001    /**
002     * Copyright 2004-2013 The Kuali Foundation
003     *
004     * Licensed under the Educational Community License, Version 2.0 (the "License");
005     * you may not use this file except in compliance with the License.
006     * You may obtain a copy of the License at
007     *
008     * http://www.opensource.org/licenses/ecl2.php
009     *
010     * Unless required by applicable law or agreed to in writing, software
011     * distributed under the License is distributed on an "AS IS" BASIS,
012     * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
013     * See the License for the specific language governing permissions and
014     * limitations under the License.
015     */
016    package org.kuali.hr.time.admin.web;
017    
018    import javax.servlet.http.HttpServletRequest;
019    import javax.servlet.http.HttpServletResponse;
020    
021    import org.apache.commons.lang.StringUtils;
022    import org.apache.log4j.Logger;
023    import org.apache.struts.action.ActionForm;
024    import org.apache.struts.action.ActionForward;
025    import org.apache.struts.action.ActionMapping;
026    import org.apache.struts.action.ActionRedirect;
027    import org.kuali.hr.time.base.web.TkAction;
028    import org.kuali.hr.time.roles.TkUserRoles;
029    import org.kuali.hr.time.roles.UserRoles;
030    import org.kuali.hr.time.util.TKContext;
031    import org.kuali.hr.time.util.TKUser;
032    import org.kuali.hr.time.util.TkConstants;
033    import org.kuali.rice.kim.api.identity.Person;
034    import org.kuali.rice.kim.api.identity.principal.Principal;
035    import org.kuali.rice.kim.api.services.KimApiServiceLocator;
036    import org.kuali.rice.krad.util.GlobalVariables;
037    
038    public class ChangeTargetPersonAction extends TkAction {
039            
040            private static final Logger LOG = Logger.getLogger(ChangeTargetPersonAction.class);
041            
042        public ActionForward changeTargetPerson(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception {
043                    ActionForward forward = mapping.findForward("basic");
044            
045            ChangeTargetPersonForm changeTargetPersonForm = (ChangeTargetPersonForm) form;
046    
047            if (StringUtils.isNotBlank(changeTargetPersonForm.getPrincipalName())) {
048                    Principal targetPerson = KimApiServiceLocator.getIdentityService().getPrincipalByPrincipalName(changeTargetPersonForm.getPrincipalName());
049                    
050                    if (targetPerson != null) {
051                            UserRoles roles = TkUserRoles.getUserRoles(GlobalVariables.getUserSession().getPrincipalId());
052                        if (roles.isSystemAdmin()
053                                    || roles.isGlobalViewOnly()
054                                    || roles.isDepartmentAdminForPerson(targetPerson.getPrincipalId())
055                                    || roles.isDeptViewOnlyForPerson(targetPerson.getPrincipalId())
056                                    || roles.isLocationAdminForPerson(targetPerson.getPrincipalId())
057                                    || roles.isTimesheetReviewerForPerson(targetPerson.getPrincipalId())
058                                    || roles.isApproverForPerson(targetPerson.getPrincipalId())) {
059                                            
060                            TKUser.setTargetPerson(targetPerson.getPrincipalId());
061            
062                                if (StringUtils.isNotEmpty(changeTargetPersonForm.getReturnUrl())) {
063                                    GlobalVariables.getUserSession().addObject(TkConstants.TK_TARGET_USER_RETURN, changeTargetPersonForm.getReturnUrl());
064                                }
065                                
066                                String returnAction = "PersonInfo.do";
067                                if (StringUtils.isNotEmpty(changeTargetPersonForm.getTargetUrl())) {
068                                    returnAction = changeTargetPersonForm.getTargetUrl();
069                                }
070                                forward = new ActionRedirect(returnAction);
071                    
072                                LOG.debug(GlobalVariables.getUserSession().getActualPerson().getPrincipalName() + " changed target person to " + targetPerson.getPrincipalName());
073                        } else {
074                            LOG.warn("Non-Admin user attempting to change target person.");
075                            return mapping.findForward("unauthorized");
076                        }
077                    }
078            }
079    
080            return forward;
081        }
082        
083        public ActionForward clearTargetPerson(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception {
084            TKUser.clearTargetUser();
085            
086            String returnAction = "PersonInfo.do";
087            if (StringUtils.isNotBlank((String) GlobalVariables.getUserSession().retrieveObject(TkConstants.TK_TARGET_USER_RETURN))) {
088                    returnAction = (String) GlobalVariables.getUserSession().retrieveObject(TkConstants.TK_TARGET_USER_RETURN);
089            }
090            
091            LOG.debug(GlobalVariables.getUserSession().getActualPerson().getPrincipalName() + " cleared target person");
092    
093            return new ActionRedirect(returnAction);
094        }
095    
096    }