/**
* Return an <code>Action</code> instance that will be used to process the current request,
* creating a new one if necessary.
*
* @param request The servlet request we are processing
* @param response The servlet response we are creating
* @param mapping The mapping we are using
* @return An <code>Action</code> instance that will be used to process the current request.
* @throws IOException if an input/output error occurs
*/
protected Action processActionCreate(
HttpServletRequest request, HttpServletResponse response, ActionMapping mapping)
throws IOException {
// Acquire the Action instance we will be using (if there is one)
String className = mapping.getType();
if (log.isDebugEnabled()) {
log.debug(" Looking for Action instance for class " + className);
}
// If there were a mapping property indicating whether
// an Action were a singleton or not ([true]),
// could we just instantiate and return a new instance here?
Action instance;
synchronized (actions) {
// Return any existing Action instance of this class
instance = (Action) actions.get(className);
if (instance != null) {
if (log.isTraceEnabled()) {
log.trace(" Returning existing Action instance");
}
return (instance);
}
// Create and return a new Action instance
if (log.isTraceEnabled()) {
log.trace(" Creating new Action instance");
}
try {
instance = (Action) RequestUtils.applicationInstance(className);
// Maybe we should propagate this exception
// instead of returning null.
} catch (Exception e) {
log.error(getInternal().getMessage("actionCreate", mapping.getPath()), e);
response.sendError(
HttpServletResponse.SC_INTERNAL_SERVER_ERROR,
getInternal().getMessage("actionCreate", mapping.getPath()));
return (null);
}
actions.put(className, instance);
}
if (instance.getServlet() == null) {
instance.setServlet(this.servlet);
}
return (instance);
}
/**
* If this action is protected by security roles, make sure that the current user possesses at
* least one of them. Return <code>true</code> to continue normal processing, or <code>false
* </code> if an appropriate response has been created and processing should terminate.
*
* @param request The servlet request we are processing
* @param response The servlet response we are creating
* @param mapping The mapping we are using
* @return <code>true</code> to continue normal processing; <code>false</code> if a response has
* been created.
* @throws IOException if an input/output error occurs
* @throws ServletException if a servlet exception occurs
*/
protected boolean processRoles(
HttpServletRequest request, HttpServletResponse response, ActionMapping mapping)
throws IOException, ServletException {
// Is this action protected by role requirements?
String[] roles = mapping.getRoleNames();
if ((roles == null) || (roles.length < 1)) {
return (true);
}
// Check the current user against the list of required roles
for (int i = 0; i < roles.length; i++) {
if (request.isUserInRole(roles[i])) {
if (log.isDebugEnabled()) {
log.debug(
" User '"
+ request.getRemoteUser()
+ "' has role '"
+ roles[i]
+ "', granting access");
}
return (true);
}
}
// The current user is not authorized for this action
if (log.isDebugEnabled()) {
log.debug(
" User '"
+ request.getRemoteUser()
+ "' does not have any required role, denying access");
}
response.sendError(
HttpServletResponse.SC_FORBIDDEN,
getInternal().getMessage("notAuthorized", mapping.getPath()));
return (false);
}
/**
* If this request was not cancelled, and the request's {@link ActionMapping} has not disabled
* validation, call the <code>validate</code> method of the specified {@link ActionForm}, and
* forward to the input path if there were any errors. Return <code>true</code> if we should
* continue processing, or <code>false</code> if we have already forwarded control back to the
* input form.
*
* @param request The servlet request we are processing
* @param response The servlet response we are creating
* @param form The ActionForm instance we are populating
* @param mapping The ActionMapping we are using
* @return <code>true</code> to continue normal processing; <code>false</code> if a response has
* been created.
* @throws IOException if an input/output error occurs
* @throws ServletException if a servlet exception occurs
* @throws InvalidCancelException if a cancellation is attempted without the proper action
* configuration.
*/
protected boolean processValidate(
HttpServletRequest request,
HttpServletResponse response,
ActionForm form,
ActionMapping mapping)
throws IOException, ServletException, InvalidCancelException {
if (form == null) {
return (true);
}
// Has validation been turned off for this mapping?
if (!mapping.getValidate()) {
return (true);
}
// Was this request cancelled? If it has been, the mapping also
// needs to state whether the cancellation is permissable; otherwise
// the cancellation is considered to be a symptom of a programmer
// error or a spoof.
if (request.getAttribute(Globals.CANCEL_KEY) != null) {
if (mapping.getCancellable()) {
if (log.isDebugEnabled()) {
log.debug(" Cancelled transaction, skipping validation");
}
return (true);
} else {
request.removeAttribute(Globals.CANCEL_KEY);
throw new InvalidCancelException();
}
}
// Call the form bean's validation method
if (log.isDebugEnabled()) {
log.debug(" Validating input form properties");
}
ActionMessages errors = form.validate(mapping, request);
if ((errors == null) || errors.isEmpty()) {
if (log.isTraceEnabled()) {
log.trace(" No errors detected, accepting input");
}
return (true);
}
// Special handling for multipart request
if (form.getMultipartRequestHandler() != null) {
if (log.isTraceEnabled()) {
log.trace(" Rolling back multipart request");
}
form.getMultipartRequestHandler().rollback();
}
// Was an input path (or forward) specified for this mapping?
String input = mapping.getInput();
if (input == null) {
if (log.isTraceEnabled()) {
log.trace(" Validation failed but no input form available");
}
response.sendError(
HttpServletResponse.SC_INTERNAL_SERVER_ERROR,
getInternal().getMessage("noInput", mapping.getPath()));
return (false);
}
// Save our error messages and return to the input form if possible
if (log.isDebugEnabled()) {
log.debug(" Validation failed, returning to '" + input + "'");
}
request.setAttribute(Globals.ERROR_KEY, errors);
if (moduleConfig.getControllerConfig().getInputForward()) {
ForwardConfig forward = mapping.findForward(input);
processForwardConfig(request, response, forward);
} else {
internalModuleRelativeForward(input, request, response);
}
return (false);
}
