src/main/resources/archetype-resources/src/main/java/flux/modules/actions/user/FluxUserAction.java - turbine-archetypes - Git at Google

 package ${package}.flux.modules.actions.user;

 /*
  * Copyright 2001-2019 The Apache Software Foundation.
  *
  * Licensed under the Apache License, Version 2.0 (the "License")
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
  *
  *     http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */

 import org.apache.commons.lang3.StringUtils;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.apache.fulcrum.security.entity.Group;
 import org.apache.fulcrum.security.entity.Role;
 import org.apache.fulcrum.security.model.turbine.TurbineAccessControlList;
 import org.apache.fulcrum.security.util.GroupSet;
 import org.apache.fulcrum.security.util.RoleSet;
 import org.apache.turbine.annotation.TurbineService;
 import org.apache.turbine.om.security.User;
 import org.apache.turbine.pipeline.PipelineData;
 import org.apache.turbine.services.security.SecurityService;
 import org.apache.turbine.util.RunData;
 import org.apache.velocity.context.Context;

 import ${package}.flux.modules.actions.FluxAction;

 /**
  * Change Password action.
  *
  */
 public class FluxUserAction extends FluxAction {
 	private static Log log = LogFactory.getLog(FluxUserAction.class);

 	/** Injected service instance */
 	@TurbineService
 	private SecurityService security;

 	/**
 	 * ActionEvent responsible for inserting a new user into the Turbine security
 	 * system.
 	 */
 	public void doInsert(PipelineData pipelineData, Context context) throws Exception {
 		RunData data = (RunData) pipelineData;

 		/*
 		 * Grab the username entered in the form.
 		 */
 		String username = data.getParameters().getString("username");
 		String password = data.getParameters().getString("password");

 		if (!StringUtils.isEmpty(username) && !StringUtils.isEmpty(password)) {
 			/*
 			 * Make sure this account doesn't already exist. If the account already exists
 			 * then alert the user and make them change the username.
 			 */
 			if (security.accountExists(username)) {
 				context.put("username", username);
 				context.put("errorTemplate", "user,FluxUserAlreadyExists.vm");

 				data.setMessage("The user already exists");
 				data.getParameters().add("mode", "insert");
 				data.setScreen("user,FluxUserForm.vm");
 				return;
 			} else {

 				try {
 					/*
 					 * Create a new user modeled directly from the SecurityServiceTest method
 					 */
 					User user = security.getUserInstance(username);
 					data.getParameters().setProperties(user);
 					security.addUser(user, password);

 					// Use security to force the password
 					security.forcePassword(user, password);

 				} catch (Exception e) {
 					log.error("Error adding new user: " + e);

 					context.put("username", username);
 					context.put("errorTemplate", "user,FluxUserAlreadyExists.vm");

 					data.setMessage("Could not add the user");
 					data.getParameters().add("mode", "insert");
 					data.setScreen("user,FluxUserForm.vm");
 					return;
 				}
 			}

 		} else {
 			String msg = "Cannot add user without username or password";
 			log.error(msg);
 			data.setMessage(msg);
 			data.getParameters().add("mode", "insert");
 			data.setScreen("user,FluxUserForm.vm");
 		}
 	}

 	/**
 	 * ActionEvent responsible updating a user. Must check the input for integrity
 	 * before allowing the user info to be update in the database.
 	 */
 	public void doUpdate(PipelineData pipelineData, Context context) throws Exception {
 		RunData data = (RunData) pipelineData;
 		String username = data.getParameters().getString("username");
 		if (!StringUtils.isEmpty(username)) {
 			if (security.accountExists(username)) {

 				// This wrapped user does work for change password though... see below
 				User user = security.getUser(username);
 				if (user != null) {

 					// update all properties from form
 					data.getParameters().setProperties(user);

 					// save the changes to the user account
 					security.saveUser(user);

 					// get the new password from form submit
 					String password = data.getParameters().getString("password");

 					// Only update if we received a new (non-empty) password
 					if (!StringUtils.isEmpty(password)) {

 						// Change user password
 						security.changePassword(user, user.getPassword(), password);

 						// this still works
 						security.forcePassword(user, password);
 					} else {
 						data.setMessage("Cannot provide an empty password");
 						return;
 					}

 				}

 			} else {
 				log.error("User does not exist!");
 			}
 		}
 	}

 	/**
 	 * ActionEvent responsible for removing a user from the Tambora system.
 	 */
 	public void doDelete(PipelineData pipelineData, Context context) throws Exception {

 		try {
 			RunData data = (RunData) pipelineData;
 			String username = data.getParameters().getString("username");
 			if (!StringUtils.isEmpty(username)) {
 				if (security.accountExists(username)) {

 					// find the user object and remove using security mgr
 					User user = security.getUser(username);

 					// get the turbine user id
 					int id = (int) user.getId();

 					// remove the turbine user
 					security.removeUser(user);

 				} else {
 					log.error("User does not exist!");
 					data.setMessage("User not found!");
 				}
 			}
 		} catch (Exception e) {
 			log.error("Could not remove user: " + e);
 		}
 	}

 	/**
 	 * Update the roles that are to assigned to a user for a project.
 	 */
 	public void doRoles(PipelineData pipelineData, Context context) throws Exception {
 		RunData data = (RunData) pipelineData;

 		try {
 			/*
 			 * Get the user we are trying to update. The username has been hidden in the
 			 * form so we will grab the hidden username and use that to retrieve the user.
 			 */
 			String username = data.getParameters().getString("username");
 			if (!StringUtils.isEmpty(username)) {
 				if (security.accountExists(username)) {
 					User user = security.getUser(username);

 					// Get the Turbine ACL implementation
 					TurbineAccessControlList acl = security.getUserManager().getACL(user);

 					/*
 					 * Grab all the Groups and Roles in the system.
 					 */
 					GroupSet groups = security.getAllGroups();
 					RoleSet roles = security.getAllRoles();

 					for (Group group : groups) {
 						String groupName = group.getName();
 						for (Role role : roles) {
 							String roleName = role.getName();

 							/*
 							 * In the UserRoleForm.vm we made a checkbox for every possible Group/Role
 							 * combination so we will compare every possible combination with the values
 							 * that were checked off in the form. If we have a match then we will grant the
 							 * user the role in the group.
 							 */
 							String groupRole = groupName + roleName;
 							String formGroupRole = data.getParameters().getString(groupRole);
 							boolean addGroupRole = false;

 							// signal to add group
 							if (!StringUtils.isEmpty(formGroupRole))
 								addGroupRole = true;

 							if (addGroupRole) {
 								// only add if new
 								if (!acl.hasRole(role, group)) {
 									security.grant(user, group, role);
 								}

 							} else {

 								// only remove if it was previously assigned
 								if (acl.hasRole(role, group)) {

 									// revoke the role for this user
 									acl.getRoles(group).remove(role);

 									// revoke the user/group/role entry
 									security.revoke(user, group, role);
 								}
 							}

 						}
 					}

 				} else {
 					log.error("User does not exist!");
 				}
 			}

 		} catch (Exception e) {
 			log.error("Error on role assignment: " + e);
 		}
 	}

 	/**
 	 * Implement this to add information to the context.
 	 */
 	public void doPerform(PipelineData pipelineData, Context context) throws Exception {
 		log.info("Running do perform!");
 		( (RunData) pipelineData).setMessage("Can't find the requested action!");
 	}

 }
	package ${package}.flux.modules.actions.user;

	/*
	* Copyright 2001-2019 The Apache Software Foundation.
	*
	* Licensed under the Apache License, Version 2.0 (the "License")
	* you may not use this file except in compliance with the License.
	* You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing, software
	* distributed under the License is distributed on an "AS IS" BASIS,
	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	* See the License for the specific language governing permissions and
	* limitations under the License.
	*/

	import org.apache.commons.lang3.StringUtils;
	import org.apache.commons.logging.Log;
	import org.apache.commons.logging.LogFactory;
	import org.apache.fulcrum.security.entity.Group;
	import org.apache.fulcrum.security.entity.Role;
	import org.apache.fulcrum.security.model.turbine.TurbineAccessControlList;
	import org.apache.fulcrum.security.util.GroupSet;
	import org.apache.fulcrum.security.util.RoleSet;
	import org.apache.turbine.annotation.TurbineService;
	import org.apache.turbine.om.security.User;
	import org.apache.turbine.pipeline.PipelineData;
	import org.apache.turbine.services.security.SecurityService;
	import org.apache.turbine.util.RunData;
	import org.apache.velocity.context.Context;

	import ${package}.flux.modules.actions.FluxAction;

	/**
	* Change Password action.
	*
	*/
	public class FluxUserAction extends FluxAction {
	private static Log log = LogFactory.getLog(FluxUserAction.class);

	/** Injected service instance */
	@TurbineService
	private SecurityService security;

	/**
	* ActionEvent responsible for inserting a new user into the Turbine security
	* system.
	*/
	public void doInsert(PipelineData pipelineData, Context context) throws Exception {
	RunData data = (RunData) pipelineData;

	/*
	* Grab the username entered in the form.
	*/
	String username = data.getParameters().getString("username");
	String password = data.getParameters().getString("password");

	if (!StringUtils.isEmpty(username) && !StringUtils.isEmpty(password)) {
	/*
	* Make sure this account doesn't already exist. If the account already exists
	* then alert the user and make them change the username.
	*/
	if (security.accountExists(username)) {
	context.put("username", username);
	context.put("errorTemplate", "user,FluxUserAlreadyExists.vm");

	data.setMessage("The user already exists");
	data.getParameters().add("mode", "insert");
	data.setScreen("user,FluxUserForm.vm");
	return;
	} else {

	try {
	/*
	* Create a new user modeled directly from the SecurityServiceTest method
	*/
	User user = security.getUserInstance(username);
	data.getParameters().setProperties(user);
	security.addUser(user, password);

	// Use security to force the password
	security.forcePassword(user, password);

	} catch (Exception e) {
	log.error("Error adding new user: " + e);

	context.put("username", username);
	context.put("errorTemplate", "user,FluxUserAlreadyExists.vm");

	data.setMessage("Could not add the user");
	data.getParameters().add("mode", "insert");
	data.setScreen("user,FluxUserForm.vm");
	return;
	}
	}

	} else {
	String msg = "Cannot add user without username or password";
	log.error(msg);
	data.setMessage(msg);
	data.getParameters().add("mode", "insert");
	data.setScreen("user,FluxUserForm.vm");
	}
	}

	/**
	* ActionEvent responsible updating a user. Must check the input for integrity
	* before allowing the user info to be update in the database.
	*/
	public void doUpdate(PipelineData pipelineData, Context context) throws Exception {
	RunData data = (RunData) pipelineData;
	String username = data.getParameters().getString("username");
	if (!StringUtils.isEmpty(username)) {
	if (security.accountExists(username)) {

	// This wrapped user does work for change password though... see below
	User user = security.getUser(username);
	if (user != null) {

	// update all properties from form
	data.getParameters().setProperties(user);

	// save the changes to the user account
	security.saveUser(user);

	// get the new password from form submit
	String password = data.getParameters().getString("password");

	// Only update if we received a new (non-empty) password
	if (!StringUtils.isEmpty(password)) {

	// Change user password
	security.changePassword(user, user.getPassword(), password);

	// this still works
	security.forcePassword(user, password);
	} else {
	data.setMessage("Cannot provide an empty password");
	return;
	}

	}

	} else {
	log.error("User does not exist!");
	}
	}
	}

	/**
	* ActionEvent responsible for removing a user from the Tambora system.
	*/
	public void doDelete(PipelineData pipelineData, Context context) throws Exception {

	try {
	RunData data = (RunData) pipelineData;
	String username = data.getParameters().getString("username");
	if (!StringUtils.isEmpty(username)) {
	if (security.accountExists(username)) {

	// find the user object and remove using security mgr
	User user = security.getUser(username);

	// get the turbine user id
	int id = (int) user.getId();

	// remove the turbine user
	security.removeUser(user);

	} else {
	log.error("User does not exist!");
	data.setMessage("User not found!");
	}
	}
	} catch (Exception e) {
	log.error("Could not remove user: " + e);
	}
	}

	/**
	* Update the roles that are to assigned to a user for a project.
	*/
	public void doRoles(PipelineData pipelineData, Context context) throws Exception {
	RunData data = (RunData) pipelineData;

	try {
	/*
	* Get the user we are trying to update. The username has been hidden in the
	* form so we will grab the hidden username and use that to retrieve the user.
	*/
	String username = data.getParameters().getString("username");
	if (!StringUtils.isEmpty(username)) {
	if (security.accountExists(username)) {
	User user = security.getUser(username);

	// Get the Turbine ACL implementation
	TurbineAccessControlList acl = security.getUserManager().getACL(user);

	/*
	* Grab all the Groups and Roles in the system.
	*/
	GroupSet groups = security.getAllGroups();
	RoleSet roles = security.getAllRoles();

	for (Group group : groups) {
	String groupName = group.getName();
	for (Role role : roles) {
	String roleName = role.getName();

	/*
	* In the UserRoleForm.vm we made a checkbox for every possible Group/Role
	* combination so we will compare every possible combination with the values
	* that were checked off in the form. If we have a match then we will grant the
	* user the role in the group.
	*/
	String groupRole = groupName + roleName;
	String formGroupRole = data.getParameters().getString(groupRole);
	boolean addGroupRole = false;

	// signal to add group
	if (!StringUtils.isEmpty(formGroupRole))
	addGroupRole = true;

	if (addGroupRole) {
	// only add if new
	if (!acl.hasRole(role, group)) {
	security.grant(user, group, role);
	}

	} else {

	// only remove if it was previously assigned
	if (acl.hasRole(role, group)) {

	// revoke the role for this user
	acl.getRoles(group).remove(role);

	// revoke the user/group/role entry
	security.revoke(user, group, role);
	}
	}

	}
	}

	} else {
	log.error("User does not exist!");
	}
	}

	} catch (Exception e) {
	log.error("Error on role assignment: " + e);
	}
	}

	/**
	* Implement this to add information to the context.
	*/
	public void doPerform(PipelineData pipelineData, Context context) throws Exception {
	log.info("Running do perform!");
	( (RunData) pipelineData).setMessage("Can't find the requested action!");
	}

	}