1    package com.instantbank.collections.security.web;
2    
3    import java.io.ByteArrayInputStream;
4    import java.io.IOException;
5    import java.util.Enumeration;
6    import javax.ejb.FinderException;
7    import javax.servlet.RequestDispatcher;
8    import javax.servlet.ServletConfig;
9    import javax.servlet.ServletContext;
10   import javax.servlet.ServletException;
11   import javax.servlet.http.HttpServlet;
12   import javax.servlet.http.HttpServletRequest;
13   import javax.servlet.http.HttpServletResponse;
14   import javax.servlet.http.HttpSession;
15   import oracle.xml.parser.v2.DOMParser;
16   import oracle.xml.parser.v2.XMLDocument;
17   import oracle.xml.parser.v2.XMLParseException;
18   import oracle.xml.parser.v2.XSLException;
19   import org.xml.sax.SAXException;
20   import com.instantbank.collections.security.ejb.SecurityProfilesServices;
21   import com.instantbank.collections.security.ejb.SecurityProfilesServicesHome;
22   import com.instantbank.collections.security.ejb.SecurityServices;
23   import com.instantbank.collections.security.ejb.SecurityServicesHome;
24   import com.instantbank.collections.util.FilterChain;
25   import com.instantbank.collections.util.InstantbankException;
26   import com.instantbank.collections.util.ServiceLocator;
27   
28   
29   public class UsersMaintenanceController extends HttpServlet {
30     private Long companyId;
31     private Integer currentTab;
32     private String debug;
33     private SecurityProfilesServices PrfServices;
34     private SecurityServices SecServices;
35     private HttpSession session;
36     private String typeSel;
37     private Long userId;
38   
39   
40     private void changeGroup(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException, FinderException, Exception {
41       String xml;
42       String xmlProfiles;
43       String groupId;
44       Long ProfileId;
45       XMLDocument doc;
46   
47       xml = (String)request.getParameter("data");
48       currentTab = new Integer(request.getParameter("currentTab"));
49       doc = parseInfo(xml);
50       groupId = doc.valueOf("/UserList/User/groupid");
51       if(groupId.equals("_")) {
52         initialize(request, response);
53       }
54       else {
55         ProfileId = new Long(PrfServices.getGroupProfileId(groupId));
56         xmlProfiles = PrfServices.getProfiles(ProfileId, "C");
57         showUser(request, response, xml, xmlProfiles);
58       }
59     }
60   
61   
62     public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
63       doPost(request, response);
64     }
65   
66   
67     public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
68       String action;
69       com.instantbank.collections.util.FilterChain chain;
70   
71       debug = "set action";
72       try {
73         session = request.getSession(false);
74         action = request.getParameter("action");
75         session.setAttribute("hasException", "0");
76         try {
77           chain = new com.instantbank.collections.util.FilterChain(true, getServletConfig().getServletContext());
78           if(chain.processFilter(request, response)) {
79             return;
80           }
81           if(action.equals("initialize")) {
82             initialize(request, response);
83           }
84           else if(action.equals("changeGroup")) {
85             changeGroup(request, response);
86           }
87           else if(action.equals("save")) {
88             save(request, response);
89           }
90           else if(action.equals("selectUser")) {
91             selectUser(request, response);
92           }
93           else if(action.equals("resetPassword")) {
94             resetPassword(request, response);
95           }
96           else {
97             throw new InstantbankException("132001", "Action " + action + " not supported");
98           }
99         }
100        catch(Exception e) {
101          throw new InstantbankException(e, "132002", "Failed to execute controller action " + action);
102        }
103      }
104      catch(InstantbankException e) {
105        session.setAttribute("hasException", "1");
106        session.setAttribute("Exception", e);
107        if(response.isCommitted()) {
108          return;
109        }
110        response.sendRedirect("../main_web/ControllerError.jsp?showTechnical=0");
111      }
112    }
113  
114  
115    public String getServletInfo() {
116      return "com.instantbank.collections.security.web.UserGroupsMaintenanceController Information";
117    }
118  
119  
120    public void init(ServletConfig config) throws ServletException {
121      super.init(config);
122      try {
123        SecurityServicesHome SecHome = (SecurityServicesHome)
124          ServiceLocator.instance().createEJB("SecurityServicesHome", SecurityServicesHome.class, false);
125        SecServices = SecHome.create();
126        SecurityProfilesServicesHome PrfHome = (SecurityProfilesServicesHome)
127          ServiceLocator.instance().createEJB("SecurityProfilesServicesHome", SecurityProfilesServicesHome.class, false);
128        PrfServices = PrfHome.create();
129      }
130      catch(Exception e) {
131        throw new ServletException(e);
132      }
133    }
134  
135  
136    private void initialize(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException, FinderException, Exception {
137      String xmlUser;
138      String xmlProfiles;
139      Long companyId;
140  
141      companyId = (Long)session.getAttribute("companyId");
142      typeSel = "0";  //The user selects an initilizer
143      currentTab = new Integer(1);
144      xmlUser = SecServices.newUser();
145      xmlProfiles = PrfServices.newProfiles(companyId);
146      showUser(request, response, xmlUser, xmlProfiles);
147    }
148  
149  
150    public XMLDocument parseInfo(String data) throws XMLParseException, XSLException, SAXException, IOException {
151      DOMParser docParser = new DOMParser();
152      ByteArrayInputStream stream;
153      XMLDocument xmlDoc;
154  
155      xmlDoc = null;
156      stream = new ByteArrayInputStream(data.getBytes());
157      docParser.setValidationMode(false);
158      docParser.parse(stream);
159      xmlDoc = docParser.getDocument();
160      return xmlDoc;
161    }
162  
163  
164    private void save(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException, FinderException, Exception {
165      String attr;
166      XMLDocument doc;
167      Boolean isAttr = new Boolean(false);
168      long UserId;
169      long SavePrfId;
170      String status;
171      String xmlUser;
172      String xmlProfiles;
173  
174      Enumeration ParameterNames = request.getParameterNames();
175      while(ParameterNames.hasMoreElements()) {
176        attr = (String)ParameterNames.nextElement();
177        if(attr.equals("userId")) {
178          if(!request.getParameter("userId").equals("")) {
179            isAttr = new Boolean(true);
180          }
181        }
182      }
183  
184      currentTab = new Integer(request.getParameter("currentTab"));
185      companyId = (Long)session.getAttribute("companyId");
186      userId = (Long)session.getAttribute("userId");
187      xmlUser = (String)request.getParameter("data");
188      xmlProfiles = (String)request.getParameter("profiles");
189      SecServices.saveUser(xmlUser, xmlProfiles, companyId, userId);
190      doc = parseInfo(xmlUser);
191      status = doc.valueOf("/UserList/User/statusflag");
192      if((status.equals(new String("3"))) && (isAttr.equals(new Boolean(true)))) {
193        resetPassword(request, response);
194      }
195      else {
196        initialize(request, response);
197      }
198    }
199  
200  
201    private void selectUser(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException, FinderException, Exception {
202      Long UserId;
203      Long ProfileId;
204      String xmlUser;
205      String xmlProfiles;
206      String UsrTmp;
207      XMLDocument doc;
208      currentTab = new Integer(request.getParameter("currentTab"));
209      UsrTmp = (String)request.getParameter("data");
210      if(UsrTmp.equals("")) {
211        initialize(request, response);
212      }
213      else {
214        UserId = new Long(UsrTmp);
215        xmlUser = SecServices.getUser(UserId);
216        doc = parseInfo(xmlUser);
217        ProfileId = new Long(doc.valueOf("/UserList/User/profileid"));
218        xmlProfiles = PrfServices.getProfiles(ProfileId, "C");
219        showUser(request, response, xmlUser, xmlProfiles);
220      }
221    }
222  
223  
224    private void showUser(HttpServletRequest request, HttpServletResponse response, String xmlUser, String xmlProfiles) throws ServletException, IOException, FinderException, Exception {
225      String xmlList = new String();
226      String xmlGroups = new String();
227      String xmlQueues = new String();
228  
229      session = request.getSession(false);
230      companyId = (Long)session.getAttribute("companyId");
231      xmlList = SecServices.getUsers(companyId);
232      xmlGroups = SecServices.getGroups(companyId);
233      xmlQueues = PrfServices.getQueues(companyId);
234      ServletContext sc = getServletConfig().getServletContext();
235      request.setAttribute("data", xmlUser);
236      request.setAttribute("currentTab", currentTab.toString());
237      request.setAttribute("profiles", xmlProfiles);
238      request.setAttribute("users", xmlList);
239      request.setAttribute("groups", xmlGroups);
240      request.setAttribute("queues", xmlQueues);
241      RequestDispatcher rd = sc.getRequestDispatcher("/security_web/UserView.jsp");
242      rd.forward(request, response);
243    }
244  
245  
246    private void resetPassword(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException, FinderException, Exception {
247      long UserId;
248      String userParameter;
249      userParameter = new String(request.getParameter("userId"));
250      UserId = Long.parseLong(userParameter);
251      userId = (Long)session.getAttribute("userId");
252      SecServices.resetUserPassword(UserId, userId);
253      initialize(request, response);
254    }
255  }
256