[Bedework-commit] r550 - in trunk/calendar3:
calCore/src/org/bedework/calcore/hibernate
calFacade/src/org/bedework/calfacade/svc
calsvc/src/org/bedework/calsvc webadmin/src/org/bedework/webadmin
webadmin/src/org/bedework/webadmin/admingroup
webadmin/src/org/bedework/webadmin/authuser
webadmin/src/org/bedework/webadmin/event
webadmin/src/org/bedework/webadmin/system webadmin/war/docs
webcommon/src/org/bedework/webcommon
webcommon/src/org/bedework/webcommon/misc
webcommon/src/org/bedework/webcommon/pref
webcommon/src/org/bedework/webcommon/subs
svnadmin at bedework.org
svnadmin at bedework.org
Thu Jun 8 10:05:11 EDT 2006
Author: douglm
Date: 2006-06-08 10:05:08 -0400 (Thu, 08 Jun 2006)
New Revision: 550
Modified:
trunk/calendar3/calCore/src/org/bedework/calcore/hibernate/Events.java
trunk/calendar3/calFacade/src/org/bedework/calfacade/svc/BwCalSuite.java
trunk/calendar3/calsvc/src/org/bedework/calsvc/CalSvc.java
trunk/calendar3/webadmin/src/org/bedework/webadmin/PEActionForm.java
trunk/calendar3/webadmin/src/org/bedework/webadmin/admingroup/PEDeleteAGAction.java
trunk/calendar3/webadmin/src/org/bedework/webadmin/admingroup/PEFetchAGAction.java
trunk/calendar3/webadmin/src/org/bedework/webadmin/admingroup/PEFetchUpdateAGListAction.java
trunk/calendar3/webadmin/src/org/bedework/webadmin/admingroup/PEInitAddAGAction.java
trunk/calendar3/webadmin/src/org/bedework/webadmin/admingroup/PEInitUpdateAGAction.java
trunk/calendar3/webadmin/src/org/bedework/webadmin/admingroup/PESwitchAGAction.java
trunk/calendar3/webadmin/src/org/bedework/webadmin/admingroup/PEUpdateAGAction.java
trunk/calendar3/webadmin/src/org/bedework/webadmin/authuser/PEDeleteAuthAction.java
trunk/calendar3/webadmin/src/org/bedework/webadmin/authuser/PEFetchAuthAction.java
trunk/calendar3/webadmin/src/org/bedework/webadmin/authuser/PEGetAuthUsersAction.java
trunk/calendar3/webadmin/src/org/bedework/webadmin/authuser/PEUpdateAuthAction.java
trunk/calendar3/webadmin/src/org/bedework/webadmin/event/PEDeleteEventAction.java
trunk/calendar3/webadmin/src/org/bedework/webadmin/event/PEDeleteSelectedEventAction.java
trunk/calendar3/webadmin/src/org/bedework/webadmin/event/PEFetchEventAction.java
trunk/calendar3/webadmin/src/org/bedework/webadmin/event/PEGetFormattedEventsAction.java
trunk/calendar3/webadmin/src/org/bedework/webadmin/event/PEInitAddAlertAction.java
trunk/calendar3/webadmin/src/org/bedework/webadmin/event/PEUpdateEventAction.java
trunk/calendar3/webadmin/src/org/bedework/webadmin/system/FetchSysparsAction.java
trunk/calendar3/webadmin/src/org/bedework/webadmin/system/UpdateSysparsAction.java
trunk/calendar3/webadmin/war/docs/header.jsp
trunk/calendar3/webcommon/src/org/bedework/webcommon/BwAbstractAction.java
trunk/calendar3/webcommon/src/org/bedework/webcommon/BwActionFormBase.java
trunk/calendar3/webcommon/src/org/bedework/webcommon/misc/UpdateUserInfoAction.java
trunk/calendar3/webcommon/src/org/bedework/webcommon/pref/FetchPrefsAction.java
trunk/calendar3/webcommon/src/org/bedework/webcommon/pref/UpdatePrefsAction.java
trunk/calendar3/webcommon/src/org/bedework/webcommon/subs/EndSubscribeAction.java
Log:
Changes all related to handling of the current user in admin mode.
There was some confusion between the authenticated user and the
currrent 'run-as' user which the calendar suite code finally broke.
Modified: trunk/calendar3/calCore/src/org/bedework/calcore/hibernate/Events.java
===================================================================
--- trunk/calendar3/calCore/src/org/bedework/calcore/hibernate/Events.java 2006-06-07 20:16:53 UTC (rev 549)
+++ trunk/calendar3/calCore/src/org/bedework/calcore/hibernate/Events.java 2006-06-08 14:05:08 UTC (rev 550)
@@ -1071,6 +1071,12 @@
calTerm.empty = false;
}
} else {
+ /*
+ if (calendar.getId() != CalFacadeDefs.unsavedItemKey) {
+ getSess().reAttach(calendar);
+ }
+ */
+
Iterator it = calendar.getChildren().iterator();
while (it.hasNext()) {
appendCalendarClause(sb, qevName, (BwCalendar)it.next(), calTerm,
Modified: trunk/calendar3/calFacade/src/org/bedework/calfacade/svc/BwCalSuite.java
===================================================================
--- trunk/calendar3/calFacade/src/org/bedework/calfacade/svc/BwCalSuite.java 2006-06-07 20:16:53 UTC (rev 549)
+++ trunk/calendar3/calFacade/src/org/bedework/calfacade/svc/BwCalSuite.java 2006-06-08 14:05:08 UTC (rev 550)
@@ -186,4 +186,15 @@
return sb.toString();
}
+
+ public Object clone() {
+ BwCalSuite cs = new BwCalSuite();
+
+ copyTo(cs);
+ cs.setName(getName());
+ cs.setGroup((BwAdminGroup)getGroup().clone());
+ cs.setRootCalendar((BwCalendar)getRootCalendar().clone());
+
+ return cs;
+ }
}
Modified: trunk/calendar3/calsvc/src/org/bedework/calsvc/CalSvc.java
===================================================================
--- trunk/calendar3/calsvc/src/org/bedework/calsvc/CalSvc.java 2006-06-07 20:16:53 UTC (rev 549)
+++ trunk/calendar3/calsvc/src/org/bedework/calsvc/CalSvc.java 2006-06-08 14:05:08 UTC (rev 550)
@@ -2080,7 +2080,7 @@
* 'special' calendars.
*/
- if (currentView != null) {
+ if (!isPublicAdmin() && currentView != null) {
if (debug) {
trace("Use current view \"" + currentView.getName() + "\"");
}
@@ -2394,8 +2394,15 @@
pars.getCalSuite());
}
- currentCalSuite = new BwCalSuiteWrapper(cs);
- pars.setUser(cs.getGroup().getOwner().getAccount());
+ currentCalSuite = new BwCalSuiteWrapper((BwCalSuite)cs.clone());
+ /* For administrative use we use the account of the admin group the user
+ * is a direct member of - already set.
+ *
+ * For public clients we use the calendar suite owning group.
+ */
+ if (!pars.getPublicAdmin()) {
+ pars.setUser(cs.getGroup().getOwner().getAccount());
+ }
}
boolean userCreated = cali.init(null,
Modified: trunk/calendar3/webadmin/src/org/bedework/webadmin/PEActionForm.java
===================================================================
--- trunk/calendar3/webadmin/src/org/bedework/webadmin/PEActionForm.java 2006-06-07 20:16:53 UTC (rev 549)
+++ trunk/calendar3/webadmin/src/org/bedework/webadmin/PEActionForm.java 2006-06-08 14:05:08 UTC (rev 550)
@@ -480,7 +480,7 @@
* @return Collection preferred categories
*/
public Collection getPreferredCategories() {
- return getAuthUserPrefs().getPreferredCategories();
+ return getCurAuthUserPrefs().getPreferredCategories();
}
/* ====================================================================
@@ -587,7 +587,7 @@
* @return Collection preferred sponsors
*/
public Collection getPreferredSponsors() {
- return getAuthUserPrefs().getPreferredSponsors();
+ return getCurAuthUserPrefs().getPreferredSponsors();
}
/* ====================================================================
@@ -683,7 +683,7 @@
* @return Collection preferred locations
*/
public Collection getPreferredLocations() {
- return getAuthUserPrefs().getPreferredLocations();
+ return getCurAuthUserPrefs().getPreferredLocations();
}
/* ====================================================================
@@ -748,7 +748,7 @@
* @return Collection preferred calendars
*/
public Collection getPreferredCalendars() {
- return getAuthUserPrefs().getPreferredCalendars();
+ return getCurAuthUserPrefs().getPreferredCalendars();
}
/* ====================================================================
@@ -761,7 +761,12 @@
* @return boolean true if user maintenance is implemented.
*/
public boolean getUserMaintOK() {
- return retrieveUserAuth().getUserMaintOK();
+ try {
+ return fetchSvci().getUserAuth().getUserMaintOK();
+ } catch (Throwable t) {
+ err.emit(t);
+ return false;
+ }
}
/**
Modified: trunk/calendar3/webadmin/src/org/bedework/webadmin/admingroup/PEDeleteAGAction.java
===================================================================
--- trunk/calendar3/webadmin/src/org/bedework/webadmin/admingroup/PEDeleteAGAction.java 2006-06-07 20:16:53 UTC (rev 549)
+++ trunk/calendar3/webadmin/src/org/bedework/webadmin/admingroup/PEDeleteAGAction.java 2006-06-08 14:05:08 UTC (rev 550)
@@ -83,7 +83,7 @@
PEActionForm form) throws Throwable {
/** Check access
*/
- if (!form.getUserAuth().isSuperUser()) {
+ if (!form.getCurUserSuperUser()) {
return "noAccess";
}
Modified: trunk/calendar3/webadmin/src/org/bedework/webadmin/admingroup/PEFetchAGAction.java
===================================================================
--- trunk/calendar3/webadmin/src/org/bedework/webadmin/admingroup/PEFetchAGAction.java 2006-06-07 20:16:53 UTC (rev 549)
+++ trunk/calendar3/webadmin/src/org/bedework/webadmin/admingroup/PEFetchAGAction.java 2006-06-08 14:05:08 UTC (rev 550)
@@ -83,7 +83,7 @@
PEActionForm form) throws Throwable {
/** Check access
*/
- if (!form.getUserAuth().isSuperUser()) {
+ if (!form.getCurUserSuperUser()) {
return "noAccess";
}
Modified: trunk/calendar3/webadmin/src/org/bedework/webadmin/admingroup/PEFetchUpdateAGListAction.java
===================================================================
--- trunk/calendar3/webadmin/src/org/bedework/webadmin/admingroup/PEFetchUpdateAGListAction.java 2006-06-07 20:16:53 UTC (rev 549)
+++ trunk/calendar3/webadmin/src/org/bedework/webadmin/admingroup/PEFetchUpdateAGListAction.java 2006-06-08 14:05:08 UTC (rev 550)
@@ -80,7 +80,7 @@
PEActionForm form) throws Throwable {
/** Check access
*/
- if (!form.getUserAuth().isSuperUser()) {
+ if (!form.getCurUserSuperUser()) {
return "noAccess";
}
Modified: trunk/calendar3/webadmin/src/org/bedework/webadmin/admingroup/PEInitAddAGAction.java
===================================================================
--- trunk/calendar3/webadmin/src/org/bedework/webadmin/admingroup/PEInitAddAGAction.java 2006-06-07 20:16:53 UTC (rev 549)
+++ trunk/calendar3/webadmin/src/org/bedework/webadmin/admingroup/PEInitAddAGAction.java 2006-06-08 14:05:08 UTC (rev 550)
@@ -79,7 +79,7 @@
PEActionForm form) throws Throwable {
/** Check access
*/
- if (!form.getUserAuth().isSuperUser()) {
+ if (!form.getCurUserSuperUser()) {
return "noAccess";
}
Modified: trunk/calendar3/webadmin/src/org/bedework/webadmin/admingroup/PEInitUpdateAGAction.java
===================================================================
--- trunk/calendar3/webadmin/src/org/bedework/webadmin/admingroup/PEInitUpdateAGAction.java 2006-06-07 20:16:53 UTC (rev 549)
+++ trunk/calendar3/webadmin/src/org/bedework/webadmin/admingroup/PEInitUpdateAGAction.java 2006-06-08 14:05:08 UTC (rev 550)
@@ -79,7 +79,7 @@
PEActionForm form) throws Throwable {
/** Check access
*/
- if (!form.getUserAuth().isSuperUser()) {
+ if (!form.getCurUserSuperUser()) {
return "noAccess";
}
Modified: trunk/calendar3/webadmin/src/org/bedework/webadmin/admingroup/PESwitchAGAction.java
===================================================================
--- trunk/calendar3/webadmin/src/org/bedework/webadmin/admingroup/PESwitchAGAction.java 2006-06-07 20:16:53 UTC (rev 549)
+++ trunk/calendar3/webadmin/src/org/bedework/webadmin/admingroup/PESwitchAGAction.java 2006-06-08 14:05:08 UTC (rev 550)
@@ -78,7 +78,7 @@
/** Check access
*/
- if (!form.getUserAuth().isContentAdminUser()) {
+ if (!form.getCurUserContentAdminUser()) {
return "noAccess";
}
Modified: trunk/calendar3/webadmin/src/org/bedework/webadmin/admingroup/PEUpdateAGAction.java
===================================================================
--- trunk/calendar3/webadmin/src/org/bedework/webadmin/admingroup/PEUpdateAGAction.java 2006-06-07 20:16:53 UTC (rev 549)
+++ trunk/calendar3/webadmin/src/org/bedework/webadmin/admingroup/PEUpdateAGAction.java 2006-06-08 14:05:08 UTC (rev 550)
@@ -99,7 +99,7 @@
PEActionForm form) throws Throwable {
/* Check access
*/
- if (!form.getUserAuth().isSuperUser()) {
+ if (!form.getCurUserSuperUser()) {
return "noAccess";
}
@@ -137,46 +137,46 @@
form.getErr().emit("org.bedework.error.alreadymember", mbr);
return "retry";
}
-
+
BwPrincipal newMbr = null;
-
+
if ("user".equals(kind)) {
BwUser u = svci.findUser(mbr);
-
+
if (u == null) {
u = new BwUser(mbr);
svci.addUser(u);
u = svci.findUser(mbr);
}
-
+
/* Ensure the authorised user exists - create an entry if not
*
* @param val BwUser account
*/
UserAuth uauth = svci.getUserAuth();
-
+
BwAuthUser au = uauth.getUser(u.getAccount());
-
+
if ((au != null) && (au.getUsertype() == UserAuth.noPrivileges)) {
return "notAllowed";
}
-
+
if (au == null) {
au = new BwAuthUser(u, UserAuth.publicEventUser);
uauth.updateUser(au);
}
-
+
newMbr = u;
} else {
// group
newMbr = (BwAdminGroup)adgrps.findGroup(mbr);
-
+
if (newMbr == null) {
form.getErr().emit("org.bedework.error.unknowgroup", mbr);
return "retry";
}
}
-
+
adgrps.addMember(updgrp, newMbr);
updgrp.addGroupMember(newMbr);
} else if (getReqPar(request, "removeGroupMember") != null) {
@@ -211,14 +211,14 @@
adgrps.addGroup(updgrp);
} catch (CalFacadeException cfe) {
if (CalFacadeException.duplicateAdminGroup.equals(cfe.getMessage())) {
- form.getErr().emit("org.bedework.error.duplicate.admingroup",
+ form.getErr().emit("org.bedework.error.duplicate.admingroup",
updgrp.getAccount());
return "retry";
} else {
throw cfe;
}
}
-
+
form.assignAddingAdmingroup(false);
} else {
if (!validateAdminGroup(form)) {
@@ -367,7 +367,7 @@
return ok;
}
-
+
private boolean validateKind(String kind, PEActionForm form) {
if (kind == null) {
form.getErr().emit("org.bedework.error.missingreqpar", "kind");
@@ -377,7 +377,7 @@
if ("group".equals(kind) || "user".equals(kind)) {
return true;
}
-
+
form.getErr().emit("org.bedework.error.badrequest", kind);
return false;
}
Modified: trunk/calendar3/webadmin/src/org/bedework/webadmin/authuser/PEDeleteAuthAction.java
===================================================================
--- trunk/calendar3/webadmin/src/org/bedework/webadmin/authuser/PEDeleteAuthAction.java 2006-06-07 20:16:53 UTC (rev 549)
+++ trunk/calendar3/webadmin/src/org/bedework/webadmin/authuser/PEDeleteAuthAction.java 2006-06-08 14:05:08 UTC (rev 550)
@@ -80,13 +80,14 @@
PEActionForm form) throws Throwable {
/** Check access
*/
- if (!form.getUserAuth().isSuperUser()) {
+ if (!form.getCurUserSuperUser()) {
return "noAccess";
}
CalSvcI svci = form.fetchSvci();
- svci.getUserAuth().removeAuth(getAuthUser(form));
+ // XXX This was set up to remove the current auth user,
+ // svci.getUserAuth().removeAuth("SHould be the selected user");
form.getMsg().emit("org.bedework.client.message.authuser.removed");
Modified: trunk/calendar3/webadmin/src/org/bedework/webadmin/authuser/PEFetchAuthAction.java
===================================================================
--- trunk/calendar3/webadmin/src/org/bedework/webadmin/authuser/PEFetchAuthAction.java 2006-06-07 20:16:53 UTC (rev 549)
+++ trunk/calendar3/webadmin/src/org/bedework/webadmin/authuser/PEFetchAuthAction.java 2006-06-08 14:05:08 UTC (rev 550)
@@ -83,7 +83,7 @@
PEActionForm form) throws Throwable {
/** Check access
*/
- if (!form.getUserAuth().isSuperUser()) {
+ if (!form.getCurUserSuperUser()) {
return "noAccess";
}
@@ -99,7 +99,7 @@
form.getErr().emit("org.bedework.client.error.nosuchuserid", userid);
return "notFound";
}
-
+
if (debug) {
logIt("Retrieved auth user " + au);
}
Modified: trunk/calendar3/webadmin/src/org/bedework/webadmin/authuser/PEGetAuthUsersAction.java
===================================================================
--- trunk/calendar3/webadmin/src/org/bedework/webadmin/authuser/PEGetAuthUsersAction.java 2006-06-07 20:16:53 UTC (rev 549)
+++ trunk/calendar3/webadmin/src/org/bedework/webadmin/authuser/PEGetAuthUsersAction.java 2006-06-08 14:05:08 UTC (rev 550)
@@ -80,13 +80,13 @@
PEActionForm form) throws Throwable {
/** Check access
*/
- if (!form.getUserAuth().isSuperUser()) {
+ if (!form.getCurUserSuperUser()) {
return "noAccess";
}
/** Get the list
*/
- form.setAuthUsers(retrieveUserAuth(form).getAll());
+ form.setAuthUsers(form.fetchSvci().getUserAuth().getAll());
return "continue";
}
Modified: trunk/calendar3/webadmin/src/org/bedework/webadmin/authuser/PEUpdateAuthAction.java
===================================================================
--- trunk/calendar3/webadmin/src/org/bedework/webadmin/authuser/PEUpdateAuthAction.java 2006-06-07 20:16:53 UTC (rev 549)
+++ trunk/calendar3/webadmin/src/org/bedework/webadmin/authuser/PEUpdateAuthAction.java 2006-06-08 14:05:08 UTC (rev 550)
@@ -81,7 +81,7 @@
PEActionForm form) throws Throwable {
/** Check access
*/
- if (!form.getUserAuth().isSuperUser()) {
+ if (!form.getCurUserSuperUser()) {
return "noAccess";
}
Modified: trunk/calendar3/webadmin/src/org/bedework/webadmin/event/PEDeleteEventAction.java
===================================================================
--- trunk/calendar3/webadmin/src/org/bedework/webadmin/event/PEDeleteEventAction.java 2006-06-07 20:16:53 UTC (rev 549)
+++ trunk/calendar3/webadmin/src/org/bedework/webadmin/event/PEDeleteEventAction.java 2006-06-08 14:05:08 UTC (rev 550)
@@ -86,7 +86,7 @@
/** Check access and set request parameters
*/
if (alerts) {
- if (!form.getUserAuth().isAlertUser()) {
+ if (!form.getCurUserAlerts()) {
return "noAccess";
}
} else {
Modified: trunk/calendar3/webadmin/src/org/bedework/webadmin/event/PEDeleteSelectedEventAction.java
===================================================================
--- trunk/calendar3/webadmin/src/org/bedework/webadmin/event/PEDeleteSelectedEventAction.java 2006-06-07 20:16:53 UTC (rev 549)
+++ trunk/calendar3/webadmin/src/org/bedework/webadmin/event/PEDeleteSelectedEventAction.java 2006-06-08 14:05:08 UTC (rev 550)
@@ -86,7 +86,7 @@
/** Check access and set request parameters
*/
if (alerts) {
- if (!form.getUserAuth().isAlertUser()) {
+ if (!form.getCurUserAlerts()) {
return "noAccess";
}
} else {
Modified: trunk/calendar3/webadmin/src/org/bedework/webadmin/event/PEFetchEventAction.java
===================================================================
--- trunk/calendar3/webadmin/src/org/bedework/webadmin/event/PEFetchEventAction.java 2006-06-07 20:16:53 UTC (rev 549)
+++ trunk/calendar3/webadmin/src/org/bedework/webadmin/event/PEFetchEventAction.java 2006-06-08 14:05:08 UTC (rev 550)
@@ -83,7 +83,7 @@
/** Check access and set request parameters
*/
if (alerts) {
- if (!form.getUserAuth().isAlertUser()) {
+ if (!form.getCurUserAlerts()) {
return "noAccess";
}
} else {
Modified: trunk/calendar3/webadmin/src/org/bedework/webadmin/event/PEGetFormattedEventsAction.java
===================================================================
--- trunk/calendar3/webadmin/src/org/bedework/webadmin/event/PEGetFormattedEventsAction.java 2006-06-07 20:16:53 UTC (rev 549)
+++ trunk/calendar3/webadmin/src/org/bedework/webadmin/event/PEGetFormattedEventsAction.java 2006-06-08 14:05:08 UTC (rev 550)
@@ -55,10 +55,14 @@
package org.bedework.webadmin.event;
import org.bedework.appcommon.FormattedEvents;
+import org.bedework.calfacade.BwCalendar;
import org.bedework.calfacade.BwDateTime;
import org.bedework.calfacade.CalFacadeDefs;
import org.bedework.calfacade.CalFacadeUtil;
import org.bedework.calfacade.filter.BwCreatorFilter;
+import org.bedework.calfacade.svc.BwCalSuite;
+import org.bedework.calfacade.svc.BwSubscription;
+import org.bedework.calsvci.CalSvcI;
import org.bedework.webadmin.PEAbstractAction;
import org.bedework.webadmin.PEActionForm;
import org.bedework.webcommon.BwSession;
@@ -94,7 +98,7 @@
form.assignAlertEvent(false);
form.assignAddingEvent(false);
- form.setFormattedEvents(new FormattedEvents(form.fetchSvci(),
+ form.setFormattedEvents(new FormattedEvents(form.fetchSvci(),
getEvents(request, false, form),
form.getCalInfo(),
form.fetchSvci().getTimezones()));
@@ -115,6 +119,8 @@
*/
}
+ CalSvcI svci = form.fetchSvci();
+
BwDateTime fromDate = null;
if (!form.getListAllEvents()) {
@@ -123,18 +129,25 @@
BwCreatorFilter crefilter = null;
boolean ignoreCreator = "yes".equals(getReqPar(request, "ignoreCreator"));
-
- if (!form.getUserAuth().isSuperUser()) {
+
+ if (!form.getCurUserSuperUser()) {
ignoreCreator = false;
}
-
+
if (!ignoreCreator) {
crefilter = new BwCreatorFilter();
- crefilter.setCreator(form.fetchSvci().getUser());
+ crefilter.setCreator(svci.getUser());
}
- return form.fetchSvci().getEvents(null, crefilter, fromDate, null,
- CalFacadeDefs.retrieveRecurExpanded);
+ BwCalSuite cs = svci.getCalSuite();
+ BwSubscription sub = null;
+ if (cs != null) {
+ BwCalendar cal = svci.getCalendar(cs.getRootCalendar().getPath());
+ sub = BwSubscription.makeSubscription(cal);
+ }
+
+ return svci.getEvents(sub, crefilter, fromDate, null,
+ CalFacadeDefs.retrieveRecurExpanded);
}
private BwDateTime todaysDateTime(PEActionForm form) throws Throwable {
Modified: trunk/calendar3/webadmin/src/org/bedework/webadmin/event/PEInitAddAlertAction.java
===================================================================
--- trunk/calendar3/webadmin/src/org/bedework/webadmin/event/PEInitAddAlertAction.java 2006-06-07 20:16:53 UTC (rev 549)
+++ trunk/calendar3/webadmin/src/org/bedework/webadmin/event/PEInitAddAlertAction.java 2006-06-08 14:05:08 UTC (rev 550)
@@ -80,7 +80,7 @@
PEActionForm form) throws Throwable {
/** Check access and set request parameters
*/
- if (!form.getUserAuth().isAlertUser()) {
+ if (!form.getCurUserAlerts()) {
return "noAccess";
}
Modified: trunk/calendar3/webadmin/src/org/bedework/webadmin/event/PEUpdateEventAction.java
===================================================================
--- trunk/calendar3/webadmin/src/org/bedework/webadmin/event/PEUpdateEventAction.java 2006-06-07 20:16:53 UTC (rev 549)
+++ trunk/calendar3/webadmin/src/org/bedework/webadmin/event/PEUpdateEventAction.java 2006-06-08 14:05:08 UTC (rev 550)
@@ -98,7 +98,7 @@
/** Check access and set request parameters
*/
if (alerts) {
- if (!form.getUserAuth().isAlertUser()) {
+ if (!form.getCurUserAlerts()) {
return "noAccess";
}
} else {
Modified: trunk/calendar3/webadmin/src/org/bedework/webadmin/system/FetchSysparsAction.java
===================================================================
--- trunk/calendar3/webadmin/src/org/bedework/webadmin/system/FetchSysparsAction.java 2006-06-07 20:16:53 UTC (rev 549)
+++ trunk/calendar3/webadmin/src/org/bedework/webadmin/system/FetchSysparsAction.java 2006-06-08 14:05:08 UTC (rev 550)
@@ -80,7 +80,7 @@
PEActionForm form) throws Throwable {
/** Check access
*/
- if (!form.getUserAuth().isSuperUser()) {
+ if (!form.getCurUserSuperUser()) {
return "noAccess";
}
Modified: trunk/calendar3/webadmin/src/org/bedework/webadmin/system/UpdateSysparsAction.java
===================================================================
--- trunk/calendar3/webadmin/src/org/bedework/webadmin/system/UpdateSysparsAction.java 2006-06-07 20:16:53 UTC (rev 549)
+++ trunk/calendar3/webadmin/src/org/bedework/webadmin/system/UpdateSysparsAction.java 2006-06-08 14:05:08 UTC (rev 550)
@@ -93,7 +93,7 @@
PEActionForm form) throws Throwable {
/** Check access
*/
- if (!form.getUserAuth().isSuperUser()) {
+ if (!form.getCurUserSuperUser()) {
return "noAccess";
}
Modified: trunk/calendar3/webadmin/war/docs/header.jsp
===================================================================
--- trunk/calendar3/webadmin/war/docs/header.jsp 2006-06-07 20:16:53 UTC (rev 549)
+++ trunk/calendar3/webadmin/war/docs/header.jsp 2006-06-08 14:05:08 UTC (rev 550)
@@ -184,19 +184,11 @@
<userInfo>
<!-- user type -->
- <logic:equal name="peForm" property="userAuth.contentAdminUser" value="true" >
- <contentAdminUser>true</contentAdminUser>
- </logic:equal>
- <logic:notEqual name="peForm" property="userAuth.contentAdminUser" value="true" >
- <contentAdminUser>false</contentAdminUser>
- </logic:notEqual>
+ <bw:emitText name="peForm" property="curUserContentAdminUser"
+ tagName="contentAdminUser" />
- <logic:equal name="peForm" property="userAuth.superUser" value="true">
- <superUser>true</superUser>
- </logic:equal>
- <logic:notEqual name="peForm" property="userAuth.superUser" value="true">
- <superUser>false</superUser>
- </logic:notEqual>
+ <bw:emitText name="peForm" property="curUserSuperUser"
+ tagName="superUser" />
<logic:equal name="peForm" property="userMaintOK" value="true" >
<userMaintOK>true</userMaintOK>
Modified: trunk/calendar3/webcommon/src/org/bedework/webcommon/BwAbstractAction.java
===================================================================
--- trunk/calendar3/webcommon/src/org/bedework/webcommon/BwAbstractAction.java 2006-06-07 20:16:53 UTC (rev 549)
+++ trunk/calendar3/webcommon/src/org/bedework/webcommon/BwAbstractAction.java 2006-06-08 14:05:08 UTC (rev 550)
@@ -55,7 +55,6 @@
// I only need this because request.getInitParameterNames doesn't work
import org.bedework.appcommon.BedeworkDefs;
-import org.bedework.appcommon.UserAuthPar;
import org.bedework.calenv.CalEnv;
import org.bedework.calenv.CalOptions;
import org.bedework.calfacade.BwCalendar;
@@ -197,8 +196,6 @@
}
if (form.getNewSession()) {
- // First time through here for this session
-
// Set to default view
setView(null, form);
}
@@ -269,6 +266,33 @@
HttpServletResponse response,
BwActionFormBase form) throws Throwable {
if (getPublicAdmin(form)) {
+ CalSvcI svc = form.fetchSvci();
+
+ UserAuth ua = svc.getUserAuth();
+ BwAuthUser au = ua.getUser(form.getCurrentUser());
+
+ // Refresh current auth user prefs.
+ BwAuthUserPrefs prefs = au.getPrefs();
+ if (prefs == null) {
+ prefs = new BwAuthUserPrefs();
+ }
+
+ form.setCurAuthUserPrefs(prefs);
+ if (form.getNewSession()) {
+ // First time through here for this session. svci is still set up for the
+ // authenticated user. Set access rights.
+
+ int rights = au.getUsertype();
+
+ form.assignCurUserAlerts((rights & UserAuth.alertUser) != 0);
+ form.assignCurUserPublicEvents((rights & UserAuth.publicEventUser) != 0);
+ form.assignCurUserContentAdminUser((rights & UserAuth.contentAdminUser) != 0);
+ form.assignCurUserSuperUser((rights & UserAuth.superUser) != 0);
+
+ form.assignAuthorisedUser(rights != UserAuth.noPrivileges);
+ svc.setSuperUser((rights & UserAuth.superUser) != 0);
+ }
+
if (debug) {
logIt("form.getGroupSet()=" + form.getGroupSet());
}
@@ -277,14 +301,11 @@
form.setAdminUserId(form.fetchSvci().getUser().getAccount());
if (debug) {
- logIt("-------- isSuperUser: " + form.getUserAuth().isSuperUser());
+ logIt("-------- isSuperUser: " + form.getCurUserSuperUser());
}
- if (!form.getAuthorisedUser()) {
- return forwardNoAccess;
- }
-
int temp = checkGroup(request, form, true);
+
if (temp != forwardNoAction) {
if (debug) {
logIt("form.getGroupSet()=" + form.getGroupSet());
@@ -292,9 +313,9 @@
return temp;
}
- /** Ensure we have prefs and other values for the AuthUser
- */
- setAuthUser(form);
+ if (!form.getAuthorisedUser()) {
+ return forwardNoAccess;
+ }
return forwardNoAction;
}
@@ -512,7 +533,7 @@
Boolean bool = getBooleanReqPar(request, "unremoveable");
if (bool != null) {
- if (!form.getUserAuth().isSuperUser()) {
+ if (!form.getCurUserSuperUser()) {
return forwardNoAccess; // Only super user for that flag
}
@@ -924,7 +945,7 @@
}
BwAdminGroup adg = (BwAdminGroup)adgrps.findGroup(reqpar);
- if (adg != null) {
+ if (adg == null) {
if (debug) {
logIt("No user admin group with name " + reqpar);
}
@@ -946,7 +967,7 @@
return forwardNoAccess;
}
- if (initCheck || !form.getUserAuth().isSuperUser()) {
+ if (initCheck || !form.getCurUserSuperUser()) {
// Always restrict to groups of which we are a member
adgs = adgrps.getGroups(user);
} else {
@@ -960,7 +981,7 @@
boolean noGroupAllowed =
form.getEnv().getAppBoolProperty("nogroupallowed");
- if (form.getUserAuth().isSuperUser() || noGroupAllowed) {
+ if (svci.getUserAuth().isSuperUser() || noGroupAllowed) {
form.assignAdminGroup(null);
return forwardNoAction;
}
@@ -988,11 +1009,6 @@
}
}
- protected BwAuthUser getAuthUser(BwActionFormBase form) throws CalFacadeException {
- UserAuth ua = form.retrieveUserAuth();
- return ua.getUser(form.getCurrentUser());
- }
-
/** Override to return true if this is an admin client
*
* @param frm
@@ -1077,16 +1093,6 @@
return true;
}
- /** Get a UserAuth object
- *
- * @param form
- * @return UserAuth
- * @throws CalFacadeException
- */
- protected UserAuth retrieveUserAuth(BwActionFormBase form) throws CalFacadeException {
- return form.fetchSvci().getUserAuth();
- }
-
/** Update an authorised users preferences to reflect usage.
*
* @param form
@@ -1103,7 +1109,7 @@
return;
}
- UserAuth ua = retrieveUserAuth(form);
+ UserAuth ua = form.fetchSvci().getUserAuth();
BwAuthUser au = ua.getUser(form.getCurrentUser());
BwAuthUserPrefs prefs = au.getPrefs();
if (prefs == null) {
@@ -1346,15 +1352,15 @@
}
}
- int access = getAccess(request, messages);
- if (debug) {
- debugMsg("Container says that current user has the type: " + access);
- }
+ //int access = getAccess(request, messages);
+ //if (debug) {
+ // debugMsg("Container says that current user has the type: " + access);
+ //}
/** Ensure we have a CalAdminSvcI object
*/
String calSuite = form.retrieveConfig().getCalSuite();
- checkSvci(request, form, s, access, adminUserId, calSuite,
+ checkSvci(request, form, s, adminUserId, calSuite,
getPublicAdmin(form), false, debug);
/*
@@ -1431,9 +1437,9 @@
form.setCurrentCalSuite(cs);
form.assignAdminGroup(adg);
- int access = getAccess(request, getMessages());
+ //int access = getAccess(request, getMessages());
- if (!checkSvci(request, form, form.getSession(), access,
+ if (!checkSvci(request, form, form.getSession(),
adg.getOwner().getAccount(),
calSuiteName, true, isMember(adg, form), debug)) {
return forwardNoAccess;
@@ -1457,7 +1463,6 @@
* @param request Needed to locate session
* @param form Action form
* @param sess Session object for global parameters
- * @param access int unadjusted access
* @param user String user we want to be
* @param calSuite Name of calendar suite we are administering
* @param publicAdmin true if this is an administrative client
@@ -1471,7 +1476,6 @@
private boolean checkSvci(HttpServletRequest request,
BwActionFormBase form,
BwSession sess,
- int access,
String user,
String calSuite,
boolean publicAdmin,
@@ -1497,9 +1501,38 @@
If so discard the svc interface
*/
if (svci != null) {
+ /* Not the first time through here so for a public admin client we
+ * already have the authorised user's rights set in the form.
+ */
+
if (!svci.isOpen()) {
+ svci.flushAll();
svci = null;
info(".Svci interface discarded from old session");
+ } else if (publicAdmin) {
+
+ BwUser u = svci.getUser();
+ if (u == null) {
+ throw new CalFacadeException("Null user for public admin.");
+ }
+
+ canSwitch = canSwitch || form.getCurUserContentAdminUser() ||
+ form.getCurUserSuperUser();
+
+ String curUser = u.getAccount();
+
+ if (!canSwitch && !user.equals(curUser)) {
+ /** Trying to switch but not allowed */
+ return false;
+ }
+
+ if (!user.equals(curUser)) {
+ /** Switching user */
+ svci.endTransaction();
+ svci.close();
+ svci.flushAll();
+ svci = null;
+ }
}
}
@@ -1509,9 +1542,6 @@
debugMsg("CalSvcI-- Obtained from session for user " +
svci.getUser());
}
-
- // XXX access - disable use of roles
- access = svci.getUserAuth().getUsertype();
} else {
if (debug) {
debugMsg(".CalSvcI-- get new object for user " + user);
@@ -1527,10 +1557,8 @@
try {
svci = new CalSvc();
- if (publicAdmin || (user == null)) {
- if (calSuite == null) {
- runAsUser = form.getEnv().getAppProperty("run.as.user");
- }
+ if ((user == null) && (calSuite == null)) {
+ runAsUser = form.getEnv().getAppProperty("run.as.user");
}
CalSvcIPars pars = new CalSvcIPars(user, //access,
@@ -1549,31 +1577,7 @@
cb.in(true);
- UserAuth ua = null;
- UserAuthPar par = new UserAuthPar();
- par.svlt = servlet;
- par.req = request;
- if (publicAdmin) {
- try {
- ua = svci.getUserAuth(user, par);
-
- form.assignAuthorisedUser(ua.getUsertype() != UserAuth.noPrivileges);
- svci.setSuperUser((ua.getUsertype() & UserAuth.superUser) != 0);
-
- // XXX access - disable use of roles
- access = ua.getUsertype();
-
- if (debug) {
- debugMsg("UserAuth says that current user has the type: " +
- ua.getUsertype());
- }
- } catch (Throwable t) {
- form.getErr().emit("org.bedework.client.error.exc", t.getMessage());
- form.getErr().emit(t);
- return false;
- }
- }
} catch (CalFacadeException cfe) {
throw cfe;
} catch (Throwable t) {
@@ -1581,42 +1585,23 @@
}
}
- form.assignUserVO((BwUser)svci.getUser().clone());
+ BwUser u = svci.getUser();
- if (publicAdmin) {
- canSwitch = canSwitch || ((access & UserAuth.contentAdminUser) != 0) ||
- ((access & UserAuth.superUser) != 0);
+ form.assignUserVO((BwUser)u.clone());
- BwUser u = svci.getUser();
- if (u == null) {
- throw new CalFacadeException("Null user for public admin.");
- }
-
- String curUser = u.getAccount();
-
- if (!canSwitch && !user.equals(curUser)) {
- /** Trying to switch but not allowed */
- return false;
- }
-
- if (!user.equals(curUser)) {
- /** Switching user */
- svci.setUser(user);
- curUser = user;
- }
-
- form.assignCurrentAdminUser(curUser);
+ if (publicAdmin) {
+ form.assignCurrentAdminUser(u.getAccount());
}
return true;
}
- /** This method determines the access rights of the current user based on
+ /* * This method determines the access rights of the current user based on
* their assigned roles. There are two sections to this which appear to do
* the same thing.
*
- * <p>They are there because some servlet containers (jetty for one)
- * appeared to be broken. Role mapping does not appear to work reliably.
+ * <p>They are there because at some time servlet containers (jetty for one)
+ * appeared to be broken. Role mapping did not appear to work reliably.
* This seems to have something to do with jetty doing internal redirects
* to handle login. In the process it seems to lose the appropriate servlet
* context and with it the mapping of roles.
@@ -1625,13 +1610,13 @@
* @param messages MessageResources
* @return int access
* @throws CalFacadeException
- */
+ * /
private int getAccess(HttpServletRequest req,
MessageResources messages) throws CalFacadeException {
int access = 0;
/** This form works with broken containers.
- */
+ * /
if (req.isUserInRole(
getMessages().getMessage("org.bedework.role.admin"))) {
access += UserAuth.superUser;
@@ -1667,10 +1652,10 @@
if (req.isUserInRole("owner")) {
access += UserAuth.publicEventUser;
- } */
+ } * /
return access;
- }
+ }*/
private Collection findAllCalSuites(CalSvcI svc,
BwAdminGroup adg,
@@ -1691,25 +1676,6 @@
return al;
}
- /* Set information associated with the current auth user.
- * Set the prefs on each request to reflect other session changes
- */
- private void setAuthUser(BwActionFormBase form) throws CalFacadeException {
- BwAuthUser au = getAuthUser(form);
- BwAuthUserPrefs prefs = au.getPrefs();
- if (prefs == null) {
- prefs = new BwAuthUserPrefs();
- }
-
- form.setAuthUserPrefs(prefs);
-
- int rights = au.getUsertype();
-
- form.assignAuthUserAlerts((rights & UserAuth.alertUser) != 0);
- form.assignAuthUserPublicEvents((rights & UserAuth.publicEventUser) != 0);
- form.assignAuthUserSuperUser((rights & UserAuth.superUser) != 0);
- }
-
private void checkRefresh(BwActionFormBase form) {
if (!form.isRefreshNeeded()){
try {
Modified: trunk/calendar3/webcommon/src/org/bedework/webcommon/BwActionFormBase.java
===================================================================
--- trunk/calendar3/webcommon/src/org/bedework/webcommon/BwActionFormBase.java 2006-06-07 20:16:53 UTC (rev 549)
+++ trunk/calendar3/webcommon/src/org/bedework/webcommon/BwActionFormBase.java 2006-06-08 14:05:08 UTC (rev 550)
@@ -78,7 +78,6 @@
import org.bedework.calfacade.svc.BwSubscription;
import org.bedework.calfacade.svc.BwView;
import org.bedework.calfacade.svc.EventInfo;
-import org.bedework.calfacade.svc.UserAuth;
import org.bedework.calfacade.svc.wrappers.BwCalSuiteWrapper;
import org.bedework.calsvci.CalSvcI;
import org.bedework.mail.MailerIntf;
@@ -171,11 +170,13 @@
/** Auth prefs for the currently logged in user
*/
- private BwAuthUserPrefs authUserPrefs;
+ private BwAuthUserPrefs curAuthUserPrefs;
- private boolean authUserAlerts;
- private boolean authUserPublicEvents;
- private boolean authUserSuperUser;
+ /* Settings for current authenticated user */
+ private boolean curUserAlerts;
+ private boolean curUserPublicEvents;
+ private boolean curUserContentAdminUser;
+ private boolean curUserSuperUser;
/* ....................................................................
* Calendar suites
@@ -492,71 +493,86 @@
}
/* ====================================================================
- * UserAuth Methods
- * DO NOT return userAuth. We don't want the user auth object
- * accessible to the request. Use the RO object instead.
+ * Current authenticated user Methods
+ * DO NOT set with setXXX. Use assign
* ==================================================================== */
/**
* @param val
*/
- public void setAuthUserPrefs(BwAuthUserPrefs val) {
- authUserPrefs = val;
+ public void setCurAuthUserPrefs(BwAuthUserPrefs val) {
+ curAuthUserPrefs = val;
}
/**
* @return auth user prefs
*/
- public BwAuthUserPrefs getAuthUserPrefs() {
- return authUserPrefs;
+ public BwAuthUserPrefs getCurAuthUserPrefs() {
+ return curAuthUserPrefs;
}
- /** Current auth user rights
+ /** Current user rights
*
* @param val
*/
- public void assignAuthUserAlerts(boolean val) {
- authUserAlerts = val;
+ public void assignCurUserAlerts(boolean val) {
+ curUserAlerts = val;
}
- /** Current auth user rights
+ /** Current user rights
*
* @return alerts
*/
- public boolean getAuthUserAlerts() {
- return authUserAlerts;
+ public boolean getCurUserAlerts() {
+ return curUserAlerts;
}
- /** Current auth user rights
+ /** Current user rights
*
* @param val
*/
- public void assignAuthUserPublicEvents(boolean val) {
- authUserPublicEvents = val;
+ public void assignCurUserPublicEvents(boolean val) {
+ curUserPublicEvents = val;
}
- /** Current auth user rights
+ /** Current user rights
*
* @return true for user who can edit public events
*/
- public boolean getAuthUserPublicEvents() {
- return authUserPublicEvents;
+ public boolean getCurUserPublicEvents() {
+ return curUserPublicEvents;
}
- /** Current auth user rights
+ /** True for contentAdminUser
*
+ * @param val boolean
+ */
+ public void assignCurUserContentAdminUser(boolean val) {
+ curUserContentAdminUser = val;
+ }
+
+ /** True for contentAdminUser
+ *
+ * @return boolean
+ */
+ public boolean getCurUserContentAdminUser() {
+ return curUserContentAdminUser;
+ }
+
+ /** Current user rights
+ *
* @param val true for superuser
*/
- public void assignAuthUserSuperUser(boolean val) {
- authUserSuperUser = val;
+ public void assignCurUserSuperUser(boolean val) {
+ curUserSuperUser = val;
}
- /** Current auth user rights
+ /** Current user rights
*
* @return true for superuser
*/
- public boolean getAuthUserSuperUser() {
- return authUserSuperUser;
+ public boolean getCurUserSuperUser() {
+ return curUserSuperUser;
}
/* ====================================================================
@@ -799,10 +815,10 @@
return calsvci;
}
- /** Returns a read only form for the jsp.
+ /* * Returns a read only form for the jsp.
*
* @return UserAuth
- */
+ * /
public UserAuth getUserAuth() {
try {
return fetchSvci().getUserAuth().getUserAuthRO();
@@ -810,13 +826,13 @@
err.emit(t);
return null;
}
- }
+ } */
- /** Don't call this getUserAuth so it's hidden from the
+ /* * Don't call this getUserAuth so it's hidden from the
* request stream
*
* @return UserAuth
- */
+ * /
public UserAuth retrieveUserAuth() {
try {
return fetchSvci().getUserAuth();
@@ -824,7 +840,7 @@
err.emit(t);
return null;
}
- }
+ }*/
/** Set flag to show if this user has any admin rights.
*
Modified: trunk/calendar3/webcommon/src/org/bedework/webcommon/misc/UpdateUserInfoAction.java
===================================================================
--- trunk/calendar3/webcommon/src/org/bedework/webcommon/misc/UpdateUserInfoAction.java 2006-06-07 20:16:53 UTC (rev 549)
+++ trunk/calendar3/webcommon/src/org/bedework/webcommon/misc/UpdateUserInfoAction.java 2006-06-08 14:05:08 UTC (rev 550)
@@ -85,7 +85,7 @@
BwActionFormBase form) throws Throwable {
/** Check access
*/
- if (!form.getUserAuth().isSuperUser()) {
+ if (!form.getCurUserSuperUser()) {
return "noAccess";
}
Modified: trunk/calendar3/webcommon/src/org/bedework/webcommon/pref/FetchPrefsAction.java
===================================================================
--- trunk/calendar3/webcommon/src/org/bedework/webcommon/pref/FetchPrefsAction.java 2006-06-07 20:16:53 UTC (rev 549)
+++ trunk/calendar3/webcommon/src/org/bedework/webcommon/pref/FetchPrefsAction.java 2006-06-08 14:05:08 UTC (rev 550)
@@ -89,7 +89,7 @@
if (getReqPar(request, "user") != null) {
/* Fetch a given users preferences */
- if (!form.getUserAuth().isSuperUser()) {
+ if (!form.getCurUserSuperUser()) {
return "noAccess"; // First line of defence
}
Modified: trunk/calendar3/webcommon/src/org/bedework/webcommon/pref/UpdatePrefsAction.java
===================================================================
--- trunk/calendar3/webcommon/src/org/bedework/webcommon/pref/UpdatePrefsAction.java 2006-06-07 20:16:53 UTC (rev 549)
+++ trunk/calendar3/webcommon/src/org/bedework/webcommon/pref/UpdatePrefsAction.java 2006-06-08 14:05:08 UTC (rev 550)
@@ -110,7 +110,7 @@
/* Refetch the prefs */
if (getReqPar(request, "user") != null) {
/* Fetch a given users preferences */
- if (!form.getUserAuth().isSuperUser()) {
+ if (!form.getCurUserSuperUser()) {
return "noAccess"; // First line of defence
}
Modified: trunk/calendar3/webcommon/src/org/bedework/webcommon/subs/EndSubscribeAction.java
===================================================================
--- trunk/calendar3/webcommon/src/org/bedework/webcommon/subs/EndSubscribeAction.java 2006-06-07 20:16:53 UTC (rev 549)
+++ trunk/calendar3/webcommon/src/org/bedework/webcommon/subs/EndSubscribeAction.java 2006-06-08 14:05:08 UTC (rev 550)
@@ -130,7 +130,7 @@
return forwardNotFound;
}
- if (sub.getUnremoveable() && !form.getUserAuth().isSuperUser()) {
+ if (sub.getUnremoveable() && !form.getCurUserSuperUser()) {
return forwardNoAccess; // Only super user can remove the unremovable
}
More information about the Bedework-commit
mailing list