Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $
You can buy this project and download/modify it how often you want.
sk.iway.iwcm.stripes.RegUserAction Maven / Gradle / Ivy
package sk.iway.iwcm.stripes;
import java.awt.Dimension;
import java.io.File;
import java.lang.reflect.Method;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.util.Hashtable;
import java.util.Iterator;
import java.util.Map;
import java.util.StringTokenizer;
import javax.servlet.http.HttpServletRequest;
import net.sourceforge.stripes.action.ActionBeanContext;
import net.sourceforge.stripes.action.FileBean;
import net.sourceforge.stripes.action.ForwardResolution;
import net.sourceforge.stripes.action.Resolution;
import net.sourceforge.stripes.action.SimpleMessage;
import net.sourceforge.stripes.util.bean.BeanUtil;
import net.sourceforge.stripes.validation.SimpleError;
import net.sourceforge.stripes.validation.ValidationErrors;
import net.sourceforge.stripes.validation.ValidationMethod;
import sk.iway.Html2Text;
import sk.iway.Password;
import sk.iway.iwcm.Adminlog;
import sk.iway.iwcm.Constants;
import sk.iway.iwcm.DB;
import sk.iway.iwcm.DBPool;
import sk.iway.iwcm.Identity;
import sk.iway.iwcm.Logger;
import sk.iway.iwcm.PageLng;
import sk.iway.iwcm.PageParams;
import sk.iway.iwcm.SendMail;
import sk.iway.iwcm.SpamProtection;
import sk.iway.iwcm.Tools;
import sk.iway.iwcm.common.LogonTools;
import sk.iway.iwcm.common.UserTools;
import sk.iway.iwcm.doc.DocDB;
import sk.iway.iwcm.doc.DocDetails;
import sk.iway.iwcm.doc.ShowDoc;
import sk.iway.iwcm.gallery.GalleryDB;
import sk.iway.iwcm.i18n.Prop;
import sk.iway.iwcm.io.IwcmFsDB;
import sk.iway.iwcm.system.captcha.Captcha;
import sk.iway.iwcm.system.stripes.WebJETActionBean;
import sk.iway.iwcm.users.AuthorizeAction;
import sk.iway.iwcm.users.PasswordSecurity;
import sk.iway.iwcm.users.PasswordsHistoryDB;
import sk.iway.iwcm.users.UserDetails;
import sk.iway.iwcm.users.UserGroupDetails;
import sk.iway.iwcm.users.UserGroupsDB;
import sk.iway.iwcm.users.UsersDB;
/**
* RegUserAction.java
*
*@Title webjet4
*@Company Interway s.r.o. (www.interway.sk)
*@Copyright Interway s.r.o. (c) 2001-2007
*@author $Author: jraska $
*@version $Revision: 1.8 $
*@created Date: 16.10.2007 16:28:45
*@modified $Date: 2010/02/05 14:40:41 $
*/
public class RegUserAction extends WebJETActionBean
{
public static final String REQUIRE_AUTHORIZATION_AFTER_VERIFICATION = "requireAuthorizationAfterVerification";
UserDetails usr = null;
FileBean userImage = null;
private String originalPassword = null;
/**
* Priprav udaje pouzivatela na zobrazenie vo formulari
*/
@Override
public void setContext(ActionBeanContext context)
{
super.setContext(context);
Identity loggedUser = getCurrentUser();
usr = new UserDetails();
Logger.debug(RegUserAction.class, "Seesion: "+getSession());
if (loggedUser != null)
{
Logger.error(this,"mam lognuteho usera");
int id = Tools.getIntValue(context.getRequest().getParameter("usr.userId"), -1);
if (getSession().getAttribute("RegUserAction.ALLOW_SAVE_OTHER_USER")!=null && id > 0)
{
usr = UsersDB.getUser(id);
//getSession().removeAttribute("RegUserAction.ALLOW_SAVE_OTHER_USER");
getRequest().setAttribute("RegUserAction.ALLOW_SAVE_OTHER_USER", "true");
}
else
{
usr = UsersDB.getUser(loggedUser.getUserId());
}
}
//toto tu treba kvoli UsersDB.getUser(loggedUser.getUserId()); - ak bol medzicasom zmazany z DB
if (usr == null) usr = new UserDetails();
//nastavime hodnotu hesla na nezmenenu
if (Tools.isNotEmpty(usr.getPassword()))
{
originalPassword = usr.getPassword();
usr.setPassword(UserTools.PASS_UNCHANGED);
}
}
/**
* Uloz udaje pouzivatela do databazy
* @return
*/
public Resolution bSubmit()
{
//tato metoda berie hodnotu podla session, takze sa pouzije spravny jazyk
Prop prop = Prop.getInstance(PageLng.getUserLng(getContext().getRequest()));
Logger.debug(RegUserAction.class, "---> SAVE");
PageParams pageParams = new PageParams(getRequest());
if (usr != null)
{
String groupIdsEditable = pageParams.getValue("groupIdsEditable", "");
if (Tools.isNotEmpty(groupIdsEditable))
{
StringTokenizer st = new StringTokenizer(groupIdsEditable, ",+; ");
while (st.hasMoreTokens())
{
int userGroupId = Tools.getIntValue(st.nextToken(), -1);
if (userGroupId>0)
{
usr.removeFromGroup(userGroupId);
}
}
}
boolean requireApprove = false;
boolean requireEmailVerificationByGroup = false;
//MBO: po potvrdeni mailu, treba aby ho autorizoval admin
boolean requireAuthorizationAfterVerification = pageParams.getBooleanValue("requireAuthorizationAfterVerification", false);
String groupIds = pageParams.getValue("groupIds", "1");
//pridame mu pozadovane skupiny
UserGroupsDB userGroupsDB = UserGroupsDB.getInstance(Constants.getServletContext(), true, "iwcm");
StringTokenizer st = new StringTokenizer(groupIds, ",+; ");
while (st.hasMoreTokens())
{
int userGroupId = Tools.getIntValue(st.nextToken(), -1);
if (userGroupId>0)
{
UserGroupDetails ugd = userGroupsDB.getUserGroup(userGroupId);
if (ugd!=null && ugd.isAllowUserEdit())
{
usr.addToGroup(userGroupId);
if (usr.getUserId()<1 && ugd.isRequireApprove()) requireApprove = true;
if (usr.getUserId()<1 && ugd.isRequireEmailVerification()) requireEmailVerificationByGroup = true;
}
}
}
//pridame skupiny podla preferencii z formularu (ak nejake boli zadane)
String[] ugID = getRequest().getParameterValues("user_group_id");
if (ugID != null && ugID.length > 0)
{
for (int i=0; i0)
{
UserGroupDetails ugd = userGroupsDB.getUserGroup(userGroupId);
if (ugd!=null && ugd.isAllowUserEdit())
{
usr.addToGroup(userGroupId);
if (usr.getUserId()<1 && ugd.isRequireApprove()) requireApprove = true;
}
else if (ugd!=null)
{
//aby sa nestalo, ze ho chcu zaregistrovat do nejakej skupiny, ktora ma nastavene approve ale zabudli nastavit allow user edit
if (usr.getUserId()<1 && ugd.isRequireApprove()) requireApprove = true;
}
}
}
}
//user "dedi" skupiny po userovi ktory ho vytvara
if(getSession().getAttribute("RegUserAction.REMOVE_USER_GROUPS") != null)
{
String[] removeFromGroups = Tools.getTokens(getSession().getAttribute("RegUserAction.REMOVE_USER_GROUPS")+"", ",");
for(String groupToRemove:removeFromGroups)
{
usr.removeFromGroup(Tools.getIntValue(groupToRemove, -1));
}
}
if(getSession().getAttribute("RegUserAction.ADD_USER_GROUPS") != null)
{
String[] addFromGroups = Tools.getTokens(getSession().getAttribute("RegUserAction.ADD_USER_GROUPS")+"", ",");
for(String groupToAdd:addFromGroups)
{
usr.addToGroup(Tools.getIntValue(groupToAdd, -1));
}
}
boolean requireEmailVerification = pageParams.getBooleanValue("requireEmailVerification", false);
if (requireApprove) requireEmailVerification = false;
if (requireEmailVerificationByGroup)
{
//tak predsa ano :)
requireEmailVerification=true;
}
if ("true".equals(getSession().getAttribute("RegUserAction.ALLWAYS_AUTHORIZE")))
{
//toto tu je, ked sa cez web mozu spravovat pouzivatelia, vtedy po vytvoreni nechcem ani poslat email
requireApprove = false;
//getSession().removeAttribute("RegUserAction.ALLWAYS_AUTHORIZE");
}
usr.setAuthorized(!requireApprove);
if (usr.getUserId()<1 && requireEmailVerification) usr.setAuthorized(false);
boolean isNewUser = true;
if (usr.getUserId()>0) isNewUser = false;
if (usr.getUserId()<1) Adminlog.add(Adminlog.TYPE_USER_INSERT, "New user :"+ "id= " + usr.getUserId() + "login= " + usr.getLogin()+ "name= " + usr.getFirstName() +" "+usr.getLastName(), usr.getUserId(), -1);
else Adminlog.add(Adminlog.TYPE_USER_SAVE, "Update user :"+ "id= " + usr.getUserId() + "login= " + usr.getLogin()+ "name= " + usr.getFirstName() +" "+usr.getLastName(), usr.getUserId(), -1);
uploadFileProcedure();
//v usr.password mame momentalne plain text heslo prijate zo Stripes formularu
String oldPassword = usr.getPassword();
if (originalPassword!=null && UserTools.PASS_UNCHANGED.equals(usr.getPassword()))
{
usr.setPassword(originalPassword);
}
else if (Constants.getBoolean("passwordUseHash"))
{
usr.setSalt(PasswordSecurity.generateSalt());
usr.setPassword(PasswordSecurity.calculateHash(usr.getPassword(), usr.getSalt()));
}
if (requireAuthorizationAfterVerification)
{
// ulozi priznak do volneho pola
String infoemail = pageParams.getValue("infoemail", "[email protected] ");
usr.setFieldE(REQUIRE_AUTHORIZATION_AFTER_VERIFICATION+"-"+infoemail);
}
boolean saveOK = UsersDB.saveUser(usr);
String messageKey = null;
if (saveOK)
{
//ak mam defaultneho pouzivatela, zakazem podla neho pristupy na moduly
if(isNewUser)
{
int defaultUserId = Constants.getInt("regUserDefaultUserId");
if(defaultUserId > 0)
{
UserDetails defaultUser = UsersDB.getUser(defaultUserId);
if(defaultUser != null && defaultUser.getUserId() > 0) copyUserDisabledItems(defaultUser.getUserId(), usr.getUserId());
}
}
//treba poslat notifikaciu / schvalenie?
String infoemail = pageParams.getValue("infoemail", "");
//aby sa v info maili neposlala info o schvaleni
if (isNewUser && requireEmailVerification) usr.setAuthorized(true);
if (isNewUser && Tools.isEmail(infoemail) && !requireAuthorizationAfterVerification) sendEmailToAdmin(infoemail);
if (isNewUser && requireEmailVerification) usr.setAuthorized(false);
//updatni usera v session
updateLoggedUser();
boolean doNotLoginUser = pageParams.getBooleanValue("doNotLoginUser", false);
if (pageParams.hasParameter("loginNewUser")) doNotLoginUser = !pageParams.getBooleanValue("loginNewUser", true);
//existing users are allready logged
if (isNewUser == false) doNotLoginUser = true;
boolean sendUserWelcomeEmail = false;
if (usr.isAuthorized())
{
if (isNewUser) {
if (doNotLoginUser==false)
{
Identity user = (Identity)getSession().getAttribute(Constants.USER_KEY);
if (user == null) LogonTools.logonUser(getRequest(), usr.getLogin(), oldPassword);
}
sendUserWelcomeEmail = true;
if (doNotLoginUser==false)
{
messageKey = "components.user.newuser.saveSuccess_logged";
}
else
{
messageKey = "components.user.newuser.saveSuccess_notlogged";
}
} else {
messageKey = "components.forum.bb.profile.save_success";
}
}
else
{
//ak treba posli mu mail o registracii a ze to bude schvalene niekedy
int notAuthorizedEmailDocId = pageParams.getIntValue("notAuthorizedEmailDocId", -1);
if (isNewUser)
{
if (notAuthorizedEmailDocId>0)
{
sendNotAuthorizedInfoEmail(usr.getUserId(), oldPassword, notAuthorizedEmailDocId, getRequest());
messageKey = "components.user.newuser.auth_email_sent";
}
else if (requireEmailVerification)
{
// MBO: aby som to jsp mohol mat includnute v stranke
String authUrl = Tools.getBaseHref(getRequest()) + pageParams.getValue("emailVerificationAuthorizationLink", "/components/user/authorize.jsp");
int originalDocId = Tools.getDocId(getRequest());
if (originalDocId<1) originalDocId = pageParams.getIntValue("originalDocId", -1);
if (originalDocId > 0)
{
String url = DocDB.getURLFromDocId(originalDocId, getRequest());
authUrl = Tools.getBaseHref(getRequest()) + url;
}
authUrl = Tools.addParametersToUrlNoAmp(authUrl, "userId=!LOGGED_USER_ID!&hash=!AUTHORIZE_HASH!");
DocDetails authDoc = new DocDetails();
authDoc.setAuthorId(usr.getUserId());
authDoc.setAuthorEmail(usr.getEmail());
authDoc.setAuthorName(usr.getFirstName()+" "+usr.getLastName());
authDoc.setTitle(prop.getText("components.user.requireEmailVerification.subject", Tools.getBaseHref(getRequest())));
authDoc.setData(prop.getText("components.user.requireEmailVerification.body", Tools.getBaseHref(getRequest()), authUrl));
boolean sendOK = sendNotAuthorizedInfoEmail(usr.getUserId(), oldPassword, authDoc, getRequest());
if (sendOK) messageKey = "components.user.newuser.user_auth_email_sent";
else messageKey = "components.user.newuser.user_auth_email_NOTsent";
}
else
{
messageKey = "components.user.newuser.auth_email_sent";
}
} else {
messageKey = "groupedit.require_approve";
}
}
if (messageKey != null)
{
getContext().getMessages().add(new SimpleMessage(prop.getText(messageKey)));
getRequest().setAttribute("regUserMessageKey", messageKey);
}
getRequest().setAttribute("RegUserActionsaveOK", "true");
//zapis redirect pre ajax
int successDocId = pageParams.getIntValue("successDocId", -1);
if (successDocId > 0)
{
String ajaxRedirectCode = "\nwindow.location.href='"+DocDB.getInstance().getDocLink(successDocId, getRequest())+"';\n";
getRequest().setAttribute("ajaxRedirectCode", ajaxRedirectCode);
}
// after save interceptor
String interceptorClassName = Tools.getStringValue(Constants.getString("stripesUserAfterSaveClass"),"");
if (Tools.isEmpty(interceptorClassName))
{
//ak nebol zadany nazov triedy, kukni do PP
interceptorClassName = pageParams.getValue("afterSaveInterceptor", "");
}
if (Tools.isNotEmpty(interceptorClassName))
{
try
{
@SuppressWarnings("unchecked")
Class interceptorClass = (Class) Class.forName(interceptorClassName);
AfterRegUserSaveInterceptor interceptor = interceptorClass.getDeclaredConstructor().newInstance();
if (interceptor.intercept(usr, getRequest()))
{
//nastala zmena usera, uloz ho a updatni v session
UsersDB.saveUser(usr);
updateLoggedUser();
}
if (interceptor.shouldSendUserWelcomeEmail()!=null) sendUserWelcomeEmail = interceptor.shouldSendUserWelcomeEmail().booleanValue();
}
catch (Exception e)
{
sk.iway.iwcm.Logger.error(e);
}
}
if (sendUserWelcomeEmail) {
//posli email
AuthorizeAction.sendInfoEmail(usr.getUserId(), oldPassword, null, getRequest());
}
}
else
{
getRequest().setAttribute("errorText", prop.getText("components.user.newuser.errorSavingUser"));
}
}
Logger.debug(RegUserAction.class, "---> SAVE - OK");
return (new ForwardResolution("/components/maybeError.jsp"));
}
private void sendEmailToAdmin(String infoemail)
{
//id a heslo schvalovatela
int uid = -1;
Connection db_conn = null;
PreparedStatement ps = null;
ResultSet rs = null;
try
{
db_conn = DBPool.getConnection();
ps = db_conn.prepareStatement("SELECT user_id, password FROM users WHERE email=? AND is_admin=1 ORDER BY user_id ASC");
ps.setString(1, infoemail);
rs = ps.executeQuery();
if (rs.next())
{
uid = rs.getInt("user_id");
}
rs.close();
ps.close();
db_conn.close();
rs = null;
ps = null;
db_conn = null;
}
catch (Exception ex)
{
sk.iway.iwcm.Logger.error(ex);
}
finally
{
try
{
if (rs != null)
rs.close();
if (ps != null)
ps.close();
if (db_conn != null)
db_conn.close();
}
catch (Exception ex2)
{
sk.iway.iwcm.Logger.error(ex2);
}
}
try
{
Prop prop = Prop.getInstance(getRequest());
String url = Tools.getBaseHref(getRequest()) + "/admin";
String message = prop.getText("reguser.new_registration") + ""+authUrl+" permsTable = new Hashtable<>();
db_conn = DBPool.getConnection();
ps = db_conn.prepareStatement("SELECT item_name FROM user_disabled_items WHERE user_id=?");
ps.setInt(1, originalUserId);
rs = ps.executeQuery();
while (rs.next())
{
permsTable.put(DB.getDbString(rs, "item_name"), "1");
}
rs.close();
ps.close();
ps = db_conn.prepareStatement("DELETE FROM user_disabled_items WHERE user_id=?");
ps.setInt(1, newUserId);
ps.execute();
ps.close();
ps = db_conn.prepareStatement("INSERT INTO user_disabled_items (user_id, item_name) VALUES (?, ?)");
ps.setInt(1, newUserId);
Iterator keys = permsTable.keySet().iterator();
while (keys.hasNext())
{
String itemName = keys.next();
ps.setString(2, itemName);
ps.execute();
Logger.debug(RegUserAction.class, "copyUserDisabledItems userId="+newUserId+" itemName="+itemName);
}
ps.close();
db_conn.close();
rs = null;
ps = null;
db_conn = null;
}
catch (Exception ex)
{
sk.iway.iwcm.Logger.error(ex);
}
finally
{
try
{
if (rs != null)
rs.close();
if (ps != null)
ps.close();
if (db_conn != null)
db_conn.close();
}
catch (Exception ex2)
{
sk.iway.iwcm.Logger.error(ex2);
}
}
}
public UserDetails getUsr()
{
return usr;
}
public void setUser(UserDetails userDetails)
{
this.usr = userDetails;
}
public FileBean getUserImage()
{
return userImage;
}
public void setUserImage(FileBean userImage)
{
this.userImage = userImage;
}
/**
* Odosle email o tom, ze sa caka na autorizaciu
* @param userId
* @param docId
* @param request
* @return
*/
public static boolean sendNotAuthorizedInfoEmail(int userId, String password, int docId, HttpServletRequest request)
{
boolean emailSend = false;
try
{
Logger.debug(RegUserAction.class, "sendNotAuthorizedInfoEmail - userId="+userId);
DocDB docDB = DocDB.getInstance();
DocDetails doc = docDB.getDoc(docId);
return sendNotAuthorizedInfoEmail(userId, password, doc, request);
}
catch (Exception ex)
{
emailSend = false;
sk.iway.iwcm.Logger.error(ex);
}
return(emailSend);
}
/**
* Odosle email o tom, ze sa caka na autorizaciu
* @param userId
* @param docId
* @param request
* @return
*/
public static boolean sendNotAuthorizedInfoEmail(int userId, String password, DocDetails doc, HttpServletRequest request)
{
boolean emailSend = false;
try
{
Logger.debug(RegUserAction.class, "sendNotAuthorizedInfoEmail - userId="+userId);
UserDetails uform = UsersDB.getUser(userId);
if (doc!=null && uform.getEmail().length() > 5 && uform.getEmail().indexOf('@') > 1)
{
String body = doc.getData();
String subject = doc.getTitle();
// replacni !BR! za \n
body = Tools.replace(body, "!BR!", "\n");
body = Tools.replace(body, "!LOGIN_NAME!", uform.getLogin());
body = Tools.replace(body, "!LOGGED_USER_LOGIN!", uform.getLogin());
if(!Constants.getBoolean("passwordUseHash"))
{
body = Tools.replace(body, "!PASSWORD!", uform.getPassword());
body = Tools.replace(body, "!LOGGED_USER_PASSWORD!", uform.getPassword());
}
else if(Tools.isNotEmpty(password))
{
body = Tools.replace(body, "!PASSWORD!", password);
body = Tools.replace(body, "!LOGGED_USER_PASSWORD!", password);
}
body = Tools.replace(body, "!TITLE!", uform.getTitle());
body = Tools.replace(body, "!NAME!", uform.getFullName());
body = Tools.replace(body, "!FIRST_NAME!", uform.getFirstName());
body = Tools.replace(body, "!LAST_NAME!", uform.getLastName());
body = Tools.replace(body, "!LOGGED_USER_NAME!", uform.getFullName());
body = Tools.replace(body, "!LOGGED_USER_EMAIL!", uform.getEmail());
body = Tools.replace(body, "!LOGGED_USER_COMPANY!", uform.getCompany());
body = Tools.replace(body, "!LOGGED_USER_CITY!", uform.getCity());
body = Tools.replace(body, "!LOGGED_USER_COUNTRY!", uform.getCountry());
body = Tools.replace(body, "!LOGGED_USER_PHONE!", uform.getPhone());
body = Tools.replace(body, "!LOGGED_USER_ZIP!", uform.getPSC());
body = Tools.replace(body, "!LOGGED_USER_ID!", Integer.toString(uform.getUserId()));
String authorizeHash = UsersDB.getGenerateAuthorizeHash(uform.getUserId());
String hash = authorizeHash != null ? authorizeHash : "";
body = Tools.replace(body, "!AUTHORIZE_HASH!", hash);
//uprav relativne cesty
body = SendMail.createAbsolutePath(body, request);
//String body2 = new String(body.getBytes("windows-1250"));
emailSend = SendMail.send(doc.getAuthorName(), doc.getAuthorEmail(), uform.getEmail(), subject, body);
}
}
catch (Exception ex)
{
emailSend = false;
sk.iway.iwcm.Logger.error(ex);
}
return(emailSend);
}
}
