Classes in this File | Line Coverage | Branch Coverage | Complexity | ||||
ManageUsersAction |
|
| 4.5;4.5 |
1 | /* | |
2 | * Copyright (c) 2003-2011, Simon Brown | |
3 | * All rights reserved. | |
4 | * | |
5 | * Redistribution and use in source and binary forms, with or without | |
6 | * modification, are permitted provided that the following conditions are met: | |
7 | * | |
8 | * - Redistributions of source code must retain the above copyright | |
9 | * notice, this list of conditions and the following disclaimer. | |
10 | * | |
11 | * - Redistributions in binary form must reproduce the above copyright | |
12 | * notice, this list of conditions and the following disclaimer in | |
13 | * the documentation and/or other materials provided with the | |
14 | * distribution. | |
15 | * | |
16 | * - Neither the name of Pebble nor the names of its contributors may | |
17 | * be used to endorse or promote products derived from this software | |
18 | * without specific prior written permission. | |
19 | * | |
20 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" | |
21 | * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | |
22 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | |
23 | * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE | |
24 | * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR | |
25 | * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF | |
26 | * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS | |
27 | * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN | |
28 | * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | |
29 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE | |
30 | * POSSIBILITY OF SUCH DAMAGE. | |
31 | */ | |
32 | package net.sourceforge.pebble.web.action; | |
33 | ||
34 | import net.sourceforge.pebble.Constants; | |
35 | import net.sourceforge.pebble.PebbleContext; | |
36 | import net.sourceforge.pebble.domain.AbstractBlog; | |
37 | import net.sourceforge.pebble.security.SecurityRealm; | |
38 | import net.sourceforge.pebble.security.SecurityRealmException; | |
39 | import net.sourceforge.pebble.web.security.RequireSecurityToken; | |
40 | import net.sourceforge.pebble.web.view.RedirectView; | |
41 | import net.sourceforge.pebble.web.view.View; | |
42 | import org.apache.commons.logging.Log; | |
43 | import org.apache.commons.logging.LogFactory; | |
44 | ||
45 | import javax.servlet.ServletException; | |
46 | import javax.servlet.http.HttpServletRequest; | |
47 | import javax.servlet.http.HttpServletResponse; | |
48 | ||
49 | /** | |
50 | * Allows the user to manage users. | |
51 | * | |
52 | * @author Simon Brown | |
53 | */ | |
54 | @RequireSecurityToken | |
55 | 0 | public class ManageUsersAction extends SecureAction { |
56 | ||
57 | /** the log used by this class */ | |
58 | 0 | private static final Log log = LogFactory.getLog(ManageUsersAction.class); |
59 | ||
60 | /** | |
61 | * Peforms the processing associated with this action. | |
62 | * | |
63 | * @param request the HttpServletRequest instance | |
64 | * @param response the HttpServletResponse instance | |
65 | * @return the name of the next view | |
66 | */ | |
67 | public View process(HttpServletRequest request, HttpServletResponse response) throws ServletException { | |
68 | try { | |
69 | 0 | AbstractBlog blog = (AbstractBlog)getModel().get(Constants.BLOG_KEY); |
70 | 0 | String usernames[] = request.getParameterValues("user"); |
71 | 0 | String submit = request.getParameter("submit"); |
72 | ||
73 | 0 | SecurityRealm realm = PebbleContext.getInstance().getConfiguration().getSecurityRealm(); |
74 | 0 | if (usernames != null) { |
75 | 0 | for (String username : usernames) { |
76 | 0 | if (submit.equalsIgnoreCase("Remove")) { |
77 | 0 | realm.removeUser(username); |
78 | 0 | } else if (submit.equalsIgnoreCase("Reset Password")) { |
79 | 0 | realm.changePassword(username, "password"); |
80 | } | |
81 | } | |
82 | } | |
83 | ||
84 | 0 | return new RedirectView(blog.getUrl() + "viewUsers.secureaction"); |
85 | 0 | } catch (SecurityRealmException e) { |
86 | 0 | throw new ServletException(e); |
87 | } | |
88 | } | |
89 | ||
90 | /** | |
91 | * Gets a list of all roles that are allowed to access this action. | |
92 | * | |
93 | * @return an array of Strings representing role names | |
94 | * @param request | |
95 | */ | |
96 | public String[] getRoles(HttpServletRequest request) { | |
97 | 0 | return new String[]{Constants.BLOG_ADMIN_ROLE}; |
98 | } | |
99 | ||
100 | } |