ViewIssueActivityAction.java

  1. package org.itracker.web.actions.project;

  3. import org.apache.log4j.Logger;
  4. import org.apache.struts.action.ActionForm;
  5. import org.apache.struts.action.ActionForward;
  6. import org.apache.struts.action.ActionMapping;
  7. import org.itracker.model.*;
  8. import org.itracker.model.util.IssueUtilities;
  9. import org.itracker.model.util.UserUtilities;
  10. import org.itracker.services.IssueService;
  11. import org.itracker.web.actions.base.ItrackerBaseAction;
  12. import org.itracker.web.util.LoginUtilities;
  13. import org.itracker.web.util.RequestHelper;
  14. import org.itracker.web.util.ServletContextUtils;

  16. import javax.servlet.http.HttpServletRequest;
  17. import javax.servlet.http.HttpServletResponse;
  18. import java.util.*;

  20. /**
  21.  * @author ranks
  22.  */
  23. public class ViewIssueActivityAction extends ItrackerBaseAction {
  24.     private static final Logger log = Logger
  25.             .getLogger(ViewIssueActivityAction.class);

  27.     /**
  28.      * executes this struts-actions processing
  29.      */
  30.     public ActionForward execute(ActionMapping mapping, ActionForm form,
  31.                                  HttpServletRequest request, HttpServletResponse response)
  32.             throws Exception {
  33.         if (log.isDebugEnabled()) {
  34.             log.debug("execute: called");
  35.         }

  37.         IssueService issueService = ServletContextUtils.getItrackerServices().getIssueService();

  39.         ActionForward ret = checkPermission(request, issueService, mapping);
  40.         if (null != ret) {
  41.             if (log.isDebugEnabled()) {
  42.                 log.debug("checkPermission: user has no permission, forwarding to " + ret);
  43.             }
  44.             return ret;
  45.         }

  47.         Map<IssueActivity, String> activities = prepareActivitiesMap(issueService, request);
  48.         if (log.isDebugEnabled()) {
  49.             log.debug("execute: preparing with activities: " + activities);
  50.         }
  51.         setupJspEnv(request, activities);

  53.         if (log.isDebugEnabled()) {
  54.             log.debug("execute: forwarding to " + mapping.findForward("viewissueactivity"));
  55.         }

  57.         return mapping.findForward("viewissueactivity");
  58.     }

  60.     /**
  61.      * check if user can view the issue-activites for the requested issue
  62.      *
  63.      * @return ActionForward: not-null if access is denied, null if user is granted to see issue activities
  64.      */
  65.     private ActionForward checkPermission(HttpServletRequest request, IssueService issueService, ActionMapping mapping) {
  66.         final Map<Integer, Set<PermissionType>> permissions = RequestHelper
  67.                 .getUserPermissions(request.getSession());

  69.         User user = RequestHelper.getCurrentUser(request.getSession());
  70.         Integer issueId = getIssueId(request);

  72.         Project project = issueService.getIssueProject(issueId);
  73.         User owner = issueService.getIssueOwner(issueId);
  74.         User creator = issueService.getIssueCreator(issueId);

  76.         if ((project == null ||
  77.                 (!UserUtilities.hasPermission(permissions, project.getId(), PermissionType.ISSUE_VIEW_ALL)
  78.                         && !(UserUtilities.hasPermission(permissions, project.getId(), PermissionType.ISSUE_VIEW_USERS)
  79.                         && ((owner != null && owner.getId().equals(user.getId())) || (creator != null && creator.getId().equals(user.getId())))
  80.                 )))) {

  82.             return mapping.findForward("unauthorized");
  83.         }

  85.         return null;
  86.     }

  88.     /**
  89.      * read issue id from request
  90.      *
  91.      * @return Integer - issue id or -1 if not in request
  92.      */
  93.     private static Integer getIssueId(HttpServletRequest request) {
  94.         try {
  95.             return Integer.valueOf(request.getParameter("id"));
  96.         } catch (RuntimeException re) {
  97.             if (log.isDebugEnabled()) {
  98.                 log.debug("getIssueId: no issue-id in request, caught", re);
  99.             }
  100.         }
  101.         return -1;
  102.     }

  104.     /**
  105.      * Set the objects in request that are required for ui render
  106.      */
  107.     private static final void setupJspEnv(HttpServletRequest request, Map<IssueActivity, String> activities) {

  109.         Integer issueId = getIssueId(request);
  110.         request.setAttribute("activities", activities);
  111.         request.setAttribute("issueId", issueId);
  112.     }

  114.     /**
  115.      * @param issueService
  116.      * @param request
  117.      * @return
  118.      */
  119.     private static final Map<IssueActivity, String> prepareActivitiesMap(IssueService issueService, HttpServletRequest request) {
  120.         SortedMap<IssueActivity, String> activities = new TreeMap<IssueActivity, String>(AbstractEntity.ID_COMPARATOR);

  122.         Integer issueId = getIssueId(request);
  123.         Iterator<IssueActivity> activityIt = issueService.getIssueActivity(issueId).iterator();
  124.         IssueActivity issueActivity;
  125.         while (activityIt.hasNext()) {
  126.             issueActivity = activityIt.next();
  127.             activities.put(issueActivity, IssueUtilities.getActivityName(issueActivity.getActivityType(),
  128.                     LoginUtilities.getCurrentLocale(request)));
  129.         }

  131.         return activities;

  133.     }

  135. }
Created with JaCoCo 0.8.5.201910111838