Author: channa Date: Wed Jun 25 08:04:26 2008 New Revision: 18635 URL: http://wso2.org/svn/browse/wso2?view=rev&revision=18635
Log: Added check for user active status before allowing promotion (MASHUP-881). Modified: trunk/mashup/java/modules/core/src/org/wso2/mashup/webapp/userprofile/ManageUsers.java trunk/mashup/java/modules/core/src/org/wso2/mashup/webapp/userprofile/UserInformation.java trunk/mashup/java/modules/www/manage_users.jsp trunk/mashup/java/modules/www/signin.jsp Modified: trunk/mashup/java/modules/core/src/org/wso2/mashup/webapp/userprofile/ManageUsers.java URL: http://wso2.org/svn/browse/wso2/trunk/mashup/java/modules/core/src/org/wso2/mashup/webapp/userprofile/ManageUsers.java?rev=18635&r1=18634&r2=18635&view=diff ============================================================================== --- trunk/mashup/java/modules/core/src/org/wso2/mashup/webapp/userprofile/ManageUsers.java (original) +++ trunk/mashup/java/modules/core/src/org/wso2/mashup/webapp/userprofile/ManageUsers.java Wed Jun 25 08:04:26 2008 @@ -66,8 +66,9 @@ .get(MashupConstants.FULL_NAME); // If the full name is available, use it, otherwise just show the user name. fullName = fullName != null ? fullName : allUsers[userCount]; - UserInformation userInformation = new UserInformation(fullName, isUserActive(userRegistry, + UserInformation userInformation = new UserInformation(fullName, isUserActive(realm, allUsers[userCount]), isUserDeletable(realm, allUsers[userCount]), + isUserPromotable(realm, allUsers[userCount]), userHasRole(userStoreAdmin, allUsers[userCount], RegistryConstants.ADMIN_ROLE)); userMap.put(allUsers[userCount], userInformation); } @@ -203,16 +204,14 @@ /** * Gets the profile for a given user and returns if his or her profile is enabled or disabled. * - * @param userRegistry Secure registry instance. + * @param realm User registry realm instance. * @param userName User name to be checked for status. * @return true if user profile is enabled. */ - public static boolean isUserActive(UserRegistry userRegistry, String userName) { + public static boolean isUserActive(UserRealm realm, String userName) { boolean active = false; - UserRealm realm = userRegistry.getUserRealm(); try { - // If the name has already been taken, signal an error. UserStoreReader userStoreReader = realm.getUserStoreReader(); Map userProps = userStoreReader.getUserProperties(userName); @@ -314,8 +313,22 @@ */ private static boolean isUserPromotable(UserRealm realm, String userName) throws UserStoreException { - // Current business rules are same as user being deletable, so simply wraps that method. - return isUserDeletable(realm, userName); + boolean canBePromoted = true; + + if (userName.equals(RegistryConstants.ANONYMOUS_USER) || + userName.equals(RegistryConstants.SYSTEM_USER)) { + canBePromoted = false; + } + + if (RegistryUtils.isUserPrimary(realm, userName)) { + canBePromoted = false; + } + + if (!isUserActive(realm, userName)) { + canBePromoted = false; + } + + return canBePromoted; } /** Modified: trunk/mashup/java/modules/core/src/org/wso2/mashup/webapp/userprofile/UserInformation.java URL: http://wso2.org/svn/browse/wso2/trunk/mashup/java/modules/core/src/org/wso2/mashup/webapp/userprofile/UserInformation.java?rev=18635&r1=18634&r2=18635&view=diff ============================================================================== --- trunk/mashup/java/modules/core/src/org/wso2/mashup/webapp/userprofile/UserInformation.java (original) +++ trunk/mashup/java/modules/core/src/org/wso2/mashup/webapp/userprofile/UserInformation.java Wed Jun 25 08:04:26 2008 @@ -21,6 +21,7 @@ public class UserInformation { private boolean userActive; private boolean userDeletable; + private boolean userPromotable; private boolean userAdmin; private String fullName; private String userName; @@ -36,10 +37,11 @@ this.fullName = userFullName; } - public UserInformation(String userFullName, boolean userActive, boolean userDeleteable, + public UserInformation(String userFullName, boolean userActive, boolean userDeleteable, boolean userPromotable, boolean userAdmin) { this.userActive = userActive; this.userDeletable = userDeleteable; + this.userPromotable = userPromotable; this.fullName = userFullName; this.userAdmin = userAdmin; } @@ -52,6 +54,10 @@ return userDeletable; } + public boolean isUserPromotable() { + return userPromotable; + } + public String getFullName() { return fullName; } Modified: trunk/mashup/java/modules/www/manage_users.jsp URL: http://wso2.org/svn/browse/wso2/trunk/mashup/java/modules/www/manage_users.jsp?rev=18635&r1=18634&r2=18635&view=diff ============================================================================== --- trunk/mashup/java/modules/www/manage_users.jsp (original) +++ trunk/mashup/java/modules/www/manage_users.jsp Wed Jun 25 08:04:26 2008 @@ -86,26 +86,30 @@ <td><%= userInformation.getFullName() %></td> <td align="center"><a href="add_user.jsp?username=<%=userName%>&editmode=true&firstcall=true&bounceback=<%=URLEncoder.encode(thisPage,"UTF-8")%>"><img src="images/edit.gif" alt="Edit user" title="Edit user" border="0"></a></td> <td align="center"> - <% if (userInformation.isUserDeletable()) { - String urlString = "username=" + URLEncoder.encode(userName, "UTF-8") + "&fullname=" + URLEncoder.encode(userInformation.getFullName(), "UTF-8") + "&firstcall=true&bounceback=" + URLEncoder.encode(thisPage, "UTF-8"); %> - <a href="delete_user.jsp?<%= urlString %>"><img src="images/delete.gif" - alt="Delete user" title="Delete user" - border="0"></a> - <td align="center"> - <% if (userInformation.isUserAdmin()) { %> - <a href="promote_user.jsp?<%= urlString %>&demote=true"><img src="images/arrowDown.gif" - alt="Revoke Admin" - title="Revoke Admin" - border="0"></a> - <% } else { %> - <a href="promote_user.jsp?<%= urlString %>"><img src="images/arrowUp.gif" - alt="Assign Admin" - title="Assign Admin" border="0"></a> - <% } %> + <% String urlString = "username=" + URLEncoder.encode(userName, "UTF-8") + "&fullname=" + URLEncoder.encode(userInformation.getFullName(), "UTF-8") + "&firstcall=true&bounceback=" + URLEncoder.encode(thisPage, "UTF-8"); + if (userInformation.isUserDeletable()) { %> + <a href="delete_user.jsp?<%= urlString %>"><img src="images/delete.gif" + alt="Delete user" title="Delete user" + border="0"></a> + <% } else { %> + + <% } %> </td> - <% } else { %> - <td> </td> - <% } %> + <td align="center"> + <% if (userInformation.isUserPromotable()) { + if (userInformation.isUserAdmin()) { %> + <a href="promote_user.jsp?<%= urlString %>&demote=true"><img src="images/arrowDown.gif" + alt="Revoke Admin" + title="Revoke Admin" + border="0"></a> + <% } else { %> + <a href="promote_user.jsp?<%= urlString %>"><img src="images/arrowUp.gif" + alt="Assign Admin" + title="Assign Admin" border="0"></a> + <% } + } else { %> + + <% } %> </td> </tr> <% }%> Modified: trunk/mashup/java/modules/www/signin.jsp URL: http://wso2.org/svn/browse/wso2/trunk/mashup/java/modules/www/signin.jsp?rev=18635&r1=18634&r2=18635&view=diff ============================================================================== --- trunk/mashup/java/modules/www/signin.jsp (original) +++ trunk/mashup/java/modules/www/signin.jsp Wed Jun 25 08:04:26 2008 @@ -69,7 +69,7 @@ RegistryUtils.createUserRegistry(nameProvided, embeddedRegistry); // Check if the user is active - if not, fail login. - if (ManageUsers.isUserActive(userRegistry, nameProvided)) { + if (ManageUsers.isUserActive(userRegistry.getUserRealm(), nameProvided)) { request.getSession() .setAttribute(MashupConstants.USER_REGISTRY, userRegistry); _______________________________________________ Mashup-dev mailing list [email protected] http://www.wso2.org/cgi-bin/mailman/listinfo/mashup-dev
