/**
   * Save the new role or update the existing one depending on whether the role is being edited or
   * created.
   *
   * @param mapping mapping
   * @param form form
   * @param request request
   * @param response response
   * @return forward forward
   * @throws Exception on any error
   */
  public ActionForward commit(
      ActionMapping mapping,
      ActionForm form,
      HttpServletRequest request,
      HttpServletResponse response)
      throws Exception {
    PolicyUtil.checkPermission(
        PolicyConstants.ACCOUNTS_AND_GROUPS_RESOURCE_TYPE,
        PolicyConstants.PERM_CREATE_EDIT_AND_ASSIGN,
        request);
    RoleForm roleForm = (RoleForm) form;
    SessionInfo sessionInfo = getSessionInfo(request);

    if (roleForm.getEditing()) {
      String[] usersNotRemoved = updateRole(roleForm, sessionInfo);
      if (usersNotRemoved.length != 0) {
        saveError(request, "availableRoles.error.groupsRequired", Utils.commaList(usersNotRemoved));
      }

    } else {
      createRole(roleForm, sessionInfo);
    }

    saveMessage(request, "availableRoles.roleCreated", roleForm.getRolename());
    // we need to reset the menu items as they could have changed here.
    LogonControllerFactory.getInstance().applyMenuItemChanges(request);
    return cancel(mapping, form, request, response);
  }
 /**
  * Move an IP restriction up in priority by swapping the priority with the restriction above the
  * one selected.
  *
  * @param mapping mapping
  * @param form form
  * @param request request
  * @param response response
  * @return ActionForward forward
  * @throws Exception on any error
  */
 public ActionForward moveUp(
     ActionMapping mapping,
     ActionForm form,
     HttpServletRequest request,
     HttpServletResponse response)
     throws Exception {
   PolicyUtil.checkPermission(
       PolicyConstants.IP_RESTRICTIONS_RESOURCE_TYPE, PolicyConstants.PERM_EDIT, request);
   int id = Integer.parseInt(request.getParameter("id"));
   SystemDatabase database = SystemDatabaseFactory.getInstance();
   IpRestriction restriction1 = database.getIpRestriction(id);
   String ipAddress = restriction1.getAddress();
   String ipPermission = restriction1.getAllowed() ? "Allowed" : "Denied";
   try {
     List<IpRestriction> restrictions = Arrays.asList(database.getIpRestrictions());
     database.swapIpRestrictions(
         restriction1, restrictions.get(restrictions.indexOf(restriction1) - 1));
     fireCoreEvent(
         request,
         CoreEventConstants.IP_RESTRICTION_MOVE_UP,
         ipAddress,
         ipPermission,
         CoreEvent.STATE_SUCCESSFUL);
   } catch (Exception e) {
     fireCoreEvent(
         request,
         CoreEventConstants.IP_RESTRICTION_MOVE_UP,
         ipAddress,
         ipPermission,
         CoreEvent.STATE_UNSUCCESSFUL);
     throw e;
   }
   return mapping.findForward("refresh");
 }
  /**
   * Edit an existing role. The role to edit must be placed in the request attribute
   *
   * @param mapping mapping
   * @param form form
   * @param request request
   * @param response response
   * @return forward
   * @throws Exception on any error
   */
  public ActionForward edit(
      ActionMapping mapping,
      ActionForm form,
      HttpServletRequest request,
      HttpServletResponse response)
      throws Exception {
    Role role = (Role) request.getAttribute(Constants.EDITING_ITEM);
    if (role == null) {
      throw new Exception("No role configured for editing.");
    }
    PolicyUtil.checkPermission(
        PolicyConstants.ACCOUNTS_AND_GROUPS_RESOURCE_TYPE,
        PolicyConstants.PERM_CREATE_EDIT_AND_ASSIGN,
        request);
    SessionInfo sessionInfo = getSessionInfo(request);
    UserDatabase userDatabase =
        UserDatabaseManager.getInstance().getUserDatabase(sessionInfo.getUser().getRealm());
    List<User> users = Arrays.asList(userDatabase.getUsersInRole(role));

    RoleForm roleForm = (RoleForm) form;
    roleForm.initialize(users);
    roleForm.setRolename(role.getPrincipalName());
    roleForm.setReferer(CoreUtil.getReferer(request));
    roleForm.setEditing();
    CoreUtil.addRequiredFieldMessage(this, request);
    return mapping.findForward("display");
  }
 /**
  * Delete a IP restrictions
  *
  * @param mapping mapping
  * @param form form
  * @param request request
  * @param response response
  * @return forward
  * @throws Exception on any error
  */
 public ActionForward delete(
     ActionMapping mapping,
     ActionForm form,
     HttpServletRequest request,
     HttpServletResponse response)
     throws Exception {
   PolicyUtil.checkPermission(
       PolicyConstants.IP_RESTRICTIONS_RESOURCE_TYPE, PolicyConstants.PERM_DELETE, request);
   String[] id = request.getParameterValues("id");
   if (id != null) {
     deleteIpRestrictions(request, id);
   }
   return mapping.findForward("refresh");
 }
 /**
  * Create a new role.
  *
  * @param mapping mapping
  * @param form form
  * @param request request
  * @param response response
  * @return forward
  * @throws Exception on any error
  */
 public ActionForward create(
     ActionMapping mapping,
     ActionForm form,
     HttpServletRequest request,
     HttpServletResponse response)
     throws Exception {
   SessionInfo sessionInfo = getSessionInfo(request);
   UserDatabase userDatabase =
       UserDatabaseManager.getInstance().getUserDatabase(sessionInfo.getUser().getRealm());
   if (!userDatabase.supportsAccountCreation()) {
     throw new Exception("The underlying user database does not support role creation.");
   }
   PolicyUtil.checkPermission(
       PolicyConstants.ACCOUNTS_AND_GROUPS_RESOURCE_TYPE,
       PolicyConstants.PERM_CREATE_EDIT_AND_ASSIGN,
       request);
   RoleForm roleForm = (RoleForm) form;
   roleForm.initialize(Collections.<User>emptyList());
   roleForm.setReferer(CoreUtil.getReferer(request));
   CoreUtil.addRequiredFieldMessage(this, request);
   return mapping.findForward("display");
 }