File Source: RollerMemberHandler.java
/*
P/P * Method: org.apache.roller.weblogger.webservices.adminprotocol.RollerMemberHandler__static_init
*/
1 /*
2 * Licensed to the Apache Software Foundation (ASF) under one or more
3 * contributor license agreements. The ASF licenses this file to You
4 * under the Apache License, Version 2.0 (the "License"); you may not
5 * use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License. For additional information regarding
15 * copyright in this work, please see the NOTICE file in the top level
16 * directory of this distribution.
17 */
18 package org.apache.roller.weblogger.webservices.adminprotocol;
19
20 import java.io.IOException;
21 import java.io.Reader;
22 import java.util.ArrayList;
23 import java.util.Collections;
24 import java.util.Iterator;
25 import java.util.List;
26 import javax.servlet.http.HttpServletRequest;
27 import org.jdom.Document;
28 import org.jdom.JDOMException;
29 import org.apache.roller.weblogger.WebloggerException;
30 import org.apache.roller.weblogger.business.UserManager;
31 import org.apache.roller.weblogger.pojos.WeblogPermission;
32 import org.apache.roller.weblogger.pojos.User;
33 import org.apache.roller.weblogger.pojos.Weblog;
34 import org.apache.roller.weblogger.util.cache.CacheManager;
35 import org.apache.roller.weblogger.webservices.adminprotocol.sdk.Entry;
36 import org.apache.roller.weblogger.webservices.adminprotocol.sdk.EntrySet;
37 import org.apache.roller.weblogger.webservices.adminprotocol.sdk.MemberEntry;
38 import org.apache.roller.weblogger.webservices.adminprotocol.sdk.MemberEntrySet;
39 import org.apache.roller.weblogger.webservices.adminprotocol.sdk.UnexpectedRootElementException;
40
41 /**
42 * This class handles requests concerning Roller weblog membership (groups).
43 */
44 class RollerMemberHandler extends Handler {
45 static class MemberURI extends URI {
46 private String username;
47 private String handle;
48
49 public MemberURI(HttpServletRequest req) throws BadRequestException {
/*
P/P * Method: void org.apache.roller.weblogger.webservices.adminprotocol.RollerMemberHandler$MemberURI(HttpServletRequest)
*
* Preconditions:
* req != null
* (soft) org/apache/roller/weblogger/webservices/adminprotocol/Handler$URI.PATHINFO_PATTERN != null
*
* Postconditions:
* init'ed(this.entryId)
* this.handle == null
* init'ed(this.type)
* init'ed(this.username)
*/
50 super(req);
51 String entryId = getEntryId();
52 if (entryId == null) {
53 username = null;
54 handle = null;
55 } else {
56 String[] entryIds = entryId.split("/");
+ 57 if (entryIds == null || entryIds.length == 0) {
58 throw new BadRequestException("ERROR: Invalid path info: " + req.getPathInfo());
59 }
+ 60 handle = entryIds[0];
+ 61 if (entryIds.length > 1) {
+ 62 username = entryIds[1];
63 }
64 }
65 }
66
67 public boolean hasUsername() {
/*
P/P * Method: bool hasUsername()
*
* Preconditions:
* init'ed(this.username)
*
* Postconditions:
* init'ed(return_value)
*/
68 return getUsername() != null;
69 }
70
71 public String getUsername() {
/*
P/P * Method: String getUsername()
*
* Preconditions:
* init'ed(this.username)
*
* Postconditions:
* return_value == this.username
* init'ed(return_value)
*/
72 return username;
73 }
74
75 private void setUsername(String username) {
/*
P/P * Method: void setUsername(String)
*
* Postconditions:
* this.username == username
* init'ed(this.username)
*/
76 this.username = username;
77 }
78
79 public String getHandle() {
/*
P/P * Method: String getHandle()
*
* Preconditions:
* init'ed(this.handle)
*
* Postconditions:
* return_value == this.handle
* init'ed(return_value)
*/
80 return handle;
81 }
82
83 private void setHandle(String handle) {
/*
P/P * Method: void setHandle(String)
*
* Postconditions:
* this.handle == handle
* init'ed(this.handle)
*/
84 this.handle = handle;
85 }
86 }
87
88 private URI memberUri;
89
90 public RollerMemberHandler(HttpServletRequest request) throws HandlerException {
/*
P/P * Method: void org.apache.roller.weblogger.webservices.adminprotocol.RollerMemberHandler(HttpServletRequest)
*
* Preconditions:
* request != null
* (soft) org/apache/roller/weblogger/webservices/adminprotocol/Handler$URI.PATHINFO_PATTERN != null
*
* Postconditions:
* init'ed(java.lang.String:substring(...)._tainted)
* java.lang.StringBuilder:toString(...)._tainted == 0
* this.memberUri == &new RollerMemberHandler$MemberURI(RollerMemberHandler#1)
* this.request == request
* this.request != null
* init'ed(this.roller)
* this.uri == &new Handler$URI(Handler#1)
* this.urlPrefix == &java.lang.StringBuilder:toString(...)
* this.userName == One-of{null, &java.lang.String:substring(...)}
* this.userName in Addr_Set{null,&java.lang.String:substring(...)}
* ...
*/
91 super(request);
92 memberUri = new MemberURI(request);
93 }
94
95 protected EntrySet getEntrySet(Document d) throws UnexpectedRootElementException {
/*
P/P * Method: EntrySet getEntrySet(Document)
*
* Preconditions:
* d != null
* init'ed(this.urlPrefix)
*
* Postconditions:
* init'ed(java.lang.StringBuilder:toString(...)._tainted)
* return_value == &new MemberEntrySet(getEntrySet#1)
* new MemberEntrySet(getEntrySet#1) num objects == 1
* init'ed(return_value.entries)
* return_value.href == &java.lang.StringBuilder:toString(...)
*/
96 return new MemberEntrySet(d, getUrlPrefix());
97 }
98
99 protected URI getUri() {
/*
P/P * Method: Handler$URI getUri()
*
* Preconditions:
* init'ed(this.memberUri)
*
* Postconditions:
* return_value == this.memberUri
* init'ed(return_value)
*/
100 return memberUri;
101 }
102
103 public EntrySet processGet() throws HandlerException {
/*
P/P * Method: EntrySet processGet()
*
* Preconditions:
* this.memberUri != null
* init'ed(this.memberUri.entryId)
* this.roller != null
* init'ed(this.urlPrefix)
* (soft) init'ed(this.memberUri.handle)
* (soft) this.memberUri.type != null
* (soft) init'ed(this.memberUri.username)
*
* Postconditions:
* init'ed(java.lang.StringBuilder:toString(...)._tainted)
* return_value == &new MemberEntrySet(toMemberEntrySet#2)
* new MemberEntrySet(toMemberEntrySet#2) num objects == 1
* possibly_updated(new MemberEntrySet(toMemberEntrySet#2).entries)
* possibly_updated(new MemberEntrySet(toMemberEntrySet#2).href)
*
* Test Vectors:
* !(this.memberUri.entryId == null) | (this.memberUri.type == null & this.memberUri.entryId == null): {1}, {0}
* !(this.memberUri.type == null) & this.memberUri.entryId == null: {0}, {1}
* this.memberUri.entryId: Inverse{null}, Addr_Set{null}
*/
104 if (getUri().isCollection()) {
105 return getCollection();
106 } else if (getUri().isEntry()) {
107 return getEntry();
108 } else {
109 throw new BadRequestException("ERROR: Unknown GET URI type");
110 }
111 }
112
113 public EntrySet processPost(Reader r) throws HandlerException {
/*
P/P * Method: EntrySet processPost(Reader)
*
* Preconditions:
* this.memberUri != null
* this.memberUri.entryId == null
* (soft) this.memberUri.type != null
*
* Postconditions:
* java.lang.StringBuilder:toString(...)._tainted == 0
* init'ed(return_value)
* new MemberEntrySet(toMemberEntrySet#2) num objects == undefined
* new MemberEntrySet(toMemberEntrySet#2) num objects == 0, if init'ed
* new MemberEntrySet(toMemberEntrySet#2).entries == undefined
* new MemberEntrySet(toMemberEntrySet#2).entries == null
* new MemberEntrySet(toMemberEntrySet#2).href == new MemberEntrySet(toMemberEntrySet#2).entries
*/
114 if (getUri().isCollection()) {
115 return postCollection(r);
116 } else {
117 throw new BadRequestException("ERROR: Unknown POST URI type");
118 }
119 }
120
121 public EntrySet processPut(Reader r) throws HandlerException {
/*
P/P * Method: EntrySet processPut(Reader)
*
* Preconditions:
* this.memberUri != null
* init'ed(this.memberUri.entryId)
* (soft) this.memberUri.type != null
*
* Postconditions:
* java.lang.StringBuilder:toString(...)._tainted == 0
* init'ed(return_value)
* new MemberEntrySet(toMemberEntrySet#2) num objects == undefined
* new MemberEntrySet(toMemberEntrySet#2) num objects == 0, if init'ed
* new MemberEntrySet(toMemberEntrySet#2).entries == undefined
* new MemberEntrySet(toMemberEntrySet#2).entries == null
* new MemberEntrySet(toMemberEntrySet#2).href == new MemberEntrySet(toMemberEntrySet#2).entries
*
* Test Vectors:
* !(this.memberUri.entryId == null) | (this.memberUri.type == null & this.memberUri.entryId == null): {1}, {0}
* !(this.memberUri.type == null) & this.memberUri.entryId == null: {0}, {1}
* this.memberUri.entryId: Inverse{null}, Addr_Set{null}
*/
122 if (getUri().isCollection()) {
123 return putCollection(r);
124 } else if (getUri().isEntry()) {
125 return putEntry(r);
126 } else {
127 throw new BadRequestException("ERROR: Unknown PUT URI type");
128 }
129 }
130
131 public EntrySet processDelete() throws HandlerException {
/*
P/P * Method: EntrySet processDelete()
*
* Preconditions:
* this.memberUri != null
* this.memberUri.entryId != null
* init'ed(this.memberUri.handle)
* this.memberUri.username != null
* this.roller != null
* init'ed(this.urlPrefix)
* (soft) this.memberUri.type != null
*
* Postconditions:
* init'ed(java.lang.StringBuilder:toString(...)._tainted)
* return_value == &new MemberEntrySet(toMemberEntrySet#2)
* new MemberEntrySet(toMemberEntrySet#2) num objects == 1
* init'ed(new MemberEntrySet(toMemberEntrySet#2).entries)
* new MemberEntrySet(toMemberEntrySet#2).href == &java.lang.StringBuilder:toString(...)
*/
132 if (getUri().isEntry()) {
133 return deleteEntry();
134 } else {
135 throw new BadRequestException("ERROR: Unknown DELETE URI type");
136 }
137 }
138
139 private EntrySet getCollection() throws HandlerException {
140 // get all permissions: for all users, for all websites
141 try {
/*
P/P * Method: EntrySet getCollection()
*
* Preconditions:
* this.roller != null
* init'ed(this.urlPrefix)
*
* Presumptions:
* java.util.List:toArray(...).length@152 <= 232-1
* java.util.List:toArray(...)@152 != null
* org.apache.roller.weblogger.business.UserManager:getAllPermissions(...)@146 != null
* org.apache.roller.weblogger.business.UserManager:getUsers(...)@142 != null
* org.apache.roller.weblogger.business.Weblogger:getUserManager(...)@142 != null
* ...
*
* Postconditions:
* init'ed(java.lang.StringBuilder:toString(...)._tainted)
* return_value == &new MemberEntrySet(toMemberEntrySet#2)
* new MemberEntrySet(toMemberEntrySet#2) num objects == 1
* init'ed(new MemberEntrySet(toMemberEntrySet#2).entries)
* new MemberEntrySet(toMemberEntrySet#2).href == &java.lang.StringBuilder:toString(...)
*
* Test Vectors:
* java.util.Iterator:hasNext(...)@144: {0}, {1}
* java.util.Iterator:hasNext(...)@147: {0}, {1}
*/
142 List users = getRoller().getUserManager().getUsers(null, null, null, null, 0, -1);
143 List perms = new ArrayList();
144 for (Iterator i = users.iterator(); i.hasNext(); ) {
145 User user = (User)i.next();
146 List permissions = getRoller().getUserManager().getAllPermissions(user);
147 for (Iterator j = permissions.iterator(); j.hasNext(); ) {
148 WeblogPermission pd = (WeblogPermission)j.next();
149 perms.add(pd);
150 }
151 }
152 EntrySet es = toMemberEntrySet((WeblogPermission[])perms.toArray(new WeblogPermission[0]));
153 return es;
154 } catch (WebloggerException re) {
155 throw new InternalException("ERROR: Could not get member collection", re);
156 }
157 }
158
159 private EntrySet getEntry() throws HandlerException {
/*
P/P * Method: EntrySet getEntry()
*
* Preconditions:
* this.memberUri != null
* init'ed(this.memberUri.handle)
* init'ed(this.memberUri.username)
* this.roller != null
* init'ed(this.urlPrefix)
*
* Presumptions:
* java.util.Collections:singletonList(...)@187 != null
* java.util.List:toArray(...).length@190 <= 232-1
* java.util.List:toArray(...)@190 != null
* org.apache.roller.weblogger.business.UserManager:getAllPermissions(...)@172 != null
* org.apache.roller.weblogger.business.UserManager:getPermissions(...)@183 != null
* ...
*
* Postconditions:
* init'ed(java.lang.StringBuilder:toString(...)._tainted)
* return_value == &new MemberEntrySet(toMemberEntrySet#2)
* new MemberEntrySet(toMemberEntrySet#2) num objects == 1
* init'ed(new MemberEntrySet(toMemberEntrySet#2).entries)
* new MemberEntrySet(toMemberEntrySet#2).href == &java.lang.StringBuilder:toString(...)
*
* Test Vectors:
* this.memberUri.username: Inverse{null}, Addr_Set{null}
*/
160 MemberURI muri = (MemberURI)getUri();
161 String handle = muri.getHandle();
162 String username = muri.getUsername();
163
164 try {
165 List perms;
166 if (username == null) {
167 //get all entries for the given website handle
168 Weblog wd = getWebsiteData(handle);
169 if (wd == null) {
170 throw new NotFoundException("ERROR: Unknown weblog handle: " + handle);
171 }
172 perms = getRoller().getUserManager().getAllPermissions(wd);
173 } else {
174 //get all entries for the given website handle & username
175 Weblog wd = getWebsiteData(handle);
176 if (wd == null) {
177 throw new NotFoundException("ERROR: Unknown weblog handle: " + handle);
178 }
179 User ud = getUserData(username);
180 if (ud == null) {
181 throw new NotFoundException("ERROR: Unknown user name: " + username);
182 }
183 WeblogPermission pd = getRoller().getUserManager().getPermissions(wd, ud);
184 if (pd == null) {
185 throw new NotFoundException("ERROR: Could not get permissions for user name: " + username + ", handle: " + handle);
186 }
187 perms = Collections.singletonList(pd);
188 }
189
190 EntrySet es = toMemberEntrySet((WeblogPermission[])perms.toArray(new WeblogPermission[0]));
191 return es;
192 } catch (WebloggerException re) {
193 throw new InternalException("ERROR: Could not get entry for handle: " + handle + ", username: " + username, re);
194 }
195 }
196
197 private EntrySet postCollection(Reader r) throws HandlerException {
/*
P/P * Method: EntrySet postCollection(Reader)
*
* Preconditions:
* this.roller != null
* init'ed(this.urlPrefix)
*
* Presumptions:
* c.entries@198 != null
* c.entries@199 != null
* java.util.List:size(...)@82 != 0
*
* Postconditions:
* init'ed(java.lang.StringBuilder:toString(...)._tainted)
* return_value == &new MemberEntrySet(toMemberEntrySet#2)
* new MemberEntrySet(getEntrySet#1*) num objects == 1
* init'ed(new MemberEntrySet(getEntrySet#1*).entries)
* init'ed(new MemberEntrySet(getEntrySet#1*).href)
* new MemberEntrySet(toMemberEntrySet#2) num objects == 1
* init'ed(new MemberEntrySet(toMemberEntrySet#2).entries)
* new MemberEntrySet(toMemberEntrySet#2).href == &java.lang.StringBuilder:toString(...)
* new UserEntrySet(getEntrySet#1*) num objects == 0
* init'ed(new UserEntrySet(getEntrySet#1*).entries)
* ...
*/
198 EntrySet c = getEntrySet(r);
+ 199 if (c.isEmpty()) {
200 throw new BadRequestException("ERROR: No entries");
201 }
202 c = createMembers((MemberEntrySet)c);
203
204 return c;
205 }
206
207 private EntrySet putCollection(Reader r) throws HandlerException {
/*
P/P * Method: EntrySet putCollection(Reader)
*
* Preconditions:
* init'ed(this.urlPrefix)
* (soft) this.roller != null
*
* Presumptions:
* c.entries@208 != null
* c.entries@209 != null
* java.util.List:size(...)@82 != 0
*
* Postconditions:
* init'ed(java.lang.StringBuilder:toString(...)._tainted)
* return_value == &new MemberEntrySet(toMemberEntrySet#2)
* new MemberEntrySet(getEntrySet#1*) num objects == 1
* init'ed(new MemberEntrySet(getEntrySet#1*).entries)
* init'ed(new MemberEntrySet(getEntrySet#1*).href)
* new MemberEntrySet(toMemberEntrySet#2) num objects == 1
* init'ed(new MemberEntrySet(toMemberEntrySet#2).entries)
* new MemberEntrySet(toMemberEntrySet#2).href == &java.lang.StringBuilder:toString(...)
* new UserEntrySet(getEntrySet#1*) num objects == 0
* init'ed(new UserEntrySet(getEntrySet#1*).entries)
* ...
*/
208 EntrySet c = getEntrySet(r);
+ 209 if (c.isEmpty()) {
210 throw new BadRequestException("ERROR: No entries");
211 }
212 c = updateMembers((MemberEntrySet)c);
213
214 return c;
215 }
216
217 private EntrySet putEntry(Reader r) throws HandlerException {
/*
P/P * Method: EntrySet putEntry(Reader)
*
* Preconditions:
* this.memberUri != null
* init'ed(this.memberUri.handle)
* init'ed(this.memberUri.username)
* init'ed(this.urlPrefix)
* (soft) this.roller != null
*
* Presumptions:
* c.entries@218 != null
* c.entries@219 != null
* c.entries@222 != null
* c.entries@228 != null
* getEntries(...).length@222 <= 1
* ...
*
* Postconditions:
* init'ed(java.lang.StringBuilder:toString(...)._tainted)
* return_value == &new MemberEntrySet(toMemberEntrySet#2)
* new MemberEntrySet(getEntrySet#1*) num objects == 1
* init'ed(new MemberEntrySet(getEntrySet#1*).entries)
* init'ed(new MemberEntrySet(getEntrySet#1*).href)
* new MemberEntrySet(toMemberEntrySet#2) num objects == 1
* init'ed(new MemberEntrySet(toMemberEntrySet#2).entries)
* new MemberEntrySet(toMemberEntrySet#2).href == &java.lang.StringBuilder:toString(...)
* new UserEntrySet(getEntrySet#1*) num objects == 0
* init'ed(new UserEntrySet(getEntrySet#1*).entries)
* ...
*
* Test Vectors:
* this.memberUri.username: Addr_Set{null}, Inverse{null}
*/
218 EntrySet c = getEntrySet(r);
+ 219 if (c.isEmpty()) {
220 throw new BadRequestException("ERROR: No entries");
221 }
222 if (c.getEntries().length > 1) {
223 throw new BadRequestException("ERROR: Cannot put >1 entries per request");
224 }
225
226 // only one entry
227 // if there's zero entries, this is a nop
228 MemberEntry entry = (MemberEntry)c.getEntries()[0];
229
230 MemberURI muri = (MemberURI)getUri();
231
232 // get handle
233 // if there's no handle in the entry, set it
234 // if the entry and URI handles do not match, exception
235 String handle = muri.getHandle();
+ 236 if (entry.getHandle() == null) {
+ 237 entry.setHandle(handle);
+ 238 } else if (!entry.getHandle().equals(handle)) {
239 throw new BadRequestException("ERROR: URI and entry handle do not match");
240 }
241
242 // get username
243 // if there's no name in the entry or the URI, exception
244 // if there's no name in the entry, set it
245 // if the names in the entry and URI do not match, exception
246 String username = muri.getUsername();
+ 247 if (entry.getName() == null) {
+ 248 if (username == null) {
249 throw new BadRequestException("ERROR: No user name in URI or entry");
250 }
+ 251 entry.setName(username);
+ 252 } else if (username != null && !entry.getName().equals(username)) {
253 throw new BadRequestException("ERROR: URI and entry user name do not match");
254 }
255
256 c = updateMembers((MemberEntrySet)c);
257
258 return c;
259 }
260
261 private MemberEntrySet createMembers(MemberEntrySet c) throws HandlerException {
262 try {
/*
P/P * Method: MemberEntrySet createMembers(MemberEntrySet)
*
* Preconditions:
* c != null
* c.entries != null
* this.roller != null
* init'ed(this.urlPrefix)
*
* Presumptions:
* getEntries(...).length@266 <= 232-1
* getEntries(...).length@267 in range
* getEntries(...).length@266 <= getEntries(...).length@267
* java.util.List:toArray(...).length@275 <= 232-1
* java.util.List:toArray(...)@275 != null
* ...
*
* Postconditions:
* init'ed(java.lang.StringBuilder:toString(...)._tainted)
* return_value == &new MemberEntrySet(toMemberEntrySet#2)
* new MemberEntrySet(toMemberEntrySet#2) num objects == 1
* init'ed(new MemberEntrySet(toMemberEntrySet#2).entries)
* new MemberEntrySet(toMemberEntrySet#2).href == &java.lang.StringBuilder:toString(...)
*/
263 UserManager mgr = getRoller().getUserManager();
264
265 List permissionsDatas= new ArrayList();
266 for (int i = 0; i < c.getEntries().length; i++) {
267 MemberEntry entry = (MemberEntry)c.getEntries()[i];
+ 268 WeblogPermission pd = toPermissionsData(entry);
269 mgr.savePermissions(pd);
270 getRoller().flush();
271 CacheManager.invalidate(pd.getUser());
272 CacheManager.invalidate(pd.getWebsite());
273 permissionsDatas.add(pd);
274 }
275 return toMemberEntrySet((WeblogPermission[])permissionsDatas.toArray(new WeblogPermission[0]));
276
277 } catch (WebloggerException re) {
278 throw new InternalException("ERROR: Could not create members", re);
279 }
280 }
281
282 private WeblogPermission toPermissionsData(MemberEntry entry) throws HandlerException {
/*
P/P * Method: WeblogPermission toPermissionsData(MemberEntry)
*
* Preconditions:
* entry != null
* init'ed(entry.handle)
* init'ed(entry.name)
* entry.permission != null
* this.roller != null
*
* Postconditions:
* return_value == &new WeblogPermission(toPermissionsData#1)
* new WeblogPermission(toPermissionsData#1) num objects == 1
*/
283 User ud = getUserData(entry.getName());
284 Weblog wd = getWebsiteData(entry.getHandle());
285 WeblogPermission pd = new WeblogPermission();
286 pd.setUser(ud);
287 pd.setWebsite(wd);
288 pd.setPermissionMask(stringToMask(entry.getPermission()));
289 pd.setPending(false);
290
291 return pd;
292 }
293
294 private WeblogPermission getPermissionsData(MemberEntry entry) throws HandlerException {
/*
P/P * Method: WeblogPermission getPermissionsData(MemberEntry)
*
* Preconditions:
* entry != null
* init'ed(entry.handle)
* init'ed(entry.name)
* this.roller != null
*
* Postconditions:
* init'ed(return_value)
*/
295 return getPermissionsData(entry.getHandle(), entry.getName());
296 }
297
298 private WeblogPermission getPermissionsData(String handle, String username) throws HandlerException {
299 try {
/*
P/P * Method: WeblogPermission getPermissionsData(String, String)
*
* Preconditions:
* this.roller != null
*
* Presumptions:
* org.apache.roller.weblogger.business.Weblogger:getUserManager(...)@302 != null
*
* Postconditions:
* init'ed(return_value)
*/
300 User ud = getUserData(username);
301 Weblog wd = getWebsiteData(handle);
302 WeblogPermission pd = getRoller().getUserManager().getPermissions(wd, ud);
303
304 return pd;
305 } catch (WebloggerException re) {
306 throw new InternalException("ERROR: Could not get permissions data for weblog handle: " + handle + ", user name: " + username, re);
307 }
308 }
309
310 private MemberEntrySet updateMembers(MemberEntrySet c) throws HandlerException {
/*
P/P * Method: MemberEntrySet updateMembers(MemberEntrySet)
*
* Preconditions:
* c != null
* c.entries != null
* init'ed(this.urlPrefix)
* (soft) this.roller != null
*
* Presumptions:
* getEntries(...).length@312 <= 232-1
* getEntries(...).length@312 <= getEntries(...).length@313
* java.util.List:toArray(...).length@321 <= 232-1
* java.util.List:toArray(...)@321 != null
* java.util.List:toArray(...)@72 != null
* ...
*
* Postconditions:
* init'ed(java.lang.StringBuilder:toString(...)._tainted)
* return_value == &new MemberEntrySet(toMemberEntrySet#2)
* new MemberEntrySet(toMemberEntrySet#2) num objects == 1
* init'ed(new MemberEntrySet(toMemberEntrySet#2).entries)
* new MemberEntrySet(toMemberEntrySet#2).href == &java.lang.StringBuilder:toString(...)
*/
311 List permissionsDatas= new ArrayList();
312 for (int i = 0; i < c.getEntries().length; i++) {
313 MemberEntry entry = (MemberEntry)c.getEntries()[i];
+ 314 WeblogPermission pd = getPermissionsData(entry);
315 if (pd == null) {
316 throw new NotFoundException("ERROR: Permissions do not exist for weblog handle: " + entry.getHandle() + ", user name: " + entry.getName());
317 }
+ 318 updatePermissionsData(pd, entry);
319 permissionsDatas.add(pd);
320 }
321 return toMemberEntrySet((WeblogPermission[])permissionsDatas.toArray(new WeblogPermission[0]));
322 }
323
324
325 private void updatePermissionsData(WeblogPermission pd, MemberEntry entry) throws HandlerException {
326 // only permission can be updated
327
/*
P/P * Method: void updatePermissionsData(WeblogPermission, MemberEntry)
*
* Preconditions:
* entry != null
* init'ed(entry.handle)
* init'ed(entry.name)
* init'ed(entry.permission)
* this.roller != null
* (soft) pd != null
*
* Presumptions:
* org.apache.roller.weblogger.business.Weblogger:getUserManager(...)@336 != null
*
* Test Vectors:
* entry.permission: Addr_Set{null}, Inverse{null}
*/
328 if (entry.getPermission() != null) {
329 pd.setPermissionMask(stringToMask(entry.getPermission()));
330 }
331
332 try {
333 User ud = getUserData(entry.getName());
334 Weblog wd = getWebsiteData(entry.getHandle());
335
336 UserManager mgr = getRoller().getUserManager();
337 mgr.savePermissions(pd);
338 getRoller().flush();
339 CacheManager.invalidate(ud);
340 CacheManager.invalidate(wd);
341 } catch (WebloggerException re) {
342 throw new InternalException("ERROR: Could not update permissions data", re);
343 }
344 }
345
346 private EntrySet deleteEntry() throws HandlerException {
/*
P/P * Method: EntrySet deleteEntry()
*
* Preconditions:
* this.memberUri != null
* init'ed(this.memberUri.handle)
* this.memberUri.username != null
* this.roller != null
* init'ed(this.urlPrefix)
*
* Presumptions:
* org.apache.roller.weblogger.business.UserManager:getPermissions(...)@302 != null
* org.apache.roller.weblogger.business.Weblogger:getUserManager(...)@362 != null
*
* Postconditions:
* init'ed(java.lang.StringBuilder:toString(...)._tainted)
* return_value == &new MemberEntrySet(toMemberEntrySet#2)
* new MemberEntrySet(toMemberEntrySet#2) num objects == 1
* init'ed(new MemberEntrySet(toMemberEntrySet#2).entries)
* new MemberEntrySet(toMemberEntrySet#2).href == &java.lang.StringBuilder:toString(...)
*/
347 MemberURI muri = (MemberURI)getUri();
348
349 String handle = muri.getHandle();
350 String username = muri.getUsername();
351
352 if (username == null) {
353 throw new BadRequestException("ERROR: No user name supplied in URI");
354 }
355
356 try {
357 WeblogPermission pd = getPermissionsData(handle, username);
358
359 if (pd == null) {
360 throw new NotFoundException("ERROR: Permissions do not exist for weblog handle: " + handle + ", user name: " + username);
361 }
362 UserManager mgr = getRoller().getUserManager();
363 mgr.removePermissions(pd);
364 getRoller().flush();
365
366 User ud = getUserData(username);
367 CacheManager.invalidate(ud);
368
369 Weblog wd = getWebsiteData(handle);
370 CacheManager.invalidate(wd);
371
372 // return empty set, entry was deleted
373 WeblogPermission[] pds = new WeblogPermission[0];
374 EntrySet es = toMemberEntrySet(pds);
375 return es;
376
377 } catch (WebloggerException re) {
378 throw new InternalException("ERROR: Could not delete entry", re);
379 }
380 }
381
382 private MemberEntry toMemberEntry(WeblogPermission pd) {
/*
P/P * Method: MemberEntry toMemberEntry(WeblogPermission)
*
* Preconditions:
* pd != null
* init'ed(this.urlPrefix)
*
* Presumptions:
* org.apache.roller.weblogger.pojos.WeblogPermission:getUser(...)@386 != null
* org.apache.roller.weblogger.pojos.WeblogPermission:getWebsite(...)@386 != null
*
* Postconditions:
* java.lang.StringBuilder:toString(...)._tainted == this.urlPrefix._tainted
* init'ed(java.lang.StringBuilder:toString(...)._tainted)
* return_value == &new MemberEntry(toMemberEntry#1)
* new MemberEntry(toMemberEntry#1) num objects == 1
* init'ed(return_value.handle)
* return_value.href == &java.lang.StringBuilder:toString(...)
* init'ed(return_value.name)
* return_value.permission == One-of{&"ADMIN", &"AUTHOR", &"LIMITED", null}
* return_value.permission in Addr_Set{null,&"ADMIN",&"AUTHOR",&"LIMITED"}
*/
383 if (pd == null) {
384 throw new NullPointerException("ERROR: Null permission data not allowed");
385 }
386 MemberEntry me = new MemberEntry(pd.getWebsite().getHandle(), pd.getUser().getUserName(), getUrlPrefix());
387 me.setPermission(maskToString(pd.getPermissionMask()));
388
389 return me;
390 }
391 private MemberEntrySet toMemberEntrySet(WeblogPermission[] pds) {
/*
P/P * Method: MemberEntrySet toMemberEntrySet(WeblogPermission[])
*
* Preconditions:
* pds != null
* pds.length <= 232-1
* init'ed(this.urlPrefix)
* (soft) pds[...] != null
*
* Postconditions:
* init'ed(java.lang.StringBuilder:toString(...)._tainted)
* return_value == &new MemberEntrySet(toMemberEntrySet#2)
* new MemberEntrySet(toMemberEntrySet#2) num objects == 1
* init'ed(return_value.entries)
* return_value.href == &java.lang.StringBuilder:toString(...)
*/
392 if (pds == null) {
393 throw new NullPointerException("ERROR: Null permission data not allowed");
394 }
395
396 List entries = new ArrayList();
397 for (int i = 0; i < pds.length; i++) {
398 WeblogPermission pd = pds[i];
+ 399 Entry entry = toMemberEntry(pd);
400 entries.add(entry);
401 }
402 MemberEntrySet mes = new MemberEntrySet(getUrlPrefix());
403 mes.setEntries((Entry[])entries.toArray(new Entry[0]));
404
405 return mes;
406 }
407
408 private static String maskToString(short mask) {
/*
P/P * Method: String maskToString(short)
*
* Presumptions:
* init'ed(org.apache.roller.weblogger.pojos.WeblogPermission.ADMIN)
* init'ed(org.apache.roller.weblogger.pojos.WeblogPermission.AUTHOR)
* init'ed(org.apache.roller.weblogger.pojos.WeblogPermission.LIMITED)
*
* Postconditions:
* return_value in Addr_Set{null,&"LIMITED",&"AUTHOR",&"ADMIN"}
*/
409 if (mask == WeblogPermission.ADMIN) {
410 return MemberEntry.Permissions.ADMIN;
411 }
412 if (mask == WeblogPermission.AUTHOR) {
413 return MemberEntry.Permissions.AUTHOR;
414 }
415 if (mask == WeblogPermission.LIMITED) {
416 return MemberEntry.Permissions.LIMITED;
417 }
418 return null;
419 }
420
421
422 private static short stringToMask(String s) {
/*
P/P * Method: short stringToMask(String)
*
* Preconditions:
* s != null
*
* Presumptions:
* init'ed(org.apache.roller.weblogger.pojos.WeblogPermission.ADMIN)
* init'ed(org.apache.roller.weblogger.pojos.WeblogPermission.AUTHOR)
* init'ed(org.apache.roller.weblogger.pojos.WeblogPermission.LIMITED)
*
* Postconditions:
* return_value == One-of{org.apache.roller.weblogger.pojos.WeblogPermission.ADMIN, org.apache.roller.weblogger.pojos.WeblogPermission.AUTHOR, org.apache.roller.weblogger.pojos.WeblogPermission.LIMITED, 0}
* (soft) init'ed(return_value)
*
* Test Vectors:
* java.lang.String:equalsIgnoreCase(...)@426: {0}, {1}
* java.lang.String:equalsIgnoreCase(...)@429: {0}, {1}
* java.lang.String:equalsIgnoreCase(...)@432: {0}, {1}
*/
423 if (s == null) {
424 throw new NullPointerException("ERROR: Null string not allowed");
425 }
426 if (s.equalsIgnoreCase(MemberEntry.Permissions.ADMIN)) {
427 return WeblogPermission.ADMIN;
428 }
429 if (s.equalsIgnoreCase(MemberEntry.Permissions.AUTHOR)) {
430 return WeblogPermission.AUTHOR;
431 }
432 if (s.equalsIgnoreCase(MemberEntry.Permissions.LIMITED)) {
433 return WeblogPermission.LIMITED;
434 }
435 return 0;
436 }
437 }
438
SofCheck Inspector Build Version : 2.18479
| RollerMemberHandler.java |
2009-Jan-02 14:25:04 |
| RollerMemberHandler.class |
2009-Sep-04 03:12:46 |
| RollerMemberHandler$MemberURI.class |
2009-Sep-04 03:12:46 |