Source code

001// --------------------------------------------------------------------------------
002// Copyright 2002-2025 Echo Three, LLC
003//
004// Licensed under the Apache License, Version 2.0 (the "License");
005// you may not use this file except in compliance with the License.
006// You may obtain a copy of the License at
007//
008//     http://www.apache.org/licenses/LICENSE-2.0
009//
010// Unless required by applicable law or agreed to in writing, software
011// distributed under the License is distributed on an "AS IS" BASIS,
012// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
013// See the License for the specific language governing permissions and
014// limitations under the License.
015// --------------------------------------------------------------------------------
016
017package com.echothree.view.client.web.struts;
018
019import com.echothree.control.user.security.common.SecurityUtil;
020import com.echothree.control.user.security.common.result.CheckSecurityRolesResult;
021import com.echothree.model.data.user.common.pk.UserVisitPK;
022import com.echothree.util.common.command.CommandResult;
023import com.echothree.view.client.web.WebConstants;
024import com.echothree.view.client.web.taglib.TagConstants;
025import com.google.common.base.Splitter;
026import java.util.HashSet;
027import java.util.Map;
028import javax.naming.NamingException;
029import javax.servlet.http.HttpServletRequest;
030import org.apache.struts.action.Action;
031import org.apache.struts.taglib.html.Constants;
032import org.displaytag.tags.TableTagParameters;
033import org.displaytag.util.ParamEncoder;
034
035public abstract class BaseAction
036        extends Action {
037    
038    public static UserVisitPK getUserVisitPK(HttpServletRequest request) {
039        var httpSession = request.getSession(true);
040        
041        return (UserVisitPK)httpSession.getAttribute(WebConstants.Session_USER_VISIT);
042    }
043    
044    protected CommandResult setCommandResultAttribute(HttpServletRequest request, CommandResult commandResult) {
045        request.setAttribute(TagConstants.CommandResultName, commandResult);
046        
047        return commandResult;
048    }
049    
050    public static boolean wasOptions(HttpServletRequest request) {
051        return request.getMethod().equals(WebConstants.Method_OPTIONS);
052    }
053    
054    public static boolean wasGet(HttpServletRequest request) {
055        return request.getMethod().equals(WebConstants.Method_GET);
056    }
057    
058    public static boolean wasPost(HttpServletRequest request) {
059        return request.getMethod().equals(WebConstants.Method_POST);
060    }
061    
062    public static boolean wasCanceled(HttpServletRequest request) {
063        var submitButtonValue = request.getParameter(WebConstants.Parameter_SUBMIT_BUTTON);
064        var wasCanceled = false;
065        
066        if(submitButtonValue != null) {
067            if(submitButtonValue.equals(Constants.CANCEL_PROPERTY)) {
068                wasCanceled = true;
069            }
070        }
071        
072        return wasCanceled;
073    }
074    
075    public void setupDtAttributes(HttpServletRequest request, String dtIdAttribute) {
076        var paramEncoder = new ParamEncoder(dtIdAttribute);
077        
078        request.setAttribute(WebConstants.Attribute_DT_ID_ATTRIBUTE, dtIdAttribute);
079        request.setAttribute(WebConstants.Attribute_DT_SORT_PARAMETER, request.getParameter(paramEncoder.encodeParameterName(TableTagParameters.PARAMETER_SORT)));
080        request.setAttribute(WebConstants.Attribute_DT_PAGE_PARAMETER, request.getParameter(paramEncoder.encodeParameterName(TableTagParameters.PARAMETER_PAGE)));
081        request.setAttribute(WebConstants.Attribute_DT_ORDER_PARAMETER, request.getParameter(paramEncoder.encodeParameterName(TableTagParameters.PARAMETER_ORDER)));
082    }
083    
084    public void setupDtParameters(Map<String, String> parameters, BaseActionForm actionForm) {
085        var paramEncoder = new ParamEncoder(actionForm.getDtIdAttribute());
086        var dtSortParameter = actionForm.getDtSortParameter();
087        var dtPageParameter = actionForm.getDtPageParameter();
088        var dtOrderParameter = actionForm.getDtOrderParameter();
089        
090        if(dtSortParameter != null && dtSortParameter.length() > 0) {
091            parameters.put(paramEncoder.encodeParameterName(TableTagParameters.PARAMETER_SORT), dtSortParameter);
092        }
093        
094        if(dtPageParameter != null && dtPageParameter.length() > 0) {
095            parameters.put(paramEncoder.encodeParameterName(TableTagParameters.PARAMETER_PAGE), dtPageParameter);
096        }
097        
098        if(dtOrderParameter != null && dtOrderParameter.length() > 0) {
099            parameters.put(paramEncoder.encodeParameterName(TableTagParameters.PARAMETER_ORDER), dtOrderParameter);
100        }
101    }
102
103    public void checkSecurityRoles(HttpServletRequest request, String securityRoles)
104            throws NamingException {
105        String newSecurityRoles = null;
106        var pageSecurityRoles = (HashSet<String>)request.getAttribute(WebConstants.Attribute_SECURITY_ROLES);
107        var commandForm = SecurityUtil.getHome().getCheckSecurityRolesForm();
108
109        commandForm.setSecurityRoles(securityRoles);
110
111        var commandResult = SecurityUtil.getHome().checkSecurityRoles(getUserVisitPK(request), commandForm);
112
113        if(!commandResult.hasErrors()) {
114            var executionResult = commandResult.getExecutionResult();
115            var checkSecurityRolesResult = (CheckSecurityRolesResult)executionResult.getResult();
116            newSecurityRoles = checkSecurityRolesResult.getSecurityRoles();
117        }
118
119        if(newSecurityRoles != null) {
120            var newSecurityRolesArray = Splitter.on(':').trimResults().omitEmptyStrings().splitToList(newSecurityRoles).toArray(new String[0]);
121            var newSecurityRolesArrayLength = newSecurityRolesArray.length;
122
123            if(pageSecurityRoles == null) {
124                pageSecurityRoles = new HashSet<>(newSecurityRolesArrayLength);
125            }
126
127            for(var i = 0; i < newSecurityRolesArrayLength; i++) {
128                pageSecurityRoles.add(newSecurityRolesArray[i]);
129            }
130        }
131
132        request.setAttribute(WebConstants.Attribute_SECURITY_ROLES, pageSecurityRoles);
133    }
134
135    public boolean hasSecurityRole(HttpServletRequest request, String securityRoles) {
136        var pageSecurityRoles = (HashSet<String>)request.getAttribute(WebConstants.Attribute_SECURITY_ROLES);
137        var securityRoleFound = false;
138
139        if(pageSecurityRoles != null && securityRoles != null) {
140            var securityRolesToCheck = Splitter.on(':').trimResults().omitEmptyStrings().splitToList(securityRoles).toArray(new String[0]);
141            var securityRolesToCheckLength = securityRolesToCheck.length;
142
143            for(var i = 0; i < securityRolesToCheckLength; i++) {
144                if(pageSecurityRoles.contains(securityRolesToCheck[i])) {
145                    securityRoleFound = true;
146                    break;
147                }
148            }
149        }
150
151        return securityRoleFound;
152    }
153    
154}