From 434f84adbafbafabdf8f4e6e0260ddd45fc5e474 Mon Sep 17 00:00:00 2001
From: Jesse McConnell <jmcconnell@apache.org>
Date: Mon, 11 Sep 2006 19:24:10 +0000
Subject: [PATCH] improved the flow of login / registration and decorator

git-svn-id: https://svn.apache.org/repos/asf/maven/archiva/trunk@442298 13f79535-47bb-0310-9956-ffa450edef68
---
 .../web/action/admin/NewUserAction.java       |  68 +++++-----
 .../action/admin/UserManagementAction.java    | 121 +++++++++++++-----
 archiva-webapp/src/main/resources/xwork.xml   |   7 +-
 .../webapp/WEB-INF/jsp/decorators/default.jsp |  11 +-
 .../src/main/webapp/WEB-INF/jsp/user.jsp      |  18 +--
 5 files changed, 148 insertions(+), 77 deletions(-)

diff --git a/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/admin/NewUserAction.java b/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/admin/NewUserAction.java
index 2b288a76f..3f28833fc 100644
--- a/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/admin/NewUserAction.java
+++ b/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/admin/NewUserAction.java
@@ -1,22 +1,22 @@
 package org.apache.maven.archiva.web.action.admin;
 
-
 /*
- * Copyright 2005 The Apache Software Foundation.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
+* Copyright 2005 The Apache Software Foundation.
+*
+* Licensed under the Apache License, Version 2.0 (the "License");
+* you may not use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+*      http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*/
 
+import org.apache.maven.archiva.web.util.RoleManager;
 import org.codehaus.plexus.security.system.SecuritySystem;
 import org.codehaus.plexus.security.user.User;
 import org.codehaus.plexus.security.user.UserManager;
@@ -24,7 +24,6 @@ import org.codehaus.plexus.security.user.policy.PasswordRuleViolationException;
 import org.codehaus.plexus.security.user.policy.PasswordRuleViolations;
 import org.codehaus.plexus.util.StringUtils;
 import org.codehaus.plexus.xwork.action.PlexusActionSupport;
-import org.apache.maven.archiva.web.util.RoleManager;
 
 import java.util.Iterator;
 import java.util.List;
@@ -90,32 +89,39 @@ public class NewUserAction
 
         UserManager um = securitySystem.getUserManager();
 
-        User user = um.createUser( username, fullName, email );
-
-        user.setPassword( password );
-
-        try
+        if ( um.userExists( username ) )
         {
-            um.addUser( user );
+            addActionError( "User already exists!" );
         }
-        catch ( PasswordRuleViolationException e )
+        else
         {
-            PasswordRuleViolations violations = e.getViolations();
-            List violationList = violations.getLocalizedViolations();
-            Iterator it = violationList.iterator();
-            while ( it.hasNext() )
+            User user = um.createUser( username, fullName, email );
+
+            user.setPassword( password );
+
+            try
             {
-                addActionError( (String) it.next() );
+                um.addUser( user );
             }
-        }
+            catch ( PasswordRuleViolationException e )
+            {
+                PasswordRuleViolations violations = e.getViolations();
+                List violationList = violations.getLocalizedViolations();
+                Iterator it = violationList.iterator();
+                while ( it.hasNext() )
+                {
+                    addActionError( (String) it.next() );
+                }
+            }
+            roleManager.addUser( user.getPrincipal().toString() );
 
+        }
+        
         if ( hasActionErrors() )
         {
             return ERROR;
         }
 
-        roleManager.addUser( user.getPrincipal().toString() );
-
         return SUCCESS;
     }
 
diff --git a/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/admin/UserManagementAction.java b/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/admin/UserManagementAction.java
index f1b3944ce..3212e6a53 100644
--- a/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/admin/UserManagementAction.java
+++ b/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/admin/UserManagementAction.java
@@ -17,18 +17,19 @@ package org.apache.maven.archiva.web.action.admin;
  * limitations under the License.
  */
 
-import com.opensymphony.xwork.ModelDriven;
-import com.opensymphony.xwork.Preparable;
 import org.codehaus.plexus.security.rbac.RBACManager;
 import org.codehaus.plexus.security.user.User;
 import org.codehaus.plexus.security.user.UserManager;
+import org.codehaus.plexus.security.user.UserNotFoundException;
+import org.codehaus.plexus.security.system.SecuritySession;
 import org.codehaus.plexus.xwork.action.PlexusActionSupport;
 
 import java.util.ArrayList;
 import java.util.List;
 
 /**
- * LoginAction:
+ * UserManagementAction: pulled from the class of the same name in plexus-security-ui-web
+ * for integrating rbac with user information
  *
  * @author Jesse McConnell <jmcconnell@apache.org>
  * @version $Id:$
@@ -37,7 +38,6 @@ import java.util.List;
  */
 public class UserManagementAction
     extends PlexusActionSupport
-    implements ModelDriven, Preparable
 {
 
     /**
@@ -52,6 +52,12 @@ public class UserManagementAction
 
     private User user;
 
+    private String email;
+
+    private String fullName;
+
+    private boolean locked;
+
     private String username;
 
     private String principal;
@@ -64,41 +70,58 @@ public class UserManagementAction
 
     private String resourceName;
 
-    public void prepare()
+    /**
+     * for this method username should be populated
+     * 
+     * @return
+     */
+    public String findUser()
+    {
+        try
+        {
+            user = userManager.findUser( username );                 
+            return SUCCESS;
+        }
+        catch ( UserNotFoundException ne )
+        {
+            addActionError( "user could not be found "  + username );
+            return ERROR;
+        }
+    }
+
+    /**
+     * For this method, principal should be populated
+     *
+     * @throws Exception
+     */
+    public String display()
         throws Exception
     {
-        if ( username == null )
+        if ( principal == null )
         {
-            username = ( (User) session.get( "user" ) ).getUsername();
-            user = userManager.findUser( username );
-        }
-        else
-        {
-            user = userManager.findUser( username );
+            addActionError( "a principal is required for this operation" );
+            return ERROR;
         }
 
+        // for displaying the potential repositories to be displayed, remove the global resource
+        // from the list
         resources = rbacManager.getAllResources();
+        resources.remove( rbacManager.getGlobalResource() );
 
-        availableRoles = rbacManager.getAllAssignableRoles();
-
-        principal = ( (User) session.get( "user" ) ).getPrincipal().toString();
-
+        // check if the user has any roles assigned to them, and populate the lists for
+        // rendering assign and remove roles links
         if ( principal != null && rbacManager.userAssignmentExists( principal ) )
         {
-            getLogger().info( "recovering assigned roles" );
             assignedRoles = new ArrayList( rbacManager.getAssignedRoles( principal ) );
             availableRoles = new ArrayList( rbacManager.getUnassignedRoles( principal ) );
         }
         else
         {
-            getLogger().info( "new assigned roles" );
             assignedRoles = new ArrayList();
             availableRoles = rbacManager.getAllAssignableRoles();
-
         }
 
-        getLogger().info( "assigned roles: " + assignedRoles.size() );
-        getLogger().info( "available roles: " + availableRoles.size() );
+        return SUCCESS;
     }
 
     public String save()
@@ -106,20 +129,23 @@ public class UserManagementAction
     {
         User temp = userManager.findUser( username );
 
-        temp.setEmail( user.getEmail() );
-        temp.setFullName( user.getFullName() );
-        temp.setLocked( user.isLocked() );
+        temp.setEmail( email );
+        temp.setFullName( fullName );
+        temp.setLocked( locked );
 
-        userManager.updateUser( temp );
+        temp = userManager.updateUser( temp );
+
+        // overwrite the user in the session with the saved one if and only if it is the
+        // save user as the person currently logged in
+        User activeUser = (User) session.get( SecuritySession.USERKEY );
+        if ( temp.getPrincipal().toString().equals( activeUser.getPrincipal().toString() ) )
+        {
+            session.put( SecuritySession.USERKEY, temp );
+        }
 
         return SUCCESS;
     }
 
-    public Object getModel()
-    {
-        return user;
-    }
-
     public String getUsername()
     {
         return username;
@@ -135,6 +161,41 @@ public class UserManagementAction
         return user;
     }
 
+    public void setUser( User user )
+    {
+        this.user = user;
+    }
+
+    public String getEmail()
+    {
+        return email;
+    }
+
+    public void setEmail( String email )
+    {
+        this.email = email;
+    }
+
+    public String getFullName()
+    {
+        return fullName;
+    }
+
+    public void setFullName( String fullName )
+    {
+        this.fullName = fullName;
+    }
+
+    public boolean isLocked()
+    {
+        return locked;
+    }
+
+    public void setLocked( boolean locked )
+    {
+        this.locked = locked;
+    }
+
     public String getPrincipal()
     {
         return principal;
diff --git a/archiva-webapp/src/main/resources/xwork.xml b/archiva-webapp/src/main/resources/xwork.xml
index 43af86a92..3b98abb00 100644
--- a/archiva-webapp/src/main/resources/xwork.xml
+++ b/archiva-webapp/src/main/resources/xwork.xml
@@ -244,12 +244,13 @@
 
     <!-- plexus security actions -->
 
-    <action name="userDetails" class="plexusSecurityUserManagement" method="save">
+    <action name="userDetails" class="userManagement" method="save">
       <result name="success">/WEB-INF/jsp/userDetails.jsp</result>
     </action>
 
-    <action name="userManagement" class="plexusSecurityUserManagement">
-      <result name="success">/WEB-INF/jsp/findUser.jsp</result>
+    <action name="userManagement" class="userManagement" method="findUser">
+      <result name="input">/WEB-INF/jsp/findUser.jsp</result>
+      <result name="success" type="redirect-action">user</result>
     </action>
 
     <action name="assignRoleToUser" class="plexusSecurityUserAssignment" method="assignRole">
diff --git a/archiva-webapp/src/main/webapp/WEB-INF/jsp/decorators/default.jsp b/archiva-webapp/src/main/webapp/WEB-INF/jsp/decorators/default.jsp
index 61078be10..3d25084f6 100644
--- a/archiva-webapp/src/main/webapp/WEB-INF/jsp/decorators/default.jsp
+++ b/archiva-webapp/src/main/webapp/WEB-INF/jsp/decorators/default.jsp
@@ -59,16 +59,19 @@
 
 <div id="breadcrumbs">
   <div class="xleft">
-    <ww:url id="loginUrl" action="login" namespace="/"/>
-    <ww:url id="logoutUrl" action="logout" namespace="/"/>
-    <ww:url id="manageUserUrl" action="user" namespace="/admin"/>
+    <ww:url id="loginUrl" action="login" namespace="/" includeParams="none"/>
 
     <ww:if test="${sessionScope.authStatus != true}">
       <ww:a href="%{loginUrl}">Login/Register</ww:a>
 
     </ww:if>
     <ww:else>
-      Welcome, <b>${sessionScope.user.username}</b> -
+      <ww:url id="logoutUrl" action="logout" namespace="/" includeParams="none"/>
+      <ww:url id="manageUserUrl" action="user" namespace="/admin">
+        <ww:param name="principal">${sessionScope.SecuritySessionUser.principal}</ww:param>
+      </ww:url>
+
+      Welcome, <b>${sessionScope.SecuritySessionUser.username}</b> -
       <ww:a href="%{manageUserUrl}">Settings</ww:a> -
       <ww:a href="%{logoutUrl}">Logout</ww:a>
     </ww:else>
diff --git a/archiva-webapp/src/main/webapp/WEB-INF/jsp/user.jsp b/archiva-webapp/src/main/webapp/WEB-INF/jsp/user.jsp
index 3c5602a03..fa8e5a853 100644
--- a/archiva-webapp/src/main/webapp/WEB-INF/jsp/user.jsp
+++ b/archiva-webapp/src/main/webapp/WEB-INF/jsp/user.jsp
@@ -29,23 +29,23 @@
         <div style="float: right">
           <pss:ifAnyAuthorized permissions="edit-all-users,edit-user" resource="${username}">
             <ww:url id="userDetailsUrl" action="userDetails">
-              <ww:param name="username">${username}</ww:param>
+              <ww:param name="username">${sessionScope.SecuritySessionUser.username}</ww:param>
             </ww:url>
             <ww:a href="%{userDetailsUrl}">Edit details</ww:a>
           </pss:ifAnyAuthorized>
         </div>
 
-        <h2>${user.fullName}</h2>
+        <h2>${sessionScope.SecuritySessionUser.fullName}</h2>
 
         <table class="bodyTable">
           <tr class="a">
             <th>Username</th>
 
-            <td>${user.username}</td>
+            <td>${sessionScope.SecuritySessionUser.username}</td>
           </tr>
           <tr class="b">
             <th>Email</th>
-            <td>${user.email}</td>
+            <td>${sessionScope.SecuritySessionUser.email}</td>
           </tr>
         </table>
 
@@ -54,8 +54,8 @@
         <table class="bodyTable">
           <ww:iterator id="role" value="assignedRoles">
             <ww:url id="removeAssignedRoleUrl" action="removeRoleFromUser">
-              <ww:param name="principal">${principal}</ww:param>
-              <ww:param name="roleName">${role.name}</ww:param>
+              <ww:param name="principal">${sessionScope.SecuritySessionUser.principal}</ww:param>
+              <ww:param name="roleName">${sessionScope.SecuritySessionUser.name}</ww:param>
             </ww:url>
             <tr class="a">
              <td>
@@ -73,13 +73,13 @@
         <p>
           <ww:iterator id="role" value="availableRoles">
             <ww:url id="addRoleUrl" action="assignRoleToUser">
-              <ww:param name="principal">${sessionScope.user.principal}</ww:param>
+              <ww:param name="principal">${sessionScope.SecuritySessionUser.principal}</ww:param>
               <ww:param name="roleName">${role.name}</ww:param>
             </ww:url>
             <ww:a href="%{addRoleUrl}">${role.name}</ww:a><br/>
           </ww:iterator>
            </p>
-
+           <%--
           <p>
             This following screen needs have the various roles worked into it.
           </p>
@@ -114,7 +114,7 @@
                 of
                 <ww:select name="resourceName" list="resources" listKey="identifier" listValue="identifier" headerKey="" headerValue="(Please Select)"/>
               </td>
-            </tr>
+            </tr> --%>
                  <%--  add in for project level security
             <tr class="b">
               <td>