//# 0 errors, 87 messages
//#
/*
    //#abstractapihandler.java:1:1: class: net.sourceforge.pebble.webservice.AbstractAPIHandler
    //#abstractapihandler.java:1:1: method: net.sourceforge.pebble.webservice.AbstractAPIHandler.net.sourceforge.pebble.webservice.AbstractAPIHandler__static_init
 * Copyright (c) 2003-2006, Simon Brown
 * All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions are met:
 *
 *   - Redistributions of source code must retain the above copyright
 *     notice, this list of conditions and the following disclaimer.
 *
 *   - Redistributions in binary form must reproduce the above copyright
 *     notice, this list of conditions and the following disclaimer in
 *     the documentation and/or other materials provided with the
 *     distribution.
 *
 *   - Neither the name of Pebble nor the names of its contributors may
 *     be used to endorse or promote products derived from this software
 *     without specific prior written permission.
 *
 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
 * POSSIBILITY OF SUCH DAMAGE.
 */
package net.sourceforge.pebble.webservice;

import net.sourceforge.pebble.domain.BlogManager;
import net.sourceforge.pebble.domain.Blog;
import net.sourceforge.pebble.util.SecurityUtils;
import org.acegisecurity.Authentication;
import org.acegisecurity.AuthenticationException;
import org.acegisecurity.AuthenticationManager;
import org.acegisecurity.context.SecurityContextHolder;
import org.acegisecurity.providers.UsernamePasswordAuthenticationToken;
import org.apache.xmlrpc.XmlRpcException;

/**
 * A handler for the XML-RPC blogging APIs.
 *
 * @author    Simon Brown
 */
public abstract class AbstractAPIHandler {
    //#abstractapihandler.java:49: method: void net.sourceforge.pebble.webservice.AbstractAPIHandler.net.sourceforge.pebble.webservice.AbstractAPIHandler()
    //#abstractapihandler.java:49: end of method: void net.sourceforge.pebble.webservice.AbstractAPIHandler.net.sourceforge.pebble.webservice.AbstractAPIHandler()

  /** character used to separate blog and post IDs in multi-user mode */
  static final char BLOG_ID_SEPARATOR = '/';

  private AuthenticationManager authenticationManager;

  public AuthenticationManager getAuthenticationManager() {
    return authenticationManager;
    //#abstractapihandler.java:57: method: AuthenticationManager net.sourceforge.pebble.webservice.AbstractAPIHandler.getAuthenticationManager()
    //#input(AuthenticationManager getAuthenticationManager()): this
    //#input(AuthenticationManager getAuthenticationManager()): this.authenticationManager
    //#output(AuthenticationManager getAuthenticationManager()): return_value
    //#pre[2] (AuthenticationManager getAuthenticationManager()): init'ed(this.authenticationManager)
    //#post(AuthenticationManager getAuthenticationManager()): return_value == this.authenticationManager
    //#post(AuthenticationManager getAuthenticationManager()): init'ed(return_value)
    //#abstractapihandler.java:57: end of method: AuthenticationManager net.sourceforge.pebble.webservice.AbstractAPIHandler.getAuthenticationManager()
  }

  public void setAuthenticationManager(AuthenticationManager authenticationManager) {
    this.authenticationManager = authenticationManager;
    //#abstractapihandler.java:61: method: void net.sourceforge.pebble.webservice.AbstractAPIHandler.setAuthenticationManager(AuthenticationManager)
    //#input(void setAuthenticationManager(AuthenticationManager)): authenticationManager
    //#input(void setAuthenticationManager(AuthenticationManager)): this
    //#output(void setAuthenticationManager(AuthenticationManager)): this.authenticationManager
    //#post(void setAuthenticationManager(AuthenticationManager)): this.authenticationManager == authenticationManager
    //#post(void setAuthenticationManager(AuthenticationManager)): init'ed(this.authenticationManager)
  }
    //#abstractapihandler.java:62: end of method: void net.sourceforge.pebble.webservice.AbstractAPIHandler.setAuthenticationManager(AuthenticationManager)

  /**
   * A helper method to authenticate a username/password pair against the
   * properties for the specified Blog instance.
   *
   * @param blog      the Blog instance to test against
   * @param username  the username used for logging in via XML-RPC
   * @param password  the password used for logging in via XML-RPC
   */
  protected void authenticate(Blog blog, String username, String password) throws XmlRpcAuthenticationException {
    try {
      Authentication auth = authenticationManager.authenticate(new UsernamePasswordAuthenticationToken(username, password));
    //#abstractapihandler.java:74: method: void net.sourceforge.pebble.webservice.AbstractAPIHandler.authenticate(Blog, String, String)
    //#abstractapihandler.java:74: Warning: method not available
    //#    -- call on void org.acegisecurity.providers.UsernamePasswordAuthenticationToken(Object, Object)
    //#    severity: INFORMATIONAL
    //#    class: net.sourceforge.pebble.webservice.AbstractAPIHandler
    //#    method: void authenticate(Blog, String, String)
    //#    unanalyzed callee: void org.acegisecurity.providers.UsernamePasswordAuthenticationToken(Object, Object)
    //#abstractapihandler.java:74: Warning: method not available
    //#    -- call on Authentication org.acegisecurity.AuthenticationManager:authenticate(Authentication)
    //#    severity: INFORMATIONAL
    //#    class: net.sourceforge.pebble.webservice.AbstractAPIHandler
    //#    method: void authenticate(Blog, String, String)
    //#    unanalyzed callee: Authentication org.acegisecurity.AuthenticationManager:authenticate(Authentication)
    //#input(void authenticate(Blog, String, String)): blog
    //#input(void authenticate(Blog, String, String)): password
    //#input(void authenticate(Blog, String, String)): this
    //#input(void authenticate(Blog, String, String)): this.authenticationManager
    //#input(void authenticate(Blog, String, String)): username
    //#pre[4] (void authenticate(Blog, String, String)): this.authenticationManager != null
    //#presumption(void authenticate(Blog, String, String)): net.sourceforge.pebble.util.SecurityUtils:isUserAuthorisedForBlogAsBlogContributor(...)@77 == 1
    //#presumption(void authenticate(Blog, String, String)): org.acegisecurity.context.SecurityContextHolder:getContext(...)@75 != null
    //#test_vector(void authenticate(Blog, String, String)): blog: Addr_Set{null}, Inverse{null}
      SecurityContextHolder.getContext().setAuthentication(auth);
    //#abstractapihandler.java:75: Warning: method not available
    //#    -- call on SecurityContext org.acegisecurity.context.SecurityContextHolder:getContext()
    //#    severity: INFORMATIONAL
    //#    class: net.sourceforge.pebble.webservice.AbstractAPIHandler
    //#    method: void authenticate(Blog, String, String)
    //#    unanalyzed callee: SecurityContext org.acegisecurity.context.SecurityContextHolder:getContext()
    //#abstractapihandler.java:75: Warning: method not available
    //#    -- call on void org.acegisecurity.context.SecurityContext:setAuthentication(Authentication)
    //#    severity: INFORMATIONAL
    //#    class: net.sourceforge.pebble.webservice.AbstractAPIHandler
    //#    method: void authenticate(Blog, String, String)
    //#    unanalyzed callee: void org.acegisecurity.context.SecurityContext:setAuthentication(Authentication)

      if (blog != null && !SecurityUtils.isUserAuthorisedForBlogAsBlogContributor(blog)) {
    //#abstractapihandler.java:77: Warning: method not available
    //#    -- call on bool net.sourceforge.pebble.util.SecurityUtils:isUserAuthorisedForBlogAsBlogContributor(Blog)
    //#    severity: INFORMATIONAL
    //#    class: net.sourceforge.pebble.webservice.AbstractAPIHandler
    //#    method: void authenticate(Blog, String, String)
    //#    unanalyzed callee: bool net.sourceforge.pebble.util.SecurityUtils:isUserAuthorisedForBlogAsBlogContributor(Blog)
        throw new XmlRpcAuthenticationException("Not authorised for this blog.");
      }
    } catch (AuthenticationException ae) {
      throw new XmlRpcAuthenticationException("Username and password did not pass authentication.");
    }
  }
    //#abstractapihandler.java:83: end of method: void net.sourceforge.pebble.webservice.AbstractAPIHandler.authenticate(Blog, String, String)

  /**
   * Gets the blog from a given String.
   * <br /><br />
   * In single-user mode, blog IDs are irrelevant since there is only one blog.
   * In multi-user mode, the post ID is composed of "blog ID/post ID"
   * (this is Pebble's way of uniquely identifying a blog entry across all
   * users' blogs).
   *
   * @param s   the String containing the post ID
   * @return  the post ID (blog entry ID)
   */
  protected Blog getBlogWithPostId(String s) throws XmlRpcException {
    if (s == null) {
    //#abstractapihandler.java:97: method: Blog net.sourceforge.pebble.webservice.AbstractAPIHandler.getBlogWithPostId(String)
    //#input(Blog getBlogWithPostId(String)): s
    //#output(Blog getBlogWithPostId(String)): return_value
    //#pre[1] (Blog getBlogWithPostId(String)): s != null
    //#presumption(Blog getBlogWithPostId(String)): net.sourceforge.pebble.domain.BlogManager:getBlog(...)@109 != null
    //#presumption(Blog getBlogWithPostId(String)): net.sourceforge.pebble.domain.BlogManager:getInstance(...)@109 != null
    //#post(Blog getBlogWithPostId(String)): (soft) return_value != null
    //#test_vector(Blog getBlogWithPostId(String)): java.lang.String:lastIndexOf(...)@104: {-2_147_483_648..-1}, {0..4_294_967_295}
      throw new XmlRpcException(0, "Blog with ID of " + null + " not found.");
    }

    String blogId = null;
    Blog blog;

    int index = s.lastIndexOf(BLOG_ID_SEPARATOR);
    if (index > -1) {
      blogId = s.substring(0, index);
    }

    blog = BlogManager.getInstance().getBlog(blogId);
    //#abstractapihandler.java:109: Warning: method not available
    //#    -- call on BlogManager net.sourceforge.pebble.domain.BlogManager:getInstance()
    //#    severity: INFORMATIONAL
    //#    class: net.sourceforge.pebble.webservice.AbstractAPIHandler
    //#    method: Blog getBlogWithPostId(String)
    //#    unanalyzed callee: BlogManager net.sourceforge.pebble.domain.BlogManager:getInstance()
    //#abstractapihandler.java:109: Warning: method not available
    //#    -- call on Blog net.sourceforge.pebble.domain.BlogManager:getBlog(String)
    //#    severity: INFORMATIONAL
    //#    class: net.sourceforge.pebble.webservice.AbstractAPIHandler
    //#    method: Blog getBlogWithPostId(String)
    //#    unanalyzed callee: Blog net.sourceforge.pebble.domain.BlogManager:getBlog(String)
    if (blog == null) {
      throw new XmlRpcException(0, "Blog with ID of " + blogId + " not found.");
    } else {
      return blog;
    //#abstractapihandler.java:113: end of method: Blog net.sourceforge.pebble.webservice.AbstractAPIHandler.getBlogWithPostId(String)
    }
  }

  /**
   * Gets the blog from a given String.
   * <br /><br />
   * In single-user mode, blog IDs are irrelevant since there is only one blog.
   * In multi-user mode, the post ID is composed of "blog ID/post ID"
   * (this is Pebble's way of uniquely identifying a blog entry across all
   * users' blogs).
   *
   * @param blogId   the String containing the post ID
   * @return  the blog ID
   */
  protected Blog getBlogWithBlogId(String blogId) throws XmlRpcException {
    Blog blog = BlogManager.getInstance().getBlog(blogId);
    //#abstractapihandler.java:129: method: Blog net.sourceforge.pebble.webservice.AbstractAPIHandler.getBlogWithBlogId(String)
    //#abstractapihandler.java:129: Warning: method not available
    //#    -- call on BlogManager net.sourceforge.pebble.domain.BlogManager:getInstance()
    //#    severity: INFORMATIONAL
    //#    class: net.sourceforge.pebble.webservice.AbstractAPIHandler
    //#    method: Blog getBlogWithBlogId(String)
    //#    unanalyzed callee: BlogManager net.sourceforge.pebble.domain.BlogManager:getInstance()
    //#abstractapihandler.java:129: Warning: method not available
    //#    -- call on Blog net.sourceforge.pebble.domain.BlogManager:getBlog(String)
    //#    severity: INFORMATIONAL
    //#    class: net.sourceforge.pebble.webservice.AbstractAPIHandler
    //#    method: Blog getBlogWithBlogId(String)
    //#    unanalyzed callee: Blog net.sourceforge.pebble.domain.BlogManager:getBlog(String)
    //#input(Blog getBlogWithBlogId(String)): blogId
    //#output(Blog getBlogWithBlogId(String)): return_value
    //#presumption(Blog getBlogWithBlogId(String)): net.sourceforge.pebble.domain.BlogManager:getBlog(...)@129 != null
    //#presumption(Blog getBlogWithBlogId(String)): net.sourceforge.pebble.domain.BlogManager:getInstance(...)@129 != null
    //#post(Blog getBlogWithBlogId(String)): (soft) return_value != null
    if (blog == null) {
      throw new XmlRpcException(0, "Blog with ID of " + blogId + " not found.");
    } else {
      return blog;
    //#abstractapihandler.java:133: end of method: Blog net.sourceforge.pebble.webservice.AbstractAPIHandler.getBlogWithBlogId(String)
    }
  }

  /**
   * Gets the post ID (blog entry ID) from a given String.
   * <br /><br />
   * In single-user mode, post IDs
   * are specified as just the blog ID. In multi-user mode, the post ID
   * is composed of "blog ID/post ID" (this is Pebble's way of uniquely
   * identifying a blog entry across all users' blogs).
   *
   * @param s   the String containing the post ID
   * @return  the post ID (blog entry ID)
   */
  protected String getPostId(String s) {
    if (s == null) {
    //#abstractapihandler.java:149: method: String net.sourceforge.pebble.webservice.AbstractAPIHandler.getPostId(String)
    //#input(String getPostId(String)): s
    //#output(String getPostId(String)): return_value
    //#presumption(String getPostId(String)): java.lang.String:lastIndexOf(...)@153 <= 4_294_967_294
    //#post(String getPostId(String)): init'ed(return_value)
    //#test_vector(String getPostId(String)): s: Inverse{null}, Addr_Set{null}
    //#test_vector(String getPostId(String)): java.lang.String:lastIndexOf(...)@153: {-2_147_483_648..-1}, {0..4_294_967_294}
      return null;
    }

    int index = s.lastIndexOf(BLOG_ID_SEPARATOR);
    if (index > -1) {
      return s.substring(index+1);
    } else {
      return null;
    //#abstractapihandler.java:157: end of method: String net.sourceforge.pebble.webservice.AbstractAPIHandler.getPostId(String)
    }
  }

  /**
   * Formats a post ID for the blogger client.
   *
   * @param blogid    the blog ID
   * @param postid    the post ID
   * @return  if running in multi-user mode, returns "blogid/postid",
   *          otherwise just returns "postid"
   */
  protected String formatPostId(String blogid, String postid) {
    return blogid + BLOG_ID_SEPARATOR + postid;
    //#abstractapihandler.java:170: method: String net.sourceforge.pebble.webservice.AbstractAPIHandler.formatPostId(String, String)
    //#input(String formatPostId(String, String)): blogid
    //#input(String formatPostId(String, String)): postid
    //#output(String formatPostId(String, String)): return_value
    //#post(String formatPostId(String, String)): return_value != null
    //#abstractapihandler.java:170: end of method: String net.sourceforge.pebble.webservice.AbstractAPIHandler.formatPostId(String, String)
  }

}    //#output(net.sourceforge.pebble.webservice.AbstractAPIHandler__static_init): __Descendant_Table[net/sourceforge/pebble/webservice/AbstractAPIHandler]
    //#output(net.sourceforge.pebble.webservice.AbstractAPIHandler__static_init): __Dispatch_Table.authenticate(Lnet/sourceforge/pebble/domain/Blog;Ljava/lang/String;Ljava/lang/String;)V
    //#output(net.sourceforge.pebble.webservice.AbstractAPIHandler__static_init): __Dispatch_Table.formatPostId(Ljava/lang/String;Ljava/lang/String;)Ljava/lang/String;
    //#output(net.sourceforge.pebble.webservice.AbstractAPIHandler__static_init): __Dispatch_Table.getAuthenticationManager()Lorg/acegisecurity/AuthenticationManager;
    //#output(net.sourceforge.pebble.webservice.AbstractAPIHandler__static_init): __Dispatch_Table.getBlogWithBlogId(Ljava/lang/String;)Lnet/sourceforge/pebble/domain/Blog;
    //#output(net.sourceforge.pebble.webservice.AbstractAPIHandler__static_init): __Dispatch_Table.getBlogWithPostId(Ljava/lang/String;)Lnet/sourceforge/pebble/domain/Blog;
    //#output(net.sourceforge.pebble.webservice.AbstractAPIHandler__static_init): __Dispatch_Table.getPostId(Ljava/lang/String;)Ljava/lang/String;
    //#output(net.sourceforge.pebble.webservice.AbstractAPIHandler__static_init): __Dispatch_Table.setAuthenticationManager(Lorg/acegisecurity/AuthenticationManager;)V
    //#post(net.sourceforge.pebble.webservice.AbstractAPIHandler__static_init): __Descendant_Table[net/sourceforge/pebble/webservice/AbstractAPIHandler] == &__Dispatch_Table
    //#post(net.sourceforge.pebble.webservice.AbstractAPIHandler__static_init): __Dispatch_Table.authenticate(Lnet/sourceforge/pebble/domain/Blog;Ljava/lang/String;Ljava/lang/String;)V == &authenticate
    //#post(net.sourceforge.pebble.webservice.AbstractAPIHandler__static_init): __Dispatch_Table.formatPostId(Ljava/lang/String;Ljava/lang/String;)Ljava/lang/String; == &formatPostId
    //#post(net.sourceforge.pebble.webservice.AbstractAPIHandler__static_init): __Dispatch_Table.getAuthenticationManager()Lorg/acegisecurity/AuthenticationManager; == &getAuthenticationManager
    //#post(net.sourceforge.pebble.webservice.AbstractAPIHandler__static_init): __Dispatch_Table.getBlogWithBlogId(Ljava/lang/String;)Lnet/sourceforge/pebble/domain/Blog; == &getBlogWithBlogId
    //#post(net.sourceforge.pebble.webservice.AbstractAPIHandler__static_init): __Dispatch_Table.getBlogWithPostId(Ljava/lang/String;)Lnet/sourceforge/pebble/domain/Blog; == &getBlogWithPostId
    //#post(net.sourceforge.pebble.webservice.AbstractAPIHandler__static_init): __Dispatch_Table.getPostId(Ljava/lang/String;)Ljava/lang/String; == &getPostId
    //#post(net.sourceforge.pebble.webservice.AbstractAPIHandler__static_init): __Dispatch_Table.setAuthenticationManager(Lorg/acegisecurity/AuthenticationManager;)V == &setAuthenticationManager
    //#abstractapihandler.java:: end of method: net.sourceforge.pebble.webservice.AbstractAPIHandler.net.sourceforge.pebble.webservice.AbstractAPIHandler__static_init
    //#abstractapihandler.java:: end of class: net.sourceforge.pebble.webservice.AbstractAPIHandler
