Example #1
0
  @RequestMapping(value = "/roleform.html", method = RequestMethod.GET)
  public @ModelAttribute("role") Role verRole(
      @RequestParam(value = "id", required = false) Long id, Model model) {

    Role role = new Role();
    if (id != null) {

      role = roleManager.getRole(id);

      List<OpcionMenu> opcionesMenu = opcionMenuService.obtenerOpcionesMenuPorRol(role.getId());
      role.setOpcionesMenu(opcionesMenu);

      List<OpcionMenu> opcionesMenuNoElegidas =
          opcionMenuService.obtenerOpcionesMenuNoEnRol(role.getId());
      role.getOpcionesMenu().addAll(opcionesMenuNoElegidas);

      boolean esRoleConDependencias = roleManager.esRoleConDependencias(id);
      if (esRoleConDependencias) {
        model.addAttribute(ES_EDITABLE, Boolean.FALSE);
      } else {
        model.addAttribute(ES_EDITABLE, Boolean.TRUE);
      }

      return role;
    }

    List<OpcionMenu> opcionesMenu = opcionMenuService.obtenerTodasOpcionesMenu();
    role.setOpcionesMenu(opcionesMenu);
    model.addAttribute(ES_EDITABLE, Boolean.TRUE);

    return role;
  }
  @RequestMapping(method = RequestMethod.POST)
  public String onSubmit(
      User user, BindingResult errors, HttpServletRequest request, HttpServletResponse response)
      throws Exception {
    if (request.getParameter("cancel") != null) {
      if (!StringUtils.equals(request.getParameter("from"), "list")) {
        return getCancelView();
      } else {
        return getSuccessView();
      }
    }

    if (validator != null) { // validator is null during testing
      validator.validate(user, errors);

      if (errors.hasErrors()
          && request.getParameter("delete") == null) { // don't validate when deleting
        return "/userform";
      }
    }

    log.debug("entering 'onSubmit' method...");

    Locale locale = request.getLocale();

    if (request.getParameter("delete") != null) {
      getUserManager().removeUser(user.getId().toString());
      saveMessage(request, getText("user.deleted", user.getFullName(), locale));
      return getSuccessView();
    } else {

      // only attempt to change roles if user is admin for other users,
      // showForm() method will handle populating
      if (request.isUserInRole(Constants.ADMIN_ROLE)) {
        String[] userRoles = request.getParameterValues("userRoles");

        if (userRoles != null) {
          user.getRoles().clear();
          for (String roleName : userRoles) {
            user.addRole(roleManager.getRole(roleName));
          }
        }
      }

      Integer originalVersion = user.getVersion();

      try {
        User userx = roleManager.getUserByUsername(user.getUsername());
        if (userx != null) {
          if (!userx.getPassword().equals(user.getPassword())) {
            user.setPassword(AeSimpleSHA1.SHA1(user.getPassword()));
          }
        } else {
          user.setPassword(AeSimpleSHA1.SHA1(user.getPassword()));
        }
        // user.setOriginalPassword(user.getOriginalPassword());//new
        // String pass = AeSimpleSHA1.SHA1(user.getOriginalPassword()); //new
        // user.setPassword(pass);//new
        getUserManager().saveUser(user);
      } catch (AccessDeniedException ade) {
        // thrown by UserSecurityAdvice configured in aop:advisor userManagerSecurity
        log.warn(ade.getMessage());
        response.sendError(HttpServletResponse.SC_FORBIDDEN);
        return null;
      } catch (UserExistsException e) {
        errors.rejectValue(
            "username",
            "errors.existing.user",
            new Object[] {user.getUsername(), user.getEmail()},
            "duplicate user");

        // reset the version # to what was passed in
        user.setVersion(originalVersion);

        return "/userform";
      }

      if (!StringUtils.equals(request.getParameter("from"), "list")) {
        saveMessage(request, getText("user.saved", user.getFullName(), locale));

        // return to main Menu
        return getCancelView();
      } else {
        if (StringUtils.isBlank(request.getParameter("version"))) {
          saveMessage(request, getText("user.added", user.getFullName(), locale));

          // Send an account information e-mail
          // Aun no podemos enviar correos :(
          //                    message.setSubject(getText("signup.email.subject", locale));

          //                    try {
          //                        sendUserMessage(user, getText("newuser.email.message",
          // user.getFullName(), locale),
          //                                        RequestUtil.getAppURL(request));
          //                    } catch (MailException me) {
          //                        saveError(request, me.getCause().getLocalizedMessage());
          //                    }

          return getSuccessView();
        } else {
          saveMessage(request, getText("user.updated.byAdmin", user.getFullName(), locale));
        }
      }
    }

    return getSuccessView();
  }