AccountApprovalController.java

package edu.asu.spring.quadriga.web.manageusers;

import java.security.Principal;
import java.util.Locale;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.MessageSource;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.validation.BindingResult;
import org.springframework.validation.ObjectError;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.WebDataBinder;
import org.springframework.web.bind.annotation.InitBinder;
import org.springframework.web.bind.annotation.ModelAttribute;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.servlet.mvc.support.RedirectAttributes;

import edu.asu.spring.quadriga.exceptions.QuadrigaNotificationException;
import edu.asu.spring.quadriga.exceptions.QuadrigaStorageException;
import edu.asu.spring.quadriga.service.IUserManager;
import edu.asu.spring.quadriga.validator.AccountApprovalValidator;
import edu.asu.spring.quadriga.web.manageusers.beans.ApproveAccount;

/**
 * Controller for backing the manage users page in regards to showing existing accounts 
 * and approving/rejecting new ones.
 * 
 * @author jdamerow
 *
 */
@Controller
public class AccountApprovalController {
    
    @Autowired 
    private IUserManager usermanager;

    @Autowired
    private MessageSource messageSource;

    @InitBinder
    protected void initBinder(WebDataBinder binder) throws Exception {
        binder.setValidator(new AccountApprovalValidator());
    }

    @RequestMapping(value = "auth/users/access/handleRequest", method = RequestMethod.POST)
    public String handleApprovalRequest(Model model, @Validated @ModelAttribute("approveAccount") ApproveAccount approveAccount, BindingResult result, Locale locale, RedirectAttributes attr, Principal principal) throws QuadrigaStorageException, QuadrigaNotificationException {
        
        if (result.hasErrors()) {
            StringBuffer errors = new StringBuffer();
            for (ObjectError error : result.getAllErrors()) {
                errors.append(messageSource.getMessage(error, locale) + "<br>");
            }
            
            attr.addFlashAttribute("show_error_alert", true);
            attr.addFlashAttribute("error_alert_msg", errors.toString());
            return "redirect:/auth/users/manage";
        }
        
        if(approveAccount.getAction().equalsIgnoreCase("approve")) {
            //User Request has been approved by the admin
            StringBuilder sRoles = new StringBuilder();
            String[] roles = approveAccount.getRoles();
            for(int i = 0; i < roles.length; i++) {
                if(i==0){
                    sRoles.append(roles[i]);
                } else {
                    sRoles.append(",");
                    sRoles.append(roles[i]);
                }
            }
            usermanager.approveUserRequest(approveAccount.getUsername(), sRoles.toString(), principal.getName());
        }
        else {
            //User Request denied by the admin
            usermanager.denyUserRequest(approveAccount.getUsername(), principal.getName());
        }
        
        return "redirect:/auth/users/manage";
    }
    
}