View Javadoc
1   package org.itracker.web.actions.project;
2   
3   import org.apache.log4j.Logger;
4   import org.apache.struts.action.ActionForm;
5   import org.apache.struts.action.ActionForward;
6   import org.apache.struts.action.ActionMapping;
7   import org.itracker.model.*;
8   import org.itracker.model.util.IssueUtilities;
9   import org.itracker.model.util.UserUtilities;
10  import org.itracker.services.IssueService;
11  import org.itracker.web.actions.base.ItrackerBaseAction;
12  import org.itracker.web.util.LoginUtilities;
13  import org.itracker.web.util.RequestHelper;
14  import org.itracker.web.util.ServletContextUtils;
15  
16  import javax.servlet.http.HttpServletRequest;
17  import javax.servlet.http.HttpServletResponse;
18  import java.util.*;
19  
20  /**
21   * @author ranks
22   */
23  public class ViewIssueActivityAction extends ItrackerBaseAction {
24      private static final Logger log = Logger
25              .getLogger(ViewIssueActivityAction.class);
26  
27      /**
28       * executes this struts-actions processing
29       */
30      public ActionForward execute(ActionMapping mapping, ActionForm form,
31                                   HttpServletRequest request, HttpServletResponse response)
32              throws Exception {
33          if (log.isDebugEnabled()) {
34              log.debug("execute: called");
35          }
36  
37          IssueService issueService = ServletContextUtils.getItrackerServices().getIssueService();
38  
39          ActionForward ret = checkPermission(request, issueService, mapping);
40          if (null != ret) {
41              if (log.isDebugEnabled()) {
42                  log.debug("checkPermission: user has no permission, forwarding to " + ret);
43              }
44              return ret;
45          }
46  
47          Map<IssueActivity, String> activities = prepareActivitiesMap(issueService, request);
48          if (log.isDebugEnabled()) {
49              log.debug("execute: preparing with activities: " + activities);
50          }
51          setupJspEnv(request, activities);
52  
53          if (log.isDebugEnabled()) {
54              log.debug("execute: forwarding to " + mapping.findForward("viewissueactivity"));
55          }
56  
57          return mapping.findForward("viewissueactivity");
58      }
59  
60      /**
61       * check if user can view the issue-activites for the requested issue
62       *
63       * @return ActionForward: not-null if access is denied, null if user is granted to see issue activities
64       */
65      private ActionForward checkPermission(HttpServletRequest request, IssueService issueService, ActionMapping mapping) {
66          final Map<Integer, Set<PermissionType>> permissions = RequestHelper
67                  .getUserPermissions(request.getSession());
68  
69          User user = RequestHelper.getCurrentUser(request.getSession());
70          Integer issueId = getIssueId(request);
71  
72          Project project = issueService.getIssueProject(issueId);
73          User owner = issueService.getIssueOwner(issueId);
74          User creator = issueService.getIssueCreator(issueId);
75  
76          if ((project == null ||
77                  (!UserUtilities.hasPermission(permissions, project.getId(), PermissionType.ISSUE_VIEW_ALL)
78                          && !(UserUtilities.hasPermission(permissions, project.getId(), PermissionType.ISSUE_VIEW_USERS)
79                          && ((owner != null && owner.getId().equals(user.getId())) || (creator != null && creator.getId().equals(user.getId())))
80                  )))) {
81  
82              return mapping.findForward("unauthorized");
83          }
84  
85          return null;
86      }
87  
88      /**
89       * read issue id from request
90       *
91       * @return Integer - issue id or -1 if not in request
92       */
93      private static Integer getIssueId(HttpServletRequest request) {
94          try {
95              return Integer.valueOf(request.getParameter("id"));
96          } catch (RuntimeException re) {
97              if (log.isDebugEnabled()) {
98                  log.debug("getIssueId: no issue-id in request, caught", re);
99              }
100         }
101         return -1;
102     }
103 
104     /**
105      * Set the objects in request that are required for ui render
106      */
107     private static final void setupJspEnv(HttpServletRequest request, Map<IssueActivity, String> activities) {
108 
109         Integer issueId = getIssueId(request);
110         request.setAttribute("activities", activities);
111         request.setAttribute("issueId", issueId);
112     }
113 
114     /**
115      * @param issueService
116      * @param request
117      * @return
118      */
119     private static final Map<IssueActivity, String> prepareActivitiesMap(IssueService issueService, HttpServletRequest request) {
120         SortedMap<IssueActivity, String> activities = new TreeMap<IssueActivity, String>(AbstractEntity.ID_COMPARATOR);
121 
122         Integer issueId = getIssueId(request);
123         Iterator<IssueActivity> activityIt = issueService.getIssueActivity(issueId).iterator();
124         IssueActivity issueActivity;
125         while (activityIt.hasNext()) {
126             issueActivity = activityIt.next();
127             activities.put(issueActivity, IssueUtilities.getActivityName(issueActivity.getActivityType(),
128                     LoginUtilities.getCurrentLocale(request)));
129         }
130 
131         return activities;
132 
133     }
134 
135 }