Search in sources :

Example 1 with UserGroupService

use of org.cerberus.crud.service.impl.UserGroupService in project cerberus-source by cerberustesting.

the class CreateUser method processRequest.

/**
 * Processes requests for both HTTP <code>GET</code> and <code>POST</code>
 * methods.
 *
 * @param request servlet request
 * @param response servlet response
 * @throws ServletException if a servlet-specific error occurs
 * @throws IOException if an I/O error occurs
 */
protected void processRequest(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException, CerberusException, JSONException {
    ApplicationContext appContext = WebApplicationContextUtils.getWebApplicationContext(this.getServletContext());
    JSONObject jsonResponse = new JSONObject();
    Answer ans = new Answer();
    MessageEvent msg = new MessageEvent(MessageEventEnum.DATA_OPERATION_ERROR_UNEXPECTED);
    msg.setDescription(msg.getDescription().replace("%DESCRIPTION%", ""));
    ans.setResultMessage(msg);
    PolicyFactory policy = Sanitizers.FORMATTING.and(Sanitizers.LINKS);
    String charset = request.getCharacterEncoding();
    IParameterService parameterService = appContext.getBean(ParameterService.class);
    IEmailService emailService = appContext.getBean(IEmailService.class);
    String system = "";
    String password = parameterService.findParameterByKey("cerberus_accountcreation_defaultpassword", system).getValue();
    String newPassword = ParameterParserUtil.parseStringParam(request.getParameter("newPassword"), "Y");
    String login = ParameterParserUtil.parseStringParamAndDecodeAndSanitize(request.getParameter("login"), "", charset);
    String email = ParameterParserUtil.parseStringParamAndDecode(request.getParameter("email"), "", charset);
    String defaultSystem = ParameterParserUtil.parseStringParamAndDecodeAndSanitize(request.getParameter("defaultSystem"), "", charset);
    String name = ParameterParserUtil.parseStringParamAndDecodeAndSanitize(request.getParameter("name"), "", charset);
    String team = ParameterParserUtil.parseStringParamAndDecodeAndSanitize(request.getParameter("team"), "", charset);
    JSONArray JSONSystems = new JSONArray(ParameterParserUtil.parseStringParam(request.getParameter("systems"), null));
    JSONArray JSONGroups = new JSONArray(ParameterParserUtil.parseStringParam(request.getParameter("groups"), null));
    boolean userHasPermissions = request.isUserInRole("Administrator");
    /**
     * Checking all constrains before calling the services.
     */
    if (StringUtil.isNullOrEmpty(login)) {
        msg = new MessageEvent(MessageEventEnum.DATA_OPERATION_ERROR_EXPECTED);
        msg.setDescription(msg.getDescription().replace("%ITEM%", "User").replace("%OPERATION%", "Create").replace("%REASON%", "User name is missing!"));
        ans.setResultMessage(msg);
    } else if (!userHasPermissions) {
        msg = new MessageEvent(MessageEventEnum.DATA_OPERATION_ERROR_EXPECTED);
        msg.setDescription(msg.getDescription().replace("%ITEM%", "User").replace("%OPERATION%", "Create").replace("%REASON%", "You don't have the right to do that"));
        ans.setResultMessage(msg);
    } else {
        /**
         * All data seems cleans so we can call the services.
         */
        IUserService userService = appContext.getBean(IUserService.class);
        IFactoryUser factoryUser = appContext.getBean(IFactoryUser.class);
        IFactoryUserGroup factoryGroup = new FactoryUserGroup();
        IFactoryUserSystem userSystemFactory = appContext.getBean(IFactoryUserSystem.class);
        IUserGroupService userGroupService = appContext.getBean(UserGroupService.class);
        IUserSystemService userSystemService = appContext.getBean(IUserSystemService.class);
        LinkedList<UserGroup> newGroups = new LinkedList<>();
        for (int i = 0; i < JSONGroups.length(); i++) {
            newGroups.add(factoryGroup.create(login, JSONGroups.getString(i)));
        }
        LinkedList<UserSystem> newSystems = new LinkedList<>();
        for (int i = 0; i < JSONSystems.length(); i++) {
            newSystems.add(userSystemFactory.create(login, JSONSystems.getString(i)));
        }
        User userData = factoryUser.create(0, login, password, "", newPassword, name, team, "en", "", "", "", "", "", "", "", defaultSystem, email, null, null);
        ans = userService.create(userData);
        if (ans.isCodeEquals(MessageEventEnum.DATA_OPERATION_OK.getCode())) {
            /**
             * Send Email to explain how to connect Cerberus if
             * activateNotification is set to Y
             */
            String sendNotification = parameterService.findParameterByKey("cerberus_notification_accountcreation_activatenotification", system).getValue();
            if (sendNotification.equalsIgnoreCase("Y")) {
                Answer msgSent = new Answer(emailService.generateAndSendAccountCreationEmail(userData));
                ans = AnswerUtil.agregateAnswer(ans, msgSent);
            }
            /**
             * Object updated. Adding Log entry.
             */
            ILogEventService logEventService = appContext.getBean(LogEventService.class);
            logEventService.createForPrivateCalls("/CreateUser", "CREATE", "Create User : ['" + login + "']", request);
            ans = AnswerUtil.agregateAnswer(ans, userGroupService.updateGroupsByUser(userData, newGroups));
            ans = AnswerUtil.agregateAnswer(ans, userSystemService.updateSystemsByUser(userData, newSystems));
        }
    }
    /**
     * Formating and returning the json result.
     */
    jsonResponse.put("messageType", ans.getResultMessage().getMessage().getCodeString());
    jsonResponse.put("message", ans.getResultMessage().getDescription());
    response.getWriter().print(jsonResponse);
    response.getWriter().flush();
}
Also used : User(org.cerberus.crud.entity.User) IFactoryUser(org.cerberus.crud.factory.IFactoryUser) PolicyFactory(org.owasp.html.PolicyFactory) MessageEvent(org.cerberus.engine.entity.MessageEvent) JSONArray(org.json.JSONArray) LogEventService(org.cerberus.crud.service.impl.LogEventService) LinkedList(java.util.LinkedList) FactoryUserGroup(org.cerberus.crud.factory.impl.FactoryUserGroup) IFactoryUserGroup(org.cerberus.crud.factory.IFactoryUserGroup) Answer(org.cerberus.util.answer.Answer) ApplicationContext(org.springframework.context.ApplicationContext) JSONObject(org.json.JSONObject) UserGroupService(org.cerberus.crud.service.impl.UserGroupService) IFactoryUserSystem(org.cerberus.crud.factory.IFactoryUserSystem) IFactoryUserGroup(org.cerberus.crud.factory.IFactoryUserGroup) IEmailService(org.cerberus.service.email.IEmailService) IFactoryUser(org.cerberus.crud.factory.IFactoryUser)

Aggregations

LinkedList (java.util.LinkedList)1 User (org.cerberus.crud.entity.User)1 IFactoryUser (org.cerberus.crud.factory.IFactoryUser)1 IFactoryUserGroup (org.cerberus.crud.factory.IFactoryUserGroup)1 IFactoryUserSystem (org.cerberus.crud.factory.IFactoryUserSystem)1 FactoryUserGroup (org.cerberus.crud.factory.impl.FactoryUserGroup)1 LogEventService (org.cerberus.crud.service.impl.LogEventService)1 UserGroupService (org.cerberus.crud.service.impl.UserGroupService)1 MessageEvent (org.cerberus.engine.entity.MessageEvent)1 IEmailService (org.cerberus.service.email.IEmailService)1 Answer (org.cerberus.util.answer.Answer)1 JSONArray (org.json.JSONArray)1 JSONObject (org.json.JSONObject)1 PolicyFactory (org.owasp.html.PolicyFactory)1 ApplicationContext (org.springframework.context.ApplicationContext)1