From ec690dd31f93b4c596d781e35aa449bedea55268 Mon Sep 17 00:00:00 2001
From: j2blake <j2blake@440791e1-c2bf-4c1e-ad7c-caf3f8b0ebe8>
Date: Sun, 5 Jun 2011 23:38:33 +0000
Subject: [PATCH] Create the admin/showAuth page to replace admin/showids.jsp,
 edit/selfeditcheck.jsp and admin/checkblacklist.jsp

---
 .../controller/admin/ShowAuthController.java  | 104 ++++++++++++++++++
 webapp/web/admin/showids.jsp                  |  27 -----
 webapp/web/css/showAuth.css                   |  22 ++++
 webapp/web/edit/selfeditcheck.jsp             |  99 -----------------
 .../freemarker/body/admin/admin-showAuth.ftl  |  74 +++++++++++++
 5 files changed, 200 insertions(+), 126 deletions(-)
 create mode 100644 webapp/src/edu/cornell/mannlib/vitro/webapp/controller/admin/ShowAuthController.java
 delete mode 100644 webapp/web/admin/showids.jsp
 create mode 100644 webapp/web/css/showAuth.css
 delete mode 100644 webapp/web/edit/selfeditcheck.jsp
 create mode 100644 webapp/web/templates/freemarker/body/admin/admin-showAuth.ftl
diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/admin/ShowAuthController.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/admin/ShowAuthController.java
new file mode 100644
index 000000000..5a82419bd
--- /dev/null
+++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/admin/ShowAuthController.java
@@ -0,0 +1,104 @@
+/* $This file is distributed under the terms of the license in /doc/license.txt$ */
+
+package edu.cornell.mannlib.vitro.webapp.controller.admin;
+
+import java.util.ArrayList;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+
+import javax.servlet.ServletContext;
+
+import edu.cornell.mannlib.vedit.beans.LoginStatusBean;
+import edu.cornell.mannlib.vitro.webapp.auth.identifier.ActiveIdentifierBundleFactories;
+import edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundle;
+import edu.cornell.mannlib.vitro.webapp.auth.identifier.RequestIdentifiers;
+import edu.cornell.mannlib.vitro.webapp.auth.identifier.common.HasAssociatedIndividual;
+import edu.cornell.mannlib.vitro.webapp.auth.policy.PolicyHelper;
+import edu.cornell.mannlib.vitro.webapp.auth.policy.ServletPolicyList;
+import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.Actions;
+import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestActionConstants;
+import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestedAction;
+import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.EditObjPropStmt;
+import edu.cornell.mannlib.vitro.webapp.config.ConfigurationProperties;
+import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
+import edu.cornell.mannlib.vitro.webapp.controller.freemarker.FreemarkerHttpServlet;
+import edu.cornell.mannlib.vitro.webapp.controller.freemarker.responsevalues.ResponseValues;
+import edu.cornell.mannlib.vitro.webapp.controller.freemarker.responsevalues.TemplateResponseValues;
+
+/**
+ * Show a summary of who is logged in and how they are to be treated by the
+ * authorization system.
+ */
+public class ShowAuthController extends FreemarkerHttpServlet {
+
+	@Override
+	protected Actions requiredActions(VitroRequest vreq) {
+		return Actions.AUTHORIZED;
+	}
+
+	@Override
+	protected ResponseValues processRequest(VitroRequest vreq) {
+
+		Map<String, Object> body = new HashMap<String, Object>();
+
+		body.put("identifiers", RequestIdentifiers.getIdBundleForRequest(vreq));
+		body.put("currentUser", LoginStatusBean.getCurrentUser(vreq));
+		body.put("associatedIndividuals", getAssociatedIndividuals(vreq));
+		body.put("factories", getIdentifierFactoryNames(vreq));
+		body.put("policies", ServletPolicyList.getPolicies(vreq));
+		body.put("matchingProperty", getMatchingProperty(vreq));
+
+		return new TemplateResponseValues("admin-showAuth.ftl", body);
+	}
+
+	private List<String> getIdentifierFactoryNames(VitroRequest vreq) {
+		ServletContext ctx = vreq.getSession().getServletContext();
+		return ActiveIdentifierBundleFactories.getFactoryNames(ctx);
+	}
+
+	private String getMatchingProperty(VitroRequest vreq) {
+		return ConfigurationProperties.getBean(vreq).getProperty(
+				"selfEditing.idMatchingProperty", "");
+	}
+
+	private List<AssociatedIndividual> getAssociatedIndividuals(
+			VitroRequest vreq) {
+		List<AssociatedIndividual> list = new ArrayList<AssociatedIndividual>();
+		IdentifierBundle ids = RequestIdentifiers.getIdBundleForRequest(vreq);
+		for (String uri : HasAssociatedIndividual.getIndividualUris(ids)) {
+			list.add(new AssociatedIndividual(uri, mayEditIndividual(vreq, uri)));
+		}
+		return list;
+	}
+
+	/**
+	 * Is the current user authorized to edit an arbitrary object property on
+	 * this individual?
+	 */
+	private boolean mayEditIndividual(VitroRequest vreq, String individualUri) {
+		RequestedAction action = new EditObjPropStmt(individualUri,
+				RequestActionConstants.SOME_URI,
+				RequestActionConstants.SOME_URI);
+		return PolicyHelper.isAuthorizedForActions(vreq, action);
+	}
+
+	public class AssociatedIndividual {
+		private final String uri;
+		private final boolean editable;
+
+		public AssociatedIndividual(String uri, boolean editable) {
+			this.uri = uri;
+			this.editable = editable;
+		}
+
+		public String getUri() {
+			return uri;
+		}
+
+		public boolean isEditable() {
+			return editable;
+		}
+
+	}
+}
diff --git a/webapp/web/admin/showids.jsp b/webapp/web/admin/showids.jsp
deleted file mode 100644
index 27dab498c..000000000
--- a/webapp/web/admin/showids.jsp
+++ /dev/null
@@ -1,27 +0,0 @@
-<%-- $This file is distributed under the terms of the license in /doc/license.txt$ --%>
-
-<%@page
-   import="edu.cornell.mannlib.vitro.webapp.auth.identifier.RequestIdentifiers"%>
-<%@page
-   import="java.util.List"%>
-
-<%-- doesn't use vitro:confirmAuthorization becuase the we want to be able to see IDs for any user. --%>
-<%-- uses "security through obscurity", and doesn't give away much information. --%>
-
-<%
-      List idb = RequestIdentifiers.getIdBundleForRequest(request);
-
-out.write("<html><body>");
-out.write("<h2>Identifiers in effect: </h2>");
-out.write("<p>This is a utility that shows which identifiers are in effect.</p>\n");
-out.write("<table><tr><th>class</th><th>value</th></tr>\n");
-for( Object id : idb ){
-    out.write( "<tr>" );
-    out.write( "<td>" + id.getClass().getName() + "</td>");
-    out.write( "<td>" + id.toString() + "</td>" );
-    out.write( "</tr>\n" );
-}
-out.write("</table>\n");
-out.write("</body></html>");
-
-%>
diff --git a/webapp/web/css/showAuth.css b/webapp/web/css/showAuth.css
new file mode 100644
index 000000000..f5270119d
--- /dev/null
+++ b/webapp/web/css/showAuth.css
@@ -0,0 +1,22 @@
+/* $This file is distributed under the terms of the license in /doc/license.txt$ */
+
+/* Styles for Freemarker template showAuth */
+
+#show-auth * h3 {
+    padding: 20px 0 12px 0;
+}
+#show-auth * caption {
+    padding: 20px 0 12px 0;
+    margin: 0;
+    text-align: left;
+}
+#show-auth * th {
+    padding: 4px 10px 4px 10px;
+    border: 1px solid black;
+    text-align: right;
+}
+#show-auth * td {
+    padding: 4px 10px 4px 10px;
+    text-align: left;
+    border: 1px solid black;
+}
diff --git a/webapp/web/edit/selfeditcheck.jsp b/webapp/web/edit/selfeditcheck.jsp
deleted file mode 100644
index ec3a6c6e4..000000000
--- a/webapp/web/edit/selfeditcheck.jsp
+++ /dev/null
@@ -1,99 +0,0 @@
-<%-- $This file is distributed under the terms of the license in /doc/license.txt$ --%>
-
-<%@ page import="edu.cornell.mannlib.vitro.webapp.edit.n3editing.processEdit.EditSubmission" %>
-<%@ page import="edu.cornell.mannlib.vitro.webapp.edit.n3editing.configuration.Field" %>
-<%@ page import="edu.cornell.mannlib.vitro.webapp.filters.VitroRequestPrep" %>
-<%@ page import="org.apache.commons.logging.Log" %>
-<%@ page import="org.apache.commons.logging.LogFactory" %>
-<%@ page import="java.io.StringReader" %>
-<%@ page import="java.util.*" %>
-<%@page import="edu.cornell.mannlib.vitro.webapp.auth.identifier.SelfEditingIdentifierFactory.NetId"%>
-<%@page import="edu.cornell.mannlib.vitro.webapp.auth.identifier.SelfEditingIdentifierFactory"%>
-<%@page import="edu.cornell.mannlib.vitro.webapp.auth.identifier.SelfEditingIdentifierFactory.SelfEditing"%>
-<%@page import="edu.cornell.mannlib.vitro.webapp.auth.identifier.ArrayIdentifierBundle"%>
-<%@page import="edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundle"%>
-<%@page import="edu.cornell.mannlib.vitro.webapp.auth.identifier.RequestIdentifiers"%>
-<%@page import="java.io.IOException"%>
-<%@page import="edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundleFactory"%>
-<%@page import="edu.cornell.mannlib.vitro.webapp.auth.policy.PolicyList"%>
-<%@page import="edu.cornell.mannlib.vitro.webapp.auth.policy.ServletPolicyList"%>
-<%@page import="edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyIface"%>
-<%@page import="edu.cornell.mannlib.vitro.webapp.auth.policy.SelfEditingPolicy"%>
-<%@page import="edu.cornell.mannlib.vitro.webapp.dao.WebappDaoFactory"%>
-<%@page import="edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AddObjectPropStmt"%>
-<%@page import="edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyDecision"%>
-<%@ taglib prefix="c" uri="http://java.sun.com/jstl/core" %>
-
-
-<h1>SelfEditing Sanity Check</h1>
-
-<h3>Is there a self editing policy in the context?</h3>
-<% 
-PolicyList spl = ServletPolicyList.getPolicies(application);
-SelfEditingPolicy sePolicy = null;
-ListIterator it = spl.listIterator();
-String found = "Could not find a SelfEditingPolicy";
-while(it.hasNext()){
-    PolicyIface p = (PolicyIface)it.next();
-    if( p instanceof SelfEditingPolicy ){
-        found = "Found a SelfEditingPolicy";
-        sePolicy = (SelfEditingPolicy)p;
-    }
-}
-%>
-<%= found %>
-
-<%--
-
-<h3>Do you have a REMOTE_USER header from CUWebAuth?</h3>
-
-<% String user = request.getHeader("REMOTE_USER"); 
-if( user != null && user.length() > 0){
-    %> Found a remote user of <%= user %>. <%
-}else{
-    %> Could not find a remote user.  Maybe you are not logged into CUWebAutn? <%
-}
- %>
- <h3>Check if we can get a SelfEditingIdentifer for <%= user %></h3>
- <%
- SelfEditingIdentifierFactory.SelfEditing selfEditingId = null;
- IdentifierBundle ib  = null;
-if( user != null && user.length() > 0){
-  ib = RequestIdentifiers.getIdBundleForRequest(request);
-  for( Object obj : ib){
-      if( obj instanceof SelfEditingIdentifierFactory.SelfEditing )
-          selfEditingId = (SelfEditingIdentifierFactory.SelfEditing) obj;
-  }
-  if( selfEditingId != null )
-      found = "found a SelfEditingId " + selfEditingId.getValue();
-  else
-      found = "Cound not find a SelfEditingId";
-%>
-  <%= found %>
-<%}else{%> 
-   Cannot check becaue user is <%= user %>.
-<%} %>   
-
-
-<h3>Is that SelfEditingIdentifer blacklisted?</h3>
-<% if( user == null || user.length() == 0 ){ %>
- No REMOTE_USER to check 
-<% }else if( selfEditingId == null ){ %>
-     no SelfEditingId to check   
-<% }else if( selfEditingId.getBlacklisted() != null){%>
-    SelfEditingId blacklisted because of <%= selfEditingId.getBlacklisted() %>
-<% } else {%>
-    SelfEditingId is not blacklisted.
-<% } %>
-
-<h3>Can an object property be edited with this SelfEditingId and Policy?</h3>
-<% if( user == null || selfEditingId == null ){ %>
-No
-<% }else{ 
-    AddObjectPropStmt whatToAuth = new AddObjectPropStmt(
-           selfEditingId.getValue(),"http://mannlib.cornell.edu/fine#prp999" ,"http://mannlib.cornell.edu/fine#prp999");                
-    PolicyDecision pdecison = sePolicy.isAuthorized(ib, whatToAuth);         
-%> The policy decision was <%= pdecison %> 
-  
-<% } %>
---%>
\ No newline at end of file
diff --git a/webapp/web/templates/freemarker/body/admin/admin-showAuth.ftl b/webapp/web/templates/freemarker/body/admin/admin-showAuth.ftl
new file mode 100644
index 000000000..e11bb519e
--- /dev/null
+++ b/webapp/web/templates/freemarker/body/admin/admin-showAuth.ftl
@@ -0,0 +1,74 @@
+<#-- $This file is distributed under the terms of the license in /doc/license.txt$ -->
+
+<#-- Template viewing the authorization mechanisms: current identifiers, factories, policies, etc. -->
+
+${stylesheets.add('<link rel="stylesheet" href="${urls.base}/css/showAuth.css" />')}
+
+<h2>Authorization Info</h2>
+
+<section id="show-auth" role="region">
+    <#if currentUser?has_content>
+        <table summary="Information about the current user" style="border: 1">
+            <caption>Current user</caption>
+            <tr><th>URI:</th><td>${currentUser.URI}</td></tr>
+            <tr><th>First name:</th><td>${currentUser.firstName}</td></tr>
+            <tr><th>Last name:</th><td>${currentUser.lastName}</td></tr>
+            <tr><th>Username:</th><td>${currentUser.username}</td></tr>
+            <tr><th>Login count:</th><td>${currentUser.loginCount}</td></tr>
+            <tr><th>Role:</th><td>${currentUser.roleURI}</td></tr>
+        </table>
+    <#else>
+        <h3>Not logged in</h3>
+    </#if>
+   
+    <table summary="VIVO revision's levels table">
+        <caption>Identifiers:</caption>
+        <#list identifiers as identifier>
+            <tr>
+                <td>${identifier}</td>
+            </tr>
+        </#list>
+    </table>
+
+    <table summary="Associated Individuals">
+        <caption>AssociatedIndividuals: 
+            <#if matchingProperty??>
+                (match by <pre>${matchingProperty}</pre>)
+            <#else>
+                (matching property is not defined)
+            </#if>
+        </caption>
+        <#if associatedIndividuals?has_content>
+            <#list associatedIndividuals as associatedIndividual>
+                <tr>
+                    <td>${associatedIndividual.uri}</td>
+                    <#if associatedIndividual.editable>
+                        <td>May edit</td>
+                    <#else>
+                        <td>May not edit</td>
+                    </#if>
+                </tr>
+            </#list>
+        <#else>
+            <tr><td>none</td></tr>
+        </#if>
+    </table>
+
+    <table summary="Active Identifier Factories">
+        <caption>Identifier factories:</caption>
+        <#list factories as factory>
+            <tr>
+                <td>${factory}</td>
+            </tr>
+        </#list>
+    </table>
+
+    <table summary="Policies">
+        <caption>Policies:</caption>
+        <#list policies as policy>
+            <tr>
+                <td>${policy}</td>
+            </tr>
+        </#list>
+    </table>
+</section>

URI:	${currentUser.URI}
First name:	${currentUser.firstName}
Last name:	${currentUser.lastName}
Username:	${currentUser.username}
Login count:	${currentUser.loginCount}
Role:	${currentUser.roleURI}