001: /**
002: * Copyright (C) 2001 Yasna.com. All rights reserved.
003: *
004: * ===================================================================
005: * The Apache Software License, Version 1.1
006: *
007: * Redistribution and use in source and binary forms, with or without
008: * modification, are permitted provided that the following conditions
009: * are met:
010: *
011: * 1. Redistributions of source code must retain the above copyright
012: * notice, this list of conditions and the following disclaimer.
013: *
014: * 2. Redistributions in binary form must reproduce the above copyright
015: * notice, this list of conditions and the following disclaimer in
016: * the documentation and/or other materials provided with the
017: * distribution.
018: *
019: * 3. The end-user documentation included with the redistribution,
020: * if any, must include the following acknowledgment:
021: * "This product includes software developed by
022: * Yasna.com (http://www.yasna.com)."
023: * Alternately, this acknowledgment may appear in the software itself,
024: * if and wherever such third-party acknowledgments normally appear.
025: *
026: * 4. The names "Yazd" and "Yasna.com" must not be used to
027: * endorse or promote products derived from this software without
028: * prior written permission. For written permission, please
029: * contact yazd@yasna.com.
030: *
031: * 5. Products derived from this software may not be called "Yazd",
032: * nor may "Yazd" appear in their name, without prior written
033: * permission of Yasna.com.
034: *
035: * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
036: * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
037: * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
038: * DISCLAIMED. IN NO EVENT SHALL YASNA.COM OR
039: * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
040: * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
041: * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
042: * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
043: * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
044: * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
045: * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
046: * SUCH DAMAGE.
047: * ====================================================================
048: *
049: * This software consists of voluntary contributions made by many
050: * individuals on behalf of Yasna.com. For more information
051: * on Yasna.com, please see <http://www.yasna.com>.
052: */package com.Yasna.forum;
053:
054: import java.util.*;
055:
056: /**
057: * A protection proxy for ForumMessage objects.
058: */
059: public class ForumMessageProxy implements ForumMessage {
060:
061: private ForumMessage message;
062: private Authorization authorization;
063: private ForumPermissions permissions;
064: private boolean canReadText;
065:
066: /**
067: * Creates a new ForumMessageProxy to protect the supplied message with
068: * the specified permissions
069: */
070: public ForumMessageProxy(ForumMessage message,
071: Authorization authorization, ForumPermissions permissions) {
072: this .message = message;
073: this .authorization = authorization;
074: this .permissions = permissions;
075: init();
076: }
077:
078: /**
079: * Initialize some class members.
080: */
081: private void init() {
082: canReadText = false;
083: boolean isModerator = false;
084: boolean isSystemAdmin = permissions
085: .get(ForumPermissions.SYSTEM_ADMIN);
086: boolean isUserAdmin = permissions
087: .get(ForumPermissions.FORUM_ADMIN);
088: if (permissions != null) {
089: isModerator = permissions.get(ForumPermissions.MODERATOR);
090: }
091: boolean isAdmin = isSystemAdmin || isUserAdmin || isModerator;
092: if (isAdmin
093: || (message.getUser().getID() == authorization
094: .getUserID() && authorization.getUserID() != -1)) {
095: canReadText = true;
096: } else {
097: if (message.isApproved()) {
098: //if private message
099: if (message.isPrivate()) {
100: //if receiver
101: if (message.getReplyPrivateUserId() == authorization
102: .getUserID()) {
103: canReadText = true;
104: }
105: } else { //not private message
106: canReadText = true;
107: }
108: }
109: } //if
110: }
111:
112: //FROM THE FORUMMESSAGE INTERFACE//
113:
114: public int getID() {
115: return message.getID();
116: }
117:
118: public Date getCreationDate() {
119: return message.getCreationDate();
120: }
121:
122: public void setCreationDate(Date creationDate)
123: throws UnauthorizedException {
124: if (permissions.isSystemOrForumAdmin()) {
125: this .message.setCreationDate(creationDate);
126: } else {
127: throw new UnauthorizedException();
128: }
129: }
130:
131: public Date getModifiedDate() {
132: return message.getModifiedDate();
133: }
134:
135: public void setModifiedDate(Date modifiedDate)
136: throws UnauthorizedException {
137: if (permissions.isSystemOrForumAdmin()) {
138: this .message.setModifiedDate(modifiedDate);
139: } else {
140: throw new UnauthorizedException();
141: }
142: }
143:
144: public String getSubject() {
145: return message.getSubject();
146: }
147:
148: public int getReplyPrivateUserId() {
149: return message.getReplyPrivateUserId();
150: }
151:
152: public boolean isApproved() {
153: return message.isApproved();
154: }
155:
156: public String getUnfilteredSubject() {
157: return message.getUnfilteredSubject();
158: }
159:
160: public void setSubject(String subject) throws UnauthorizedException {
161: if (permissions.isSystemOrForumAdmin()
162: || getUser().hasPermission(ForumPermissions.USER_ADMIN)) {
163: this .message.setSubject(subject);
164: } else {
165: throw new UnauthorizedException();
166: }
167: }
168:
169: public void setReplyPrivateUserId(int replyPrivateUserId)
170: throws UnauthorizedException {
171: if (permissions.isSystemOrForumAdmin()
172: || getUser().hasPermission(ForumPermissions.USER_ADMIN)) {
173: this .message.setReplyPrivateUserId(replyPrivateUserId);
174: } else {
175: throw new UnauthorizedException();
176: }
177: }
178:
179: public void setApprovment(boolean approved)
180: throws UnauthorizedException {
181: if (permissions.isSystemOrForumAdmin()
182: || permissions.get(ForumPermissions.MODERATOR)) {
183: this .message.setApprovment(approved);
184: } else {
185: throw new UnauthorizedException();
186: }
187: }
188:
189: public String getBody() {
190: if (canReadText) {
191: return message.getBody();
192: } else {
193: return null;
194: }
195: }
196:
197: public boolean isPrivate() {
198: return message.isPrivate();
199: }
200:
201: public String getUnfilteredBody() {
202: if (canReadText) {
203: return message.getUnfilteredBody();
204: } else {
205: return null;
206: }
207: }
208:
209: public void setBody(String body) throws UnauthorizedException {
210: if (permissions.isSystemOrForumAdmin()
211: || getUser().hasPermission(ForumPermissions.USER_ADMIN)) {
212: this .message.setBody(body);
213: } else {
214: throw new UnauthorizedException();
215: }
216: }
217:
218: public User getUser() {
219: User user = message.getUser();
220: ForumPermissions userPermissions = user
221: .getPermissions(authorization);
222: ForumPermissions newPermissions = new ForumPermissions(
223: permissions, userPermissions);
224: return new UserProxy(user, authorization, newPermissions);
225: }
226:
227: public String getProperty(String name) {
228: return message.getProperty(name);
229: }
230:
231: public String getUnfilteredProperty(String name) {
232: return message.getUnfilteredProperty(name);
233: }
234:
235: public void setProperty(String name, String value) {
236: message.setProperty(name, value);
237: }
238:
239: public Iterator propertyNames() {
240: return message.propertyNames();
241: }
242:
243: public boolean isAnonymous() {
244: return message.isAnonymous();
245: }
246:
247: public ForumThread getForumThread() {
248: return message.getForumThread();
249: }
250:
251: public boolean hasPermission(int type) {
252: return permissions.get(type);
253: }
254:
255: //OTHER METHODS//
256:
257: /**
258: * Converts the object to a String by returning the subject of the message.
259: * This functionality is primarily for Java applications that might be
260: * accessing CoolForum objects through a GUI.
261: */
262: public String toString() {
263: return message.toString();
264: }
265:
266: /**
267: * Small violation of our pluggable backend architecture so that database
268: * insertions can be made more efficiently and transactional. The fact
269: * that this violation is needed probably means that the proxy architecture
270: * needs to be adjusted a bit.
271: */
272: public void insertIntoDb(java.sql.Connection con, ForumThread thread)
273: throws java.sql.SQLException {
274: ((com.Yasna.forum.database.DbForumMessage) message)
275: .insertIntoDb(con, thread);
276: }
277:
278: public MessageRanking getRanking() {
279: return message.getRanking();
280: }
281:
282: public void setRanking(int para) throws UnauthorizedException {
283: if (!message.getForumThread().getRootMessage().getUser()
284: .isAnonymous()
285: && authorization.getUserID() == message
286: .getForumThread().getRootMessage().getUser()
287: .getID()
288: && authorization.getUserID() != message.getUser()
289: .getID()) {
290: message.setRanking(para);
291: } else {
292: throw new UnauthorizedException(
293: "Only the user who created the thread can rank other messages");
294: }
295: }
296:
297: }
|