001/* 002 * (C) Copyright 2006-2007 Nuxeo SA (http://nuxeo.com/) and others. 003 * 004 * Licensed under the Apache License, Version 2.0 (the "License"); 005 * you may not use this file except in compliance with the License. 006 * You may obtain a copy of the License at 007 * 008 * http://www.apache.org/licenses/LICENSE-2.0 009 * 010 * Unless required by applicable law or agreed to in writing, software 011 * distributed under the License is distributed on an "AS IS" BASIS, 012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 013 * See the License for the specific language governing permissions and 014 * limitations under the License. 015 * 016 * Contributors: 017 * Nuxeo - initial API and implementation 018 * 019 * $Id$ 020 */ 021 022package org.nuxeo.ecm.platform.login.deputy.management.web; 023 024import static org.jboss.seam.ScopeType.*; 025 026import java.io.IOException; 027import java.io.Serializable; 028import java.util.ArrayList; 029import java.util.List; 030import java.util.Map; 031 032import javax.faces.application.FacesMessage; 033import javax.faces.context.ExternalContext; 034import javax.faces.context.FacesContext; 035import javax.servlet.ServletException; 036import javax.servlet.http.HttpServletRequest; 037import javax.servlet.http.HttpServletResponse; 038 039import org.jboss.seam.ScopeType; 040import org.jboss.seam.annotations.Factory; 041import org.jboss.seam.annotations.In; 042import org.jboss.seam.annotations.Name; 043import org.jboss.seam.annotations.Scope; 044import org.nuxeo.ecm.core.api.DocumentModel; 045import org.nuxeo.ecm.core.api.NuxeoPrincipal; 046import org.nuxeo.ecm.platform.login.deputy.management.DeputyManager; 047import org.nuxeo.ecm.platform.ui.web.auth.NXAuthConstants; 048import org.nuxeo.ecm.platform.usermanager.UserManager; 049 050@Name("deputyActions") 051@Scope(ScopeType.CONVERSATION) 052public class DeputyActionsBean implements Serializable { 053 054 private static final long serialVersionUID = 23167576454986L; 055 056 public static final String VIEW_DEPUTIES = "view_deputies"; 057 058 public static final String NEW_DEPUTY_ID = "new-deputy-id"; 059 060 @In(create = true, required = false) 061 private transient DeputyManager deputyManager; 062 063 @In(create = true) 064 private transient UserManager userManager; 065 066 @In 067 private transient NuxeoPrincipal currentUser; 068 069 @In(create = true) 070 private transient Map<String, String> messages; 071 072 // Forms parameters 073 074 protected String adminLogin; 075 076 // Back-end Model 077 078 protected DocumentModel editableDeputy; 079 080 public String createDeputy() { 081 editableDeputy = deputyManager.newMandate(currentUser.getName(), null); 082 return VIEW_DEPUTIES; 083 } 084 085 public String setNewDeputy(String deputyId) { 086 String schemaName = deputyManager.getDeputySchemaName(); 087 editableDeputy.setProperty(schemaName, "deputy", deputyId); 088 return VIEW_DEPUTIES; 089 } 090 091 public String cancelDeputy() { 092 editableDeputy = null; 093 return VIEW_DEPUTIES; 094 } 095 096 public String saveDeputy() { 097 if (editableDeputy == null) { 098 return null; 099 } 100 101 deputyManager.addMandate(editableDeputy); 102 103 editableDeputy = null; 104 105 FacesMessage message = new FacesMessage(FacesMessage.SEVERITY_INFO, messages.get("message.deputy.created"), 106 messages.get("message.deputy.created")); 107 FacesContext.getCurrentInstance().addMessage(null, message); 108 109 return VIEW_DEPUTIES; 110 } 111 112 public String editDeputy(String deputyId) { 113 if (deputyId == null) { 114 return null; 115 } 116 117 editableDeputy = null; 118 119 List<DocumentModel> deputies = getUserDeputies(); 120 121 String schemaName = deputyManager.getDeputySchemaName(); 122 123 for (DocumentModel deputy : deputies) { 124 if (deputyId.equals((deputy.getProperty(schemaName, "deputy")))) { 125 editableDeputy = deputy; 126 break; 127 } 128 } 129 130 if (editableDeputy != null) { 131 return VIEW_DEPUTIES; 132 } else { 133 return null; 134 } 135 } 136 137 public String deleteDeputy(String deputyId) { 138 deputyManager.removeMandate(currentUser.getName(), deputyId); 139 FacesMessage message = new FacesMessage(FacesMessage.SEVERITY_INFO, messages.get("message.deputy.deleted"), 140 messages.get("message.deputy.deleted")); 141 FacesContext.getCurrentInstance().addMessage(null, message); 142 143 return VIEW_DEPUTIES; 144 } 145 146 @Factory(value = "userDeputies", scope = EVENT) 147 public List<DocumentModel> getUserDeputies() { 148 return deputyManager.getAvalaibleMandates(currentUser.getName()); 149 } 150 151 @Factory(value = "alternateLogins", scope = EVENT) 152 public List<NuxeoPrincipal> getAlternatePrincipals() { 153 List<NuxeoPrincipal> result = new ArrayList<>(); 154 List<String> logins = deputyManager.getPossiblesAlternateLogins(currentUser.getName()); 155 156 for (String login : logins) { 157 NuxeoPrincipal alternatePrincipal = userManager.getPrincipal(login); 158 if (alternatePrincipal != null) { 159 result.add(alternatePrincipal); 160 } 161 } 162 163 return result; 164 } 165 166 public String loginAsDeputy(String login) throws IOException, ServletException { 167 if ((!currentUser.isAdministrator()) 168 && (!deputyManager.getPossiblesAlternateLogins(currentUser.getName()).contains(login))) { 169 return null; 170 } 171 172 if (userManager.getPrincipal(login) == null) { 173 FacesMessage message = new FacesMessage(FacesMessage.SEVERITY_ERROR, 174 messages.get("message.deputy.nonExistingUser"), messages.get("message.deputy.nonExistingUser")); 175 FacesContext.getCurrentInstance().addMessage(null, message); 176 return null; 177 } 178 179 reconnectAs(login); 180 181 return null; 182 } 183 184 protected void reconnectAs(String login) throws ServletException, IOException { 185 FacesContext context = FacesContext.getCurrentInstance(); 186 ExternalContext eContext = context.getExternalContext(); 187 Object req = eContext.getRequest(); 188 Object resp = eContext.getResponse(); 189 HttpServletRequest request = null; 190 HttpServletResponse response = null; 191 if (req instanceof HttpServletRequest) { 192 request = (HttpServletRequest) req; 193 } 194 if (resp instanceof HttpServletResponse) { 195 response = (HttpServletResponse) resp; 196 } 197 198 if ((response != null) && (request != null) && !context.getResponseComplete()) { 199 String targetURL = "/" + NXAuthConstants.SWITCH_USER_PAGE; 200 201 request.setAttribute(NXAuthConstants.DISABLE_REDIRECT_REQUEST_KEY, true); 202 if (login != null) { 203 request.setAttribute(NXAuthConstants.SWITCH_USER_KEY, login); 204 } 205 206 request.getRequestDispatcher(targetURL).forward(request, response); 207 context.responseComplete(); 208 } 209 } 210 211 public String loginAsOriginal() throws ServletException, IOException { 212 reconnectAs(null); 213 return null; 214 } 215 216 public boolean isMandated() { 217 if (currentUser == null) { 218 return false; 219 } 220 if (currentUser.getOriginatingUser() != null) { 221 return true; 222 } 223 return false; 224 } 225 226 @Factory(value = "editableDeputy", scope = EVENT) 227 public DocumentModel getEditableDeputy() { 228 return editableDeputy; 229 } 230 231 public String getLoginInformation() { 232 if (currentUser == null) { 233 return ""; 234 } 235 236 String originalUser = currentUser.getOriginatingUser(); 237 238 if (originalUser != null) { 239 return currentUser.getName() + " " + messages.get("label.deputed.by") + " " + originalUser; 240 } else { 241 return currentUser.getName(); 242 } 243 } 244 245 public void setAdminLogin(String adminLogin) { 246 this.adminLogin = adminLogin; 247 } 248 249 public String getAdminLogin() { 250 return adminLogin; 251 } 252 253 public String adminLoginAsDeputy() throws IOException, ServletException { 254 255 if (adminLogin == null) { 256 return null; 257 } 258 259 if (!currentUser.isAdministrator()) { 260 return null; 261 } 262 263 if (userManager.getPrincipal(adminLogin) == null) { 264 FacesMessage message = new FacesMessage(FacesMessage.SEVERITY_WARN, 265 messages.get("message.deputy.nonExistingUser"), messages.get("message.deputy.nonExistingUser")); 266 FacesContext.getCurrentInstance().addMessage(null, message); 267 268 return null; 269 } 270 271 reconnectAs(adminLogin); 272 273 return null; 274 } 275 276}