/**********************************************************************************
* $URL: https://source.sakaiproject.org/svn/tool/branches/sakai-2.8.1/tool-tool/su/src/java/org/sakaiproject/tool/su/SuTool.java $
* $Id: SuTool.java 87061 2011-01-11 20:21:38Z zach@aeroplanesoftware.com $
***********************************************************************************
*
* Copyright (c) 2005, 2006, 2007, 2008 The Sakai Foundation
*
* Licensed under the Educational Community License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.osedu.org/licenses/ECL-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*
**********************************************************************************/
package org.sakaiproject.tool.su;
import java.util.Vector;
import javax.faces.application.FacesMessage;
import javax.faces.context.FacesContext;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.sakaiproject.authz.api.AuthzGroupService;
import org.sakaiproject.authz.api.SecurityService;
import org.sakaiproject.component.api.ServerConfigurationService;
import org.sakaiproject.event.api.Event;
import org.sakaiproject.event.api.EventTrackingService;
import org.sakaiproject.event.api.UsageSessionService;
import org.sakaiproject.tool.api.Session;
import org.sakaiproject.tool.api.SessionManager;
import org.sakaiproject.user.api.User;
import org.sakaiproject.user.api.UserDirectoryService;
import org.sakaiproject.user.api.UserNotDefinedException;
import org.sakaiproject.util.ResourceLoader;
/**
* @author zach.thomas@txstate.edu
*/
public class SuTool
{
private static final long serialVersionUID = 1L;
/** Our log (commons). */
private static Log M_log = LogFactory.getLog(SuTool.class);
protected static final String SU_BECOME_USER = "su.become";
protected static final String SU_VIEW_USER = "su.view";
ResourceLoader msgs = new ResourceLoader("tool-tool-su");
// Service instance variables
private AuthzGroupService M_authzGroupService = org.sakaiproject.authz.cover.AuthzGroupService
.getInstance();
private UserDirectoryService M_uds = org.sakaiproject.user.cover.UserDirectoryService.getInstance();
private SecurityService M_security = org.sakaiproject.authz.cover.SecurityService.getInstance();
private SessionManager M_session = org.sakaiproject.tool.cover.SessionManager.getInstance();
private ServerConfigurationService M_config = org.sakaiproject.component.cover.ServerConfigurationService
.getInstance();
private EventTrackingService M_event_service = org.sakaiproject.event.cover.EventTrackingService.getInstance();
// getters for these vars
private String username;
private String validatedUserId;
private String validatedUserEid;
private User userinfo;
private boolean allowed = false;
// internal only vars
private String message = "";
private boolean confirm = false;
// base constructor
public SuTool()
{
}
/**
* Functions
*/
public String su()
{
Session sakaiSession = M_session.getCurrentSession();
FacesContext fc = FacesContext.getCurrentInstance();
userinfo = null;
message = "";
if (!getAllowed())
{
confirm = false;
return "unauthorized";
}
try
{
// try with the user id
userinfo = M_uds.getUser(username.trim());
validatedUserId = userinfo.getId();
validatedUserEid = userinfo.getEid();
}
catch (UserNotDefinedException e)
{
try
{
// try with the user eid
userinfo = M_uds.getUserByEid(username.trim());
validatedUserId = userinfo.getId();
validatedUserEid = userinfo.getEid();
}
catch (UserNotDefinedException ee)
{
message = msgs.getString("no_such_user") + ": " + username;
fc.addMessage("su", new FacesMessage(FacesMessage.SEVERITY_ERROR, message, message + ":" + ee));
M_log.warn("[SuTool] Exception: " + message);
confirm = false;
return "error";
}
}
// don't try to become yourself
if (sakaiSession.getUserEid().equals(validatedUserEid)) {
confirm = false;
message = msgs.getFormattedMessage("already_that_user", new Object[] {username});
fc.addMessage("su", new FacesMessage(FacesMessage.SEVERITY_ERROR, message, message));
M_log.warn("[SuTool] Exception: " + message);
confirm = false;
return "error";
}
if (!confirm)
{
message = msgs.getString("displaying_info_for") + ": " + validatedUserEid;
fc.addMessage("su", new FacesMessage(FacesMessage.SEVERITY_INFO, message, message + ":" + userinfo.getDisplayName()));
Event event = M_event_service.newEvent(SU_VIEW_USER, M_uds.userReference(validatedUserId), false);
M_event_service.post(event);
return "unconfirmed";
}
// set the session user from the value supplied in the form
message = "Username " + sakaiSession.getUserEid() + " becoming " + validatedUserEid;
M_log.info("[SuTool] " + message);
message = msgs.getString("title");
fc.addMessage("su", new FacesMessage(FacesMessage.SEVERITY_INFO, message, message + ": "
+ userinfo.getDisplayName()));
// while keeping the official usage session under the real user id, switch over everything else to be the SU'ed user
// Modeled on UsageSession's logout() and login()
// Post an event
Event event = M_event_service.newEvent(SU_BECOME_USER, M_uds.userReference(validatedUserId), false);
M_event_service.post(event);
// logout - clear, but do not invalidate, preserve the usage session's current session
Vector saveAttributes = new Vector();
saveAttributes.add(UsageSessionService.USAGE_SESSION_KEY);
sakaiSession.clearExcept(saveAttributes);
// login - set the user id and eid into session, and refresh this user's authz information
sakaiSession.setUserId(validatedUserId);
sakaiSession.setUserEid(validatedUserEid);
M_authzGroupService.refreshUser(validatedUserId);
return "redirect";
}
// simple way to support 2 buttons that do almost the same thing
public String confirm()
{
confirm = true;
return su();
}
/**
* Specialized Getters
*/
public boolean getAllowed()
{
Session sakaiSession = M_session.getCurrentSession();
FacesContext fc = FacesContext.getCurrentInstance();
if (!M_security.isSuperUser())
{
message = msgs.getString("unauthorized") + " " + sakaiSession.getUserId();
M_log.error("[SuTool] Fatal Error: " + message);
fc.addMessage("allowed", new FacesMessage(FacesMessage.SEVERITY_FATAL, message, message));
allowed = false;
}
else
{
allowed = true;
}
return allowed;
}
/**
* Basic Getters and setters
*/
public String getUsername()
{
return username;
}
public String getPortalUrl()
{
return M_config.getPortalUrl();
}
public void setUsername(String username)
{
this.username = username;
}
public User getUserinfo()
{
return userinfo;
}
public void setUserinfo(User userinfo)
{
this.userinfo = userinfo;
}
}