<%
/*
Copyright (c) 2003, Plumtree Software

All rights reserved.

Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:

1.  Neither the name of Plumtree Software nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission; 

2.  Licensee acknowledges that no license or other permission is granted herein with respect to any third party software and that Licensee may not use the code in any way that would infringe any third party right.

THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF TITLE, NONINFRINGEMENT, MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. REGARDLESS OF THE BASIS OF RECOVERY CLAIMED, WHETHER UNDER ANY CONTRACT, WARRANTY, TORT (INCLUDING NEGLIGENCE AND STRICT LIABILITY), BREACH OF STATUTORY DUTY, PRINCIPLES OF CONTRIBUTION OR 
ANY OTHER THEORY OF LIABILITY, IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 
THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE; AND IN NO EVENT WILL THE COPYRIGHT OWNER'S OR CONTRIBUTORS' EXCEED $10,000.
*/
%>

<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<%@page import="com.plumtree.remote.prc.collaboration.project.*, 
				com.plumtree.remote.prc.collaboration.security.*, 
				com.plumtree.remote.portlet.*" %>


<%

IPortletContext portletContext = PortletContextFactory.createPortletContext(request, response);


//booleans for addMember, removeMember and setFunctionalArea, and setObject
boolean addMember = false;
boolean removeMember = false;
boolean setFunctionalArea = false;
boolean retrieveMembers = false;

boolean memberRoleType = false;
boolean guestRoleType = false;
boolean leaderRoleType = false;

boolean discussion = false;
boolean document = false;
boolean folder = false;
boolean tasklist = false;
boolean project = false;

boolean admin = false;
boolean edit = false;
boolean write = false;
boolean read = false;
boolean none = false;


IProject sampleProject = null;
IRole role = null;
AccessLevel accessLevel = null;
RoleType roleType = null;
FunctionalArea functionalArea = null;

//member id required for addMember & removeMember
int addMemberID = -1;
int removeMemberID = -1;


//determine role type
String selectRoleType = request.getParameter("roleTypeOption");
if (null != selectRoleType)
{
	if (selectRoleType.equals("Member"))
	{
	  memberRoleType = true;
	}
	else if (selectRoleType.equals("Guest"))  
	{
	  guestRoleType = true;
	}
	else if (selectRoleType.equals("Leader"))  
	{
	  leaderRoleType = true;
	}
	
}


//determine functional area
String selectFunctionalArea = request.getParameter("functionalAreaOption");
if (null != selectFunctionalArea)
{
	if (selectFunctionalArea.equals("Discussion"))
	{
	  discussion = true;
	}
	else if (selectFunctionalArea.equals("Document"))  
	{
	  document = true;
	}
	else if (selectFunctionalArea.equals("Folder"))  
	{
	  folder = true;
	}
	else if (selectFunctionalArea.equals("Project"))  
	{
	  project = true;
	}
	else if (selectFunctionalArea.equals("TaskList"))  
	{
	  tasklist = true;
	}		
}


//determine access level
String selectAccessLevel = request.getParameter("accessLevelOption");
if (null != selectAccessLevel)
{
	if (selectAccessLevel.equals("Admin"))
	{
	  admin = true;
	}
	else if (selectAccessLevel.equals("Edit"))  
	{
	  edit = true;
	}
	else if (selectAccessLevel.equals("Write"))  
	{
	  write = true;
	}
	else if (selectAccessLevel.equals("Read"))  
	{
	  read = true;
	}
	else if (selectAccessLevel.equals("None"))  
	{
	  none = true;
	}		
}

//determine sample options - addMember, removeMember, retrieveMembers, or setFunctionalArea.
String select = request.getParameter("securityMethod");
if (null != select)
{
	if (select.equals("addMember"))
	{
	  addMember = true;
	}
	else if (select.equals("removeMember"))  
	{
	  removeMember = true;
	}
	else if (select.equals("setFunctionalArea"))
	{
	  setFunctionalArea = true;
	}
	else if (select.equals("retrieveMembers"))
	{
		retrieveMembers = true;
	}
}

//if any of these is true, set hosted display mode
if (addMember || removeMember || setFunctionalArea || retrieveMembers)
{
		IPortletResponse portletResponse = portletContext.getResponse();
		portletResponse.setHostedDisplayMode(HostedDisplayMode.Hosted);
} 

//see if we have a addMember/removeMember id- if so, convert it to an int.
String strAddMemberID = request.getParameter("addMemberID");
if (null != strAddMemberID && !("".equals(strAddMemberID)))
{
 try
 {
 	addMemberID = Integer.parseInt(strAddMemberID); 
 }
 catch (Exception e) 
 {
  out.println("Unable to parse memberID to add - " + strAddMemberID); 
 }
}
 
String strRemoveMemberID = request.getParameter("removeMemberID");
if (null != strRemoveMemberID && !("".equals(strRemoveMemberID)))
{
 try
 {
 	removeMemberID = Integer.parseInt(strRemoveMemberID); 
 }
 catch (Exception e) 
 {
  out.println("Unable to parse memberID to remove - " + strRemoveMemberID); 
 }   
}  
%>


<table>
<form name="selectForm" method="POST" action="securityExample.jsp">
<tr>
<td>
<!--select for create, remove, search-->
<select name="securityMethod">
<option value="addMember" <% if(addMember)out.println(" SELECTED ");%>>Add member</option>
<option value="removeMember" <% if(removeMember)out.println(" SELECTED ");%>>Remove member</option>
<option value="retrieveMembers" <% if(retrieveMembers)out.println(" SELECTED ");%>>Retrieve members</option>
<option value="setFunctionalArea" <% if(setFunctionalArea)out.println(" SELECTED ");%>>Set security for a functional area</option>
</select>
<input type="submit" name="selectGo" value="go"/>
</td>
</tr>


<%
	//attempt to retrieve the sample project; if not found, create it, then redirect back to the current page    
    sampleProject = (IProject) session.getAttribute("edk_sample_project");
    if(sampleProject == null)
    {
    	response.sendRedirect("../project/ProjectCreator.jsp");
    }
%>


<!--for addMember/removeMember: show a drop down for role type, a box to enter member id to add -->
<!--for retrieveMembers: show a drop down for role type  -->
<!--for setFunctionalArea: show a drop down for role type, a drop down for functional area, and a drop down for access level -->

<% 
if (addMember)
{
	if (roleType == null)
	{
	%>				
		<table>
		<form name="selectForm" method="POST" action="securityExample.jsp">
		<tr>
		<td>
		<!--select for create, remove, search-->
		<select name="roleTypeOption">
		<option value="Member" <% if(memberRoleType)out.println(" SELECTED ");%>>Member</option>
		<option value="Guest" <% if(guestRoleType)out.println(" SELECTED ");%>>Guest</option>
		</select>
		<input type="submit" name="selectGo" value="go"/>
		</td>
		</tr>	
	<%
	} 
	if (guestRoleType)
	{
	 	roleType = RoleType.GUEST;
	}
	else
	{
		roleType = RoleType.MEMBER;
	}	
    role = sampleProject.getRole(roleType);

    //if no member ID, add a text box for memberID, and a submit button
	if (addMemberID == -1)
	{
	%>
	<tr>
		<td>
			Member ID to Add:
		</td>
		<td>
			<input type="text" name="addMemberID" value="<%=(null==strAddMemberID)?"":strAddMemberID%>"/>
		</td>
	</tr>	
	<tr>
		<td>
			<input type="submit" name="addMemberSubmit" value="submit"/>
		</td>
	</tr>
	<%
	} 
	else
	{
		//add the specified member id
		role.addMember(addMemberID, MemberType.USER);			
		
		//store the role to persist change
        role.store();
        	
        // retrieve all ids in the role
        int[] memberIDs = role.getMemberIDs(MemberQueryType.ALL_USERS);
	%>
		<tr>
			<td>
				<%out.write("Updated role " + role.getName() + " - added user with ID = " + addMemberID + " to role.");%>
			</td>
			<tr>
				<td>	
					<%out.write("Now the role has " + memberIDs.length + " members: ");%>
				</td>
			</tr>
			<tr>
				<%
				for (int i = 0; i < memberIDs.length; i++) 
				{
				%>
				<tr>
					<td>
						<%out.write("memberIDs[" + i + "] is " + memberIDs[i]);%>
					</td>
				</tr>
				<%
				}
				%>
			</tr>			
		</tr>
	<%
	}
}

if (removeMember)
{
	if (roleType == null)
	{
	%>				
		<table>
		<form name="selectForm" method="POST" action="securityExample.jsp">
		<tr>
		<td>
		<!--select for create, remove, search-->
		<select name="roleTypeOption">
		<option value="Member" <% if(memberRoleType)out.println(" SELECTED ");%>>Member</option>
		<option value="Guest" <% if(guestRoleType)out.println(" SELECTED ");%>>Guest</option>
		</select>
		<input type="submit" name="selectGo" value="go"/>
		</td>
		</tr>	
	
	<%
	} 
	if (guestRoleType)
	{
	 	roleType = RoleType.GUEST;
	}
	else
	{
		roleType = RoleType.MEMBER;
	}	
    role = sampleProject.getRole(roleType);
	if (removeMemberID == -1)
	{
	%>
	<tr>
		<td>
			Member ID to Remove:
		</td>
		<td>
			<input type="text" name="removeMemberID" value="<%=(null==strRemoveMemberID)?"":strRemoveMemberID%>"/>
		</td>
	</tr>	
	<tr>
		<td>
			<input type="submit" name="removeMemberSubmit" value="submit"/>
		</td>
	</tr>
	<%
	} 
	else
	{
		//remove the specified member id
		role.removeMember(removeMemberID, MemberType.USER);
			
		//store the role to persist change
        role.store();
        	
        // retrieve all ids in the role
        int[] memberIDs = role.getMemberIDs(MemberQueryType.ALL_USERS);
	%>
	<tr>
		<td>
			<%out.write("Updated role " + role.getName() + " - remove user with ID = " + removeMemberID + " from role.");%>
		</td>
		<tr>
			<td>	
				<%out.write("Now the role has " + memberIDs.length + " members after the removal.");%>
			</td>
		</tr>
	</tr>
	<%
	}
}

if (retrieveMembers)
{
	if (roleType == null)
	{
	%>				
		<table>
		<form name="selectForm" method="POST" action="securityExample.jsp">
		<tr>
		<td>
		<!--select for create, remove, search-->
		<select name="roleTypeOption">
		<option value="Leader" <% if(leaderRoleType)out.println(" SELECTED ");%>>Leader</option>
		<option value="Member" <% if(memberRoleType)out.println(" SELECTED ");%>>Member</option>
		<option value="Guest" <% if(guestRoleType)out.println(" SELECTED ");%>>Guest</option>
		</select>
		<input type="submit" name="selectGo" value="go"/>
		</td>
		</tr>	
	<%
	} 
	if (guestRoleType)
	{
	 	roleType = RoleType.GUEST;
	}
	else if (memberRoleType)
	{
		roleType = RoleType.MEMBER;
	}	
	else
	{
		roleType = RoleType.LEADER;
	}
    role = sampleProject.getRole(roleType);
   
    //retrieve all ids in the role
    int[] memberIDs = role.getMemberIDs(MemberQueryType.ALL_USERS);
	%>
		<tr>
			<tr>
				<td>	
					<%out.write(role.getName() + " has " + memberIDs.length + " members. ");%>
				</td>
			</tr>
			<tr>
				<%
				for (int i = 0; i < memberIDs.length; i++) 
				{
				%>
				<tr>
					<td>
						<%out.write("memberIDs[" + i + "] is " + memberIDs[i]);%>
					</td>
				</tr>
				<%
				}
				%>
			</tr>			
		</tr>
	<%
	
}


if (setFunctionalArea)
{

	if (roleType == null)
	{
	%>				
		<table>
		<form name="selectForm" method="POST" action="securityExample.jsp">
		<tr>
		<td>
		<!--select for create, remove, search-->
		<select name="roleTypeOption">
		<option value="Member" <% if(memberRoleType)out.println(" SELECTED ");%>>Member</option>
		<option value="Guest" <% if(guestRoleType)out.println(" SELECTED ");%>>Guest</option>
		</select>
		<input type="submit" name="selectGo" value="go"/>
		</td>
		</tr>	
	<%
	} 
	if (guestRoleType)
	{
	 	roleType = RoleType.GUEST;
	}
	else
	{
		roleType = RoleType.MEMBER;
	}	
    role = sampleProject.getRole(roleType);

	if (null == functionalArea)
	{
	%>

		<table>
		<form name="selectForm" method="POST" action="securityExample.jsp">
		<tr>
		<td>
		<!--select for create, remove, search-->
		<select name="functionalAreaOption">
		<option value="Discussion" <% if(discussion)out.println(" SELECTED ");%>>Discussion</option>
		<option value="Document" <% if(document)out.println(" SELECTED ");%>>Document</option>
		<option value="Folder" <% if(discussion)out.println(" SELECTED ");%>>Document Folder</option>
		<option value="Project" <% if(document)out.println(" SELECTED ");%>>Project</option>
		<option value="Tasklist" <% if(discussion)out.println(" SELECTED ");%>>Task List</option>
		</select>
		<input type="submit" name="selectGo" value="go"/>
		</td>
		</tr>	

	<%
	} 
	
	if (document)
	{
	 	functionalArea = FunctionalArea.DOCUMENT;
	}	
	else if (folder)
	{
	 	functionalArea = FunctionalArea.DOCUMENT_FOLDER;
	}	
	else if (project)
	{
	 	functionalArea = FunctionalArea.PROJECT;
	}	
	else if (tasklist)
	{
	 	functionalArea = FunctionalArea.TASK_LIST;
	}
	else
	{
	 	functionalArea = FunctionalArea.DISCUSSION;
	}
	

	if (null == accessLevel)
	{
	%>

		<table>
		<form name="selectForm" method="POST" action="securityExample.jsp">
		<tr>
		<td>
		<!--select for create, remove, search-->
		<select name="AccessLevelOption">
		<option value="Admin" <% if(admin)out.println(" SELECTED ");%>>Admin</option>
		<option value="Edit" <% if(edit)out.println(" SELECTED ");%>>Edit</option>
		<option value="Write" <% if(write)out.println(" SELECTED ");%>>Write</option>
		<option value="Read" <% if(read)out.println(" SELECTED ");%>>Read</option>
		<option value="None" <% if(none)out.println(" SELECTED ");%>>None</option>
		</select>
		<input type="submit" name="selectGo" value="go"/>
		</td>
		</tr>	

	<%
	} 
	
	if (edit)
	{
	 	accessLevel = AccessLevel.EDIT;
	}	
	else if (write)
	{
	 	accessLevel = AccessLevel.WRITE;
	}	
	else if (read)
	{
	 	accessLevel = AccessLevel.READ;
	}
	else if (none)
	{
	 	accessLevel = AccessLevel.NONE;
	}
	else
	{
		accessLevel = AccessLevel.ADMIN;
	}
	

	
	//perform the modification on the specified functional area access level	
	role.setAccessLevel(functionalArea, accessLevel);
        
    //store the role to persist the access level change
    role.store();
	%>
		
	<tr>
		<td>
			<%out.write("Updated role " + role.getName() + " with access level set to " + role.getAccessLevel(functionalArea) + " for " + functionalArea);%>
		</td>
	</tr>
	<%
}
%>
</form>
</table>


