1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16 package org.kuali.hr.time.admin.web;
17
18 import javax.servlet.http.HttpServletRequest;
19 import javax.servlet.http.HttpServletResponse;
20
21 import org.apache.commons.lang.StringUtils;
22 import org.apache.log4j.Logger;
23 import org.apache.struts.action.ActionForm;
24 import org.apache.struts.action.ActionForward;
25 import org.apache.struts.action.ActionMapping;
26 import org.apache.struts.action.ActionRedirect;
27 import org.kuali.hr.time.base.web.TkAction;
28 import org.kuali.hr.time.roles.TkUserRoles;
29 import org.kuali.hr.time.roles.UserRoles;
30 import org.kuali.hr.time.util.TKContext;
31 import org.kuali.hr.time.util.TKUser;
32 import org.kuali.hr.time.util.TkConstants;
33 import org.kuali.rice.kim.api.identity.Person;
34 import org.kuali.rice.kim.api.identity.principal.Principal;
35 import org.kuali.rice.kim.api.services.KimApiServiceLocator;
36 import org.kuali.rice.krad.util.GlobalVariables;
37
38 public class ChangeTargetPersonAction extends TkAction {
39
40 private static final Logger LOG = Logger.getLogger(ChangeTargetPersonAction.class);
41
42 public ActionForward changeTargetPerson(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception {
43 ActionForward forward = mapping.findForward("basic");
44
45 ChangeTargetPersonForm changeTargetPersonForm = (ChangeTargetPersonForm) form;
46
47 if (StringUtils.isNotBlank(changeTargetPersonForm.getPrincipalName())) {
48 Principal targetPerson = KimApiServiceLocator.getIdentityService().getPrincipalByPrincipalName(changeTargetPersonForm.getPrincipalName());
49
50 if (targetPerson != null) {
51 UserRoles roles = TkUserRoles.getUserRoles(GlobalVariables.getUserSession().getPrincipalId());
52 if (roles.isSystemAdmin()
53 || roles.isGlobalViewOnly()
54 || roles.isDepartmentAdminForPerson(targetPerson.getPrincipalId())
55 || roles.isDeptViewOnlyForPerson(targetPerson.getPrincipalId())
56 || roles.isLocationAdminForPerson(targetPerson.getPrincipalId())
57 || roles.isTimesheetReviewerForPerson(targetPerson.getPrincipalId())
58 || roles.isApproverForPerson(targetPerson.getPrincipalId())) {
59
60 TKUser.setTargetPerson(targetPerson.getPrincipalId());
61
62 if (StringUtils.isNotEmpty(changeTargetPersonForm.getReturnUrl())) {
63 GlobalVariables.getUserSession().addObject(TkConstants.TK_TARGET_USER_RETURN, changeTargetPersonForm.getReturnUrl());
64 }
65
66 String returnAction = "PersonInfo.do";
67 if (StringUtils.isNotEmpty(changeTargetPersonForm.getTargetUrl())) {
68 returnAction = changeTargetPersonForm.getTargetUrl();
69 }
70 forward = new ActionRedirect(returnAction);
71
72 LOG.debug(GlobalVariables.getUserSession().getActualPerson().getPrincipalName() + " changed target person to " + targetPerson.getPrincipalName());
73 } else {
74 LOG.warn("Non-Admin user attempting to change target person.");
75 return mapping.findForward("unauthorized");
76 }
77 }
78 }
79
80 return forward;
81 }
82
83 public ActionForward clearTargetPerson(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception {
84 TKUser.clearTargetUser();
85
86 String returnAction = "PersonInfo.do";
87 if (StringUtils.isNotBlank((String) GlobalVariables.getUserSession().retrieveObject(TkConstants.TK_TARGET_USER_RETURN))) {
88 returnAction = (String) GlobalVariables.getUserSession().retrieveObject(TkConstants.TK_TARGET_USER_RETURN);
89 }
90
91 LOG.debug(GlobalVariables.getUserSession().getActualPerson().getPrincipalName() + " cleared target person");
92
93 return new ActionRedirect(returnAction);
94 }
95
96 }