/* 
    P/P   *  Method: net.sourceforge.pebble.web.action.ViewBlogSecurityAction__static_init
          */
     1  /*
     2   * Copyright (c) 2003-2006, Simon Brown
     3   * All rights reserved.
     4   *
     5   * Redistribution and use in source and binary forms, with or without
     6   * modification, are permitted provided that the following conditions are met:
     7   *
     8   *   - Redistributions of source code must retain the above copyright
     9   *     notice, this list of conditions and the following disclaimer.
    10   *
    11   *   - Redistributions in binary form must reproduce the above copyright
    12   *     notice, this list of conditions and the following disclaimer in
    13   *     the documentation and/or other materials provided with the
    14   *     distribution.
    15   *
    16   *   - Neither the name of Pebble nor the names of its contributors may
    17   *     be used to endorse or promote products derived from this software
    18   *     without specific prior written permission.
    19   *
    20   * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
    21   * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
    22   * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
    23   * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
    24   * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
    25   * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
    26   * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
    27   * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
    28   * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
    29   * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
    30   * POSSIBILITY OF SUCH DAMAGE.
    31   */
    32  package net.sourceforge.pebble.web.action;
    33  
    34  import net.sourceforge.pebble.Constants;
    35  import net.sourceforge.pebble.PebbleContext;
    36  import net.sourceforge.pebble.security.PebbleUserDetails;
    37  import net.sourceforge.pebble.security.SecurityRealmException;
    38  import net.sourceforge.pebble.web.view.View;
    39  import net.sourceforge.pebble.web.view.impl.BlogSecurityView;
    40  
         /* 
    P/P   *  Method: void net.sourceforge.pebble.web.action.ViewBlogSecurityAction()
          */
    41  import javax.servlet.ServletException;
    42  import javax.servlet.http.HttpServletRequest;
    43  import javax.servlet.http.HttpServletResponse;
    44  import java.util.Collection;
    45  import java.util.LinkedList;
    46  import java.util.List;
    47  
    48  /**
    49   * Edits the security properties associated with the current Blog.
    50   *
    51   * @author    Simon Brown
    52   */
    53  public class ViewBlogSecurityAction extends SecureAction {
    54  
    55    /**
    56     * Peforms the processing associated with this action.
    57     *
    58     * @param request  the HttpServletRequest instance
    59     * @param response the HttpServletResponse instance
    60     * @return the name of the next view
    61     */
    62    public View process(HttpServletRequest request, HttpServletResponse response) throws ServletException {
    63      try {
               /* 
    P/P         *  Method: View process(HttpServletRequest, HttpServletResponse)
                * 
                *  Preconditions:
                *    net.sourceforge.pebble.PebbleContext__static_init.new PebbleContext(PebbleContext__static_init#1).configuration != null
                *    this.model != null
                *    this.model.data != null
                * 
                *  Presumptions:
                *    net.sourceforge.pebble.Configuration:getSecurityRealm(...).configuration@64 != null
                *    net.sourceforge.pebble.Configuration:getSecurityRealm(...).configuration@65 != null
                *    net.sourceforge.pebble.Configuration:getSecurityRealm(...).configuration@66 != null
                *    net.sourceforge.pebble.Configuration:getSecurityRealm(...).configuration@67 != null
                *    net.sourceforge.pebble.Configuration:getSecurityRealm(...)@64 != null
                *    ...
                * 
                *  Postconditions:
                *    return_value == &new BlogSecurityView(process#2)
                *    new BlogSecurityView(process#2) num objects == 1
                */
    64        getModel().put("blogOwnerUsers", filterUsersByRole(PebbleContext.getInstance().getConfiguration().getSecurityRealm().getUsers(), Constants.BLOG_OWNER_ROLE));
    65        getModel().put("blogPublisherUsers", filterUsersByRole(PebbleContext.getInstance().getConfiguration().getSecurityRealm().getUsers(), Constants.BLOG_PUBLISHER_ROLE));
    66        getModel().put("blogContributorUsers", filterUsersByRole(PebbleContext.getInstance().getConfiguration().getSecurityRealm().getUsers(), Constants.BLOG_CONTRIBUTOR_ROLE));
    67        getModel().put("allUsers", PebbleContext.getInstance().getConfiguration().getSecurityRealm().getUsers());
    68      } catch (SecurityRealmException sre) {
    69        throw new ServletException("Could not get list of users", sre);
    70      }
    71  
    72      return new BlogSecurityView();
    73    }
    74  
           /* 
    P/P     *  Method: List filterUsersByRole(Collection, String)
            * 
            *  Preconditions:
            *    users != null
            * 
            *  Presumptions:
            *    java.util.Iterator:next(...)@77 != null
            *    user.grantedAuthories.length@77 <= 232-1
            *    user.grantedAuthories[...]@77 != null
            * 
            *  Postconditions:
            *    return_value == &new LinkedList(filterUsersByRole#1)
            *    new LinkedList(filterUsersByRole#1) num objects == 1
            * 
            *  Test Vectors:
            *    java.util.Iterator:hasNext(...)@77: {1}, {0}
            */
    75    private List<PebbleUserDetails> filterUsersByRole(Collection<PebbleUserDetails> users, String role) {
    76      List<PebbleUserDetails> list = new LinkedList<PebbleUserDetails>();
    77      for (PebbleUserDetails user : users) {
    78        if (user.isUserInRole(role)) {
    79          list.add(user);
    80        }
    81      }
    82  
    83      return list;
    84    }
    85  
    86    /**
    87     * Gets a list of all roles that are allowed to access this action.
    88     *
    89     * @return  an array of Strings representing role names
    90     * @param request   the originating request
    91     */
    92    public String[] getRoles(HttpServletRequest request) {
             /* 
    P/P       *  Method: String[] getRoles(HttpServletRequest)
              * 
              *  Presumptions:
              *    init'ed(net.sourceforge.pebble.Constants.BLOG_ADMIN_ROLE)
              *    init'ed(net.sourceforge.pebble.Constants.BLOG_OWNER_ROLE)
              * 
              *  Postconditions:
              *    return_value == &new String[](getRoles#1)
              *    new String[](getRoles#1) num objects == 1
              *    return_value.length == 2
              *    return_value[0] == net.sourceforge.pebble.Constants.BLOG_ADMIN_ROLE
              *    (soft) init'ed(return_value[0])
              *    return_value[1] == net.sourceforge.pebble.Constants.BLOG_OWNER_ROLE
              *    (soft) init'ed(return_value[1])
              */
    93      return new String[]{
    94          Constants.BLOG_ADMIN_ROLE,
    95          Constants.BLOG_OWNER_ROLE
    96      };
    97    }
    98  
    99  }