]> source.dussan.org Git - archiva.git/blob
b50a97ab96e68c334b65bf598fb138df65d9ca49
[archiva.git] /
1 package org.apache.archiva.redback.struts2.action.admin;
2
3 /*
4  * Licensed to the Apache Software Foundation (ASF) under one
5  * or more contributor license agreements.  See the NOTICE file
6  * distributed with this work for additional information
7  * regarding copyright ownership.  The ASF licenses this file
8  * to you under the Apache License, Version 2.0 (the
9  * "License"); you may not use this file except in compliance
10  * with the License.  You may obtain a copy of the License at
11  *
12  * http://www.apache.org/licenses/LICENSE-2.0
13  *
14  * Unless required by applicable law or agreed to in writing,
15  * software distributed under the License is distributed on an
16  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
17  * KIND, either express or implied.  See the License for the
18  * specific language governing permissions and limitations
19  * under the License.
20  */
21
22 import org.apache.archiva.redback.rbac.RbacManagerException;
23 import org.apache.archiva.redback.rbac.RbacObjectNotFoundException;
24 import org.apache.archiva.redback.rbac.Resource;
25 import org.apache.archiva.redback.rbac.Role;
26 import org.apache.archiva.redback.rbac.UserAssignment;
27 import org.apache.archiva.redback.struts2.action.AbstractSecurityAction;
28 import org.apache.archiva.redback.users.User;
29 import org.apache.commons.lang.StringEscapeUtils;
30 import org.apache.struts2.ServletActionContext;
31 import org.apache.archiva.redback.rbac.RBACManager;
32 import org.apache.archiva.redback.system.SecuritySystem;
33 import org.apache.archiva.redback.users.UserManager;
34 import org.apache.archiva.redback.users.UserQuery;
35 import org.codehaus.plexus.util.StringUtils;
36 import org.apache.archiva.redback.integration.interceptor.SecureActionBundle;
37 import org.apache.archiva.redback.integration.interceptor.SecureActionException;
38 import org.apache.archiva.redback.integration.reports.Report;
39 import org.apache.archiva.redback.integration.reports.ReportManager;
40 import org.apache.archiva.redback.integration.role.RoleConstants;
41 import org.extremecomponents.table.context.Context;
42 import org.extremecomponents.table.context.HttpServletRequestContext;
43 import org.extremecomponents.table.limit.FilterSet;
44 import org.extremecomponents.table.limit.Limit;
45 import org.extremecomponents.table.limit.LimitFactory;
46 import org.extremecomponents.table.limit.TableLimit;
47 import org.extremecomponents.table.limit.TableLimitFactory;
48 import org.springframework.context.annotation.Scope;
49 import org.springframework.stereotype.Controller;
50
51 import javax.inject.Inject;
52 import javax.inject.Named;
53 import java.util.ArrayList;
54 import java.util.Collection;
55 import java.util.Collections;
56 import java.util.HashSet;
57 import java.util.List;
58 import java.util.Map;
59 import java.util.Set;
60
61 /**
62  * UserListAction
63  *
64  * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
65  *
66  */
67 @Controller( "redback-admin-user-list" )
68 @Scope( "prototype" )
69 public class UserListAction
70     extends AbstractSecurityAction
71 {
72     // ------------------------------------------------------------------
73     // Component Requirements
74     // ------------------------------------------------------------------
75
76     /**
77      *
78      */
79     @Inject
80     private SecuritySystem securitySystem;
81
82     /**
83      *  role-hint="cached"
84      */
85     @Inject
86     @Named( value = "rBACManager#cached" )
87     private RBACManager rbac;
88
89     /**
90      *
91      */
92     @Inject
93     private ReportManager reportManager;
94
95     // ------------------------------------------------------------------
96     // Action Parameters
97     // ------------------------------------------------------------------
98
99     private List<User> users;
100
101     private List<Role> roles;
102
103     private String roleName;
104
105     // ------------------------------------------------------------------
106     // Action Entry Points - (aka Names)
107     // ------------------------------------------------------------------
108
109     public String show()
110     {
111         try
112         {
113             roles = rbac.getAllRoles();
114         }
115         catch ( RbacManagerException e )
116         {
117             roles = Collections.emptyList();
118         }
119
120         if ( StringUtils.isEmpty( roleName ) )
121         {
122             users = findUsersWithFilter();
123         }
124         else
125         {
126             roleName = StringEscapeUtils.escapeXml( roleName );
127
128             try
129             {
130                 Role target = rbac.getRole( roleName );
131                 Set<String> targetRoleNames = new HashSet<String>();
132
133                 for ( int i = 0; i < roles.size(); i++ )
134                 {
135                     Role r = roles.get( i );
136                     if ( rbac.getEffectiveRoles( r ).contains( target ) )
137                     {
138                         targetRoleNames.add( r.getName() );
139                     }
140                 }
141
142                 users = findUsers( targetRoleNames );
143             }
144             catch ( RbacObjectNotFoundException e )
145             {
146                 users = Collections.emptyList();
147             }
148             catch ( RbacManagerException e )
149             {
150                 users = Collections.emptyList();
151             }
152         }
153
154         if ( users == null )
155         {
156             users = Collections.emptyList();
157         }
158
159         return INPUT;
160     }
161
162     public SecureActionBundle initSecureActionBundle()
163         throws SecureActionException
164     {
165         SecureActionBundle bundle = new SecureActionBundle();
166         bundle.setRequiresAuthentication( true );
167         bundle.addRequiredAuthorization( RoleConstants.USER_MANAGEMENT_USER_LIST_OPERATION, Resource.GLOBAL );
168         bundle.addRequiredAuthorization( RoleConstants.USER_MANAGEMENT_USER_ROLE_OPERATION, Resource.GLOBAL );
169         return bundle;
170     }
171
172     private List<User> findUsers( Collection<String> roleNames )
173     {
174         List<String> usernames = getUsernamesForRoles( roleNames );
175         List<User> filteredUsers = new ArrayList<User>();
176
177         for ( User user : findUsersWithFilter() )
178         {
179             if ( usernames.contains( user.getUsername() ) )
180             {
181                 filteredUsers.add( user );
182             }
183         }
184
185         return filteredUsers;
186     }
187
188     private List<User> findUsersWithFilter()
189     {
190         Context context = new HttpServletRequestContext( ServletActionContext.getRequest() );
191         LimitFactory limitFactory = new TableLimitFactory( context );
192         Limit limit = new TableLimit( limitFactory );
193         FilterSet filterSet = limit.getFilterSet();
194
195         UserQuery query = getUserManager().createUserQuery();
196         if ( filterSet.getFilter( "username" ) != null )
197         {
198             query.setUsername( filterSet.getFilter( "username" ).getValue() );
199         }
200         if ( filterSet.getFilter( "fullName" ) != null )
201         {
202             query.setFullName( filterSet.getFilter( "fullName" ).getValue() );
203         }
204         if ( filterSet.getFilter( "email" ) != null )
205         {
206             query.setEmail( filterSet.getFilter( "email" ).getValue() );
207         }
208         return getUserManager().findUsersByQuery( query );
209     }
210
211     private List<String> getUsernamesForRoles( Collection<String> roleNames )
212     {
213         Set<String> usernames = new HashSet<String>();
214
215         try
216         {
217             List<UserAssignment> userAssignments = rbac.getUserAssignmentsForRoles( roleNames );
218
219             if ( userAssignments != null )
220             {
221                 for ( UserAssignment a : userAssignments )
222                 {
223                     usernames.add( a.getPrincipal() );
224                 }
225             }
226         }
227         catch ( RbacManagerException e )
228         {
229             log.warn( "Unable to get user assignments for roles " + roleNames, e );
230         }
231
232         return new ArrayList<String>( usernames );
233     }
234
235     private UserManager getUserManager()
236     {
237         return securitySystem.getUserManager();
238     }
239
240     // ------------------------------------------------------------------
241     // Parameter Accessor Methods
242     // ------------------------------------------------------------------
243
244     public List<User> getUsers()
245     {
246         return users;
247     }
248
249     public void setUsers( List<User> users )
250     {
251         this.users = users;
252     }
253
254     public String getRoleName()
255     {
256         if ( StringUtils.isEmpty( roleName ) )
257         {
258             return "Any";
259         }
260         return roleName;
261     }
262
263     public void setRoleName( String roleName )
264     {
265         this.roleName = roleName;
266     }
267
268     public List<Role> getRoles()
269     {
270         return roles;
271     }
272
273     public Map<String, Map<String, Report>> getReportMap()
274     {
275         return reportManager.getReportMap();
276     }
277 }