001: /*
002: * Licensed to the Apache Software Foundation (ASF) under one or more
003: * contributor license agreements. The ASF licenses this file to You
004: * under the Apache License, Version 2.0 (the "License"); you may not
005: * use this file except in compliance with the License.
006: * You may obtain a copy of the License at
007: *
008: * http://www.apache.org/licenses/LICENSE-2.0
009: *
010: * Unless required by applicable law or agreed to in writing, software
011: * distributed under the License is distributed on an "AS IS" BASIS,
012: * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
013: * See the License for the specific language governing permissions and
014: * limitations under the License. For additional information regarding
015: * copyright in this work, please see the NOTICE file in the top level
016: * directory of this distribution.
017: */
018: package org.apache.roller.ui.authoring.struts.actions;
019:
020: import java.util.ArrayList;
021: import java.util.Iterator;
022: import java.util.List;
023:
024: import javax.servlet.http.HttpServletRequest;
025: import javax.servlet.http.HttpServletResponse;
026:
027: import org.apache.commons.logging.Log;
028: import org.apache.commons.logging.LogFactory;
029: import org.apache.struts.action.ActionError;
030: import org.apache.struts.action.ActionErrors;
031: import org.apache.struts.action.ActionForm;
032: import org.apache.struts.action.ActionForward;
033: import org.apache.struts.action.ActionMapping;
034: import org.apache.struts.action.ActionMessage;
035: import org.apache.struts.action.ActionMessages;
036: import org.apache.struts.actions.DispatchAction;
037: import org.apache.roller.RollerException;
038: import org.apache.roller.business.Roller;
039: import org.apache.roller.business.RollerFactory;
040: import org.apache.roller.business.UserManager;
041: import org.apache.roller.pojos.PermissionsData;
042: import org.apache.roller.pojos.UserData;
043: import org.apache.roller.pojos.WebsiteData;
044: import org.apache.roller.ui.core.BasePageModel;
045: import org.apache.roller.ui.core.RollerRequest;
046: import org.apache.roller.ui.core.RollerSession;
047: import org.apache.roller.ui.authoring.struts.formbeans.MemberPermissionsForm;
048:
049: /**
050: * Allows website admin to change website member permissions.
051: *
052: * @struts.action path="/roller-ui/authoring/memberPermissions" parameter="method" name="memberPermissionsForm"
053: * @struts.action-forward name="memberPermissions.page" path=".MemberPermissions"
054: */
055: public class MemberPermissionsAction extends DispatchAction {
056: private static Log mLogger = LogFactory.getFactory().getInstance(
057: MemberPermissionsAction.class);
058:
059: /** If method param is not specified, use HTTP verb to pick method to call */
060: public ActionForward unspecified(ActionMapping mapping,
061: ActionForm actionForm, HttpServletRequest request,
062: HttpServletResponse response) throws Exception {
063: if (request.getMethod().equals("GET")) {
064: return edit(mapping, actionForm, request, response);
065: }
066: return save(mapping, actionForm, request, response);
067: }
068:
069: /** Called after invite user action posted */
070: public ActionForward send(ActionMapping mapping,
071: ActionForm actionForm, HttpServletRequest request,
072: HttpServletResponse response) throws Exception {
073: return edit(mapping, actionForm, request, response);
074: }
075:
076: public ActionForward cancel(ActionMapping mapping,
077: ActionForm actionForm, HttpServletRequest request,
078: HttpServletResponse response) throws Exception {
079: return edit(mapping, actionForm, request, response);
080: }
081:
082: public ActionForward edit(ActionMapping mapping,
083: ActionForm actionForm, HttpServletRequest request,
084: HttpServletResponse response) throws Exception {
085:
086: MemberPermissionsPageModel pageModel = new MemberPermissionsPageModel(
087: request, response, mapping);
088: request.setAttribute("model", pageModel);
089: RollerSession rses = RollerSession.getRollerSession(request);
090:
091: // Ensure use has admin perms for this weblog
092: if (pageModel.getWebsite() != null
093: && rses.isUserAuthorizedToAdmin(pageModel.getWebsite())) {
094: MemberPermissionsForm form = (MemberPermissionsForm) actionForm;
095: form.setWebsiteId(pageModel.getWebsite().getId());
096: ActionForward forward = mapping
097: .findForward("memberPermissions.page");
098: return forward;
099: } else {
100: return mapping.findForward("access-denied");
101: }
102: }
103:
104: public ActionForward save(ActionMapping mapping,
105: ActionForm actionForm, HttpServletRequest request,
106: HttpServletResponse response) throws Exception {
107: ActionErrors errors = new ActionErrors();
108: ActionMessages msgs = new ActionMessages();
109: RollerSession rses = RollerSession.getRollerSession(request);
110: MemberPermissionsPageModel model = new MemberPermissionsPageModel(
111: request, response, mapping);
112:
113: // Ensure use has admin perms for this weblog
114: if (model.getWebsite() != null
115: && rses.isUserAuthorizedToAdmin(model.getWebsite())) {
116:
117: UserManager userMgr = RollerFactory.getRoller()
118: .getUserManager();
119:
120: Iterator iter = model.getPermissions().iterator();
121: int removed = 0;
122: int changed = 0;
123: while (iter.hasNext()) {
124: PermissionsData perms = (PermissionsData) iter.next();
125: String sval = request.getParameter("perm-"
126: + perms.getId());
127: if (sval != null) {
128: short val = Short.parseShort(sval);
129: UserData user = rses.getAuthenticatedUser();
130: if (perms.getUser().getId().equals(user.getId())
131: && val < perms.getPermissionMask()) {
132: errors.add(null, new ActionError(
133: "memberPermissions.noSelfDemotions"));
134: } else if (val != perms.getPermissionMask()) {
135: if (val == -1) {
136: userMgr.removePermissions(perms);
137: removed++;
138: } else {
139: perms.setPermissionMask(val);
140: userMgr.savePermissions(perms);
141: changed++;
142: }
143: }
144: }
145: }
146: if (removed > 0 || changed > 0) {
147: RollerFactory.getRoller().flush();
148: }
149: if (removed > 0) {
150: msgs.add(null, new ActionMessage(
151: "memberPermissions.membersRemoved",
152: new Integer(removed)));
153: }
154: if (changed > 0) {
155: msgs.add(null, new ActionMessage(
156: "memberPermissions.membersChanged",
157: new Integer(changed)));
158: }
159: saveErrors(request, errors);
160: saveMessages(request, msgs);
161: MemberPermissionsPageModel updatedModel = new MemberPermissionsPageModel(
162: request, response, mapping);
163: request.setAttribute("model", updatedModel);
164: ActionForward forward = mapping
165: .findForward("memberPermissions.page");
166: return forward;
167:
168: } else {
169: return mapping.findForward("access-denied");
170: }
171: }
172:
173: public static class MemberPermissionsPageModel extends
174: BasePageModel {
175: private List permissions = new ArrayList();
176:
177: public MemberPermissionsPageModel(HttpServletRequest request,
178: HttpServletResponse response, ActionMapping mapping)
179: throws RollerException {
180: super ("memberPermissions.title", request, response, mapping);
181: Roller roller = RollerFactory.getRoller();
182: RollerRequest rreq = RollerRequest
183: .getRollerRequest(request);
184: RollerSession rollerSession = RollerSession
185: .getRollerSession(request);
186: WebsiteData website = rreq.getWebsite();
187: permissions = roller.getUserManager().getAllPermissions(
188: website);
189: }
190:
191: public List getPermissions() {
192: return permissions;
193: }
194:
195: public void setWebsites(List permissions) {
196: this.permissions = permissions;
197: }
198: }
199: }
|