001    /**
002     * Copyright 2004-2013 The Kuali Foundation
003     *
004     * Licensed under the Educational Community License, Version 2.0 (the "License");
005     * you may not use this file except in compliance with the License.
006     * You may obtain a copy of the License at
007     *
008     * http://www.opensource.org/licenses/ecl2.php
009     *
010     * Unless required by applicable law or agreed to in writing, software
011     * distributed under the License is distributed on an "AS IS" BASIS,
012     * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
013     * See the License for the specific language governing permissions and
014     * limitations under the License.
015     */
016    package org.kuali.hr.time.admin.web;
017    
018    import javax.servlet.http.HttpServletRequest;
019    import javax.servlet.http.HttpServletResponse;
020    
021    import org.apache.commons.lang.StringUtils;
022    import org.apache.log4j.Logger;
023    import org.apache.struts.action.ActionForm;
024    import org.apache.struts.action.ActionForward;
025    import org.apache.struts.action.ActionMapping;
026    import org.apache.struts.action.ActionRedirect;
027    import org.kuali.hr.time.base.web.TkAction;
028    import org.kuali.hr.time.roles.TkUserRoles;
029    import org.kuali.hr.time.roles.UserRoles;
030    import org.kuali.hr.time.util.TKContext;
031    import org.kuali.hr.time.util.TKUser;
032    import org.kuali.hr.time.util.TkConstants;
033    import org.kuali.rice.kim.api.identity.Person;
034    import org.kuali.rice.kim.api.services.KimApiServiceLocator;
035    import org.kuali.rice.krad.util.GlobalVariables;
036    
037    public class ChangeTargetPersonAction extends TkAction {
038            
039            private static final Logger LOG = Logger.getLogger(ChangeTargetPersonAction.class);
040            
041        public ActionForward changeTargetPerson(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception {
042                    ActionForward forward = mapping.findForward("basic");
043            
044            ChangeTargetPersonForm changeTargetPersonForm = (ChangeTargetPersonForm) form;
045    
046            if (StringUtils.isNotBlank(changeTargetPersonForm.getPrincipalName())) {
047                    Person targetPerson = KimApiServiceLocator.getPersonService().getPersonByPrincipalName(changeTargetPersonForm.getPrincipalName());
048                    
049                    if (targetPerson != null) {
050                            UserRoles roles = TkUserRoles.getUserRoles(GlobalVariables.getUserSession().getPrincipalId());
051                        if (roles.isSystemAdmin()
052                                    || roles.isGlobalViewOnly()
053                                    || roles.isDepartmentAdminForPerson(targetPerson.getPrincipalId())
054                                    || roles.isDeptViewOnlyForPerson(targetPerson.getPrincipalId())
055                                    || roles.isLocationAdminForPerson(targetPerson.getPrincipalId())
056                                    || roles.isTimesheetReviewerForPerson(targetPerson.getPrincipalId())
057                                    || roles.isApproverForPerson(targetPerson.getPrincipalId())) {
058                                            
059                            TKUser.setTargetPerson(targetPerson);
060            
061                                if (StringUtils.isNotEmpty(changeTargetPersonForm.getReturnUrl())) {
062                                    GlobalVariables.getUserSession().addObject(TkConstants.TK_TARGET_USER_RETURN, changeTargetPersonForm.getReturnUrl());
063                                }
064                                
065                                String returnAction = "PersonInfo.do";
066                                if (StringUtils.isNotEmpty(changeTargetPersonForm.getTargetUrl())) {
067                                    returnAction = changeTargetPersonForm.getTargetUrl();
068                                }
069                                forward = new ActionRedirect(returnAction);
070                    
071                                LOG.debug(GlobalVariables.getUserSession().getActualPerson().getPrincipalName() + " changed target person to " + targetPerson.getPrincipalName());
072                        } else {
073                            LOG.warn("Non-Admin user attempting to change target person.");
074                            return mapping.findForward("unauthorized");
075                        }
076                    }
077            }
078    
079            return forward;
080        }
081        
082        public ActionForward clearTargetPerson(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception {
083            TKUser.clearTargetUser();
084            
085            String returnAction = "PersonInfo.do";
086            if (StringUtils.isNotBlank((String) GlobalVariables.getUserSession().retrieveObject(TkConstants.TK_TARGET_USER_RETURN))) {
087                    returnAction = (String) GlobalVariables.getUserSession().retrieveObject(TkConstants.TK_TARGET_USER_RETURN);
088            }
089            
090            LOG.debug(GlobalVariables.getUserSession().getActualPerson().getPrincipalName() + " cleared target person");
091    
092            return new ActionRedirect(returnAction);
093        }
094    
095    }