/**
* Initialize topic values for the topic being edited. If a topic with the specified name already
* exists then it will be initialized, otherwise a new topic is created.
*/
private Topic loadTopic(String virtualWiki, String topicName) throws Exception {
Topic topic = ServletUtil.initializeTopic(virtualWiki, topicName);
if (topic.getReadOnly()) {
throw new WikiException(new WikiMessage("error.readonly"));
}
return topic;
}
/**
* Determine if a user has permission to move a topic.
*
* @param virtualWiki The virtual wiki name for the topic in question.
* @param topicName The name of the topic in question.
* @param user The current Wiki user, or <code>null</code> if there is no current user.
* @return <code>true</code> if the user is allowed to move the topic, <code>false</code>
* otherwise.
*/
protected static boolean isMoveable(String virtualWiki, String topicName, WikiUser user)
throws Exception {
if (user == null || !user.hasRole(Role.ROLE_MOVE)) {
// no permission granted to move pages
return false;
}
Topic topic = WikiBase.getDataHandler().lookupTopic(virtualWiki, topicName, false, null);
if (topic == null) {
// cannot move a topic that doesn't exist
return false;
}
if (topic.getReadOnly()) {
return false;
}
if (topic.getAdminOnly() && (user == null || !user.hasRole(Role.ROLE_ADMIN))) {
return false;
}
return true;
}
private ModelAndView loginRequired(HttpServletRequest request, WikiPageInfo pageInfo)
throws Exception {
String topicName = WikiUtil.getTopicFromRequest(request);
String virtualWiki = pageInfo.getVirtualWikiName();
WikiUserDetailsImpl user = ServletUtil.currentUserDetails();
if (ServletUtil.isEditable(virtualWiki, topicName, user)) {
return null;
}
if (!user.hasRole(Role.ROLE_EDIT_EXISTING)) {
WikiMessage messageObject = new WikiMessage("login.message.edit");
return ServletUtil.viewLogin(
request, pageInfo, WikiUtil.getTopicFromURI(request), messageObject);
}
if (!user.hasRole(Role.ROLE_EDIT_NEW)
&& WikiBase.getDataHandler().lookupTopic(virtualWiki, topicName, false, null) == null) {
WikiMessage messageObject = new WikiMessage("login.message.editnew");
return ServletUtil.viewLogin(
request, pageInfo, WikiUtil.getTopicFromURI(request), messageObject);
}
Topic topic = WikiBase.getDataHandler().lookupTopic(virtualWiki, topicName, false, null);
if (topic == null) {
// this should never trigger, but better safe than sorry...
return null;
}
if (topic.getAdminOnly()) {
WikiMessage messageObject = new WikiMessage("login.message.editadmin", topicName);
return ServletUtil.viewLogin(
request, pageInfo, WikiUtil.getTopicFromURI(request), messageObject);
}
if (topic.getReadOnly()) {
throw new WikiException(new WikiMessage("error.readonly"));
}
// it should be impossible to get here...
throw new WikiException(
new WikiMessage("error.unknown", "Unable to determine topic editing permissions"));
}
/**
* Determine if a user has permission to edit a topic.
*
* @param virtualWiki The virtual wiki name for the topic in question.
* @param topicName The name of the topic in question.
* @param user The current Wiki user, or <code>null</code> if there is no current user.
* @return <code>true</code> if the user is allowed to edit the topic, <code>false</code>
* otherwise.
*/
protected static boolean isEditable(String virtualWiki, String topicName, WikiUser user)
throws Exception {
if (user == null || !user.hasRole(Role.ROLE_EDIT_EXISTING)) {
// user does not have appropriate permissions
return false;
}
if (!user.hasRole(Role.ROLE_EDIT_NEW)
&& WikiBase.getDataHandler().lookupTopic(virtualWiki, topicName, false, null) == null) {
// user does not have appropriate permissions
return false;
}
Topic topic = WikiBase.getDataHandler().lookupTopic(virtualWiki, topicName, false, null);
if (topic == null) {
// new topic, edit away...
return true;
}
if (topic.getAdminOnly() && (user == null || !user.hasRole(Role.ROLE_ADMIN))) {
return false;
}
if (topic.getReadOnly()) {
return false;
}
return true;
}