View Javadoc
1   /*
2    * This software was designed and created by Jason Carroll.
3    * Copyright (c) 2002, 2003, 2004 Jason Carroll.
4    * The author can be reached at jcarroll@cowsultants.com
5    * ITracker website: http://www.cowsultants.com
6    * ITracker forums: http://www.cowsultants.com/phpBB/index.php
7    *
8    * This program is free software; you can redistribute it and/or modify
9    * it only under the terms of the GNU General Public License as published by
10   * the Free Software Foundation; either version 2 of the License, or
11   * (at your option) any later version.
12   *
13   * This program is distributed in the hope that it will be useful,
14   * but WITHOUT ANY WARRANTY; without even the implied warranty of
15   * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
16   * GNU General Public License for more details.
17   */
18  
19  package org.itracker.web.actions.project;
20  
21  import org.apache.log4j.Logger;
22  import org.apache.struts.action.*;
23  import org.itracker.model.Issue;
24  import org.itracker.model.PermissionType;
25  import org.itracker.model.Project;
26  import org.itracker.model.util.UserUtilities;
27  import org.itracker.services.IssueService;
28  import org.itracker.services.ProjectService;
29  import org.itracker.web.actions.base.ItrackerBaseAction;
30  import org.itracker.web.forms.MoveIssueForm;
31  import org.itracker.web.util.RequestHelper;
32  import org.itracker.web.util.ServletContextUtils;
33  
34  import javax.servlet.ServletException;
35  import javax.servlet.http.HttpServletRequest;
36  import javax.servlet.http.HttpServletResponse;
37  import java.io.IOException;
38  import java.util.*;
39  
40  public class MoveIssueFormAction extends ItrackerBaseAction {
41  
42      private static final Logger log = Logger.getLogger(MoveIssueFormAction.class);
43  
44      private static final String UNAUTHORIZED_PAGE = "unauthorized";
45      private static final String PAGE_TITLE_KEY = "itracker.web.moveissue.title";
46  
47  
48      public ActionForward execute(ActionMapping mapping, ActionForm form,
49                                   HttpServletRequest request, HttpServletResponse response)
50              throws ServletException, IOException {
51  
52          ActionMessages errors = new ActionMessages();
53          request.setAttribute("pageTitleKey", PAGE_TITLE_KEY);
54          request.setAttribute("pageTitleArg", "itracker.web.generic.unknown");
55  
56          try {
57              IssueService issueService = ServletContextUtils.getItrackerServices().getIssueService();
58              ProjectService projectService = ServletContextUtils.getItrackerServices()
59                      .getProjectService();
60  
61              Integer issueId = Integer
62                      .valueOf((request.getParameter("id") == null ? "-1"
63                              : (request.getParameter("id"))));
64              Issue issue = issueService.getIssue(issueId);
65              if (issue == null) {
66                  errors.add(ActionMessages.GLOBAL_MESSAGE, new ActionMessage(
67                          "itracker.web.error.invalidissue"));
68              } else {
69                  request.setAttribute("pageTitleArg", issue.getId());
70  
71                  if (errors.isEmpty()) {
72                      if (!isPermissionGranted(request, issue)) {
73                          return mapping.findForward(UNAUTHORIZED_PAGE);
74                      }
75  
76                      List<Project> projects = projectService.getAllAvailableProjects();
77                      if (projects.size() == 0) {
78                          return mapping.findForward(UNAUTHORIZED_PAGE);
79                      }
80  
81                      List<Project> availableProjects = getAvailableProjects(request,
82                              projects, issue);
83                      if (availableProjects.size() == 0) {
84                          errors.add(ActionMessages.GLOBAL_MESSAGE,
85                                  new ActionMessage("itracker.web.error.noprojects"));
86                      }
87  
88                      if (errors.isEmpty()) {
89                          setupMoveIssueForm(request, form, issue, availableProjects);
90                          return mapping.getInputForward();
91                      }
92                  }
93              }
94          } catch (RuntimeException e) {
95              log.error("Exception while creating move issue form.", e);
96              errors.add(ActionMessages.GLOBAL_MESSAGE, new ActionMessage(
97                      "itracker.web.error.system"));
98          }
99          if (!errors.isEmpty()) {
100             saveErrors(request, errors);
101         }
102         return mapping.findForward("error");
103     }
104 
105     /**
106      * Sets request attributes and fills MoveIssueForm.
107      *
108      * @param request           HttpServletRequest.
109      * @param form              ActionForm.
110      * @param issue             issue.
111      * @param availableProjects list of available projects.
112      */
113     private void setupMoveIssueForm(HttpServletRequest request, ActionForm form, Issue issue, List<Project> availableProjects) {
114         MoveIssueForm/org/itracker/web/forms/MoveIssueForm.html#MoveIssueForm">MoveIssueForm moveIssueForm = (MoveIssueForm) form;
115         if (moveIssueForm == null) {
116             moveIssueForm = new MoveIssueForm();
117         }
118         moveIssueForm.setIssueId(issue.getId());
119         moveIssueForm.setCaller(request.getParameter("caller"));
120 
121         request.setAttribute("moveIssueForm", moveIssueForm);
122         request.setAttribute("projects", availableProjects);
123         request.setAttribute("issue", issue);
124         saveToken(request);
125         log.info("No errors while moving issue. Forwarding to move issue form.");
126     }
127 
128     /**
129      * Returns list of available projects.
130      *
131      * @param request  HttpServletRequest.
132      * @param projects list of all projects.
133      * @param issue    operated issue.
134      * @return list of available projects.
135      */
136     private List<Project> getAvailableProjects(HttpServletRequest request, List<Project> projects,
137                                                Issue issue) {
138         Map<Integer, Set<PermissionType>> userPermissions = RequestHelper.getUserPermissions(request.getSession());
139         List<Project> availableProjects = new ArrayList<Project>();
140         for (int i = 0; i < projects.size(); i++) {
141             if (projects.get(i).getId() != null
142                     && !projects.get(i).equals(issue.getProject())) {
143                 if (UserUtilities.hasPermission(userPermissions,
144                         projects.get(i).getId(), new PermissionType[]{
145                         PermissionType.ISSUE_EDIT_ALL,
146                         PermissionType.ISSUE_CREATE})) {
147                     availableProjects.add(projects.get(i));
148                 }
149             }
150         }
151         Collections.sort(availableProjects, new Project.ProjectComparator());
152         return availableProjects;
153     }
154 
155     /**
156      * Checks permissions.
157      *
158      * @param request HttpServletRequest.
159      * @param issue   issue.
160      * @return true if permission is granted.
161      */
162     private boolean isPermissionGranted(HttpServletRequest request, Issue issue) {
163         Map<Integer, Set<PermissionType>> userPermissions = RequestHelper.getUserPermissions(request.getSession());
164 
165         if (!UserUtilities.hasPermission(userPermissions, issue.getProject().getId(), UserUtilities.PERMISSION_EDIT)) {
166             log.debug("Unauthorized user requested access to move issue for issue "
167                     + issue.getId());
168             return false;
169         }
170         return true;
171     }
172 }