001 package net.databinder.auth.components;
002
003 import java.util.Arrays;
004 import java.util.List;
005
006 import net.databinder.auth.AuthApplication;
007 import net.databinder.auth.AuthSession;
008 import net.databinder.auth.data.DataUser;
009 import net.databinder.auth.valid.EqualPasswordConvertedInputValidator;
010 import net.databinder.components.DataStyleLink;
011 import net.databinder.components.ModelSourceListPanel;
012 import net.databinder.components.NullPlug;
013 import net.databinder.components.UnbindLink;
014 import net.databinder.models.BindingModel;
015
016 import org.apache.wicket.Component;
017 import org.apache.wicket.authorization.strategies.role.Roles;
018 import org.apache.wicket.authorization.strategies.role.annotations.AuthorizeInstantiation;
019 import org.apache.wicket.markup.html.WebPage;
020 import org.apache.wicket.markup.html.basic.Label;
021 import org.apache.wicket.markup.html.form.Button;
022 import org.apache.wicket.markup.html.form.CheckBoxMultipleChoice;
023 import org.apache.wicket.markup.html.form.Form;
024 import org.apache.wicket.markup.html.form.RequiredTextField;
025 import org.apache.wicket.markup.html.form.SimpleFormComponentLabel;
026 import org.apache.wicket.markup.html.form.TextField;
027 import org.apache.wicket.markup.html.panel.FeedbackPanel;
028 import org.apache.wicket.model.AbstractReadOnlyModel;
029 import org.apache.wicket.model.IChainingModel;
030 import org.apache.wicket.model.IModel;
031 import org.apache.wicket.model.Model;
032 import org.apache.wicket.model.ResourceModel;
033
034 /**
035 * User administration page. Lists all users, allows editing usernames, passwords, and roles.
036 * Must have Role.ADMIN to view. Replaceable String resources: <pre>
037 * data.auth.user_admin
038 * data.auth.user_add
039 * data.auth.username
040 * data.auth.password
041 * data.auth.passwordConfirm
042 * data.auth.roles
043 * data.auth.save
044 * data.auth.delete</pre>
045 * @see AuthSession
046 */
047 @AuthorizeInstantiation(Roles.ADMIN)
048 public abstract class UserAdminPageBase extends WebPage {
049 protected Form form;
050 public UserAdminPageBase() {
051 add(new DataStyleLink("css"));
052 add(new Label("title", new ResourceModel("data.auth.user_admin", "User Administration")));
053 Class<? extends DataUser> userClass = ((AuthApplication) getApplication()).getUserClass();
054
055 add(statusPanel("userStatus"));
056
057 form = adminForm("form", userClass);
058 add(form);
059
060 TextField username = new RequiredTextField("username");
061 username.setLabel(new ResourceModel("data.auth.username", "Username"));
062 form.add(new SimpleFormComponentLabel("username-label", username));
063 form.add(username);
064
065 TextField password = new RSAPasswordTextField("password", new Model(), form) {
066 @Override
067 public boolean isRequired() {
068 return !isBound();
069 }
070 @Override
071 protected void onModelChanged() {
072 setPassword((String) getModelObject());
073 }
074 };
075 password.setLabel(new ResourceModel("data.auth.password", "Password"));
076 form.add(new SimpleFormComponentLabel("password-label", password));
077 form.add(password);
078 TextField passwordConfirm = new RSAPasswordTextField("passwordConfirm", new Model(), form) {
079 public boolean isRequired() {
080 return !isBound();
081 }
082 };
083 form.add(new EqualPasswordConvertedInputValidator(password, passwordConfirm));
084 passwordConfirm.setLabel(new ResourceModel("data.auth.passwordConfirm", "Retype Password"));
085 form.add(new SimpleFormComponentLabel("passwordConfirm-label", passwordConfirm));
086 form.add(passwordConfirm);
087
088 form.add(new CheckBoxMultipleChoice("roles", rolesModel(), new AbstractReadOnlyModel() {
089 public Object getObject() {
090 return getRoleChoices();
091 }
092 }));
093
094 form.add(lowFormSocket("lowForm"));
095
096 form.add(deleteButton("delete"));
097
098 form.add(new FeedbackPanel("feedback"));
099
100 add(new UnbindLink("add", form, getBindingModel()));
101
102 add(new ModelSourceListPanel("users", form, "username", userList(userClass)));
103 }
104
105 protected DataUser getUser() {
106 return (DataUser) form.getModelObject();
107 }
108
109 protected void setPassword(String password) {
110 if (password != null)
111 getUser().getPassword().change(password);
112 }
113
114 protected BindingModel getBindingModel() {
115 return (BindingModel) ((IChainingModel)form.getModel()).getChainedModel();
116 }
117
118 protected boolean isBound() {
119 return getBindingModel().isBound();
120 }
121
122 protected abstract Form adminForm(String id, Class<? extends DataUser> userClass);
123
124 protected abstract Button deleteButton(String id);
125
126 protected abstract DataUserStatusPanelBase statusPanel(String id);
127
128 protected abstract IModel userList(Class<? extends DataUser> userClass);
129
130 protected Component lowFormSocket(String id) {
131 return new NullPlug(id);
132 }
133
134 protected IModel rolesModel() {
135 return null;
136 }
137
138 protected List<String> getRoleChoices() {
139 return Arrays.asList(Roles.USER, Roles.ADMIN);
140 }
141 }