/**
* LibreSource
* Copyright (C) 2004-2008 Artenum SARL / INRIA
* http://www.libresource.org - contact@artenum.com
*
* This file is part of the LibreSource software,
* which can be used and distributed under license conditions.
* The license conditions are provided in the LICENSE.TXT file
* at the root path of the packaging that enclose this file.
* More information can be found at
* - http://dev.libresource.org/home/license
*
* Initial authors :
*
* Guillaume Bort / INRIA
* Francois Charoy / Universite Nancy 2
* Julien Forest / Artenum
* Claude Godart / Universite Henry Poincare
* Florent Jouille / INRIA
* Sebastien Jourdain / INRIA / Artenum
* Yves Lerumeur / Artenum
* Pascal Molli / Universite Henry Poincare
* Gerald Oster / INRIA
* Mariarosa Penzi / Artenum
* Gerard Sookahet / Artenum
* Raphael Tani / INRIA
*
* Contributors :
*
* Stephane Bagnier / Artenum
* Amadou Dia / Artenum-IUP Blois
* ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
*/
package org.libresource.web.controllers;
import org.libresource.Libresource;
import org.libresource.LibresourceResourceIdentifier;
import org.libresource.kernel.KernelConstants;
import org.libresource.kernel.LibresourceSecurityException;
import org.libresource.kernel.ejb.model.AclValue;
import org.libresource.kernel.interfaces.KernelService;
import org.libresource.web.Controller;
import java.net.URI;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
public class SecurityController implements Controller {
public Object process(URI uri, HttpServletRequest request, HttpServletResponse response)
throws Exception {
KernelService kernelService = (KernelService) Libresource.getService(KernelConstants.SERVICE);
AclValue[] aclValues = kernelService.getAcls(uri);
request.setAttribute("acls", aclValues);
request.setAttribute("ownerUri", kernelService.getOwner(uri));
LibresourceResourceIdentifier resourceIdentifier = kernelService.lookup(uri);
String[] kernelPermissions = kernelService.listKernelPermissions();
String[] resourcePermissions = Libresource.listAvailablesPermissions(resourceIdentifier);
request.setAttribute("kernelPermissions", kernelPermissions);
request.setAttribute("resourcePermissions", resourcePermissions);
if (request.getParameter("edit") != null) {
String editUri = request.getParameter("edit");
for (int i = 0; i < aclValues.length; i++) {
if (aclValues[i].getOwnerUri().toString().equals(editUri)) {
request.setAttribute("editUri", editUri);
request.setAttribute("editAcl", aclValues[i]);
}
}
}
if (request.getParameter("create") != null) {
try {
String[] permissions = request.getParameterValues("permission");
if (permissions != null) {
if (request.getParameter("recursive") != null) {
kernelService.createAclRecursively(uri, new URI(request.getParameter("owner").trim()), permissions);
} else {
kernelService.createAcl(uri, new URI(request.getParameter("owner").trim()), permissions);
}
request.setAttribute("acls", kernelService.getAcls(uri));
} else {
request.setAttribute("securityError", "please check some permissions !");
return "/pages/security.jsp";
}
} catch (LibresourceSecurityException e) {
throw e;
} catch (Exception e) {
request.setAttribute("securityError", e.getMessage());
return "/pages/security.jsp";
}
}
if (request.getParameter("delete") != null) {
if (request.getParameter("recursive") != null) {
kernelService.deleteAcl(uri, new URI(request.getParameter("delete")), true);
} else {
kernelService.deleteAcl(uri, new URI(request.getParameter("delete")), false);
}
request.setAttribute("acls", kernelService.getAcls(uri));
}
return "/pages/security.jsp";
}
}
|