001: /*
002: * This program is free software; you can redistribute it and/or modify
003: * it under the terms of the GNU General Public License as published by
004: * the Free Software Foundation; either version 2 of the License, or
005: * (at your option) any later version.
006: *
007: * This program is distributed in the hope that it will be useful,
008: * but WITHOUT ANY WARRANTY; without even the implied warranty of
009: * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
010: * GNU Library General Public License for more details.
011: *
012: * You should have received a copy of the GNU General Public License
013: * along with this program; if not, write to the Free Software
014: * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
015: */
016: package dlog4j.action;
017:
018: import java.sql.SQLException;
019: import java.util.Date;
020:
021: import javax.servlet.http.HttpServletRequest;
022: import javax.servlet.http.HttpServletResponse;
023: import javax.servlet.http.HttpSession;
024:
025: import net.sf.hibernate.HibernateException;
026: import net.sf.hibernate.Session;
027:
028: import org.apache.commons.lang.StringUtils;
029: import org.apache.struts.action.ActionError;
030: import org.apache.struts.action.ActionErrors;
031: import org.apache.struts.action.ActionForm;
032: import org.apache.struts.action.ActionForward;
033: import org.apache.struts.action.ActionMapping;
034:
035: import dlog4j.RandomImageServlet;
036: import dlog4j.SiteManager;
037: import dlog4j.UserManager;
038: import dlog4j.formbean.LoginTrackBean;
039: import dlog4j.formbean.SiteForm;
040: import dlog4j.formbean.UserForm;
041: import dlog4j.security.DlogRole;
042: import dlog4j.security.SecurityConfig;
043:
044: /**
045: * DlogGlobalAction.java created by EasyStruts - XsltGen.
046: * http://easystruts.sf.net
047: * created on 01-31-2004
048: *
049: * XDoclet definition:
050: * @struts:action parameter="userName" validate="true"
051: * @struts:action-exception key="sql" path="/index.jsp"
052: * @struts:action-forward name="/WEB-INF/jsp/login.jsp" path="/WEB-INF/jsp/login.jsp"
053: */
054: public class DlogUserAction extends DlogActionBase {
055:
056: // --------------------------------------------------------- Instance Variables
057: public final static String HOME_PAGE = "home";
058: public final static String LIST_ERROR_KEY = "list";
059: public final static String EDIT_ERROR_KEY = "edit";
060:
061: // --------------------------------------------------------- Methods
062: /**
063: * 修改用户角色
064: */
065: public ActionForward doSetUserRole(ActionMapping mapping,
066: ActionForm form, HttpServletRequest request,
067: HttpServletResponse response) throws Exception {
068: ActionErrors errors = new ActionErrors();
069: Session session = null;
070: UserForm user = (UserForm) form;
071: //判断用户是否登陆
072: UserForm loginUser = getLoginUser(request);
073: if (loginUser == null || !loginUser.isLogin())
074: errors.add(LIST_ERROR_KEY, new ActionError(
075: "operation_need_login"));
076: else if (!loginUser.isAdmin())
077: errors.add(LIST_ERROR_KEY, new ActionError(
078: "only_owner_allow"));
079: else {
080: try {
081: session = getSession();
082: SiteForm site = SiteManager.getCurrentSite(request);
083: UserForm old = (UserForm) session.load(UserForm.class,
084: new Integer(user.getId()));
085: if (old != null) {
086: old.setUserRole(user.getUserRole());
087: old.setPassword(user.getPassword());
088: String[] cats = request
089: .getParameterValues("allowCat");
090: String scat = "";
091: for (int i = 0; cats != null && i < cats.length; i++) {
092: scat += cats[i];
093: if ((i + 1) < cats.length)
094: scat += ',';
095: }
096: old.setCats(scat);
097: session.update(old);
098: } else
099: errors.add(LIST_ERROR_KEY, new ActionError(
100: "user_not_found"));
101: } catch (SQLException e) {
102: getServlet().log("修改用户资料失败", e);
103: errors.add(LIST_ERROR_KEY, new ActionError(
104: "database_exception"));
105: } catch (HibernateException e) {
106: getServlet().log("修改用户资料失败", e);
107: errors.add(LIST_ERROR_KEY, new ActionError(
108: "hibernate_exception"));
109: } catch (Exception e) {
110: getServlet().log("修改用户资料失败", e);
111: } finally {
112: commitSession(session, true);
113: }
114: }
115: // Report any errors we have discovered back to the original form
116: ActionForward forward = mapping.getInputForward();
117: if (!errors.isEmpty())
118: saveErrors(request, errors);
119: else {
120: forward.setPath(forward.getPath() + "?page="
121: + request.getParameter("page"));
122: forward.setRedirect(true);
123: }
124: return forward;
125: }
126:
127: /**
128: * 用户注册
129: */
130: public ActionForward doDeleteUser(ActionMapping mapping,
131: ActionForm form, HttpServletRequest request,
132: HttpServletResponse response, String userid)
133: throws Exception {
134: ActionErrors errors = new ActionErrors();
135: Session session = null;
136: //判断用户是否登陆
137: UserForm loginUser = getLoginUser(request);
138: if (loginUser == null || !loginUser.isLogin())
139: errors.add(LIST_ERROR_KEY, new ActionError(
140: "operation_need_login"));
141: else if (!loginUser.isAdmin())
142: errors.add(LIST_ERROR_KEY, new ActionError(
143: "only_owner_allow"));
144: else {
145: try {
146: session = getSession();
147: int uid = Integer.parseInt(userid);
148: SiteForm site = SiteManager.getCurrentSite(request);
149: UserForm user = UserManager
150: .getUser(session, uid, false);
151: if (user != null) {
152: int logcount = user.getLogCount();
153: int replycount = user.getReplyCount();
154: if (logcount > 0)//还有日记不允许删除
155: errors.add(LIST_ERROR_KEY, new ActionError(
156: "logs_not_empty"));
157: else if (replycount > 0)//还有评论不允许删除
158: errors.add(LIST_ERROR_KEY, new ActionError(
159: "replies_not_empty"));
160: else
161: session.delete(user);
162: } else
163: errors.add(LIST_ERROR_KEY, new ActionError(
164: "user_not_found"));
165: } catch (SQLException e) {
166: errors.add(LIST_ERROR_KEY, new ActionError(
167: "database_exception"));
168: } catch (HibernateException e) {
169: errors.add(LIST_ERROR_KEY, new ActionError(
170: "hibernate_exception"));
171: } finally {
172: commitSession(session, true);
173: }
174: }
175: // Report any errors we have discovered back to the original form
176: ActionForward forward = mapping.getInputForward();
177: if (!errors.isEmpty())
178: saveErrors(request, errors);
179: else {
180: if (request.getParameter("page") != null) {
181: StringBuffer path = new StringBuffer(forward.getPath());
182: path.append("?page=");
183: path.append(request.getParameter("page"));
184: forward = new ActionForward(path.toString(), true);
185: } else
186: forward.setRedirect(true);
187: }
188: return forward;
189: }
190:
191: /**
192: * 用户注册
193: */
194: public ActionForward doAddUser(ActionMapping mapping,
195: ActionForm form, HttpServletRequest request,
196: HttpServletResponse response) throws Exception {
197: Session session = null;
198: UserForm user = (UserForm) form;
199: ActionErrors es = new ActionErrors();
200: boolean needCommit = false;
201: try {
202: //检查用户名
203: if (StringUtils.isEmpty(user.getLoginName()))
204: es.add("loginName", new ActionError("loginName_error"));
205: else if (user.getLoginName().length() > 16)
206: es.add("loginName", new ActionError(
207: "loginname_too_long"));
208: //昵称
209: else if (StringUtils.isEmpty(user.getDisplayName()))
210: es.add("displayName", new ActionError(
211: "displayName_empty"));
212: else if (user.getDisplayName().length() > 16)
213: es.add("displayName", new ActionError(
214: "displayName_exceed_length"));
215: else //检查密码
216: if (StringUtils.isEmpty(user.getPassword()))
217: es.add("password", new ActionError("password_empty"));
218: else if (user.getPassword().length() > 16)
219: es
220: .add("password", new ActionError(
221: "password_too_long"));
222: else //检查电子邮件
223: if (StringUtils.isNotEmpty(user.getEmail())
224: && user.getEmail().indexOf('@') == -1)
225: es.add("email", new ActionError("email_error"));
226: //检查用户名是否已存在
227: else {
228: user.setSite(SiteManager.getCurrentSite(request));
229: session = getSession();
230: UserForm userForm = UserManager.getUser(session, user
231: .getSite(), user.getLoginName());
232: if (userForm != null)
233: es.add("loginName", new ActionError(
234: "loginName_exist"));
235: else {
236: UserForm userForm2 = UserManager.getUser(session,
237: user.getSite(), user.getDisplayName());
238: if (userForm2 != null)
239: es.add("displayName", new ActionError(
240: "displayName_exits"));
241: else {
242: user.setUserRole(DlogRole.ROLE_COMMON);
243: //注册验证码检查
244: String verifyCode = request
245: .getParameter("verifyCode");
246: if (!StringUtils.equals(verifyCode,
247: RandomImageServlet
248: .getRandomLoginKey(request)))
249: es.add("verifyCode", new ActionError(
250: "verifyCode_error"));
251: else {
252: UserForm u = UserManager.createUser(
253: session, user);
254: u.saveLoginUser(request);
255: needCommit = true;
256: }
257: }
258: }
259: }
260: } finally {
261: if (session != null) {
262: if (needCommit)
263: commitSession(session, true);
264: else
265: closeSession(session);
266: }
267: }
268: if (!es.isEmpty()) {
269: saveErrors(request, es);
270: return mapping.getInputForward();
271: }
272: return mapping.findForward(HOME_PAGE);
273: }
274:
275: /**
276: * 用户资料修改
277: */
278: public ActionForward doEditUser(ActionMapping mapping,
279: ActionForm form, HttpServletRequest request,
280: HttpServletResponse response) throws Exception {
281: UserForm user = (UserForm) form;
282: Session session = null;
283: ActionErrors es = new ActionErrors();
284: boolean needCommit = false;
285: try {
286: UserForm loginUser = UserForm.getLoginUser(request);
287: if (loginUser == null || user.getId() != loginUser.getId())
288: es.add("name", new ActionError("operation_not_allow"));
289: else if (StringUtils.isEmpty(user.getDisplayName()))
290: es.add("displayName", new ActionError(
291: "displayName_empty"));
292: else if (user.getDisplayName().length() > 16)
293: es.add("displayName", new ActionError(
294: "displayName_exceed_length"));
295: else //检查密码
296: if (user.getPassword() != null
297: && user.getPassword().length() > 16)
298: es
299: .add("password", new ActionError(
300: "password_too_long"));
301: else //检查电子邮件
302: if (StringUtils.isNotEmpty(user.getEmail())
303: && user.getEmail().indexOf('@') == -1)
304: es.add("email", new ActionError("email_error"));
305: else {
306: session = getSession();
307: UserForm u = (UserForm) session.load(UserForm.class,
308: new Integer(user.getId()));
309: if (u != null) {
310: u.setDisplayName(user.getDisplayName());
311: u.setEmail(user.getEmail());
312: u.setHomePage(user.getHomePage());
313: u.setResume(user.getResume());
314: if (!StringUtils.isEmpty(user.getPassword())) {
315: u.setPassword(user.getPassword());
316: }
317: u.setPortrait(user.getPortrait());
318: session.update(u);
319: needCommit = true;
320: loginUser.setDisplayName(user.getDisplayName());
321: loginUser.setEmail(user.getEmail());
322: loginUser.setHomePage(user.getHomePage());
323: loginUser.setResume(user.getResume());
324: loginUser.setPortrait(user.getPortrait());
325: loginUser.saveLoginUser(request);
326: } else
327: es.add("loginName", new ActionError(
328: "loginName_noexits"));
329: }
330: } finally {
331: if (session != null) {
332: if (needCommit)
333: commitSession(session, true);
334: else
335: closeSession(session);
336: }
337: }
338: if (!es.isEmpty())
339: saveErrors(request, es);
340: return mapping.findForward(HOME_PAGE);
341: }
342:
343: /**
344: * 用户登录
345: */
346: public ActionForward doLogin(ActionMapping mapping,
347: ActionForm form, HttpServletRequest request,
348: HttpServletResponse response) throws Exception {
349: Session ssn = null;
350: ActionErrors es = new ActionErrors();
351: boolean firstLogin = false;
352: try {
353: ssn = getSession();
354: UserForm user = (UserForm) form;
355: if (user.getLoginName() != null) {
356: String password = user.getPassword();
357: user = UserManager.getUser(ssn, SiteManager
358: .getCurrentSite(request), user.getLoginName());
359: //检查用户名是否存在
360: if (user != null) {
361: //检查用户是否被暂停
362: if (user.getUserRole() == DlogRole.ROLE_GUEST)
363: es.add("login", new ActionError("user_pause"));
364: //检查密码
365: else if (StringUtils.equals(user.getPassword(),
366: password)) {
367: if (user.isAdmin()
368: && user.getLastTime() == null)
369: firstLogin = true;
370: //保存用户信息至会话
371: user.setLastTime(new Date());
372: user.setLoginCount(user.getLoginCount() + 1);
373: ssn.update(user);
374: UserManager.fillUserWithLogAndReplyCount(ssn,
375: user, false);
376: //集成web-security的权限控制
377: DlogRole role = (DlogRole) SecurityConfig
378: .getConfig().getRoleById(
379: user.getUserRole() & 31);
380: if (role == null) {
381: role = SecurityConfig.getConfig()
382: .getRoleById(DlogRole.ROLE_COMMON);
383: user.setUserRole(DlogRole.ROLE_COMMON);
384: ssn.update(user);
385: }
386: user.setRole(role);
387: //保存用户资料到会话
388: user.saveLoginUser(request);
389: //用户登录跟踪
390: LoginTrackBean ltb = new LoginTrackBean(request);
391: ssn.save(ltb);
392: commitSession(ssn, false);
393: } else
394: es.add("login", new ActionError(
395: "password_error"));
396: } else
397: es.add("login",
398: new ActionError("loginName_noexits"));
399: } else
400: es.add("login", new ActionError("loginName_error"));
401: } catch (Exception e) {
402: getServlet().log("用户登录失败", e);
403: } finally {
404: closeSession(ssn);
405: }
406: String curPage = request.getParameter("curPage");
407: ActionForward forward = null;
408: if (!es.isEmpty()) {
409: //如果失败返回输入页,登录页对应的输入页是首页
410: forward = mapping.getInputForward();
411: saveErrors(request, es);
412: } else {
413: if (firstLogin)
414: forward = mapping.findForward("catmgr");
415: else {
416: if (StringUtils.isEmpty(curPage))
417: forward = mapping.findForward("home");
418: else
419: forward = new ActionForward(curPage, true);
420: }
421: }
422: return forward;
423: }
424:
425: /**
426: * 用户注销
427: */
428: public ActionForward doLogout(ActionMapping mapping,
429: ActionForm form, HttpServletRequest request,
430: HttpServletResponse response) throws Exception {
431: HttpSession ssn = request.getSession(false);
432: if (ssn != null) {
433: UserForm.removeFromSession(request);
434: //ssn.invalidate();(如果使session失效则连currentSite也获取不到)
435: }
436: return mapping.findForward("home");
437: }
438:
439: /**
440: * Method execute
441: * @param ActionMapping mapping
442: * @param ActionForm form
443: * @param HttpServletRequest request
444: * @param HttpServletResponse response
445: * @return ActionForward
446: * @throws Exception
447: */
448: public ActionForward doDefault(ActionMapping mapping,
449: ActionForm form, HttpServletRequest request,
450: HttpServletResponse response) throws Exception {
451: return mapping.findForward(HOME_PAGE);
452: }
453:
454: }
|