-/*\r
- * Copyright (C) 2001, 2002 The Mir-coders group\r
- *\r
- * This file is part of Mir.\r
- *\r
- * Mir is free software; you can redistribute it and/or modify\r
- * it under the terms of the GNU General Public License as published by\r
- * the Free Software Foundation; either version 2 of the License, or\r
- * (at your option) any later version.\r
- *\r
- * Mir is distributed in the hope that it will be useful,\r
- * but WITHOUT ANY WARRANTY; without even the implied warranty of\r
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\r
- * GNU General Public License for more details.\r
- *\r
- * You should have received a copy of the GNU General Public License\r
- * along with Mir; if not, write to the Free Software\r
- * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA\r
- *\r
- * In addition, as a special exception, The Mir-coders gives permission to link\r
- * the code of this program with any library licensed under the Apache Software License,\r
- * The Sun (tm) Java Advanced Imaging library (JAI), The Sun JIMI library\r
- * (or with modified versions of the above that use the same license as the above),\r
- * and distribute linked combinations including the two. You must obey the\r
- * GNU General Public License in all respects for all of the code used other than\r
- * the above mentioned libraries. If you modify this file, you may extend this\r
- * exception to your version of the file, but you are not obligated to do so.\r
- * If you do not wish to do so, delete this exception statement from your version.\r
- */\r
-\r
-package mircoders.servlet;\r
-\r
-import java.util.HashMap;\r
-import java.util.Iterator;\r
-import java.util.List;\r
-import java.util.Locale;\r
-import java.util.Map;\r
-import javax.servlet.http.HttpServletRequest;\r
-import javax.servlet.http.HttpServletResponse;\r
-\r
-import mir.entity.adapter.EntityAdapterModel;\r
-import mir.entity.adapter.EntityIteratorAdapter;\r
-import mir.log.LoggerWrapper;\r
-import mir.servlet.ServletModule;\r
-import mir.servlet.ServletModuleExc;\r
-import mir.servlet.ServletModuleFailure;\r
-import mir.servlet.ServletModuleUserExc;\r
-import mir.storage.StorageObjectFailure;\r
-import mir.util.CachingRewindableIterator;\r
-import mir.util.HTTPRequestParser;\r
-import mir.util.URLBuilder;\r
-import mircoders.entity.EntityUsers;\r
-import mircoders.global.MirGlobal;\r
-import mircoders.module.ModuleUsers;\r
-import mircoders.storage.DatabaseUsers;\r
-import mircoders.global.*;\r
-\r
-/**\r
- *\r
- * <p>Title: </p>\r
- * <p>Description: </p>\r
- * <p>Copyright: Copyright (c) 2003</p>\r
- * <p>Company: </p>\r
- * @author not attributable\r
- * @version 1.0\r
- */\r
-public class ServletModuleUsers extends ServletModule\r
-{\r
- private static ServletModuleUsers instance = new ServletModuleUsers();\r
- public static ServletModule getInstance() { return instance; }\r
- protected ModuleUsers usersModule;\r
-\r
- private ServletModuleUsers() {\r
- super();\r
- logger = new LoggerWrapper("ServletModule.Users");\r
-\r
- try {\r
- model = MirGlobal.localizer().dataModel().adapterModel();\r
- definition = "user";\r
- usersModule = new ModuleUsers(DatabaseUsers.getInstance());\r
- mainModule = usersModule;\r
- }\r
- catch (Throwable e) {\r
- logger.debug("initialization of ServletModuleUsers failed!: " + e.getMessage());\r
- }\r
- }\r
-\r
- public void edit(HttpServletRequest aRequest, HttpServletResponse aResponse) throws ServletModuleExc\r
- {\r
- String idParam = aRequest.getParameter("id");\r
-\r
- if (idParam == null)\r
- throw new ServletModuleExc("ServletModuleUser.edit: invalid call: (id) not specified");\r
-\r
- try {\r
- EntityUsers user = (EntityUsers) mainModule.getById(idParam);\r
- MirGlobal.accessControl().user().assertMayEditUser(ServletHelper.getUser(aRequest), user);\r
-\r
- showUser(idParam, false, aRequest, aResponse);\r
- }\r
- catch (Throwable e) {\r
- throw new ServletModuleFailure(e);\r
- }\r
- }\r
-\r
- public void add(HttpServletRequest aRequest, HttpServletResponse aResponse)\r
- throws ServletModuleExc\r
- {\r
- try {\r
- MirGlobal.accessControl().user().assertMayAddUsers(ServletHelper.getUser(aRequest));\r
-\r
- showUser(null, false, aRequest, aResponse);\r
- }\r
- catch (Throwable e) {\r
- throw new ServletModuleFailure(e);\r
- }\r
- }\r
-\r
- public String validatePassword(EntityUsers aUser, HTTPRequestParser aRequestParser) throws ServletModuleExc, ServletModuleUserExc, ServletModuleFailure\r
- {\r
- if ( (aRequestParser.getParameter("newpassword") != null &&\r
- aRequestParser.getParameter("newpassword").length() > 0) ||\r
- (aRequestParser.getParameter("newpassword2") != null &&\r
- aRequestParser.getParameter("newpassword2").length() > 0)\r
- ) {\r
- String newPassword = aRequestParser.getParameterWithDefault("newpassword", "");\r
- String newPassword2 = aRequestParser.getParameterWithDefault("newpassword2", "");\r
- String oldPassword = aRequestParser.getParameterWithDefault("oldpassword", "");\r
-\r
- try {\r
- if (!usersModule.checkUserPassword(aUser, oldPassword)) {\r
- throw new ServletModuleUserExc("user.error.incorrectpassword", new String[] {});\r
- }\r
- }\r
- catch (Throwable t) {\r
- throw new ServletModuleFailure(t);\r
- }\r
-\r
-\r
- if (newPassword.length() == 0 || newPassword2.length() == 0) {\r
- throw new ServletModuleUserExc("user.error.missingpasswords", new String[] {});\r
- }\r
-\r
- if (!newPassword.equals(newPassword2)) {\r
- throw new ServletModuleUserExc("user.error.passwordmismatch", new String[] {});\r
- }\r
-\r
- return newPassword;\r
- }\r
- else\r
- return null;\r
- }\r
-\r
- public void insert(HttpServletRequest aRequest, HttpServletResponse aResponse)\r
- throws ServletModuleExc, ServletModuleUserExc, ServletModuleFailure\r
- {\r
- try {\r
- MirGlobal.accessControl().user().assertMayAddUsers(ServletHelper.getUser(aRequest));\r
-\r
- HTTPRequestParser requestParser = new HTTPRequestParser(aRequest);\r
- Map withValues = getIntersectingValues(aRequest, mainModule.getStorageObject());\r
-\r
- String newPassword=validatePassword(ServletHelper.getUser(aRequest), requestParser);\r
- if (newPassword!=null)\r
- withValues.put("password", newPassword);\r
- else\r
- throw new ServletModuleUserExc("user.error.missingpassword", new String[] {});\r
-\r
- String id = mainModule.add(withValues);\r
- if (requestParser.hasParameter("returnurl"))\r
- redirect(aResponse, requestParser.getParameter("returnurl"));\r
- else\r
- list(aRequest, aResponse);\r
- }\r
- catch (Throwable e) {\r
- throw new ServletModuleFailure(e);\r
- }\r
- }\r
-\r
- public void update(HttpServletRequest aRequest, HttpServletResponse aResponse) throws ServletModuleExc, ServletModuleUserExc, ServletModuleFailure\r
- {\r
- try {\r
- HTTPRequestParser requestParser = new HTTPRequestParser(aRequest);\r
- EntityUsers user = (EntityUsers) mainModule.getById(requestParser.getParameter("id"));\r
- MirGlobal.accessControl().user().assertMayEditUser(ServletHelper.getUser(aRequest), user);\r
-\r
- Map withValues = getIntersectingValues(aRequest, mainModule.getStorageObject());\r
- if (!withValues.containsKey("is_admin"))\r
- withValues.put("is_admin","0");\r
-\r
- String newPassword=validatePassword(ServletHelper.getUser(aRequest), requestParser);\r
- if (newPassword!=null)\r
- withValues.put("password", MirGlobal.localizer().adminInterface().makePasswordDigest(newPassword));\r
-\r
- mainModule.set(withValues);\r
-\r
- if (requestParser.hasParameter("returnurl"))\r
- redirect(aResponse, requestParser.getParameter("returnurl"));\r
- else\r
- list(aRequest, aResponse);\r
- }\r
- catch (Throwable e) {\r
- throw new ServletModuleFailure(e);\r
- }\r
- }\r
-\r
- public void updatepassword(HttpServletRequest aRequest, HttpServletResponse aResponse) throws ServletModuleExc, ServletModuleUserExc, ServletModuleFailure\r
- {\r
- try {\r
- HTTPRequestParser requestParser = new HTTPRequestParser(aRequest);\r
- EntityUsers user = (EntityUsers) mainModule.getById(requestParser.getParameter("id"));\r
- MirGlobal.accessControl().user().assertMayChangeUserPassword(ServletHelper.getUser(aRequest), user);\r
-\r
- String newPassword=validatePassword(ServletHelper.getUser(aRequest), requestParser);\r
- if (newPassword!=null) {\r
- user.setValueForProperty("password", MirGlobal.localizer().adminInterface().makePasswordDigest(newPassword));\r
- user.update();\r
-\r
- // hackish: to make sure the cached logged in user is up-to-date:\r
- ServletHelper.setUser(aRequest, (EntityUsers) mainModule.getById(ServletHelper.getUser(aRequest).getId()));\r
- }\r
-\r
- if (requestParser.hasParameter("returnurl"))\r
- redirect(aResponse, requestParser.getParameter("returnurl"));\r
- else\r
- redirect(aResponse, "");\r
- }\r
- catch (Throwable e) {\r
- throw new ServletModuleFailure(e);\r
- }\r
- }\r
-\r
- public void list(HttpServletRequest aRequest, HttpServletResponse aResponse) throws ServletModuleExc\r
- {\r
- HTTPRequestParser requestParser = new HTTPRequestParser(aRequest);\r
-\r
- int offset = requestParser.getIntegerWithDefault("offset", 0);\r
-\r
- returnUserList(aRequest, aResponse, offset);\r
- }\r
-\r
- public void returnUserList(\r
- HttpServletRequest aRequest,\r
- HttpServletResponse aResponse,\r
- int anOffset) throws ServletModuleExc {\r
-\r
-// ML: to be deleted, support for 3 extra vars to be added\r
-\r
- HTTPRequestParser requestParser = new HTTPRequestParser(aRequest);\r
- URLBuilder urlBuilder = new URLBuilder();\r
- EntityAdapterModel model;\r
- int count;\r
-\r
- try {\r
- Map responseData = ServletHelper.makeGenerationData(aRequest, aResponse, new Locale[] { getLocale(aRequest), getFallbackLocale(aRequest)});\r
- model = MirGlobal.localizer().dataModel().adapterModel();\r
-\r
- Object userList =\r
- new CachingRewindableIterator(\r
- new EntityIteratorAdapter( "", "login", nrEntitiesPerListPage,\r
- MirGlobal.localizer().dataModel().adapterModel(), "user", nrEntitiesPerListPage, anOffset)\r
- );\r
-\r
- responseData.put("nexturl", null);\r
- responseData.put("prevurl", null);\r
-\r
- count=mainModule.getSize("");\r
-\r
- urlBuilder.setValue("module", "Users");\r
- urlBuilder.setValue("do", "list");\r
-\r
- urlBuilder.setValue("offset", anOffset);\r
- responseData.put("offset" , new Integer(anOffset).toString());\r
- responseData.put("thisurl" , urlBuilder.getQuery());\r
-\r
- if (count>=anOffset+nrEntitiesPerListPage) {\r
- urlBuilder.setValue("offset", (anOffset + nrEntitiesPerListPage));\r
- responseData.put("nexturl" , urlBuilder.getQuery());\r
- }\r
-\r
- if (anOffset>0) {\r
- urlBuilder.setValue("offset", Math.max(anOffset - nrEntitiesPerListPage, 0));\r
- responseData.put("prevurl" , urlBuilder.getQuery());\r
- }\r
-\r
- responseData.put("users", userList);\r
- responseData.put("mayDeleteUsers", new Boolean(MirGlobal.accessControl().user().mayDeleteUsers(ServletHelper.getUser(aRequest))));\r
- responseData.put("mayAddUsers", new Boolean(MirGlobal.accessControl().user().mayAddUsers(ServletHelper.getUser(aRequest))));\r
- responseData.put("mayEditUsers", new Boolean(MirGlobal.accessControl().user().mayEditUsers(ServletHelper.getUser(aRequest))));\r
-\r
- responseData.put("from" , Integer.toString(anOffset+1));\r
- responseData.put("count", Integer.toString(count));\r
- responseData.put("to", Integer.toString(Math.min(anOffset+nrEntitiesPerListPage, count)));\r
- responseData.put("offset" , Integer.toString(anOffset));\r
-\r
- ServletHelper.generateResponse(aResponse.getWriter(), responseData, listGenerator);\r
- }\r
- catch (Throwable e) {\r
- throw new ServletModuleFailure(e);\r
- }\r
- }\r
-\r
- public void showUser(String anId, boolean anOnlyPassword, HttpServletRequest aRequest, HttpServletResponse aResponse)\r
- throws ServletModuleExc {\r
- try {\r
- HTTPRequestParser requestParser = new HTTPRequestParser(aRequest);\r
- Map responseData = ServletHelper.makeGenerationData(aRequest, aResponse, new Locale[] { getLocale(aRequest), getFallbackLocale(aRequest)});\r
- EntityAdapterModel model = MirGlobal.localizer().dataModel().adapterModel();\r
- Map user;\r
- URLBuilder urlBuilder = new URLBuilder();\r
-\r
- urlBuilder.setValue("module", "Users");\r
- if (anOnlyPassword)\r
- urlBuilder.setValue("do", "changepassword");\r
- else\r
- urlBuilder.setValue("do", "edit");\r
- urlBuilder.setValue("id", anId);\r
- urlBuilder.setValue("returnurl", requestParser.getParameter("returnurl"));\r
-\r
- if (anId!=null) {\r
- responseData.put("new", Boolean.FALSE);\r
- user = model.makeEntityAdapter("user", mainModule.getById(anId));\r
- }\r
- else {\r
- List fields = DatabaseUsers.getInstance().getFields();\r
- responseData.put("new", Boolean.TRUE);\r
- user = new HashMap();\r
- Iterator i = fields.iterator();\r
- while (i.hasNext()) {\r
- user.put(i.next(), null);\r
- }\r
-\r
- MirGlobal.localizer().adminInterface().initializeArticle(user);\r
- }\r
- responseData.put("user", user);\r
- responseData.put("passwordonly", new Boolean(anOnlyPassword));\r
-\r
- responseData.put("returnurl", requestParser.getParameter("returnurl"));\r
- responseData.put("thisurl", urlBuilder.getQuery());\r
-\r
- ServletHelper.generateResponse(aResponse.getWriter(), responseData, editGenerator);\r
- }\r
- catch (Throwable e) {\r
- throw new ServletModuleFailure(e);\r
- }\r
- }\r
-\r
- public void delete(HttpServletRequest aRequest, HttpServletResponse aResponse) throws ServletModuleUserExc, ServletModuleExc, ServletModuleFailure {\r
- try {\r
- EntityUsers user = (EntityUsers) mainModule.getById(aRequest.getParameter("id"));\r
-\r
- MirGlobal.accessControl().user().assertMayDeleteUser(ServletHelper.getUser(aRequest), user);\r
-\r
- super.delete(aRequest, aResponse);\r
- }\r
- catch (Throwable t) {\r
- throw new ServletModuleFailure(t);\r
- }\r
- }\r
-\r
- public void changepassword(HttpServletRequest aRequest, HttpServletResponse aResponse) throws ServletModuleExc\r
- {\r
- String idParam = aRequest.getParameter("id");\r
-\r
- if (idParam == null)\r
- throw new ServletModuleExc("ServletModuleUser.edit: invalid call: (id) not specified");\r
-\r
- try {\r
- EntityUsers user = (EntityUsers) mainModule.getById(idParam);\r
- MirGlobal.accessControl().user().assertMayChangeUserPassword(ServletHelper.getUser(aRequest), user);\r
-\r
- showUser(idParam, true, aRequest, aResponse);\r
- }\r
- catch (Throwable e) {\r
- throw new ServletModuleFailure(e);\r
- }\r
- }\r
-}\r
-\r
+/*
+ * Copyright (C) 2001, 2002 The Mir-coders group
+ *
+ * This file is part of Mir.
+ *
+ * Mir is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * Mir is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with Mir; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ *
+ * In addition, as a special exception, The Mir-coders gives permission to link
+ * the code of this program with any library licensed under the Apache Software License,
+ * The Sun (tm) Java Advanced Imaging library (JAI), The Sun JIMI library
+ * (or with modified versions of the above that use the same license as the above),
+ * and distribute linked combinations including the two. You must obey the
+ * GNU General Public License in all respects for all of the code used other than
+ * the above mentioned libraries. If you modify this file, you may extend this
+ * exception to your version of the file, but you are not obligated to do so.
+ * If you do not wish to do so, delete this exception statement from your version.
+ */
+
+package mircoders.servlet;
+
+import mir.entity.adapter.EntityAdapterModel;
+import mir.entity.adapter.EntityIteratorAdapter;
+import mir.log.LoggerWrapper;
+import mir.servlet.ServletModule;
+import mir.servlet.ServletModuleExc;
+import mir.servlet.ServletModuleFailure;
+import mir.servlet.ServletModuleUserExc;
+import mir.util.CachingRewindableIterator;
+import mir.util.HTTPRequestParser;
+import mir.util.URLBuilder;
+import mircoders.entity.EntityUsers;
+import mircoders.global.MirGlobal;
+import mircoders.module.ModuleUsers;
+import mircoders.storage.DatabaseUsers;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.util.*;
+
+/**
+ *
+ *
+ */
+public class ServletModuleUsers extends ServletModule
+{
+ private static ServletModuleUsers instance = new ServletModuleUsers();
+ public static ServletModule getInstance() { return instance; }
+ protected ModuleUsers usersModule;
+
+ private ServletModuleUsers() {
+ super();
+ logger = new LoggerWrapper("ServletModule.Users");
+
+ try {
+ definition = "user";
+ usersModule = new ModuleUsers();
+ mainModule = usersModule;
+ }
+ catch (Throwable e) {
+ logger.debug("initialization of ServletModuleUsers failed!: " + e.getMessage());
+ }
+ }
+
+ public void edit(HttpServletRequest aRequest, HttpServletResponse aResponse) throws ServletModuleExc
+ {
+ String idParam = aRequest.getParameter("id");
+
+ if (idParam == null)
+ throw new ServletModuleExc("ServletModuleUser.edit: invalid call: (id) not specified");
+
+ try {
+ EntityUsers user = (EntityUsers) mainModule.getById(idParam);
+ MirGlobal.accessControl().user().assertMayEditUser(ServletHelper.getUser(aRequest), user);
+
+ showUser(idParam, false, aRequest, aResponse);
+ }
+ catch (Throwable e) {
+ throw new ServletModuleFailure(e);
+ }
+ }
+
+ public void add(HttpServletRequest aRequest, HttpServletResponse aResponse)
+ throws ServletModuleExc
+ {
+ try {
+ MirGlobal.accessControl().user().assertMayAddUsers(ServletHelper.getUser(aRequest));
+
+ showUser(null, false, aRequest, aResponse);
+ }
+ catch (Throwable e) {
+ throw new ServletModuleFailure(e);
+ }
+ }
+
+ public String validatePassword(EntityUsers aUser, HTTPRequestParser aRequestParser) throws ServletModuleExc, ServletModuleUserExc, ServletModuleFailure
+ {
+ if ( (aRequestParser.getParameter("newpassword") != null &&
+ aRequestParser.getParameter("newpassword").length() > 0) ||
+ (aRequestParser.getParameter("newpassword2") != null &&
+ aRequestParser.getParameter("newpassword2").length() > 0)
+ ) {
+ String newPassword = aRequestParser.getParameterWithDefault("newpassword", "");
+ String newPassword2 = aRequestParser.getParameterWithDefault("newpassword2", "");
+ String oldPassword = aRequestParser.getParameterWithDefault("oldpassword", "");
+
+ try {
+ if (!usersModule.checkUserPassword(aUser, oldPassword)) {
+ throw new ServletModuleUserExc("user.error.incorrectpassword", new String[] {});
+ }
+ }
+ catch (Throwable t) {
+ throw new ServletModuleFailure(t);
+ }
+
+
+ if (newPassword.length() == 0 || newPassword2.length() == 0) {
+ throw new ServletModuleUserExc("user.error.missingpasswords", new String[] {});
+ }
+
+ if (!newPassword.equals(newPassword2)) {
+ throw new ServletModuleUserExc("user.error.passwordmismatch", new String[] {});
+ }
+
+ return newPassword;
+ }
+ else
+ return null;
+ }
+
+ public void insert(HttpServletRequest aRequest, HttpServletResponse aResponse)
+ throws ServletModuleExc, ServletModuleUserExc, ServletModuleFailure
+ {
+ try {
+ MirGlobal.accessControl().user().assertMayAddUsers(ServletHelper.getUser(aRequest));
+
+ HTTPRequestParser requestParser = new HTTPRequestParser(aRequest);
+ Map withValues = getIntersectingValues(aRequest, mainModule.getStorageObject());
+
+ String newPassword=validatePassword(ServletHelper.getUser(aRequest), requestParser);
+ if (newPassword!=null)
+ withValues.put("password", newPassword);
+ else
+ throw new ServletModuleUserExc("user.error.missingpassword", new String[] {});
+
+ String id = mainModule.add(withValues);
+
+ logAdminUsage(aRequest, id, "object added");
+
+ if (requestParser.hasParameter("returnurl"))
+ ServletHelper.redirect(aResponse, requestParser.getParameter("returnurl"));
+ else
+ list(aRequest, aResponse);
+ }
+ catch (Throwable e) {
+ throw new ServletModuleFailure(e);
+ }
+ }
+
+ public void update(HttpServletRequest aRequest, HttpServletResponse aResponse) throws ServletModuleExc, ServletModuleUserExc, ServletModuleFailure
+ {
+ try {
+ HTTPRequestParser requestParser = new HTTPRequestParser(aRequest);
+ String id = requestParser.getParameter("id");
+ EntityUsers user = (EntityUsers) mainModule.getById(id);
+ MirGlobal.accessControl().user().assertMayEditUser(ServletHelper.getUser(aRequest), user);
+
+ Map withValues = getIntersectingValues(aRequest, mainModule.getStorageObject());
+ if (!withValues.containsKey("is_admin"))
+ withValues.put("is_admin","0");
+ if (!withValues.containsKey("is_disabled"))
+ withValues.put("is_disabled","0");
+
+ String newPassword=validatePassword(ServletHelper.getUser(aRequest), requestParser);
+ if (newPassword!=null)
+ withValues.put("password", MirGlobal.localizer().adminInterface().makePasswordDigest(newPassword));
+
+ mainModule.set(withValues);
+
+ logAdminUsage(aRequest, id, "object modified");
+
+ if (requestParser.hasParameter("returnurl"))
+ ServletHelper.redirect(aResponse, requestParser.getParameter("returnurl"));
+ else
+ list(aRequest, aResponse);
+ }
+ catch (Throwable e) {
+ throw new ServletModuleFailure(e);
+ }
+ }
+
+ public void updatepassword(HttpServletRequest aRequest, HttpServletResponse aResponse) throws ServletModuleExc, ServletModuleUserExc, ServletModuleFailure
+ {
+ try {
+ HTTPRequestParser requestParser = new HTTPRequestParser(aRequest);
+ String id = requestParser.getParameter("id");
+ EntityUsers user = (EntityUsers) mainModule.getById(id);
+ MirGlobal.accessControl().user().assertMayChangeUserPassword(ServletHelper.getUser(aRequest), user);
+
+ String newPassword=validatePassword(ServletHelper.getUser(aRequest), requestParser);
+ if (newPassword!=null) {
+ user.setFieldValue("password", MirGlobal.localizer().adminInterface().makePasswordDigest(newPassword));
+ user.update();
+
+ logAdminUsage(aRequest, id, "password changed");
+
+ // hackish: to make sure the cached logged in user is up-to-date:
+ ServletHelper.setUser(aRequest, (EntityUsers) mainModule.getById(ServletHelper.getUser(aRequest).getId()));
+ }
+
+ if (requestParser.hasParameter("returnurl"))
+ ServletHelper.redirect(aResponse, requestParser.getParameter("returnurl"));
+ else
+ ServletHelper.redirect(aResponse, "");
+ }
+ catch (Throwable e) {
+ throw new ServletModuleFailure(e);
+ }
+ }
+
+ public void list(HttpServletRequest aRequest, HttpServletResponse aResponse) throws ServletModuleExc
+ {
+ HTTPRequestParser requestParser = new HTTPRequestParser(aRequest);
+
+ int offset = requestParser.getIntegerWithDefault("offset", 0);
+
+ returnUserList(aRequest, aResponse, offset);
+ }
+
+ public void returnUserList(
+ HttpServletRequest aRequest,
+ HttpServletResponse aResponse,
+ int anOffset) throws ServletModuleExc {
+
+// ML: to be deleted, support for 3 extra vars to be added
+ URLBuilder urlBuilder = new URLBuilder();
+ int count;
+
+ try {
+ Map responseData = ServletHelper.makeGenerationData(aRequest, aResponse, new Locale[] { getLocale(aRequest), getFallbackLocale(aRequest)});
+ model = MirGlobal.localizer().dataModel().adapterModel();
+
+ Object userList =
+ new CachingRewindableIterator(
+ new EntityIteratorAdapter( "", "login", nrEntitiesPerListPage,
+ MirGlobal.localizer().dataModel().adapterModel(), "user", nrEntitiesPerListPage, anOffset)
+ );
+
+ responseData.put("nexturl", null);
+ responseData.put("prevurl", null);
+
+ count=mainModule.getSize("");
+
+ urlBuilder.setValue("module", "Users");
+ urlBuilder.setValue("do", "list");
+
+ urlBuilder.setValue("offset", anOffset);
+ responseData.put("offset" , new Integer(anOffset).toString());
+ responseData.put("thisurl" , urlBuilder.getQuery());
+
+ if (count>=anOffset+nrEntitiesPerListPage) {
+ urlBuilder.setValue("offset", (anOffset + nrEntitiesPerListPage));
+ responseData.put("nexturl" , urlBuilder.getQuery());
+ }
+
+ if (anOffset>0) {
+ urlBuilder.setValue("offset", Math.max(anOffset - nrEntitiesPerListPage, 0));
+ responseData.put("prevurl" , urlBuilder.getQuery());
+ }
+
+ responseData.put("users", userList);
+ responseData.put("mayDeleteUsers", new Boolean(MirGlobal.accessControl().user().mayDeleteUsers(ServletHelper.getUser(aRequest))));
+ responseData.put("mayAddUsers", new Boolean(MirGlobal.accessControl().user().mayAddUsers(ServletHelper.getUser(aRequest))));
+ responseData.put("mayEditUsers", new Boolean(MirGlobal.accessControl().user().mayEditUsers(ServletHelper.getUser(aRequest))));
+
+ responseData.put("from" , Integer.toString(anOffset+1));
+ responseData.put("count", Integer.toString(count));
+ responseData.put("to", Integer.toString(Math.min(anOffset+nrEntitiesPerListPage, count)));
+ responseData.put("offset" , Integer.toString(anOffset));
+
+ ServletHelper.generateResponse(aResponse.getWriter(), responseData, listGenerator);
+ }
+ catch (Throwable e) {
+ throw new ServletModuleFailure(e);
+ }
+ }
+
+ public void showUser(String anId, boolean anOnlyPassword, HttpServletRequest aRequest, HttpServletResponse aResponse)
+ throws ServletModuleExc {
+ try {
+ HTTPRequestParser requestParser = new HTTPRequestParser(aRequest);
+ Map responseData = ServletHelper.makeGenerationData(aRequest, aResponse, new Locale[] { getLocale(aRequest), getFallbackLocale(aRequest)});
+ EntityAdapterModel model = MirGlobal.localizer().dataModel().adapterModel();
+ Map user;
+ URLBuilder urlBuilder = new URLBuilder();
+
+ urlBuilder.setValue("module", "Users");
+ if (anOnlyPassword)
+ urlBuilder.setValue("do", "changepassword");
+ else
+ urlBuilder.setValue("do", "edit");
+ urlBuilder.setValue("id", anId);
+ urlBuilder.setValue("returnurl", requestParser.getParameter("returnurl"));
+
+ if (anId!=null) {
+ responseData.put("new", Boolean.FALSE);
+ user = model.makeEntityAdapter("user", mainModule.getById(anId));
+ }
+ else {
+ List fields = DatabaseUsers.getInstance().getFields();
+ responseData.put("new", Boolean.TRUE);
+ user = new HashMap();
+ Iterator i = fields.iterator();
+ while (i.hasNext()) {
+ user.put(i.next(), null);
+ }
+
+ MirGlobal.localizer().adminInterface().initializeArticle(user);
+ }
+ responseData.put("user", user);
+ responseData.put("passwordonly", new Boolean(anOnlyPassword));
+
+ responseData.put("returnurl", requestParser.getParameter("returnurl"));
+ responseData.put("thisurl", urlBuilder.getQuery());
+
+ ServletHelper.generateResponse(aResponse.getWriter(), responseData, editGenerator);
+ }
+ catch (Throwable e) {
+ throw new ServletModuleFailure(e);
+ }
+ }
+
+ public void delete(HttpServletRequest aRequest, HttpServletResponse aResponse) throws ServletModuleUserExc, ServletModuleExc, ServletModuleFailure {
+ try {
+ EntityUsers user = (EntityUsers) mainModule.getById(aRequest.getParameter("id"));
+
+ MirGlobal.accessControl().user().assertMayDeleteUser(ServletHelper.getUser(aRequest), user);
+
+ super.delete(aRequest, aResponse);
+ }
+ catch (Throwable t) {
+ throw new ServletModuleFailure(t);
+ }
+ }
+
+ public void changepassword(HttpServletRequest aRequest, HttpServletResponse aResponse) throws ServletModuleExc
+ {
+ String idParam = aRequest.getParameter("id");
+
+ if (idParam == null)
+ throw new ServletModuleExc("ServletModuleUser.edit: invalid call: (id) not specified");
+
+ try {
+ EntityUsers user = (EntityUsers) mainModule.getById(idParam);
+ MirGlobal.accessControl().user().assertMayChangeUserPassword(ServletHelper.getUser(aRequest), user);
+
+ showUser(idParam, true, aRequest, aResponse);
+ }
+ catch (Throwable e) {
+ throw new ServletModuleFailure(e);
+ }
+ }
+}
+
projects / mir.git / blobdiff