@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp)
throws ServletException, IOException {
UserPermissionsBean userPermissionsBean =
(UserPermissionsBean) req.getAttribute(AuthRequestAttribute.USER_PERMISSIONS.getName());
if (userPermissionsBean.getViewSessions() && userPermissionsBean.getViewSessionPermissions())
req.getRequestDispatcher("/WEB-INF/auth/session-permissions.jsp").forward(req, resp);
else resp.sendRedirect("/auth/settings");
}
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp)
throws ServletException, IOException {
UserPermissionsBean userPermissionsBean =
(UserPermissionsBean) req.getAttribute(AuthRequestAttribute.USER_PERMISSIONS.getName());
if (userPermissionsBean.getViewSessions() && userPermissionsBean.getViewSessionPermissions()) {
if (userPermissionsBean.getChangeSessionPermissions()) {
long sessionPermissionsCode = 0;
if (req.getParameter(HtmlVariable.VIEW_SESSIONS.getName()) != null)
sessionPermissionsCode =
sessionPermissionsCode + SessionPermissions.VIEW_SESSIONS.getCode();
if (req.getParameter(HtmlVariable.DISCONNECT_SESSIONS.getName()) != null)
sessionPermissionsCode =
sessionPermissionsCode + SessionPermissions.DISCONNECT_SESSIONS.getCode();
if (req.getParameter(HtmlVariable.VIEW_SESSION_PERMISSIONS.getName()) != null)
sessionPermissionsCode =
sessionPermissionsCode + SessionPermissions.VIEW_SESSION_PERMISSIONS.getCode();
if (req.getParameter(HtmlVariable.CHANGE_SESSION_PERMISSIONS.getName()) != null)
sessionPermissionsCode =
sessionPermissionsCode + SessionPermissions.CHANGE_SESSION_PERMISSIONS.getCode();
Error error = Error.NONE;
UserBean userBean = (UserBean) req.getAttribute(AuthRequestAttribute.USER.getName());
DatastoreService datastore = DatastoreServiceFactory.getDatastoreService();
Transaction txn = datastore.beginTransaction(TransactionOptions.Builder.withXG(true));
User user = UserFactory.getByKey(datastore, txn, userBean.getKey());
UserPermissions userPermissions = null;
if (user == null) error = Error.NON_EXISTENT_USER;
else if ((userPermissions =
PermissionsFactory.getUserPermissionsByUserId(datastore, txn, user.getUserId()))
== null) error = Error.NO_PERMISSIONS;
else
try {
userPermissions.setSessionPermissions(sessionPermissionsCode);
PermissionsFactory.updateUserPermissions(datastore, txn, userPermissions);
txn.commit();
userPermissionsBean = new UserPermissionsBean(userPermissions);
req.setAttribute(AuthRequestAttribute.USER_PERMISSIONS.getName(), userPermissionsBean);
} catch (ConcurrentModificationException e) {
error = Error.ERROR_IN_SESSION_PERMISSIONS;
}
if (error != Error.NONE && txn.isActive()) txn.rollback();
if (userPermissionsBean.getViewSessions()
&& userPermissionsBean.getViewSessionPermissions()) {
req.setAttribute(HtmlVariable.ERROR.getName(), error.toString());
req.getRequestDispatcher("/WEB-INF/auth/session-permissions.jsp").forward(req, resp);
} else resp.sendRedirect("/auth/settings");
} else req.getRequestDispatcher("/WEB-INF/auth/session-permissions.jsp").forward(req, resp);
} else resp.sendRedirect("/auth/settings");
}
