Changeset Navigation

← Previous Changeset
Next Changeset →

Changeset 520

Timestamp:

06/01/06 11:43:41

Author:

douglm

Message:

Admin client now determines which calendar suite is being administered
based upon the group membership of the authenticating user.

Currently doesn't support multiple calendar suites per user but does work with none.

Reorganized BwAbstractAction? - moved all private methods to the end. Simplified
group selection (a little)

Moved forward definitions into an interface.

Files:

trunk/calendar3/calCore/resources/hbms/CalSuite.hbm.xml (modified) (2 diffs)
trunk/calendar3/calCore/src/org/bedework/calcore/hibernate/AdminGroupsDbImpl.java (modified) (3 diffs)
trunk/calendar3/calFacade/src/org/bedework/calfacade/svc/AdminGroups.java (modified) (2 diffs)
trunk/calendar3/calsvc/src/org/bedework/calsvc/CalSvc.java (modified) (2 diffs)
trunk/calendar3/calsvc/src/org/bedework/calsvc/CalSvcDb.java (modified) (2 diffs)
trunk/calendar3/calsvci/src/org/bedework/calsvci/CalSvcI.java (modified) (2 diffs)
trunk/calendar3/deployment/webadmin/webapp/resources/default/default/default.xsl (modified) (2 diffs)
trunk/calendar3/webadmin/src/org/bedework/webadmin/admingroup/PESwitchAGAction.java (modified) (1 diff)
trunk/calendar3/webadmin/war/docs/header.jsp (modified) (1 diff)
trunk/calendar3/webcommon/src/org/bedework/webcommon/BwAbstractAction.java (modified) (22 diffs)
trunk/calendar3/webcommon/src/org/bedework/webcommon/BwActionFormBase.java (modified) (4 diffs)
trunk/calendar3/webcommon/src/org/bedework/webcommon/ForwardDefs.java (added)

Legend:

: Unmodified
: Added
: Removed
: Modified
: Copied
: Moved

trunk/calendar3/calCore/resources/hbms/CalSuite.hbm.xml

r514	r520
17	17	<version name="seq" column="seq" type="integer" />
18	18
	19	<many-to-one name="creator"
	20	class="org.bedework.calfacade.BwUser"
	21	unique="true">
	22	<column name="creatorid" not-null="true" index="idx_sp_creator" />
	23	</many-to-one>
	24
	25	<many-to-one name="owner"
	26	class="org.bedework.calfacade.BwUser"
	27	unique="true">
	28	<column name="ownerid" not-null="true"
	29	index="idx_sp_owner" unique-key="sponsor_key" />
	30	</many-to-one>
	31
	32	<property name="access" column="bwaccess" type="text" />
	33
	34	<property name="publick" type="true_false" >
	35	<column name="publick" not-null="true" />
	36	</property>
	37
19	38	<property name="name" column="csname" type="text" not-null="true"/>
20	39
21	40	<many-to-one name="group"
22	41	class="org.bedework.calfacade.svc.BwAdminGroup"
23		column="~~owner~~id" not-null="true"
	42	column="groupid" not-null="true"
24	43	index="csgroup" />
25	44
…	…
39	58	where cal.name=:name
40	59	]]></query>
	60
	61	<query name="getCalSuiteByGroup"><![CDATA[
	62	from org.bedework.calfacade.svc.BwCalSuite cal
	63	where cal.group=:group
	64	]]></query>
41	65	</hibernate-mapping>
42	66

trunk/calendar3/calCore/src/org/bedework/calcore/hibernate/AdminGroupsDbImpl.java

r285	r520
212	212	}
213	213	*/
214
215		/* val must not already be present on any paths to the root.
	214
	215	/* val must not already be present on any paths to the root.
216	216	* We'll assume the possibility of more than one parent.
217	217	*/
218
	218
219	219	if (!checkPathForSelf(group, val)) {
220	220	throw new CalFacadeException(CalFacadeException.alreadyOnAdminGroupPath);
…	…
357	357	return user;
358	358	}*/
359
360		private boolean checkPathForSelf(BwGroup group,
361		BwPrincipal val) throws CalFacadeException {
362		if (group.equals(val)) {
363		return false;
364		}
365
366		/* get all parents of group and try again */
367
	359
	360	public Collection findGroupParents(BwGroup group) throws CalFacadeException {
368	361	HibSession sess = getSess();
369	362
…	…
377	370	sess.setInt("grpid", group.getId());
378	371
379		Collection parents = sess.getList();
380
381		Iterator it = parents.iterator();
382
	372	return sess.getList();
	373	}
	374
	375	private boolean checkPathForSelf(BwGroup group,
	376	BwPrincipal val) throws CalFacadeException {
	377	if (group.equals(val)) {
	378	return false;
	379	}
	380
	381	/* get all parents of group and try again */
	382
	383
	384	Iterator it = findGroupParents(group).iterator();
	385
383	386	while (it.hasNext()) {
384	387	BwAdminGroup g = (BwAdminGroup)it.next();
385
	388
386	389	if (!checkPathForSelf(g, val)) {
387	390	return false;
388	391	}
389	392	}
390
	393
391	394	return true;
392	395	}

trunk/calendar3/calFacade/src/org/bedework/calfacade/svc/AdminGroups.java

r2	r520
54	54	package org.bedework.calfacade.svc;
55	55
	56	import org.bedework.calfacade.BwGroup;
56	57	import org.bedework.calfacade.BwUser;
57	58	import org.bedework.calfacade.CalFacadeException;
58	59	import org.bedework.calfacade.ifs.Groups;
	60
	61	import java.util.Collection;
59	62
60	63	/** An interface to handle calendar admin groups.
…	…
88	91	public BwAdminGroup findGroupByEventOwner(BwUser owner)
89	92	throws CalFacadeException;
	93
	94	/** Find the parents of a given group.
	95	*
	96	* @param group BwGroup
	97	* @return Collection empty for no parents
	98	* @exception CalFacadeException If there's a problem
	99	*/
	100	public Collection findGroupParents(BwGroup group)
	101	throws CalFacadeException;
90	102	}

trunk/calendar3/calsvc/src/org/bedework/calsvc/CalSvc.java

r519	r520
86	86	import org.bedework.calfacade.ifs.Calintf;
87	87	import org.bedework.calfacade.ifs.Groups;
	88	import org.bedework.calfacade.svc.BwAdminGroup;
88	89	import org.bedework.calfacade.svc.BwAuthUser;
89	90	import org.bedework.calfacade.svc.BwCalSuite;
…	…
644	645	}
645	646
	647	public BwCalSuiteWrapper getCalSuite(BwAdminGroup group)
	648	throws CalFacadeException {
	649	return dbi.getCalSuite(group);
	650	}
	651
646	652	public Collection getCalSuites() throws CalFacadeException {
647	653	return dbi.getCalSuites();

trunk/calendar3/calsvc/src/org/bedework/calsvc/CalSvcDb.java

r519	r520
59	59	import org.bedework.calfacade.BwUser;
60	60	import org.bedework.calfacade.base.BwShareableDbentity;
	61	import org.bedework.calfacade.svc.BwAdminGroup;
61	62	import org.bedework.calfacade.svc.BwCalSuite;
62	63	import org.bedework.calfacade.svc.BwPreferences;
…	…
211	212	}
212	213
	214	/** Get a calendar suite given the 'owning' group
	215	*
	216	* @param group BwAdminGroup
	217	* @return BwCalSuiteWrapper null for unknown calendar suite
	218	* @throws CalFacadeException
	219	*/
	220	public BwCalSuiteWrapper getCalSuite(BwAdminGroup group)
	221	throws CalFacadeException {
	222	HibSession sess = (HibSession)getSess();
	223
	224	sess.namedQuery("getCalSuiteByGroup");
	225	sess.setEntity("group", group);
	226	sess.cacheableQuery();
	227
	228	BwCalSuite cs = (BwCalSuite)sess.getUnique();
	229
	230	if (cs == null) {
	231	return null;
	232	}
	233
	234	CurrentAccess ca = checkAccess(cs, PrivilegeDefs.privAny, false);
	235
	236	return new BwCalSuiteWrapper(cs, ca);
	237	}
	238
213	239	/** Allows svc to retrieve the calSuite object used to configure a public
214	240	* client.

trunk/calendar3/calsvci/src/org/bedework/calsvci/CalSvcI.java

r519	r520
76	76	import org.bedework.calfacade.ifs.CalTimezones;
77	77	import org.bedework.calfacade.ifs.Groups;
	78	import org.bedework.calfacade.svc.BwAdminGroup;
78	79	import org.bedework.calfacade.svc.BwCalSuite;
79	80	import org.bedework.calfacade.svc.BwPreferences;
…	…
520	521	*/
521	522	public abstract BwCalSuiteWrapper getCalSuite(String name) throws CalFacadeException;
	523
	524	/** Get a calendar suite given the 'owning' group
	525	*
	526	* @param group BwAdminGroup
	527	* @return BwCalSuiteWrapper null for unknown calendar suite
	528	* @throws CalFacadeException
	529	*/
	530	public abstract BwCalSuiteWrapper getCalSuite(BwAdminGroup group)
	531	throws CalFacadeException;
522	532
523	533	/** Get calendar suites to which this user has access

trunk/calendar3/deployment/webadmin/webapp/resources/default/default/default.xsl

r518	r520
1225	1225	<!--<xsl:if test="/bedeworkadmin/canEdit = 'true' or /bedeworkadmin/userInfo/superUser = 'true'">
1226	1226	<xsl:variable name="subscriptionId" select="subscription/id"/>
1227		<xsl:variable name="calPath" select="calendar/encodedPath"/>
1228		<xsl:variable name="guid" select="guid"/>
1229		<xsl:variable name="recurrenceId" select="recurrenceId"/>
	1227	<xsl:variable name="calPath" select="calendar/encodedPath"/>
	1228	<xsl:variable name="guid" select="guid"/>
	1229	<xsl:variable name="recurrenceId" select="recurrenceId"/>
1230	1230	<h3>
1231		<a href="{$event-fetchForUpdate}&subid={$subscriptionId}&calPath={$calPath}&guid={$guid}&recurrenceId={$recurrenceId}">
1232		Edit Event
1233		</a>
1234		</h3>
	1231	<a href="{$event-fetchForUpdate}&subid={$subscriptionId}&calPath={$calPath}&guid={$guid}&recurrenceId={$recurrenceId}">
	1232	Edit Event
	1233	</a>
	1234	</h3>
1235	1235	</xsl:if>-->
1236	1236	</xsl:template>
…	…
3088	3088	<xsl:if test="/bedeworkadmin/userInfo/user">
3089	3089	<td class="rightCell">
	3090	<xsl:if test="/bedeworkadmin/calSuite">
	3091	Calendar Suite:
	3092	<span class="status">
	3093	<xsl:value-of select="/bedeworkadmin/calSuite"/>
	3094	</span>
	3095
	3096	</xsl:if>
3090	3097	Logged in as:
3091	3098	<span class="status">

trunk/calendar3/webadmin/src/org/bedework/webadmin/admingroup/PESwitchAGAction.java

r24	r520
88	88	// Back to main menu. Abstract action will do the rest.
89	89
90		~~String~~ temp = checkGroup(request, form, false);
91		if (temp == ~~null~~) {
	90	int temp = checkGroup(request, form, false);
	91	if (temp == forwardNoAction) {
92	92	form.getErr().emit("org.bedework.client.error.choosegroupsuppressed");
93	93	return "error";

trunk/calendar3/webadmin/war/docs/header.jsp

r519	r520
170	170	</urlPrefixes>
171	171
	172	<logic:present name="peForm" property="currentCalSuite" >
	173	<bw:emitText name="peForm" property="currentCalSuite.name" tagName="calSuite" />
	174	</logic:present>
	175
172	176	<userInfo>
173	177	<!-- user type -->

trunk/calendar3/webcommon/src/org/bedework/webcommon/BwAbstractAction.java

r519	r520
71	71	import org.bedework.calfacade.CalFacadeUtil;
72	72	import org.bedework.calfacade.ifs.Groups;
	73	import org.bedework.calfacade.svc.AdminGroups;
73	74	import org.bedework.calfacade.svc.BwAdminGroup;
74	75	import org.bedework.calfacade.svc.BwAuthUser;
…	…
78	79	import org.bedework.calfacade.svc.EventInfo;
79	80	import org.bedework.calfacade.svc.UserAuth;
	81	import org.bedework.calfacade.svc.wrappers.BwCalSuiteWrapper;
80	82	import org.bedework.calsvc.CalSvc;
81	83	import org.bedework.calsvci.CalSvcI;
…	…
106	108	* @author Mike Douglass douglm@rpi.edu
107	109	*/
108		public abstract class BwAbstractAction extends UtilAbstractAction {
	110	public abstract class BwAbstractAction extends UtilAbstractAction
	111	implements ForwardDefs {
109	112	/** Name of the init parameter holding our name */
110	113	private static final String appNameInitParameter = "rpiappname";
111
112		~~/* These are all the possible forwards we take. Internal routines should~~
113		* return one of the following indices.
114		*/
115		~~// ENUM~~
116		~~protected int forwardSuccess = 0;~~
117		~~protected int forwardContinue = 1;~~
118		~~protected int forwardRetry = 2;~~
119
120		~~protected int forwardError = 3;~~
121		~~protected int forwardNoAccess = 4;~~
122
123		~~protected int forwardNotFound = 5;~~
124
125		~~protected int forwardNoSuchView = 6;~~
126
127		~~/* Set when an optional parameter is not found */~~
128		~~protected int forwardNoParameter = 7;~~
129
130		~~/* Set when no action was taken */~~
131		~~protected int forwardNoAction = 8;~~
132
133		~~/* Something is referenced and cannot be removed */~~
134		~~protected int forwardReffed = 9;~~
135
136		~~/* an object was added/updated */~~
137		~~protected int forwardAdded = 10;~~
138		~~protected int forwardUpdated = 11;~~
139
140		~~protected final String[] forwards = {~~
141		~~"success",~~
142		~~"continue",~~
143		~~"retry",~~
144		~~"error",~~
145		~~"noAccess",~~
146		~~"notFound",~~
147		~~"noSuchView",~~
148		~~"noParameter",~~
149		~~"noAction",~~
150		~~"reffed",~~
151		~~"added",~~
152		~~"updated",~~
153		};
154	114
155	115	/*
…	…
160	120	return getClass().getName();
161	121	}
	122
	123	/** This is the routine which does the work.
	124	*
	125	* @param request Needed to locate session
	126	* @param response
	127	* @param sess UWCalSession calendar session object
	128	* @param frm Action form
	129	* @return String forward name
	130	* @throws Throwable
	131	*/
	132	public abstract String doAction(HttpServletRequest request,
	133	HttpServletResponse response,
	134	BwSession sess,
	135	BwActionFormBase frm) throws Throwable;
162	136
163	137	public String performAction(HttpServletRequest request,
…	…
231	205	/* Set up ready for the action */
232	206
233		~~String~~ temp = actionSetup(request, response, form);
234		if (temp != ~~null~~) {
235		return ~~temp~~;
	207	int temp = actionSetup(request, response, form);
	208	if (temp != forwardNoAction) {
	209	return forwards[temp];
236	210	}
237	211
…	…
278	252	* @param response
279	253	* @param form
280		* @return ~~String forward for error or null~~
	254	* @return int foward index
281	255	* @throws Throwable
282	256	*/
283		public ~~String~~ actionSetup(HttpServletRequest request,
284		HttpServletResponse response,
285		BwActionFormBase form) throws Throwable {
	257	public int actionSetup(HttpServletRequest request,
	258	HttpServletResponse response,
	259	BwActionFormBase form) throws Throwable {
286	260	if (getPublicAdmin(form)) {
287	261	if (debug) {
…	…
297	271
298	272	if (!form.getAuthorisedUser()) {
299		return ~~"noAccess"~~;
300		}
301
302		~~String~~ temp = checkGroup(request, form, true);
303		if (temp != ~~null~~) {
	273	return forwardNoAccess;
	274	}
	275
	276	int temp = checkGroup(request, form, true);
	277	if (temp != forwardNoAction) {
304	278	if (debug) {
305	279	logIt("form.getGroupSet()=" + form.getGroupSet());
…	…
312	286	setAuthUser(form);
313	287
314		return ~~null~~;
	288	return forwardNoAction;
315	289	}
316	290
…	…
335	309	}
336	310
337		return ~~null~~;
	311	return forwardNoAction;
338	312	}
339	313
…	…
905	879	}
906	880
907		/** Return n~~ull if group is chosen else return a forward name~~.
	881	/** Return no action if group is chosen else return a forward index.
908	882	*
909	883	* @param request Needed to locate session
…	…
911	885	* @param initCheck true if this is a check to see if we're initialised,
912	886	* otherwise this is an explicit request to change group.
913		* @return ~~String forward name~~
	887	* @return int forward index
914	888	* @throws Throwable
915	889	*/
916		protected ~~String~~ checkGroup(HttpServletRequest request,
917		BwActionFormBase form,
918		boolean initCheck) throws Throwable {
	890	protected int checkGroup(HttpServletRequest request,
	891	BwActionFormBase form,
	892	boolean initCheck) throws Throwable {
919	893	if (form.getGroupSet()) {
920		return ~~null~~;
	894	return forwardNoAction;
921	895	}
922	896
…	…
936	910	// Make them do it again.
937	911
938		return ~~"chooseGroup"~~;
	912	return forwardChooseGroup;
939	913	}
940	914
941		return setGroup(request, form, adgrps, reqpar);
	915	BwAdminGroup adg = (BwAdminGroup)adgrps.findGroup(reqpar);
	916	if (adg != null) {
	917	if (debug) {
	918	logIt("No user admin group with name " + reqpar);
	919	}
	920	// We require a group
	921	return forwardChooseGroup;
	922	}
	923
	924	return setGroup(request, form, adgrps, adg);
942	925	}
943	926
…	…
950	933	BwUser user = svci.findUser(form.getCurrentUser());
951	934	if (user == null) {
952		return ~~"noAccess"~~;
	935	return forwardNoAccess;
953	936	}
954	937
955	938	if (initCheck \|\| !form.getUserAuth().isSuperUser()) {
956		// Always restrict to groups ~~we're a member of~~
	939	// Always restrict to groups of which we are a member
957	940	adgs = adgrps.getGroups(user);
958	941	} else {
…	…
969	952	if (form.getUserAuth().isSuperUser() \|\| noGroupAllowed) {
970	953	form.assignAdminGroup(null);
971		return ~~null~~;
	954	return forwardNoAction;
972	955	}
973	956
974		return ~~"noGroupAssigned"~~;
	957	return forwardNoGroupAssigned;
975	958	}
976	959
…	…
980	963	BwAdminGroup adg = (BwAdminGroup)adgsit.next();
981	964
982		form.assignAdminGroup(adg);
983		String s = setAdminUser(request, form, adg.getOwner().getAccount(), true);
984
985		if (s != null) {
986		return s;
987		}
988
989		form.setAdminUserId(svci.getUser().getAccount());
990		return null;
	965	return setGroup(request, form, adgrps, adg);
991	966	}
992	967
…	…
996	971	form.assignChoosingGroup(true); // reset
997	972
998		return ~~"chooseGroup"~~;
	973	return forwardChooseGroup;
999	974	} catch (Throwable t) {
1000	975	form.getErr().emit(t);
1001		return "error";
1002		}
1003		}
1004
1005		protected String setAdminUser(HttpServletRequest request,
1006		BwActionFormBase form,
1007		String user,
1008		boolean isMember) throws Throwable {
1009		int access = getAccess(request, getMessages());
1010
1011		// if (form.getCalSvcI() != null) {
1012		// form.getCalSvcI().close();
1013		// }
1014
1015		if (!checkSvci(request, form, form.getSession(), access, user, true,
1016		isMember, debug)) {
1017		return "accessError";
1018		}
1019
1020		return null;
	976	return forwardError;
	977	}
1021	978	}
1022	979
…	…
1026	983	}
1027	984
1028		~~private String setGroup(HttpServletRequest request,~~
1029		~~BwActionFormBase form,~~
1030		~~Groups adgrps,~~
1031		~~String groupName) throws Throwable {~~
1032		~~if (groupName == null) {~~
1033		~~// We require a name~~
1034		~~return "chooseGroup";~~
1035		}
1036
1037		~~BwAdminGroup ag = (BwAdminGroup)adgrps.findGroup(groupName);~~
1038		~~if (ag != null) {~~
1039		~~adgrps.getMembers(ag);~~
1040		}
1041
1042		~~if (debug) {~~
1043		~~if (ag == null) {~~
1044		~~logIt("No user admin group with name " + groupName);~~
1045		~~} else {~~
1046		~~logIt("Retrieved user admin group " + ag.getAccount());~~
1047		}
1048		}
1049
1050		~~form.assignAdminGroup(ag);~~
1051
1052		~~String s = setAdminUser(request, form, ag.getOwner().getAccount(),~~
1053		~~isMember(ag, form));~~
1054
1055		~~if (s != null) {~~
1056		~~return s;~~
1057		}
1058
1059		~~form.setAdminUserId(form.fetchSvci().getUser().getAccount());~~
1060
1061		~~return null;~~
1062		}
1063
1064		~~private boolean isMember(BwAdminGroup ag,~~
1065		~~BwActionFormBase form) throws Throwable {~~
1066		~~return ag.isMember(String.valueOf(form.getCurrentUser()), false);~~
1067		}
1068
1069	985	/** Override to return true if this is an admin client
1070	986	*
…	…
1075	991	public boolean getPublicAdmin(BwActionFormBase frm) throws Throwable {
1076	992	return frm.getEnv().getAppBoolProperty("publicadmin");
1077		}
1078
1079		~~/** get an env object initialised appropriately for our usage.~~
1080		*
1081		* @param request HttpServletRequest
1082		* @param frm
1083		* @return CalEnv object - also implanted in form.
1084		* @throws Throwable
1085		*/
1086		~~private CalEnv getEnv(HttpServletRequest request,~~
1087		~~BwActionFormBase frm) throws Throwable {~~
1088		~~CalEnv env = frm.getEnv();~~
1089		~~if (env != null) {~~
1090		~~return env;~~
1091		}
1092
1093		~~HttpSession session = request.getSession();~~
1094		~~ServletContext sc = session.getServletContext();~~
1095
1096		~~String appName = sc.getInitParameter("bwappname");~~
1097
1098		~~if ((appName == null) \|\| (appName.length() == 0)) {~~
1099		~~appName = "unknown-app-name";~~
1100		}
1101
1102		~~String envPrefix = "org.bedework.app." + appName + ".";~~
1103
1104		~~env = new CalEnv(envPrefix, debug);~~
1105		~~frm.assignEnv(env);~~
1106
1107		~~return env;~~
1108	993	}
1109	994
…	…
1153	1038	}
1154	1039
1155		~~/** This is the routine which does the work.~~
1156		*
1157		* @param request Needed to locate session
1158		* @param response
1159		* @param sess UWCalSession calendar session object
1160		* @param frm Action form
1161		* @return String forward name
1162		* @throws Throwable
1163		*/
1164		~~public abstract String doAction(HttpServletRequest request,~~
1165		~~HttpServletResponse response,~~
1166		~~BwSession sess,~~
1167		~~BwActionFormBase frm) throws Throwable;~~
1168
1169		~~/** Get the session state object for a web session. If we've already been~~
1170		* here it's embedded in the current session. Otherwise create a new one.
1171		*
1172		* <p>We also carry out a number of web related operations.
1173		*
1174		* @param request HttpServletRequest Needed to locate session
1175		* @param form Action form
1176		* @param messages MessageResources needed for the resources
1177		* @param adminUserId id we want to administer
1178		* @param admin Get this for the admin client
1179		* @return UWCalSession null on failure
1180		* @throws Throwable
1181		*/
1182		~~private synchronized BwSession getState(HttpServletRequest request,~~
1183		~~BwActionFormBase form,~~
1184		~~MessageResources messages,~~
1185		~~String adminUserId,~~
1186		~~boolean admin) throws Throwable {~~
1187		~~BwSession s = BwWebUtil.getState(request);~~
1188		~~HttpSession sess = request.getSession(false);~~
1189		~~String appName = getAppName(sess);~~
1190
1191		~~if (s != null) {~~
1192		~~if (debug) {~~
1193		~~debugMsg("getState-- obtainedfrom session");~~
1194		~~debugMsg("getState-- timeout interval = " +~~
1195		~~sess.getMaxInactiveInterval());~~
1196		}
1197
1198		~~form.assignNewSession(false);~~
1199		~~} else {~~
1200		~~if (debug) {~~
1201		~~debugMsg("getState-- get new object");~~
1202		}
1203
1204		~~form.assignNewSession(true);~~
1205
1206		~~CalEnv env = getEnv(request, form);~~
1207		~~String appRoot = env.getAppProperty("root");~~
1208
1209		~~/** The actual session class used is possibly site dependent~~
1210		*/
1211		~~s = new BwSessionImpl(form.getCurrentUser(), appRoot, appName,~~
1212		~~form.getPresentationState(), messages,~~
1213		~~form.getSchemeHostPort(), debug);~~
1214
1215		~~BwWebUtil.setState(request, s);~~
1216
1217		~~setSessionAttr(request, "cal.pubevents.client.uri",~~
1218		~~messages.getMessage("org.bedework.public.calendar.uri"));~~
1219
1220		~~setSessionAttr(request, "cal.personal.client.uri",~~
1221		~~messages.getMessage("org.bedework.personal.calendar.uri"));~~
1222
1223		~~setSessionAttr(request, "cal.admin.client.uri",~~
1224		~~messages.getMessage("org.bedework.public.admin.uri"));~~
1225
1226		~~String temp = messages.getMessage("org.bedework.host");~~
1227		~~if (temp == null) {~~
1228		~~temp = form.getSchemeHostPort();~~
1229		}
1230
1231		~~setSessionAttr(request, "cal.server.host", temp);~~
1232
1233		~~String raddr = request.getRemoteAddr();~~
1234		~~String rhost = request.getRemoteHost();~~
1235		~~info("===============" + appName + ": New session (" +~~
1236		~~s.getSessionNum() + ") from " +~~
1237		~~rhost + "(" + raddr + ")");~~
1238
1239		~~if (!admin) {~~
1240		~~/** Ensure the session timeout interval is longer than our refresh period~~
1241		*/
1242		~~// Should come from db -- int refInt = s.getRefreshInterval();~~
1243		~~int refInt = 60; // 1 min refresh?~~
1244
1245		~~if (refInt > 0) {~~
1246		~~int timeout = sess.getMaxInactiveInterval();~~
1247
1248		~~if (timeout <= refInt) {~~
1249		~~// An extra minute should do it.~~
1250		~~debugMsg("@+@+@+@+@+ set timeout to " + (refInt + 60));~~
1251		~~sess.setMaxInactiveInterval(refInt + 60);~~
1252		}
1253		}
1254		}
1255		}
1256
1257		~~int access = getAccess(request, messages);~~
1258		~~if (debug) {~~
1259		~~debugMsg("Container says that current user has the type: " + access);~~
1260		}
1261
1262		~~/** Ensure we have a CalAdminSvcI object~~
1263		*/
1264		~~checkSvci(request, form, s, access, adminUserId,~~
1265		~~getPublicAdmin(form), false, debug);~~
1266
1267		/*
1268		~~UserAuth ua = null;~~
1269		~~UserAuthPar par = new UserAuthPar();~~
1270		~~par.svlt = servlet;~~
1271		~~par.req = request;~~
1272
1273		~~try {~~
1274		~~ua = form.fetchSvci().getUserAuth(s.getUser(), par);~~
1275
1276		~~form.assignAuthorisedUser(ua.getUsertype() != UserAuth.noPrivileges);~~
1277
1278		~~if (debug) {~~
1279		~~debugMsg("UserAuth says that current user has the type: " +~~
1280		~~ua.getUsertype());~~
1281		}
1282		~~} catch (Throwable t) {~~
1283		~~form.getErr().emit("org.bedework.client.error.exc", t.getMessage());~~
1284		~~form.getErr().emit(t);~~
1285		~~return null;~~
1286		}
1287		*/
1288
1289		~~return s;~~
1290		}
1291
1292		~~private String getAppName(HttpSession sess) {~~
1293		~~ServletContext sc = sess.getServletContext();~~
1294
1295		~~String appname = sc.getInitParameter(appNameInitParameter);~~
1296		~~if (appname == null) {~~
1297		~~appname = "?";~~
1298		}
1299
1300		~~return appname;~~
1301		}
1302
1303	1040	/* We should probably return false for a portlet
1304	1041	* (non-Javadoc)
…	…
1328	1065
1329	1066	return true;
1330		}
1331
1332		~~/** Ensure we have a CalAdminSvcI object for the given user.~~
1333		*
1334		* <p>For an admin client with a super user we may switch to a different
1335		* user to administer their events.
1336		*
1337		* @param request Needed to locate session
1338		* @param form Action form
1339		* @param sess Session object for global parameters
1340		* @param access int unadjusted access
1341		* @param user String user we want to be
1342		* @param publicAdmin true if this is an administrative client
1343		* @param canSwitch true if we should definitely allow user to switch
1344		* this allows a user to switch between and into
1345		* groups of which they are a member
1346		* @param debug true for all that debugging stuff
1347		* @return boolean false for problems.
1348		* @throws CalFacadeException
1349		*/
1350		~~private boolean checkSvci(HttpServletRequest request,~~
1351		~~BwActionFormBase form,~~
1352		~~BwSession sess,~~
1353		~~int access,~~
1354		~~String user,~~
1355		~~boolean publicAdmin,~~
1356		~~boolean canSwitch,~~
1357		~~boolean debug) throws CalFacadeException {~~
1358		~~/** Do some checks first~~
1359		*/
1360		~~String authUser = String.valueOf(form.getCurrentUser());~~
1361
1362		~~if (!publicAdmin) {~~
1363		~~/* We're never allowed to switch identity as a user client.~~
1364		*/
1365		~~if (!authUser.equals(String.valueOf(user))) {~~
1366		~~return false;~~
1367		}
1368		~~} else if (user == null) {~~
1369		~~throw new CalFacadeException("Null user parameter for public admin.");~~
1370		}
1371
1372		~~CalSvcI svci = BwWebUtil.getCalSvcI(request);~~
1373
1374		~~/** Make some checks to see if this is an old - restarted session.~~
1375		~~If so discard the svc interface~~
1376		*/
1377		~~if (svci != null) {~~
1378		~~if (!svci.isOpen()) {~~
1379		~~svci = null;~~
1380		~~info(".Svci interface discarded from old session");~~
1381		}
1382		}
1383
1384		~~if (svci != null) {~~
1385		~~/* Already there and already opened */~~
1386		~~if (debug) {~~
1387		~~debugMsg("CalSvcI-- Obtained from session for user " +~~
1388		~~svci.getUser());~~
1389		}
1390
1391		~~// XXX access - disable use of roles~~
1392		~~access = svci.getUserAuth().getUsertype();~~
1393		~~} else {~~
1394		~~if (debug) {~~
1395		~~debugMsg(".CalSvcI-- get new object for user " + user);~~
1396		}
1397
1398		~~/* create a call back object so the filter can open the service~~
1399		~~interface */~~
1400		~~BwCallback cb = new Callback(form);~~
1401		~~HttpSession hsess = request.getSession();~~
1402		~~hsess.setAttribute(BwCallback.cbAttrName, cb);~~
1403
1404		~~String runAsUser = user;~~
1405		~~String calSuite = form.retrieveConfig().getCalSuite();~~
1406
1407		~~try {~~
1408		~~svci = new CalSvc();~~
1409		~~if (publicAdmin \|\| (user == null)) {~~
1410		~~if (calSuite == null) {~~
1411		~~runAsUser = form.getEnv().getAppProperty("run.as.user");~~
1412		}
1413		}
1414
1415		~~CalSvcIPars pars = new CalSvcIPars(user, //access,~~
1416		~~runAsUser,~~
1417		~~calSuite,~~
1418		~~form.getEnv().getAppPrefix(),~~
1419		~~publicAdmin,~~
1420		~~false, // caldav~~
1421		~~null, // synchId~~
1422		~~debug);~~
1423		~~svci.init(pars);~~
1424
1425		~~BwWebUtil.setCalSvcI(request, svci);~~
1426
1427		~~form.setCalSvcI(svci);~~
1428
1429		~~cb.in(true);~~
1430
1431		~~UserAuth ua = null;~~
1432		~~UserAuthPar par = new UserAuthPar();~~
1433		~~par.svlt = servlet;~~
1434		~~par.req = request;~~
1435
1436		~~if (publicAdmin) {~~
1437		~~try {~~
1438		~~ua = svci.getUserAuth(user, par);~~
1439
1440		~~form.assignAuthorisedUser(ua.getUsertype() != UserAuth.noPrivileges);~~
1441		~~svci.setSuperUser((ua.getUsertype() & UserAuth.superUser) != 0);~~
1442
1443		~~// XXX access - disable use of roles~~
1444		~~access = ua.getUsertype();~~
1445
1446		~~if (debug) {~~
1447		~~debugMsg("UserAuth says that current user has the type: " +~~
1448		~~ua.getUsertype());~~
1449		}
1450		~~} catch (Throwable t) {~~
1451		~~form.getErr().emit("org.bedework.client.error.exc", t.getMessage());~~
1452		~~form.getErr().emit(t);~~
1453		~~return false;~~
1454		}
1455		}
1456		~~} catch (CalFacadeException cfe) {~~
1457		~~throw cfe;~~
1458		~~} catch (Throwable t) {~~
1459		~~throw new CalFacadeException(t);~~
1460		}
1461		}
1462
1463		~~form.assignUserVO((BwUser)svci.getUser().clone());~~
1464
1465		~~if (publicAdmin) {~~
1466		~~canSwitch = canSwitch \|\| ((access & UserAuth.contentAdminUser) != 0) \|\|~~
1467		~~((access & UserAuth.superUser) != 0);~~
1468
1469		~~BwUser u = svci.getUser();~~
1470		~~if (u == null) {~~
1471		~~throw new CalFacadeException("Null user for public admin.");~~
1472		}
1473
1474		~~String curUser = u.getAccount();~~
1475
1476		~~if (!canSwitch && !user.equals(curUser)) {~~
1477		~~/** Trying to switch but not allowed */~~
1478		~~return false;~~
1479		}
1480
1481		~~if (!user.equals(curUser)) {~~
1482		~~/** Switching user */~~
1483		~~svci.setUser(user);~~
1484		~~curUser = user;~~
1485		}
1486
1487		~~form.assignCurrentAdminUser(curUser);~~
1488		}
1489
1490		~~return true;~~
1491		}
1492
1493		~~/** This method determines the access rights of the current user based on~~
1494		* their assigned roles. There are two sections to this which appear to do
1495		* the same thing.
1496		*
1497		* <p>They are there because some servlet containers (jetty for one)
1498		* appeared to be broken. Role mapping does not appear to work reliably.
1499		* This seems to have something to do with jetty doing internal redirects
1500		* to handle login. In the process it seems to lose the appropriate servlet
1501		* context and with it the mapping of roles.
1502		*
1503		* @param req HttpServletRequest
1504		* @param messages MessageResources
1505		* @return int access
1506		* @throws CalFacadeException
1507		*/
1508		~~private int getAccess(HttpServletRequest req,~~
1509		~~MessageResources messages) throws CalFacadeException {~~
1510		~~int access = 0;~~
1511
1512		~~/** This form works with broken containers.~~
1513		*/
1514		~~if (req.isUserInRole(~~
1515		~~getMessages().getMessage("org.bedework.role.admin"))) {~~
1516		~~access += UserAuth.superUser;~~
1517		}
1518
1519		~~if (req.isUserInRole(~~
1520		~~getMessages().getMessage("org.bedework.role.contentadmin"))) {~~
1521		~~access += UserAuth.contentAdminUser;~~
1522		}
1523
1524		~~if (req.isUserInRole(~~
1525		~~getMessages().getMessage("org.bedework.role.alert"))) {~~
1526		~~access += UserAuth.alertUser;~~
1527		}
1528
1529		~~if (req.isUserInRole(~~
1530		~~getMessages().getMessage("org.bedework.role.owner"))) {~~
1531		~~access += UserAuth.publicEventUser;~~
1532		}
1533
1534		~~/** This is how it ought to look~~
1535		~~if (req.isUserInRole("admin")) {~~
1536		~~access += UserAuth.superUser;~~
1537		}
1538
1539		~~if (req.isUserInRole("contentadmin")) {~~
1540		~~access += UserAuth.contentAdminUser;~~
1541		}
1542
1543		~~if (req.isUserInRole("alert")) {~~
1544		~~access += UserAuth.alertUser;~~
1545		}
1546
1547		~~if (req.isUserInRole("owner")) {~~
1548		~~access += UserAuth.publicEventUser;~~
1549		~~} */~~
1550
1551		~~return access;~~
1552	1067	}
1553	1068
…	…
1733	1248	******************************************************************** */
1734	1249
	1250	/** Get the session state object for a web session. If we've already been
	1251	* here it's embedded in the current session. Otherwise create a new one.
	1252	*
	1253	* <p>We also carry out a number of web related operations.
	1254	*
	1255	* @param request HttpServletRequest Needed to locate session
	1256	* @param form Action form
	1257	* @param messages MessageResources needed for the resources
	1258	* @param adminUserId id we want to administer
	1259	* @param admin Get this for the admin client
	1260	* @return UWCalSession null on failure
	1261	* @throws Throwable
	1262	*/
	1263	private synchronized BwSession getState(HttpServletRequest request,
	1264	BwActionFormBase form,
	1265	MessageResources messages,
	1266	String adminUserId,
	1267	boolean admin) throws Throwable {
	1268	BwSession s = BwWebUtil.getState(request);
	1269	HttpSession sess = request.getSession(false);
	1270	String appName = getAppName(sess);
	1271
	1272	if (s != null) {
	1273	if (debug) {
	1274	debugMsg("getState-- obtainedfrom session");
	1275	debugMsg("getState-- timeout interval = " +
	1276	sess.getMaxInactiveInterval());
	1277	}
	1278
	1279	form.assignNewSession(false);
	1280	} else {
	1281	if (debug) {
	1282	debugMsg("getState-- get new object");
	1283	}
	1284
	1285	form.assignNewSession(true);
	1286
	1287	CalEnv env = getEnv(request, form);
	1288	String appRoot = env.getAppProperty("root");
	1289
	1290	/** The actual session class used is possibly site dependent
	1291	*/
	1292	s = new BwSessionImpl(form.getCurrentUser(), appRoot, appName,
	1293	form.getPresentationState(), messages,
	1294	form.getSchemeHostPort(), debug);
	1295
	1296	BwWebUtil.setState(request, s);
	1297
	1298	setSessionAttr(request, "cal.pubevents.client.uri",
	1299	messages.getMessage("org.bedework.public.calendar.uri"));
	1300
	1301	setSessionAttr(request, "cal.personal.client.uri",
	1302	messages.getMessage("org.bedework.personal.calendar.uri"));
	1303
	1304	setSessionAttr(request, "cal.admin.client.uri",
	1305	messages.getMessage("org.bedework.public.admin.uri"));
	1306
	1307	String temp = messages.getMessage("org.bedework.host");
	1308	if (temp == null) {
	1309	temp = form.getSchemeHostPort();
	1310	}
	1311
	1312	setSessionAttr(request, "cal.server.host", temp);
	1313
	1314	String raddr = request.getRemoteAddr();
	1315	String rhost = request.getRemoteHost();
	1316	info("===============" + appName + ": New session (" +
	1317	s.getSessionNum() + ") from " +
	1318	rhost + "(" + raddr + ")");
	1319
	1320	if (!admin) {
	1321	/** Ensure the session timeout interval is longer than our refresh period
	1322	*/
	1323	// Should come from db -- int refInt = s.getRefreshInterval();
	1324	int refInt = 60; // 1 min refresh?
	1325
	1326	if (refInt > 0) {
	1327	int timeout = sess.getMaxInactiveInterval();
	1328
	1329	if (timeout <= refInt) {
	1330	// An extra minute should do it.
	1331	debugMsg("@+@+@+@+@+ set timeout to " + (refInt + 60));
	1332	sess.setMaxInactiveInterval(refInt + 60);
	1333	}
	1334	}
	1335	}
	1336	}
	1337
	1338	int access = getAccess(request, messages);
	1339	if (debug) {
	1340	debugMsg("Container says that current user has the type: " + access);
	1341	}
	1342
	1343	/** Ensure we have a CalAdminSvcI object
	1344	*/
	1345	String calSuite = form.retrieveConfig().getCalSuite();
	1346	checkSvci(request, form, s, access, adminUserId, calSuite,
	1347	getPublicAdmin(form), false, debug);
	1348
	1349	/*
	1350	UserAuth ua = null;
	1351	UserAuthPar par = new UserAuthPar();
	1352	par.svlt = servlet;
	1353	par.req = request;
	1354
	1355	try {
	1356	ua = form.fetchSvci().getUserAuth(s.getUser(), par);
	1357
	1358	form.assignAuthorisedUser(ua.getUsertype() != UserAuth.noPrivileges);
	1359
	1360	if (debug) {
	1361	debugMsg("UserAuth says that current user has the type: " +
	1362	ua.getUsertype());
	1363	}
	1364	} catch (Throwable t) {
	1365	form.getErr().emit("org.bedework.client.error.exc", t.getMessage());
	1366	form.getErr().emit(t);
	1367	return null;
	1368	}
	1369	*/
	1370
	1371	return s;
	1372	}
	1373
	1374	private String getAppName(HttpSession sess) {
	1375	ServletContext sc = sess.getServletContext();
	1376
	1377	String appname = sc.getInitParameter(appNameInitParameter);
	1378	if (appname == null) {
	1379	appname = "?";
	1380	}
	1381
	1382	return appname;
	1383	}
	1384
	1385	private int setGroup(HttpServletRequest request,
	1386	BwActionFormBase form,
	1387	Groups adgrps,
	1388	BwAdminGroup adg) throws Throwable {
	1389	CalSvcI svci = form.fetchSvci();
	1390
	1391	adgrps.getMembers(adg);
	1392
	1393	if (debug) {
	1394	logIt("Set admin group to " + adg);
	1395	}
	1396
	1397	/* Determine which calsuites they are administering */
	1398
	1399	Collection css = findAllCalSuites(svci, adg, adgrps);
	1400
	1401	if (css.size() > 1) {
	1402	form.getErr().emit("org.bedework.error.cannot.handle.this.yet");
	1403	return forwardError;
	1404	}
	1405
	1406	BwCalSuiteWrapper cs = null;
	1407	String calSuiteName = null;
	1408
	1409	if (css.size() == 1) {
	1410	cs = (BwCalSuiteWrapper)css.iterator().next();
	1411	calSuiteName = cs.getName();
	1412	}
	1413
	1414	if (debug) {
	1415	debugMsg("Found calSuite " + cs);
	1416	} else {
	1417	debugMsg("No calsuite found");
	1418	}
	1419
	1420	form.setCurrentCalSuite(cs);
	1421	form.assignAdminGroup(adg);
	1422
	1423	int access = getAccess(request, getMessages());
	1424
	1425	if (!checkSvci(request, form, form.getSession(), access,
	1426	adg.getOwner().getAccount(),
	1427	calSuiteName, true, isMember(adg, form), debug)) {
	1428	return forwardNoAccess;
	1429	}
	1430
	1431	form.setAdminUserId(form.fetchSvci().getUser().getAccount());
	1432
	1433	return forwardNoAction;
	1434	}
	1435
	1436	private boolean isMember(BwAdminGroup ag,
	1437	BwActionFormBase form) throws Throwable {
	1438	return ag.isMember(String.valueOf(form.getCurrentUser()), false);
	1439	}
	1440
	1441	/** Ensure we have a CalAdminSvcI object for the given user.
	1442	*
	1443	* <p>For an admin client with a super user we may switch to a different
	1444	* user to administer their events.
	1445	*
	1446	* @param request Needed to locate session
	1447	* @param form Action form
	1448	* @param sess Session object for global parameters
	1449	* @param access int unadjusted access
	1450	* @param user String user we want to be
	1451	* @param calSuite Name of calendar suite we are administering
	1452	* @param publicAdmin true if this is an administrative client
	1453	* @param canSwitch true if we should definitely allow user to switch
	1454	* this allows a user to switch between and into
	1455	* groups of which they are a member
	1456	* @param debug true for all that debugging stuff
	1457	* @return boolean false for problems.
	1458	* @throws CalFacadeException
	1459	*/
	1460	private boolean checkSvci(HttpServletRequest request,
	1461	BwActionFormBase form,
	1462	BwSession sess,
	1463	int access,
	1464	String user,
	1465	String calSuite,
	1466	boolean publicAdmin,
	1467	boolean canSwitch,
	1468	boolean debug) throws CalFacadeException {
	1469	/** Do some checks first
	1470	*/
	1471	String authUser = String.valueOf(form.getCurrentUser());
	1472
	1473	if (!publicAdmin) {
	1474	/* We're never allowed to switch identity as a user client.
	1475	*/
	1476	if (!authUser.equals(String.valueOf(user))) {
	1477	return false;
	1478	}
	1479	} else if (user == null) {
	1480	throw new CalFacadeException("Null user parameter for public admin.");
	1481	}
	1482
	1483	CalSvcI svci = BwWebUtil.getCalSvcI(request);
	1484
	1485	/** Make some checks to see if this is an old - restarted session.
	1486	If so discard the svc interface
	1487	*/
	1488	if (svci != null) {
	1489	if (!svci.isOpen()) {
	1490	svci = null;
	1491	info(".Svci interface discarded from old session");
	1492	}
	1493	}
	1494
	1495	if (svci != null) {
	1496	/* Already there and already opened */
	1497	if (debug) {
	1498	debugMsg("CalSvcI-- Obtained from session for user " +
	1499	svci.getUser());
	1500	}
	1501
	1502	// XXX access - disable use of roles
	1503	access = svci.getUserAuth().getUsertype();
	1504	} else {
	1505	if (debug) {
	1506	debugMsg(".CalSvcI-- get new object for user " + user);
	1507	}
	1508
	1509	/* create a call back object so the filter can open the service
	1510	interface */
	1511	BwCallback cb = new Callback(form);
	1512	HttpSession hsess = request.getSession();
	1513	hsess.setAttribute(BwCallback.cbAttrName, cb);
	1514
	1515	String runAsUser = user;
	1516
	1517	try {
	1518	svci = new CalSvc();
	1519	if (publicAdmin \|\| (user == null)) {
	1520	if (calSuite == null) {
	1521	runAsUser = form.getEnv().getAppProperty("run.as.user");
	1522	}
	1523	}
	1524
	1525	CalSvcIPars pars = new CalSvcIPars(user, //access,
	1526	runAsUser,
	1527	calSuite,
	1528	form.getEnv().getAppPrefix(),
	1529	publicAdmin,
	1530	false, // caldav
	1531	null, // synchId
	1532	debug);
	1533	svci.init(pars);
	1534
	1535	BwWebUtil.setCalSvcI(request, svci);
	1536
	1537	form.setCalSvcI(svci);
	1538
	1539	cb.in(true);
	1540
	1541	UserAuth ua = null;
	1542	UserAuthPar par = new UserAuthPar();
	1543	par.svlt = servlet;
	1544	par.req = request;
	1545
	1546	if (publicAdmin) {
	1547	try {
	1548	ua = svci.getUserAuth(user, par);
	1549
	1550	form.assignAuthorisedUser(ua.getUsertype() != UserAuth.noPrivileges);
	1551	svci.setSuperUser((ua.getUsertype() & UserAuth.superUser) != 0);
	1552
	1553	// XXX access - disable use of roles
	1554	access = ua.getUsertype();
	1555
	1556	if (debug) {
	1557	debugMsg("UserAuth says that current user has the type: " +
	1558	ua.getUsertype());
	1559	}
	1560	} catch (Throwable t) {
	1561	form.getErr().emit("org.bedework.client.error.exc", t.getMessage());
	1562	form.getErr().emit(t);
	1563	return false;
	1564	}
	1565	}
	1566	} catch (CalFacadeException cfe) {
	1567	throw cfe;
	1568	} catch (Throwable t) {
	1569	throw new CalFacadeException(t);
	1570	}
	1571	}
	1572
	1573	form.assignUserVO((BwUser)svci.getUser().clone());
	1574
	1575	if (publicAdmin) {
	1576	canSwitch = canSwitch \|\| ((access & UserAuth.contentAdminUser) != 0) \|\|
	1577	((access & UserAuth.superUser) != 0);
	1578
	1579	BwUser u = svci.getUser();
	1580	if (u == null) {
	1581	throw new CalFacadeException("Null user for public admin.");
	1582	}
	1583
	1584	String curUser = u.getAccount();
	1585
	1586	if (!canSwitch && !user.equals(curUser)) {
	1587	/** Trying to switch but not allowed */
	1588	return false;
	1589	}
	1590
	1591	if (!user.equals(curUser)) {
	1592	/** Switching user */
	1593	svci.setUser(user);
	1594	curUser = user;
	1595	}
	1596
	1597	form.assignCurrentAdminUser(curUser);
	1598	}
	1599
	1600	return true;
	1601	}
	1602
	1603	/** This method determines the access rights of the current user based on
	1604	* their assigned roles. There are two sections to this which appear to do
	1605	* the same thing.
	1606	*
	1607	* <p>They are there because some servlet containers (jetty for one)
	1608	* appeared to be broken. Role mapping does not appear to work reliably.
	1609	* This seems to have something to do with jetty doing internal redirects
	1610	* to handle login. In the process it seems to lose the appropriate servlet
	1611	* context and with it the mapping of roles.
	1612	*
	1613	* @param req HttpServletRequest
	1614	* @param messages MessageResources
	1615	* @return int access
	1616	* @throws CalFacadeException
	1617	*/
	1618	private int getAccess(HttpServletRequest req,
	1619	MessageResources messages) throws CalFacadeException {
	1620	int access = 0;
	1621
	1622	/** This form works with broken containers.
	1623	*/
	1624	if (req.isUserInRole(
	1625	getMessages().getMessage("org.bedework.role.admin"))) {
	1626	access += UserAuth.superUser;
	1627	}
	1628
	1629	if (req.isUserInRole(
	1630	getMessages().getMessage("org.bedework.role.contentadmin"))) {
	1631	access += UserAuth.contentAdminUser;
	1632	}
	1633
	1634	if (req.isUserInRole(
	1635	getMessages().getMessage("org.bedework.role.alert"))) {
	1636	access += UserAuth.alertUser;
	1637	}
	1638
	1639	if (req.isUserInRole(
	1640	getMessages().getMessage("org.bedework.role.owner"))) {
	1641	access += UserAuth.publicEventUser;
	1642	}
	1643
	1644	/** This is how it ought to look
	1645	if (req.isUserInRole("admin")) {
	1646	access += UserAuth.superUser;
	1647	}
	1648
	1649	if (req.isUserInRole("contentadmin")) {
	1650	access += UserAuth.contentAdminUser;
	1651	}
	1652
	1653	if (req.isUserInRole("alert")) {
	1654	access += UserAuth.alertUser;
	1655	}
	1656
	1657	if (req.isUserInRole("owner")) {
	1658	access += UserAuth.publicEventUser;
	1659	} */
	1660
	1661	return access;
	1662	}
	1663
	1664	private Collection findAllCalSuites(CalSvcI svc,
	1665	BwAdminGroup adg,
	1666	Groups adgrps) throws Throwable {
	1667	ArrayList al = new ArrayList();
	1668
	1669	BwCalSuiteWrapper cs = svc.getCalSuite(adg);
	1670	if (cs != null) {
	1671	al.add(cs);
	1672	}
	1673
	1674	Iterator parents = ((AdminGroups)adgrps).findGroupParents(adg).iterator();
	1675
	1676	while (parents.hasNext()) {
	1677	al.addAll(findAllCalSuites(svc, (BwAdminGroup)parents.next(), adgrps));
	1678	}
	1679
	1680	return al;
	1681	}
	1682
1735	1683	/* Set information associated with the current auth user.
1736	1684	* Set the prefs on each request to reflect other session changes
…	…
1768	1716	form.setRefreshNeeded(false);
1769	1717	}
	1718
	1719	/** get an env object initialised appropriately for our usage.
	1720	*
	1721	* @param request HttpServletRequest
	1722	* @param frm
	1723	* @return CalEnv object - also implanted in form.
	1724	* @throws Throwable
	1725	*/
	1726	private CalEnv getEnv(HttpServletRequest request,
	1727	BwActionFormBase frm) throws Throwable {
	1728	CalEnv env = frm.getEnv();
	1729	if (env != null) {
	1730	return env;
	1731	}
	1732
	1733	HttpSession session = request.getSession();
	1734	ServletContext sc = session.getServletContext();
	1735
	1736	String appName = sc.getInitParameter("bwappname");
	1737
	1738	if ((appName == null) \|\| (appName.length() == 0)) {
	1739	appName = "unknown-app-name";
	1740	}
	1741
	1742	String envPrefix = "org.bedework.app." + appName + ".";
	1743
	1744	env = new CalEnv(envPrefix, debug);
	1745	frm.assignEnv(env);
	1746
	1747	return env;
	1748	}
1770	1749	}

trunk/calendar3/webcommon/src/org/bedework/webcommon/BwActionFormBase.java

r519	r520
182	182	* .................................................................... */
183	183
	184	private BwCalSuiteWrapper currentCalSuite;
	185
184	186	private BwCalSuiteWrapper calSuite;
185	187
…	…
562	564	* ==================================================================== */
563	565
564		/**
	566	/** Current calSuite for the application
	567	*
	568	* @param val
	569	*/
	570	public void setCurrentCalSuite(BwCalSuiteWrapper val) {
	571	currentCalSuite = val;
	572	}
	573
	574	/**
	575	* @return BwCalSuiteWrapper
	576	*/
	577	public BwCalSuiteWrapper getCurrentCalSuite() {
	578	return currentCalSuite;
	579	}
	580
	581	/** CalSuite we are editing or creating.
	582	*
565	583	* @param val
566	584	*/
…	…
569	587	}
570	588
571		/**
	589	/** CalSuite we are editing or creating.
	590	*
572	591	* @return BwCalSuiteWrapper
573	592	*/
…	…
580	599	* @param val
581	600	*/
582		public void assignCalSuite(boolean val) {
	601	public void assignAddingCalSuite(boolean val) {
583	602	addingCalSuite = val;
584	603	}

Download in other formats: