Index: AuthServlet.java =================================================================== --- AuthServlet.java (revisión: 9702) +++ AuthServlet.java (revisión: 9732) @@ -74,51 +74,59 @@ Session session = null; updateSessionManager(request); - try { - session = JCRUtils.getSession(); - - if (action.equals("userCreate")) { - userCreate(session, request, response); - } else if (action.equals("roleCreate")) { - roleCreate(session, request, response); - } else if (action.equals("userEdit")) { - userEdit(session, request, response); - } else if (action.equals("roleEdit")) { - roleEdit(session, request, response); - } else if (action.equals("userDelete")) { - userDelete(session, request, response); - } else if (action.equals("roleDelete")) { - roleDelete(session, request, response); - } else if (action.equals("userActive")) { - userActive(session, request, response); - } else if (action.equals("roleActive")) { - roleActive(session, request, response); + if (isMultipleInstancesAdmin(request) || request.isUserInRole(Config.DEFAULT_ADMIN_ROLE)) { + try { + session = JCRUtils.getSession(); + + if (action.equals("userCreate")) { + userCreate(session, request, response); + } else if (action.equals("roleCreate")) { + roleCreate(session, request, response); + } else if (action.equals("userEdit")) { + userEdit(session, request, response); + } else if (action.equals("roleEdit")) { + roleEdit(session, request, response); + } else if (action.equals("userDelete")) { + userDelete(session, request, response); + } else if (action.equals("roleDelete")) { + roleDelete(session, request, response); + } else if (action.equals("userActive")) { + userActive(session, request, response); + } else if (action.equals("roleActive")) { + roleActive(session, request, response); + } + + if (action.equals("") || action.equals("userActive") || + (action.startsWith("user") && WebUtils.getBoolean(request, "persist"))) { + userList(session, request, response); + } else if (action.equals("roleList") || action.equals("roleActive") || + (action.startsWith("role") && WebUtils.getBoolean(request, "persist"))) { + roleList(session, request, response); + } + } catch (LoginException e) { + log.error(e.getMessage(), e); + sendErrorRedirect(request,response, e); + } catch (RepositoryException e) { + log.error(e.getMessage(), e); + sendErrorRedirect(request,response, e); + } catch (DatabaseException e) { + log.error(e.getMessage(), e); + sendErrorRedirect(request,response, e); + } catch (NoSuchAlgorithmException e) { + log.error(e.getMessage(), e); + sendErrorRedirect(request,response, e); + } catch (PrincipalAdapterException e) { + log.error(e.getMessage(), e); + sendErrorRedirect(request,response, e); + } finally { + JCRUtils.logout(session); } + } else { + // Activity log + UserActivity.log(request.getRemoteUser(), "ADMIN_ACCESS_DENIED", request.getRequestURI(), request.getQueryString()); - if (action.equals("") || action.equals("userActive") || - (action.startsWith("user") && WebUtils.getBoolean(request, "persist"))) { - userList(session, request, response); - } else if (action.equals("roleList") || action.equals("roleActive") || - (action.startsWith("role") && WebUtils.getBoolean(request, "persist"))) { - roleList(session, request, response); - } - } catch (LoginException e) { - log.error(e.getMessage(), e); - sendErrorRedirect(request,response, e); - } catch (RepositoryException e) { - log.error(e.getMessage(), e); - sendErrorRedirect(request,response, e); - } catch (DatabaseException e) { - log.error(e.getMessage(), e); - sendErrorRedirect(request,response, e); - } catch (NoSuchAlgorithmException e) { - log.error(e.getMessage(), e); - sendErrorRedirect(request,response, e); - } catch (PrincipalAdapterException e) { - log.error(e.getMessage(), e); - sendErrorRedirect(request,response, e); - } finally { - JCRUtils.logout(session); + AccessDeniedException ade = new AccessDeniedException("You should not access this resource"); + sendErrorRedirect(request, response, ade); } } @@ -166,8 +174,8 @@ log.debug("userEdit({}, {}, {})", new Object[] { session, request, response }); String usrId = WebUtils.getString(request, "usr_id"); - if (isMultipleInstancesAdmin(request) || !usrId.equals(Config.ADMIN_USER)) { - if (WebUtils.getBoolean(request, "persist")) { + if (WebUtils.getBoolean(request, "persist")) { + if (isMultipleInstancesAdmin(request) || !usrId.equals(Config.ADMIN_USER)) { String password = WebUtils.getString(request, "usr_password"); User usr = new User(); usr.setId(usrId); @@ -188,22 +196,16 @@ // Activity log UserActivity.log(session.getUserID(), "ADMIN_USER_EDIT", usr.getId(), usr.toString()); - } else { - ServletContext sc = getServletContext(); - sc.setAttribute("action", WebUtils.getString(request, "action")); - sc.setAttribute("persist", true); - sc.setAttribute("roles", AuthDAO.findAllRoles()); - sc.setAttribute("usr", AuthDAO.findUserByPk(usrId)); - sc.getRequestDispatcher("/admin/user_edit.jsp").forward(request, response); - } + } } else { - // Activity log - UserActivity.log(request.getRemoteUser(), "ADMIN_ACCESS_DENIED", request.getRequestURI(), request.getQueryString()); + ServletContext sc = getServletContext(); + sc.setAttribute("action", WebUtils.getString(request, "action")); + sc.setAttribute("persist", true); + sc.setAttribute("roles", AuthDAO.findAllRoles()); + sc.setAttribute("usr", AuthDAO.findUserByPk(usrId)); + sc.getRequestDispatcher("/admin/user_edit.jsp").forward(request, response); + } - AccessDeniedException ade = new AccessDeniedException("You should not access this resource"); - sendErrorRedirect(request, response, ade); - } - log.debug("userEdit: void"); } @@ -215,26 +217,20 @@ log.debug("userDelete({}, {}, {})", new Object[] { session, request, response }); String usrId = WebUtils.getString(request, "usr_id"); - if (isMultipleInstancesAdmin(request) || !usrId.equals(Config.ADMIN_USER)) { - if (WebUtils.getBoolean(request, "persist")) { + if (WebUtils.getBoolean(request, "persist")) { + if (isMultipleInstancesAdmin(request) || !usrId.equals(Config.ADMIN_USER)) { AuthDAO.deleteUser(usrId); // Activity log UserActivity.log(session.getUserID(), "ADMIN_USER_DELETE", usrId, null); - } else { - ServletContext sc = getServletContext(); - sc.setAttribute("action", WebUtils.getString(request, "action")); - sc.setAttribute("persist", true); - sc.setAttribute("roles", AuthDAO.findAllRoles()); - sc.setAttribute("usr", AuthDAO.findUserByPk(usrId)); - sc.getRequestDispatcher("/admin/user_edit.jsp").forward(request, response); } } else { - // Activity log - UserActivity.log(request.getRemoteUser(), "ADMIN_ACCESS_DENIED", request.getRequestURI(), request.getQueryString()); - - AccessDeniedException ade = new AccessDeniedException("You should not access this resource"); - sendErrorRedirect(request, response, ade); + ServletContext sc = getServletContext(); + sc.setAttribute("action", WebUtils.getString(request, "action")); + sc.setAttribute("persist", true); + sc.setAttribute("roles", AuthDAO.findAllRoles()); + sc.setAttribute("usr", AuthDAO.findUserByPk(usrId)); + sc.getRequestDispatcher("/admin/user_edit.jsp").forward(request, response); } log.debug("userDelete: void"); @@ -246,20 +242,14 @@ private void userActive(Session session, HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException, DatabaseException, NoSuchAlgorithmException { log.debug("userActive({}, {}, {})", new Object[] { session, request, response }); + boolean active = WebUtils.getBoolean(request, "usr_active"); String usrId = WebUtils.getString(request, "usr_id"); if (isMultipleInstancesAdmin(request) || !usrId.equals(Config.ADMIN_USER)) { - boolean active = WebUtils.getBoolean(request, "usr_active"); AuthDAO.activeUser(usrId, active); - + // Activity log UserActivity.log(session.getUserID(), "ADMIN_USER_ACTIVE", usrId, Boolean.toString(active)); - } else { - // Activity log - UserActivity.log(request.getRemoteUser(), "ADMIN_ACCESS_DENIED", request.getRequestURI(), request.getQueryString()); - - AccessDeniedException ade = new AccessDeniedException("You should not access this resource"); - sendErrorRedirect(request, response, ade); } log.debug("userActive: void");