001    /**
002     * Copyright 2005-2012 The Kuali Foundation
003     *
004     * Licensed under the Educational Community License, Version 2.0 (the "License");
005     * you may not use this file except in compliance with the License.
006     * You may obtain a copy of the License at
007     *
008     * http://www.opensource.org/licenses/ecl2.php
009     *
010     * Unless required by applicable law or agreed to in writing, software
011     * distributed under the License is distributed on an "AS IS" BASIS,
012     * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
013     * See the License for the specific language governing permissions and
014     * limitations under the License.
015     */
016    package org.kuali.rice.kns.web.struts.action;
017    
018    import org.apache.commons.lang.StringUtils;
019    import org.apache.struts.action.ActionForm;
020    import org.apache.struts.action.ActionForward;
021    import org.apache.struts.action.ActionMapping;
022    import org.kuali.rice.core.api.exception.RiceRuntimeException;
023    import org.kuali.rice.coreservice.framework.CoreFrameworkServiceLocator;
024    import org.kuali.rice.kew.api.KewApiConstants;
025    import org.kuali.rice.kim.api.KimConstants;
026    import org.kuali.rice.kim.api.services.KimApiServiceLocator;
027    import org.kuali.rice.kns.web.struts.form.BackdoorForm;
028    import org.kuali.rice.krad.UserSession;
029    import org.kuali.rice.krad.util.GlobalVariables;
030    import org.kuali.rice.krad.util.KRADConstants;
031    
032    import javax.servlet.http.HttpServletRequest;
033    import javax.servlet.http.HttpServletResponse;
034    import java.util.HashMap;
035    import java.util.Map;
036    
037    /**
038     * A Struts Action which permits a user to execute a backdoor login to masquerade
039     * as another user.
040     *
041     * @author Kuali Rice Team (rice.collab@kuali.org)
042     */
043    public class BackdoorAction extends KualiAction {
044    
045        private static final org.apache.log4j.Logger LOG = org.apache.log4j.Logger.getLogger(BackdoorAction.class);
046    
047        @Override
048        public ActionForward execute(ActionMapping mapping, ActionForm form,
049                HttpServletRequest request, HttpServletResponse response)
050                throws Exception {
051            this.initForm(request, form);
052            return super.execute(mapping, form, request, response);
053        }
054    
055        public ActionForward menu(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception {
056            LOG.debug("menu");
057            return mapping.findForward("basic");
058        }
059    
060        @Override
061        public ActionForward refresh(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception {
062            return portal(mapping, form, request, response);
063        }
064        
065        public ActionForward start(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception {
066            LOG.debug("start");
067            return portal(mapping, form, request, response);
068        }
069    
070        public ActionForward portal(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception{
071            LOG.debug("portal started");
072            return mapping.findForward("viewPortal");
073        }
074    
075        public ActionForward administration(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception {
076            LOG.debug("administration");
077            return mapping.findForward("administration");
078        }
079    
080        public ActionForward logout(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception {
081            LOG.debug("logout");
082            
083            String forward = "viewPortal";
084            UserSession uSession = getUserSession(request);
085            
086            if (uSession.isBackdoorInUse()) {
087                uSession.clearBackdoorUser();
088                setFormGroupPermission((BackdoorForm)form, request);
089                //request.setAttribute("reloadPage","true");
090                
091                org.kuali.rice.krad.UserSession KnsUserSession;
092                KnsUserSession = GlobalVariables.getUserSession();
093                KnsUserSession.clearBackdoorUser();
094            }
095            else {
096                forward = "logout";
097            }
098            
099            return mapping.findForward(forward);
100        }
101    
102        public ActionForward login(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception {
103            LOG.debug("login");
104            UserSession uSession = getUserSession(request);
105            BackdoorForm backdoorForm = (BackdoorForm) form;
106    
107            //if backdoor Id is empty or equal to currently logged in user, clear backdoor id
108            if (uSession.isBackdoorInUse() &&
109                    (StringUtils.isEmpty(backdoorForm.getBackdoorId())
110                    || uSession.getLoggedInUserPrincipalName().equals(backdoorForm.getBackdoorId()))) {
111                return logout(mapping, form, request, response);
112            }
113            
114            try {
115                    uSession.setBackdoorUser(backdoorForm.getBackdoorId());
116            } catch (RiceRuntimeException e) {
117                    LOG.warn("invalid backdoor id " + backdoorForm.getBackdoorId(), e);
118                request.setAttribute("badbackdoor", "Invalid backdoor Id given '" + backdoorForm.getBackdoorId() + "'");
119                return mapping.findForward("portal");
120            }
121    
122            setFormGroupPermission(backdoorForm, request);
123            
124            return mapping.findForward("portal");
125        }
126    
127        private void setFormGroupPermission(BackdoorForm backdoorForm, HttpServletRequest request) {
128            // based on whether or not they have permission to use the fictional "AdministrationAction", kind of a hack for now since I don't have time to
129            // split this single action up and I can't pass the methodToCall to the permission check
130            Map<String, String> permissionDetails = new HashMap<String, String>();
131            permissionDetails.put(KimConstants.AttributeConstants.NAMESPACE_CODE, KewApiConstants.KEW_NAMESPACE);
132            permissionDetails.put(KimConstants.AttributeConstants.ACTION_CLASS, "org.kuali.rice.kew.web.backdoor.AdministrationAction");
133            boolean isAdmin = KimApiServiceLocator.getPermissionService().isAuthorizedByTemplate(getUserSession(request)
134                    .getPrincipalId(), KRADConstants.KNS_NAMESPACE, KimConstants.PermissionTemplateNames.USE_SCREEN,
135                    permissionDetails, new HashMap<String, String>());
136            backdoorForm.setIsAdmin(isAdmin);
137        }
138    
139        public void initForm(HttpServletRequest request, ActionForm form) throws Exception {
140            BackdoorForm backdoorForm = (BackdoorForm) form;
141    
142            Boolean showBackdoorLogin = CoreFrameworkServiceLocator.getParameterService().getParameterValueAsBoolean(KewApiConstants.KEW_NAMESPACE, KRADConstants.DetailTypes.BACKDOOR_DETAIL_TYPE, KewApiConstants.SHOW_BACK_DOOR_LOGIN_IND);
143            backdoorForm.setShowBackdoorLogin(showBackdoorLogin);
144            setFormGroupPermission(backdoorForm, request);
145            if (backdoorForm.getGraphic() != null) {
146                    request.getSession().setAttribute("showGraphic", backdoorForm.getGraphic());
147            }
148        }
149    
150        public static UserSession getUserSession(HttpServletRequest request) {
151            return GlobalVariables.getUserSession();
152        }
153    }