WorkItem: 4012 Read Only finally works!

betelgeuse · Mar 20, 2012 · 6fc099f · 6fc099f
1 parent d00653d
commit 6fc099f
Show file tree

Hide file tree

Showing 8 changed files with 51 additions and 27 deletions.
diff --git a/conf/applicationContext-security.xml b/conf/applicationContext-security.xml
@@ -18,8 +18,8 @@
 		<security:filter-chain-map path-type="ant">
 		  <security:filter-chain filters="remoteServicesFilter" pattern="/rs/**"/>
 		  <security:filter-chain filters="readonlyFilter" pattern="/token/*"/>
-<!-- 		  <security:filter-chain filters="readonlyFilter" pattern="/RO*"/> -->
-<!--  		  <security:filter-chain filters="readonlyFilter" pattern="/ajax/RO*"/> -->
+<!-- 	  <security:filter-chain filters="readonlyFilter" pattern="/RO*"/> -->
+  		  <security:filter-chain filters="readonlyFilter" pattern="/ajax/RO*"/> 
 		  <security:filter-chain
         filters="httpSessionContextIntegrationFilter,securityContextHolderAwareRequestFilter,rememberMeProcessingFilter,anonymousProcessingFilter,ajaxExceptionTranslationFilter,filterInvocationInterceptor"
         pattern="/ajax/**"/>
@@ -137,8 +137,6 @@
 				/newpassword.action=IS_AUTHENTICATED_ANONYMOUSLY
 				/generatenewpassword.action=IS_AUTHENTICATED_ANONYMOUSLY
 				/ro*=IS_AUTHENTICATED_ANONYMOUSLY
-				/jsp/inc/iterationmetrics.jsp=IS_AUTHENTICATED_ANONYMOUSLY
-				/jsp/fragments/iterationmingledhistory.jsp=IS_AUTHENTICATED_ANONYMOUSLY
 				/static/**=IS_AUTHENTICATED_ANONYMOUSLY
 				/**=IS_AUTHENTICATED_REMEMBERED
 				<!-- /showReadOnlyIteration.action?**=IS_AUTHENTICATED_ANONYMOUSLY -->

diff --git a/src/fi/hut/soberit/agilefant/readonly/ReadonlyFilter.java b/src/fi/hut/soberit/agilefant/readonly/ReadonlyFilter.java
@@ -37,11 +37,13 @@ public void doFilter(ServletRequest request, ServletResponse response,
 
         // Create a Data Access Object instance and open a Hibernate session.
         IterationDAOHibernate iterationDao = new IterationDAOHibernate();
+        UserDAOHibernate userDao = new UserDAOHibernate();
 
         SessionFactory sessionFactory;
         try {
             sessionFactory = (SessionFactory) new InitialContext().lookup("hibernateSessionFactory");
             iterationDao.setSessionFactory(sessionFactory);
+            userDao.setSessionFactory(sessionFactory);
         } catch (NamingException e) {
             e.printStackTrace();
             return;
@@ -56,9 +58,17 @@ public void doFilter(ServletRequest request, ServletResponse response,
             session.close();
             resp.sendRedirect("/agilefant/ROIteration.action?readonlyToken=" + token);
         } else if (reqt.getRequestURL().toString().contains("ROIteration")) {
-            //do nothing
-            System.out.println("Here");
+            session.disconnect();
+            session.close();
+
+            //log in read only user
+            User user = userDao.getByLoginName("readonly");
+            SecurityUtil.setLoggedUser(user);
+            chain.doFilter(request, response);
         } else {
+            session.disconnect();
+            session.close();
+
             // Token is not valid, so redirect to login page.
             resp.sendRedirect("/agilefant/login.jsp");
         }

diff --git a/src/fi/hut/soberit/agilefant/security/SecurityUtil.java b/src/fi/hut/soberit/agilefant/security/SecurityUtil.java
@@ -53,6 +53,7 @@ public static int getLoggedUserId() throws IllegalStateException {
 
             return ud.getUserId();
         } catch(ClassCastException cce){
+            //log in read only user
             SessionFactory sessionFactory = null;
             UserDAOHibernate userDao = new UserDAOHibernate();
 
@@ -71,8 +72,6 @@ public static int getLoggedUserId() throws IllegalStateException {
 
             return user.getId();
         }
-
-        //return -1;
     }
 
     /**

diff --git a/src/fi/hut/soberit/agilefant/web/AuthorizationInterceptor.java b/src/fi/hut/soberit/agilefant/web/AuthorizationInterceptor.java
@@ -2,12 +2,10 @@
 
 import java.util.Collection;
 import java.util.Iterator;
-import java.util.Map;
 
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Component;
 
-import com.opensymphony.xwork2.ActionContext;
 import com.opensymphony.xwork2.ActionInvocation;
 import com.opensymphony.xwork2.interceptor.Interceptor;
 
@@ -32,12 +30,15 @@ public void destroy() {}
 
     @Override
     public void init() {}
+
+    private static int readOnlyId = -1;
 
     @Override
     public String intercept(ActionInvocation invocation) throws Exception {
         Object action = invocation.getAction();
         boolean accessDenied = false;
 
+        //check read only user permissions
         User currentUser = SecurityUtil.getLoggedUser();
         if(!(action instanceof ROIterationAction 
                 || action instanceof ChartAction
@@ -47,15 +48,33 @@ public String intercept(ActionInvocation invocation) throws Exception {
                 && currentUser.getLoginName().equals("readonly")){
 
             return "login";
-        } else if(action instanceof ROIterationAction 
+        } else if((action instanceof ROIterationAction 
                 || action instanceof ChartAction
                 || action instanceof IterationAction
                 || action instanceof IterationHistoryAction
-                || action instanceof StoryAction){
+                || action instanceof StoryAction)
+                && currentUser.getLoginName().equals("readonly")){
 
-            //TODO FINNUCKS: check that the id's match for ChartAction
-            //int id = iterationBusiness.retreiveIterationByReadonlyToken(readonlyToken);
-            return invocation.invoke();
+            //TODO FINNUCKS: this causes an exception
+            /*int id = -99;
+            if(action instanceof ROIterationAction){
+                readOnlyId = ((ROIterationAction)action).getIteration().getId();
+                return invocation.invoke();
+            } else if(action instanceof IterationAction){
+                id = ((IterationAction) action).getIterationId();
+            } else if(action instanceof IterationHistoryAction){
+                id = ((IterationHistoryAction) action).getIterationId();
+            } else if(action instanceof StoryAction){
+                id = ((StoryAction) action).getIterationId();
+            } else if(action instanceof ChartAction){
+                id = ((ChartAction) action).getBacklogId();
+            }
+            
+            if(id != readOnlyId){
+                return "noauth";
+            } else {*/
+                return invocation.invoke();
+            //}
         }
 
         //matrix authorizations

diff --git a/src/fi/hut/soberit/agilefant/web/ChartAction.java b/src/fi/hut/soberit/agilefant/web/ChartAction.java
@@ -118,6 +118,10 @@ public InputStream getInputStream() {
         return new ByteArrayInputStream(result);
     }
 
+    public int getBacklogId() {
+        return backlogId;
+    }
+
     /* AUTOGENERATED */
 
     public void setBacklogId(int backlogId) {

diff --git a/src/fi/hut/soberit/agilefant/web/ROIterationAction.java b/src/fi/hut/soberit/agilefant/web/ROIterationAction.java
@@ -37,7 +37,6 @@ public String fetchROIterationData() {
 
     @Override
     public String execute() {
-
         return Action.SUCCESS;
     }
 

diff --git a/src/fi/hut/soberit/agilefant/web/RefreshUserInterceptor.java b/src/fi/hut/soberit/agilefant/web/RefreshUserInterceptor.java
@@ -64,7 +64,9 @@ public String intercept(ActionInvocation invocation) throws Exception {
             return "";
         }
 
-        //TODO FINNUCKS: this logs out a current user on one of these actions and sets it to the read only user
+        //TODO FINNUCKS: this logs out a current user on one of 
+        //these actions and sets it to the read only user.
+        //Need to check ID and ... ?
         if(action instanceof ROIterationAction || (isUnderReadOnlyAction && (
                 action instanceof ChartAction
                 || action instanceof IterationAction
@@ -89,7 +91,6 @@ public String intercept(ActionInvocation invocation) throws Exception {
 
             SecurityUtil.setLoggedUser(user);
 
-            //TODO FINNUCKS: This JSON is totally messed up and causing auto-fresh, most likely
             //push current user to the value stack
             invocation.getStack().set("currentUser", user);
             invocation.getStack().set("currentUserJson", new JSONSerializer().serialize(user));

diff --git a/web/WEB-INF/tags/structure/structure.tag b/web/WEB-INF/tags/structure/structure.tag
@@ -61,15 +61,9 @@
   $.ajaxSetup({
     traditional: true, //force jquery back to < 1.4 series style data serialization
     dataFilter: function(data, type) {
-      //request.getRequestURL() doesn't work here
-      /*if(request.getRequestURL().toString().contains("ROIteration")){
-    	  //TODO FINNUCKS: do something here...
-    	  return "{}";
-      } else {*/
-	      if (data === "AGILEFANT_AUTHENTICATION_ERROR") {
-	       // window.location.reload(); 
-	      }
-     // }
+      if (data === "AGILEFANT_AUTHENTICATION_ERROR") {
+      	window.location.reload(); 
+      }
       return data;
     },
     error: function(xhr,status,error) {