1 package org.codehaus.plexus.redback.struts2.action.admin;
4 * Licensed to the Apache Software Foundation (ASF) under one
5 * or more contributor license agreements. See the NOTICE file
6 * distributed with this work for additional information
7 * regarding copyright ownership. The ASF licenses this file
8 * to you under the Apache License, Version 2.0 (the
9 * "License"); you may not use this file except in compliance
10 * with the License. You may obtain a copy of the License at
12 * http://www.apache.org/licenses/LICENSE-2.0
14 * Unless required by applicable law or agreed to in writing,
15 * software distributed under the License is distributed on an
16 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
17 * KIND, either express or implied. See the License for the
18 * specific language governing permissions and limitations
22 import org.apache.commons.lang.StringEscapeUtils;
23 import org.apache.struts2.ServletActionContext;
24 import org.codehaus.plexus.redback.rbac.RBACManager;
25 import org.codehaus.plexus.redback.rbac.RbacManagerException;
26 import org.codehaus.plexus.redback.rbac.RbacObjectNotFoundException;
27 import org.codehaus.plexus.redback.rbac.Resource;
28 import org.codehaus.plexus.redback.rbac.Role;
29 import org.codehaus.plexus.redback.rbac.UserAssignment;
30 import org.codehaus.plexus.redback.struts2.action.AbstractSecurityAction;
31 import org.codehaus.plexus.redback.system.SecuritySystem;
32 import org.codehaus.plexus.redback.users.User;
33 import org.codehaus.plexus.redback.users.UserManager;
34 import org.codehaus.plexus.redback.users.UserQuery;
35 import org.codehaus.plexus.util.StringUtils;
36 import org.codehaus.redback.integration.interceptor.SecureActionBundle;
37 import org.codehaus.redback.integration.interceptor.SecureActionException;
38 import org.codehaus.redback.integration.reports.Report;
39 import org.codehaus.redback.integration.reports.ReportManager;
40 import org.codehaus.redback.integration.role.RoleConstants;
41 import org.extremecomponents.table.context.Context;
42 import org.extremecomponents.table.context.HttpServletRequestContext;
43 import org.extremecomponents.table.limit.FilterSet;
44 import org.extremecomponents.table.limit.Limit;
45 import org.extremecomponents.table.limit.LimitFactory;
46 import org.extremecomponents.table.limit.TableLimit;
47 import org.extremecomponents.table.limit.TableLimitFactory;
48 import org.springframework.context.annotation.Scope;
49 import org.springframework.stereotype.Controller;
51 import javax.inject.Inject;
52 import javax.inject.Named;
53 import java.util.ArrayList;
54 import java.util.Collection;
55 import java.util.Collections;
56 import java.util.HashSet;
57 import java.util.List;
64 * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
67 @Controller( "redback-admin-user-list" )
69 public class UserListAction
70 extends AbstractSecurityAction
72 // ------------------------------------------------------------------
73 // Component Requirements
74 // ------------------------------------------------------------------
80 private SecuritySystem securitySystem;
86 @Named( value = "rBACManager#cached" )
87 private RBACManager rbac;
93 private ReportManager reportManager;
95 // ------------------------------------------------------------------
97 // ------------------------------------------------------------------
99 private List<User> users;
101 private List<Role> roles;
103 private String roleName;
105 // ------------------------------------------------------------------
106 // Action Entry Points - (aka Names)
107 // ------------------------------------------------------------------
113 roles = rbac.getAllRoles();
115 catch ( RbacManagerException e )
117 roles = Collections.emptyList();
120 if ( StringUtils.isEmpty( roleName ) )
122 users = findUsersWithFilter();
126 roleName = StringEscapeUtils.escapeXml( roleName );
130 Role target = rbac.getRole( roleName );
131 Set<String> targetRoleNames = new HashSet<String>();
133 for ( int i = 0; i < roles.size(); i++ )
135 Role r = roles.get( i );
136 if ( rbac.getEffectiveRoles( r ).contains( target ) )
138 targetRoleNames.add( r.getName() );
142 users = findUsers( targetRoleNames );
144 catch ( RbacObjectNotFoundException e )
146 users = Collections.emptyList();
148 catch ( RbacManagerException e )
150 users = Collections.emptyList();
156 users = Collections.emptyList();
162 public SecureActionBundle initSecureActionBundle()
163 throws SecureActionException
165 SecureActionBundle bundle = new SecureActionBundle();
166 bundle.setRequiresAuthentication( true );
167 bundle.addRequiredAuthorization( RoleConstants.USER_MANAGEMENT_USER_LIST_OPERATION, Resource.GLOBAL );
168 bundle.addRequiredAuthorization( RoleConstants.USER_MANAGEMENT_USER_ROLE_OPERATION, Resource.GLOBAL );
172 private List<User> findUsers( Collection<String> roleNames )
174 List<String> usernames = getUsernamesForRoles( roleNames );
175 List<User> filteredUsers = new ArrayList<User>();
177 for ( User user : findUsersWithFilter() )
179 if ( usernames.contains( user.getUsername() ) )
181 filteredUsers.add( user );
185 return filteredUsers;
188 private List<User> findUsersWithFilter()
190 Context context = new HttpServletRequestContext( ServletActionContext.getRequest() );
191 LimitFactory limitFactory = new TableLimitFactory( context );
192 Limit limit = new TableLimit( limitFactory );
193 FilterSet filterSet = limit.getFilterSet();
195 UserQuery query = getUserManager().createUserQuery();
196 if ( filterSet.getFilter( "username" ) != null )
198 query.setUsername( filterSet.getFilter( "username" ).getValue() );
200 if ( filterSet.getFilter( "fullName" ) != null )
202 query.setFullName( filterSet.getFilter( "fullName" ).getValue() );
204 if ( filterSet.getFilter( "email" ) != null )
206 query.setEmail( filterSet.getFilter( "email" ).getValue() );
208 return getUserManager().findUsersByQuery( query );
211 private List<String> getUsernamesForRoles( Collection<String> roleNames )
213 Set<String> usernames = new HashSet<String>();
217 List<UserAssignment> userAssignments = rbac.getUserAssignmentsForRoles( roleNames );
219 if ( userAssignments != null )
221 for ( UserAssignment a : userAssignments )
223 usernames.add( a.getPrincipal() );
227 catch ( RbacManagerException e )
229 log.warn( "Unable to get user assignments for roles " + roleNames, e );
232 return new ArrayList<String>( usernames );
235 private UserManager getUserManager()
237 return securitySystem.getUserManager();
240 // ------------------------------------------------------------------
241 // Parameter Accessor Methods
242 // ------------------------------------------------------------------
244 public List<User> getUsers()
249 public void setUsers( List<User> users )
254 public String getRoleName()
256 if ( StringUtils.isEmpty( roleName ) )
263 public void setRoleName( String roleName )
265 this.roleName = roleName;
268 public List<Role> getRoles()
273 public Map<String, Map<String, Report>> getReportMap()
275 return reportManager.getReportMap();