser.getCode(  ) ) )
191                 {
192                     bAssigned = Boolean.TRUE;
193 
194                     break;
195                 }
196             }
197 
198             //Add users with higher level then connected user or add all users if connected user is administrator
199             if ( !bAssigned &&
200                     ( ( user.getUserLevel(  ) > getUser(  ).getUserLevel(  ) ) || ( getUser(  ).isAdmin(  ) ) ) &&
201                     ( user.getUserLevel(  ) <= right.getLevel(  ) ) )
202             {
203                 listAvailableUsers.add( itemUser );
204             }
205         }
206 
207         // SORT
208         String strSortedAttributeName = request.getParameter( Parameters.SORTED_ATTRIBUTE_NAME );
209         String strAscSort = null;
210 
211         if ( strSortedAttributeName != null )
212         {
213             strAscSort = request.getParameter( Parameters.SORTED_ASC );
214 
215             boolean bIsAscSort = Boolean.parseBoolean( strAscSort );
216 
217             Collections.sort( listFilteredUsers, new AttributeComparator( strSortedAttributeName, bIsAscSort ) );
218         }
219 
220         _strCurrentPageIndex = Paginator.getPageIndex( request, Paginator.PARAMETER_PAGE_INDEX, _strCurrentPageIndex );
221         _nDefaultItemsPerPage = AppPropertiesService.getPropertyInt( PROPERTY_USERS_PER_PAGE, 50 );
222         _nItemsPerPage = Paginator.getItemsPerPage( request, Paginator.PARAMETER_ITEMS_PER_PAGE, _nItemsPerPage,
223                 _nDefaultItemsPerPage );
224 
225         if ( strSortedAttributeName != null )
226         {
227             url.addParameter( Parameters.SORTED_ATTRIBUTE_NAME, strSortedAttributeName );
228         }
229 
230         if ( strAscSort != null )
231         {
232             url.addParameter( Parameters.SORTED_ASC, strAscSort );
233         }
234 
235         // ITEM NAVITATOR
236         setItemNavigator( strIdRight, url.getUrl(  ) );
237 
238         // PAGINATOR
239         url.addParameter( PARAMETER_ID_RIGHT, right.getId(  ) );
240 
241         LocalizedPaginator<AdminUser> paginator = new LocalizedPaginator<AdminUser>( listFilteredUsers, _nItemsPerPage,
242                 url.getUrl(  ), Paginator.PARAMETER_PAGE_INDEX, _strCurrentPageIndex, getLocale(  ) );
243 
244         // USER LEVEL
245         Collection<Level> filteredLevels = new ArrayList<Level>(  );
246 
247         for ( Level level : LevelHome.getLevelsList(  ) )
248         {
249             if ( getUser(  ).isAdmin(  ) || getUser(  ).hasRights( level.getId(  ) ) )
250             {
251                 filteredLevels.add( level );
252             }
253         }
254 
255         model.put( MARK_RIGHT, right );
256         model.put( MARK_USER_LEVELS_LIST, filteredLevels );
257         model.put( MARK_AVAILABLE_USERS_LIST, listAvailableUsers );
258         model.put( MARK_ASSIGNED_USERS_LIST, paginator.getPageItems(  ) );
259         model.put( MARK_ASSIGNED_USERS_NUMBER, listAssignedUsers.size(  ) );
260         model.put( MARK_ITEM_NAVIGATOR, _itemNavigator );
261         model.put( MARK_PAGINATOR, paginator );
262         model.put( MARK_NB_ITEMS_PER_PAGE, Integer.toString( _nItemsPerPage ) );
263 
264         HtmlTemplate template = AppTemplateService.getTemplate( TEMPLATE_ASSIGN_USERS, getLocale(  ), model );
265 
266         return getAdminPage( template.getHtml(  ) );
267     }
268 
269     /**
270      * Process the data capture form for assign users to a role
271      *
272      * @param request The HTTP Request
273      * @return The Jsp URL of the process result
274      */
275     public String doAssignUsers( HttpServletRequest request )
276     {
277         String strReturn;
278 
279         String strActionCancel = request.getParameter( PARAMETER_CANCEL );
280 
281         if ( strActionCancel != null )
282         {
283             strReturn = JSP_URL_RIGHTS_MANAGEMENT;
284         }
285         else
286         {
287             String strIdRight = request.getParameter( PARAMETER_ID_RIGHT );
288 
289             //retrieve the selected portlets ids
290             String[] arrayUsersIds = request.getParameterValues( PARAMETER_AVAILABLE_USER_LIST );
291 
292             if ( ( arrayUsersIds != null ) )
293             {
294                 for ( int i = 0; i < arrayUsersIds.length; i++ )
295                 {
296                     int nUserId = Integer.parseInt( arrayUsersIds[i] );
297                     AdminUser user = AdminUserHome.findByPrimaryKey( nUserId );
298 
299                     if ( !AdminUserHome.hasRight( user, strIdRight ) )
300                     {
301                         AdminUserHome.createRightForUser( nUserId, strIdRight );
302                     }
303                 }
304             }
305 
306             strReturn = JSP_ASSIGN_USERS_TO_RIGHT + "?" + PARAMETER_ID_RIGHT + "=" + strIdRight;
307         }
308 
309         return strReturn;
310     }
311 
312     /**
313      * unassigns user from role
314      * @param request The HttpRequest
315      * @return the HTML code of list assignations
316      */
317     public String doUnAssignUser( HttpServletRequest request )
318     {
319         String strIdRight = request.getParameter( PARAMETER_ID_RIGHT );
320         int nIdUser = Integer.parseInt( request.getParameter( PARAMETER_ID_USER ) );
321         String strAnchor = request.getParameter( PARAMETER_ANCHOR );
322 
323         AdminUser adminUser = AdminUserHome.findByPrimaryKey( nIdUser );
324 
325         if ( adminUser != null )
326         {
327             AdminUserHome.removeRightForUser( nIdUser, strIdRight );
328         }
329 
330         return JSP_ASSIGN_USERS_TO_RIGHT + "?" + PARAMETER_ID_RIGHT + "=" + strIdRight + "#" + strAnchor;
331     }
332 
333     /**
334      * Get the item navigator
335      * @param strIdRight the id right
336      * @param strUrl the url
337      */
338     private void setItemNavigator( String strIdRight, String strUrl )
339     {
340         if ( _itemNavigator == null )
341         {
342             List<String> listIdsRight = new ArrayList<String>(  );
343             int nCurrentItemId = 0;
344             int nIndex = 0;
345 
346             for ( Right right : RightHome.getRightsList(  ) )
347             {
348                 if ( ( right != null ) && StringUtils.isNotBlank( right.getId(  ) ) )
349                 {
350                     listIdsRight.add( right.getId(  ) );
351 
352                     if ( right.getId(  ).equals( strIdRight ) )
353                     {
354                         nCurrentItemId = nIndex;
355                     }
356 
357                     nIndex++;
358                 }
359             }
360 
361             _itemNavigator = new ItemNavigator( listIdsRight, nCurrentItemId, strUrl, PARAMETER_ID_RIGHT );
362         }
363         else
364         {
365             _itemNavigator.setCurrentItemId( strIdRight );
366         }
367     }
368 
369     /**
370      * Reinit the item navigator
371      */
372     private void reinitItemNavigator(  )
373     {
374         _itemNavigator = null;
375     }
376 }