source.dussan.org Git - archiva.git/blob

   1 package org.apache.archiva.redback.struts2.action.admin;
   2
   3 /*
   4  * Licensed to the Apache Software Foundation (ASF) under one
   5  * or more contributor license agreements.  See the NOTICE file
   6  * distributed with this work for additional information
   7  * regarding copyright ownership.  The ASF licenses this file
   8  * to you under the Apache License, Version 2.0 (the
   9  * "License"); you may not use this file except in compliance
  10  * with the License.  You may obtain a copy of the License at
  11  *
  12  * http://www.apache.org/licenses/LICENSE-2.0
  13  *
  14  * Unless required by applicable law or agreed to in writing,
  15  * software distributed under the License is distributed on an
  16  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
  17  * KIND, either express or implied.  See the License for the
  18  * specific language governing permissions and limitations
  19  * under the License.
  20  */
  21
  22 import org.apache.archiva.redback.rbac.RbacManagerException;
  23 import org.apache.archiva.redback.rbac.RbacObjectNotFoundException;
  24 import org.apache.archiva.redback.rbac.Resource;
  25 import org.apache.archiva.redback.rbac.Role;
  26 import org.apache.archiva.redback.rbac.UserAssignment;
  27 import org.apache.archiva.redback.struts2.action.AbstractSecurityAction;
  28 import org.apache.archiva.redback.users.User;
  29 import org.apache.commons.lang.StringEscapeUtils;
  30 import org.apache.struts2.ServletActionContext;
  31 import org.apache.archiva.redback.rbac.RBACManager;
  32 import org.apache.archiva.redback.system.SecuritySystem;
  33 import org.apache.archiva.redback.users.UserManager;
  34 import org.apache.archiva.redback.users.UserQuery;
  35 import org.codehaus.plexus.util.StringUtils;
  36 import org.apache.archiva.redback.integration.interceptor.SecureActionBundle;
  37 import org.apache.archiva.redback.integration.interceptor.SecureActionException;
  38 import org.apache.archiva.redback.integration.reports.Report;
  39 import org.apache.archiva.redback.integration.reports.ReportManager;
  40 import org.apache.archiva.redback.integration.role.RoleConstants;
  41 import org.extremecomponents.table.context.Context;
  42 import org.extremecomponents.table.context.HttpServletRequestContext;
  43 import org.extremecomponents.table.limit.FilterSet;
  44 import org.extremecomponents.table.limit.Limit;
  45 import org.extremecomponents.table.limit.LimitFactory;
  46 import org.extremecomponents.table.limit.TableLimit;
  47 import org.extremecomponents.table.limit.TableLimitFactory;
  48 import org.springframework.context.annotation.Scope;
  49 import org.springframework.stereotype.Controller;
  50
  51 import javax.inject.Inject;
  52 import javax.inject.Named;
  53 import java.util.ArrayList;
  54 import java.util.Collection;
  55 import java.util.Collections;
  56 import java.util.HashSet;
  57 import java.util.List;
  58 import java.util.Map;
  59 import java.util.Set;
  60
  61 /**
  62  * UserListAction
  63  *
  64  * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
  65  * @version $Id$
  66  */
  67 @Controller( "redback-admin-user-list" )
  68 @Scope( "prototype" )
  69 public class UserListAction
  70     extends AbstractSecurityAction
  71 {
  72     // ------------------------------------------------------------------
  73     // Component Requirements
  74     // ------------------------------------------------------------------
  75
  76     /**
  77      *
  78      */
  79     @Inject
  80     private SecuritySystem securitySystem;
  81
  82     /**
  83      *  role-hint="cached"
  84      */
  85     @Inject
  86     @Named( value = "rBACManager#cached" )
  87     private RBACManager rbac;
  88
  89     /**
  90      *
  91      */
  92     @Inject
  93     private ReportManager reportManager;
  94
  95     // ------------------------------------------------------------------
  96     // Action Parameters
  97     // ------------------------------------------------------------------
  98
  99     private List<User> users;
 100
 101     private List<Role> roles;
 102
 103     private String roleName;
 104
 105     // ------------------------------------------------------------------
 106     // Action Entry Points - (aka Names)
 107     // ------------------------------------------------------------------
 108
 109     public String show()
 110     {
 111         try
 112         {
 113             roles = rbac.getAllRoles();
 114         }
 115         catch ( RbacManagerException e )
 116         {
 117             roles = Collections.emptyList();
 118         }
 119
 120         if ( StringUtils.isEmpty( roleName ) )
 121         {
 122             users = findUsersWithFilter();
 123         }
 124         else
 125         {
 126             roleName = StringEscapeUtils.escapeXml( roleName );
 127
 128             try
 129             {
 130                 Role target = rbac.getRole( roleName );
 131                 Set<String> targetRoleNames = new HashSet<String>();
 132
 133                 for ( int i = 0; i < roles.size(); i++ )
 134                 {
 135                     Role r = roles.get( i );
 136                     if ( rbac.getEffectiveRoles( r ).contains( target ) )
 137                     {
 138                         targetRoleNames.add( r.getName() );
 139                     }
 140                 }
 141
 142                 users = findUsers( targetRoleNames );
 143             }
 144             catch ( RbacObjectNotFoundException e )
 145             {
 146                 users = Collections.emptyList();
 147             }
 148             catch ( RbacManagerException e )
 149             {
 150                 users = Collections.emptyList();
 151             }
 152         }
 153
 154         if ( users == null )
 155         {
 156             users = Collections.emptyList();
 157         }
 158
 159         return INPUT;
 160     }
 161
 162     public SecureActionBundle initSecureActionBundle()
 163         throws SecureActionException
 164     {
 165         SecureActionBundle bundle = new SecureActionBundle();
 166         bundle.setRequiresAuthentication( true );
 167         bundle.addRequiredAuthorization( RoleConstants.USER_MANAGEMENT_USER_LIST_OPERATION, Resource.GLOBAL );
 168         bundle.addRequiredAuthorization( RoleConstants.USER_MANAGEMENT_USER_ROLE_OPERATION, Resource.GLOBAL );
 169         return bundle;
 170     }
 171
 172     private List<User> findUsers( Collection<String> roleNames )
 173     {
 174         List<String> usernames = getUsernamesForRoles( roleNames );
 175         List<User> filteredUsers = new ArrayList<User>();
 176
 177         for ( User user : findUsersWithFilter() )
 178         {
 179             if ( usernames.contains( user.getUsername() ) )
 180             {
 181                 filteredUsers.add( user );
 182             }
 183         }
 184
 185         return filteredUsers;
 186     }
 187
 188     private List<User> findUsersWithFilter()
 189     {
 190         Context context = new HttpServletRequestContext( ServletActionContext.getRequest() );
 191         LimitFactory limitFactory = new TableLimitFactory( context );
 192         Limit limit = new TableLimit( limitFactory );
 193         FilterSet filterSet = limit.getFilterSet();
 194
 195         UserQuery query = getUserManager().createUserQuery();
 196         if ( filterSet.getFilter( "username" ) != null )
 197         {
 198             query.setUsername( filterSet.getFilter( "username" ).getValue() );
 199         }
 200         if ( filterSet.getFilter( "fullName" ) != null )
 201         {
 202             query.setFullName( filterSet.getFilter( "fullName" ).getValue() );
 203         }
 204         if ( filterSet.getFilter( "email" ) != null )
 205         {
 206             query.setEmail( filterSet.getFilter( "email" ).getValue() );
 207         }
 208         return getUserManager().findUsersByQuery( query );
 209     }
 210
 211     private List<String> getUsernamesForRoles( Collection<String> roleNames )
 212     {
 213         Set<String> usernames = new HashSet<String>();
 214
 215         try
 216         {
 217             List<UserAssignment> userAssignments = rbac.getUserAssignmentsForRoles( roleNames );
 218
 219             if ( userAssignments != null )
 220             {
 221                 for ( UserAssignment a : userAssignments )
 222                 {
 223                     usernames.add( a.getPrincipal() );
 224                 }
 225             }
 226         }
 227         catch ( RbacManagerException e )
 228         {
 229             log.warn( "Unable to get user assignments for roles " + roleNames, e );
 230         }
 231
 232         return new ArrayList<String>( usernames );
 233     }
 234
 235     private UserManager getUserManager()
 236     {
 237         return securitySystem.getUserManager();
 238     }
 239
 240     // ------------------------------------------------------------------
 241     // Parameter Accessor Methods
 242     // ------------------------------------------------------------------
 243
 244     public List<User> getUsers()
 245     {
 246         return users;
 247     }
 248
 249     public void setUsers( List<User> users )
 250     {
 251         this.users = users;
 252     }
 253
 254     public String getRoleName()
 255     {
 256         if ( StringUtils.isEmpty( roleName ) )
 257         {
 258             return "Any";
 259         }
 260         return roleName;
 261     }
 262
 263     public void setRoleName( String roleName )
 264     {
 265         this.roleName = roleName;
 266     }
 267
 268     public List<Role> getRoles()
 269     {
 270         return roles;
 271     }
 272
 273     public Map<String, Map<String, Report>> getReportMap()
 274     {
 275         return reportManager.getReportMap();
 276     }
 277 }