[Ils-source] r1401 - in trunk/webapp/api/ccure: . user user/put
scribe at crosswire.org
scribe at crosswire.org
Mon Feb 29 16:30:08 MST 2016
Author: scribe
Date: 2016-02-29 16:30:08 -0700 (Mon, 29 Feb 2016)
New Revision: 1401
Added:
trunk/webapp/api/ccure/user/
trunk/webapp/api/ccure/user/put/
trunk/webapp/api/ccure/user/put/index.jsp
Log:
added new CCURE service which accepts CCURE Personnel XML
Added: trunk/webapp/api/ccure/user/put/index.jsp
===================================================================
--- trunk/webapp/api/ccure/user/put/index.jsp (rev 0)
+++ trunk/webapp/api/ccure/user/put/index.jsp 2016-02-29 23:30:08 UTC (rev 1401)
@@ -0,0 +1,437 @@
+<%@ page language="java" contentType="text/xml;charset=utf-8" %>
+<%@ page trimDirectiveWhitespaces="true" %>
+<%@ page import="com.resolutions.ils.Utils" %>
+<%@ page import="com.resolutions.ils.ILSSession" %>
+<%@ page import="com.resolutions.ils.data.UserProfile" %>
+<%@ page import="com.resolutions.ils.data.Company" %>
+<%@ page import="com.resolutions.ils.data.Group" %>
+<%@ page import="java.util.Date" %>
+<%@ page import="java.text.SimpleDateFormat" %>
+<%@ page import="org.apache.log4j.Logger" %>
+<%@ page import="org.crosswire.xml.XMLBlock" %>
+
+<%
+ Logger logger = Logger.getLogger(this.getClass());
+ // standard service header ---------------------------------------
+ response.setContentType("text/xml");
+ int errCode = 0;
+ Company company = Company.getCompany(request);
+
+ boolean apiEnabled = "on".equals(Utils.getSysConfig(session.getServletContext(), company.getCompanyID()).getProperty("APIEnable", "off"));
+ ++errCode;
+ if (!apiEnabled) {
+ out.print("<error code=\""+errCode+"\" message=\"API not enabled in system management settings.\"/>");
+ return;
+ }
+
+ String userID = request.getParameter("ILSUSER");
+ String userPw = request.getParameter("ILSPASSWD");
+ ILSSession ilsSession = (userID != null && userPw != null)
+ ? ILSSession.login(company.getCompanyName(), userID, userPw)
+ : (ILSSession)session.getAttribute("ilsSession");
+ ++errCode;
+ if (ilsSession == null) {
+ out.print("<error code=\""+errCode+"\" message=\"Your iLS sign in information is not valid.\"/>");
+ return;
+ }
+ // end standard service header -----------------------------------
+
+ String data = request.getParameter("data");
+ if (data != null) {
+ data = data.trim();
+
+/*
+logger.debug("char 0: " + (int)data.charAt(0));
+logger.debug("char 1: " + (int)data.charAt(1));
+logger.debug("char 2: " + (int)data.charAt(2));
+logger.debug("char 3: " + (int)data.charAt(3));
+logger.debug("char 0: " + data.charAt(0));
+logger.debug("char 1: " + data.charAt(1));
+logger.debug("char 2: " + data.charAt(2));
+logger.debug("char 3: " + data.charAt(3));
+*/
+ String UTF8_BOM = "";
+ UTF8_BOM += (char)239;
+ UTF8_BOM += (char)187;
+ UTF8_BOM += (char)191;
+ if (data.startsWith(UTF8_BOM)) {
+ data = data.substring(3);
+ }
+ data = data.trim();
+
+ if (data.startsWith("<?xml")) {
+ data = data.substring(data.indexOf("?>")+2);
+ data = data.trim();
+ }
+/*
+logger.debug("char 0: " + (int)data.charAt(0));
+logger.debug("char 1: " + (int)data.charAt(1));
+logger.debug("char 2: " + (int)data.charAt(2));
+logger.debug("char 0: " + data.charAt(0));
+logger.debug("char 1: " + data.charAt(1));
+logger.debug("char 2: " + data.charAt(2));
+*/
+
+ XMLBlock record = null;
+ ++errCode;
+ try {
+ record = new XMLBlock(data);
+ record = record.getBlock("SoftwareHouse.NextGen.Common.SecurityObjects.Personnel");
+ }
+ catch (Exception e) {
+ out.print("<error code=\""+errCode+"\" message=\"Error parsing XML: "+e+"\"/>");
+ return;
+ }
+
+ ++errCode;
+ if (record == null) {
+ out.print("<error code=\""+errCode+"\" message=\"No CCURE Personnel record found in XML data.\"/>");
+ return;
+ }
+
+ int userProfileID = -1;
+ String loginID = record.getValue("EmailAddress");
+ String userData = record.getValue("ObjectID");
+
+
+// one of these must be supplied; otherwise, show usage info
+if (userProfileID != -1 || loginID != null || userData != null) {
+ String errMsg = "";
+
+ UserProfile adminUser = ilsSession.getCurrentUserProfile();
+
+ Logger eventsLogger = Logger.getLogger("EVENTS");
+ String statusMsg = "";
+ SimpleDateFormat df = new SimpleDateFormat("MM/dd/yyyy");
+ UserProfile current = new UserProfile();
+ current.defaultAll();
+ // default access level is employee
+ current.setUserProfileAccessLevel(1);
+ current.setUserProfileHireDate(new Date());
+ int currentRoleID = -1;
+ int currentLocationID = -1;
+ String roleName = null;
+ String roleUserData = null;
+ String workgroupName = null;
+ String workgroupUserData = null;
+ boolean createMode = "create".equals(request.getParameter("action"));
+
+ ++errCode;
+ if ((adminUser.getUserProfileAccessLevel() > UserProfile.ACCESS_MANAGER) || (adminUser.hasAccess(UserProfile.ACCESS_MODE_USERPR_SEARCH_VIEW))) {
+ if (!createMode) {
+ UserProfile lookup = null;
+ if (userProfileID != -1) {
+ lookup = UserProfile.getUserProfile(ilsSession, userProfileID);
+ if (lookup == null) {
+ out.print("<error code=\""+errCode+"\" message=\"Permission denied.\"/>");
+ return;
+ }
+ }
+ if (lookup == null && loginID != null) {
+ lookup = UserProfile.getUserProfile(ilsSession, loginID);
+ }
+ if (lookup == null && userData != null) {
+ lookup = UserProfile.getUserProfileByUserData(ilsSession, userData);
+ }
+ if (lookup != null) {
+ current = lookup;
+ }
+ else {
+ if (!"update".equals(request.getParameter("action"))) createMode = true;
+ else current = null;
+ }
+ }
+ }
+ else {
+ ++errCode;
+ out.print("<error code=\""+errCode+"\" message=\"Permission denied.\"/>");
+ return;
+ }
+
+ errCode += 2;
+ if (current == null) {
+ out.print("<error code=\""+errCode+"\" message=\"User Profile not found.\"/>");
+ return;
+ }
+ ++errCode;
+ if (createMode && current.getUserProfileID() > 0) {
+ out.print("<error code=\""+errCode+"\" message=\"User Profile exists.\"/>");
+ return;
+ }
+ if (current.getUserProfileID() > 0 && adminUser.getUserProfileAccessLevel() <= UserProfile.ACCESS_MANAGER && !adminUser.hasAccess(UserProfile.ACCESS_MODE_USERPR_MODIFY_USER)) {
+ out.print("<error code=\""+errCode+"\" message=\"Permission denied to edit user profile.\"/>");
+ return;
+ }
+
+ boolean createGroupOnDemand = true; //false; try { createGroupOnDemand = "true".equals(request.getParameter("createGroupOnDemand")); } catch (Exception e) {}
+ String val = record.getValue("UDF__ROLE_");
+ String val2 = request.getParameter("roleUserData");
+ int requestedRole = -1;
+
+ ++errCode;
+ if ((val != null && val.trim().length() > 0) || (val2 != null && val2.trim().length() > 0)) {
+ for (int i = 0; i < 2; ++i) {
+ Group g = (val2 != null) ? Group.getGroupByUserData(ilsSession, Group.GROUPTYPE_ROLE, val2) : Group.getGroupByName(ilsSession, Group.GROUPTYPE_ROLE, val);
+ if (g != null) {
+ requestedRole = g.getGroupID();
+ roleName = g.getGroupName();
+ break;
+ }
+ else {
+ if (i < 1 && createGroupOnDemand) {
+ Group grp = new Group();
+ grp.defaultAll();
+ grp.setGroupTypeID(Group.GROUPTYPE_ROLE);
+ grp.setGroupName(val != null ? val : val2);
+ roleName = grp.getGroupName();
+ grp.setGroupDesc(roleName);
+ if (val2 != null) grp.setValue("USERDATA", val2);
+ grp.saveNew(ilsSession);
+ }
+ else {
+ out.print("<error code=\""+errCode+"\" message=\"" + ((val2 != null) ? "roleUserData" : "roleName") + " was submitted but was not found in the database. You must specify an existing Role or createGroupOnDemand must be passed as true.\"/>");
+ return;
+ }
+ }
+ }
+ }
+
+ ++errCode;
+ val = record.getValue("UDF__COMPANY_");
+ val2 = request.getParameter("locationUserData");
+ int requestedLocation = -1;
+ if ((val != null && val.trim().length() > 0) || (val2 != null && val2.trim().length() > 0)) {
+ for (int i = 0; i < 2; ++i) {
+ Group g = (val2 != null) ? Group.getGroupByUserData(ilsSession, Group.GROUPTYPE_LOCATION, val2) : Group.getGroupByName(ilsSession, Group.GROUPTYPE_LOCATION, val);
+ if (g != null) {
+ requestedLocation = g.getGroupID();
+ workgroupName = g.getGroupName();
+ break;
+ }
+ else {
+ if (i < 1 && createGroupOnDemand) {
+ Group grp = new Group();
+ grp.defaultAll();
+ grp.setGroupTypeID(Group.GROUPTYPE_LOCATION);
+ grp.setGroupName(val != null ? val : val2);
+ workgroupName = grp.getGroupName();
+ grp.setGroupDesc(workgroupName);
+ if (val2 != null) grp.setValue("USERDATA", val2);
+ grp.saveNew(ilsSession);
+ }
+ else {
+ out.print("<error code=\""+errCode+"\" message=\""+((val2 != null) ? "locationUserData" : "locationName") + " was submitted but was not found in the database. You must specify an existing Location or createGroupOnDemand must be passed as true.\"/>");
+ return;
+ }
+ }
+ }
+ }
+
+ UserProfile orig = (UserProfile)current.clone();
+
+ ++errCode;
+ val = loginID;
+ if (val != null && val.trim().length() > 0) {
+ UserProfile up = UserProfile.getUserProfile(ilsSession, val);
+ if ((up != null) && (up.getUserProfileID() != current.getUserProfileID())) {
+ errMsg = "The Employee ID already exists.";
+ out.print("<error code=\""+errCode+"\" message=\""+errMsg+"\"/>");
+ return;
+ }
+ else {
+ current.setUserProfileNum(val);
+ }
+ }
+
+ // set associated external data, typically used for API client to map this user back to their system
+ if (userData != null && userData.length() > 0) current.setValue("USERDATA", userData);
+
+ val = request.getParameter("passwd");
+ if (val != null && val.trim().length() > 0) current.setUserProfilePasswd(val);
+ val = request.getParameter("statusID");
+ if (val != null && val.trim().length() > 0) current.setUserProfileStatusID(Integer.parseInt(val));
+
+ val = request.getParameter("accessLevel");
+ if (val != null && val.trim().length() > 0) current.setUserProfileAccessLevel(Integer.parseInt(val));
+
+ val = request.getParameter("accessMode");
+ if (val != null && val.trim().length() > 0) current.setUserProfileAccessMode(Integer.parseInt(val));
+
+ val = record.getValue("Name");
+ String lname = val.substring(0,val.indexOf(","));
+ String fname = val.substring(val.indexOf(",")+1);
+ fname = fname.trim();
+ String mname = null;
+ if (fname.lastIndexOf(" ") != -1) {
+ mname = fname.substring(fname.lastIndexOf(" ")+1);
+ fname = fname.substring(0, fname.lastIndexOf(" "));
+ }
+
+ val = fname;
+ if (val != null && val.trim().length() > 0) current.setUserProfileFirstName(val);
+ val = mname;
+ if (val != null && val.trim().length() > 0) current.setUserProfileMiddleName(val);
+ val = request.getParameter("suffixName");
+ if (val != null && val.trim().length() > 0) current.setUserProfileSuffixName(val);
+ val = lname;
+ if (val != null && val.trim().length() > 0) current.setUserProfileLastName(val);
+ val = request.getParameter("employeeTitle");
+ if (val != null && val.trim().length() > 0) current.setUserProfileEmployeeTitleID(Integer.parseInt(val));
+ val = request.getParameter("addr1");
+ if (val != null && val.trim().length() > 0) current.setUserProfileAddr1(val);
+ val = request.getParameter("addr2");
+ if (val != null && val.trim().length() > 0) current.setUserProfileAddr2(val);
+ val = request.getParameter("city");
+ if (val != null && val.trim().length() > 0) current.setUserProfileCity(val);
+ val = request.getParameter("state");
+ if (val != null && val.trim().length() > 0) current.setUserProfileState(val);
+ val = request.getParameter("zip");
+ if (val != null && val.trim().length() > 0) current.setUserProfileZip(val);
+ val = request.getParameter("country");
+ if (val != null && val.trim().length() > 0) current.setUserProfileCountry(val);
+ val = record.getValue("EmailAddress");
+ if (val != null && val.trim().length() > 0) current.setUserProfileEMail(val);
+ val = request.getParameter("phone");
+ if (val != null && val.trim().length() > 0) current.setUserProfilePhone(val);
+ val = request.getParameter("hireDate");
+ ++errCode;
+ if ((val != null) && (!val.startsWith("m"))) {
+ Date v = Utils.parseDate(val, 150 * 365, 10 * 365);
+ if (v != null) {
+ current.setUserProfileHireDate(v);
+ }
+ else {
+ errMsg = "Invalid Hire Date, please enter a reasonable date using the format MM/DD/YYYY";
+ out.print("<error code=\""+errCode+"\" message=\""+errMsg+"\"/>");
+ return;
+ }
+ }
+
+ ++errCode;
+ val = request.getParameter("termDate");
+ if ((val != null) && (!val.startsWith("m"))) {
+ Date v = Utils.parseDate(val, 150 * 365, 10 * 365);
+ if (v != null) {
+ current.setUserProfileTermDate(v);
+ }
+ else {
+ errMsg = "Invalid Termination Date, please enter a reasonable date using the format MM/DD/YYYY";
+ out.print("<error code=\""+errCode+"\" message=\""+errMsg+"\"/>");
+ return;
+ }
+ }
+
+ if ((current.getUserProfilePasswd() == null) || (current.getUserProfilePasswd().trim().length() < 1)) {
+ current.setUserProfilePasswd("changeme");
+ }
+
+ ++errCode;
+ if ((current.getUserProfileFirstName() == null) || (current.getUserProfileFirstName().length() < 1)) {
+ errMsg = "You must supply a First Name (firstName)";
+ out.print("<error code=\""+errCode+"\" message=\""+errMsg+"\"/>");
+ return;
+ }
+ ++errCode;
+ if ((current.getUserProfileLastName() == null) || (current.getUserProfileLastName().length() < 1)) {
+ errMsg = "You must supply a Last Name (lastName)";
+ out.print("<error code=\""+errCode+"\" message=\""+errMsg+"\"/>");
+ return;
+ }
+ ++errCode;
+ if ((current.getUserProfileNum() == null) || (current.getUserProfileNum().length() < 1)) {
+ errMsg = "You must supply an Login ID (loginID)";
+ out.print("<error code=\""+errCode+"\" message=\""+errMsg+"\"/>");
+ return;
+ }
+
+ ++errCode;
+ /*
+ if (currentRoleID < 0 && requestedRole < 0) {
+ errMsg = "You must choose a Role for this employee";
+ out.print("<error code=\""+errCode+"\" message=\""+errMsg+"\"/>");
+ return;
+ }
+ */
+ ++errCode;
+ /*
+ if (currentLocationID < 0 && requestedLocation < 0) {
+ errMsg = "You must choose a Workgroup for this employee";
+ out.print("<error code=\""+errCode+"\" message=\""+errMsg+"\"/>");
+ return;
+ }
+ */
+ ++errCode;
+ /*
+ if (current.getUserProfileEmployeeTitleID() < 1) {
+ errMsg = "You must supply an Employee Title";
+ out.print("<error code=\""+errCode+"\" message=\""+errMsg+"\"/>");
+ return;
+ }
+ */
+
+ if (orig.getUserProfileID() > 0) {
+ boolean emailNotice = "on".equals(Utils.getSysConfig(session).getProperty("EmailEnableChangePassword", "off"));
+ HttpSession sendEmail = (emailNotice) ? session : null;
+ current.save(ilsSession, orig, sendEmail);
+ }
+ else {
+ current = current.saveNew(ilsSession, session, workgroupName, roleName);
+ }
+ if ((requestedRole != currentRoleID) && (requestedRole > -1)) {
+ Group.deleteUserGroups(ilsSession, Group.GROUPTYPE_ROLE, current.getUserProfileID());
+ Group.addUserGroup(ilsSession, requestedRole, current.getUserProfileID());
+ // modifying an existing user
+ if (orig.getUserProfileID() > 0) {
+ eventsLogger.info("User " + current.getUserProfileNum() + " ROLE changed from " + currentRoleID + " to " + requestedRole + " by user: " + adminUser.getUserProfileNum());
+ }
+ }
+ if ((requestedLocation != currentLocationID) && (requestedLocation > -1)) {
+ Group.deleteUserGroups(ilsSession, Group.GROUPTYPE_LOCATION, current.getUserProfileID());
+ Group.addUserGroup(ilsSession, requestedLocation, current.getUserProfileID());
+ if (orig.getUserProfileID() > 0) {
+ eventsLogger.info("User " + current.getUserProfileNum() + " WORKGROUP changed from " + currentLocationID + " to " + requestedLocation + " by user: " + adminUser.getUserProfileNum());
+ }
+ }
+%>
+<success userProfileID="<%=current.getUserProfileID()%>"<%=requestedRole > -1 ? " updatedRoleID=\"" + requestedRole + "\"" : ""%><%=requestedLocation > -1 ? " updatedLocationID=\"" + requestedLocation + "\"" : ""%>/>
+<%
+ return;
+
+}
+}
+response.setContentType("text/html");
+%>
+<html>
+<style>th { text-align:left; }</style>
+<body>
+<h1>user/put</h1>
+<p>Create or modify a user profile record</p>
+<h3>Parameters</h3>
+<table border="1">
+<tbody>
+<tr><th>data</th><td>CCURE Personnel XML. Extra parameters below are still accepted</td></tr>
+<tr><th>action</th><td>(optional) [update|create] If not supplied, action is determined by: <ul><li>if userProfileID is supplied, action is update.</li><li>if a record is found by using loginID or userData, action is update.</li><li>otherwise, action is create.</li></ul></td></tr>
+<tr><th>passwd</th><td>User Password</td></tr>
+<tr><th>suffixName</th><td>Name Suffix (e.g., Jr.)</td></tr>
+<tr><th>employeeTitle</th><td>Employee Title ID {unfinished, will lookup by title string in the future}</td></tr>
+<tr><th>addr1</th><td>Address, Line 1</td></tr>
+<tr><th>addr2</th><td>Address, Line 2</td></tr>
+<tr><th>city</th><td>City</td></tr>
+<tr><th>state</th><td>State</td></tr>
+<tr><th>zip</th><td>Postal Code</td></tr>
+<tr><th>country</th><td>Country</td></tr>
+<tr><th>email</th><td>EMail Address</td></tr>
+<tr><th>phone</th><td>Phone Number</td></tr>
+<tr><th>hireDate</th><td>Date Hired</td></tr>
+<tr><th>termDate</th><td>Date Terminated</td></tr>
+<tr><th>accessLevel</th><td>User Access Level</td></tr>
+<tr><th>accessMode</th><td>User Access Mode</td></tr>
+<tr><th>roleUserData</th><td>Assign this user only to this group type 1 {ROLE}. Any other group type 1's are unassigned.</td></tr>
+<tr><th>locationUserData</th><td>Assign this user only to this group type 2 {WORKGROUP}. Any other group type 2's are unassigned.</td></tr>
+<tr><th>ILSUSER</th><td>ILS Login Credentials. Used to validate this API request.</td></tr>
+<tr><th>ILSPASSWD</th><td>ILS Login Credentials. Used to validate this API request.</td></tr>
+</tbody>
+</table>
+</body>
+</html>
+
More information about the Ils-source
mailing list