AbstractUserAction xref

View Javadoc
1   /*
2    * The SmartWeb Framework
3    * Copyright (C) 2004-2006
4    *
5    * This library is free software; you can redistribute it and/or
6    * modify it under the terms of the GNU Lesser General Public
7    * License as published by the Free Software Foundation; either
8    * version 2.1 of the License, or (at your option) any later version.
9    *
10   * This library is distributed in the hope that it will be useful,
11   * but WITHOUT ANY WARRANTY; without even the implied warranty of
12   * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
13   * Lesser General Public License for more details.
14   *
15   * You should have received a copy of the GNU Lesser General Public
16   * License along with this library; if not, write to the Free Software
17   * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
18   *
19   * For further informations on the SmartWeb Framework please visit
20   *
21   *                        http://smartweb.sourceforge.net
22   */
23  package net.smartlab.web.auth;
24  
25  import java.io.IOException;
26  
27  import javax.servlet.http.Cookie;
28  import javax.servlet.http.HttpServletRequest;
29  import javax.servlet.http.HttpServletResponse;
30  
31  import net.smartlab.web.ActionException;
32  import net.smartlab.web.BusinessException;
33  
34  import org.apache.commons.logging.Log;
35  import org.apache.commons.logging.LogFactory;
36  import org.apache.struts.action.ActionForm;
37  import org.apache.struts.action.ActionForward;
38  import org.apache.struts.action.ActionMapping;
39  
40  /**
41   * TODO documentation
42   * 
43   * @author rlogiacco
44   */
45  public abstract class AbstractUserAction extends SubjectAction {
46  
47  	/**
48  	 * Logger for this class
49  	 * 
50  	 * @uml.property name="logger"
51  	 * @uml.associationEnd multiplicity="(1 1)"
52  	 */
53  	protected final Log logger = LogFactory.getLog(AbstractUserAction.class);
54  
55  	/**
56  	 * TODO documentation
57  	 * 
58  	 * @param request
59  	 * @return
60  	 */
61  	public static User getUser(HttpServletRequest request) {
62  		return (User)request.getSession().getAttribute(UserAction.SESSION_KEY);
63  	}
64  	
65  	/**
66  	 * TODO documentation
67  	 * 
68  	 * @param form
69  	 * @param request
70  	 * @param response
71  	 * @param mapping
72  	 * @return
73  	 * @throws BusinessException
74  	 * @throws ActionException
75  	 */
76  	public String register(ActionForm form, HttpServletRequest request, HttpServletResponse response,
77  			ActionMapping mapping) throws BusinessException, ActionException {
78  			//super.valorize(form, user, request.getLocale());
79  			return domain.register(request.getParameterMap(), request.getParameter("step"));
80  	}
81  
82  	/**
83  	 * TODO documentation
84  	 * 
85  	 * @param user
86  	 */
87  	protected abstract void setRoles(User user);
88  
89  	/**
90  	 * TODO documentation
91  	 * 
92  	 * @param user
93  	 */
94  	protected abstract void setGroups(User user);
95  
96  	/**
97  	 * TODO documentation
98  	 * 
99  	 * @param form
100 	 * @param request
101 	 * @param response
102 	 * @param mapping
103 	 * @return
104 	 * @throws Exception
105 	 * @throws BusinessException
106 	 */
107 	public String login(ActionForm form, HttpServletRequest request, HttpServletResponse response, ActionMapping mapping)
108 			throws Exception {
109 		this.logout(form, request, response, mapping);
110 		if (logger.isDebugEnabled()) {
111 			logger.debug("login(username = " + request.getParameter("username") + ") - start");
112 		}
113 		Credentials credentials = new Credentials();
114 		super.valorize(form, credentials, request.getLocale());
115 		// valorize doesn't set the secret property due to overriden method
116 		credentials.setSecret(request.getParameter("secret"));
117 		User user = domain.login(credentials);
118 		if (user == null) {
119 			return "failure";
120 		} else {
121 			request.getSession().setAttribute(UserAction.SESSION_KEY, user);
122 			if (request.getParameter("remember") != null) {
123 				Cookie cookie = new Cookie("smartweb-auth", credentials.toString());
124 				cookie.setMaxAge(15 * 24 * 60 * 60);
125 				response.addCookie(cookie);
126 			}
127 			user.getPolicy();
128 			return "success";
129 		}
130 	}
131 
132 	/**
133 	 * TODO documentation
134 	 * 
135 	 * @param form
136 	 * @param request
137 	 * @param response
138 	 * @param mapping
139 	 * @return
140 	 * @throws Exception
141 	 * @throws BusinessException
142 	 */
143 	public String autoLogin(ActionForm form, HttpServletRequest request, HttpServletResponse response,
144 			ActionMapping mapping) throws BusinessException {
145 		logger.info("autoLogin() - start");
146 		Cookie[] cookies = request.getCookies();
147 		for (int i = 0; i < cookies.length; i++) {
148 			Cookie cookie = cookies[i];
149 			if (cookie.getName().equals("smartweb-auth")) {
150 				String value = cookie.getValue();
151 				User user = null;
152 				try {
153 					user = domain.login(new Credentials(value));
154 				} catch (IOException e) {
155 					cookie.setMaxAge(0);
156 					response.addCookie(cookie);
157 				}
158 				if (user == null) {
159 					return "failure";
160 				} else {
161 					// renew the expire time
162 					request.getSession().setAttribute(UserAction.SESSION_KEY, user);
163 					cookie.setMaxAge(15 * 24 * 60 * 60);
164 					response.addCookie(cookie);
165 					return "success";
166 				}
167 			}
168 		}
169 		return "disabled";
170 	}
171 
172 	/**
173 	 * TODO documentation
174 	 * 
175 	 * @param form
176 	 * @param request
177 	 * @param response
178 	 * @param mapping
179 	 * @return
180 	 * @throws BusinessException
181 	 */
182 	public String logout(ActionForm form, HttpServletRequest request, HttpServletResponse response,
183 			ActionMapping mapping) throws BusinessException {
184 		logger.info("logout() - start");
185 		domain.logout(UserAction.getUser(request));
186 		request.getSession().invalidate();
187 		return "success";
188 	}
189 
190 	/**
191 	 * TODO documentation
192 	 * 
193 	 * @param form
194 	 * @param request
195 	 * @param response
196 	 * @param mapping
197 	 * @return
198 	 * @throws BusinessException
199 	 * @throws ActionException
200 	 */
201 	public String update(ActionForm form, HttpServletRequest request, HttpServletResponse response,
202 			ActionMapping mapping) throws BusinessException, ActionException {
203 		User user = AbstractUserAction.getUser(request);
204 		if (user != null) {
205 			super.valorize(form, user, request.getLocale());
206 			domain.updateUser(user);
207 			return "success";
208 		}
209 		return "failure";
210 	}
211 
212 	/**
213 	 * TODO documentation
214 	 * 
215 	 * @param form
216 	 * @param request
217 	 * @param response
218 	 * @param mapping
219 	 * @return
220 	 * @throws ActionException
221 	 * @throws BusinessException
222 	 */
223 	public String remove(ActionForm form, HttpServletRequest request, HttpServletResponse response,
224 			ActionMapping mapping) throws BusinessException {
225 		User user = AbstractUserAction.getUser(request);
226 		if (user != null) {
227 			domain.removeUser(Long.toString(user.getId()));
228 		}
229 		return "success";
230 	}
231 
232 	/**
233 	 * @see net.smartlab.web.Action#cancel(org.apache.struts.action.ActionForm,
234 	 *      javax.servlet.http.HttpServletRequest,
235 	 *      javax.servlet.http.HttpServletResponse,
236 	 *      org.apache.struts.action.ActionMapping)
237 	 */
238 	protected ActionForward cancel(ActionForm form, HttpServletRequest request, HttpServletResponse response,
239 			ActionMapping mapping) throws Exception {
240 		super.reset(form, request, mapping);
241 		return mapping.findForward("cancel");
242 	}
243 }