@SuppressWarnings("unchecked")
/*
* Gibt ACCESS_GRANTED zurueck, wenn der Benutzer eine Rolle hat, die ihm eine der
* requestedAuthorizations auf die Baumassnahme erlaubt.
*
* <pre> requested: baumassnahme_bewerten, granted: baumassnahme_bewerten_alle oder
* baumassnahme_bewerten_region, wenn die Region dem Benutzer zugeordnet ist </pre>
*/
public int vote(Authentication authentication, Object object, ConfigAttributeDefinition config) {
int result = ACCESS_DENIED;
User user = UserServiceImpl.getCurrentApplicationUser();
Uebergabeblatt zvf = (Uebergabeblatt) object;
Iterator iter = config.getConfigAttributes();
while (iter.hasNext()) { // Schleife über erforderliche Berechtigungen
ConfigAttribute attribute = (ConfigAttribute) iter.next();
if (supports(attribute)) {
GrantedAuthority[] authorities = authentication.getAuthorities();
// Schleife über vorhandene Berechtigungen
for (int i = 0; i < authorities.length; i++) {
if (authorities[i].getAuthority().startsWith(attribute.getAttribute())) {
if (logger.isDebugEnabled())
logger.debug(String.format("Found authority %s", authorities[i]));
// Zentral
if (authorities[i].getAuthority().endsWith("_ALLE")) result = ACCESS_GRANTED;
// Regional
else if (authorities[i].getAuthority().endsWith("_REGIONALBEREICH")) {
if (attribute.getAttribute().startsWith("ROLE_BBZR_ANLEGEN")) {
result = ACCESS_GRANTED;
} else if (user.getRegionalbereich() != null) {
// MasterRB
try {
String masterRB =
zvf.getMassnahmen().iterator().next().getMasterniederlassung().substring(3);
if (user.getRegionalbereich().getName().equalsIgnoreCase(masterRB))
result = ACCESS_GRANTED;
} catch (NoSuchElementException e) {
}
}
}
if (result == ACCESS_GRANTED) break;
}
}
}
}
return result;
}
public ActionForward run(
ActionMapping mapping,
ActionForm form,
HttpServletRequest request,
HttpServletResponse response)
throws Exception {
if (log.isDebugEnabled()) log.debug("Entering PassResetForm");
PassResetForm passResetForm = (PassResetForm) form;
String email = passResetForm.getEmail();
UserService userService = serviceFactory.createUserService();
User user = userService.findUserByEmail(email);
if (user == null) {
if (log.isDebugEnabled()) log.debug("User not found, E-Mail: " + email);
addError("error.user.notfound");
return mapping.findForward("FAILURE");
}
String password = PasswordGenerator.createNewPassword();
MessageResources msgRes = getResources(request);
String nameTo = user.getFirstName() + " " + user.getName();
String nameFrom = ""; // loginUser.getFirstName() + " " + loginUser.getName();
StringBuilder sbMailTxt = new StringBuilder();
sbMailTxt.append(
msgRes.getMessage(
"mail.password.init.text",
nameTo,
ConfigResources.getInstance().getApplicationTitle(),
user.getLoginName(),
password));
sbMailTxt.append(
msgRes.getMessage("mail.link", ConfigResources.getInstance().getApplicationUri()));
sbMailTxt.append(msgRes.getMessage("mail.footer", nameFrom));
try {
new SMTP()
.sendEmail(
user.getEmail(),
ConfigResources.getInstance().getAutoMailSender(),
msgRes.getMessage("mail.password.init.subject"),
sbMailTxt.toString());
} catch (Exception e) {
if (log.isInfoEnabled()) log.info("error.sendMail: " + user.getEmail(), e);
addError("error.sendMail");
return mapping.findForward("FAILURE");
}
SecurityService secService = serviceFactory.createSecurityService();
TqmUser securityUser = (TqmUser) secService.loadUserByUsername(user.getLoginName());
SecurityAdministrationService secAdminService =
serviceFactory.createSecurityAdministrationService();
securityUser.changePassword(
securityUser.getPassword(), secAdminService.createPasswordHash(password, securityUser));
secAdminService.updateUser(securityUser);
addMessage("success.user.password.reset");
return mapping.findForward("SUCCESS");
}