1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16 package org.kuali.mobility.shared.controllers;
17
18 import org.kuali.mobility.configparams.service.ConfigParamService;
19 import org.kuali.mobility.security.group.api.Group;
20 import org.kuali.mobility.security.group.api.GroupDao;
21 import org.kuali.mobility.security.user.api.User;
22 import org.kuali.mobility.security.user.entity.UserImpl;
23 import org.kuali.mobility.shared.Constants;
24 import org.kuali.mobility.shared.entity.Backdoor;
25 import org.springframework.beans.factory.annotation.Autowired;
26 import org.springframework.beans.factory.annotation.Qualifier;
27 import org.springframework.stereotype.Controller;
28 import org.springframework.ui.Model;
29 import org.springframework.validation.BindingResult;
30 import org.springframework.validation.Errors;
31 import org.springframework.web.bind.annotation.ModelAttribute;
32 import org.springframework.web.bind.annotation.RequestMapping;
33 import org.springframework.web.bind.annotation.RequestMethod;
34
35 import javax.servlet.http.HttpServletRequest;
36 import javax.servlet.http.HttpServletResponse;
37
38
39
40
41
42
43 @Controller
44 @RequestMapping("/backdoor")
45 public class BackdoorController {
46
47 @Autowired
48 @Qualifier("kmeGroupDao")
49 private GroupDao groupDao;
50
51 @Autowired
52 private ConfigParamService configParamService;
53
54 @RequestMapping(method = RequestMethod.GET)
55 public String backdoor(HttpServletRequest request, HttpServletResponse response, Model uiModel) {
56 Backdoor backdoor = (Backdoor) request.getSession().getAttribute(Constants.KME_BACKDOOR_USER_KEY);
57 if (backdoor != null) {
58 uiModel.addAttribute("backdoor", backdoor);
59 } else {
60 uiModel.addAttribute("backdoor", new Backdoor());
61 }
62 return "backdoor";
63 }
64
65 @RequestMapping(value = "remove", method = RequestMethod.GET)
66 public String removeBackdoor(HttpServletRequest request, HttpServletResponse response, Model uiModel) {
67 Backdoor backdoor = (Backdoor) request.getSession().getAttribute(Constants.KME_BACKDOOR_USER_KEY);
68 if (backdoor != null) {
69 User user = (User) request.getSession().getAttribute(Constants.KME_USER_KEY);
70 if (user != null && backdoor.getActualUser() != null) {
71 request.getSession().setAttribute(Constants.KME_USER_KEY, backdoor.getActualUser());
72 }
73 request.getSession().setAttribute(Constants.KME_BACKDOOR_USER_KEY, null);
74 }
75 return "redirect:/home";
76 }
77
78 @RequestMapping(method = RequestMethod.POST)
79 public String submit(HttpServletRequest request, HttpServletResponse response, Model uiModel, @ModelAttribute("backdoor") Backdoor backdoor, BindingResult result) {
80 if (isValidQuery(backdoor, result)) {
81 User user = (User) request.getSession().getAttribute(Constants.KME_USER_KEY);
82 backdoor.setActualUser(user);
83 user = new UserImpl();
84 user.setLoginName(backdoor.getUserId());
85
86 Group group = getGroupDao().getGroup(getConfigParamService().findValueByName("Backdoor.Group.Name"));
87 user.getGroups().add(group);
88
89 request.getSession().setAttribute(Constants.KME_BACKDOOR_USER_KEY, backdoor);
90 request.getSession().setAttribute(Constants.KME_USER_KEY, user);
91 return "redirect:/home";
92 } else {
93 return "backdoor";
94 }
95 }
96
97 private boolean isValidQuery(Backdoor backdoor, BindingResult result) {
98 boolean hasErrors = false;
99 Errors errors = ((Errors) result);
100 if (backdoor.getUserId() == null || "".equals(backdoor.getUserId().trim())) {
101 errors.rejectValue("userId", "", "Please enter a username");
102 hasErrors = true;
103 }
104 return !hasErrors;
105 }
106
107 public GroupDao getGroupDao() {
108 return groupDao;
109 }
110
111 public void setGroupDao(GroupDao groupDao) {
112 this.groupDao = groupDao;
113 }
114
115 public ConfigParamService getConfigParamService() {
116 return configParamService;
117 }
118
119 public void setConfigParamService(ConfigParamService configParamService) {
120 this.configParamService = configParamService;
121 }
122 }