1 package org.campware.cream.modules.actions; 2 3 42 43 import org.apache.velocity.context.Context; 44 import org.apache.turbine.Turbine; 45 import org.apache.turbine.util.RunData; 46 import org.apache.turbine.util.security.AccessControlList; 47 import org.campware.cream.modules.upload.UploadHandler; 48 52 public class ImportSQL extends CreamAction 53 { 54 55 63 public void doUpdate(RunData data, Context context) 64 throws Exception 65 { 66 String out = UploadHandler.doPost(data); 67 data.setMessage(out == null || out.length() == 0 ? "No Input!" : out); 68 this.setTemplate( data, "CreamError.vm"); 69 } 70 71 protected boolean isAuthorized( RunData data ) throws Exception 72 { 73 boolean isAuthorized = false; 74 75 AccessControlList acl = data.getACL(); 76 77 if (data.getUser().hasLoggedIn()) 78 { 79 int imptype = data.getParameters().getInt("type"); 80 81 if (imptype==10 && (acl.hasPermission( "CUSTOMER_MODIFY") || acl.hasRole("turbine_root"))) 82 { 83 isAuthorized = true; 84 } 85 else if (imptype==20 && (acl.hasPermission( "PRODUCT_MODIFY") || acl.hasRole("turbine_root"))) 86 { 87 isAuthorized = true; 88 } 89 else 90 { 91 isAuthorized = false; 92 data.setMessage("Sorry, you don't have permission for this operation!"); 93 data.setScreenTemplate("CreamError.vm"); 94 95 } 96 } 97 else 98 { 99 data.setScreenTemplate(Turbine.getConfiguration().getString("template.login")); 100 101 isAuthorized = false; 102 } 103 104 return isAuthorized; 105 } 106 107 108 } 109 | Popular Tags |