Subversion Repositories general

Compare Revisions

Ignore whitespace Rev 917 → Rev 918

/sun/hostcaptain/trunk/src/ak/hostcaptain/core/action/ChangePasswordAction.java
34,8 → 34,8
User user = (User)request.getSession().getAttribute("user");
 
if(user.checkPassword((String)theForm.get("oldpassword"))) {
user.setNewPassword((String)theForm.get("password"));
UserManager.getInstance().save(user, user); // FIXME: allow user to change own password
user.setPassword(user, (String)theForm.get("password"));
UserManager.getInstance().save(user, user);
response.sendRedirect(BackPath.findBackPath(request).getBackwardUrl());
return null;
}
/sun/hostcaptain/trunk/src/ak/hostcaptain/core/action/UserAction.java
37,6 → 37,24
if("submit".equals(mapping.getParameter())) {
User user = (User)request.getSession().getAttribute("user");
initUserList(request, user);
 
DynaActionForm theForm = (DynaActionForm)form;
Long userId;
User u;
 
try {
userId = StringConverter.parseLong(theForm.get("id"));
}
catch(NumberFormatException ex) {
userId = null;
}
 
if(userId == null)
u = UserManager.getInstance().create(user);
else
u = UserManager.getInstance().get(user, userId);
 
request.setAttribute("u", u);
}
}
 
56,14 → 74,16
else if("edit".equals(mapping.getParameter())) {
DynaActionForm theForm = (DynaActionForm)form;
Long userId = StringConverter.parseLong(theForm.get("id"));
User u;
DynaActionForm showForm = (DynaActionForm)RequestUtilsX.populateActionForm(
this, request, "ak.hostcaptain.core.form.UserEditForm");
 
if(userId == null) {
u = UserManager.getInstance().create(user);
showForm.set("enabled", new Boolean(true));
}
else {
User u = UserManager.getInstance().get(user, userId);
u = UserManager.getInstance().get(user, userId);
showForm.set("login", u.getLogin());
if(u.getBoss() != null)
showForm.set("boss", StringConverter.toString(u.getBoss().getId()));
73,6 → 93,7
}
 
initUserList(request, user);
request.setAttribute("u", u);
return mapping.findForward("default");
}
else if("delete".equals(mapping.getParameter())) {
79,6 → 100,7
DynaActionForm theForm = (DynaActionForm)form;
Long userId = StringConverter.parseLong(theForm.get("id"));
User u = UserManager.getInstance().get(user, userId);
request.setAttribute("u", u);
 
if(u.equals(user))
throw new UserException(CoreResources.DELETE_ME_SELF);
105,20 → 127,27
else {
u = UserManager.getInstance().get(user, userId);
}
request.setAttribute("u", u);
 
u.setLogin((String)theForm.get("login"));
u.setLogin(user, (String)theForm.get("login"));
 
if(u.editableBy(user)) {
Long bossId = StringConverter.parseLong(theForm.get("boss"));
if(bossId == null)
u.setBoss(user, null);
else
u.setBoss(user, UserManager.getInstance().get(user, bossId));
}
 
Long bossId = StringConverter.parseLong(theForm.get("boss"));
if(bossId == null)
u.setBoss(null);
else
u.setBoss(UserManager.getInstance().get(user, bossId));
 
if(!user.equals(u)) // do not allow user to change own superuser status
u.setSuperuser((Boolean)theForm.get("superuser"));
if(u.mayChangeSuperuser(user))
u.setSuperuser(user, (Boolean)theForm.get("superuser"));
 
if(password != null && !password.equals(""))
u.setNewPassword(password);
if(password != null && !password.equals("")
&& u.editableBy(user) // more strong condition, because normal
&& u.mayChangePassword(user)) // user have to enter first the old password
{
u.setPassword(user, password);
}
 
u.setEnabled((Boolean)theForm.get("enabled"));
u.setComment((String)theForm.get("comment"));
/sun/hostcaptain/trunk/src/ak/hostcaptain/core/CoreResources.properties
104,6 → 104,8
ak.hostcaptain.page.user.edit.boss=Boss
ak.hostcaptain.page.user.edit.boss.empty=-- no boss --
ak.hostcaptain.page.user.edit.superuser=Superuser
ak.hostcaptain.page.user.edit.superuser.true=yes
ak.hostcaptain.page.user.edit.superuser.false=no
ak.hostcaptain.page.user.edit.enabled=Enabled
ak.hostcaptain.page.user.edit.comment=Comment
ak.hostcaptain.page.user.edit.submit=submit
/sun/hostcaptain/trunk/src/ak/hostcaptain/core/model/SystemUser.java
1,7 → 1,5
package ak.hostcaptain.core.model;
 
import java.util.Date;
 
/**
*
* @hibernate.class table="systemusers"
15,7 → 13,6
private Integer uid;
private String name;
private User owner;
private Date modStamp;
 
protected SystemUser()
{
77,20 → 74,6
this.owner = owner;
}
 
/**
*
* @hibernate.timestamp column="mod_stamp"
*/
public Date getModStamp()
{
return modStamp;
}
 
public void setModStamp(Date modStamp)
{
this.modStamp = modStamp;
}
 
public String getTypeKey()
{
return ak.hostcaptain.core.CoreResources.TYPE_SYSTEM_USER;
/sun/hostcaptain/trunk/src/ak/hostcaptain/core/model/GeneralModelObject.java
1,10 → 1,14
package ak.hostcaptain.core.model;
 
import java.util.Date;
 
public abstract class GeneralModelObject
implements ModelObject
{
private Boolean enabled;
private String comment;
private Date modStamp;
private User modUser;
 
/**
*
33,4 → 37,32
{
this.comment = comment;
}
 
/**
*
* @hibernate.timestamp column="mod_stamp"
*/
public Date getModStamp()
{
return modStamp;
}
 
protected void setModStamp(Date modStamp)
{
this.modStamp = modStamp;
}
 
/**
*
* @hibernate.many-to-one column="mod_user"
*/
public User getModUser()
{
return modUser;
}
 
protected void setModUser(User modUser)
{
this.modUser = modUser;
}
}
/sun/hostcaptain/trunk/src/ak/hostcaptain/core/model/MailboxManager.java
93,6 → 93,8
if(!mailbox.editableBy(editor))
throw new ModelSecurityException();
 
mailbox.setModUser(editor);
 
try {
HibernateUtil.currentSession().saveOrUpdate(mailbox);
}
/sun/hostcaptain/trunk/src/ak/hostcaptain/core/model/InetDomain.java
1,7 → 1,5
package ak.hostcaptain.core.model;
 
import java.util.Date;
 
/**
*
* @hibernate.class table="domains"
12,7 → 10,6
private Long id;
private String name;
private User owner;
private Date modStamp;
 
protected InetDomain()
{
60,20 → 57,6
this.owner = owner;
}
 
/**
*
* @hibernate.timestamp column="mod_stamp"
*/
public Date getModStamp()
{
return modStamp;
}
 
public void setModStamp(Date modStamp)
{
this.modStamp = modStamp;
}
 
public String getTypeKey()
{
return ak.hostcaptain.core.CoreResources.TYPE_DOMAIN;
/sun/hostcaptain/trunk/src/ak/hostcaptain/core/model/MailAliasManager.java
95,6 → 95,8
if(!mailAlias.editableBy(editor))
throw new ModelSecurityException();
 
mailAlias.setModUser(editor);
 
try {
HibernateUtil.currentSession().saveOrUpdate(mailAlias);
}
/sun/hostcaptain/trunk/src/ak/hostcaptain/core/model/MailAliasDestinationManager.java
74,6 → 74,8
if(!mailAliasDestination.editableBy(editor))
throw new ModelSecurityException();
 
mailAliasDestination.setModUser(editor);
 
try {
HibernateUtil.currentSession().saveOrUpdate(mailAliasDestination);
}
/sun/hostcaptain/trunk/src/ak/hostcaptain/core/model/UserManager.java
46,7 → 46,7
public boolean allowedToCreate(User editor)
throws ModelException
{
return editor.isSuperuser();
return User.allowedToCreate(this, editor);
}
 
public User get(User editor, Long id)
89,9 → 89,14
public void save(User editor, User user)
throws ModelException
{
if(!user.editableBy(editor))
if(!user.editableBy(editor) && !user.mayChangePassword(editor)
&& !user.mayChangeSuperuser(editor))
{
throw new ModelSecurityException();
}
 
user.setModUser(editor);
 
try {
HibernateUtil.currentSession().saveOrUpdate(user);
}
/sun/hostcaptain/trunk/src/ak/hostcaptain/core/model/Mailbox.java
1,6 → 1,5
package ak.hostcaptain.core.model;
 
import java.util.Date;
import ak.hostcaptain.util.Digest;
 
/**
18,7 → 17,6
private Boolean virusCheck;
private Boolean spamCheck;
private SystemUser systemUser;
private Date modStamp;
 
protected Mailbox()
{
144,20 → 142,6
this.systemUser = systemUser;
}
 
/**
*
* @hibernate.timestamp column="mod_stamp"
*/
public Date getModStamp()
{
return modStamp;
}
 
public void setModStamp(Date modStamp)
{
this.modStamp = modStamp;
}
 
public String getTypeKey()
{
return ak.hostcaptain.core.CoreResources.TYPE_MAILBOX;
/sun/hostcaptain/trunk/src/ak/hostcaptain/core/model/MailAlias.java
1,7 → 1,6
package ak.hostcaptain.core.model;
 
import java.util.Collection;
import java.util.Date;
 
/**
*
15,7 → 14,6
private InetDomain domain;
private User owner;
private Collection destinations; // Collection(MailAliasDestintion)
private Date modStamp;
 
protected MailAlias()
{
97,20 → 95,6
this.destinations = destinations;
}
 
/**
*
* @hibernate.timestamp column="mod_stamp"
*/
public Date getModStamp()
{
return modStamp;
}
 
public void setModStamp(Date modStamp)
{
this.modStamp = modStamp;
}
 
public String getTypeKey()
{
return ak.hostcaptain.core.CoreResources.TYPE_MAIL_ALIAS;
/sun/hostcaptain/trunk/src/ak/hostcaptain/core/model/MailAliasDestination.java
1,7 → 1,5
package ak.hostcaptain.core.model;
 
import java.util.Date;
 
/**
*
* @hibernate.class table="mailaliasdests"
13,7 → 11,6
private MailAlias alias;
private Mailbox mailbox;
private String email;
private Date modStamp;
 
protected MailAliasDestination()
{
75,20 → 72,6
this.email = email;
}
 
/**
*
* @hibernate.timestamp column="mod_stamp"
*/
public Date getModStamp()
{
return modStamp;
}
 
public void setModStamp(Date modStamp)
{
this.modStamp = modStamp;
}
 
public String getTypeKey()
{
return ak.hostcaptain.core.CoreResources.TYPE_MAIL_ALIAS_DESTINATION;
/sun/hostcaptain/trunk/src/ak/hostcaptain/core/model/SystemUserManager.java
109,6 → 109,8
if(!systemUser.editableBy(editor))
throw new ModelSecurityException();
 
systemUser.setModUser(editor);
 
try {
HibernateUtil.currentSession().saveOrUpdate(systemUser);
}
/sun/hostcaptain/trunk/src/ak/hostcaptain/core/model/User.java
1,7 → 1,8
package ak.hostcaptain.core.model;
 
import java.util.Date;
import ak.hostcaptain.util.Digest;
import ak.hostcaptain.util.ModelException;
import ak.hostcaptain.util.ModelSecurityException;
 
/**
*
15,7 → 16,6
private String password;
private User boss;
private Boolean superuser;
private Date modStamp;
 
protected User()
{
30,7 → 30,7
return id;
}
 
public void setId(Long id)
protected void setId(Long id)
{
this.id = id;
}
44,11 → 44,20
return login;
}
 
public void setLogin(String login)
protected void setLogin(String login)
{
this.login = login;
}
 
public void setLogin(User editor, String login)
throws ModelException
{
if(!editableBy(editor))
throw new ModelSecurityException();
 
this.login = login;
}
 
/**
*
* @hibernate.property
63,8 → 72,12
this.password = password;
}
 
public void setNewPassword(String password)
public void setPassword(User editor, String password)
throws ModelException
{
if(!mayChangePassword(editor))
throw new ModelSecurityException();
 
if(password == null)
throw new NullPointerException("Null password");
 
93,11 → 106,20
return boss;
}
 
public void setBoss(User boss)
protected void setBoss(User boss)
{
this.boss = boss;
}
 
public void setBoss(User editor, User boss)
throws ModelException
{
if(!editableBy(editor))
throw new ModelSecurityException();
 
this.boss = boss;
}
 
/**
*
* @hibernate.property
112,28 → 134,23
return (superuser != null) && superuser.booleanValue();
}
 
public void setSuperuser(Boolean superuser)
protected void setSuperuser(Boolean superuser)
{
this.superuser = superuser;
}
 
/**
*
* @hibernate.timestamp column="mod_stamp"
*/
public Date getModStamp()
{
return modStamp;
}
public void setSuperuser(User editor, Boolean superuser)
throws ModelException
{
if(!mayChangeSuperuser(editor))
throw new ModelSecurityException();
 
public void setModStamp(Date modStamp)
{
this.modStamp = modStamp;
}
this.superuser = superuser;
}
 
public boolean equals(Object o)
{
if(!(o instanceof User)) return false;
if(o == null || !(o instanceof User)) return false;
 
User u = (User)o;
return (id != null) && (u.getId() != null) && (id.equals(u.getId()));
174,6 → 191,22
 
public boolean deleteableBy(User user)
{
return user.isSuperuser();
return user.isSuperuser() || user.equals(boss);
}
 
public boolean mayChangePassword(User user)
{
return user.isSuperuser() || user.equals(boss) || user.equals(this);
}
 
public boolean mayChangeSuperuser(User user)
{
return user.isSuperuser() && !user.equals(this);
}
 
protected static boolean allowedToCreate(UserManager manager, User editor)
throws ModelException
{
return editor.isSuperuser();
}
}
/sun/hostcaptain/trunk/src/ak/hostcaptain/core/model/InetDomainManager.java
92,6 → 92,8
if(!inetDomain.editableBy(editor))
throw new ModelSecurityException();
 
inetDomain.setModUser(editor);
 
try {
HibernateUtil.currentSession().saveOrUpdate(inetDomain);
}
/sun/hostcaptain/trunk/src/ak/hostcaptain/core/taglib/DeleteableTag.java
1,12 → 1,7
package ak.hostcaptain.core.taglib;
 
import javax.servlet.http.HttpServletRequest;
import javax.servlet.jsp.JspException;
import javax.servlet.jsp.tagext.TagSupport;
 
import ak.hostcaptain.core.model.User;
import ak.hostcaptain.core.model.InetDomain;
 
public class DeleteableTag
extends RightTagBase
{
/sun/hostcaptain/trunk/src/ak/hostcaptain/core/taglib/NotDeleteableTag.java
1,12 → 1,7
package ak.hostcaptain.core.taglib;
 
import javax.servlet.http.HttpServletRequest;
import javax.servlet.jsp.JspException;
import javax.servlet.jsp.tagext.TagSupport;
 
import ak.hostcaptain.core.model.User;
import ak.hostcaptain.core.model.InetDomain;
 
public class NotDeleteableTag
extends RightTagBase
{
/sun/hostcaptain/trunk/src/ak/hostcaptain/core/taglib/RightTagBase.java
40,8 → 40,10
user = (User)RequestUtils.lookup(pageContext, "user", "session");
 
Object obj = RequestUtils.lookup(pageContext, name, null);
if(obj == null)
throw new JspException(name + " is null");
if(!(obj instanceof ModelObject))
throw new JspException("Must be a ModelObject");
throw new JspException(name + " must be a ModelObject, but is " + obj.getClass());
 
object = (ModelObject)obj;
 
/sun/hostcaptain/trunk/src/ak/hostcaptain/core/taglib/EditableTag.java
1,12 → 1,7
package ak.hostcaptain.core.taglib;
 
import javax.servlet.http.HttpServletRequest;
import javax.servlet.jsp.JspException;
import javax.servlet.jsp.tagext.TagSupport;
 
import ak.hostcaptain.core.model.User;
import ak.hostcaptain.core.model.InetDomain;
 
public class EditableTag
extends RightTagBase
{
/sun/hostcaptain/trunk/src/ak/hostcaptain/core/taglib/NotEditableTag.java
1,12 → 1,7
package ak.hostcaptain.core.taglib;
 
import javax.servlet.http.HttpServletRequest;
import javax.servlet.jsp.JspException;
import javax.servlet.jsp.tagext.TagSupport;
 
import ak.hostcaptain.core.model.User;
import ak.hostcaptain.core.model.InetDomain;
 
public class NotEditableTag
extends RightTagBase
{
/sun/hostcaptain/trunk/src/ak/hostcaptain/core/taglib/MethodTagBase.java
0,0 → 1,63
package ak.hostcaptain.core.taglib;
 
import java.lang.reflect.Method;
import javax.servlet.jsp.JspException;
 
import ak.hostcaptain.core.model.User;
import org.apache.struts.util.RequestUtils;
 
public abstract class MethodTagBase
extends RightTagBase
{
protected String method;
 
public String getMethod()
{
return method;
}
 
public void setMethod(String method)
{
this.method = method;
}
 
public void release()
{
super.release();
method = null;
}
 
protected boolean condition()
throws JspException
{
Method m;
Object value;
 
// find method
try {
m = object.getClass().getMethod(method, new Class[] { User.class } );
}
catch(NoSuchMethodException ex) {
throw new JspException("Method " + method
+ " with parameter of type user not found");
}
 
// invoke it
try {
value = m.invoke(object, new Object[] { user } );
}
catch(Exception ex) {
throw new JspException("Cannot call " + method + ": " + ex.getMessage());
}
 
// check value type
if(!(value instanceof Boolean))
throw new JspException("Return type of method " + method
+ " must be java.lang.Boolean");
 
return condition(((Boolean)value).booleanValue());
}
 
protected abstract boolean condition(boolean value)
throws JspException;
}
/sun/hostcaptain/trunk/src/ak/hostcaptain/core/taglib/NoRightsTag.java
0,0 → 1,15
package ak.hostcaptain.core.taglib;
 
import javax.servlet.jsp.JspException;
 
import org.apache.struts.util.RequestUtils;
 
public class NoRightsTag
extends MethodTagBase
{
protected boolean condition(boolean value)
throws JspException
{
return !value;
}
}
/sun/hostcaptain/trunk/src/ak/hostcaptain/core/taglib/ViewableTag.java
1,12 → 1,7
package ak.hostcaptain.core.taglib;
 
import javax.servlet.http.HttpServletRequest;
import javax.servlet.jsp.JspException;
import javax.servlet.jsp.tagext.TagSupport;
 
import ak.hostcaptain.core.model.User;
import ak.hostcaptain.core.model.InetDomain;
 
public class ViewableTag
extends RightTagBase
{
/sun/hostcaptain/trunk/src/ak/hostcaptain/core/taglib/NotViewableTag.java
1,12 → 1,7
package ak.hostcaptain.core.taglib;
 
import javax.servlet.http.HttpServletRequest;
import javax.servlet.jsp.JspException;
import javax.servlet.jsp.tagext.TagSupport;
 
import ak.hostcaptain.core.model.User;
import ak.hostcaptain.core.model.InetDomain;
 
public class NotViewableTag
extends RightTagBase
{
/sun/hostcaptain/trunk/src/ak/hostcaptain/core/taglib/RightsTag.java
0,0 → 1,15
package ak.hostcaptain.core.taglib;
 
import javax.servlet.jsp.JspException;
 
import org.apache.struts.util.RequestUtils;
 
public class RightsTag
extends MethodTagBase
{
protected boolean condition(boolean value)
throws JspException
{
return value;
}
}