View Javadoc

1   /**
2    * Copyright 2005-2012 The Kuali Foundation
3    *
4    * Licensed under the Educational Community License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    *
8    * http://www.opensource.org/licenses/ecl2.php
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   */
16  package org.kuali.rice.kns.web.struts.action;
17  
18  import org.apache.commons.lang.StringUtils;
19  import org.apache.struts.action.ActionForm;
20  import org.apache.struts.action.ActionForward;
21  import org.apache.struts.action.ActionMapping;
22  import org.kuali.rice.core.api.exception.RiceRuntimeException;
23  import org.kuali.rice.coreservice.framework.CoreFrameworkServiceLocator;
24  import org.kuali.rice.kew.api.KewApiConstants;
25  import org.kuali.rice.kim.api.KimConstants;
26  import org.kuali.rice.kim.api.services.KimApiServiceLocator;
27  import org.kuali.rice.kns.web.struts.form.BackdoorForm;
28  import org.kuali.rice.krad.UserSession;
29  import org.kuali.rice.krad.util.GlobalVariables;
30  import org.kuali.rice.krad.util.KRADConstants;
31  
32  import javax.servlet.http.HttpServletRequest;
33  import javax.servlet.http.HttpServletResponse;
34  import java.util.HashMap;
35  import java.util.Map;
36  
37  /**
38   * A Struts Action which permits a user to execute a backdoor login to masquerade
39   * as another user.
40   *
41   * @author Kuali Rice Team (rice.collab@kuali.org)
42   */
43  public class BackdoorAction extends KualiAction {
44  
45      private static final org.apache.log4j.Logger LOG = org.apache.log4j.Logger.getLogger(BackdoorAction.class);
46  
47      @Override
48      public ActionForward execute(ActionMapping mapping, ActionForm form,
49              HttpServletRequest request, HttpServletResponse response)
50              throws Exception {
51          this.initForm(request, form);
52          return super.execute(mapping, form, request, response);
53      }
54  
55      public ActionForward menu(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception {
56          LOG.debug("menu");
57          return mapping.findForward("basic");
58      }
59  
60      @Override
61      public ActionForward refresh(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception {
62      	return portal(mapping, form, request, response);
63      }
64      
65      public ActionForward start(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception {
66          LOG.debug("start");
67          return portal(mapping, form, request, response);
68      }
69  
70      public ActionForward portal(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception{
71      	LOG.debug("portal started");
72      	return mapping.findForward("viewPortal");
73      }
74  
75      public ActionForward administration(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception {
76          LOG.debug("administration");
77          return mapping.findForward("administration");
78      }
79  
80      public ActionForward logout(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception {
81          LOG.debug("logout");
82          
83          String forward = "viewPortal";
84          UserSession uSession = getUserSession(request);
85          
86          if (uSession.isBackdoorInUse()) {
87              uSession.clearBackdoorUser();
88              setFormGroupPermission((BackdoorForm)form, request);
89              //request.setAttribute("reloadPage","true");
90              
91              org.kuali.rice.krad.UserSession KnsUserSession;
92              KnsUserSession = GlobalVariables.getUserSession();
93              KnsUserSession.clearBackdoorUser();
94          }
95          else {
96              forward = "logout";
97          }
98          
99          return mapping.findForward(forward);
100     }
101 
102     public ActionForward login(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception {
103         LOG.debug("login");
104         UserSession uSession = getUserSession(request);
105         BackdoorForm backdoorForm = (BackdoorForm) form;
106 
107         //if backdoor Id is empty or equal to currently logged in user, clear backdoor id
108         if (uSession.isBackdoorInUse() &&
109                 (StringUtils.isEmpty(backdoorForm.getBackdoorId())
110                 || uSession.getLoggedInUserPrincipalName().equals(backdoorForm.getBackdoorId()))) {
111             return logout(mapping, form, request, response);
112         }
113 
114         try {
115         	uSession.setBackdoorUser(backdoorForm.getBackdoorId());
116         } catch (RiceRuntimeException e) {
117         	LOG.warn("invalid backdoor id " + backdoorForm.getBackdoorId(), e);
118             //Commenting this out since it is not being read anywhere
119             //request.setAttribute("badbackdoor", "Invalid backdoor Id given '" + backdoorForm.getBackdoorId() + "'");
120             return mapping.findForward("invalid_backdoor_portal");
121         }
122 
123         setFormGroupPermission(backdoorForm, request);
124         
125         return mapping.findForward("portal");
126     }
127 
128     private void setFormGroupPermission(BackdoorForm backdoorForm, HttpServletRequest request) {
129     	// based on whether or not they have permission to use the fictional "AdministrationAction", kind of a hack for now since I don't have time to
130     	// split this single action up and I can't pass the methodToCall to the permission check
131     	Map<String, String> permissionDetails = new HashMap<String, String>();
132     	permissionDetails.put(KimConstants.AttributeConstants.NAMESPACE_CODE, KewApiConstants.KEW_NAMESPACE);
133     	permissionDetails.put(KimConstants.AttributeConstants.ACTION_CLASS, "org.kuali.rice.kew.web.backdoor.AdministrationAction");
134     	boolean isAdmin = KimApiServiceLocator.getPermissionService().isAuthorizedByTemplate(getUserSession(request)
135                 .getPrincipalId(), KRADConstants.KNS_NAMESPACE, KimConstants.PermissionTemplateNames.USE_SCREEN,
136                 permissionDetails, new HashMap<String, String>());
137         backdoorForm.setIsAdmin(isAdmin);
138     }
139 
140     public void initForm(HttpServletRequest request, ActionForm form) throws Exception {
141     	BackdoorForm backdoorForm = (BackdoorForm) form;
142 
143     	Boolean showBackdoorLogin = CoreFrameworkServiceLocator.getParameterService().getParameterValueAsBoolean(KewApiConstants.KEW_NAMESPACE, KRADConstants.DetailTypes.BACKDOOR_DETAIL_TYPE, KewApiConstants.SHOW_BACK_DOOR_LOGIN_IND);
144         backdoorForm.setShowBackdoorLogin(showBackdoorLogin);
145         setFormGroupPermission(backdoorForm, request);
146         if (backdoorForm.getGraphic() != null) {
147         	request.getSession().setAttribute("showGraphic", backdoorForm.getGraphic());
148         }
149     }
150 
151     public static UserSession getUserSession(HttpServletRequest request) {
152         return GlobalVariables.getUserSession();
153     }
154 }