/**
* Save the new role or update the existing one depending on whether the role is being edited or
* created.
*
* @param mapping mapping
* @param form form
* @param request request
* @param response response
* @return forward forward
* @throws Exception on any error
*/
public ActionForward commit(
ActionMapping mapping,
ActionForm form,
HttpServletRequest request,
HttpServletResponse response)
throws Exception {
PolicyUtil.checkPermission(
PolicyConstants.ACCOUNTS_AND_GROUPS_RESOURCE_TYPE,
PolicyConstants.PERM_CREATE_EDIT_AND_ASSIGN,
request);
RoleForm roleForm = (RoleForm) form;
SessionInfo sessionInfo = getSessionInfo(request);
if (roleForm.getEditing()) {
String[] usersNotRemoved = updateRole(roleForm, sessionInfo);
if (usersNotRemoved.length != 0) {
saveError(request, "availableRoles.error.groupsRequired", Utils.commaList(usersNotRemoved));
}
} else {
createRole(roleForm, sessionInfo);
}
saveMessage(request, "availableRoles.roleCreated", roleForm.getRolename());
// we need to reset the menu items as they could have changed here.
LogonControllerFactory.getInstance().applyMenuItemChanges(request);
return cancel(mapping, form, request, response);
}
/**
* Move an IP restriction up in priority by swapping the priority with the restriction above the
* one selected.
*
* @param mapping mapping
* @param form form
* @param request request
* @param response response
* @return ActionForward forward
* @throws Exception on any error
*/
public ActionForward moveUp(
ActionMapping mapping,
ActionForm form,
HttpServletRequest request,
HttpServletResponse response)
throws Exception {
PolicyUtil.checkPermission(
PolicyConstants.IP_RESTRICTIONS_RESOURCE_TYPE, PolicyConstants.PERM_EDIT, request);
int id = Integer.parseInt(request.getParameter("id"));
SystemDatabase database = SystemDatabaseFactory.getInstance();
IpRestriction restriction1 = database.getIpRestriction(id);
String ipAddress = restriction1.getAddress();
String ipPermission = restriction1.getAllowed() ? "Allowed" : "Denied";
try {
List<IpRestriction> restrictions = Arrays.asList(database.getIpRestrictions());
database.swapIpRestrictions(
restriction1, restrictions.get(restrictions.indexOf(restriction1) - 1));
fireCoreEvent(
request,
CoreEventConstants.IP_RESTRICTION_MOVE_UP,
ipAddress,
ipPermission,
CoreEvent.STATE_SUCCESSFUL);
} catch (Exception e) {
fireCoreEvent(
request,
CoreEventConstants.IP_RESTRICTION_MOVE_UP,
ipAddress,
ipPermission,
CoreEvent.STATE_UNSUCCESSFUL);
throw e;
}
return mapping.findForward("refresh");
}
/**
* Edit an existing role. The role to edit must be placed in the request attribute
*
* @param mapping mapping
* @param form form
* @param request request
* @param response response
* @return forward
* @throws Exception on any error
*/
public ActionForward edit(
ActionMapping mapping,
ActionForm form,
HttpServletRequest request,
HttpServletResponse response)
throws Exception {
Role role = (Role) request.getAttribute(Constants.EDITING_ITEM);
if (role == null) {
throw new Exception("No role configured for editing.");
}
PolicyUtil.checkPermission(
PolicyConstants.ACCOUNTS_AND_GROUPS_RESOURCE_TYPE,
PolicyConstants.PERM_CREATE_EDIT_AND_ASSIGN,
request);
SessionInfo sessionInfo = getSessionInfo(request);
UserDatabase userDatabase =
UserDatabaseManager.getInstance().getUserDatabase(sessionInfo.getUser().getRealm());
List<User> users = Arrays.asList(userDatabase.getUsersInRole(role));
RoleForm roleForm = (RoleForm) form;
roleForm.initialize(users);
roleForm.setRolename(role.getPrincipalName());
roleForm.setReferer(CoreUtil.getReferer(request));
roleForm.setEditing();
CoreUtil.addRequiredFieldMessage(this, request);
return mapping.findForward("display");
}
/**
* Delete a IP restrictions
*
* @param mapping mapping
* @param form form
* @param request request
* @param response response
* @return forward
* @throws Exception on any error
*/
public ActionForward delete(
ActionMapping mapping,
ActionForm form,
HttpServletRequest request,
HttpServletResponse response)
throws Exception {
PolicyUtil.checkPermission(
PolicyConstants.IP_RESTRICTIONS_RESOURCE_TYPE, PolicyConstants.PERM_DELETE, request);
String[] id = request.getParameterValues("id");
if (id != null) {
deleteIpRestrictions(request, id);
}
return mapping.findForward("refresh");
}
/**
* Create a new role.
*
* @param mapping mapping
* @param form form
* @param request request
* @param response response
* @return forward
* @throws Exception on any error
*/
public ActionForward create(
ActionMapping mapping,
ActionForm form,
HttpServletRequest request,
HttpServletResponse response)
throws Exception {
SessionInfo sessionInfo = getSessionInfo(request);
UserDatabase userDatabase =
UserDatabaseManager.getInstance().getUserDatabase(sessionInfo.getUser().getRealm());
if (!userDatabase.supportsAccountCreation()) {
throw new Exception("The underlying user database does not support role creation.");
}
PolicyUtil.checkPermission(
PolicyConstants.ACCOUNTS_AND_GROUPS_RESOURCE_TYPE,
PolicyConstants.PERM_CREATE_EDIT_AND_ASSIGN,
request);
RoleForm roleForm = (RoleForm) form;
roleForm.initialize(Collections.<User>emptyList());
roleForm.setReferer(CoreUtil.getReferer(request));
CoreUtil.addRequiredFieldMessage(this, request);
return mapping.findForward("display");
}
