MoveIssueFormAction.java
/*
* This software was designed and created by Jason Carroll.
* Copyright (c) 2002, 2003, 2004 Jason Carroll.
* The author can be reached at jcarroll@cowsultants.com
* ITracker website: http://www.cowsultants.com
* ITracker forums: http://www.cowsultants.com/phpBB/index.php
*
* This program is free software; you can redistribute it and/or modify
* it only under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*/
package org.itracker.web.actions.project;
import org.apache.log4j.Logger;
import org.apache.struts.action.*;
import org.itracker.model.Issue;
import org.itracker.model.PermissionType;
import org.itracker.model.Project;
import org.itracker.model.util.UserUtilities;
import org.itracker.services.IssueService;
import org.itracker.services.ProjectService;
import org.itracker.web.actions.base.ItrackerBaseAction;
import org.itracker.web.forms.MoveIssueForm;
import org.itracker.web.util.RequestHelper;
import org.itracker.web.util.ServletContextUtils;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.util.*;
public class MoveIssueFormAction extends ItrackerBaseAction {
private static final Logger log = Logger.getLogger(MoveIssueFormAction.class);
private static final String UNAUTHORIZED_PAGE = "unauthorized";
private static final String PAGE_TITLE_KEY = "itracker.web.moveissue.title";
public ActionForward execute(ActionMapping mapping, ActionForm form,
HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
ActionMessages errors = new ActionMessages();
request.setAttribute("pageTitleKey", PAGE_TITLE_KEY);
request.setAttribute("pageTitleArg", "itracker.web.generic.unknown");
try {
IssueService issueService = ServletContextUtils.getItrackerServices().getIssueService();
ProjectService projectService = ServletContextUtils.getItrackerServices()
.getProjectService();
Integer issueId = Integer
.valueOf((request.getParameter("id") == null ? "-1"
: (request.getParameter("id"))));
Issue issue = issueService.getIssue(issueId);
if (issue == null) {
errors.add(ActionMessages.GLOBAL_MESSAGE, new ActionMessage(
"itracker.web.error.invalidissue"));
} else {
request.setAttribute("pageTitleArg", issue.getId());
if (errors.isEmpty()) {
if (!isPermissionGranted(request, issue)) {
return mapping.findForward(UNAUTHORIZED_PAGE);
}
List<Project> projects = projectService.getAllAvailableProjects();
if (projects.size() == 0) {
return mapping.findForward(UNAUTHORIZED_PAGE);
}
List<Project> availableProjects = getAvailableProjects(request,
projects, issue);
if (availableProjects.size() == 0) {
errors.add(ActionMessages.GLOBAL_MESSAGE,
new ActionMessage("itracker.web.error.noprojects"));
}
if (errors.isEmpty()) {
setupMoveIssueForm(request, form, issue, availableProjects);
return mapping.getInputForward();
}
}
}
} catch (RuntimeException e) {
log.error("Exception while creating move issue form.", e);
errors.add(ActionMessages.GLOBAL_MESSAGE, new ActionMessage(
"itracker.web.error.system"));
}
if (!errors.isEmpty()) {
saveErrors(request, errors);
}
return mapping.findForward("error");
}
/**
* Sets request attributes and fills MoveIssueForm.
*
* @param request HttpServletRequest.
* @param form ActionForm.
* @param issue issue.
* @param availableProjects list of available projects.
*/
private void setupMoveIssueForm(HttpServletRequest request, ActionForm form, Issue issue, List<Project> availableProjects) {
MoveIssueForm moveIssueForm = (MoveIssueForm) form;
if (moveIssueForm == null) {
moveIssueForm = new MoveIssueForm();
}
moveIssueForm.setIssueId(issue.getId());
moveIssueForm.setCaller(request.getParameter("caller"));
request.setAttribute("moveIssueForm", moveIssueForm);
request.setAttribute("projects", availableProjects);
request.setAttribute("issue", issue);
saveToken(request);
log.info("No errors while moving issue. Forwarding to move issue form.");
}
/**
* Returns list of available projects.
*
* @param request HttpServletRequest.
* @param projects list of all projects.
* @param issue operated issue.
* @return list of available projects.
*/
private List<Project> getAvailableProjects(HttpServletRequest request, List<Project> projects,
Issue issue) {
Map<Integer, Set<PermissionType>> userPermissions = RequestHelper.getUserPermissions(request.getSession());
List<Project> availableProjects = new ArrayList<Project>();
for (int i = 0; i < projects.size(); i++) {
if (projects.get(i).getId() != null
&& !projects.get(i).equals(issue.getProject())) {
if (UserUtilities.hasPermission(userPermissions,
projects.get(i).getId(), new PermissionType[]{
PermissionType.ISSUE_EDIT_ALL,
PermissionType.ISSUE_CREATE})) {
availableProjects.add(projects.get(i));
}
}
}
Collections.sort(availableProjects, new Project.ProjectComparator());
return availableProjects;
}
/**
* Checks permissions.
*
* @param request HttpServletRequest.
* @param issue issue.
* @return true if permission is granted.
*/
private boolean isPermissionGranted(HttpServletRequest request, Issue issue) {
Map<Integer, Set<PermissionType>> userPermissions = RequestHelper.getUserPermissions(request.getSession());
if (!UserUtilities.hasPermission(userPermissions, issue.getProject().getId(), UserUtilities.PERMISSION_EDIT)) {
log.debug("Unauthorized user requested access to move issue for issue "
+ issue.getId());
return false;
}
return true;
}
}