RenJuan/TASKPM
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Move sendForbiddenStatusCodeInHttpServletResponse method to Util class

Browse source 
Refactor code where SC_FORBIDDEN code was been sent and used the new method.

FEA: ItEr76S30PermissionsEnhancements
This commit is contained in:
Manuel Rego Casasnovas 2012-06-20 08:47:32 +02:00
parent ffe537ca7b
commit eb58fd31d6
6 changed files with 29 additions and 55 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

20
libreplan-webapp/src/main/java/org/libreplan/web/common/Util.java
View file

@ -23,6 +23,7 @@ package org.libreplan.web.common;
import static org.libreplan.web.I18nHelper._;
import java.io.IOException;
import java.math.BigDecimal;
import java.text.DecimalFormat;
import java.util.ArrayList;
@ -30,6 +31,8 @@ import java.util.Date;
import java.util.Iterator;
import java.util.List;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.libreplan.business.common.BaseEntity;
@ -38,6 +41,8 @@ import org.libreplan.business.common.IOnTransaction;
import org.libreplan.business.common.Registry;
import org.zkoss.ganttz.util.ComponentsFinder;
import org.zkoss.zk.ui.Component;
import org.zkoss.zk.ui.Execution;
import org.zkoss.zk.ui.Executions;
import org.zkoss.zk.ui.event.Event;
import org.zkoss.zk.ui.event.EventListener;
import org.zkoss.zk.ui.event.Events;
@ -741,4 +746,19 @@ public class Util {
return false;
}
/**
* Gets the {@link HttpServletResponse} from the current {@link Execution}
* and uses the method {@link HttpServletResponse#sendError(int)} with the
* code {@link HttpServletResponse#SC_FORBIDDEN}.
*/
public static void sendForbiddenStatusCodeInHttpServletResponse() {
try {
HttpServletResponse response = (HttpServletResponse) Executions
.getCurrent().getNativeResponse();
response.sendError(HttpServletResponse.SC_FORBIDDEN);
} catch (IOException e) {
throw new RuntimeException(e);
}
}
}

18
libreplan-webapp/src/main/java/org/libreplan/web/expensesheet/ExpenseSheetCRUDController.java
View file

@ -21,7 +21,6 @@ package org.libreplan.web.expensesheet;
import static org.libreplan.web.I18nHelper._;
import java.io.IOException;
import java.math.BigDecimal;
import java.util.ConcurrentModificationException;
import java.util.Date;
@ -30,7 +29,6 @@ import java.util.Map;
import java.util.SortedSet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.logging.LogFactory;
import org.joda.time.LocalDate;
@ -123,21 +121,11 @@ public class ExpenseSheetCRUDController extends
// If it doesn't come from a entry point
if (matrixParams.isEmpty()) {
if (!SecurityUtils.isSuperuserOrUserInRoles(UserRole.ROLE_EXPENSES)) {
sendForbiddenStatusCodeInHttpServletResponse();
Util.sendForbiddenStatusCodeInHttpServletResponse();
}
}
}
private void sendForbiddenStatusCodeInHttpServletResponse() {
try {
HttpServletResponse response = (HttpServletResponse) Executions
.getCurrent().getNativeResponse();
response.sendError(HttpServletResponse.SC_FORBIDDEN);
} catch (IOException e) {
throw new RuntimeException(e);
}
}
@Override
public void save() throws ValidationException {
expenseSheetModel.confirmSave();
@ -618,7 +606,7 @@ public class ExpenseSheetCRUDController extends
@Override
public void goToCreatePersonalExpenseSheet() {
if (!SecurityUtils.isUserInRole(UserRole.ROLE_BOUND_USER)) {
sendForbiddenStatusCodeInHttpServletResponse();
Util.sendForbiddenStatusCodeInHttpServletResponse();
}
state = CRUDControllerState.CREATE;
@ -642,7 +630,7 @@ public class ExpenseSheetCRUDController extends
if (!SecurityUtils.isUserInRole(UserRole.ROLE_BOUND_USER)
|| !expenseSheetModel
.isPersonalAndBelognsToCurrentUser(expenseSheet)) {
sendForbiddenStatusCodeInHttpServletResponse();
Util.sendForbiddenStatusCodeInHttpServletResponse();
}
goToEditForm(expenseSheet);
fromUserDashboard = true;

12
libreplan-webapp/src/main/java/org/libreplan/web/planner/tabs/LimitingResourcesTabCreator.java
View file

@ -24,13 +24,11 @@ import static org.libreplan.web.I18nHelper._;
import static org.libreplan.web.planner.tabs.MultipleTabsPlannerController.BREADCRUMBS_SEPARATOR;
import static org.libreplan.web.planner.tabs.MultipleTabsPlannerController.getSchedulingLabel;
import java.io.IOException;
import java.util.HashMap;
import java.util.Map;
import javax.servlet.http.HttpServletResponse;
import org.libreplan.business.users.entities.UserRole;
import org.libreplan.web.common.Util;
import org.libreplan.web.limitingresources.LimitingResourcesController;
import org.libreplan.web.planner.tabs.CreatedOnDemandTab.IComponentCreator;
import org.libreplan.web.security.SecurityUtils;
@ -141,13 +139,7 @@ public class LimitingResourcesTabCreator {
protected void beforeShowAction() {
if (!SecurityUtils
.isSuperuserOrUserInRoles(UserRole.ROLE_PLANNING)) {
HttpServletResponse response = (HttpServletResponse) Executions
.getCurrent().getNativeResponse();
try {
response.sendError(HttpServletResponse.SC_FORBIDDEN);
} catch (IOException e) {
throw new RuntimeException(e);
}
Util.sendForbiddenStatusCodeInHttpServletResponse();
}
}

11
libreplan-webapp/src/main/java/org/libreplan/web/planner/tabs/OrdersTabCreator.java
View file

@ -24,12 +24,9 @@ import static org.libreplan.web.I18nHelper._;
import static org.libreplan.web.planner.tabs.MultipleTabsPlannerController.BREADCRUMBS_SEPARATOR;
import static org.libreplan.web.planner.tabs.MultipleTabsPlannerController.getSchedulingLabel;
import java.io.IOException;
import java.util.HashMap;
import java.util.Map;
import javax.servlet.http.HttpServletResponse;
import org.libreplan.web.common.Util;
import org.libreplan.web.orders.OrderCRUDController;
import org.libreplan.web.planner.order.IOrderPlanningGate;
@ -109,13 +106,7 @@ public class OrdersTabCreator {
protected void beforeShowAction() {
if (!SecurityUtils
.isSuperuserOrRolePlanningOrHasAnyAuthorization()) {
HttpServletResponse response = (HttpServletResponse) Executions
.getCurrent().getNativeResponse();
try {
response.sendError(HttpServletResponse.SC_FORBIDDEN);
} catch (IOException e) {
throw new RuntimeException(e);
}
Util.sendForbiddenStatusCodeInHttpServletResponse();
}
}

11
libreplan-webapp/src/main/java/org/libreplan/web/planner/tabs/PlanningTabCreator.java
View file

@ -24,14 +24,11 @@ import static org.libreplan.web.I18nHelper._;
import static org.libreplan.web.planner.tabs.MultipleTabsPlannerController.BREADCRUMBS_SEPARATOR;
import static org.libreplan.web.planner.tabs.MultipleTabsPlannerController.getSchedulingLabel;
import java.io.IOException;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import javax.servlet.http.HttpServletResponse;
import org.libreplan.business.common.exceptions.InstanceNotFoundException;
import org.libreplan.business.orders.daos.IOrderDAO;
import org.libreplan.business.orders.entities.Order;
@ -204,13 +201,7 @@ public class PlanningTabCreator {
protected void beforeShowAction() {
if (!SecurityUtils
.isSuperuserOrRolePlanningOrHasAnyAuthorization()) {
HttpServletResponse response = (HttpServletResponse) Executions
.getCurrent().getNativeResponse();
try {
response.sendError(HttpServletResponse.SC_FORBIDDEN);
} catch (IOException e) {
throw new RuntimeException(e);
}
Util.sendForbiddenStatusCodeInHttpServletResponse();
}
}

12
libreplan-webapp/src/main/java/org/libreplan/web/planner/tabs/ResourcesLoadTabCreator.java
View file

@ -24,14 +24,12 @@ import static org.libreplan.web.I18nHelper._;
import static org.libreplan.web.planner.tabs.MultipleTabsPlannerController.BREADCRUMBS_SEPARATOR;
import static org.libreplan.web.planner.tabs.MultipleTabsPlannerController.getSchedulingLabel;
import java.io.IOException;
import java.util.HashMap;
import java.util.Map;
import javax.servlet.http.HttpServletResponse;
import org.libreplan.business.orders.entities.Order;
import org.libreplan.business.users.entities.UserRole;
import org.libreplan.web.common.Util;
import org.libreplan.web.planner.order.IOrderPlanningGate;
import org.libreplan.web.planner.tabs.CreatedOnDemandTab.IComponentCreator;
import org.libreplan.web.resourceload.ResourceLoadController;
@ -143,13 +141,7 @@ public class ResourcesLoadTabCreator {
protected void beforeShowAction() {
if (!SecurityUtils
.isSuperuserOrUserInRoles(UserRole.ROLE_PLANNING)) {
HttpServletResponse response = (HttpServletResponse) Executions
.getCurrent().getNativeResponse();
try {
response.sendError(HttpServletResponse.SC_FORBIDDEN);
} catch (IOException e) {
throw new RuntimeException(e);
}
Util.sendForbiddenStatusCodeInHttpServletResponse();
}
}