Modified: roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/util/UIAction.java URL: http://svn.apache.org/viewvc/roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/util/UIAction.java?rev=598319&r1=598318&r2=598319&view=diff ============================================================================== --- roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/util/UIAction.java (original) +++ roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/util/UIAction.java Mon Nov 26 07:51:43 2007 @@ -22,11 +22,16 @@ import java.text.DateFormat; import java.text.SimpleDateFormat; import java.util.ArrayList; +import java.util.Collections; import java.util.List; +import org.apache.roller.weblogger.business.UserManager; +import org.apache.roller.weblogger.business.WebloggerFactory; import org.apache.roller.weblogger.config.WebloggerConfig; import org.apache.roller.weblogger.config.WebloggerRuntimeConfig; +import org.apache.roller.weblogger.pojos.GlobalPermission; import org.apache.roller.weblogger.pojos.User; import org.apache.roller.weblogger.pojos.Weblog; +import org.apache.roller.weblogger.pojos.WeblogPermission; import org.apache.roller.weblogger.ui.struts2.util.UIUtils; import org.apache.roller.weblogger.ui.core.util.menu.Menu; import org.apache.roller.weblogger.ui.core.util.menu.MenuHelper; @@ -79,24 +84,32 @@ return true; } + // default action permissions, weblog is required public boolean isWeblogRequired() { return true; } - // default action permissions, "editor" role required - public String requiredUserRole() { - return "editor"; + + public List<String> requiredWeblogPermissionActions() { + return Collections.singletonList(WeblogPermission.POST); } - // default action permissions, no perms required - public short requiredWeblogPermissions() { - return -1; + + public List<String> requiredGlobalPermissionActions() { + return Collections.singletonList(GlobalPermission.LOGIN); } + // convenient way to tell if user being dealt with is an admin public boolean isUserIsAdmin() { - return getAuthenticatedUser().hasRole("admin"); + try { + GlobalPermission adminPerm = new GlobalPermission( + Collections.singletonList(GlobalPermission.ADMIN)); + UserManager umgr = WebloggerFactory.getWeblogger().getUserManager(); + return umgr.checkPermission(adminPerm, getAuthenticatedUser()); + } catch (Exception e) {} + return false; }
Modified: roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/util/UIActionInterceptor.java URL: http://svn.apache.org/viewvc/roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/util/UIActionInterceptor.java?rev=598319&r1=598318&r2=598319&view=diff ============================================================================== --- roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/util/UIActionInterceptor.java (original) +++ roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/util/UIActionInterceptor.java Mon Nov 26 07:51:43 2007 @@ -68,8 +68,7 @@ if(!StringUtils.isEmpty(weblogHandle)) { Weblog weblog = null; try { - UserManager mgr = WebloggerFactory.getWeblogger().getUserManager(); - weblog = mgr.getWebsiteByHandle(weblogHandle); + weblog = WebloggerFactory.getWeblogger().getWeblogManager().getWeblogByHandle(weblogHandle); if(weblog != null) { theAction.setActionWeblog(weblog); } Modified: roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/util/UISecurityEnforced.java URL: http://svn.apache.org/viewvc/roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/util/UISecurityEnforced.java?rev=598319&r1=598318&r2=598319&view=diff ============================================================================== --- roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/util/UISecurityEnforced.java (original) +++ roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/util/UISecurityEnforced.java Mon Nov 26 07:51:43 2007 @@ -18,6 +18,8 @@ package org.apache.roller.weblogger.ui.struts2.util; +import java.util.List; + /** * Implemented by struts2 actions which want to enforce some level of security @@ -51,23 +53,13 @@ /** - * What is the required user role, if any? - * - * This method only takes effect if isUserRequired() is 'true'. - * - * @return String The required user role, or null if no role required. + * List of global permission actions required to access resource. */ - public String requiredUserRole(); + public List<String> requiredWeblogPermissionActions(); - /** - * What are the required weblog permissions for this action, if any? - * - * This method only takes effect if both isUserRequired() and isWeblogRequired() - * are 'true'. - * - * @return short The required weblog permissions, or -1 if no permissions required. + /** + * List of weblog permissions required to access action if applicable. */ - public short requiredWeblogPermissions(); - + public List<String> requiredGlobalPermissionActions(); } Modified: roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/util/UISecurityInterceptor.java URL: http://svn.apache.org/viewvc/roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/util/UISecurityInterceptor.java?rev=598319&r1=598318&r2=598319&view=diff ============================================================================== --- roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/util/UISecurityInterceptor.java (original) +++ roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/util/UISecurityInterceptor.java Mon Nov 26 07:51:43 2007 @@ -22,8 +22,12 @@ import com.opensymphony.xwork2.interceptor.AbstractInterceptor; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; +import org.apache.roller.weblogger.business.UserManager; +import org.apache.roller.weblogger.business.WebloggerFactory; +import org.apache.roller.weblogger.pojos.GlobalPermission; import org.apache.roller.weblogger.pojos.User; import org.apache.roller.weblogger.pojos.Weblog; +import org.apache.roller.weblogger.pojos.WeblogPermission; /** @@ -49,7 +53,9 @@ final UISecurityEnforced theAction = (UISecurityEnforced) action; // are we requiring an authenticated user? - if(theAction.isUserRequired()) { + if (theAction.isUserRequired()) { + + UserManager umgr = WebloggerFactory.getWeblogger().getUserManager(); User authenticatedUser = ((UIAction)theAction).getAuthenticatedUser(); if(authenticatedUser == null) { @@ -57,16 +63,18 @@ return "access-denied"; } - // are we also enforcing a specific role? - if(theAction.requiredUserRole() != null) { - if(!authenticatedUser.hasRole(theAction.requiredUserRole())) { - log.debug("DENIED: user does not have role = "+theAction.requiredUserRole()); + // are we also enforcing global permissions? + if (theAction.requiredGlobalPermissionActions() != null + && !theAction.requiredGlobalPermissionActions().isEmpty()) { + GlobalPermission perm = new GlobalPermission(theAction.requiredGlobalPermissionActions()); + if (!umgr.checkPermission(perm, authenticatedUser)) { + log.debug("DENIED: user does not have permission = " + perm.toString()); return "access-denied"; } } // are we requiring a valid action weblog? - if(theAction.isWeblogRequired()) { + if (theAction.isWeblogRequired()) { Weblog actionWeblog = ((UIAction)theAction).getActionWeblog(); if(actionWeblog == null) { @@ -75,12 +83,14 @@ } // are we also enforcing a specific weblog permission? - if(theAction.requiredWeblogPermissions() > -1) { + if (theAction.requiredWeblogPermissionActions() != null + && !theAction.requiredWeblogPermissionActions().isEmpty()) { + WeblogPermission required = new WeblogPermission( + actionWeblog, + theAction.requiredWeblogPermissionActions()); - if(!actionWeblog.hasUserPermissions(authenticatedUser, - theAction.requiredWeblogPermissions())) { - log.debug("DENIED: user does not have required weblog permissions = "+ - theAction.requiredWeblogPermissions()); + if (!umgr.checkPermission(required, authenticatedUser)) { + log.debug("DENIED: user does not have required weblog permissions = "+required); return "access-denied"; } } Modified: roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/util/MailUtil.java URL: http://svn.apache.org/viewvc/roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/util/MailUtil.java?rev=598319&r1=598318&r2=598319&view=diff ============================================================================== --- roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/util/MailUtil.java (original) +++ roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/util/MailUtil.java Mon Nov 26 07:51:43 2007 @@ -42,14 +42,15 @@ import org.apache.roller.weblogger.business.MailProvider; import org.apache.roller.weblogger.business.WebloggerFactory; import org.apache.roller.weblogger.business.UserManager; +import org.apache.roller.weblogger.business.WeblogManager; import org.apache.roller.weblogger.business.startup.WebloggerStartup; import org.apache.roller.weblogger.config.WebloggerConfig; import org.apache.roller.weblogger.config.WebloggerRuntimeConfig; -import org.apache.roller.weblogger.pojos.WeblogPermission; import org.apache.roller.weblogger.pojos.User; import org.apache.roller.weblogger.pojos.WeblogEntry; import org.apache.roller.weblogger.pojos.Weblog; import org.apache.roller.weblogger.pojos.WeblogEntryComment; +import org.apache.roller.weblogger.pojos.WeblogPermission; import org.apache.roller.weblogger.util.RollerMessages.RollerMessage; @@ -85,6 +86,7 @@ try { UserManager umgr = WebloggerFactory.getWeblogger().getUserManager(); + WeblogManager wmgr = WebloggerFactory.getWeblogger().getWeblogManager(); String userName = entry.getCreator().getUserName(); String from = entry.getCreator().getEmailAddress(); @@ -96,16 +98,14 @@ // list of enabled website authors and admins ArrayList reviewers = new ArrayList(); - List websiteUsers = umgr.getUsers( - entry.getWebsite(), Boolean.TRUE, null, null, 0, -1); + List websiteUsers = wmgr.getWeblogUsers(entry.getWebsite(), true); // build list of reviewers (website users with author permission) Iterator websiteUserIter = websiteUsers.iterator(); while (websiteUserIter.hasNext()) { User websiteUser = (User)websiteUserIter.next(); - if (entry.getWebsite().hasUserPermissions( - - websiteUser,WeblogPermission.AUTHOR) + if (entry.getWebsite().hasUserPermission( + websiteUser, WeblogPermission.POST) && websiteUser.getEmailAddress() != null) { reviewers.add(websiteUser.getEmailAddress()); } Modified: roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/util/MediacastUtil.java URL: http://svn.apache.org/viewvc/roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/util/MediacastUtil.java?rev=598319&r1=598318&r2=598319&view=diff ============================================================================== --- roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/util/MediacastUtil.java (original) +++ roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/util/MediacastUtil.java Mon Nov 26 07:51:43 2007 @@ -25,7 +25,7 @@ import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.apache.roller.weblogger.business.WebloggerFactory; -import org.apache.roller.weblogger.business.WeblogManager; +import org.apache.roller.weblogger.business.WeblogEntryManager; /** Modified: roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/util/Utilities.java URL: http://svn.apache.org/viewvc/roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/util/Utilities.java?rev=598319&r1=598318&r2=598319&view=diff ============================================================================== --- roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/util/Utilities.java (original) +++ roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/util/Utilities.java Mon Nov 26 07:51:43 2007 @@ -12,6 +12,7 @@ import java.net.URLDecoder; import java.net.URLEncoder; import java.security.MessageDigest; +import java.util.ArrayList; import java.util.Arrays; import java.util.Collections; import java.util.List; @@ -277,11 +278,7 @@ } //------------------------------------------------------------------------ - /** - * @param stringArray - * @param delim - * @return - */ + /** Convert string array to string with delimeters. */ public static String stringArrayToString(String[] stringArray, String delim) { String ret = ""; for (int i = 0; i < stringArray.length; i++) { @@ -293,8 +290,21 @@ return ret; } + //------------------------------------------------------------------------ + /** Convert string array to string with delimeters. */ + public static String stringListToString(List<String> stringList, String delim) { + String ret = ""; + for (String s : stringList) { + if (ret.length() > 0) + ret = ret + delim + s; + else + ret = s; + } + return ret; + } + //-------------------------------------------------------------------------- - /** Convert string to string array. */ + /** Convert string with delimeters to string array. */ public static String[] stringToStringArray(String instr, String delim) throws NoSuchElementException, NumberFormatException { StringTokenizer toker = new StringTokenizer(instr, delim); @@ -305,6 +315,18 @@ stringArray[i++] = toker.nextToken(); } return stringArray; + } + + //-------------------------------------------------------------------------- + /** Convert string with delimeters to string list. */ + public static List<String> stringToStringList(String instr, String delim) + throws NoSuchElementException, NumberFormatException { + StringTokenizer toker = new StringTokenizer(instr, delim); + List<String> stringList = new ArrayList<String>(); + while (toker.hasMoreTokens()) { + stringList.add(toker.nextToken()); + } + return stringList; } //-------------------------------------------------------------------------- Modified: roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/webservices/adminprotocol/Authenticator.java URL: http://svn.apache.org/viewvc/roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/webservices/adminprotocol/Authenticator.java?rev=598319&r1=598318&r2=598319&view=diff ============================================================================== --- roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/webservices/adminprotocol/Authenticator.java (original) +++ roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/webservices/adminprotocol/Authenticator.java Mon Nov 26 07:51:43 2007 @@ -15,11 +15,14 @@ */ package org.apache.roller.weblogger.webservices.adminprotocol; +import java.util.ArrayList; +import java.util.List; import javax.servlet.http.HttpServletRequest; import org.apache.roller.weblogger.WebloggerException; import org.apache.roller.weblogger.business.Weblogger; import org.apache.roller.weblogger.business.WebloggerFactory; import org.apache.roller.weblogger.business.UserManager; +import org.apache.roller.weblogger.pojos.GlobalPermission; import org.apache.roller.weblogger.pojos.User; import org.apache.roller.weblogger.config.WebloggerConfig; import org.apache.roller.weblogger.util.Utilities; @@ -47,26 +50,32 @@ * implementation of authenticate(). */ protected void verifyUser(String userName, String password) throws HandlerException { - User ud = getUserData(userName); - String realpassword = ud.getPassword(); + try { + User ud = getUserData(userName); + String realpassword = ud.getPassword(); boolean encrypted = Boolean.valueOf(WebloggerConfig.getProperty("passwds.encryption.enabled")); if (encrypted) { password = Utilities.encodePassword(password, WebloggerConfig.getProperty("passwds.encryption.algorithm")); } - if (!userName.trim().equals(ud.getUserName())) { - throw new UnauthorizedException("ERROR: User is not authorized: " + userName); - } - if (!password.trim().equals(realpassword)) { - throw new UnauthorizedException("ERROR: User is not authorized: " + userName); - } - - if (!ud.hasRole("admin")) { + if (!userName.trim().equals(ud.getUserName())) { + throw new UnauthorizedException("ERROR: User is not authorized: " + userName); + } + if (!password.trim().equals(realpassword)) { + throw new UnauthorizedException("ERROR: User is not authorized: " + userName); + } + List<String> adminActions = new ArrayList<String>(); + adminActions.add("admin"); + GlobalPermission adminPerm = new GlobalPermission(ud, adminActions); + if (!WebloggerFactory.getWeblogger().getUserManager().checkPermission(adminPerm, ud)) { + throw new UnauthorizedException("ERROR: User must have the admin role to use the RAP endpoint: " + userName); + } + if (!ud.getEnabled().booleanValue()) { + throw new UnauthorizedException("ERROR: User is disabled: " + userName); + } + } catch (WebloggerException ex) { throw new UnauthorizedException("ERROR: User must have the admin role to use the RAP endpoint: " + userName); - } - if (!ud.getEnabled().booleanValue()) { - throw new UnauthorizedException("ERROR: User is disabled: " + userName); } } Modified: roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/webservices/adminprotocol/Handler.java URL: http://svn.apache.org/viewvc/roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/webservices/adminprotocol/Handler.java?rev=598319&r1=598318&r2=598319&view=diff ============================================================================== --- roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/webservices/adminprotocol/Handler.java (original) +++ roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/webservices/adminprotocol/Handler.java Mon Nov 26 07:51:43 2007 @@ -199,9 +199,9 @@ protected Weblog getWebsiteData(String handle) throws NotFoundException, InternalException { try { - Weblog wd = getRoller().getUserManager().getWebsiteByHandle(handle, Boolean.TRUE); + Weblog wd = getRoller().getWeblogManager().getWeblogByHandle(handle, Boolean.TRUE); if (wd == null) { - wd = getRoller().getUserManager().getWebsiteByHandle(handle, Boolean.FALSE); + wd = getRoller().getWeblogManager().getWeblogByHandle(handle, Boolean.FALSE); } if (wd == null) { throw new NotFoundException("ERROR: Unknown weblog handle: " + handle); Modified: roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/webservices/adminprotocol/RollerMemberHandler.java URL: http://svn.apache.org/viewvc/roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/webservices/adminprotocol/RollerMemberHandler.java?rev=598319&r1=598318&r2=598319&view=diff ============================================================================== --- roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/webservices/adminprotocol/RollerMemberHandler.java (original) +++ roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/webservices/adminprotocol/RollerMemberHandler.java Mon Nov 26 07:51:43 2007 @@ -17,7 +17,6 @@ */ package org.apache.roller.weblogger.webservices.adminprotocol; -import java.io.IOException; import java.io.Reader; import java.util.ArrayList; import java.util.Collections; @@ -25,12 +24,11 @@ import java.util.List; import javax.servlet.http.HttpServletRequest; import org.jdom.Document; -import org.jdom.JDOMException; import org.apache.roller.weblogger.WebloggerException; import org.apache.roller.weblogger.business.UserManager; -import org.apache.roller.weblogger.pojos.WeblogPermission; import org.apache.roller.weblogger.pojos.User; import org.apache.roller.weblogger.pojos.Weblog; +import org.apache.roller.weblogger.pojos.WeblogPermission; import org.apache.roller.weblogger.util.cache.CacheManager; import org.apache.roller.weblogger.webservices.adminprotocol.sdk.Entry; import org.apache.roller.weblogger.webservices.adminprotocol.sdk.EntrySet; @@ -139,17 +137,16 @@ private EntrySet getCollection() throws HandlerException { // get all permissions: for all users, for all websites try { - List users = getRoller().getUserManager().getUsers(null, null, null, null, 0, -1); - List perms = new ArrayList(); + List users = getRoller().getUserManager().getUsers(null, null, null, 0, -1); + List<WeblogPermission> perms = new ArrayList<WeblogPermission>(); for (Iterator i = users.iterator(); i.hasNext(); ) { User user = (User)i.next(); - List permissions = getRoller().getUserManager().getAllPermissions(user); - for (Iterator j = permissions.iterator(); j.hasNext(); ) { - WeblogPermission pd = (WeblogPermission)j.next(); - perms.add(pd); + List<WeblogPermission> permissions = getRoller().getUserManager().getWeblogPermissions(user); + for (WeblogPermission perm : permissions) { + perms.add(perm); } } - EntrySet es = toMemberEntrySet((WeblogPermission[])perms.toArray(new WeblogPermission[0])); + EntrySet es = toMemberEntrySet(perms); return es; } catch (WebloggerException re) { throw new InternalException("ERROR: Could not get member collection", re); @@ -162,14 +159,14 @@ String username = muri.getUsername(); try { - List perms; + List<WeblogPermission> perms; if (username == null) { //get all entries for the given website handle Weblog wd = getWebsiteData(handle); if (wd == null) { throw new NotFoundException("ERROR: Unknown weblog handle: " + handle); } - perms = getRoller().getUserManager().getAllPermissions(wd); + perms = getRoller().getUserManager().getWeblogPermissions(wd); } else { //get all entries for the given website handle & username Weblog wd = getWebsiteData(handle); @@ -180,14 +177,14 @@ if (ud == null) { throw new NotFoundException("ERROR: Unknown user name: " + username); } - WeblogPermission pd = getRoller().getUserManager().getPermissions(wd, ud); + WeblogPermission pd = getRoller().getUserManager().getWeblogPermission(wd, ud); if (pd == null) { throw new NotFoundException("ERROR: Could not get permissions for user name: " + username + ", handle: " + handle); } perms = Collections.singletonList(pd); } - EntrySet es = toMemberEntrySet((WeblogPermission[])perms.toArray(new WeblogPermission[0])); + EntrySet es = toMemberEntrySet(perms); return es; } catch (WebloggerException re) { throw new InternalException("ERROR: Could not get entry for handle: " + handle + ", username: " + username, re); @@ -262,33 +259,32 @@ try { UserManager mgr = getRoller().getUserManager(); - List permissionsDatas= new ArrayList(); + List<WeblogPermission> perms= new ArrayList<WeblogPermission>(); for (int i = 0; i < c.getEntries().length; i++) { MemberEntry entry = (MemberEntry)c.getEntries()[i]; - WeblogPermission pd = toPermissionsData(entry); - mgr.savePermissions(pd); + User ud = getUserData(entry.getName()); + Weblog wd = getWebsiteData(entry.getHandle()); + mgr.grantWeblogPermission(wd, ud, toActionList(entry.getPermission())); getRoller().flush(); - CacheManager.invalidate(pd.getUser()); - CacheManager.invalidate(pd.getWebsite()); - permissionsDatas.add(pd); + CacheManager.invalidate(ud); + CacheManager.invalidate(wd); + + WeblogPermission pd = mgr.getWeblogPermission(wd, ud); + perms.add(pd); } - return toMemberEntrySet((WeblogPermission[])permissionsDatas.toArray(new WeblogPermission[0])); + return toMemberEntrySet(perms); } catch (WebloggerException re) { throw new InternalException("ERROR: Could not create members", re); } } - private WeblogPermission toPermissionsData(MemberEntry entry) throws HandlerException { - User ud = getUserData(entry.getName()); - Weblog wd = getWebsiteData(entry.getHandle()); - WeblogPermission pd = new WeblogPermission(); - pd.setUser(ud); - pd.setWebsite(wd); - pd.setPermissionMask(stringToMask(entry.getPermission())); - pd.setPending(false); - - return pd; + private List<String> toActionList(String perm) throws HandlerException { + List<String> actions = new ArrayList<String>(); + if ("ADMIN".equals(perm)) actions.add(WeblogPermission.ADMIN); + else if ("AUTHOR".equals(perm)) actions.add(WeblogPermission.POST); + else actions.add(WeblogPermission.EDIT_DRAFT); + return actions; } private WeblogPermission getPermissionsData(MemberEntry entry) throws HandlerException { @@ -299,16 +295,16 @@ try { User ud = getUserData(username); Weblog wd = getWebsiteData(handle); - WeblogPermission pd = getRoller().getUserManager().getPermissions(wd, ud); - + WeblogPermission pd = getRoller().getUserManager().getWeblogPermission(wd, ud); return pd; + } catch (WebloggerException re) { throw new InternalException("ERROR: Could not get permissions data for weblog handle: " + handle + ", user name: " + username, re); } } private MemberEntrySet updateMembers(MemberEntrySet c) throws HandlerException { - List permissionsDatas= new ArrayList(); + List<WeblogPermission> permissionsDatas= new ArrayList<WeblogPermission>(); for (int i = 0; i < c.getEntries().length; i++) { MemberEntry entry = (MemberEntry)c.getEntries()[i]; WeblogPermission pd = getPermissionsData(entry); @@ -318,24 +314,23 @@ updatePermissionsData(pd, entry); permissionsDatas.add(pd); } - return toMemberEntrySet((WeblogPermission[])permissionsDatas.toArray(new WeblogPermission[0])); + return toMemberEntrySet(permissionsDatas); } private void updatePermissionsData(WeblogPermission pd, MemberEntry entry) throws HandlerException { // only permission can be updated - if (entry.getPermission() != null) { - pd.setPermissionMask(stringToMask(entry.getPermission())); - } - try { User ud = getUserData(entry.getName()); Weblog wd = getWebsiteData(entry.getHandle()); UserManager mgr = getRoller().getUserManager(); - mgr.savePermissions(pd); + mgr.revokeWeblogPermission(wd, ud, WeblogPermission.ALL_ACTIONS); + mgr.grantWeblogPermission(wd, ud, stringToActionList(entry.getPermission())); + getRoller().flush(); + CacheManager.invalidate(ud); CacheManager.invalidate(wd); } catch (WebloggerException re) { @@ -354,23 +349,19 @@ } try { - WeblogPermission pd = getPermissionsData(handle, username); - - if (pd == null) { - throw new NotFoundException("ERROR: Permissions do not exist for weblog handle: " + handle + ", user name: " + username); - } + Weblog wd = getWebsiteData(handle); + User ud = getUserData(username); + UserManager mgr = getRoller().getUserManager(); - mgr.removePermissions(pd); - getRoller().flush(); + mgr.revokeWeblogPermission(wd, ud, WeblogPermission.ALL_ACTIONS); - User ud = getUserData(username); - CacheManager.invalidate(ud); + getRoller().flush(); - Weblog wd = getWebsiteData(handle); + CacheManager.invalidate(ud); CacheManager.invalidate(wd); // return empty set, entry was deleted - WeblogPermission[] pds = new WeblogPermission[0]; + List<WeblogPermission> pds = new ArrayList<WeblogPermission>(); EntrySet es = toMemberEntrySet(pds); return es; @@ -379,24 +370,28 @@ } } - private MemberEntry toMemberEntry(WeblogPermission pd) { - if (pd == null) { - throw new NullPointerException("ERROR: Null permission data not allowed"); + private MemberEntry toMemberEntry(WeblogPermission pd) throws HandlerException { + try { + if (pd == null) { + throw new NullPointerException("ERROR: Null permission data not allowed"); + } + MemberEntry me = new MemberEntry(pd.getWeblog().getHandle(), pd.getUser().getUserName(), getUrlPrefix()); + me.setPermission(actionsToString(pd)); + return me; + + } catch (WebloggerException ex) { + throw new InternalException("ERROR: getting user or weblog", ex); } - MemberEntry me = new MemberEntry(pd.getWebsite().getHandle(), pd.getUser().getUserName(), getUrlPrefix()); - me.setPermission(maskToString(pd.getPermissionMask())); - - return me; } - private MemberEntrySet toMemberEntrySet(WeblogPermission[] pds) { + + private MemberEntrySet toMemberEntrySet(List<WeblogPermission> pds) throws HandlerException { if (pds == null) { throw new NullPointerException("ERROR: Null permission data not allowed"); } List entries = new ArrayList(); - for (int i = 0; i < pds.length; i++) { - WeblogPermission pd = pds[i]; - Entry entry = toMemberEntry(pd); + for (WeblogPermission perm : pds) { + Entry entry = toMemberEntry(perm); entries.add(entry); } MemberEntrySet mes = new MemberEntrySet(getUrlPrefix()); @@ -405,34 +400,35 @@ return mes; } - private static String maskToString(short mask) { - if (mask == WeblogPermission.ADMIN) { + private static String actionsToString(WeblogPermission perm) { + if (perm.hasAction(WeblogPermission.ADMIN)) { return MemberEntry.Permissions.ADMIN; } - if (mask == WeblogPermission.AUTHOR) { + if (perm.hasAction(WeblogPermission.POST)) { return MemberEntry.Permissions.AUTHOR; } - if (mask == WeblogPermission.LIMITED) { + if (perm.hasAction(WeblogPermission.EDIT_DRAFT)) { return MemberEntry.Permissions.LIMITED; } return null; } - private static short stringToMask(String s) { + private static List<String> stringToActionList(String s) { + List<String> actionList = new ArrayList<String>(); if (s == null) { throw new NullPointerException("ERROR: Null string not allowed"); } if (s.equalsIgnoreCase(MemberEntry.Permissions.ADMIN)) { - return WeblogPermission.ADMIN; + actionList.add(WeblogPermission.ADMIN); } if (s.equalsIgnoreCase(MemberEntry.Permissions.AUTHOR)) { - return WeblogPermission.AUTHOR; + actionList.add(WeblogPermission.POST); } if (s.equalsIgnoreCase(MemberEntry.Permissions.LIMITED)) { - return WeblogPermission.LIMITED; + actionList.add(WeblogPermission.EDIT_DRAFT); } - return 0; + return actionList; } } Modified: roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/webservices/adminprotocol/RollerUserHandler.java URL: http://svn.apache.org/viewvc/roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/webservices/adminprotocol/RollerUserHandler.java?rev=598319&r1=598318&r2=598319&view=diff ============================================================================== --- roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/webservices/adminprotocol/RollerUserHandler.java (original) +++ roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/webservices/adminprotocol/RollerUserHandler.java Mon Nov 26 07:51:43 2007 @@ -87,7 +87,7 @@ private EntrySet getCollection() throws HandlerException { try { - List users = getRoller().getUserManager().getUsers(null, null, null, null, 0, -1); + List users = getRoller().getUserManager().getUsers(null, null, null, 0, -1); if (users == null) { users = java.util.Collections.EMPTY_LIST; } Modified: roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/webservices/adminprotocol/RollerWeblogHandler.java URL: http://svn.apache.org/viewvc/roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/webservices/adminprotocol/RollerWeblogHandler.java?rev=598319&r1=598318&r2=598319&view=diff ============================================================================== --- roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/webservices/adminprotocol/RollerWeblogHandler.java (original) +++ roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/webservices/adminprotocol/RollerWeblogHandler.java Mon Nov 26 07:51:43 2007 @@ -22,7 +22,6 @@ import java.net.MalformedURLException; import java.util.ArrayList; import java.util.HashMap; -import java.util.Iterator; import java.util.List; import java.util.Collections; import java.util.Date; @@ -33,9 +32,10 @@ import org.apache.roller.weblogger.WebloggerException; import org.apache.roller.weblogger.config.WebloggerRuntimeConfig; import org.apache.roller.weblogger.business.UserManager; -import org.apache.roller.weblogger.pojos.WeblogPermission; +import org.apache.roller.weblogger.business.WebloggerFactory; import org.apache.roller.weblogger.pojos.User; import org.apache.roller.weblogger.pojos.Weblog; +import org.apache.roller.weblogger.pojos.WeblogPermission; import org.apache.roller.weblogger.util.cache.CacheManager; import org.apache.roller.weblogger.util.Utilities; import org.apache.roller.weblogger.webservices.adminprotocol.sdk.Entry; @@ -100,7 +100,7 @@ private EntrySet getCollection() throws HandlerException { try { - List users = getRoller().getUserManager().getUsers(null, null, null, null, 0, -1); + List users = getRoller().getUserManager().getUsers(null, null, null, 0, -1); if (users == null) { users = Collections.EMPTY_LIST; } @@ -171,7 +171,7 @@ User user = mgr.getUserByUserName(entry.getCreatingUser()); Weblog wd = new Weblog( entry.getHandle(), - user, + user.getUserName(), entry.getName(), entry.getDescription(), entry.getEmailAddress(), @@ -199,7 +199,7 @@ log.error("ERROR setting default editor page for weblog", ex); } - mgr.addWebsite(wd); + WebloggerFactory.getWeblogger().getWeblogManager().addWeblog(wd); getRoller().flush(); CacheManager.invalidate(wd); websiteDatas.add(wd); @@ -249,8 +249,7 @@ } try { - UserManager mgr = getRoller().getUserManager(); - mgr.saveWebsite(wd); + WebloggerFactory.getWeblogger().getWeblogManager().saveWeblog(wd); getRoller().flush(); CacheManager.invalidate(wd); } catch (WebloggerException re) { @@ -262,13 +261,10 @@ String handle = getUri().getEntryId(); try { - UserManager mgr = getRoller().getUserManager(); - Weblog wd = getWebsiteData(handle); - CacheManager.invalidate(wd); - mgr.removeWebsite(wd); + WebloggerFactory.getWeblogger().getWeblogManager().removeWeblog(wd); getRoller().flush(); // return empty set, object deleted @@ -310,22 +306,25 @@ if (uds == null) { throw new NullPointerException("ERROR: Null user data not allowed"); } - - WeblogEntrySet wes = new WeblogEntrySet(getUrlPrefix()); - List entries = new ArrayList(); - for (int i = 0; i < uds.length; i++) { - User ud = uds[i]; - List permissions = ud.getPermissions(); - for (Iterator j = permissions.iterator(); j.hasNext(); ) { - WeblogPermission pd = (WeblogPermission)j.next(); - Weblog wd = pd.getWebsite(); - WeblogEntry we = toWeblogEntry(wd); - entries.add(we); + try { + UserManager umgr = WebloggerFactory.getWeblogger().getUserManager(); + WeblogEntrySet wes = new WeblogEntrySet(getUrlPrefix()); + List entries = new ArrayList(); + for (int i = 0; i < uds.length; i++) { + User ud = uds[i]; + List<WeblogPermission> perms = umgr.getWeblogPermissions(ud); + for (WeblogPermission perm : perms) { + Weblog wd = perm.getWeblog(); + WeblogEntry we = toWeblogEntry(wd); + entries.add(we); + } } + wes.setEntries((Entry[])entries.toArray(new Entry[0])); + return wes; + + } catch (WebloggerException ex) { + throw new InternalException("ERROR retrieving users weblogs", ex); } - wes.setEntries((Entry[])entries.toArray(new Entry[0])); - - return wes; } private WeblogEntrySet toWeblogEntrySet(Weblog[] wds) throws HandlerException {
