LoginAction.java

/*
    This file is part of Cyclos (www.cyclos.org).
    A project of the Social Trade Organisation (www.socialtrade.org).

    Cyclos is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
    the Free Software Foundation; either version 2 of the License, or
    (at your option) any later version.

    Cyclos is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
    GNU General Public License for more details.

    You should have received a copy of the GNU General Public License
    along with Cyclos; if not, write to the Free Software
    Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA

 */
package nl.strohalm.cyclos.controls.posweb;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import nl.strohalm.cyclos.access.OperatorPermission;
import nl.strohalm.cyclos.annotations.Inject;
import nl.strohalm.cyclos.controls.access.LoginForm;
import nl.strohalm.cyclos.controls.posweb.PosWebHelper.Action;
import nl.strohalm.cyclos.entities.access.Channel.Principal;
import nl.strohalm.cyclos.entities.access.MemberUser;
import nl.strohalm.cyclos.entities.access.OperatorUser;
import nl.strohalm.cyclos.entities.access.User;
import nl.strohalm.cyclos.exceptions.PermissionDeniedException;
import nl.strohalm.cyclos.services.permissions.PermissionService;
import nl.strohalm.cyclos.services.preferences.ReceiptPrinterSettingsService;
import nl.strohalm.cyclos.utils.LoginHelper;

import org.apache.commons.collections.CollectionUtils;
import org.apache.struts.action.ActionForm;
import org.apache.struts.action.ActionForward;
import org.apache.struts.action.ActionMapping;

/**
 * Action used for posweb login
 * @author luis
 */
public class LoginAction extends nl.strohalm.cyclos.controls.access.LoginAction {

    private PermissionService             permissionService;

    private ReceiptPrinterSettingsService receiptPrinterSettingsService;

    @Inject
    public void setPermissionService(final PermissionService permissionService) {
        this.permissionService = permissionService;
    }

    @Inject
    public void setReceiptPrinterSettingsService(final ReceiptPrinterSettingsService receiptPrinterSettingsService) {
        this.receiptPrinterSettingsService = receiptPrinterSettingsService;
    }

    @Override
    protected ActionForward alreadyLoggedForward(final ActionMapping mapping, final HttpServletRequest request, final HttpServletResponse response, final LoginForm form, final User user) {
        return loginForward(mapping, request, response, form, user);
    }

    @Override
    protected ActionForward doLogin(final ActionMapping mapping, final HttpServletRequest request, final HttpServletResponse response, final LoginForm form) {
        // Ensure the principal for login will always be user
        form.setPrincipalType(Principal.USER.name());
        HttpSession session = request.getSession();
        session.setAttribute("isPosWeb", true);
        session.setAttribute("isWebShop", false);
        final ActionForward forward = super.doLogin(mapping, request, response, form);
        // we need to get the new session after login
        session = request.getSession();
        // Get which options to show
        final User loggedUser = LoginHelper.getLoggedUser(request);
        if (loggedUser != null) {
            boolean showMake;
            boolean showReceive;
            boolean showTransactions;
            if (loggedUser instanceof OperatorUser) {
                showMake = permissionService.hasPermission(OperatorPermission.PAYMENTS_POSWEB_MAKE_PAYMENT);
                showReceive = permissionService.hasPermission(OperatorPermission.PAYMENTS_POSWEB_RECEIVE_PAYMENT);
                showTransactions = permissionService.hasPermission(OperatorPermission.ACCOUNT_ACCOUNT_INFORMATION);
            } else {
                final Action action = PosWebHelper.getAction(request);
                showMake = action.canPay();
                showReceive = action.canReceive();
                showTransactions = true;
            }
            session.setAttribute("showMake", showMake);
            session.setAttribute("showReceive", showReceive);
            session.setAttribute("showTransactions", showTransactions);

            final boolean hasReceiptPrinters = CollectionUtils.isNotEmpty(receiptPrinterSettingsService.list());
            session.setAttribute("hasReceiptPrinters", hasReceiptPrinters);
        }

        return forward;
    }

    @Override
    protected ActionForward handleDisplay(final ActionMapping mapping, final ActionForm actionForm, final HttpServletRequest request, final HttpServletResponse response) {
        request.setAttribute("isOperator", PosWebHelper.isOperator(request));
        return super.handleDisplay(mapping, actionForm, request, response);
    }

    @Override
    protected boolean isMemberRequired(final HttpServletRequest request) {
        return PosWebHelper.isOperator(request);
    }

    @Override
    protected ActionForward loginForward(final ActionMapping mapping, final HttpServletRequest request, final HttpServletResponse response, final LoginForm form, final User user) {
        boolean canPay;
        boolean canReceive;
        if (user instanceof MemberUser) {
            // Members depend on the entry url
            final Action action = PosWebHelper.getAction(request);
            canPay = action.canPay();
            canReceive = action.canReceive();
            if (elementService.shallAcceptAgreement(((MemberUser) user).getMember())) {
                // Should accept a registration agreement first
                request.getSession().setAttribute("shallAcceptRegistrationAgreement", true);
                return mapping.findForward("poswebAcceptRegistrationAgreement");
            }
        } else {
            // Operators depends on permissions
            canPay = permissionService.hasPermission(OperatorPermission.PAYMENTS_POSWEB_MAKE_PAYMENT);
            canReceive = permissionService.hasPermission(OperatorPermission.PAYMENTS_POSWEB_RECEIVE_PAYMENT);
        }
        // Redirect the operator according to the permissions
        if (!canPay && !canReceive) {
            // An operator with no external permissions is logged!
            request.getSession().invalidate();
            throw new PermissionDeniedException();
        }
        if (accessService.hasPasswordExpired()) {
            // Should change an expired password
            request.getSession().setAttribute("expiredPassword", true);
            return mapping.findForward("poswebChangeExpiredPassword");
        } else if (canReceive) {
            return mapping.findForward("receivePayment");
        } else {
            return mapping.findForward("makePayment");
        }
    }

    @Override
    protected Class<? extends User> requiredUserType(final ActionMapping mapping, final HttpServletRequest request, final HttpServletResponse response, final LoginForm form) {
        if (PosWebHelper.isOperator(request)) {
            return OperatorUser.class;
        } else {
            return MemberUser.class;
        }
    }

    @Override
    protected String resolveErrorReturnTo(final ActionMapping mapping, final HttpServletRequest request, final HttpServletResponse response, final LoginForm form) {
        return PosWebHelper.loginUrl(request);
    }
}