From 5de98569bf2a625251350300b04ed3acbef2ebdc Mon Sep 17 00:00:00 2001
From: j2blake <j2blake@440791e1-c2bf-4c1e-ad7c-caf3f8b0ebe8>
Date: Wed, 20 Jul 2011 16:06:19 +0000
Subject: [PATCH] Merge r8729, r8746 from the release 1.3 maintenance branch

---
 .../usepages/ManageRootAccount.java           | 12 +++
 .../admin/UserAccountsAdminController.java    | 10 ++-
 .../accounts/admin/UserAccountsDeleter.java   | 80 ++++++++++++++++---
 .../accounts/admin/UserAccountsEditPage.java  | 13 +++
 .../accounts/admin/UserAccountsListPage.java  | 55 +++++++++++--
 .../authenticate/BasicAuthenticator.java      |  6 ++
 .../body/accounts/userAccounts-list.ftl       | 16 +++-
 7 files changed, 167 insertions(+), 25 deletions(-)
 create mode 100644 webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/usepages/ManageRootAccount.java

diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/usepages/ManageRootAccount.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/usepages/ManageRootAccount.java
new file mode 100644
index 000000000..d469d6979
--- /dev/null
+++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/usepages/ManageRootAccount.java
@@ -0,0 +1,12 @@
+/* $This file is distributed under the terms of the license in /doc/license.txt$ */
+
+package edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages;
+
+import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestedAction;
+
+/**
+ * Should we allow the user to edit or delete the root account?
+ */
+public class ManageRootAccount extends RequestedAction {
+	// no fields
+}
diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/accounts/admin/UserAccountsAdminController.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/accounts/admin/UserAccountsAdminController.java
index f21d4c340..9a3b73d10 100644
--- a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/accounts/admin/UserAccountsAdminController.java
+++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/accounts/admin/UserAccountsAdminController.java
@@ -82,10 +82,14 @@ public class UserAccountsAdminController extends FreemarkerHttpServlet {
 
 	private ResponseValues handleDeleteRequest(VitroRequest vreq) {
 		UserAccountsDeleter deleter = new UserAccountsDeleter(vreq);
-		Collection<String> deletedUris = deleter.delete();
+		if (deleter.isBogus()) {
+			return showHomePage(vreq, deleter.getBogusMessage());
+		} else {
+			Collection<String> deletedUris = deleter.delete();
 
-		UserAccountsListPage.Message.showDeletions(vreq, deletedUris);
-		return redirectToList();
+			UserAccountsListPage.Message.showDeletions(vreq, deletedUris);
+			return redirectToList();
+		}
 	}
 
 	private ResponseValues handleListRequest(VitroRequest vreq) {
diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/accounts/admin/UserAccountsDeleter.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/accounts/admin/UserAccountsDeleter.java
index ef84533fb..b8484715a 100644
--- a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/accounts/admin/UserAccountsDeleter.java
+++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/accounts/admin/UserAccountsDeleter.java
@@ -6,48 +6,104 @@ import java.util.ArrayList;
 import java.util.Collection;
 import java.util.List;
 
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+
+import edu.cornell.mannlib.vedit.beans.LoginStatusBean;
+import edu.cornell.mannlib.vitro.webapp.auth.policy.PolicyHelper;
+import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.ManageRootAccount;
 import edu.cornell.mannlib.vitro.webapp.beans.UserAccount;
 import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
 import edu.cornell.mannlib.vitro.webapp.controller.accounts.UserAccountsPage;
-import edu.cornell.mannlib.vitro.webapp.dao.UserAccountsDao;
+import edu.cornell.mannlib.vitro.webapp.controller.accounts.user.UserAccountsUserController;
 import edu.cornell.mannlib.vitro.webapp.dao.WebappDaoFactory;
 
 /**
  * Process a request to delete User Accounts.
  */
 public class UserAccountsDeleter extends UserAccountsPage {
-	
+	private static final Log log = LogFactory.getLog(UserAccountsDeleter.class);
+
 	private static final String PARAMETER_DELETE_ACCOUNT = "deleteAccount";
 
 	/** Might be empty, but never null. */
 	private final String[] uris;
 
+	/** The result of checking whether this request is even appropriate. */
+	private String bogusMessage = "";
+
 	public UserAccountsDeleter(VitroRequest vreq) {
 		super(vreq);
-		
+
 		String[] values = vreq.getParameterValues(PARAMETER_DELETE_ACCOUNT);
 		if (values == null) {
 			this.uris = new String[0];
 		} else {
 			this.uris = values;
 		}
+
+		WebappDaoFactory wadf = vreq.getWebappDaoFactory();
+
+		validateInputUris();
+	}
+
+	private void validateInputUris() {
+		UserAccount loggedInAccount = LoginStatusBean.getCurrentUser(vreq);
+		if (loggedInAccount == null) {
+			log.warn("Trying to delete accounts while not logged in!");
+			bogusMessage = UserAccountsUserController.BOGUS_STANDARD_MESSAGE;
+			return;
+		}
+
+		for (String uri : this.uris) {
+			UserAccount u = userAccountsDao.getUserAccountByUri(uri);
+
+			if (u == null) {
+				log.warn("Delete account for '" + uri
+						+ "' is bogus: no such user");
+				bogusMessage = UserAccountsUserController.BOGUS_STANDARD_MESSAGE;
+				return;
+			}
+
+			if (u.getUri().equals(loggedInAccount.getUri())) {
+				log.warn("'" + u.getUri()
+						+ "' is trying to delete his own account.");
+				bogusMessage = UserAccountsUserController.BOGUS_STANDARD_MESSAGE;
+				return;
+			}
+
+			if (u.isRootUser()
+					&& (!PolicyHelper.isAuthorizedForActions(vreq,
+							new ManageRootAccount()))) {
+				log.warn("Attempting to delete the root account, "
+						+ "but not authorized. Logged in as "
+						+ LoginStatusBean.getCurrentUser(vreq));
+				bogusMessage = UserAccountsUserController.BOGUS_STANDARD_MESSAGE;
+				return;
+			}
+		}
 	}
 
 	public Collection<String> delete() {
-		List<String> deletedUris = new ArrayList<String>(); 
-		
-		WebappDaoFactory wadf = vreq.getWebappDaoFactory();
-		UserAccountsDao dao = wadf.getUserAccountsDao();
-		
-		for (String uri: uris) {
-			UserAccount u = dao.getUserAccountByUri(uri);
+		List<String> deletedUris = new ArrayList<String>();
+
+		for (String uri : uris) {
+			UserAccount u = userAccountsDao.getUserAccountByUri(uri);
 			if (u != null) {
-				dao.deleteUserAccount(uri);
+				userAccountsDao.deleteUserAccount(uri);
 				deletedUris.add(uri);
 			}
 		}
-		
+
 		return deletedUris;
 	}
 
+	public boolean isBogus() {
+		return !bogusMessage.isEmpty();
+	}
+
+	public String getBogusMessage() {
+		return bogusMessage;
+	}
+
 }
diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/accounts/admin/UserAccountsEditPage.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/accounts/admin/UserAccountsEditPage.java
index 6662e2609..9640182dc 100644
--- a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/accounts/admin/UserAccountsEditPage.java
+++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/accounts/admin/UserAccountsEditPage.java
@@ -11,6 +11,9 @@ import java.util.Set;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 
+import edu.cornell.mannlib.vedit.beans.LoginStatusBean;
+import edu.cornell.mannlib.vitro.webapp.auth.policy.PolicyHelper;
+import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.ManageRootAccount;
 import edu.cornell.mannlib.vitro.webapp.beans.Individual;
 import edu.cornell.mannlib.vitro.webapp.beans.SelfEditingConfiguration;
 import edu.cornell.mannlib.vitro.webapp.beans.UserAccount;
@@ -115,6 +118,16 @@ public class UserAccountsEditPage extends UserAccountsPage {
 			bogusMessage = UserAccountsUserController.BOGUS_STANDARD_MESSAGE;
 			return;
 		}
+		if (userAccount.isRootUser()) {
+			if (!PolicyHelper.isAuthorizedForActions(vreq,
+					new ManageRootAccount())) {
+				log.warn("User is attempting to edit the root account, "
+						+ "but is not authorized to do so. Logged in as: "
+						+ LoginStatusBean.getCurrentUser(vreq));
+				bogusMessage = UserAccountsUserController.BOGUS_STANDARD_MESSAGE;
+				return;
+			}
+		}
 	}
 
 	public boolean isBogus() {
diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/accounts/admin/UserAccountsListPage.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/accounts/admin/UserAccountsListPage.java
index c3ed4fa18..7615c9369 100644
--- a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/accounts/admin/UserAccountsListPage.java
+++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/accounts/admin/UserAccountsListPage.java
@@ -18,6 +18,9 @@ import javax.servlet.http.HttpSession;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 
+import edu.cornell.mannlib.vedit.beans.LoginStatusBean;
+import edu.cornell.mannlib.vitro.webapp.auth.policy.PolicyHelper;
+import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.usepages.ManageRootAccount;
 import edu.cornell.mannlib.vitro.webapp.beans.PermissionSet;
 import edu.cornell.mannlib.vitro.webapp.beans.UserAccount;
 import edu.cornell.mannlib.vitro.webapp.beans.UserAccount.Status;
@@ -183,12 +186,38 @@ public class UserAccountsListPage extends UserAccountsPage {
 			UserAccountsSelection selection) {
 		List<UserAccountWrapper> list = new ArrayList<UserAccountWrapper>();
 		for (UserAccount account : selection.getUserAccounts()) {
-			list.add(new UserAccountWrapper(account,
-					findPermissionSetLabels(account)));
+			UserAccountWrapper wrapper = new UserAccountWrapper(account,
+					findPermissionSetLabels(account), permittedToEdit(account),
+					permittedToDelete(account));
+			list.add(wrapper);
 		}
 		return list;
 	}
 
+	private boolean permittedToEdit(UserAccount account) {
+		if (!account.isRootUser()) {
+			return true;
+		}
+		if (PolicyHelper.isAuthorizedForActions(vreq, new ManageRootAccount())) {
+			return true;
+		}
+		return false;
+	}
+
+	private boolean permittedToDelete(UserAccount account) {
+		if (!permittedToEdit(account)) {
+			return false;
+		}
+		UserAccount loggedInUser = LoginStatusBean.getCurrentUser(vreq);
+		if (loggedInUser == null) {
+			return false;
+		}
+		if (account.getUri().equals(loggedInUser.getUri())) {
+			return false;
+		}
+		return true;
+	}
+
 	private List<String> findPermissionSetLabels(UserAccount account) {
 		List<String> labels = new ArrayList<String>();
 
@@ -212,12 +241,21 @@ public class UserAccountsListPage extends UserAccountsPage {
 		private final UserAccount account;
 		private final List<String> permissionSets;
 		private final String editUrl;
+		private final boolean deletable;
 
 		public UserAccountWrapper(UserAccount account,
-				List<String> permissionSets) {
+				List<String> permissionSets, boolean showEditUrl,
+				boolean permitDelete) {
 			this.account = account;
 			this.permissionSets = permissionSets;
-			this.editUrl = UserAccountsPage.editAccountUrl(account.getUri());
+			this.deletable = permitDelete;
+
+			if (showEditUrl) {
+				this.editUrl = UserAccountsPage
+						.editAccountUrl(account.getUri());
+			} else {
+				this.editUrl = "";
+			}
 		}
 
 		public String getUri() {
@@ -266,6 +304,10 @@ public class UserAccountsListPage extends UserAccountsPage {
 			return editUrl;
 		}
 
+		public boolean isDeletable() {
+			return deletable;
+		}
+
 	}
 
 	/**
@@ -332,13 +374,14 @@ public class UserAccountsListPage extends UserAccountsPage {
 		private void applyToBodyMap(Map<String, Object> body) {
 			if (type == Type.NEW_ACCOUNT) {
 				body.put("newUserAccount", new UserAccountWrapper(userAccount,
-						Collections.<String> emptyList()));
+						Collections.<String> emptyList(), true, false));
 				if (emailWasSent) {
 					body.put("emailWasSent", Boolean.TRUE);
 				}
 			} else if (type == Type.UPDATED_ACCOUNT) {
 				body.put("updatedUserAccount", new UserAccountWrapper(
-						userAccount, Collections.<String> emptyList()));
+						userAccount, Collections.<String> emptyList(), true,
+						false));
 				if (emailWasSent) {
 					body.put("emailWasSent", Boolean.TRUE);
 				}
diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/authenticate/BasicAuthenticator.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/authenticate/BasicAuthenticator.java
index dcf8d4244..9f01a1c57 100644
--- a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/authenticate/BasicAuthenticator.java
+++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/authenticate/BasicAuthenticator.java
@@ -17,6 +17,7 @@ import org.apache.commons.logging.LogFactory;
 import edu.cornell.mannlib.vedit.beans.LoginStatusBean;
 import edu.cornell.mannlib.vedit.beans.LoginStatusBean.AuthenticationSource;
 import edu.cornell.mannlib.vitro.webapp.auth.identifier.RequestIdentifiers;
+import edu.cornell.mannlib.vitro.webapp.auth.identifier.common.IsRootUser;
 import edu.cornell.mannlib.vitro.webapp.beans.BaseResourceBean.RoleLevel;
 import edu.cornell.mannlib.vitro.webapp.beans.UserAccount.Status;
 import edu.cornell.mannlib.vitro.webapp.beans.Individual;
@@ -132,6 +133,11 @@ public class BasicAuthenticator extends Authenticator {
 		setSessionTimeoutLimit(userAccount, session);
 		recordInUserSessionMap(userAccount.getUri(), session);
 		notifyOtherUsers(userAccount.getUri(), session);
+		
+		if (IsRootUser.isRootUser(RequestIdentifiers
+				.getIdBundleForRequest(request))) {
+			// Insert method call here.
+		}
 	}
 
 	/**
diff --git a/webapp/web/templates/freemarker/body/accounts/userAccounts-list.ftl b/webapp/web/templates/freemarker/body/accounts/userAccounts-list.ftl
index 66cefc6d9..4f66a20f6 100644
--- a/webapp/web/templates/freemarker/body/accounts/userAccounts-list.ftl
+++ b/webapp/web/templates/freemarker/body/accounts/userAccounts-list.ftl
@@ -147,11 +147,19 @@
             <#list accounts as account>
                 <tr>
                     <td>
-                        <input type="checkbox" name="deleteAccount" value="${account.uri}" />
-                        <!-- ignored unless submit action is formUrls.delete -->
+                        <#if account.deletable>
+                            <input type="checkbox" name="deleteAccount" value="${account.uri}" />
+                            <!-- ignored unless submit action is formUrls.delete -->
+                        <#else>
+                            <input type="checkbox" name="deleteAccount" value="${account.uri}" disabled />
+                        </#if>
     
-                        <a href="${account.editUrl}" >${account.emailAddress}</a>
-                        <!-- when this link is clicked, editAccount is noticed and all other fields are ignored. -->
+                        <#if account.editUrl != "">
+                            <a href="${account.editUrl}" >${account.emailAddress}</a>
+                            <!-- when this link is clicked, editAccount is noticed and all other fields are ignored. -->
+                        <#else>
+                            ${account.emailAddress}
+                        </#if>
                     </td>
                     <td>${account.firstName}</td>
                     <td>${account.lastName}</td>