rss summary feed and password changes

git-svn-id: https://subversion.umiacs.umd.edu/ace/trunk@119 f1b3a171-7291-4a19-a512-95ad0ad9394a

rss summary feed and password changes
git-svn-id: https://subversion.umiacs.umd.edu/ace/trunk@119 f1b3a171-7291-4a19-a512-95ad0ad9394a
c38776b8 · toaster · aadeaff8 · c38776b8 · c38776b8 · c38776b8
Commit c38776b8 authored Apr 19, 2011 by toaster
--- a/ace-am/pom.xml
+++ b/ace-am/pom.xml
@@ -60,6 +60,12 @@
            <version>3.8.1</version>
            <scope>test</scope>
        </dependency>
+        <dependency>
+            <groupId>org.apache.tomcat</groupId>
+            <artifactId>catalina</artifactId>
+            <version>6.0.32</version>
+            <scope>provided</scope>
+        </dependency>
        <!-- for persistence -->
        <dependency>
@@ -94,6 +100,12 @@
            <version>1.0.1</version>
        </dependency>
+        <dependency>
+            <groupId>net.java.dev.rome</groupId>
+            <artifactId>rome</artifactId>
+            <version>1.0.0</version>
+        </dependency>
        <!-- for Jstl / webapp stuff-->
        <dependency>
            <groupId>taglibs</groupId>
@@ -170,7 +182,7 @@
        <dependency>
            <groupId>edu.umiacs.irods</groupId>
            <artifactId>irods-api</artifactId>
-            <version>1.4</version>
+            <version>1.5</version>
        </dependency>
    </dependencies>
 </project>

--- a/ace-am/src/main/java/edu/umiacs/ace/monitor/reporting/ViewReportSummaryServlet.java
+++ b/ace-am/src/main/java/edu/umiacs/ace/monitor/reporting/ViewReportSummaryServlet.java
@@ -28,15 +28,16 @@
 * Maryland Institute for Advanced Computer Study.
 */
 // $Id$
 package edu.umiacs.ace.monitor.reporting;
 import edu.umiacs.ace.util.EntityManagerServlet;
 import edu.umiacs.ace.monitor.core.Collection;
+import edu.umiacs.util.Strings;
 import java.io.IOException;
 import java.util.ArrayList;
 import java.util.List;
 import javax.persistence.EntityManager;
+import javax.persistence.EntityNotFoundException;
 import javax.persistence.Query;
 import javax.servlet.RequestDispatcher;
 import javax.servlet.ServletException;
@@ -53,14 +54,16 @@ import javax.servlet.http.HttpServletResponse;
 */
 public class ViewReportSummaryServlet extends EntityManagerServlet {
+    private static final String PARAM_SUMMARY_ID = "summaryid";
    private static final String PAGE_SUMMARIES = "summaries";
    private static final String PAGE_COLLECTION = "coll";
    private static final String PARAM_LATEST = "latest";
    private static final String PARAM_LIMIT = "limit";
+    private static final String PARAM_RSS = "rss";
    @Override
-    protected void processRequest( HttpServletRequest request,
+    protected void processRequest(HttpServletRequest request,
-            HttpServletResponse response, EntityManager em ) throws
+            HttpServletResponse response, EntityManager em) throws
            ServletException, IOException {
        Collection coll = getCollection(request, em);
@@ -68,10 +71,16 @@ public class ViewReportSummaryServlet extends EntityManagerServlet {
        boolean latest = getParameter(request, PARAM_LATEST, false);
        List<ReportSummary> summaries;
        Query query;
+        ReportSummary summary = getSummary(request, em);
-        if ( coll != null ) {
+        if (summary != null)
+        {
-            if ( latest ) {
+            summaries = new ArrayList<ReportSummary>(1);
+            summaries.add(summary);
+            coll = summary.getCollection();
+        }
+        else if(coll != null) {
+            if (latest) {
                query = em.createNamedQuery("ReportSummary.listByCollectionRecent");
            } else {
                query = em.createNamedQuery("ReportSummary.listByCollection");
@@ -79,7 +88,7 @@ public class ViewReportSummaryServlet extends EntityManagerServlet {
            query.setParameter("coll", coll);
            summaries = runQuery(query, limit);
        } else {
-            if ( latest ) {
+            if (latest) {
                summaries = listAllRecent(em);
            } else {
                query = em.createNamedQuery("ReportSummary.listAllSummaries");
@@ -92,31 +101,51 @@ public class ViewReportSummaryServlet extends EntityManagerServlet {
        request.setAttribute(PAGE_COLLECTION, coll);
        RequestDispatcher rd;
-        if ( hasJson(request) ) {
+        if (hasJson(request)) {
            rd = request.getRequestDispatcher("viewsummary-json.jsp");
+        } else if (hasRss(request)) {
+            rd = request.getRequestDispatcher("viewsummary-rss.jsp");
        } else {
            rd = request.getRequestDispatcher("viewsummary.jsp");
        }
        rd.forward(request, response);
    }
-    private List listAllRecent( EntityManager em ) {
+    private List listAllRecent(EntityManager em) {
        List<ReportSummary> retList = new ArrayList<ReportSummary>(32);
        Query query;
        query = em.createNamedQuery("ReportSummary.listAllRecentIds");
        List resultIds = query.getResultList();
-        for ( Object o : resultIds ) {
+        for (Object o : resultIds) {
            retList.add(em.getReference(ReportSummary.class, o));
        }
        return retList;
    }
-    private List runQuery( Query query, int limit ) {
+    private List runQuery(Query query, int limit) {
-        if ( limit > 0 ) {
+        if (limit > 0) {
            query.setMaxResults(limit);
        }
        return query.getResultList();
    }
+    public boolean hasRss(HttpServletRequest request) {
+        String value = (String) request.getParameter(PARAM_RSS);
+        return !Strings.isEmpty(value);
+    }
+    public ReportSummary getSummary( HttpServletRequest request, EntityManager em ) {
+        long summaryid;
+        if ( (summaryid = getParameter(request, PARAM_SUMMARY_ID, 0)) > 0 ) {
+            try {
+                return em.getReference(ReportSummary.class, summaryid);
+            } catch ( EntityNotFoundException e ) {
+                return null;
+            }
+        }
+        return null;
+    }
 }
--- a/ace-am/src/main/java/edu/umiacs/ace/monitor/users/ChangePasswordServlet.java
+++ b/ace-am/src/main/java/edu/umiacs/ace/monitor/users/ChangePasswordServlet.java
+/*
+ * Copyright (c) 2007-2010, University of Maryland
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without modification, are permitted provided
+ * that the following conditions are met:
+ *
+ * Redistributions of source code must retain the above copyright notice, this list of conditions
+ * and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above copyright notice, this list of conditions
+ * and the following disclaimer in the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * Neither the name of the University of Maryland nor the names of its contributors may be used to
+ * endorse or promote products derived from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR
+ * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR
+ * TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
+ * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ * ACE Components were written in the ADAPT Project at the University of
+ * Maryland Institute for Advanced Computer Study.
+ */
+// $Id: UsersServlet.java 46 2011-01-12 19:32:51Z toaster $
+package edu.umiacs.ace.monitor.users;
+import edu.umiacs.ace.util.EntityManagerServlet;
+import edu.umiacs.util.Strings;
+import java.io.IOException;
+import javax.persistence.EntityManager;
+import javax.persistence.EntityTransaction;
+import javax.persistence.NoResultException;
+import javax.persistence.Query;
+import javax.servlet.RequestDispatcher;
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import org.apache.log4j.Logger;
+/**
+ *
+ * @author toaster
+ */
+public class ChangePasswordServlet extends EntityManagerServlet {
+    private static final Logger LOG = Logger.getLogger(ChangePasswordServlet.class);
+    public static final String PARAM_NEWPASSWORD = "newpassword";
+    public static final String PARAM_USER = "user";
+    public static final String PARAM_OLDPASSWORD = "oldpassword";
+    public static final String PAGE_STATUS = "status";
+    public static final String PAGE_SUCCESS = "success";
+    /** 
+     * Processes requests for both HTTP <code>GET</code> and <code>POST</code> methods.
+     * @param request servlet request
+     * @param response servlet response
+     */
+    @Override
+    protected void processRequest(HttpServletRequest request,
+            HttpServletResponse response, EntityManager em)
+            throws ServletException, IOException {
+        request.setAttribute(PAGE_SUCCESS, false);
+        long id;
+        Users user = null;
+        String status = null;
+        boolean refresh = false;
+        if (!(Boolean) getServletContext().getAttribute("authmanagement")) {
+            status = "Local password management disabled, contact your system administrator";
+        } else {
+            String username = request.getParameter(PARAM_USER);
+            String newPass = request.getParameter(PARAM_NEWPASSWORD);
+            String oldPass = request.getParameter(PARAM_OLDPASSWORD);
+            if ((user = getUser(username, em)) != null) {
+                if (Strings.isEmpty(user.getPassword()) && Strings.isEmpty(oldPass)
+                        || user.getPassword().equals(oldPass)) {
+                    // if password is set, update, otherwise we just filled in user
+                    if (!Strings.isEmpty(newPass)) {
+                        user.setPassword(newPass);
+                        EntityTransaction et = em.getTransaction();
+                        et.begin();
+                        em.merge(user);
+                        et.commit();
+                        refresh = true;
+                        status = "Password Successfully Changed";
+                        request.setAttribute(PAGE_SUCCESS, true);
+                    } else {
+                        status = "New password cannot be empty";
+                    }
+                } else {
+                    status = "Bad username or password";
+                }
+            } else {
+                status = "Bad username or password";
+            }
+        }
+        request.setAttribute(PAGE_STATUS, status);
+        RequestDispatcher dispatch = request.getRequestDispatcher(
+                "passwordchange.jsp");
+        dispatch.forward(request, response);
+        if (refresh) {
+            UserSessionTracker.refreshAll();
+        }
+    }
+    private Users getUser(String username, EntityManager em) {
+        Query q = em.createNamedQuery("Users.getUser");
+        q.setParameter("user", username);
+        try {
+            return (Users) q.getSingleResult();
+        } catch (NoResultException ex) {
+            return null;
+        }
+    }
+}
--- a/ace-am/src/main/java/edu/umiacs/ace/monitor/users/UsersServlet.java
+++ b/ace-am/src/main/java/edu/umiacs/ace/monitor/users/UsersServlet.java
@@ -85,8 +85,6 @@ public class UsersServlet extends EntityManagerServlet {
        String paramPass = request.getParameter(PARAM_PASSWORD);
        // existing userId, lets load and update password
-//        if ( Strings.isValidLong(request.getParameter(PARAM_ID)) && (id = Long.parseLong(request.getParameter(PARAM_ID))) > 0 && (user = em.find(Users.class,
-//                id)) != null )
        if ( (id = getParameter(request, PARAM_ID, 0)) > 0 && (user = em.find(
                Users.class, id)) != null ) {
            // if password is set, update, otherwise we just filled in user

--- a/ace-am/src/main/java/edu/umiacs/ace/util/AuthTagHandler.java
+++ b/ace-am/src/main/java/edu/umiacs/ace/util/AuthTagHandler.java
@@ -15,24 +15,29 @@ public class AuthTagHandler extends TagSupport {
    @Override
    public int doStartTag() throws JspException {
+        boolean match = true;
        HttpServletRequest req = (HttpServletRequest) pageContext.getRequest();
+        if (req.getAuthType() == null && showUnauthenticated) {
-        if ( req.getAuthType() == null && showUnauthenticated ) {
            return EVAL_BODY_INCLUDE;
        }
-        if ( req.isUserInRole(role) ) {
+        if (role.startsWith("!")) {
+            match = false;
+            role = role.substring(1);
+        }
+        if (match && req.isUserInRole(role) || !match && !req.isUserInRole(role)) {
            return EVAL_BODY_INCLUDE;
        } else {
            return SKIP_BODY;
        }
    }
-    public void setShowUnauthenticated( boolean showUnauthenticated ) {
+    public void setShowUnauthenticated(boolean showUnauthenticated) {
        this.showUnauthenticated = showUnauthenticated;
    }
-    public void setRole( String role ) {
+    public void setRole(String role) {
        this.role = role;
    }
 }
--- a/ace-am/src/main/webapp/META-INF/context.xml
+++ b/ace-am/src/main/webapp/META-INF/context.xml
@@ -16,10 +16,7 @@
       'name' is the resource name used by the web app to refer to this
       database and NOT the database name, do not change unless you want bad
       things to happen.-->
-  <Resource auth="Container" testOnBorrow="true" type="javax.sql.DataSource"  
+  <Resource auth="Container" driverClassName="com.mysql.jdbc.Driver" maxActive="20" maxIdle="10" maxWait="-1" name="jdbc/aceamdb" password="password" testOnBorrow="true" type="javax.sql.DataSource" url="jdbc:mysql://naraapp12/aceam2" username="aceam" validationQuery="SELECT 1"/>
-  validationQuery="SELECT 1" driverClassName="com.mysql.jdbc.Driver" maxActive="20"
-  maxIdle="10" maxWait="-1" name="jdbc/aceamdb"
-  password="password" url="jdbc:mysql://naraapp12/aceam2" username="aceam" />
  <!--Mail server to use when mailing reports. You will need to set this if
    you want reports to be mailed properly.-->
  <Parameter name="mail.server" value="localhost.localdomain"/>

--- a/ace-am/src/main/webapp/WEB-INF/web.xml
+++ b/ace-am/src/main/webapp/WEB-INF/web.xml
@@ -137,6 +137,10 @@
        <servlet-name>IngestStore</servlet-name>
        <servlet-class>edu.umiacs.ace.monitor.register.IngestStore</servlet-class>
    </servlet> -->
+    <servlet>
+        <servlet-name>ChangePassword</servlet-name>
+        <servlet-class>edu.umiacs.ace.monitor.users.ChangePasswordServlet</servlet-class>
+    </servlet>
    <servlet-mapping>
        <servlet-name>ManageCollection</servlet-name>
        <url-pattern>/ManageCollection</url-pattern>
@@ -233,6 +237,10 @@
        <servlet-name>IngestStore</servlet-name>
        <url-pattern>/IngestStore</url-pattern>
    </servlet-mapping>-->
+    <servlet-mapping>
+        <servlet-name>ChangePassword</servlet-name>
+        <url-pattern>/ChangePassword</url-pattern>
+    </servlet-mapping>
    <session-config>
        <session-timeout>
            30

--- a/ace-am/src/main/webapp/header.jsp
+++ b/ace-am/src/main/webapp/header.jsp
@@ -23,22 +23,26 @@ on Libraries node in Projects view can be used to add the JSTL 1.1 library.
                    <BR>
                </div>
            </td>
            <td align="center">
-                <div class="menucell">
+                <um:Auth role="Log">
-                    <um:Auth role="Log">
+                    <div class="menucell">
                        <a href="EventLog?clear=1">Event Log</a>
-                    </um:Auth>
+                        <BR>
-                    <BR>
+                    </div>
-                </div>
+                </um:Auth>
            </td>
            <td align="center">
                <div class="menucell">
-                    <um:Auth role="Users">
+                    <c:if test="${authmanagement}">
-                        <c:if test="${authmanagement}">
+                        <um:Auth role="Users">
                            <a href="Users">Accounts</a>
-                        </c:if>
+                        </um:Auth>
-                    </um:Auth>
+                        <um:Auth role="!Users">
+                            <a href="passwordchange.jsp">Change Password</a>
+                        </um:Auth>
+                    </c:if>
                    <BR>
                </div>
            </td>
@@ -48,4 +52,4 @@ on Libraries node in Projects view can be used to add the JSTL 1.1 library.
 </div>
 <div class="header">
    <img src="images/title.jpg" alt="ACE Audit Manager"><BR><div style="font-size: large; color: red">${globalMessage}</div>
 </div>
\ No newline at end of file
--- a/ace-am/src/main/webapp/passwordchange.jsp
+++ b/ace-am/src/main/webapp/passwordchange.jsp
+<%@page pageEncoding="UTF-8"%>
+<%--
+The taglib directive below imports the JSTL library. If you uncomment it,
+you must also add the JSTL library to the project. The Add Library... action
+on Libraries node in Projects view can be used to add the JSTL 1.1 library.
+--%>
+<%@taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c"%> 
+<%@ taglib prefix="fn" uri="http://java.sun.com/jsp/jstl/functions" %>
+<!DOCTYPE html
+    PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
+    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html>
+    <head>
+        <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+        <title>List Item</title>
+        <link rel="stylesheet" type="text/css" href="style.css" />
+        <style type="text/css">
+            #status {
+                color: #ff0000;
+            }
+        </style>
+        <script type="text/javascript">
+            function verifypasswords()
+            {
+                var pw1 = document.passwordform.newpassword.value;
+                var pw2 = document.passwordform.newpassword1.value;
+                if (pw1 != pw2)
+                {
+                    alert("New passwords do not match");
+                    return false;
+                }
+                return true;
+            }
+        </script>
+    </head>
+    <body>
+        <jsp:include page="header.jsp" />
+        <div class="standardBody">
+            <h3>Change Password</h3>
+            <c:if test="${status != null}">
+                <br/>
+                <span id='status'>${status}</span>
+                <br/>
+            </c:if>
+            <c:if test="${!success}">
+                <form id='passwordform' onsubmit="return verifypasswords()" action="ChangePassword" method="POST">
+                    <table>
+                        <tr>
+                            <td>Username</td>
+                            <td><input type="text" name="user"/></td>
+                        </tr>
+                        <tr>
+                            <td>Old Password</td>
+                            <td><input type="password" name="oldpassword"/></td>
+                        </tr>
+                        <tr>
+                            <td>New Password</td>
+                            <td><input type="password" name="newpassword"/></td>
+                        </tr>
+                        <tr>
+                            <td>Verify Password</td>
+                            <td><input type="password" name="newpassword1"/></td>
+                        </tr>
+                        <tr>
+                            <td></td>
+                            <td><input type="submit" value="Change Password"/></td>
+                        </tr>
+                    </table>
+                </form>
+            </c:if>
+        </div>