source: trunk/www/admin/users/index.jsp @ 3005

Last change on this file since 3005 was 3005, checked in by Martin Svensson, 17 years ago

Fixes #455 Empty date field is not accepted at several places.
  • Property svn:eol-style set to native
  • Property svn:keywords set to Id
File size: 13.7 KB
Line 
1<%-- $Id: index.jsp 3005 2006-12-07 08:25:06Z martin $
2  ------------------------------------------------------------------
3  Copyright (C) Authors contributing to this file.
4
5  This file is part of BASE - BioArray Software Environment.
6  Available at http://base.thep.lu.se/
7
8  BASE is free software; you can redistribute it and/or
9  modify it under the terms of the GNU General Public License
10  as published by the Free Software Foundation; either version 2
11  of the License, or (at your option) any later version.
12
13  BASE is distributed in the hope that it will be useful,
14  but WITHOUT ANY WARRANTY; without even the implied warranty of
15  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
16  GNU General Public License for more details.
17
18  You should have received a copy of the GNU General Public License
19  along with this program; if not, write to the Free Software
20  Foundation, Inc., 59 Temple Place - Suite 330,
21  Boston, MA  02111-1307, USA.
22  ------------------------------------------------------------------
23
24  @author Nicklas
25  @version 2.0
26--%>
27<%@ page session="false"
28  import="net.sf.basedb.core.SessionControl"
29  import="net.sf.basedb.core.DbControl"
30  import="net.sf.basedb.core.Item"
31  import="net.sf.basedb.core.Include"
32  import="net.sf.basedb.core.Group"
33  import="net.sf.basedb.core.User"
34  import="net.sf.basedb.core.Role"
35  import="net.sf.basedb.core.Quota"
36  import="net.sf.basedb.core.Directory"
37  import="net.sf.basedb.core.ItemQuery"
38  import="net.sf.basedb.core.Permission"
39  import="net.sf.basedb.core.ItemContext"
40  import="net.sf.basedb.core.MultiPermissions"
41  import="net.sf.basedb.core.PermissionDeniedException"
42  import="net.sf.basedb.core.ItemAlreadyExistsException"
43  import="net.sf.basedb.core.DatabaseException"
44  import="net.sf.basedb.util.RemovableUtil"
45  import="net.sf.basedb.clients.web.Base"
46  import="net.sf.basedb.clients.web.WebException"
47  import="net.sf.basedb.util.Values"
48  import="net.sf.basedb.clients.web.util.HTML"
49  import="net.sf.basedb.util.formatter.Formatter"
50  import="net.sf.basedb.clients.web.formatter.FormatterFactory"
51  import="java.util.Date"
52  import="java.util.Enumeration"
53  import="java.util.Set"
54  import="java.util.HashSet"
55  import="java.util.List"
56  import="java.util.ArrayList"
57  import="java.util.Collections"
58%>
59<%@ taglib prefix="base" uri="/WEB-INF/base.tld" %>
60<%!
61  private static final ItemContext defaultContext = Base.createDefaultContext("name", "name,login,expirationDate,groups,roles,email,description");
62  private static final Item itemType = Item.USER;
63%>
64<%
65final SessionControl sc = Base.getExistingSessionControl(pageContext, true);
66final String ID = sc.getId();
67final String cmd = request.getParameter("cmd");
68final String root = request.getContextPath()+"/";
69final String mode = request.getParameter("mode");
70final String callback = request.getParameter("callback");
71final String itemId = request.getParameter("item_id");
72final String listPage = "list_users.jsp?ID="+ID
73  +(mode == null ? "" : "&mode="+mode)
74  +(callback == null ? "" : "&callback="+callback)
75  +(itemId == null ? "" : "&item_id="+itemId);
76final String viewPage = "view_user.jsp?ID="+ID;
77final String editPage = "edit_user.jsp?ID="+ID;
78
79String forward = null;
80String redirect = null;
81String message = null;
82DbControl dc = null;
83
84try
85{
86  if (cmd == null || "List".equals(cmd))
87  {
88    // Display the list page without updatinging the current context
89    Base.getAndSetCurrentContext(sc, itemType, null, defaultContext, true);
90    redirect = listPage;
91  }
92  else if ("UpdateContext".equals(cmd))
93  {
94    // Display the list page after updating the current context from the request parameters
95    Base.getAndSetCurrentContext(sc, itemType, pageContext, defaultContext);
96    redirect = listPage;
97  }
98  else if ("LoadContext".equals(cmd))
99  {
100    // Display the list page after loading a saved context
101    int contextId = Values.getInt(request.getParameter("context"));
102    Base.loadContext(sc, contextId, defaultContext);
103    redirect = listPage;
104  }
105
106  else if ("ViewItem".equals(cmd))
107  {
108    // Display the view page for a single item
109    ItemContext cc = Base.getAndSetCurrentContext(sc, itemType, pageContext, defaultContext);
110    forward = viewPage;
111  }
112  else if ("EditItem".equals(cmd))
113  {
114    // Display the edit page for a single item (should be opened in a popup)
115    ItemContext cc = Base.getAndSetCurrentContext(sc, itemType, pageContext, defaultContext);
116    redirect = editPage;
117  }
118  else if ("NewItem".equals(cmd))
119  {
120    // Display the edit page for a new item (should be opened in a popup)
121    if (!sc.hasPermission(Permission.CREATE, itemType))
122    {
123      throw new PermissionDeniedException(Permission.CREATE, itemType.toString());
124    }
125    ItemContext cc = Base.getAndSetCurrentContext(sc, itemType, pageContext, defaultContext);
126    cc.setId(0);
127    redirect = editPage;
128  }
129  else if ("UpdateItem".equals(cmd))
130  {
131    // Update the properties on an item (will close the popup)
132    ItemContext cc = Base.getAndSetCurrentContext(sc, itemType, null, defaultContext);
133    dc = sc.newDbControl();
134   
135    final String email = Values.getStringOrNull(request.getParameter("email"));
136    if (email != null && !HTML.isValidEmail(email))
137    {
138      throw new WebException("popup", "Invalid email address",
139        "The email address {1} is not a valid email address.",
140        HTML.encodeTags(email)
141      );
142    }
143    final String login = Values.getStringOrNull(request.getParameter("login"));
144    final String password = Values.getStringOrNull(request.getParameter("new_password"));
145
146    User user = (User)cc.getObject("item");
147    if (user == null)
148    {
149      user = User.getNew(dc, login, password);
150      message = "User created";
151      dc.saveItem(user);
152    }
153    else
154    {
155      dc.reattachItem(user);
156      user.setLogin(login);
157      if (password != null) user.setPassword(password);
158      message = "User updated";
159    }
160    user.setName(Values.getStringOrNull(request.getParameter("name")));
161    user.setExternalId(Values.getStringOrNull(request.getParameter("external_id")));
162
163    int quotaId = Values.getInt(request.getParameter("quota_id"), -1);
164    if (quotaId >= 0) // < 0 = denied or unchanged
165    {
166      user.setQuota(quotaId == 0 ? null : Quota.getById(dc, quotaId));
167    }
168    int quotaGroupId = Values.getInt(request.getParameter("quotagroup_id"), -1);
169    if (quotaGroupId >= 0) // < 0 = denied or unchanged
170    {
171      user.setQuotaGroup(quotaGroupId == 0 ? null : Group.getById(dc, quotaGroupId));
172    }
173    String homeDirectory = request.getParameter("homedirectory_id");
174    if ("new".equals(homeDirectory))
175    {
176      Directory.createHomeDirectory(dc, user, false);
177    }
178    else if ("template".equals(homeDirectory))
179    {
180      Directory.createHomeDirectory(dc, user, true);
181    }
182    else
183    {
184      int homeDirectoryId = Values.getInt(homeDirectory, -1);
185      if (homeDirectoryId >= 0) // < 0 = denied or unchanged
186      {
187        user.setHomeDirectory(homeDirectoryId == 0 ? null : Directory.getById(dc, homeDirectoryId));
188      }
189    }
190   
191    Formatter<Date> dateFormatter = FormatterFactory.getDateFormatter(sc);
192    user.setExpirationDate(dateFormatter.parseString(Values.getStringOrNull(request.getParameter("expiration_date"))));
193    user.setMultiuserAccount(Values.getBoolean(request.getParameter("multiuser_account")));
194    user.setDisabled(Values.getBoolean(request.getParameter("disabled")));
195   
196    // Contact information
197    user.setEmail(email);
198    user.setOrganisation(Values.getStringOrNull(request.getParameter("organisation")));
199    user.setAddress(Values.getStringOrNull(request.getParameter("address")));
200    user.setPhone(Values.getStringOrNull(request.getParameter("phone")));
201    user.setFax(Values.getStringOrNull(request.getParameter("fax")));
202    user.setUrl(Values.getStringOrNull(request.getParameter("url")));
203    user.setDescription(Values.getStringOrNull(request.getParameter("description")));
204
205    // Membership
206    String[] removeGroups = Values.getString(request.getParameter("removeGroups")).split(",");
207    for (int i = 0; i < removeGroups.length; ++i)
208    {
209      int groupId = Values.getInt(removeGroups[i], -1);
210      if (groupId != -1) Group.getById(dc, groupId).removeUser(user);
211    }
212   
213    String[] addGroups = Values.getString(request.getParameter("addGroups")).split(",");
214    for (int i = 0; i < addGroups.length; ++i)
215    {
216      int groupId = Values.getInt(addGroups[i], -1);
217      if (groupId != -1) Group.getById(dc, groupId).addUser(user);
218    }
219
220    String[] removeRoles = Values.getString(request.getParameter("removeRoles")).split(",");
221    for (int i = 0; i < removeRoles.length; ++i)
222    {
223      int roleId = Values.getInt(removeRoles[i], -1);
224      if (roleId != -1) Role.getById(dc, roleId).removeUser(user);
225    }
226   
227    String[] addRoles = Values.getString(request.getParameter("addRoles")).split(",");
228    for (int i = 0; i < addRoles.length; ++i)
229    {
230      int roleId = Values.getInt(addRoles[i], -1);
231      if (roleId != -1) Role.getById(dc, roleId).addUser(user);
232    }
233    try
234    {
235      dc.commit();
236    }
237    catch (DatabaseException dbex)
238    {
239      dc = sc.newDbControl();
240      user = User.getById(dc, user.getId()); 
241      if (login != null && !login.equals(user.getLogin()) && User.loginIsUsed(dc, login))
242      {
243        throw new ItemAlreadyExistsException("User[login=" + login + "]");
244      }
245      String externalId = Values.getStringOrNull(request.getParameter("external_id"));
246      if (externalId != null && !externalId.equals(user.getExternalId()) && User.externalIdIsUsed(dc, externalId))
247      {
248        throw new ItemAlreadyExistsException("User[externalId=" + externalId + "]");
249      }
250      throw dbex;
251    }
252    cc.removeObject("item");
253  }
254  else if ("DeleteItem".equals(cmd))
255  {
256    // Delete a single item and then return to the view page
257    dc = sc.newDbControl();
258    ItemContext cc = Base.getAndSetCurrentContext(sc, itemType, pageContext, defaultContext);
259    RemovableUtil.setRemoved(dc, itemType, Collections.singleton(cc.getId()), true);
260    dc.commit();
261    redirect = viewPage;
262  }
263  else if ("DeleteItems".equals(cmd))
264  {
265    // Delete all selected items on the list page
266    dc = sc.newDbControl();
267    ItemContext cc = Base.getAndSetCurrentContext(sc, itemType, pageContext, defaultContext);
268    int numTotal = cc.getSelected().size();
269    int numRemoved = RemovableUtil.setRemoved(dc, itemType, cc.getSelected(), true);
270    dc.commit();
271    if (numTotal != numRemoved)
272    {
273      message = (numRemoved == 0 ? "No" : "Only "+numRemoved+" of "+numTotal) + " items could be deleted, because you have no DELETE permission";
274    }
275    redirect = listPage+(message != null ? "&popmessage="+HTML.urlEncode(message) : "");
276  }
277  else if ("RestoreItem".equals(cmd))
278  {
279    // Restore a single item and then return to the view page
280    dc = sc.newDbControl();
281    ItemContext cc = Base.getAndSetCurrentContext(sc, itemType, pageContext, defaultContext);
282    RemovableUtil.setRemoved(dc, itemType, Collections.singleton(cc.getId()), false);
283    dc.commit();
284    redirect = viewPage;
285  }
286  else if ("RestoreItems".equals(cmd))
287  {
288    // Restore all selected items on the list page
289    dc = sc.newDbControl();
290    ItemContext cc = Base.getAndSetCurrentContext(sc, itemType, pageContext, defaultContext);
291    int numTotal = cc.getSelected().size();
292    int numRemoved = RemovableUtil.setRemoved(dc, itemType, cc.getSelected(), false);
293    dc.commit();
294    if (numTotal != numRemoved)
295    {
296      message = (numRemoved == 0 ? "No" : "Only "+numRemoved+" of "+numTotal) + " items could be restored, because you have no WRITE permission";
297    }
298    redirect = listPage+(message != null ? "&popmessage="+HTML.urlEncode(message) : "");
299  }
300  else if ("ExportItems".equals(cmd))
301  {
302    // Run an export plugin in a list context
303    ItemContext cc = Base.getAndSetCurrentContext(sc, itemType, pageContext, defaultContext);
304    final ItemQuery<User> query = User.getQuery();
305    cc.configureQuery(query, true);
306    cc.setQuery(query);
307    redirect = "../../common/export/index.jsp?ID="+ID+"&cmd=SelectPlugin&item_type="+itemType.name()+"&context_type=LIST&title=Export+users";
308  }
309  else if ("ExportItem".equals(cmd))
310  {
311    // Run an export plugin in single-item context
312    ItemContext cc = Base.getAndSetCurrentContext(sc, itemType, pageContext, defaultContext);
313    redirect = "../../common/export/index.jsp?ID="+ID+"&cmd=SelectPlugin&item_type="+itemType.name()+"&context_type=ITEM&title=Export+user";
314  }
315  else if ("ImportItems".equals(cmd))
316  {
317    // Run an import plugin in a list context
318    ItemContext cc = Base.getAndSetCurrentContext(sc, itemType, pageContext, defaultContext);
319    final ItemQuery<User> query = User.getQuery();
320    cc.configureQuery(query, true);
321    cc.setQuery(query);
322    redirect = "../../common/import/index.jsp?ID="+ID+"&cmd=SelectPlugin&item_type="+itemType.name()+"&context_type=LIST&title=Import+users";
323  }
324  else if ("ImportItem".equals(cmd))
325  {
326    // Run an import plugin in single-item context
327    ItemContext cc = Base.getAndSetCurrentContext(sc, itemType, pageContext, defaultContext);
328    redirect = "../../common/import/index.jsp?ID="+ID+"&cmd=SelectPlugin&item_type="+itemType.name()+"&context_type=ITEM&title=Import+user";
329  }
330  else if ("RunListPlugin".equals(cmd))
331  {
332    // Run another plugin in a list context
333    ItemContext cc = Base.getAndSetCurrentContext(sc, itemType, pageContext, defaultContext);
334    final ItemQuery<User> query = User.getQuery();
335    cc.configureQuery(query, true);
336    cc.setQuery(query);
337    redirect = "../../common/plugin/index.jsp?ID="+ID+"&cmd=SelectPlugin&item_type="+itemType.name()+"&context_type=LIST&main_type=OTHER&title=Run+plugin";
338  }
339  else if ("RunPlugin".equals(cmd))
340  {
341    // Run another plugin in single-item context
342    ItemContext cc = Base.getAndSetCurrentContext(sc, itemType, pageContext, defaultContext);
343    redirect = "../../common/plugin/index.jsp?ID="+ID+"&cmd=SelectPlugin&item_type="+itemType.name()+"&context_type=ITEM&main_type=OTHER&title=Run+plugin";
344  }
345  else
346  {
347    throw new WebException("popup", "Invalid command", "The command {1} is not recognised as a valid command.", cmd);
348  }
349}
350finally
351{
352  if (dc != null) dc.close();
353}
354
355if (forward != null)
356{
357  pageContext.forward(forward);
358}
359else if (redirect != null)
360{
361  response.sendRedirect(redirect);
362}
363else if (message == null)
364{
365  response.sendRedirect(root + "common/close_popup.jsp?refresh_opener=1&wait=0");
366}
367else
368{
369  response.sendRedirect(root + "common/close_popup.jsp?refresh_opener=1&message="+HTML.urlEncode(message));
370}
371%>
372
Note: See TracBrowser for help on using the repository browser.