diff --git a/src/java/fr/paris/lutece/portal/resources/users_messages.properties b/src/java/fr/paris/lutece/portal/resources/users_messages.properties index c1577b986c..cb3b22bdf5 100644 --- a/src/java/fr/paris/lutece/portal/resources/users_messages.properties +++ b/src/java/fr/paris/lutece/portal/resources/users_messages.properties @@ -64,6 +64,8 @@ message.noArithmeticalCharacters=You must enter only numbers. message.messageAccountReactivated=Your account has been successfully updated! message.noAccountToReactivate=This user account does not need to be reactivated. +message.cannotRemoveUser=You cannot delete the user : {0} + ################################################################################ # Actions actions.labelUpdate=Modify diff --git a/src/java/fr/paris/lutece/portal/resources/users_messages_fr.properties b/src/java/fr/paris/lutece/portal/resources/users_messages_fr.properties index f9371130bf..35e61b2220 100644 --- a/src/java/fr/paris/lutece/portal/resources/users_messages_fr.properties +++ b/src/java/fr/paris/lutece/portal/resources/users_messages_fr.properties @@ -66,6 +66,8 @@ message.noArithmeticalCharacters=Vous devez saisir uniquement des chiffres. message.messageAccountReactivated=Votre compte a bien \u00e9t\u00e9 mis \u00e0 jour \! message.noAccountToReactivate=Ce compte utilisateur n'a pas besoin d'\u00eatre r\u00e9activ\u00e9 +message.cannotRemoveUser=Vous ne pouvez pas supprimer l''utilisateur : {0} + ################################################################################ # Actions actions.labelUpdate=Modifier diff --git a/src/java/fr/paris/lutece/portal/service/util/BeanUtils.java b/src/java/fr/paris/lutece/portal/service/util/BeanUtils.java index 108703b7fe..3adabef8a7 100644 --- a/src/java/fr/paris/lutece/portal/service/util/BeanUtils.java +++ b/src/java/fr/paris/lutece/portal/service/util/BeanUtils.java @@ -13,7 +13,8 @@ public class BeanUtils { public static final String BEAN_ROLE_REMOVAL_SERVICE = "roleRemovalService"; public static final String BEAN_WORKFLOW_REMOVAL_SERVICE = "workflowRemovalService"; public static final String BEAN_WORKGROUP_REMOVAL_SERVICE = "workgroupRemovalService"; - + public static final String BEAN_USER_REMOVAL_SERVICE = "userRemovalService"; + public static final String BEAN_CAPTCHA_SERVICE = "captcha.captchaService"; /** diff --git a/src/java/fr/paris/lutece/portal/service/util/RemovalListenerServiceProducer.java b/src/java/fr/paris/lutece/portal/service/util/RemovalListenerServiceProducer.java index 7031603b27..e14ae5fbd2 100644 --- a/src/java/fr/paris/lutece/portal/service/util/RemovalListenerServiceProducer.java +++ b/src/java/fr/paris/lutece/portal/service/util/RemovalListenerServiceProducer.java @@ -59,4 +59,12 @@ public RemovalListenerService roleRemovalServiceProducer() { return new RemovalListenerService( ); } + @Produces + @Named( BeanUtils.BEAN_USER_REMOVAL_SERVICE ) + @ApplicationScoped + public RemovalListenerService userRemovalServiceProducer( ) + { + return new RemovalListenerService( ); + } + } diff --git a/src/java/fr/paris/lutece/portal/web/user/AdminUserJspBean.java b/src/java/fr/paris/lutece/portal/web/user/AdminUserJspBean.java index 986604e06e..f36b0560aa 100644 --- a/src/java/fr/paris/lutece/portal/web/user/AdminUserJspBean.java +++ b/src/java/fr/paris/lutece/portal/web/user/AdminUserJspBean.java @@ -45,6 +45,8 @@ import java.util.Locale; import java.util.Map; +import fr.paris.lutece.portal.service.util.BeanUtils; +import fr.paris.lutece.portal.service.util.RemovalListenerService; import jakarta.enterprise.context.SessionScoped; import jakarta.inject.Inject; import jakarta.inject.Named; @@ -197,6 +199,7 @@ public class AdminUserJspBean extends AdminFeaturesPageJspBean private static final String MESSAGE_ERROR_CSV_FILE_IMPORT = "portal.users.import_users_from_file.error_csv_file_import"; private static final String FIELD_IMPORT_USERS_FILE = "portal.users.import_users_from_file.labelImportFile"; private static final String FIELD_XSL_EXPORT = "portal.users.export_users.labelXslt"; + private static final String MESSAGE_CANNOT_REMOVE_USER = "portal.users.message.cannotRemoveUser"; // Parameters private static final String PARAMETER_ACCESS_CODE = "access_code"; @@ -389,7 +392,10 @@ public class AdminUserJspBean extends AdminFeaturesPageJspBean private AccessLogService _accessLogService; @Inject private AttributeService _attributeService; - + @Inject + @Named( BeanUtils.BEAN_USER_REMOVAL_SERVICE ) + private RemovalListenerService _removalListenerService; + /** * Build the User list * @@ -1465,6 +1471,7 @@ public String doConfirmRemoveAdminUser( HttpServletRequest request ) throws Acce */ public String doRemoveAdminUser( HttpServletRequest request ) throws AccessDeniedException { + List listErrors = new ArrayList<>( ); String strUserId = request.getParameter( PARAMETER_USER_ID ); int nUserId = Integer.parseInt( strUserId ); AdminUser user = AdminUserHome.findByPrimaryKey( nUserId ); @@ -1473,45 +1480,56 @@ public String doRemoveAdminUser( HttpServletRequest request ) throws AccessDenie { return AdminMessageService.getMessageUrl( request, PROPERTY_MESSAGE_USER_ERROR_SESSION, JSP_URL_MANAGE_USERS, AdminMessage.TYPE_ERROR ); } - if ( !getSecurityTokenService( ).validate( request, JSP_URL_REMOVE_USER ) ) + if ( !_removalListenerService.checkForRemoval( strUserId, listErrors, getLocale( ) ) ) { - throw new AccessDeniedException( ERROR_INVALID_TOKEN ); - } + String strCause = AdminMessageService.getFormattedList( listErrors, getLocale( ) ); + Object[] args = { strCause }; - AdminUser currentUser = AdminUserService.getAdminUser( request ); - - if ( !isUserAuthorizedToModifyUser( currentUser, user ) ) - { - throw new fr.paris.lutece.portal.service.admin.AccessDeniedException( MESSAGE_NOT_AUTHORIZED ); + return AdminMessageService.getMessageUrl( request, MESSAGE_CANNOT_REMOVE_USER, args, AdminMessage.TYPE_STOP ); } + else + { + if ( !getSecurityTokenService( ).validate( request, JSP_URL_REMOVE_USER ) ) + { + throw new AccessDeniedException( ERROR_INVALID_TOKEN ); + } - String strRemovedUserAccessCode = user.getAccessCode( ); + AdminUser currentUser = AdminUserService.getAdminUser( request ); - // Only level 0 users can physically delete a user. - if( currentUser.isAdmin( ) ) - { - AdminUserFieldService.doRemoveUserFields( user, request, getLocale( ) ); - AdminUserHome.removeAllRightsForUser( nUserId ); - AdminUserHome.removeAllRolesForUser( nUserId ); - AdminUserHome.removeAllPasswordHistoryForUser( nUserId ); - AdminUserHome.remove( nUserId ); + if ( !isUserAuthorizedToModifyUser( currentUser, user ) ) + { + throw new fr.paris.lutece.portal.service.admin.AccessDeniedException( MESSAGE_NOT_AUTHORIZED ); + } - _accessLogService.info( AccessLoggerConstants.EVENT_TYPE_RIGHTS, CONSTANT_REMOVE_ADMINUSER, currentUser, - strUserId + " : " + strRemovedUserAccessCode, CONSTANT_BO ); - } - else - { - if (user.isStatusActive()) + String strRemovedUserAccessCode = user.getAccessCode( ); + + // Only level 0 users can physically delete a user. + if( currentUser.isAdmin( ) ) { - user.setStatus( AdminUser.NOT_ACTIVE_CODE ); - AdminUserHome.update( user ); + AdminUserFieldService.doRemoveUserFields( user, request, getLocale( ) ); + AdminUserHome.removeAllRightsForUser( nUserId ); + AdminUserHome.removeAllRolesForUser( nUserId ); + AdminUserHome.removeAllPasswordHistoryForUser( nUserId ); + AdminUserHome.remove( nUserId ); - _accessLogService.info( AccessLoggerConstants.EVENT_TYPE_RIGHTS, CONSTANT_MODIFY_ADMINUSER, currentUser, + _accessLogService.info( AccessLoggerConstants.EVENT_TYPE_RIGHTS, CONSTANT_REMOVE_ADMINUSER, currentUser, strUserId + " : " + strRemovedUserAccessCode, CONSTANT_BO ); } + else + { + if (user.isStatusActive()) + { + user.setStatus( AdminUser.NOT_ACTIVE_CODE ); + AdminUserHome.update( user ); + + _accessLogService.info( AccessLoggerConstants.EVENT_TYPE_RIGHTS, CONSTANT_MODIFY_ADMINUSER, currentUser, + strUserId + " : " + strRemovedUserAccessCode, CONSTANT_BO ); + } + } + + return JSP_MANAGE_USER; } - return JSP_MANAGE_USER; } /**