1 package org.nemesis.forum.webapp.admin.action; 2 3 import javax.servlet.http.HttpServletRequest ; 4 import javax.servlet.http.HttpServletResponse ; 5 6 import org.apache.commons.logging.Log; 7 import org.apache.commons.logging.LogFactory; 8 import org.apache.struts.action.ActionError; 9 import org.apache.struts.action.ActionErrors; 10 import org.apache.struts.action.ActionForm; 11 import org.apache.struts.action.ActionForward; 12 import org.apache.struts.action.ActionMapping; 13 import org.nemesis.forum.Forum; 14 import org.nemesis.forum.ForumFactory; 15 import org.nemesis.forum.ProfileManager; 16 import org.nemesis.forum.User; 17 import org.nemesis.forum.config.Constants; 18 import org.nemesis.forum.exception.NotFoundException; 19 import org.nemesis.forum.exception.UnauthorizedException; 20 import org.nemesis.forum.util.SecurityTools; 21 22 23 28 public class DelUserPermissionAction extends BaseAction { 29 30 static protected Log log =LogFactory.getLog(DelUserPermissionAction.class); 31 32 33 public ActionForward execute(ActionMapping mapping, 34 ActionForm form, 35 HttpServletRequest request, 36 HttpServletResponse response) 37 throws Exception { 38 39 checkUser(request); 41 42 ActionErrors errors = new ActionErrors(); 43 44 45 try { 46 47 ForumFactory forumFactory = ForumFactory.getInstance(getAuthToken(request)); 48 Forum forum = forumFactory.getForum(Integer.parseInt(request.getParameter("id"))); 49 request.setAttribute("id", request.getParameter("id")); 50 checkPermission(request, OperationConstants.DELETE_USER_PERMISSION, forum); 52 53 ProfileManager manager = forumFactory.getProfileManager(); 54 User user = manager.getUser( Integer.parseInt(request.getParameter("actor"))); 55 56 57 int perm=Integer.parseInt(request.getParameter("type")); 58 if(perm==Constants.FORUM_ADMIN && ! SecurityTools.isSystemAdmin(getAuthToken(request))){ 59 throw new UnauthorizedException(); 60 } 61 forum.removeUserPermission(user, perm); 62 63 } catch (NotFoundException e) { 64 errors.add("general", new ActionError("forumPermission.forumNotFound")); 65 } catch (UnauthorizedException ue) { 66 errors.add("general", new ActionError("forumPermission.Unauthorized")); 67 } catch (Exception e) { 68 String eid = this.getClass().getName() + "_" + System.currentTimeMillis(); 69 log.error("eid:" + eid + "\nsessionID" + request.getSession().getId(), e); 70 errors.add("general", new ActionError("error.general", "erreur id:" + eid)); 71 } 72 73 if (!errors.isEmpty()) { 74 saveErrors(request, errors); 75 return mapping.findForward("cancel"); 76 } 77 78 return mapping.findForward("success"); 79 } 80 81 } | Popular Tags |