1 package org.nemesis.forum.webapp.admin.action; 2 3 import javax.servlet.http.HttpServletRequest ; 4 import javax.servlet.http.HttpServletResponse ; 5 6 import org.apache.commons.logging.Log; 7 import org.apache.commons.logging.LogFactory; 8 import org.apache.struts.action.ActionError; 9 import org.apache.struts.action.ActionErrors; 10 import org.apache.struts.action.ActionForm; 11 import org.apache.struts.action.ActionForward; 12 import org.apache.struts.action.ActionMapping; 13 import org.nemesis.forum.Forum; 14 import org.nemesis.forum.ForumFactory; 15 import org.nemesis.forum.Group; 16 import org.nemesis.forum.ProfileManager; 17 import org.nemesis.forum.config.Constants; 18 import org.nemesis.forum.exception.NotFoundException; 19 import org.nemesis.forum.exception.UnauthorizedException; 20 import org.nemesis.forum.util.SecurityTools; 21 22 27 public class AddGroupPermissionAction extends BaseAction { 28 29 static protected Log log = LogFactory.getLog(AddGroupPermissionAction.class); 30 31 public ActionForward execute(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception { 32 33 checkUser(request); 35 36 ActionErrors errors = new ActionErrors(); 37 38 try { 39 40 ForumFactory forumFactory = ForumFactory.getInstance(getAuthToken(request)); 41 Forum forum = forumFactory.getForum(Integer.parseInt(request.getParameter("id"))); 42 request.setAttribute("id", request.getParameter("id")); 43 checkPermission(request, OperationConstants.ADD_GROUP_PERMISSION, forum); 45 46 ProfileManager manager = forumFactory.getProfileManager(); 47 Group group = manager.getGroup(request.getParameter("actor")); 48 49 int perm=Integer.parseInt(request.getParameter("type")); 50 if(perm==Constants.FORUM_ADMIN && ! SecurityTools.isSystemAdmin(getAuthToken(request))){ 51 throw new UnauthorizedException(); 52 } 53 forum.addGroupPermission(group, perm); 54 55 } catch (NotFoundException e) { 56 errors.add("general", new ActionError("forumPermission.NotFound")); 57 } catch (UnauthorizedException ue) { 58 errors.add("general", new ActionError("forumPermission.Unauthorized")); 59 } catch (Exception e) { 60 String eid = this.getClass().getName() + "_" + System.currentTimeMillis(); 61 log.error("eid:" + eid + "\nsessionID" + request.getSession().getId(), e); 62 errors.add("general", new ActionError("error.general", "erreur id:" + eid)); 63 } 64 65 if (!errors.isEmpty()) { 66 saveErrors(request, errors); 67 return mapping.findForward("cancel"); 68 } 69 70 return mapping.findForward("success"); 71 } 72 73 } | Popular Tags |