1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16 package org.kuali.rice.kns.web.struts.action;
17
18 import org.apache.commons.lang.StringUtils;
19 import org.apache.struts.action.ActionForm;
20 import org.apache.struts.action.ActionForward;
21 import org.apache.struts.action.ActionMapping;
22 import org.kuali.rice.core.api.exception.RiceRuntimeException;
23 import org.kuali.rice.core.framework.services.CoreFrameworkServiceLocator;
24 import org.kuali.rice.kew.api.KewApiConstants;
25 import org.kuali.rice.kim.api.KimConstants;
26 import org.kuali.rice.kim.api.services.KimApiServiceLocator;
27 import org.kuali.rice.kns.web.struts.form.BackdoorForm;
28 import org.kuali.rice.krad.UserSession;
29 import org.kuali.rice.krad.util.GlobalVariables;
30 import org.kuali.rice.krad.util.KRADConstants;
31
32 import javax.servlet.http.HttpServletRequest;
33 import javax.servlet.http.HttpServletResponse;
34 import java.util.HashMap;
35 import java.util.Map;
36
37
38
39
40
41
42
43 public class BackdoorAction extends KualiAction {
44
45 private static final org.apache.log4j.Logger LOG = org.apache.log4j.Logger.getLogger(BackdoorAction.class);
46
47 @Override
48 public ActionForward execute(ActionMapping mapping, ActionForm form,
49 HttpServletRequest request, HttpServletResponse response)
50 throws Exception {
51 this.initForm(request, form);
52 return super.execute(mapping, form, request, response);
53 }
54
55 public ActionForward menu(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception {
56 LOG.debug("menu");
57 return mapping.findForward("basic");
58 }
59
60 @Override
61 public ActionForward refresh(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception {
62 return portal(mapping, form, request, response);
63 }
64
65 public ActionForward start(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception {
66 LOG.debug("start");
67 return portal(mapping, form, request, response);
68 }
69
70 public ActionForward portal(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception{
71 LOG.debug("portal started");
72 return mapping.findForward("viewPortal");
73 }
74
75 public ActionForward administration(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception {
76 LOG.debug("administration");
77 return mapping.findForward("administration");
78 }
79
80 public ActionForward logout(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception {
81 LOG.debug("logout");
82
83 String forward = "viewPortal";
84 UserSession uSession = getUserSession(request);
85
86 if (uSession.isBackdoorInUse()) {
87 uSession.clearBackdoorUser();
88 setFormGroupPermission((BackdoorForm)form, request);
89
90
91 org.kuali.rice.krad.UserSession KnsUserSession;
92 KnsUserSession = GlobalVariables.getUserSession();
93 KnsUserSession.clearBackdoorUser();
94 }
95 else {
96 forward = "logout";
97 }
98
99 return mapping.findForward(forward);
100 }
101
102 public ActionForward login(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception {
103 LOG.debug("login");
104 UserSession uSession = getUserSession(request);
105 BackdoorForm backdoorForm = (BackdoorForm) form;
106
107
108 if (uSession.isBackdoorInUse() &&
109 (StringUtils.isEmpty(backdoorForm.getBackdoorId())
110 || uSession.getLoggedInUserPrincipalName().equals(backdoorForm.getBackdoorId()))) {
111 return logout(mapping, form, request, response);
112 }
113
114 try {
115 uSession.setBackdoorUser(backdoorForm.getBackdoorId());
116 } catch (RiceRuntimeException e) {
117 LOG.warn("invalid backdoor id " + backdoorForm.getBackdoorId(), e);
118 request.setAttribute("badbackdoor", "Invalid backdoor Id given '" + backdoorForm.getBackdoorId() + "'");
119 return mapping.findForward("portal");
120 }
121
122 setFormGroupPermission(backdoorForm, request);
123
124 return mapping.findForward("portal");
125 }
126
127 private void setFormGroupPermission(BackdoorForm backdoorForm, HttpServletRequest request) {
128
129
130 Map<String, String> permissionDetails = new HashMap<String, String>();
131 permissionDetails.put(KimConstants.AttributeConstants.NAMESPACE_CODE, KewApiConstants.KEW_NAMESPACE);
132 permissionDetails.put(KimConstants.AttributeConstants.ACTION_CLASS, "org.kuali.rice.kew.web.backdoor.AdministrationAction");
133 boolean isAdmin = KimApiServiceLocator.getPermissionService().isAuthorizedByTemplateName(getUserSession(request).getPrincipalId(), KRADConstants.KRAD_NAMESPACE, KimConstants.PermissionTemplateNames.USE_SCREEN, permissionDetails, new HashMap<String, String>());
134 backdoorForm.setIsAdmin(isAdmin);
135 }
136
137 public void initForm(HttpServletRequest request, ActionForm form) throws Exception {
138 BackdoorForm backdoorForm = (BackdoorForm) form;
139
140 Boolean showBackdoorLogin = CoreFrameworkServiceLocator.getParameterService().getParameterValueAsBoolean(KewApiConstants.KEW_NAMESPACE, KRADConstants.DetailTypes.BACKDOOR_DETAIL_TYPE, KewApiConstants.SHOW_BACK_DOOR_LOGIN_IND);
141 backdoorForm.setShowBackdoorLogin(showBackdoorLogin);
142 setFormGroupPermission(backdoorForm, request);
143 if (backdoorForm.getGraphic() != null) {
144 request.getSession().setAttribute("showGraphic", backdoorForm.getGraphic());
145 }
146 }
147
148 public static UserSession getUserSession(HttpServletRequest request) {
149 return GlobalVariables.getUserSession();
150 }
151 }