You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@roller.apache.org by sn...@apache.org on 2005/10/06 22:14:11 UTC
svn commit: r306876 - in /incubator/roller/branches/roller_2.0:
src/org/roller/business/hibernate/ src/org/roller/presentation/
src/org/roller/presentation/ajax/
src/org/roller/presentation/website/actions/ web/WEB-INF/classes/
web/theme/scripts/ web/w...
Author: snoopdave
Date: Thu Oct 6 13:13:54 2005
New Revision: 306876
URL: http://svn.apache.org/viewcvs?rev=306876&view=rev
Log:
Fixes for ROL-836 and ROL-835
Modified:
incubator/roller/branches/roller_2.0/src/org/roller/business/hibernate/HibernateUserManagerImpl.java
incubator/roller/branches/roller_2.0/src/org/roller/presentation/RollerSession.java
incubator/roller/branches/roller_2.0/src/org/roller/presentation/ajax/UserDataServlet.java
incubator/roller/branches/roller_2.0/src/org/roller/presentation/website/actions/CreateWebsiteAction.java
incubator/roller/branches/roller_2.0/web/WEB-INF/classes/ApplicationResources.properties
incubator/roller/branches/roller_2.0/web/theme/scripts/ajax-user.js
incubator/roller/branches/roller_2.0/web/website/InviteMember.jsp
incubator/roller/branches/roller_2.0/web/website/UserAdmin.jsp
incubator/roller/branches/roller_2.0/web/website/YourWebsites.jsp
incubator/roller/branches/roller_2.0/web/website/YourWebsitesSidebar.jsp
Modified: incubator/roller/branches/roller_2.0/src/org/roller/business/hibernate/HibernateUserManagerImpl.java
URL: http://svn.apache.org/viewcvs/incubator/roller/branches/roller_2.0/src/org/roller/business/hibernate/HibernateUserManagerImpl.java?rev=306876&r1=306875&r2=306876&view=diff
==============================================================================
--- incubator/roller/branches/roller_2.0/src/org/roller/business/hibernate/HibernateUserManagerImpl.java (original)
+++ incubator/roller/branches/roller_2.0/src/org/roller/business/hibernate/HibernateUserManagerImpl.java Thu Oct 6 13:13:54 2005
@@ -574,7 +574,7 @@
List results = new ArrayList();
if (enabled != null)
{
- criteria.add(Expression.eq("enabled", Boolean.TRUE));
+ criteria.add(Expression.eq("enabled", enabled));
}
if (startsWith != null)
{
Modified: incubator/roller/branches/roller_2.0/src/org/roller/presentation/RollerSession.java
URL: http://svn.apache.org/viewcvs/incubator/roller/branches/roller_2.0/src/org/roller/presentation/RollerSession.java?rev=306876&r1=306875&r2=306876&view=diff
==============================================================================
--- incubator/roller/branches/roller_2.0/src/org/roller/presentation/RollerSession.java (original)
+++ incubator/roller/branches/roller_2.0/src/org/roller/presentation/RollerSession.java Thu Oct 6 13:13:54 2005
@@ -65,7 +65,11 @@
{
UserManager umgr = RollerFactory.getRoller().getUserManager();
UserData user = umgr.getUser(principal.getName());
- rollerSession.setAuthenticatedUser(user);
+ // only set authenticated user if user is enabled
+ if (user.getEnabled().booleanValue())
+ {
+ rollerSession.setAuthenticatedUser(user);
+ }
}
catch (RollerException e)
{
@@ -189,7 +193,8 @@
public boolean isGlobalAdminUser() throws RollerException
{
UserData user = getAuthenticatedUser();
- if (user != null && user.hasRole("admin")) return true;
+ if (user != null && user.hasRole("admin")
+ && user.getEnabled().booleanValue()) return true;
return false;
}
@@ -199,7 +204,10 @@
public boolean isUserAuthorized(WebsiteData website)
throws RollerException
{
- return hasPermissions(website, PermissionsData.LIMITED);
+ UserData user = getAuthenticatedUser();
+ if (user != null && user.getEnabled().booleanValue())
+ return hasPermissions(website, PermissionsData.LIMITED);
+ return false;
}
/**
@@ -208,7 +216,10 @@
public boolean isUserAuthorizedToAuthor(WebsiteData website)
throws RollerException
{
- return hasPermissions(website, PermissionsData.AUTHOR);
+ UserData user = getAuthenticatedUser();
+ if (user != null && user.getEnabled().booleanValue())
+ return hasPermissions(website, PermissionsData.AUTHOR);
+ return false;
}
/**
@@ -217,7 +228,10 @@
public boolean isUserAuthorizedToAdmin(WebsiteData website)
throws RollerException
{
- return hasPermissions(website, PermissionsData.ADMIN);
+ UserData user = getAuthenticatedUser();
+ if (user != null && user.getEnabled().booleanValue())
+ return hasPermissions(website, PermissionsData.ADMIN);
+ return false;
}
private boolean hasPermissions(WebsiteData website, short mask)
Modified: incubator/roller/branches/roller_2.0/src/org/roller/presentation/ajax/UserDataServlet.java
URL: http://svn.apache.org/viewcvs/incubator/roller/branches/roller_2.0/src/org/roller/presentation/ajax/UserDataServlet.java?rev=306876&r1=306875&r2=306876&view=diff
==============================================================================
--- incubator/roller/branches/roller_2.0/src/org/roller/presentation/ajax/UserDataServlet.java (original)
+++ incubator/roller/branches/roller_2.0/src/org/roller/presentation/ajax/UserDataServlet.java Thu Oct 6 13:13:54 2005
@@ -19,6 +19,7 @@
* Return list of users matching a startsWith strings. <br />
* Accepts request params (none required):<br />
* startsWith: string to be matched against username and email address<br />
+ * enabled: true include only enabled users (default: no restriction<br />
* offset: offset into results (for paging)<br />
* length: number of users to return (max is 50)<br /><br />
* List format:<br />
@@ -28,7 +29,7 @@
* usernameN, emailaddressN <br/>
*
* @web.servlet name="UserDataServlet"
- * @web.servlet-mapping url-pattern="/userdata/*"
+ * @web.servlet-mapping url-pattern="/editor/userdata/*"
* @author David M Johnson
*/
public class UserDataServlet extends HttpServlet {
@@ -36,9 +37,12 @@
public void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
- String startsWith = request.getParameter("startsWith");
+ String startsWith = request.getParameter("startsWith");
+ Boolean enabledOnly = null;
int offset = 0;
int length = MAX_LENGTH;
+ if ("true".equals(request.getParameter("enabled"))) enabledOnly = Boolean.TRUE;
+ if ("false".equals(request.getParameter("enabled"))) enabledOnly = Boolean.FALSE;
try { offset = Integer.parseInt(request.getParameter("offset"));
} catch (Throwable ignored) {}
try { length = Integer.parseInt(request.getParameter("length"));
@@ -48,7 +52,7 @@
try {
UserManager umgr = roller.getUserManager();
List users =
- umgr.getUsersStartingWith(startsWith, offset, length, Boolean.TRUE);
+ umgr.getUsersStartingWith(startsWith, offset, length, enabledOnly);
Iterator userIter = users.iterator();
while (userIter.hasNext()) {
UserData user = (UserData)userIter.next();
Modified: incubator/roller/branches/roller_2.0/src/org/roller/presentation/website/actions/CreateWebsiteAction.java
URL: http://svn.apache.org/viewcvs/incubator/roller/branches/roller_2.0/src/org/roller/presentation/website/actions/CreateWebsiteAction.java?rev=306876&r1=306875&r2=306876&view=diff
==============================================================================
--- incubator/roller/branches/roller_2.0/src/org/roller/presentation/website/actions/CreateWebsiteAction.java (original)
+++ incubator/roller/branches/roller_2.0/src/org/roller/presentation/website/actions/CreateWebsiteAction.java Thu Oct 6 13:13:54 2005
@@ -76,6 +76,7 @@
HttpServletResponse response)
throws Exception
{
+ ActionForward forward = mapping.findForward("createWebsite.page");
CreateWebsiteForm form = (CreateWebsiteForm)actionForm;
RollerSession rses = RollerSession.getRollerSession(request);
@@ -84,10 +85,18 @@
form.setTimeZone(user.getTimeZone());
form.setEmailAddress(user.getEmailAddress());
- request.setAttribute("model",
- new CreateWebsitePageModel(request, response, mapping, null));
-
- ActionForward forward = mapping.findForward("createWebsite.page");
+ if (!RollerConfig.getBooleanProperty("groupblogging.enabled")) {
+ Roller roller = RollerFactory.getRoller();
+ List permissions = roller.getUserManager().getAllPermissions(user);
+ if (permissions.size() > 0) {
+ // sneaky user trying to get around 1 blog limit that applies
+ // only when group blogging is disabled
+ forward = mapping.findForward("access-denied");
+ }
+ } else {
+ request.setAttribute("model",
+ new CreateWebsitePageModel(request, response, mapping, null));
+ }
return forward;
}
@@ -102,7 +111,8 @@
CreateWebsiteForm form = (CreateWebsiteForm)actionForm;
ActionMessages msgs = new ActionMessages();
ActionMessages errors = validate(form, new ActionErrors());
- ActionForward forward = mapping.findForward("yourWebsites");
+ ActionForward forward = mapping.findForward("yourWebsites");
+ Roller roller = RollerFactory.getRoller();
WebsiteData website = null;
if (!errors.isEmpty())
{
@@ -114,29 +124,38 @@
RollerContext rollerContext = RollerContext.getRollerContext(request);
UserData user =
RollerSession.getRollerSession(request).getAuthenticatedUser();
- UserManager mgr = RollerFactory.getRoller().getUserManager();
-
- // Need system user to create website
- RollerFactory.getRoller().setUser(UserData.SYSTEM_USER);
- HashMap pages = null; //rollerContext.readThemeMacros(form.getTheme());
- website = mgr.createWebsite(
- user,
- pages,
- form.getHandle(),
- form.getName(),
- form.getDescription(),
- form.getEmailAddress(),
- form.getTheme(),
- form.getLocale(),
- form.getTimeZone());
- RollerFactory.getRoller().commit();
+ UserManager mgr = roller.getUserManager();
- request.setAttribute("model",
- new CreateWebsitePageModel(request, response, mapping, website));
-
- msgs.add(ActionMessages.GLOBAL_MESSAGE,
- new ActionMessage("createWebsite.created", form.getHandle()));
- saveMessages(request, msgs);
+ if (!RollerConfig.getBooleanProperty("groupblogging.enabled")) {
+ List permissions = roller.getUserManager().getAllPermissions(user);
+ if (permissions.size() > 0) {
+ // sneaky user trying to get around 1 blog limit that applies
+ // only when group blogging is disabled
+ forward = mapping.findForward("access-denied");
+ }
+ } else {
+ // Need system user to create website
+ roller.setUser(UserData.SYSTEM_USER);
+ HashMap pages = null; //rollerContext.readThemeMacros(form.getTheme());
+ website = mgr.createWebsite(
+ user,
+ pages,
+ form.getHandle(),
+ form.getName(),
+ form.getDescription(),
+ form.getEmailAddress(),
+ form.getTheme(),
+ form.getLocale(),
+ form.getTimeZone());
+ roller.commit();
+
+ request.setAttribute("model",
+ new CreateWebsitePageModel(request, response, mapping, website));
+
+ msgs.add(ActionMessages.GLOBAL_MESSAGE,
+ new ActionMessage("createWebsite.created", form.getHandle()));
+ saveMessages(request, msgs);
+ }
}
catch (RollerException e)
{
Modified: incubator/roller/branches/roller_2.0/web/WEB-INF/classes/ApplicationResources.properties
URL: http://svn.apache.org/viewcvs/incubator/roller/branches/roller_2.0/web/WEB-INF/classes/ApplicationResources.properties?rev=306876&r1=306875&r2=306876&view=diff
==============================================================================
--- incubator/roller/branches/roller_2.0/web/WEB-INF/classes/ApplicationResources.properties (original)
+++ incubator/roller/branches/roller_2.0/web/WEB-INF/classes/ApplicationResources.properties Thu Oct 6 13:13:54 2005
@@ -357,6 +357,27 @@
errorPage.message=Roller has encountered and logged an unexpected exception.
errorPage.reason=Reason
+error.title.403=Access Denied (403)
+error.text.403=You do not have the privilege necessary to access the page you \
+requested.
+
+error.title.404=Sorry! We couldn't find your document (404)
+error.text.404=The file that you requested could not be found on this server.
+
+error.permissions.deniedSave=Access Denied (you logged in as a different user?)
+
+error.permissionDenied.title=Permission Denied
+error.permissionDenied.prompt=Possible causes:
+error.permissionDenied.reason0=You requested a weblog entry that you do not have \
+permission to edit (perhaps one you've already submitted for review?).
+error.permissionDenied.reason1=You tried to save an object from "stale" web page, \
+left by an earlier login under a different user account.
+error.permissionDenied.reason2=You logged in using incorrect capitalization of \
+your username. To resolve this problem, logout and login again with your \
+correct username.
+error.permissionDenied.reason3=Your blog server's database connection is \
+misconfigured. To resolve this problem, see your system adminstrator.
+
#-------------------------------------------------------------- Struts Validator
errors.header=<div class="error"><ul>
@@ -381,27 +402,6 @@
errors.noslashes={0} may not include '/' slash characters.
error.noTrackbackUrlSpecified=You did not specify a Trackback URL
-error.title.403=Access Denied (403)
-error.text.403=You do not have the privilege necessary to access the page you \
-requested.
-
-error.title.404=Sorry! We couldn't find your document (404)
-error.text.404=The file that you requested could not be found on this server.
-
-error.permissions.deniedSave=Access Denied (you logged in as a different user?)
-
-error.permissionDenied.title=Permission Denied
-error.permissionDenied.prompt=Possible causes:
-error.permissionDenied.reason0=You requested a weblog entry that you do not have \
-permission to edit (perhaps one you've already submitted for review?).
-error.permissionDenied.reason1=You tried to save an object from "stale" web page, \
-left by an earlier login under a different user account.
-error.permissionDenied.reason2=You logged in using incorrect capitalization of \
-your username. To resolve this problem, logout and login again with your \
-correct username.
-error.permissionDenied.reason3=Your blog server's database connection is \
-misconfigured. To resolve this problem, see your system adminstrator.
-
# -------------------------------------------------------------------- error.jsp
errorPage.title=Unexpected Exception
@@ -438,9 +438,13 @@
# ----------------------------------------------------------------- Invite member
inviteMember.title=Invite New Member
-inviteMember.description=Invite a user to join this weblog by selecting his or \
+
+inviteMember.subtitle=Invite a new user to join this weblog
+inviteMember.prompt=Invite a user to join this weblog by selecting his or \
her email address below, picking a permission for them and clicking the send \
-invitation button.
+invitation button. If the user is not shown in the list below, type the first \
+couple of letters of the username or email address view matches.
+
inviteMember.userName=Username
inviteMember.administrator=Admin
inviteMember.author=Author
@@ -1036,14 +1040,17 @@
# ------------------------------------------------------------------- User admin
userAdmin.title.searchUser=Find user to edit
-userAdmin.subtitle.searchUser=Find user by typing first letters of username \
-or password. Click edit button once you have found your user.
+userAdmin.subtitle.searchUser=Select user to administer
+userAdmin.prompt.searchUser=Find user by typing first letters of username \
+or password. Select user and click edit button once you have found your user.
userAdmin.title.editUser=Editing user [{0}]
-userAdmin.subtitle.editUser=You can change a user's profile, give them \
+userAdmin.subtitle.editUser=Change users profile and admin permissions
+userAdmin.prompt.editUser=You can change a user's profile, give them \
global admin privileges or even delete them permanently. \
-NOTE: You can reset a users password here, but if they use Roller's remember \
-me feature, they may have to clear browser cookies before they can login again.
+NOTE: You can also reset a users password here, but if they use Roller's \
+remember me feature, they may have to clear browser cookies before they can \
+login again.
userAdmin.title.createNewUser=Creating new user
userAdmin.subtitle.createNewUser=Create new user, all fields are required.
Modified: incubator/roller/branches/roller_2.0/web/theme/scripts/ajax-user.js
URL: http://svn.apache.org/viewcvs/incubator/roller/branches/roller_2.0/web/theme/scripts/ajax-user.js?rev=306876&r1=306875&r2=306876&view=diff
==============================================================================
--- incubator/roller/branches/roller_2.0/web/theme/scripts/ajax-user.js (original)
+++ incubator/roller/branches/roller_2.0/web/theme/scripts/ajax-user.js Thu Oct 6 13:13:54 2005
@@ -12,21 +12,23 @@
}
var http = createRequestObject();
var init = false;
-var userURL = "<%= request.getContextPath() %>" + "/userdata";
+var isBusy = false;
+var userURL = "<%= request.getContextPath() %>" + "/editor/userdata?length=50";
-function onUserNameFocus() {
+function onUserNameFocus(enabled) {
if (!init) {
init = true;
- sendUserRequest(userURL);
+ u = userURL;
+ if (enabled != null) u = u + "&enabled=" + enabled;
+ sendUserRequest(u);
}
}
-function onUserNameChange() {
+function onUserNameChange(enabled) {
+ u = userURL;
+ if (enabled != null) u = u + "&enabled=" + enabled;
userName = document.getElementById("userName");
- if (userName.value.length > 0) {
- sendUserRequest(userURL + "?startsWith=" + userName.value);
- } else {
- sendUserRequest(userURL);
- }
+ if (userName.value.length > 0) u = u + "&startsWith=" + userName.value;
+ sendUserRequest(u);
}
function onUserSelected() {
userList = document.getElementById("userList");
@@ -35,6 +37,8 @@
userName.value = user.value;
}
function sendUserRequest(url) {
+ if (isBusy) http.abort();
+ isBusy = true;
http.open('get', url);
http.onreadystatechange = handleUserResponse;
http.send(null);
@@ -58,6 +62,6 @@
}
}
}
- //userList.onchange = onUserSelected();
+ isBusy = false;
}
}
Modified: incubator/roller/branches/roller_2.0/web/website/InviteMember.jsp
URL: http://svn.apache.org/viewcvs/incubator/roller/branches/roller_2.0/web/website/InviteMember.jsp?rev=306876&r1=306875&r2=306876&view=diff
==============================================================================
--- incubator/roller/branches/roller_2.0/web/website/InviteMember.jsp (original)
+++ incubator/roller/branches/roller_2.0/web/website/InviteMember.jsp Thu Oct 6 13:13:54 2005
@@ -10,7 +10,8 @@
// -->
</script>
-<p class="subtitle"><fmt:message key="inviteMember.description" /></p>
+<p class="subtitle"><fmt:message key="inviteMember.subtitle" /></p>
+<p><fmt:message key="inviteMember.prompt" /></p>
<html:form action="/editor/inviteMember" method="post" focus="userName">
<html:hidden property="websiteId" />
@@ -21,7 +22,7 @@
<fmt:message key="inviteMember.userName" /></label>
<div>
<input name="userName" id="userName" size="30" maxlength="30"
- onfocus="onUserNameFocus()" onkeyup="onUserNameChange()" /><br />
+ onfocus="onUserNameFocus(true)" onkeyup="onUserNameChange(true)" /><br />
</div>
</div>
Modified: incubator/roller/branches/roller_2.0/web/website/UserAdmin.jsp
URL: http://svn.apache.org/viewcvs/incubator/roller/branches/roller_2.0/web/website/UserAdmin.jsp?rev=306876&r1=306875&r2=306876&view=diff
==============================================================================
--- incubator/roller/branches/roller_2.0/web/website/UserAdmin.jsp (original)
+++ incubator/roller/branches/roller_2.0/web/website/UserAdmin.jsp Thu Oct 6 13:13:54 2005
@@ -13,6 +13,7 @@
<c:if test="${empty userAdminForm.userName}">
<p class="subtitle"><fmt:message key="userAdmin.subtitle.searchUser" /></p>
+ <p><fmt:message key="userAdmin.prompt.searchUser" /></p>
<html:form action="/admin/user" method="post" focus="userName">
<input name="method" type="hidden" value="edit" />
@@ -21,7 +22,7 @@
<fmt:message key="inviteMember.userName" /></label>
<div>
<input name="userName" id="userName" size="30" maxlength="30"
- onfocus="onUserNameFocus()" onkeyup="onUserNameChange()" /><br />
+ onfocus="onUserNameFocus(null)" onkeyup="onUserNameChange(null)" /><br />
</div>
</div>
<div class="formrow">
@@ -44,12 +45,14 @@
<c:choose>
<c:when test="${not empty userAdminForm.userName}">
<p class="subtitle"><fmt:message key="userAdmin.subtitle.editUser" /></p>
+ <p><fmt:message key="userAdmin.prompt.editUser" /></p>
</c:when>
<c:otherwise>
<h1>
<fmt:message key="userAdmin.title.createNewUser" />
</h1>
<p class="subtitle"><fmt:message key="userAdmin.subtitle.createNewUser" /></p>
+ <p><fmt:message key="userAdmin.prompt.createNewUser" /></p>
</c:otherwise>
</c:choose>
Modified: incubator/roller/branches/roller_2.0/web/website/YourWebsites.jsp
URL: http://svn.apache.org/viewcvs/incubator/roller/branches/roller_2.0/web/website/YourWebsites.jsp?rev=306876&r1=306875&r2=306876&view=diff
==============================================================================
--- incubator/roller/branches/roller_2.0/web/website/YourWebsites.jsp (original)
+++ incubator/roller/branches/roller_2.0/web/website/YourWebsites.jsp Thu Oct 6 13:13:54 2005
@@ -5,16 +5,12 @@
<c:choose>
<%-- PROMPT: Welcome... you have no blog --%>
- <c:when test="${model.groupBloggingEnabled && empty model.permissions && empty model.pendings}">
+ <c:when test="${empty model.permissions && empty model.pendings}">
<p><fmt:message key="yourWebsites.prompt.noBlog" />
<roller:link page="/editor/createWebsite.do">
<fmt:message key="yourWebsites.createOne" />
</roller:link></p>
- </c:when>
-
- <c:when test="${!model.groupBloggingEnabled && empty model.permissions && empty model.pendings}">
- <p><fmt:message key="yourWebsites.prompt.noBlogNoCreate" /></p>
- </c:when>
+ </c:when>
<%-- PROMPT: You have invitation(s) --%>
<c:when test="${!empty model.pendings}">
Modified: incubator/roller/branches/roller_2.0/web/website/YourWebsitesSidebar.jsp
URL: http://svn.apache.org/viewcvs/incubator/roller/branches/roller_2.0/web/website/YourWebsitesSidebar.jsp?rev=306876&r1=306875&r2=306876&view=diff
==============================================================================
--- incubator/roller/branches/roller_2.0/web/website/YourWebsitesSidebar.jsp (original)
+++ incubator/roller/branches/roller_2.0/web/website/YourWebsitesSidebar.jsp Thu Oct 6 13:13:54 2005
@@ -8,7 +8,7 @@
<h3><fmt:message key="yourWebsites.actions" /></h3>
<hr size="1" noshade="noshade" />
- <c:if test="${model.groupBloggingEnabled}">
+ <c:if test="${model.groupBloggingEnabled || (empty model.permissions && empty model.pendings)}">
<h3>
<roller:link forward="createWebsite">
<fmt:message key="yourWebsites.createWeblog" />