ViewIssueActivityAction.java

  1. package org.itracker.web.actions.project;

  2. import org.apache.log4j.Logger;
  3. import org.apache.struts.action.ActionForm;
  4. import org.apache.struts.action.ActionForward;
  5. import org.apache.struts.action.ActionMapping;
  6. import org.itracker.model.*;
  7. import org.itracker.model.util.IssueUtilities;
  8. import org.itracker.model.util.UserUtilities;
  9. import org.itracker.services.IssueService;
  10. import org.itracker.web.actions.base.ItrackerBaseAction;
  11. import org.itracker.web.util.LoginUtilities;
  12. import org.itracker.web.util.RequestHelper;
  13. import org.itracker.web.util.ServletContextUtils;

  14. import javax.servlet.http.HttpServletRequest;
  15. import javax.servlet.http.HttpServletResponse;
  16. import java.util.*;

  17. /**
  18.  * @author ranks
  19.  */
  20. public class ViewIssueActivityAction extends ItrackerBaseAction {
  21.     private static final Logger log = Logger
  22.             .getLogger(ViewIssueActivityAction.class);

  23.     /**
  24.      * executes this struts-actions processing
  25.      */
  26.     public ActionForward execute(ActionMapping mapping, ActionForm form,
  27.                                  HttpServletRequest request, HttpServletResponse response)
  28.             throws Exception {
  29.         if (log.isDebugEnabled()) {
  30.             log.debug("execute: called");
  31.         }

  32.         IssueService issueService = ServletContextUtils.getItrackerServices().getIssueService();

  33.         ActionForward ret = checkPermission(request, issueService, mapping);
  34.         if (null != ret) {
  35.             if (log.isDebugEnabled()) {
  36.                 log.debug("checkPermission: user has no permission, forwarding to " + ret);
  37.             }
  38.             return ret;
  39.         }

  40.         Map<IssueActivity, String> activities = prepareActivitiesMap(issueService, request);
  41.         if (log.isDebugEnabled()) {
  42.             log.debug("execute: preparing with activities: " + activities);
  43.         }
  44.         setupJspEnv(request, activities);

  45.         if (log.isDebugEnabled()) {
  46.             log.debug("execute: forwarding to " + mapping.findForward("viewissueactivity"));
  47.         }

  48.         return mapping.findForward("viewissueactivity");
  49.     }

  50.     /**
  51.      * check if user can view the issue-activites for the requested issue
  52.      *
  53.      * @return ActionForward: not-null if access is denied, null if user is granted to see issue activities
  54.      */
  55.     private ActionForward checkPermission(HttpServletRequest request, IssueService issueService, ActionMapping mapping) {
  56.         final Map<Integer, Set<PermissionType>> permissions = RequestHelper
  57.                 .getUserPermissions(request.getSession());

  58.         User user = RequestHelper.getCurrentUser(request.getSession());
  59.         Integer issueId = getIssueId(request);

  60.         Project project = issueService.getIssueProject(issueId);
  61.         User owner = issueService.getIssueOwner(issueId);
  62.         User creator = issueService.getIssueCreator(issueId);

  63.         if ((project == null ||
  64.                 (!UserUtilities.hasPermission(permissions, project.getId(), PermissionType.ISSUE_VIEW_ALL)
  65.                         && !(UserUtilities.hasPermission(permissions, project.getId(), PermissionType.ISSUE_VIEW_USERS)
  66.                         && ((owner != null && owner.getId().equals(user.getId())) || (creator != null && creator.getId().equals(user.getId())))
  67.                 )))) {

  68.             return mapping.findForward("unauthorized");
  69.         }

  70.         return null;
  71.     }

  72.     /**
  73.      * read issue id from request
  74.      *
  75.      * @return Integer - issue id or -1 if not in request
  76.      */
  77.     private static Integer getIssueId(HttpServletRequest request) {
  78.         try {
  79.             return Integer.valueOf(request.getParameter("id"));
  80.         } catch (RuntimeException re) {
  81.             if (log.isDebugEnabled()) {
  82.                 log.debug("getIssueId: no issue-id in request, caught", re);
  83.             }
  84.         }
  85.         return -1;
  86.     }

  87.     /**
  88.      * Set the objects in request that are required for ui render
  89.      */
  90.     private static final void setupJspEnv(HttpServletRequest request, Map<IssueActivity, String> activities) {

  91.         Integer issueId = getIssueId(request);
  92.         request.setAttribute("activities", activities);
  93.         request.setAttribute("issueId", issueId);
  94.     }

  95.     /**
  96.      * @param issueService
  97.      * @param request
  98.      * @return
  99.      */
  100.     private static final Map<IssueActivity, String> prepareActivitiesMap(IssueService issueService, HttpServletRequest request) {
  101.         SortedMap<IssueActivity, String> activities = new TreeMap<IssueActivity, String>(AbstractEntity.ID_COMPARATOR);

  102.         Integer issueId = getIssueId(request);
  103.         Iterator<IssueActivity> activityIt = issueService.getIssueActivity(issueId).iterator();
  104.         IssueActivity issueActivity;
  105.         while (activityIt.hasNext()) {
  106.             issueActivity = activityIt.next();
  107.             activities.put(issueActivity, IssueUtilities.getActivityName(issueActivity.getActivityType(),
  108.                     LoginUtilities.getCurrentLocale(request)));
  109.         }

  110.         return activities;

  111.     }

  112. }