Example 1 with PermissionControl
use of net.jforum.security.PermissionControl in project jforum2 by rafaelsteil.
the class GroupAction method permissionsSave.
public void permissionsSave() {
int id = this.request.getIntParameter("id");
GroupSecurityDAO gmodel = DataAccessDriver.getInstance().newGroupSecurityDAO();
PermissionControl pc = new PermissionControl();
pc.setSecurityModel(gmodel);
new PermissionProcessHelper(pc, id).processData();
SecurityRepository.clean();
RolesRepository.clear();
ForumRepository.clearModeratorList();
this.list();
}
Also used :
XMLPermissionControl(net.jforum.security.XMLPermissionControl)
PermissionControl(net.jforum.security.PermissionControl)
GroupSecurityDAO(net.jforum.dao.GroupSecurityDAO)
Example 2 with PermissionControl
use of net.jforum.security.PermissionControl in project jforum2 by rafaelsteil.
the class AdminAction method login.
public void login() {
UserSession us = SessionFacade.getUserSession();
PermissionControl pc = SecurityRepository.get(us.getUserId());
if (!SessionFacade.isLogged() || pc == null || !pc.canAccess(SecurityConstants.PERM_ADMINISTRATION)) {
String returnPath = this.request.getContextPath() + "/admBase/login" + SystemGlobals.getValue(ConfigKeys.SERVLET_EXTENSION);
JForumExecutionContext.setRedirect(this.request.getContextPath() + "/jforum" + SystemGlobals.getValue(ConfigKeys.SERVLET_EXTENSION) + "?module=user&action=login&returnPath=" + returnPath);
} else {
this.setTemplateName(TemplateKeys.ADMIN_INDEX);
}
}
Also used :
PermissionControl(net.jforum.security.PermissionControl)
UserSession(net.jforum.entities.UserSession)
Example 3 with PermissionControl
use of net.jforum.security.PermissionControl in project jforum2 by rafaelsteil.
the class PostAction method list.
public void list() {
PostDAO postDao = DataAccessDriver.getInstance().newPostDAO();
PollDAO pollDao = DataAccessDriver.getInstance().newPollDAO();
TopicDAO topicDao = DataAccessDriver.getInstance().newTopicDAO();
UserSession us = SessionFacade.getUserSession();
int anonymousUser = SystemGlobals.getIntValue(ConfigKeys.ANONYMOUS_USER_ID);
boolean logged = SessionFacade.isLogged();
int topicId = this.request.getIntParameter("topic_id");
Topic topic = TopicRepository.getTopic(new Topic(topicId));
if (topic == null) {
topic = topicDao.selectById(topicId);
}
// The topic exists?
if (topic.getId() == 0) {
this.topicNotFound();
return;
}
// Shall we proceed?
Forum forum = ForumRepository.getForum(topic.getForumId());
if (!logged) {
if (forum == null || !ForumRepository.isCategoryAccessible(forum.getCategoryId())) {
this.setTemplateName(ViewCommon.contextToLogin());
return;
}
} else if (!TopicsCommon.isTopicAccessible(topic.getForumId())) {
return;
}
int count = SystemGlobals.getIntValue(ConfigKeys.POSTS_PER_PAGE);
int start = ViewCommon.getStartPage();
PermissionControl pc = SecurityRepository.get(us.getUserId());
boolean moderatorCanEdit = false;
if (pc.canAccess(SecurityConstants.PERM_MODERATION_POST_EDIT)) {
moderatorCanEdit = true;
}
List helperList = PostCommon.topicPosts(postDao, moderatorCanEdit, us.getUserId(), topic.getId(), start, count);
// Is moderation pending for the topic?
if (topic.isModerated() && helperList.size() == 0) {
this.notModeratedYet();
return;
}
// Set the topic status as read
if (logged) {
topicDao.updateReadStatus(topic.getId(), us.getUserId(), true);
}
boolean canVoteOnPoll = logged && SecurityRepository.canAccess(SecurityConstants.PERM_VOTE);
Poll poll = null;
if (topic.isVote()) {
// It has a poll associated with the topic
poll = pollDao.selectById(topic.getVoteId());
if (canVoteOnPoll) {
canVoteOnPoll = !pollDao.hasUserVotedOnPoll(topic.getVoteId(), us.getUserId());
}
}
topicDao.incrementTotalViews(topic.getId());
topic.setTotalViews(topic.getTotalViews() + 1);
if (us.getUserId() != anonymousUser) {
SessionFacade.getTopicsReadTime().put(new Integer(topic.getId()), new Long(System.currentTimeMillis()));
}
boolean karmaEnabled = SecurityRepository.canAccess(SecurityConstants.PERM_KARMA_ENABLED);
Map userVotes = new HashMap();
if (logged && karmaEnabled) {
userVotes = DataAccessDriver.getInstance().newKarmaDAO().getUserVotes(topic.getId(), us.getUserId());
}
this.setTemplateName(TemplateKeys.POSTS_LIST);
this.context.put("attachmentsEnabled", pc.canAccess(SecurityConstants.PERM_ATTACHMENTS_ENABLED, Integer.toString(topic.getForumId())));
this.context.put("canDownloadAttachments", pc.canAccess(SecurityConstants.PERM_ATTACHMENTS_DOWNLOAD));
this.context.put("thumbShowBox", SystemGlobals.getBoolValue(ConfigKeys.ATTACHMENTS_IMAGES_THUMB_BOX_SHOW));
this.context.put("am", new AttachmentCommon(this.request, topic.getForumId()));
this.context.put("karmaVotes", userVotes);
this.context.put("rssEnabled", SystemGlobals.getBoolValue(ConfigKeys.RSS_ENABLED));
this.context.put("canRemove", pc.canAccess(SecurityConstants.PERM_MODERATION_POST_REMOVE));
this.context.put("moderatorCanEdit", moderatorCanEdit);
this.context.put("allCategories", ForumCommon.getAllCategoriesAndForums(false));
this.context.put("topic", topic);
this.context.put("poll", poll);
this.context.put("canVoteOnPoll", canVoteOnPoll);
this.context.put("rank", new RankingRepository());
this.context.put("posts", helperList);
this.context.put("forum", forum);
this.context.put("karmaMin", new Integer(SystemGlobals.getValue(ConfigKeys.KARMA_MIN_POINTS)));
this.context.put("karmaMax", new Integer(SystemGlobals.getValue(ConfigKeys.KARMA_MAX_POINTS)));
this.context.put("avatarAllowExternalUrl", SystemGlobals.getBoolValue(ConfigKeys.AVATAR_ALLOW_EXTERNAL_URL));
this.context.put("moderationLoggingEnabled", SystemGlobals.getBoolValue(ConfigKeys.MODERATION_LOGGING_ENABLED));
this.context.put("needCaptcha", SystemGlobals.getBoolValue(ConfigKeys.CAPTCHA_POSTS));
Map topicPosters = topicDao.topicPosters(topic.getId());
for (Iterator iter = topicPosters.values().iterator(); iter.hasNext(); ) {
ViewCommon.prepareUserSignature((User) iter.next());
}
this.context.put("users", topicPosters);
this.context.put("anonymousPosts", pc.canAccess(SecurityConstants.PERM_ANONYMOUS_POST, Integer.toString(topic.getForumId())));
this.context.put("watching", topicDao.isUserSubscribed(topicId, SessionFacade.getUserSession().getUserId()));
this.context.put("pageTitle", topic.getTitle());
this.context.put("isAdmin", pc.canAccess(SecurityConstants.PERM_ADMINISTRATION));
this.context.put("readonly", !pc.canAccess(SecurityConstants.PERM_READ_ONLY_FORUMS, Integer.toString(topic.getForumId())));
this.context.put("replyOnly", !pc.canAccess(SecurityConstants.PERM_REPLY_ONLY, Integer.toString(topic.getForumId())));
this.context.put("isModerator", us.isModerator(topic.getForumId()));
ViewCommon.contextToPagination(start, topic.getTotalReplies() + 1, count);
TopicsCommon.topicListingBase();
TopicRepository.updateTopic(topic);
}
Also used :
PermissionControl(net.jforum.security.PermissionControl)
HashMap(java.util.HashMap)
TopicDAO(net.jforum.dao.TopicDAO)
Forum(net.jforum.entities.Forum)
PollDAO(net.jforum.dao.PollDAO)
PostDAO(net.jforum.dao.PostDAO)
UserSession(net.jforum.entities.UserSession)
RankingRepository(net.jforum.repository.RankingRepository)
Iterator(java.util.Iterator)
Poll(net.jforum.entities.Poll)
List(java.util.List)
Topic(net.jforum.entities.Topic)
Map(java.util.Map)
HashMap(java.util.HashMap)
AttachmentCommon(net.jforum.view.forum.common.AttachmentCommon)
Example 4 with PermissionControl
use of net.jforum.security.PermissionControl in project jforum2 by rafaelsteil.
the class PostAction method insertSave.
public void insertSave() {
int forumId = this.request.getIntParameter("forum_id");
boolean firstPost = false;
if (!this.anonymousPost(forumId)) {
return;
}
Topic t = new Topic(-1);
t.setForumId(forumId);
boolean newTopic = (this.request.getParameter("topic_id") == null);
if (!TopicsCommon.isTopicAccessible(t.getForumId()) || this.isForumReadonly(t.getForumId(), newTopic)) {
return;
}
TopicDAO topicDao = DataAccessDriver.getInstance().newTopicDAO();
PostDAO postDao = DataAccessDriver.getInstance().newPostDAO();
PollDAO poolDao = DataAccessDriver.getInstance().newPollDAO();
ForumDAO forumDao = DataAccessDriver.getInstance().newForumDAO();
if (!newTopic) {
int topicId = this.request.getIntParameter("topic_id");
t = TopicRepository.getTopic(new Topic(topicId));
if (t == null) {
t = topicDao.selectById(topicId);
}
// Could not find the topic. The topicId sent was invalid
if (t == null || t.getId() == 0) {
newTopic = true;
} else {
if (!TopicsCommon.isTopicAccessible(t.getForumId())) {
return;
}
// Cannot insert new messages on locked topics
if (t.getStatus() == Topic.STATUS_LOCKED) {
this.topicLocked();
return;
}
}
}
// checking above set the newTopic var to true
if (newTopic) {
if (this.isReplyOnly(forumId)) {
this.replyOnly();
return;
}
if (this.request.getParameter("topic_type") != null) {
t.setType(this.request.getIntParameter("topic_type"));
if (t.getType() != Topic.TYPE_NORMAL && !SecurityRepository.canAccess(SecurityConstants.PERM_CREATE_STICKY_ANNOUNCEMENT_TOPICS)) {
t.setType(Topic.TYPE_NORMAL);
}
}
}
UserSession us = SessionFacade.getUserSession();
User u = DataAccessDriver.getInstance().newUserDAO().selectById(us.getUserId());
if ("1".equals(this.request.getParameter("quick")) && SessionFacade.isLogged()) {
this.request.addParameter("notify", u.isNotifyOnMessagesEnabled() ? "1" : null);
this.request.addParameter("attach_sig", u.getAttachSignatureEnabled() ? "1" : "0");
} else {
u.setId(us.getUserId());
u.setUsername(us.getUsername());
}
// Set the Post
Post p = PostCommon.fillPostFromRequest();
if (p.getText() == null || p.getText().trim().equals("")) {
this.insert();
return;
}
// Check the elapsed time since the last post from the user
int delay = SystemGlobals.getIntValue(ConfigKeys.POSTS_NEW_DELAY);
if (delay > 0) {
Long lastPostTime = (Long) SessionFacade.getAttribute(ConfigKeys.LAST_POST_TIME);
if (lastPostTime != null) {
if (System.currentTimeMillis() < (lastPostTime.longValue() + delay)) {
this.context.put("post", p);
this.context.put("start", this.request.getParameter("start"));
this.context.put("error", I18n.getMessage("PostForm.tooSoon"));
this.insert();
return;
}
}
}
p.setForumId(this.request.getIntParameter("forum_id"));
if (StringUtils.isBlank(p.getSubject())) {
p.setSubject(t.getTitle());
}
boolean needCaptcha = SystemGlobals.getBoolValue(ConfigKeys.CAPTCHA_POSTS) && request.getSessionContext().getAttribute(ConfigKeys.REQUEST_IGNORE_CAPTCHA) == null;
if (needCaptcha) {
if (!us.validateCaptchaResponse(this.request.getParameter("captcha_anwser"))) {
this.context.put("post", p);
this.context.put("start", this.request.getParameter("start"));
this.context.put("error", I18n.getMessage("CaptchaResponseFails"));
this.insert();
return;
}
}
boolean preview = "1".equals(this.request.getParameter("preview"));
if (!preview) {
AttachmentCommon attachments = new AttachmentCommon(this.request, forumId);
try {
attachments.preProcess();
} catch (AttachmentException e) {
JForumExecutionContext.enableRollback();
p.setText(this.request.getParameter("message"));
p.setId(0);
this.context.put("errorMessage", e.getMessage());
this.context.put("post", p);
this.insert();
return;
}
Forum forum = ForumRepository.getForum(forumId);
PermissionControl pc = SecurityRepository.get(us.getUserId());
// Moderators and admins don't need to have their messages moderated
boolean moderate = (forum.isModerated() && !pc.canAccess(SecurityConstants.PERM_MODERATION) && !pc.canAccess(SecurityConstants.PERM_ADMINISTRATION));
if (newTopic) {
t.setTime(new Date());
t.setTitle(this.request.getParameter("subject"));
t.setModerated(moderate);
t.setPostedBy(u);
t.setFirstPostTime(ViewCommon.formatDate(t.getTime()));
int topicId = topicDao.addNew(t);
t.setId(topicId);
firstPost = true;
}
if (!firstPost && pc.canAccess(SecurityConstants.PERM_REPLY_WITHOUT_MODERATION, Integer.toString(t.getForumId()))) {
moderate = false;
}
// Topic watch
if (this.request.getParameter("notify") != null) {
this.watch(topicDao, t.getId(), u.getId());
}
p.setTopicId(t.getId());
// add a poll
Poll poll = PollCommon.fillPollFromRequest();
if (poll != null && newTopic) {
poll.setTopicId(t.getId());
if (poll.getOptions().size() < 2) {
// it is not a valid poll, cancel the post
JForumExecutionContext.enableRollback();
p.setText(this.request.getParameter("message"));
p.setId(0);
this.context.put("errorMessage", I18n.getMessage("PostForm.needMorePollOptions"));
this.context.put("post", p);
this.context.put("poll", poll);
this.insert();
return;
}
poolDao.addNew(poll);
t.setVoteId(poll.getId());
}
// Save the remaining stuff
p.setModerate(moderate);
int postId = postDao.addNew(p);
if (newTopic) {
t.setFirstPostId(postId);
}
if (!moderate) {
t.setLastPostId(postId);
t.setLastPostBy(u);
t.setLastPostDate(p.getTime());
t.setLastPostTime(p.getFormatedTime());
}
topicDao.update(t);
attachments.insertAttachments(p);
if (!moderate) {
StringBuffer path = new StringBuffer(512);
path.append(this.request.getContextPath()).append("/posts/list/");
int start = ViewCommon.getStartPage();
path.append(this.startPage(t, start)).append("/").append(t.getId()).append(SystemGlobals.getValue(ConfigKeys.SERVLET_EXTENSION)).append('#').append(postId);
JForumExecutionContext.setRedirect(path.toString());
if (newTopic) {
// Notify "forum new topic" users
ForumCommon.notifyUsers(forum, t, p);
} else {
t.setTotalReplies(t.getTotalReplies() + 1);
TopicsCommon.notifyUsers(t, p);
}
// Update forum stats, cache and etc
t.setTotalViews(t.getTotalViews() + 1);
DataAccessDriver.getInstance().newUserDAO().incrementPosts(p.getUserId());
TopicsCommon.updateBoardStatus(t, postId, firstPost, topicDao, forumDao);
ForumRepository.updateForumStats(t, u, p);
int anonymousUser = SystemGlobals.getIntValue(ConfigKeys.ANONYMOUS_USER_ID);
if (u.getId() != anonymousUser) {
SessionFacade.getTopicsReadTime().put(new Integer(t.getId()), new Long(p.getTime().getTime()));
}
if (SystemGlobals.getBoolValue(ConfigKeys.POSTS_CACHE_ENABLED)) {
SimpleDateFormat df = new SimpleDateFormat(SystemGlobals.getValue(ConfigKeys.DATE_TIME_FORMAT));
p.setFormatedTime(df.format(p.getTime()));
PostRepository.append(p.getTopicId(), PostCommon.preparePostForDisplay(p));
}
} else {
JForumExecutionContext.setRedirect(this.request.getContextPath() + "/posts/waitingModeration/" + (firstPost ? 0 : t.getId()) + "/" + t.getForumId() + SystemGlobals.getValue(ConfigKeys.SERVLET_EXTENSION));
}
if (delay > 0) {
SessionFacade.setAttribute(ConfigKeys.LAST_POST_TIME, new Long(System.currentTimeMillis()));
}
} else {
this.context.put("preview", true);
this.context.put("post", p);
this.context.put("start", this.request.getParameter("start"));
Post postPreview = new Post(p);
this.context.put("postPreview", PostCommon.preparePostForDisplay(postPreview));
this.insert();
}
}
Also used :
ForumDAO(net.jforum.dao.ForumDAO)
User(net.jforum.entities.User)
PermissionControl(net.jforum.security.PermissionControl)
Post(net.jforum.entities.Post)
TopicDAO(net.jforum.dao.TopicDAO)
Date(java.util.Date)
Forum(net.jforum.entities.Forum)
AttachmentException(net.jforum.exceptions.AttachmentException)
PollDAO(net.jforum.dao.PollDAO)
PostDAO(net.jforum.dao.PostDAO)
UserSession(net.jforum.entities.UserSession)
Poll(net.jforum.entities.Poll)
Topic(net.jforum.entities.Topic)
AttachmentCommon(net.jforum.view.forum.common.AttachmentCommon)
SimpleDateFormat(java.text.SimpleDateFormat)
Example 5 with PermissionControl
use of net.jforum.security.PermissionControl in project jforum2 by rafaelsteil.
the class TopicsCommon method topicListingBase.
/**
* Common properties to be used when showing topic data
*/
public static void topicListingBase() {
SimpleHash context = JForumExecutionContext.getTemplateContext();
// Topic Types
context.put("TOPIC_ANNOUNCE", new Integer(Topic.TYPE_ANNOUNCE));
context.put("TOPIC_STICKY", new Integer(Topic.TYPE_STICKY));
context.put("TOPIC_NORMAL", new Integer(Topic.TYPE_NORMAL));
// Topic Status
context.put("STATUS_LOCKED", new Integer(Topic.STATUS_LOCKED));
context.put("STATUS_UNLOCKED", new Integer(Topic.STATUS_UNLOCKED));
// Moderation
PermissionControl pc = SecurityRepository.get(SessionFacade.getUserSession().getUserId());
context.put("moderator", pc.canAccess(SecurityConstants.PERM_MODERATION));
context.put("can_remove_posts", pc.canAccess(SecurityConstants.PERM_MODERATION_POST_REMOVE));
context.put("can_move_topics", pc.canAccess(SecurityConstants.PERM_MODERATION_TOPIC_MOVE));
context.put("can_lockUnlock_topics", pc.canAccess(SecurityConstants.PERM_MODERATION_TOPIC_LOCK_UNLOCK));
context.put("rssEnabled", SystemGlobals.getBoolValue(ConfigKeys.RSS_ENABLED));
}
Also used :
PermissionControl(net.jforum.security.PermissionControl)
SimpleHash(freemarker.template.SimpleHash)
Aggregations
PermissionControl (net.jforum.security.PermissionControl)11
List (java.util.List)4
GroupSecurityDAO (net.jforum.dao.GroupSecurityDAO)4
ArrayList (java.util.ArrayList)3
Iterator (java.util.Iterator)3
Forum (net.jforum.entities.Forum)3
UserSession (net.jforum.entities.UserSession)3
PollDAO (net.jforum.dao.PollDAO)2
PostDAO (net.jforum.dao.PostDAO)2
TopicDAO (net.jforum.dao.TopicDAO)2
Category (net.jforum.entities.Category)2
Poll (net.jforum.entities.Poll)2
Topic (net.jforum.entities.Topic)2
XMLPermissionControl (net.jforum.security.XMLPermissionControl)2
AttachmentCommon (net.jforum.view.forum.common.AttachmentCommon)2
SimpleHash (freemarker.template.SimpleHash)1
SimpleDateFormat (java.text.SimpleDateFormat)1
Date (java.util.Date)1
HashMap (java.util.HashMap)1
Map (java.util.Map)1
