Skip to content

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also compare across forks.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also compare across forks.
...
  • 2 commits
  • 9 files changed
  • 0 commit comments
  • 1 contributor
Commits on Feb 12, 2012
Rafael Steil Fixed a bug in security annotation that was preventing it for properl…
…y enforcing the rules
93f717b
Rafael Steil Private messages are working 49abe09
View
4 src/main/java/net/jforum/actions/interceptors/ControllerSecurityInterceptor.java
@@ -33,11 +33,11 @@ public ControllerSecurityInterceptor(HttpServletRequest request, Result result,
@Override
protected SecurityConstraint getAnnotation(ResourceMethod method) {
- return method.getResource().getClass().getAnnotation(SecurityConstraint.class);
+ return method.getResource().getType().getAnnotation(SecurityConstraint.class);
}
@Override
protected boolean isAnnotationPresent(ResourceMethod method) {
- return method.getResource().getClass().isAnnotationPresent(SecurityConstraint.class);
+ return method.getResource().getType().isAnnotationPresent(SecurityConstraint.class);
}
}
View
6 src/main/java/net/jforum/controllers/MessageController.java
@@ -39,7 +39,7 @@ public MessageController(I18n i18n, Result result) {
*/
public void accessDenied() {
this.result.include("message", this.i18n.getMessage("Message.accessDenied"));
- this.result.forwardTo(Actions.MESSAGE);
+ result.of(this).message();
}
public void message() {
@@ -55,7 +55,7 @@ public void message() {
public void topicWaitingModeration(int forumId) {
this.result.include("message", this.i18n.getFormattedMessage(
"PostShow.waitingModeration", URLBuilder.build(Domain.FORUMS, Actions.SHOW, forumId)));
- this.result.forwardTo(Actions.MESSAGE);
+ result.of(this).message();
}
/**
@@ -67,6 +67,6 @@ public void topicWaitingModeration(int forumId) {
public void replyWaitingModeration(int topicId) {
this.result.include("message", this.i18n.getFormattedMessage("PostShow.waitingModeration",
URLBuilder.build(Domain.TOPICS, Actions.LIST, topicId)));
- this.result.forwardTo(Actions.MESSAGE);
+ result.of(this).message();
}
}
View
95 src/main/java/net/jforum/controllers/PrivateMessageController.java
@@ -45,9 +45,7 @@
*/
@Resource
@Path(Domain.PRIVATE_MESSAGES)
-@SecurityConstraint(multiRoles = {
- @Role(value = AuthenticatedRule.class, displayLogin = true),
- @Role(PrivateMessageEnabledRule.class) })
+@SecurityConstraint(multiRoles = { @Role(value = AuthenticatedRule.class, displayLogin = true), @Role(PrivateMessageEnabledRule.class) })
public class PrivateMessageController {
private PrivateMessageRepository repository;
private UserRepository userRepository;
@@ -55,9 +53,8 @@
private final Result result;
private final UserSession userSession;
- public PrivateMessageController(PrivateMessageRepository repository,
- UserRepository userRepository, PrivateMessageService service,
- Result result, UserSession userSession) {
+ public PrivateMessageController(PrivateMessageRepository repository, UserRepository userRepository,
+ PrivateMessageService service, Result result, UserSession userSession) {
this.repository = repository;
this.userRepository = userRepository;
this.service = service;
@@ -65,23 +62,24 @@ public PrivateMessageController(PrivateMessageRepository repository,
this.userSession = userSession;
}
+ public void messages() {
+
+ }
+
/**
* Delete a set of private message
*
- * @param ids
- * the id of the messages to delete
+ * @param ids the id of the messages to delete
*/
public void delete(int... ids) {
- this.service
- .delete(this.userSession.getUser(), ids);
+ this.service.delete(this.userSession.getUser(), ids);
this.result.redirectTo(Actions.INBOX);
}
/**
* Shows the page to review a private message while writing a reply
*
- * @param id
- * the id of the message being replied
+ * @param id the id of the message being replied
*/
@SecurityConstraint(PrivateMessageOwnerRule.class)
public void review(int id) {
@@ -93,8 +91,7 @@ public void review(int id) {
/**
* Shows the page to quote a private message
*
- * @param id
- * the id of the message
+ * @param id the id of the message
*/
@SecurityConstraint(PrivateMessageOwnerRule.class)
public void quote(int id) {
@@ -109,26 +106,25 @@ public void quote(int id) {
/**
* Shows the page to reply a private message
*
- * @param id
- * the id of the message to reply
+ * @param id the id of the message to reply
*/
@SecurityConstraint(PrivateMessageOwnerRule.class)
public void reply(int id) {
PrivateMessage pm = this.repository.get(id);
- this.send();
-
this.result.include("pm", pm);
this.result.include("isPrivateMessageReply", true);
+
+ this.send();
}
/**
* Shows the page to read a specific message
*
- * @param id
- * the message id
+ * @param id the message id
*/
@SecurityConstraint(PrivateMessageOwnerRule.class)
+ @Path("/read/{id}")
public void read(int id) {
PrivateMessage pm = this.repository.get(id);
@@ -145,28 +141,20 @@ public void read(int id) {
*/
public void sent() {
User user = this.userSession.getUser();
- this.result.include("privateMessages",
- this.repository.getFromSentBox(user));
+ this.result.include("privateMessages", this.repository.getFromSentBox(user));
this.result.include("sentbox", true);
- this.result.forwardTo(Actions.MESSAGES);
+ result.of(this).messages();
}
/**
* Send a private message to some user
*
- * @param post
- * the subject and the text
- * @param options
- * formatting options
- * @param toUsername
- * recipient username, only necessary if <code>toUserId</code>
- * not set
- * @param toUserId
- * recipient id, only necessary if <code>toUsername</code> not
- * set
+ * @param post the subject and the text
+ * @param options formatting options
+ * @param toUsername recipient username, only necessary if <code>toUserId</code> not set
+ * @param toUserId recipient id, only necessary if <code>toUsername</code> not set
*/
- public void sendSave(Post post, PostFormOptions options, String toUsername,
- int toUserId) {
+ public void sendSave(Post post, PostFormOptions options, String toUsername, int toUserId) {
User toUser = this.findToUser(toUserId, toUsername);
if (toUser == null || !this.canSendMessageTo(toUser)) {
@@ -184,20 +172,17 @@ public void sendSave(Post post, PostFormOptions options, String toUsername,
ActionUtils.definePrivateMessageOptions(pm, options);
this.service.send(pm);
-
this.result.redirectTo(Actions.INBOX);
}
/**
* Shows the page to search for users
*
- * @param username
- * if set, search for this username
+ * @param username if set, search for this username
*/
public void findUser(String username) {
if (!StringUtils.isEmpty(username)) {
- RoleManager roleManager = this.userSession
- .getRoleManager();
+ RoleManager roleManager = this.userSession.getRoleManager();
if (roleManager.getCanOnlyContactModerators()) {
List<User> users = this.userRepository.findByUserName(username);
@@ -207,23 +192,19 @@ public void findUser(String username) {
RoleManager roles = new RoleManager();
roles.setGroups(user.getGroups());
- if (roles.isModerator() || roles.isAdministrator()
- || roles.isCoAdministrator()) {
+ if (roles.isModerator() || roles.isAdministrator() || roles.isCoAdministrator()) {
result.add(user);
}
}
this.result.include("users", result);
- } else {
- if (roleManager
- .roleExists(SecurityConstants.INTERACT_OTHER_GROUPS)) {
- this.result.include("users",
- this.userRepository.findByUserName(username));
+ }
+ else {
+ if (roleManager.roleExists(SecurityConstants.INTERACT_OTHER_GROUPS)) {
+ this.result.include("users", this.userRepository.findByUserName(username));
} else {
- User currentUser = this.userSession
- .getUser();
- this.result.include("users", this.userRepository
- .findByUserName(username, currentUser.getGroups()));
+ User currentUser = this.userSession.getUser();
+ this.result.include("users", this.userRepository.findByUserName(username, currentUser.getGroups()));
}
}
}
@@ -240,7 +221,6 @@ public void send() {
this.result.include("attachmentsEnabled", false);
this.result.include("user", this.userSession.getUser());
- // TODO pass zero?
this.result.forwardTo(TopicController.class).add(0);
}
@@ -276,8 +256,7 @@ private boolean canSendMessageTo(User toUser) {
RoleManager roles = new RoleManager();
roles.setGroups(toUser.getGroups());
- return roles.isModerator() || roles.isAdministrator()
- || roles.isCoAdministrator();
+ return roles.isModerator() || roles.isAdministrator() || roles.isCoAdministrator();
}
return true;
@@ -293,13 +272,11 @@ private boolean canSendMessageTo(User toUser) {
public void inbox() {
User user = this.userSession.getUser();
this.result.include("inbox", true);
- this.result.include("privateMessages",
- this.repository.getFromInbox(user));
- this.result.forwardTo(Actions.MESSAGES);
+ this.result.include("privateMessages", this.repository.getFromInbox(user));
+ result.of(this).messages();
}
private User findToUser(int userId, String username) {
- return userId == 0 ? this.userRepository.getByUsername(username)
- : this.userRepository.get(userId);
+ return userId == 0 ? this.userRepository.getByUsername(username) : this.userRepository.get(userId);
}
}
View
0 ...pp/templates/default/messages/message.jsp → webapp/templates/default/message/message.jsp
File renamed without changes.
View
2 webapp/templates/default/pm/findUser.jsp → ...lates/default/privateMessage/findUser.jsp
@@ -23,7 +23,7 @@ function chooseUsername() {
}
</script>
-<form action="<jforum:url address="/jforum"/>?module=pm&action=findUser" method="post" name="search" id="search" accept-charset="${encoding}">
+<form action="<jforum:url address="/pm/findUser"/>" method="post" name="search" id="search" accept-charset="${encoding}">
<table cellspacing="0" cellpadding="10" width="100%" border="0">
<tr>
<td>
View
4 webapp/templates/default/pm/messages.jsp → ...lates/default/privateMessage/messages.jsp
@@ -76,7 +76,7 @@
<br clear="all" />
- <form action="<jforum:url address='/jforum'/>?module=pm&action=delete" method="post" name="privmsgs" id="privmsgs">
+ <form action="<jforum:url address='/pm/delete'/>" method="post" name="privmsgs" id="privmsgs">
<table cellspacing="2" cellpadding="2" width="100%" align="center" border="0">
<tbody>
@@ -122,7 +122,7 @@
<tr>
<td class="row1" valign="middle" align="center" width="5%">
<c:choose>
- <c:when test="${pm.new}">
+ <c:when test="${pm.isNew$}">
<img src="<jforum:templateResource item="/images/folder_new.gif"/>" alt="New Folder" />
</c:when>
<c:otherwise>
View
8 webapp/templates/default/pm/read.jsp → ...templates/default/privateMessage/read.jsp
@@ -28,11 +28,11 @@
<br clear="all" />
- <form action="<jforum:url address='/jforum'/>?module=pm&action=delete" method="post">
+ <form action="<jforum:url address='/pm/delete'/>" method="post">
<table cellspacing="2" cellpadding="2" width="100%" border="0">
<tbody>
<tr>
- <td valign="middle"><a href="<jforum:url address='/pm/reply/${pm.id}'/>" class="icon_reply"><img src="<c:url value='/images/transp.gif'/>" alt="" /></a>
+ <td valign="middle"><a href="<jforum:url address='/pm/reply?id=${pm.id}'/>" class="icon_reply"><img src="<c:url value='/images/transp.gif'/>" alt="" /></a>
</td>
<td width="100%">
<span class="nav">&nbsp;<a class="nav" href="<jforum:url address='/forums/list'/>"><jforum:i18n key='ForumListing.forumIndex'/></a></span>
@@ -61,7 +61,7 @@
<td class="row2" width="10%"><span class="genmed"><jforum:i18n key='PrivateMessage.subject'/>:</span></td>
<td class="row2"><span class="genmed">${post.subject}</span></td>
<td class="row2" nowrap="nowrap" align="right">
- <a href="<jforum:url address='/pm/quote/${pm.id}'/>" class="icon_quote"><img src="<c:url value='/images/transp.gif'/>" alt="" /></a>
+ <a href="<jforum:url address='/pm/quote?id=${pm.id}'/>" class="icon_quote"><img src="<c:url value='/images/transp.gif'/>" alt="" /></a>
</td>
</tr>
<tr>
@@ -88,7 +88,7 @@
<table cellspacing="2" cellpadding="2" width="100%" align="center" border="0">
<tbody>
<tr>
- <td><a href="<jforum:url address='/pm/reply/${pm.id}'/>" class="icon_reply"><img src="<c:url value='/images/transp.gif'/>" alt="" /></a></td>
+ <td><a href="<jforum:url address='/pm/reply?id=${pm.id}'/>" class="icon_reply"><img src="<c:url value='/images/transp.gif'/>" alt="" /></a></td>
</tr>
</tbody>
</table>
View
0 webapp/templates/default/pm/review.jsp → ...mplates/default/privateMessage/review.jsp
File renamed without changes.
View
0 webapp/templates/default/pm/sendToDenied.jsp → ...s/default/privateMessage/sendToDenied.jsp
File renamed without changes.

No commit comments for this range

Something went wrong with that request. Please try again.