1 package org.itracker.web.actions.project;
2
3 import org.apache.log4j.Logger;
4 import org.apache.struts.action.ActionForm;
5 import org.apache.struts.action.ActionForward;
6 import org.apache.struts.action.ActionMapping;
7 import org.itracker.model.*;
8 import org.itracker.model.util.IssueUtilities;
9 import org.itracker.model.util.UserUtilities;
10 import org.itracker.services.IssueService;
11 import org.itracker.web.actions.base.ItrackerBaseAction;
12 import org.itracker.web.util.LoginUtilities;
13 import org.itracker.web.util.RequestHelper;
14 import org.itracker.web.util.ServletContextUtils;
15
16 import javax.servlet.http.HttpServletRequest;
17 import javax.servlet.http.HttpServletResponse;
18 import java.util.*;
19
20
21
22
23 public class ViewIssueActivityAction extends ItrackerBaseAction {
24 private static final Logger log = Logger
25 .getLogger(ViewIssueActivityAction.class);
26
27
28
29
30 public ActionForward execute(ActionMapping mapping, ActionForm form,
31 HttpServletRequest request, HttpServletResponse response)
32 throws Exception {
33 if (log.isDebugEnabled()) {
34 log.debug("execute: called");
35 }
36
37 IssueService issueService = ServletContextUtils.getItrackerServices().getIssueService();
38
39 ActionForward ret = checkPermission(request, issueService, mapping);
40 if (null != ret) {
41 if (log.isDebugEnabled()) {
42 log.debug("checkPermission: user has no permission, forwarding to " + ret);
43 }
44 return ret;
45 }
46
47 Map<IssueActivity, String> activities = prepareActivitiesMap(issueService, request);
48 if (log.isDebugEnabled()) {
49 log.debug("execute: preparing with activities: " + activities);
50 }
51 setupJspEnv(request, activities);
52
53 if (log.isDebugEnabled()) {
54 log.debug("execute: forwarding to " + mapping.findForward("viewissueactivity"));
55 }
56
57 return mapping.findForward("viewissueactivity");
58 }
59
60
61
62
63
64
65 private ActionForward checkPermission(HttpServletRequest request, IssueService issueService, ActionMapping mapping) {
66 final Map<Integer, Set<PermissionType>> permissions = RequestHelper
67 .getUserPermissions(request.getSession());
68
69 User user = RequestHelper.getCurrentUser(request.getSession());
70 Integer issueId = getIssueId(request);
71
72 Project project = issueService.getIssueProject(issueId);
73 User owner = issueService.getIssueOwner(issueId);
74 User creator = issueService.getIssueCreator(issueId);
75
76 if ((project == null ||
77 (!UserUtilities.hasPermission(permissions, project.getId(), PermissionType.ISSUE_VIEW_ALL)
78 && !(UserUtilities.hasPermission(permissions, project.getId(), PermissionType.ISSUE_VIEW_USERS)
79 && ((owner != null && owner.getId().equals(user.getId())) || (creator != null && creator.getId().equals(user.getId())))
80 )))) {
81
82 return mapping.findForward("unauthorized");
83 }
84
85 return null;
86 }
87
88
89
90
91
92
93 private static Integer getIssueId(HttpServletRequest request) {
94 try {
95 return Integer.valueOf(request.getParameter("id"));
96 } catch (RuntimeException re) {
97 if (log.isDebugEnabled()) {
98 log.debug("getIssueId: no issue-id in request, caught", re);
99 }
100 }
101 return -1;
102 }
103
104
105
106
107 private static final void setupJspEnv(HttpServletRequest request, Map<IssueActivity, String> activities) {
108
109 Integer issueId = getIssueId(request);
110 request.setAttribute("activities", activities);
111 request.setAttribute("issueId", issueId);
112 }
113
114
115
116
117
118
119 private static final Map<IssueActivity, String> prepareActivitiesMap(IssueService issueService, HttpServletRequest request) {
120 SortedMap<IssueActivity, String> activities = new TreeMap<IssueActivity, String>(AbstractEntity.ID_COMPARATOR);
121
122 Integer issueId = getIssueId(request);
123 Iterator<IssueActivity> activityIt = issueService.getIssueActivity(issueId).iterator();
124 IssueActivity issueActivity;
125 while (activityIt.hasNext()) {
126 issueActivity = activityIt.next();
127 activities.put(issueActivity, IssueUtilities.getActivityName(issueActivity.getActivityType(),
128 LoginUtilities.getCurrentLocale(request)));
129 }
130
131 return activities;
132
133 }
134
135 }