Examples of org.rhq.enterprise.gui.legacy.WebUser

• org.rhq.enterprise.gui.legacy.WebUser
  A representation of the person currently interacting with the application. This essentially wraps a {@link Subject} and assigns that subject its{@link Subject#setSessionId(Integer) session ID}. Instances of this object are placed in HTTP session.

        /*
         * check if the user object is in the session.  if not, then the user is not validated, the response output
         * will not contain the "<subjectId>:<sessionId>:<lastAccess>", which will forward the user to the login page
         */
        WebUser webUser = SessionUtils.getWebUser(session);

        if (webUser != null && webUser.getSubject() != null) {

            // if sessionWebUserUpdate header sent then request for WebUser to be updated
            if ((sessionWebUserUpdate != null) && (!sessionWebUserUpdate.trim().isEmpty())) {
                // if webUser.getSubject.getName is same as user with session id passed in
                try {
                    // attempt to retrieve Subject for the requested session update
                    Subject currentSubject = SessionManager.getInstance().getSubject(
                        Integer.valueOf(sessionWebUserUpdate));
                    if (currentSubject != null) {//located associated subject
                        // if userNames match (case insensitive) then update webUser appropriately and re-associate in
                        // session
                        if (webUser.getSubject().getName().equalsIgnoreCase(currentSubject.getName())) {
                            webUser = new WebUser(currentSubject);
                            SessionUtils.setWebUser(session, webUser);
                        }
                    }
                } catch (SessionNotFoundException snfe) {
                } catch (NumberFormatException e) {
                } catch (SessionTimeoutException e) {
                }
            }

            // the web user exists, so update our SessionManager's session last-access-time
            Subject subject = webUser.getSubject();
            try {
                SessionManager.getInstance().getSubject(subject.getSessionId());
                long lastAccess = SessionManager.getInstance().getLastAccess(subject.getSessionId());

                PrintWriter writer = response.getWriter();
                String output = subject.getId() + ":" + webUser.getSessionId() + ":" + lastAccess;
                writer.print(output);
            } catch (SessionNotFoundException snfe) {
                session.removeAttribute(ParamConstants.USER_PARAM);
                SessionUtils.setWebUser(session, null);
            } catch (SessionTimeoutException ste) {

        HttpSession session = request.getSession(true);
        LogonForm logonForm = (LogonForm) form;
        ServletContext ctx = getServlet().getServletContext();

        WebUser webUser = null;
        Map<String, Boolean> userGlobalPermissionsMap = new HashMap<String, Boolean>();
        boolean needsRegistration = false;

        try {
            // authenticate the credentials
            SubjectManagerLocal subjectManager = LookupUtil.getSubjectManager();
            Subject subject = subjectManager.loginLocal(logonForm.getJ_username(), logonForm.getJ_password());
            Integer sessionId = subject.getSessionId(); // this is the RHQ session ID, not related to the HTTP session

            log.debug("Logged in as [" + logonForm.getJ_username() + "] with session id [" + sessionId + "]");

            boolean hasPrincipal = true;
            if (subject.getId() == 0) {
                // Subject with a ID of 0 means the subject wasn't in the database but the login succeeded.
                // This means the login method detected that LDAP authenticated the user and just gave us a dummy subject.
                // Set the needs-registration flag so we can eventually steer the user to the LDAP registration workflow.
                needsRegistration = true;
            }

            if (!needsRegistration) {
                subject = subjectManager.loadUserConfiguration(subject.getId());
                subject.setSessionId(sessionId); // put the transient data back into our new subject

                if (subject.getUserConfiguration() == null) {
                    subject.setUserConfiguration((Configuration) ctx.getAttribute(Constants.DEF_USER_PREFS));
                    subject = subjectManager.updateSubject(subject, subject);
                    subject.setSessionId(sessionId); // put the transient data back into our new subject
                }

                // look up the user's permissions
                Set<Permission> all_permissions = LookupUtil.getAuthorizationManager().getExplicitGlobalPermissions(
                    subject);

                for (Permission permission : all_permissions) {
                    userGlobalPermissionsMap.put(permission.toString(), Boolean.TRUE);
                }
            }

            webUser = new WebUser(subject, hasPrincipal);
        } catch (Exception e) {
            String msg = e.getMessage().toLowerCase();
            if ((msg.indexOf("username") >= 0) || (msg.indexOf("password") >= 0)) {
                request.setAttribute(Constants.LOGON_STATUS, "login.info.bad");
            } else {
                log.error("Could not log into the web application", e);
                request.setAttribute(Constants.LOGON_STATUS, "login.bad.backend");
            }

            return (mapping.findForward("bad"));
        }

        // compute the post-login destination
        ActionForward af;
        if (needsRegistration) {
            // Since we are authenticating the user with LDAP and the user has never logged in before,
            // that user has no subject record yet. We need to send him through the LDAP registration workflow.
            log.debug("LDAP registration required for user [" + logonForm.getJ_username() + "]");
            af = new ActionForward(URL_REGISTER);
        } else {
            // if the user's session timed out, we "bookmarked" the url that he was going to
            // so that we can send him there after login. otherwise, he gets the dashboard.
            String url = getBookmarkedUrl(session);
            if ((url == null) || url.equals("/Logout.do")) {
                url = URL_DASHBOARD;
            }
            if (url.toLowerCase().indexOf("ajax") != -1) {
                // we can't return to a URL that was a partial page request
                // because the view no longer exists, and will blow up.
                // instead, redirect back to the last saved URL
                url = webUser.getWebPreferences().getLastVisitedURL(2);
                log.info("Bypassing partial-page with " + url);
            }

            af = new ActionForward(url);
        }

        return mapping.findForward(RetCodeConstants.SUCCESS_URL);
    }

    private void clearSubjectPreferences(HttpSession session) {
        WebUser webUser = SessionUtils.getWebUser(session);
        if (webUser != null) {
            Subject subject = webUser.getSubject();
            if (subject != null) {
                LookupUtil.getSubjectPreferencesCache().clearConfiguration(subject.getId());
            }
        }
    }

    public ActionForward execute(ActionMapping mapping, ActionForm form, HttpServletRequest request,
        HttpServletResponse response) throws Exception {

        PropertiesForm pForm = (PropertiesForm) form;

        WebUser user = SessionUtils.getWebUser(request.getSession());
        WebUserPreferences preferences = user.getWebPreferences();

        String forwardStr = RetCodeConstants.SUCCESS_URL;
        if (pForm.isRemoveClicked()) {
            AlertsPortletPreferences alertPrefs = preferences.getAlertsPortletPreferences();
            for (Integer doomedResourceId : pForm.getIds()) {

    @Override
    public ActionForward execute(ComponentContext context, ActionMapping mapping, ActionForm form,
        HttpServletRequest request, HttpServletResponse response) throws Exception {
        int groupId = WebUtility.getOptionalIntRequestParameter(request, "groupId", -1);

        WebUser user = SessionUtils.getWebUser(request.getSession());
        MeasurementPreferences preferences = user.getMeasurementPreferences();
        Subject subject = user.getSubject();

        MetricRangePreferences rangePreferences = preferences.getMetricRangePreferences();
        long begin = rangePreferences.begin;
        long end = rangePreferences.end;

public class ProcessRAList extends BaseAction {

    @Override
    public ActionForward execute(ActionMapping mapping, ActionForm form, HttpServletRequest request,
        HttpServletResponse response) throws Exception {
        WebUser user = SessionUtils.getWebUser(request.getSession());
        WebUserPreferences preferences = user.getWebPreferences();
        RecentlyApprovedPortletPreferences recentlyApprovedPreferences = preferences
            .getRecentlyApprovedPortletPreferences();

        RAListForm listForm = (RAListForm) form;
        String platformId = new Integer(listForm.getPlatformId()).toString();

    @Override
    public ActionForward execute(ComponentContext context, ActionMapping mapping, ActionForm form,
        HttpServletRequest request, HttpServletResponse response) throws Exception {
        Log log = LogFactory.getLog(PrepareAction.class);
        PropertiesForm pForm = (PropertiesForm) form;
        WebUser user = SessionUtils.getWebUser(request.getSession());
        WebUserPreferences preferences = user.getWebPreferences();

        //this guarantees that the session dosen't contain any resources it shouldn't
        SessionUtils.removeList(request.getSession(), Constants.PENDING_RESOURCES_SES_ATTR);

        //set all the form properties
        pForm.setDisplayOnDash(true);

        AlertsPortletPreferences alertPrefs = preferences.getAlertsPortletPreferences();
        pForm.setAlertsPortletPreferences(alertPrefs);

        PageControl pageControl = WebUtility.getPageControl(request);

        ResourceManagerLocal resourceManager = LookupUtil.getResourceManager();
        PageList<Resource> resources = resourceManager.findResourceByIds(user.getSubject(), alertPrefs.asArray(), false,
            pageControl);

        PageList<DisambiguationReport<Resource>> disambiguatedResources =
            DisambiguatedResourceListUtil.disambiguate(resourceManager, resources, RESOURCE_ID_EXTRACTOR);

    public ActionForward execute(ComponentContext context, ActionMapping mapping, ActionForm form,
        HttpServletRequest request, HttpServletResponse response) throws Exception {

        PageList<DisambiguationReport<Alert>> disambiguatedAlerts = new PageList<DisambiguationReport<Alert>>();
        try {
            WebUser user = SessionUtils.getWebUser(request.getSession());
            if (user == null) {
                // session timed out, return prematurely
                return null;
            }

            WebUserPreferences preferences = user.getWebPreferences();

            // get the user's preferences for the alerts portlet
            AlertsPortletPreferences alertPrefs = preferences.getAlertsPortletPreferences();

            PageControl pageControl = new PageControl(0, alertPrefs.count);
            AlertManagerLocal alertManager = LookupUtil.getAlertManager();
            ResourceManagerLocal resourceManager = LookupUtil.getResourceManager();

            AlertCriteria criteria = new AlertCriteria();
            criteria.addFilterPriorities(AlertPriority.getByLegacyIndex(alertPrefs.priority));
            criteria.addFilterStartTime(alertPrefs.timeRange);
            criteria.addFilterResourceIds(("all".equals(alertPrefs.displayAll) ? null : ArrayUtils
                .wrapInArray(alertPrefs.asArray())));
            criteria.setPageControl(pageControl);

            PageList<Alert> alerts = alertManager.findAlertsByCriteria(user.getSubject(), criteria);

            disambiguatedAlerts = DisambiguatedResourceListUtil.disambiguate(resourceManager, alerts,
                RESOURCE_ID_EXTRACTOR);
        } catch (Exception e) {
            if (log.isDebugEnabled()) {

    public ActionForward execute(ActionMapping mapping, ActionForm form, HttpServletRequest request,
        HttpServletResponse response) throws Exception {

        PropertiesForm pForm = (PropertiesForm) form;
        HttpSession session = request.getSession();
        WebUser user = SessionUtils.getWebUser(session);
        WebUserPreferences preferences = user.getWebPreferences();

        ActionForward forward = checkSubmit(request, mapping, form);

        if (forward != null) {
            return forward;

    @Override
    public ActionForward execute(ActionMapping mapping, ActionForm form, HttpServletRequest request,
        HttpServletResponse response) throws Exception {

        HttpSession session = request.getSession();
        WebUser user = SessionUtils.getWebUser(request.getSession());
        RecentlyApprovedPortletPreferences preferences = user.getWebPreferences()
            .getRecentlyApprovedPortletPreferences();

        PropertiesForm pForm = (PropertiesForm) form;
        pForm.setRecentlyApprovedPortletPreferences(preferences);