1 package org.nemesis.forum.webapp.admin.action; 2 3 import javax.servlet.http.HttpServletRequest ; 4 import javax.servlet.http.HttpServletResponse ; 5 6 import org.apache.commons.logging.Log; 7 import org.apache.commons.logging.LogFactory; 8 import org.apache.struts.action.ActionError; 9 import org.apache.struts.action.ActionErrors; 10 import org.apache.struts.action.ActionForm; 11 import org.apache.struts.action.ActionForward; 12 import org.apache.struts.action.ActionMapping; 13 import org.nemesis.forum.Forum; 14 import org.nemesis.forum.ForumFactory; 15 import org.nemesis.forum.ProfileManager; 16 import org.nemesis.forum.User; 17 import org.nemesis.forum.config.Constants; 18 import org.nemesis.forum.exception.NotFoundException; 19 import org.nemesis.forum.exception.UnauthorizedException; 20 import org.nemesis.forum.util.SecurityTools; 21 22 27 public class AddUserPermissionAction extends BaseAction { 28 29 static protected Log log = LogFactory.getLog(AddUserPermissionAction.class); 30 31 public ActionForward execute(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception { 32 33 checkUser(request); 35 36 ActionErrors errors = new ActionErrors(); 37 38 try { 39 40 ForumFactory forumFactory = ForumFactory.getInstance(getAuthToken(request)); 41 Forum forum = forumFactory.getForum(Integer.parseInt(request.getParameter("id"))); 42 request.setAttribute("id", request.getParameter("id")); 43 checkPermission(request, OperationConstants.ADD_USER_PERMISSION, forum); 45 46 ProfileManager manager = forumFactory.getProfileManager(); 47 48 User user =null; 49 if(! "null".equals(request.getParameter("ou")) ){ 50 user = manager.getUser(Integer.parseInt(request.getParameter("ou"))); 51 }else{ 52 user = manager.getUser(request.getParameter("actor")); 53 } 54 55 56 int perm=Integer.parseInt(request.getParameter("type")); 57 if(perm==Constants.FORUM_ADMIN && ! SecurityTools.isSystemAdmin(getAuthToken(request))){ 58 throw new UnauthorizedException(); 59 } 60 61 forum.addUserPermission(user, perm); 62 63 } catch (NotFoundException e) { 64 errors.add("general", new ActionError("forumPermission.NotFound")); 65 } catch (UnauthorizedException ue) { 66 errors.add("general", new ActionError("forumPermission.Unauthorized")); 67 } catch (Exception e) { 68 String eid = this.getClass().getName() + "_" + System.currentTimeMillis(); 69 log.error("eid:" + eid + "\nsessionID" + request.getSession().getId(), e); 70 errors.add("general", new ActionError("error.general", "erreur id:" + eid)); 71 } 72 73 if (!errors.isEmpty()) { 74 saveErrors(request, errors); 75 return mapping.findForward("cancel"); 76 } 77 78 return mapping.findForward("success"); 79 } 80 81 } | Popular Tags |