Esempio n. 1
0
  protected boolean logUserStoreLogin(
      User user,
      AdminService admin,
      String remoteIP,
      String remoteHost,
      UserStoreKey userStoreKey) {

    try {
      Document doc = XMLTool.createDocument("logentry");
      Element rootElement = doc.getDocumentElement();
      // UserStoreKey userStoreKey = user.getUserStoreKey();
      if (userStoreKey != null) {
        rootElement.setAttribute("userstorekey", String.valueOf(userStoreKey));
      }
      rootElement.setAttribute("sitekey", String.valueOf(0));
      rootElement.setAttribute("typekey", String.valueOf(LogType.LOGIN_USERSTORE.asInteger()));
      rootElement.setAttribute("inetaddress", remoteIP);
      XMLTool.createElement(doc, rootElement, "data");

      admin.createLogEntries(user, XMLTool.documentToString(doc));
    } catch (VerticalSecurityException vse) {
      String message = "Failed to create log entry because of security error: %t";
      VerticalAdminLogger.error(this.getClass(), 1, message, vse);
      return false;
    }

    return true;
  }
Esempio n. 2
0
  /**
   * Process incoming requests for information
   *
   * @param request Object that encapsulates the request to the servlet
   * @param response Object that encapsulates the response from the servlet
   */
  private void performTask(HttpServletRequest request, HttpServletResponse response) {
    HttpSession session;
    session = request.getSession(false);
    response.setContentType("text/html;charset=UTF-8");

    // Make IE 9 behave like IE 8
    // http://msdn.microsoft.com/en-us/library/cc288325%28v=vs.85%29.aspx#Servers
    response.setHeader("X-UA-Compatible", "IE=EmulateIE8");

    if (session == null) {
      VerticalAdminLogger.debug(
          this.getClass(), 100, "Session is null. Redirecting to login.", null);

      // failed to get session, redirect to login page
      try {
        redirectClientToAdminPath("login", (MultiValueMap) null, request, response);
      } catch (VerticalAdminException vae) {
        String message = "Failed to redirect to login page: %t";
        VerticalAdminLogger.fatalAdmin(this.getClass(), 0, message, vae);
      }
    } else {
      // lookup admin bean
      AdminService admin = lookupAdminBean();
      User user = securityService.getLoggedInAdminConsoleUser();
      if (user == null) {
        // no logged in user, invalidate session and redirect to login page
        String message = "No user logged in. Redirecting to login.";
        VerticalAdminLogger.debug(this.getClass(), 0, message, null);
        try {
          redirectClientToAdminPath("login", (MultiValueMap) null, request, response);
        } catch (VerticalAdminException vae) {
          message = "Failed to redirect to login page: %t";
          VerticalAdminLogger.fatalAdmin(this.getClass(), 0, message, vae);
        }
      } else {
        response.setContentType("text/html; charset=UTF-8");
        try {
          ExtendedMap formItems = parseForm(request, false);

          String operation;
          if (formItems.containsKey("op")) {
            operation = formItems.getString("op");
          } else {
            operation = request.getParameter("op");
          }

          // Common parameters and variables
          ExtendedMap parameters = new ExtendedMap();
          int unitKey = formItems.getInt("selectedunitkey", -1);
          int menuKey = formItems.getInt("selectedmenukey", -1);
          int page = formItems.getInt("page", -1);
          if (page == 993) {
            int contentKey = -1;

            String contentKeyStr = request.getParameter("key");
            if (contentKeyStr != null) {
              contentKey = Integer.parseInt(contentKeyStr);
            }

            if (contentKey == -1) {
              String versionKeyStr = request.getParameter("versionkey");
              if (versionKeyStr != null) {
                int versionKey = Integer.parseInt(versionKeyStr);
                contentKey = admin.getContentKeyByVersionKey(versionKey);
              }
            }

            if (contentKey != -1) {
              int contentTypeKey = admin.getContentTypeKey(contentKey);
              page = contentTypeKey + 999;
              formItems.put("page", page);
            }
          }

          if (page == 991) {
            int categoryKey = formItems.getInt("categorykey", -1);
            if (categoryKey == -1) {
              categoryKey = formItems.getInt("cat", -1);
            }

            if (categoryKey != -1) {
              int contentTypeKey = admin.getContentTypeKeyByCategory(categoryKey);
              if (contentTypeKey != -1) {
                page = contentTypeKey + 999;
              }
            }
          }
          parameters.put("page", Integer.toString(page));
          addCommonParameters(admin, user, request, parameters, unitKey, menuKey);
          Document verticalDoc = XMLTool.createDocument("data");

          if ("create".equals(operation)) {
            handlerCreate(request, response, session, admin, formItems);
          } else if ("update".equals(operation)) {
            handlerUpdate(request, response, session, admin, formItems);
          } else if ("remove".equals(operation)) {
            String keyStr = request.getParameter("key");
            if (StringUtil.isIntegerString(keyStr)) {
              int key = -1;
              try {
                key = Integer.parseInt(keyStr);
              } catch (NumberFormatException nfe) {
                String message = "Failed to parse key (%0): %t";
                VerticalAdminLogger.errorAdmin(this.getClass(), 5, message, keyStr, nfe);
              }
              handlerRemove(request, response, session, admin, formItems, key);
            } else {
              handlerRemove(request, response, session, admin, formItems, keyStr);
            }
          } else if ("copy".equals(operation)) {
            String keyStr = request.getParameter("key");
            int key = -1;
            try {
              key = Integer.parseInt(keyStr);
            } catch (NumberFormatException nfe) {
              String message = "Failed to parse key (%0): %t";
              VerticalAdminLogger.errorAdmin(this.getClass(), 5, message, keyStr, nfe);
            }

            handlerCopy(request, response, session, admin, formItems, user, key);
          } else if ("import".equals(operation)) {
            throw new IllegalArgumentException("Unsupported operation: import");
          } else if ("browse".equals(operation)) {
            handlerBrowse(
                request, response, session, admin, formItems, parameters, user, verticalDoc);
          } else if ("select".equals(operation)) {
            handlerSelect(request, response, session, admin, formItems);
          } else if ("show".equals(operation)) {
            handlerShow(request, response, session, admin, formItems);
          } else if ("form".equals(operation)) {
            this.clearErrors();
            handlerForm(request, response, session, admin, formItems);
          } else if ("searchform".equals(operation)) {
            handlerSearch(request, response, session, admin, formItems);
          } else if ("searchresults".equals(operation)) {
            handlerSearchResults(request, response, session, admin, formItems);
          } else if ("report".equals(operation)) {
            String subOp = formItems.getString("subop");
            handlerReport(request, response, session, admin, formItems, subOp);
          } else if ("closewindow".equals(operation)) {
            closeWindow(response);
          } else if ("preview".equals(operation)) {
            handlerPreview(request, response, session, admin, formItems);
          } else if ("menu".equals(operation)) {
            handlerMenu(
                request, response, session, admin, formItems, parameters, user, verticalDoc);
          } else if ("notify".equals(operation)) {
            handlerNotify(request, response, session, admin, formItems, user);
          } else if ("wizard".equals(operation)) {
            String wizardName = formItems.getString("name");
            handlerWizard(
                request, response, session, admin, formItems, parameters, user, wizardName);
          } else if (operation != null) {
            handlerCustom(
                request,
                response,
                session,
                admin,
                formItems,
                operation,
                parameters,
                user,
                verticalDoc);
          } else {
            handlerCustom(request, response, session, admin, formItems, "missing");
          }
        } catch (Exception e) {
          try {
            if (!(e instanceof VerticalException) && !(e instanceof VerticalRuntimeException)) {
              String message = "Unexpected error occurred during handling of admin page: %t";
              VerticalAdminLogger.error(this.getClass(), 8, message, e);
            }
            ErrorPageServlet.Error error = new ErrorPageServlet.ThrowableError(e);
            session.setAttribute("com.enonic.vertical.error", error);
            redirectClientToAdminPath("errorpage", (MultiValueMap) null, request, response);
          } catch (VerticalAdminException vae) {
            String message = "Failed to redirect to error page: %t";
            VerticalAdminLogger.fatalAdmin(this.getClass(), 0, message, vae);
          }
        }
      }
    }
  }