View Javadoc

1   /*
2    * Copyright 2005-2007 The Kuali Foundation
3    *
4    *
5    * Licensed under the Educational Community License, Version 2.0 (the "License");
6    * you may not use this file except in compliance with the License.
7    * You may obtain a copy of the License at
8    *
9    * http://www.opensource.org/licenses/ecl2.php
10   *
11   * Unless required by applicable law or agreed to in writing, software
12   * distributed under the License is distributed on an "AS IS" BASIS,
13   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14   * See the License for the specific language governing permissions and
15   * limitations under the License.
16   */
17  package org.kuali.rice.kns.web.struts.action;
18  
19  import javax.servlet.http.HttpServletRequest;
20  import javax.servlet.http.HttpServletResponse;
21  
22  import org.apache.commons.lang.StringUtils;
23  import org.apache.struts.action.ActionForm;
24  import org.apache.struts.action.ActionForward;
25  import org.apache.struts.action.ActionMapping;
26  import org.kuali.rice.kew.util.KEWConstants;
27  import org.kuali.rice.kew.web.session.UserSession;
28  import org.kuali.rice.kim.bo.impl.KimAttributes;
29  import org.kuali.rice.kim.bo.types.dto.AttributeSet;
30  import org.kuali.rice.kim.service.KIMServiceLocator;
31  import org.kuali.rice.kim.util.KimConstants;
32  import org.kuali.rice.kns.service.KNSServiceLocator;
33  import org.kuali.rice.kns.util.GlobalVariables;
34  import org.kuali.rice.kns.util.KNSConstants;
35  import org.kuali.rice.kns.web.struts.form.BackdoorForm;
36  
37  
38  /**
39   * A Struts Action which permits a user to execute a backdoor login to masquerade
40   * as another user.
41   *
42   * @author Kuali Rice Team (rice.collab@kuali.org)
43   */
44  public class BackdoorAction extends KualiAction {
45  
46      private static final org.apache.log4j.Logger LOG = org.apache.log4j.Logger.getLogger(BackdoorAction.class);
47  
48      @Override
49      public ActionForward execute(ActionMapping mapping, ActionForm form,
50              HttpServletRequest request, HttpServletResponse response)
51              throws Exception {
52          this.initForm(request, form);
53          return super.execute(mapping, form, request, response);
54      }
55  
56      public ActionForward menu(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception {
57          LOG.debug("menu");
58          return mapping.findForward("basic");
59      }
60  
61      @Override
62      public ActionForward refresh(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception {
63      	return portal(mapping, form, request, response);
64      }
65      
66      public ActionForward start(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception {
67          LOG.debug("start");
68          return portal(mapping, form, request, response);
69      }
70  
71      public ActionForward portal(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception{
72      	LOG.debug("portal started");
73      	return mapping.findForward("viewPortal");
74      }
75  
76      public ActionForward administration(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception {
77          LOG.debug("administration");
78          return mapping.findForward("administration");
79      }
80  
81      public ActionForward logout(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception {
82          LOG.debug("logout");
83          
84          String forward = "viewPortal";
85          UserSession uSession = getUserSession(request);
86          
87          if (uSession.isBackdoorInUse()) {
88              uSession.clearBackdoor();
89              setFormGroupPermission((BackdoorForm)form, request);
90              //request.setAttribute("reloadPage","true");
91              
92              org.kuali.rice.kns.UserSession KnsUserSession;
93              KnsUserSession = GlobalVariables.getUserSession();
94              KnsUserSession.clearBackdoorUser();
95          }
96          else {
97              forward = "logout";
98          }
99          
100         return mapping.findForward(forward);
101     }
102 
103     public ActionForward login(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception {
104         LOG.debug("login");
105         UserSession uSession = getUserSession(request);
106         BackdoorForm backdoorForm = (BackdoorForm) form;
107 
108         //if backdoor Id is empty or equal to currently logged in user, clear backdoor id
109         if (uSession.isBackdoorInUse() &&
110                 (StringUtils.isEmpty(backdoorForm.getBackdoorId())
111                 || uSession.getActualPrincipal().getPrincipalName().equals(backdoorForm.getBackdoorId()))) {
112             return logout(mapping, form, request, response);
113         }
114         
115         if (!uSession.establishBackdoorWithPrincipalName(backdoorForm.getBackdoorId())) {
116             request.setAttribute("badbackdoor", "Invalid backdoor Id given '" + backdoorForm.getBackdoorId() + "'");
117             return mapping.findForward("portal");
118         }
119         
120         uSession.getAuthentications().clear();
121         setFormGroupPermission(backdoorForm, request);
122         
123         return mapping.findForward("portal");
124     }
125 
126     private void setFormGroupPermission(BackdoorForm backdoorForm, HttpServletRequest request) {
127     	// based on whether or not they have permission to use the fictional "AdministrationAction", kind of a hack for now since I don't have time to
128     	// split this single action up and I can't pass the methodToCall to the permission check
129     	AttributeSet permissionDetails = new AttributeSet();
130     	permissionDetails.put(KimAttributes.NAMESPACE_CODE, KEWConstants.KEW_NAMESPACE);
131     	permissionDetails.put(KimAttributes.ACTION_CLASS, "org.kuali.rice.kew.web.backdoor.AdministrationAction");
132     	boolean isAdmin = KIMServiceLocator.getIdentityManagementService().isAuthorizedByTemplateName(getUserSession(request).getPrincipalId(), KNSConstants.KNS_NAMESPACE,	KimConstants.PermissionTemplateNames.USE_SCREEN, permissionDetails, new AttributeSet());
133         backdoorForm.setIsAdmin(isAdmin);
134     }
135 
136     public void initForm(HttpServletRequest request, ActionForm form) throws Exception {
137     	BackdoorForm backdoorForm = (BackdoorForm) form;
138 
139     	Boolean showBackdoorLogin = KNSServiceLocator.getParameterService().getIndicatorParameter(KEWConstants.KEW_NAMESPACE, KNSConstants.DetailTypes.BACKDOOR_DETAIL_TYPE, KEWConstants.SHOW_BACK_DOOR_LOGIN_IND);
140         backdoorForm.setShowBackdoorLogin(showBackdoorLogin);
141         setFormGroupPermission(backdoorForm, request);
142         if (backdoorForm.getGraphic() != null) {
143         	request.getSession().setAttribute("showGraphic", backdoorForm.getGraphic());
144         }
145     }
146 
147     public static UserSession getUserSession(HttpServletRequest request) {
148         return UserSession.getAuthenticatedUser();
149     }
150 }