portals-jetspeed-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From tay...@apache.org
Subject cvs commit: jakarta-jetspeed/src/java/org/apache/jetspeed/modules/actions/portlets/security RolePermissionUpdateAction.java UserRoleUpdateAction.java RoleBrowserAction.java RoleUpdateAction.java SecurityConstants.java
Date Fri, 06 Jul 2001 08:44:21 GMT
taylor      01/07/06 01:44:21

  Modified:    src/java/org/apache/jetspeed/modules/actions/portlets/security
                        RoleBrowserAction.java RoleUpdateAction.java
                        SecurityConstants.java
  Added:       src/java/org/apache/jetspeed/modules/actions/portlets/security
                        RolePermissionUpdateAction.java
                        UserRoleUpdateAction.java
  Log:
  - added two new actions for listing and updating roles per user, and permissions per role
  
  Revision  Changes    Path
  1.3       +7 -6      jakarta-jetspeed/src/java/org/apache/jetspeed/modules/actions/portlets/security/RoleBrowserAction.java
  
  Index: RoleBrowserAction.java
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed/src/java/org/apache/jetspeed/modules/actions/portlets/security/RoleBrowserAction.java,v
  retrieving revision 1.2
  retrieving revision 1.3
  diff -u -r1.2 -r1.3
  --- RoleBrowserAction.java	2001/07/02 07:33:44	1.2
  +++ RoleBrowserAction.java	2001/07/06 08:44:14	1.3
  @@ -63,16 +63,16 @@
   import org.apache.turbine.util.StringUtils;
   import org.apache.turbine.util.DynamicURI;
   
  -import org.apache.turbine.util.security.RoleSet;
  -import org.apache.turbine.util.db.Criteria;
  -
   // turbine om 
   import org.apache.turbine.om.security.Role;
   import org.apache.turbine.om.security.User;
  +import org.apache.turbine.om.security.Group;
   
   // turbine security
   import org.apache.turbine.util.security.EntityExistsException;
  -import org.apache.turbine.util.security.DataBackendException;
  +import org.apache.turbine.util.security.UnknownEntityException;
  +import org.apache.turbine.util.security.RoleSet;
  +import org.apache.turbine.util.db.Criteria;
   
   // jetspeed services
   import org.apache.jetspeed.services.JetspeedSecurity;
  @@ -132,12 +132,12 @@
                                          RunData rundata )
       {
           try
  -        {
  +        {            
               Criteria criteria = new Criteria();
               RoleSet roles = JetspeedSecurity.getRoles(criteria);
               context.put(SecurityConstants.CONTEXT_ROLES, roles.getRolesArray());
           }
  -        catch (DataBackendException e)
  +        catch (Exception e)
           {
              // log the error msg
               Log.error(e);
  @@ -147,5 +147,6 @@
               rundata.setScreenTemplate("Error.vm");            
           }
       }
  +
   
   }
  
  
  
  1.3       +0 -1      jakarta-jetspeed/src/java/org/apache/jetspeed/modules/actions/portlets/security/RoleUpdateAction.java
  
  Index: RoleUpdateAction.java
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed/src/java/org/apache/jetspeed/modules/actions/portlets/security/RoleUpdateAction.java,v
  retrieving revision 1.2
  retrieving revision 1.3
  diff -u -r1.2 -r1.3
  --- RoleUpdateAction.java	2001/07/02 07:33:45	1.2
  +++ RoleUpdateAction.java	2001/07/06 08:44:15	1.3
  @@ -138,7 +138,6 @@
                */
               String mode = rundata.getParameters().getString(SecurityConstants.PARAM_MODE);
   
  -            //
               // if we are updating or deleting - put the name in the context
               //
               if (mode != null && (mode.equals(SecurityConstants.PARAM_MODE_UPDATE)
|| 
  
  
  
  1.2       +10 -1     jakarta-jetspeed/src/java/org/apache/jetspeed/modules/actions/portlets/security/SecurityConstants.java
  
  Index: SecurityConstants.java
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed/src/java/org/apache/jetspeed/modules/actions/portlets/security/SecurityConstants.java,v
  retrieving revision 1.1
  retrieving revision 1.2
  diff -u -r1.1 -r1.2
  --- SecurityConstants.java	2001/07/02 07:33:45	1.1
  +++ SecurityConstants.java	2001/07/06 08:44:16	1.2
  @@ -68,6 +68,8 @@
       static final String PARAM_MSG = "msg";
       // unique entity id - parameter passed between browser forms and update forms
       static final String PARAM_ENTITY_ID = "entityid";
  +    // username parameter 
  +    static final String PARAM_USERNAME = "username";
   
       // mode parameter
       static final String PARAM_MODE = "mode";
  @@ -89,6 +91,7 @@
       static final String CONTEXT_PERMISSIONS = "permissions";
       static final String CONTEXT_GROUP = "group";
       static final String CONTEXT_GROUPS = "groups";
  +    static final String CONTEXT_SELECTED = "selected";
   
       // user browser pane id
       static final String PANEID_USER_BROWSER = "User Browser";
  @@ -106,6 +109,10 @@
       static final String PANEID_GROUP_BROWSER = "Group Browser";
       // group form pane id
       static final String PANEID_GROUP_UPDATE = "Group";
  +    // user role form pane id
  +    static final String PANEID_USERROLE_UPDATE = "User Roles";
  +    // role permission form pane id
  +    static final String PANEID_ROLEPERMISSION_UPDATE = "Role Permissions";
   
       // 
       // Informational and Error Messages for Security Forms
  @@ -116,7 +123,8 @@
           "Database Delete Failure. Please report this error to your Database Administrator.",
           "Invalid Entity Name. Please enter a valid entity name.",
           "Entity Name Already Exists. Please choose another unique, identifying name.",
  -        "Deletion not allowed. You are trying to delete the currently logged on user."
  +        "Deletion not allowed. You are trying to delete the currently logged on user.",
  +        "Missing Parameter. Cannot process Security form."
       };
       //
       // indexes into messages
  @@ -126,5 +134,6 @@
       static final int MID_INVALID_ENTITY_NAME = 2;
       static final int MID_ENTITY_ALREADY_EXISTS = 3;
       static final int MID_CANT_DELETE_CURRENT = 4;
  +    static final int MID_MISSING_PARAMETER = 5;
   
   };
  
  
  
  1.1                  jakarta-jetspeed/src/java/org/apache/jetspeed/modules/actions/portlets/security/RolePermissionUpdateAction.java
  
  Index: RolePermissionUpdateAction.java
  ===================================================================
  /* ====================================================================
   * The Apache Software License, Version 1.1
   *
   * Copyright (c) 2000-2001 The Apache Software Foundation.  All rights
   * reserved.
   *
   * Redistribution and use in source and binary forms, with or without
   * modification, are permitted provided that the following conditions
   * are met:
   *
   * 1. Redistributions of source code must retain the above copyright
   *    notice, this list of conditions and the following disclaimer.
   *
   * 2. Redistributions in binary form must reproduce the above copyright
   *    notice, this list of conditions and the following disclaimer in
   *    the documentation and/or other materials provided with the
   *    distribution.
   *
   * 3. The end-user documentation included with the redistribution,
   *    if any, must include the following acknowledgment:
   *       "This product includes software developed by the
   *        Apache Software Foundation (http://www.apache.org/)."
   *    Alternately, this acknowledgment may appear in the software itself,
   *    if and wherever such third-party acknowledgments normally appear.
   *
   * 4. The names "Apache" and "Apache Software Foundation" and
   *     "Apache Jetspeed" must not be used to endorse or promote products
   *    derived from this software without prior written permission. For
   *    written permission, please contact apache@apache.org.
   *
   * 5. Products derived from this software may not be called "Apache" or
   *    "Apache Jetspeed", nor may "Apache" appear in their name, without
   *    prior written permission of the Apache Software Foundation.
   *
   * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
   * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
   * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
   * DISCLAIMED.  IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
   * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
   * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
   * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
   * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
   * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
   * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
   * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
   * SUCH DAMAGE.
   * ====================================================================
   *
   * This software consists of voluntary contributions made by many
   * individuals on behalf of the Apache Software Foundation.  For more
   * information on the Apache Software Foundation, please see
   * <http://www.apache.org/>.
   */
   
  package org.apache.jetspeed.modules.actions.portlets.security;
  
  // java util
  import java.util.Vector;
  
  // velocity
  import org.apache.velocity.context.Context;
  
  // turbine util
  import org.apache.turbine.util.Log;
  import org.apache.turbine.util.RunData;
  import org.apache.turbine.util.StringUtils;
  import org.apache.turbine.util.DynamicURI;
  
  // turbine om 
  import org.apache.turbine.om.security.Role;
  import org.apache.turbine.om.security.User;
  import org.apache.turbine.om.security.Permission;
  
  // turbine security
  import org.apache.turbine.util.security.EntityExistsException;
  import org.apache.turbine.util.security.RoleSet;
  import org.apache.turbine.util.security.PermissionSet;
  import org.apache.turbine.util.db.Criteria;
  import org.apache.turbine.util.security.AccessControlList;
  import org.apache.turbine.util.security.DataBackendException;
  import org.apache.turbine.util.security.UnknownEntityException;
  
  // jetspeed services
  import org.apache.jetspeed.services.JetspeedSecurity;
  import org.apache.jetspeed.services.resources.JetspeedResources;
  
  // jetspeed velocity
  import org.apache.jetspeed.modules.actions.portlets.VelocityPortletAction;
  import org.apache.jetspeed.portal.portlets.VelocityPortlet;
  
  
  /**
   * This action sets up the template context for editing security permissions in the Turbine
database
   * for a given role.
   * 
   * @author <a href="mailto:taylor@apache.org">David Sean Taylor</a>
   */
  public class RolePermissionUpdateAction extends VelocityPortletAction
  {
      private static final String TEMP_ROLE = "tempRole";
  
      /** 
       * Build the maximized state content for this portlet. (Same as normal state).
       * 
       * @param portlet The velocity-based portlet that is being built.
       * @param context The velocity context for this request.
       * @param rundata The turbine rundata context for this request.
       */
      protected void buildMaximizedContext( VelocityPortlet portlet, 
                                            Context context,
                                            RunData rundata )
      {
          buildNormalContext( portlet, context, rundata);        
      }
  
      /** 
       * Build the configure state content for this portlet.
       * TODO: we could configure this portlet with configurable skins, etc..
       * 
       * @param portlet The velocity-based portlet that is being built.
       * @param context The velocity context for this request.
       * @param rundata The turbine rundata context for this request.
       */
      protected void buildConfigureContext( VelocityPortlet portlet, 
                                            Context context,
                                            RunData rundata )
      {
  
          buildNormalContext( portlet, context, rundata);        
      }
  
      /** 
       * Build the normal state content for this portlet.
       * 
       * @param portlet The velocity-based portlet that is being built.
       * @param context The velocity context for this request.
       * @param rundata The turbine rundata context for this request.
       */
      protected void buildNormalContext( VelocityPortlet portlet, 
                                         Context context,
                                         RunData rundata )
      {
          try
          {
              Role role = null;
              /*
               * Grab the mode for the user form.
               */
              String mode = rundata.getParameters().getString(SecurityConstants.PARAM_MODE);
  
              //
              // check to see if we are adding a role for a single user
              // 
              String entityid = rundata.getParameters().getString(SecurityConstants.PARAM_ENTITY_ID);
              if (entityid == null || entityid.trim().length() == 0)
              {
                  return;
              }
  
              buildRolePermissionContext(portlet, context, rundata, entityid);
  
              //
              // if there was an error, display the message
              //
              String msgid = rundata.getParameters().getString(SecurityConstants.PARAM_MSGID);
              if (msgid != null)
              {
                  int id = Integer.parseInt(msgid);
                  if (id < SecurityConstants.MESSAGES.length)
                      context.put(SecurityConstants.PARAM_MSG, SecurityConstants.MESSAGES[id]);
              }
  
          }
          catch (Exception e)
          {
              Log.error(e);
              rundata.setMessage("Error in Jetspeed Role Permission Security: " + e.toString());
              rundata.setStackTrace(StringUtils.stackTrace(e), e);
              rundata.setScreenTemplate("Error.vm");            
          }
      }
  
  
      /** 
       * Database Update Action for Security Role Permissions. Performs updates into security
database.
       * 
       * @param rundata The turbine rundata context for this request.
       * @param context The velocity context for this request.
       */
      public void doUpdate(RunData rundata, Context context)
          throws Exception
      {
          String entityid = rundata.getParameters().getString(SecurityConstants.PARAM_ENTITY_ID);
          if (entityid == null || entityid.trim().length() == 0)
          {
              Log.error("RolePermissionBrowser: Failed to get entity: " + entityid );
              DynamicURI duri = new DynamicURI (rundata);
              duri.addPathInfo(JetspeedResources.PATH_PANEL_KEY, SecurityConstants.PANEID_ROLEPERMISSION_UPDATE);
              duri.addPathInfo(SecurityConstants.PARAM_MSGID, SecurityConstants.MID_MISSING_PARAMETER);
              rundata.getResponse().sendRedirect(duri.toString());
              return;
          }
          Role role = JetspeedSecurity.getRole(entityid);
          if (null == role)
          {
              Log.error("RolePermissionBrowser: Failed to get role: " + entityid );
              DynamicURI duri = new DynamicURI (rundata);
              duri.addPathInfo(JetspeedResources.PATH_PANEL_KEY, SecurityConstants.PANEID_ROLEPERMISSION_UPDATE);
              duri.addPathInfo(SecurityConstants.PARAM_MSGID, SecurityConstants.MID_MISSING_PARAMETER);
              rundata.getResponse().sendRedirect(duri.toString());
              return;
          }
          
  
          try
          {
              Permission[] permissions = 
                   (Permission[])rundata.getUser().getTemp(SecurityConstants.CONTEXT_PERMISSIONS);
              Vector selected = (Vector)rundata.getUser().getTemp(SecurityConstants.CONTEXT_SELECTED);
  
              if (permissions == null || selected == null)
              {
                  DynamicURI duri = new DynamicURI (rundata);
                  duri.addPathInfo(JetspeedResources.PATH_PANEL_KEY, SecurityConstants.PANEID_ROLEPERMISSION_UPDATE);
                  duri.addPathInfo(SecurityConstants.PARAM_MSGID, SecurityConstants.MID_MISSING_PARAMETER);
                  rundata.getResponse().sendRedirect(duri.toString());
                  return;
              }
  
              //
              // walk thru all the permissions, see if anything changed
              // if changed, update the database
              //
              for (int ix = 0; ix < permissions.length; ix++)
              {
                  boolean newValue = rundata.getParameters().getBoolean("box_" + permissions[ix].getName(),
false);
                  boolean oldValue = ((Boolean)selected.elementAt(ix + 1)).booleanValue();
                  if (newValue != oldValue)
                  {
                      if (newValue == true)
                      {
                          // grant a permission to a role
                          JetspeedSecurity.grant( role, permissions[ix] );               
                                                                                 
                      }
                      else
                      {
                          // revoke a permission from a role
                          JetspeedSecurity.revoke( role, permissions[ix] );
                      }
                  }
              }
  
              // clear the temp values
              rundata.getUser().setTemp(SecurityConstants.CONTEXT_PERMISSIONS, null);
              rundata.getUser().setTemp(SecurityConstants.CONTEXT_SELECTED, null);
   
              //
              // success -- bring user back to user browser
              //
              DynamicURI duri = new DynamicURI (rundata);
              duri.addPathInfo(JetspeedResources.PATH_PANEL_KEY, SecurityConstants.PANEID_ROLE_BROWSER);
              rundata.getResponse().sendRedirect(duri.toString());
  
          }
          catch (Exception e)
          {
             // log the error msg
              Log.error("Failed update role+permission: " + e);
  
              //
              // error on update - display error message
              //
              DynamicURI duri = new DynamicURI (rundata);
              duri.addPathInfo(JetspeedResources.PATH_PANEL_KEY, SecurityConstants.PANEID_ROLEPERMISSION_UPDATE);
              duri.addPathInfo(SecurityConstants.PARAM_MSGID, SecurityConstants.MID_UPDATE_FAILED);
              if (role != null)
                  duri.addPathInfo(SecurityConstants.PARAM_ENTITY_ID, role.getName());
              rundata.getResponse().sendRedirect(duri.toString());
  
          }
      }
  
      /** 
       * Build the context for a role browser for a specific user.
       * 
       * @param portlet The velocity-based portlet that is being built.
       * @param context The velocity context for this request.
       * @param rundata The turbine rundata context for this request.
       * @param roleName The roleName of the role that we are building a role context for.
       */
      private void buildRolePermissionContext(VelocityPortlet portlet, 
                                              Context context,
                                              RunData rundata,
                                              String roleName)
          throws UnknownEntityException, DataBackendException
      {
          // get master list of roles         
          Criteria criteria = new Criteria();
          PermissionSet master = JetspeedSecurity.getPermissions(criteria);
  
          // get the user object
          Role role = JetspeedSecurity.getRole(roleName);
          if (null == role)
          {
              // no ACL found
              Log.error("RolePermissionBrowser: Failed to get role: " + roleName);
              return;
          }
  
          // get the permissions for this particular role
          PermissionSet subset = JetspeedSecurity.getPermissions(role);
  
          Permission[] permissions = master.getPermissionsArray();
          Vector selected = new Vector(master.size()+1);           
  
          selected.add(0, new Boolean(false));
          boolean sel = false;
          for ( int ix = 0; ix < permissions.length; ix++ )
          {
              if (null != subset)
                  sel = subset.contains(permissions[ix].getName());
              else
                  sel = false;
              selected.add(ix + 1, new Boolean(sel));
          } 
          
          rundata.getUser().setTemp(SecurityConstants.CONTEXT_PERMISSIONS, permissions);
          rundata.getUser().setTemp(SecurityConstants.CONTEXT_SELECTED, selected);
          context.put(SecurityConstants.CONTEXT_PERMISSIONS, permissions);
          context.put(SecurityConstants.CONTEXT_SELECTED, selected);
          context.put(SecurityConstants.CONTEXT_ROLE, role);
      }
  
  
  }
  
  
  1.1                  jakarta-jetspeed/src/java/org/apache/jetspeed/modules/actions/portlets/security/UserRoleUpdateAction.java
  
  Index: UserRoleUpdateAction.java
  ===================================================================
  /* ====================================================================
   * The Apache Software License, Version 1.1
   *
   * Copyright (c) 2000-2001 The Apache Software Foundation.  All rights
   * reserved.
   *
   * Redistribution and use in source and binary forms, with or without
   * modification, are permitted provided that the following conditions
   * are met:
   *
   * 1. Redistributions of source code must retain the above copyright
   *    notice, this list of conditions and the following disclaimer.
   *
   * 2. Redistributions in binary form must reproduce the above copyright
   *    notice, this list of conditions and the following disclaimer in
   *    the documentation and/or other materials provided with the
   *    distribution.
   *
   * 3. The end-user documentation included with the redistribution,
   *    if any, must include the following acknowledgment:
   *       "This product includes software developed by the
   *        Apache Software Foundation (http://www.apache.org/)."
   *    Alternately, this acknowledgment may appear in the software itself,
   *    if and wherever such third-party acknowledgments normally appear.
   *
   * 4. The names "Apache" and "Apache Software Foundation" and
   *     "Apache Jetspeed" must not be used to endorse or promote products
   *    derived from this software without prior written permission. For
   *    written permission, please contact apache@apache.org.
   *
   * 5. Products derived from this software may not be called "Apache" or
   *    "Apache Jetspeed", nor may "Apache" appear in their name, without
   *    prior written permission of the Apache Software Foundation.
   *
   * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
   * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
   * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
   * DISCLAIMED.  IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
   * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
   * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
   * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
   * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
   * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
   * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
   * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
   * SUCH DAMAGE.
   * ====================================================================
   *
   * This software consists of voluntary contributions made by many
   * individuals on behalf of the Apache Software Foundation.  For more
   * information on the Apache Software Foundation, please see
   * <http://www.apache.org/>.
   */
   
  package org.apache.jetspeed.modules.actions.portlets.security;
  
  // java util
  import java.util.Vector;
  
  // velocity
  import org.apache.velocity.context.Context;
  
  // turbine util
  import org.apache.turbine.util.Log;
  import org.apache.turbine.util.RunData;
  import org.apache.turbine.util.StringUtils;
  import org.apache.turbine.util.DynamicURI;
  
  // turbine om 
  import org.apache.turbine.om.security.Role;
  import org.apache.turbine.om.security.User;
  import org.apache.turbine.om.security.Group;
  
  // turbine security
  import org.apache.turbine.util.security.EntityExistsException;
  import org.apache.turbine.util.security.RoleSet;
  import org.apache.turbine.util.db.Criteria;
  import org.apache.turbine.util.security.AccessControlList;
  import org.apache.turbine.util.security.DataBackendException;
  import org.apache.turbine.util.security.UnknownEntityException;
  
  // jetspeed services
  import org.apache.jetspeed.services.JetspeedSecurity;
  import org.apache.jetspeed.services.resources.JetspeedResources;
  
  // jetspeed velocity
  import org.apache.jetspeed.modules.actions.portlets.VelocityPortletAction;
  import org.apache.jetspeed.portal.portlets.VelocityPortlet;
  
  
  /**
   * This action sets up the template context for editing security roles in the Turbine database
   * for a given user.
   * 
   * @author <a href="mailto:taylor@apache.org">David Sean Taylor</a>
   */
  public class UserRoleUpdateAction extends VelocityPortletAction
  {
      /** 
       * Build the maximized state content for this portlet. (Same as normal state).
       * 
       * @param portlet The velocity-based portlet that is being built.
       * @param context The velocity context for this request.
       * @param rundata The turbine rundata context for this request.
       */
      protected void buildMaximizedContext( VelocityPortlet portlet, 
                                            Context context,
                                            RunData rundata )
      {
          buildNormalContext( portlet, context, rundata);        
      }
  
      /** 
       * Build the configure state content for this portlet.
       * TODO: we could configure this portlet with configurable skins, etc..
       * 
       * @param portlet The velocity-based portlet that is being built.
       * @param context The velocity context for this request.
       * @param rundata The turbine rundata context for this request.
       */
      protected void buildConfigureContext( VelocityPortlet portlet, 
                                            Context context,
                                            RunData rundata )
      {
  
          buildNormalContext( portlet, context, rundata);        
      }
  
      /** 
       * Build the normal state content for this portlet.
       * 
       * @param portlet The velocity-based portlet that is being built.
       * @param context The velocity context for this request.
       * @param rundata The turbine rundata context for this request.
       */
      protected void buildNormalContext( VelocityPortlet portlet, 
                                         Context context,
                                         RunData rundata )
      {
          try
          {
              Role role = null;
              /*
               * Grab the mode for the user form.
               */
              String mode = rundata.getParameters().getString(SecurityConstants.PARAM_MODE);
  
              //
              // check to see if we are adding a role for a single user
              // 
              String entityid = rundata.getParameters().getString(SecurityConstants.PARAM_ENTITY_ID);
              if (entityid == null || entityid.trim().length() == 0)
              {
                  return;
              }
  
              buildUserRoleContext(portlet, context, rundata, entityid);
  
              //
              // if there was an error, display the message
              //
              String msgid = rundata.getParameters().getString(SecurityConstants.PARAM_MSGID);
              if (msgid != null)
              {
                  int id = Integer.parseInt(msgid);
                  if (id < SecurityConstants.MESSAGES.length)
                      context.put(SecurityConstants.PARAM_MSG, SecurityConstants.MESSAGES[id]);
              }
  
          }
          catch (Exception e)
          {
              Log.error(e);
              rundata.setMessage("Error in Jetspeed User Role Security: " + e.toString());
              rundata.setStackTrace(StringUtils.stackTrace(e), e);
              rundata.setScreenTemplate("Error.vm");            
          }
      }
  
  
      /** 
       * Database Update Action for Security Roles. Performs updates into security database.
       * 
       * @param rundata The turbine rundata context for this request.
       * @param context The velocity context for this request.
       */
      public void doUpdate(RunData rundata, Context context)
          throws Exception
      {
          // TODO: if the user is the current user, we will need to refresh the 
          // rundata's ACL list as described in the constructor for AccessControlList.java
              
  
          String entityid = rundata.getParameters().getString(SecurityConstants.PARAM_ENTITY_ID);
          if (entityid == null || entityid.trim().length() == 0)
          {
              Log.error("UserRoleBrowser: Failed to get entity: " + entityid );
              DynamicURI duri = new DynamicURI (rundata);
              duri.addPathInfo(JetspeedResources.PATH_PANEL_KEY, SecurityConstants.PANEID_USERROLE_UPDATE);
              duri.addPathInfo(SecurityConstants.PARAM_MSGID, SecurityConstants.MID_MISSING_PARAMETER);
              rundata.getResponse().sendRedirect(duri.toString());
              return;
          }
  
          User user = JetspeedSecurity.getUser(entityid);
          if (null == user)
          {
              Log.error("UserRoleBrowser: Failed to get user: " + entityid );
              DynamicURI duri = new DynamicURI (rundata);
              duri.addPathInfo(JetspeedResources.PATH_PANEL_KEY, SecurityConstants.PANEID_USERROLE_UPDATE);
              duri.addPathInfo(SecurityConstants.PARAM_MSGID, SecurityConstants.MID_MISSING_PARAMETER);
              rundata.getResponse().sendRedirect(duri.toString());
              return;
          }
          
  
          try
          {
              Role[] roles = (Role[])rundata.getUser().getTemp(SecurityConstants.CONTEXT_ROLES);
              Vector selected = (Vector)rundata.getUser().getTemp(SecurityConstants.CONTEXT_SELECTED);
  
              if (roles == null || selected == null)
              {
                  DynamicURI duri = new DynamicURI (rundata);
                  duri.addPathInfo(JetspeedResources.PATH_PANEL_KEY, SecurityConstants.PANEID_USERROLE_UPDATE);
                  duri.addPathInfo(SecurityConstants.PARAM_MSGID, SecurityConstants.MID_MISSING_PARAMETER);
                  rundata.getResponse().sendRedirect(duri.toString());
                  return;
              }
  
              //
              // walk thru all the roles, see if anything changed
              // if changed, update the database
              //
              for (int ix = 0; ix < roles.length; ix++)
              {
                  boolean newValue = rundata.getParameters().getBoolean("box_" + roles[ix].getName(),
false);
                  boolean oldValue = ((Boolean)selected.elementAt(ix + 1)).booleanValue();
                  if (newValue != oldValue)
                  {
                      if (newValue == true)
                      {
                          // grant a role to a user
                          JetspeedSecurity.grant( user, 
                                                  JetspeedSecurity.getGroup(JetspeedSecurity.JETSPEED_GROUP),
                                                  roles[ix] );
                      }
                      else
                      {
                          // revoke a role from a user
                          JetspeedSecurity.revoke( user, 
                                                  JetspeedSecurity.getGroup(JetspeedSecurity.JETSPEED_GROUP),
                                                  roles[ix] );
                      }
                  }
              }
  
              // clear the temp values
              rundata.getUser().setTemp(SecurityConstants.CONTEXT_ROLES, null);
              rundata.getUser().setTemp(SecurityConstants.CONTEXT_SELECTED, null);
   
              //
              // success -- bring user back to user browser
              //
              DynamicURI duri = new DynamicURI (rundata);
              duri.addPathInfo(JetspeedResources.PATH_PANEL_KEY, SecurityConstants.PANEID_USER_BROWSER);
              rundata.getResponse().sendRedirect(duri.toString());
  
          }
          catch (Exception e)
          {
             // log the error msg
              Log.error("Failed update role+permission: " + e);
  
              //
              // error on update - display error message
              //
              DynamicURI duri = new DynamicURI (rundata);
              duri.addPathInfo(JetspeedResources.PATH_PANEL_KEY, SecurityConstants.PANEID_USERROLE_UPDATE);
              duri.addPathInfo(SecurityConstants.PARAM_MSGID, SecurityConstants.MID_UPDATE_FAILED);
              if (user != null)
                  duri.addPathInfo(SecurityConstants.PARAM_ENTITY_ID, user.getUserName());
              rundata.getResponse().sendRedirect(duri.toString());
  
          }
      }
  
      /** 
       * Build the context for a role browser for a specific user.
       * 
       * @param portlet The velocity-based portlet that is being built.
       * @param context The velocity context for this request.
       * @param rundata The turbine rundata context for this request.
       * @param userid The userid of the user that we are building a role context for.
       */
      private void buildUserRoleContext(VelocityPortlet portlet, 
                                         Context context,
                                         RunData rundata,
                                         String userid)
          throws UnknownEntityException, DataBackendException
      {
          // get master list of roles         
          Criteria criteria = new Criteria();
          RoleSet master = JetspeedSecurity.getRoles(criteria);
  
          // get the user object
          User user = JetspeedSecurity.getUser(userid);
          if (null == user)
          {
              // no ACL found
              Log.error("UserRoleBrowser: Failed to get user: " + userid );
              return;
          }
          // get the access control list for the given user
          AccessControlList acl = JetspeedSecurity.getACL(user);
          if (null == acl)
          {
              // no ACL found
              Log.error("RoleBrowser: NO ACL found for user: " + user.getUserName() );
              return;
          }
          // get all the roles for this user in the Jetspeed Group
          Group jetGroup = JetspeedSecurity.getGroup(JetspeedSecurity.JETSPEED_GROUP);
          RoleSet userRoles = acl.getRoles( jetGroup );
  
          Role[] roles = master.getRolesArray();        
          Vector selected = new Vector(master.size()+1);           
  
          selected.add(0, new Boolean(false));
          boolean sel = false;
          for ( int ix = 0; ix < roles.length; ix++ )
          {
              if (null != userRoles)
                  sel = userRoles.contains(roles[ix].getName());
              else
                  sel = false;
              selected.add(ix + 1, new Boolean(sel));
          } 
          
          rundata.getUser().setTemp(SecurityConstants.CONTEXT_ROLES, roles);
          rundata.getUser().setTemp(SecurityConstants.CONTEXT_SELECTED, selected);
          context.put(SecurityConstants.CONTEXT_USER, user);
          context.put(SecurityConstants.CONTEXT_ROLES, roles);
          context.put(SecurityConstants.CONTEXT_SELECTED, selected);
      }
  
  
  }
  
  

---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: jetspeed-dev-help@jakarta.apache.org


Mime
View raw message