/** * This method handles the request after its parent class receives control. * * @param request - Standard HttpServletRequest object. * @param response - Standard HttpServletResponse object. * @return A <code>ModelAndView</code> object to be handled by the rest of the Spring framework. */ protected ModelAndView handleJAMWikiRequest( HttpServletRequest request, HttpServletResponse response, ModelAndView next, WikiPageInfo pageInfo) throws Exception { if (!Utilities.isAdmin(request)) { WikiMessage errorMessage = new WikiMessage("admin.message.loginrequired"); return ServletUtil.viewLogin(request, pageInfo, "Special:Admin", errorMessage); } String function = request.getParameter("function"); if (!StringUtils.hasText(function)) { view(request, next, pageInfo, null); } else if (function.equals("refreshIndex")) { refreshIndex(request, next, pageInfo); } else if (function.equals("properties")) { properties(request, next, pageInfo); } else if (function.equals("addVirtualWiki")) { addVirtualWiki(request, next, pageInfo); } else if (function.equals("recentChanges")) { recentChanges(request, next, pageInfo); } else if (function.equals("spamFilter")) { spamFilter(request, next, pageInfo); } return next; }
private ModelAndView loginRequired(HttpServletRequest request, WikiPageInfo pageInfo) throws Exception { String topicName = WikiUtil.getTopicFromRequest(request); String virtualWiki = pageInfo.getVirtualWikiName(); WikiUserDetailsImpl user = ServletUtil.currentUserDetails(); if (ServletUtil.isEditable(virtualWiki, topicName, user)) { return null; } if (!user.hasRole(Role.ROLE_EDIT_EXISTING)) { WikiMessage messageObject = new WikiMessage("login.message.edit"); return ServletUtil.viewLogin( request, pageInfo, WikiUtil.getTopicFromURI(request), messageObject); } if (!user.hasRole(Role.ROLE_EDIT_NEW) && WikiBase.getDataHandler().lookupTopic(virtualWiki, topicName, false, null) == null) { WikiMessage messageObject = new WikiMessage("login.message.editnew"); return ServletUtil.viewLogin( request, pageInfo, WikiUtil.getTopicFromURI(request), messageObject); } Topic topic = WikiBase.getDataHandler().lookupTopic(virtualWiki, topicName, false, null); if (topic == null) { // this should never trigger, but better safe than sorry... return null; } if (topic.getAdminOnly()) { WikiMessage messageObject = new WikiMessage("login.message.editadmin", topicName); return ServletUtil.viewLogin( request, pageInfo, WikiUtil.getTopicFromURI(request), messageObject); } if (topic.getReadOnly()) { throw new WikiException(new WikiMessage("error.readonly")); } // it should be impossible to get here... throw new WikiException( new WikiMessage("error.unknown", "Unable to determine topic editing permissions")); }