Exemple #1
0
 /**
  * Initialize topic values for the topic being edited. If a topic with the specified name already
  * exists then it will be initialized, otherwise a new topic is created.
  */
 private Topic loadTopic(String virtualWiki, String topicName) throws Exception {
   Topic topic = ServletUtil.initializeTopic(virtualWiki, topicName);
   if (topic.getReadOnly()) {
     throw new WikiException(new WikiMessage("error.readonly"));
   }
   return topic;
 }
Exemple #2
0
 /**
  * Determine if a user has permission to move a topic.
  *
  * @param virtualWiki The virtual wiki name for the topic in question.
  * @param topicName The name of the topic in question.
  * @param user The current Wiki user, or <code>null</code> if there is no current user.
  * @return <code>true</code> if the user is allowed to move the topic, <code>false</code>
  *     otherwise.
  */
 protected static boolean isMoveable(String virtualWiki, String topicName, WikiUser user)
     throws Exception {
   if (user == null || !user.hasRole(Role.ROLE_MOVE)) {
     // no permission granted to move pages
     return false;
   }
   Topic topic = WikiBase.getDataHandler().lookupTopic(virtualWiki, topicName, false, null);
   if (topic == null) {
     // cannot move a topic that doesn't exist
     return false;
   }
   if (topic.getReadOnly()) {
     return false;
   }
   if (topic.getAdminOnly() && (user == null || !user.hasRole(Role.ROLE_ADMIN))) {
     return false;
   }
   return true;
 }
Exemple #3
0
 private ModelAndView loginRequired(HttpServletRequest request, WikiPageInfo pageInfo)
     throws Exception {
   String topicName = WikiUtil.getTopicFromRequest(request);
   String virtualWiki = pageInfo.getVirtualWikiName();
   WikiUserDetailsImpl user = ServletUtil.currentUserDetails();
   if (ServletUtil.isEditable(virtualWiki, topicName, user)) {
     return null;
   }
   if (!user.hasRole(Role.ROLE_EDIT_EXISTING)) {
     WikiMessage messageObject = new WikiMessage("login.message.edit");
     return ServletUtil.viewLogin(
         request, pageInfo, WikiUtil.getTopicFromURI(request), messageObject);
   }
   if (!user.hasRole(Role.ROLE_EDIT_NEW)
       && WikiBase.getDataHandler().lookupTopic(virtualWiki, topicName, false, null) == null) {
     WikiMessage messageObject = new WikiMessage("login.message.editnew");
     return ServletUtil.viewLogin(
         request, pageInfo, WikiUtil.getTopicFromURI(request), messageObject);
   }
   Topic topic = WikiBase.getDataHandler().lookupTopic(virtualWiki, topicName, false, null);
   if (topic == null) {
     // this should never trigger, but better safe than sorry...
     return null;
   }
   if (topic.getAdminOnly()) {
     WikiMessage messageObject = new WikiMessage("login.message.editadmin", topicName);
     return ServletUtil.viewLogin(
         request, pageInfo, WikiUtil.getTopicFromURI(request), messageObject);
   }
   if (topic.getReadOnly()) {
     throw new WikiException(new WikiMessage("error.readonly"));
   }
   // it should be impossible to get here...
   throw new WikiException(
       new WikiMessage("error.unknown", "Unable to determine topic editing permissions"));
 }
Exemple #4
0
 /**
  * Determine if a user has permission to edit a topic.
  *
  * @param virtualWiki The virtual wiki name for the topic in question.
  * @param topicName The name of the topic in question.
  * @param user The current Wiki user, or <code>null</code> if there is no current user.
  * @return <code>true</code> if the user is allowed to edit the topic, <code>false</code>
  *     otherwise.
  */
 protected static boolean isEditable(String virtualWiki, String topicName, WikiUser user)
     throws Exception {
   if (user == null || !user.hasRole(Role.ROLE_EDIT_EXISTING)) {
     // user does not have appropriate permissions
     return false;
   }
   if (!user.hasRole(Role.ROLE_EDIT_NEW)
       && WikiBase.getDataHandler().lookupTopic(virtualWiki, topicName, false, null) == null) {
     // user does not have appropriate permissions
     return false;
   }
   Topic topic = WikiBase.getDataHandler().lookupTopic(virtualWiki, topicName, false, null);
   if (topic == null) {
     // new topic, edit away...
     return true;
   }
   if (topic.getAdminOnly() && (user == null || !user.hasRole(Role.ROLE_ADMIN))) {
     return false;
   }
   if (topic.getReadOnly()) {
     return false;
   }
   return true;
 }