Menu
▾
▴
treebase-guts
|
From: <rv...@us...> - 2010-01-12 17:18:49
|
Revision: 415
http://treebase.svn.sourceforge.net/treebase/?rev=415&view=rev
Author: rvos
Date: 2010-01-12 17:18:04 +0000 (Tue, 12 Jan 2010)
Log Message:
-----------
Added boolean isReviewerAccessGranted(req) method, which checks whether the access has been granted through the special URL for reviewers
Modified Paths:
--------------
trunk/treebase-web/src/main/java/org/cipres/treebase/web/controllers/BaseFormController.java
Modified: trunk/treebase-web/src/main/java/org/cipres/treebase/web/controllers/BaseFormController.java
===================================================================
--- trunk/treebase-web/src/main/java/org/cipres/treebase/web/controllers/BaseFormController.java 2010-01-12 17:08:47 UTC (rev 414)
+++ trunk/treebase-web/src/main/java/org/cipres/treebase/web/controllers/BaseFormController.java 2010-01-12 17:18:04 UTC (rev 415)
@@ -12,6 +12,12 @@
import javax.servlet.http.HttpServletResponse;
import org.apache.log4j.Logger;
+import org.cipres.treebase.NamespacedGUID;
+import org.cipres.treebase.TreebaseIDString;
+import org.cipres.treebase.TreebaseUtil;
+import org.cipres.treebase.domain.study.Study;
+import org.cipres.treebase.web.Constants;
+import org.cipres.treebase.web.util.ControllerUtil;
import org.springframework.beans.propertyeditors.CustomDateEditor;
import org.springframework.beans.propertyeditors.CustomNumberEditor;
import org.springframework.validation.BindException;
@@ -138,17 +144,32 @@
@Override
protected ModelAndView showForm(
- HttpServletRequest pArg0,
- HttpServletResponse pArg1,
- BindException pArg2,
- Map pArg3) throws Exception {
- if (isAuthorizationChecked()) {
- return super.showForm(pArg0, pArg1, pArg2, pArg3);
+ HttpServletRequest pRequest,
+ HttpServletResponse pResponse,
+ BindException pBindException,
+ Map pMap) throws Exception {
+ if (isAuthorizationChecked() || isReviewerAccessGranted(pRequest)) {
+ return super.showForm(pRequest, pResponse, pBindException, pMap);
} else {
return new ModelAndView(AUTHORIZATION_VIOLATION_VIEW);
}
}
+ private boolean isReviewerAccessGranted(HttpServletRequest pRequest) {
+ boolean reviewerAccessGranted = false;
+ String storedHashedStudyId = pRequest.getSession().getAttribute(Constants.X_ACCESS_CODE).toString();
+ if ( ! TreebaseUtil.isEmpty(storedHashedStudyId) ) {
+ Long studyId = ControllerUtil.getStudyId(pRequest);
+ TreebaseIDString treebaseIDString = new TreebaseIDString(Study.class,studyId);
+ NamespacedGUID namespacedGUID = treebaseIDString.getNamespacedGUID();
+ String computedHashedStudyId = namespacedGUID.getHashedIDString();
+ if ( storedHashedStudyId.equals(computedHashedStudyId) ) {
+ reviewerAccessGranted = true;
+ }
+ }
+ return reviewerAccessGranted;
+ }
+
protected ModelAndView setAttributeAndShowForm(
HttpServletRequest request,
HttpServletResponse response,
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <rv...@us...> - 2010-01-12 17:21:58
|
Revision: 416
http://treebase.svn.sourceforge.net/treebase/?rev=416&view=rev
Author: rvos
Date: 2010-01-12 17:21:50 +0000 (Tue, 12 Jan 2010)
Log Message:
-----------
Added message "You are in reviewer mode." if access has been granted by isReviewerAccessGranted().
Modified Paths:
--------------
trunk/treebase-web/src/main/java/org/cipres/treebase/web/controllers/BaseFormController.java
Modified: trunk/treebase-web/src/main/java/org/cipres/treebase/web/controllers/BaseFormController.java
===================================================================
--- trunk/treebase-web/src/main/java/org/cipres/treebase/web/controllers/BaseFormController.java 2010-01-12 17:18:04 UTC (rev 415)
+++ trunk/treebase-web/src/main/java/org/cipres/treebase/web/controllers/BaseFormController.java 2010-01-12 17:21:50 UTC (rev 416)
@@ -165,6 +165,7 @@
String computedHashedStudyId = namespacedGUID.getHashedIDString();
if ( storedHashedStudyId.equals(computedHashedStudyId) ) {
reviewerAccessGranted = true;
+ saveMessage(pRequest,"You are in reviewer access mode.");
}
}
return reviewerAccessGranted;
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <rv...@us...> - 2010-01-13 17:29:33
|
Revision: 426
http://treebase.svn.sourceforge.net/treebase/?rev=426&view=rev
Author: rvos
Date: 2010-01-13 17:29:26 +0000 (Wed, 13 Jan 2010)
Log Message:
-----------
Implemented getConditionalModelAndView, which checks whether the supplied ModelAndView should be returned (which is the case if an x-access-granted parameter was supplied or access was explicitly granted), or an authorization violation view.
Modified Paths:
--------------
trunk/treebase-web/src/main/java/org/cipres/treebase/web/controllers/BaseFormController.java
Modified: trunk/treebase-web/src/main/java/org/cipres/treebase/web/controllers/BaseFormController.java
===================================================================
--- trunk/treebase-web/src/main/java/org/cipres/treebase/web/controllers/BaseFormController.java 2010-01-13 17:25:37 UTC (rev 425)
+++ trunk/treebase-web/src/main/java/org/cipres/treebase/web/controllers/BaseFormController.java 2010-01-13 17:29:26 UTC (rev 426)
@@ -141,6 +141,22 @@
protected void setAuthorizationChecked(boolean pAuthorizationChecked) {
mAuthorizationChecked = pAuthorizationChecked;
}
+
+ /**
+ *
+ * @param pRequest
+ * @param pModelAndView
+ * @return
+ */
+ protected ModelAndView getConditionalModelAndView(
+ HttpServletRequest pRequest,
+ ModelAndView pModelAndView) {
+ if ( isReviewerAccessGranted(pRequest) || isAuthorizationChecked() ) {
+ return pModelAndView;
+ } else {
+ return new ModelAndView(AUTHORIZATION_VIOLATION_VIEW);
+ }
+ }
@Override
protected ModelAndView showForm(
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <rv...@us...> - 2010-01-13 18:09:43
|
Revision: 429
http://treebase.svn.sourceforge.net/treebase/?rev=429&view=rev
Author: rvos
Date: 2010-01-13 18:09:36 +0000 (Wed, 13 Jan 2010)
Log Message:
-----------
NPE workaround
Modified Paths:
--------------
trunk/treebase-web/src/main/java/org/cipres/treebase/web/controllers/BaseFormController.java
Modified: trunk/treebase-web/src/main/java/org/cipres/treebase/web/controllers/BaseFormController.java
===================================================================
--- trunk/treebase-web/src/main/java/org/cipres/treebase/web/controllers/BaseFormController.java 2010-01-13 17:57:38 UTC (rev 428)
+++ trunk/treebase-web/src/main/java/org/cipres/treebase/web/controllers/BaseFormController.java 2010-01-13 18:09:36 UTC (rev 429)
@@ -173,15 +173,18 @@
private boolean isReviewerAccessGranted(HttpServletRequest pRequest) {
boolean reviewerAccessGranted = false;
- String storedHashedStudyId = pRequest.getSession().getAttribute(Constants.X_ACCESS_CODE).toString();
- if ( ! TreebaseUtil.isEmpty(storedHashedStudyId) ) {
- Long studyId = ControllerUtil.getStudyId(pRequest);
- TreebaseIDString treebaseIDString = new TreebaseIDString(Study.class,studyId);
- NamespacedGUID namespacedGUID = treebaseIDString.getNamespacedGUID();
- String computedHashedStudyId = namespacedGUID.getHashedIDString();
- if ( storedHashedStudyId.equals(computedHashedStudyId) ) {
- reviewerAccessGranted = true;
- saveMessage(pRequest,"You are in reviewer access mode.");
+ Object xAccesCodeObject = pRequest.getSession().getAttribute(Constants.X_ACCESS_CODE);
+ if ( xAccesCodeObject != null ) {
+ String storedHashedStudyId = xAccesCodeObject.toString();
+ if ( ! TreebaseUtil.isEmpty(storedHashedStudyId) ) {
+ Long studyId = ControllerUtil.getStudyId(pRequest);
+ TreebaseIDString treebaseIDString = new TreebaseIDString(Study.class,studyId);
+ NamespacedGUID namespacedGUID = treebaseIDString.getNamespacedGUID();
+ String computedHashedStudyId = namespacedGUID.getHashedIDString();
+ if ( storedHashedStudyId.equals(computedHashedStudyId) ) {
+ reviewerAccessGranted = true;
+ saveMessage(pRequest,"You are in reviewer access mode.");
+ }
}
}
return reviewerAccessGranted;
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <rv...@us...> - 2010-01-14 14:04:35
|
Revision: 432
http://treebase.svn.sourceforge.net/treebase/?rev=432&view=rev
Author: rvos
Date: 2010-01-14 14:04:24 +0000 (Thu, 14 Jan 2010)
Log Message:
-----------
Added more logging messages.
Modified Paths:
--------------
trunk/treebase-web/src/main/java/org/cipres/treebase/web/controllers/BaseFormController.java
Modified: trunk/treebase-web/src/main/java/org/cipres/treebase/web/controllers/BaseFormController.java
===================================================================
--- trunk/treebase-web/src/main/java/org/cipres/treebase/web/controllers/BaseFormController.java 2010-01-13 18:18:27 UTC (rev 431)
+++ trunk/treebase-web/src/main/java/org/cipres/treebase/web/controllers/BaseFormController.java 2010-01-14 14:04:24 UTC (rev 432)
@@ -131,6 +131,7 @@
* @return
*/
private boolean isAuthorizationChecked() {
+ LOGGER.info("Checking whether explicit access is granted, value="+mAuthorizationChecked);
return mAuthorizationChecked;
}
@@ -175,18 +176,32 @@
boolean reviewerAccessGranted = false;
Object xAccesCodeObject = pRequest.getSession().getAttribute(Constants.X_ACCESS_CODE);
if ( xAccesCodeObject != null ) {
- String storedHashedStudyId = xAccesCodeObject.toString();
+ String storedHashedStudyId = xAccesCodeObject.toString();
+ LOGGER.info("x-access-code="+storedHashedStudyId);
if ( ! TreebaseUtil.isEmpty(storedHashedStudyId) ) {
Long studyId = ControllerUtil.getStudyId(pRequest);
- TreebaseIDString treebaseIDString = new TreebaseIDString(Study.class,studyId);
- NamespacedGUID namespacedGUID = treebaseIDString.getNamespacedGUID();
- String computedHashedStudyId = namespacedGUID.getHashedIDString();
+ LOGGER.info("studyId="+studyId);
+ TreebaseIDString tbidstr = new TreebaseIDString(Study.class,studyId);
+ LOGGER.info("TreebaseIDString="+tbidstr);
+ NamespacedGUID nsguid = tbidstr.getNamespacedGUID();
+ LOGGER.info("NamespacedGUID="+nsguid);
+ String computedHashedStudyId = nsguid.getHashedIDString();
+ LOGGER.info("computedHashedStudyId="+computedHashedStudyId);
if ( storedHashedStudyId.equals(computedHashedStudyId) ) {
reviewerAccessGranted = true;
saveMessage(pRequest,"You are in reviewer access mode.");
+ LOGGER.info("x-access-code matches computed hashed study id");
+ LOGGER.info("Reviewer access is granted");
}
+ else {
+ LOGGER.info("x-access-code doesn't match computed hashed study id");
+ LOGGER.info("access denied");
+ }
}
}
+ else {
+ LOGGER.info("No x-access-code parameter supplied");
+ }
return reviewerAccessGranted;
}
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <rv...@us...> - 2010-01-14 14:40:38
|
Revision: 435
http://treebase.svn.sourceforge.net/treebase/?rev=435&view=rev
Author: rvos
Date: 2010-01-14 14:40:32 +0000 (Thu, 14 Jan 2010)
Log Message:
-----------
Added more logging messages.
Modified Paths:
--------------
trunk/treebase-web/src/main/java/org/cipres/treebase/web/controllers/BaseFormController.java
Modified: trunk/treebase-web/src/main/java/org/cipres/treebase/web/controllers/BaseFormController.java
===================================================================
--- trunk/treebase-web/src/main/java/org/cipres/treebase/web/controllers/BaseFormController.java 2010-01-14 14:36:58 UTC (rev 434)
+++ trunk/treebase-web/src/main/java/org/cipres/treebase/web/controllers/BaseFormController.java 2010-01-14 14:40:32 UTC (rev 435)
@@ -198,6 +198,9 @@
LOGGER.info("access denied");
}
}
+ else {
+ LOGGER.info("x-access-code is empty");
+ }
}
else {
LOGGER.info("No x-access-code parameter supplied");
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <rv...@us...> - 2010-01-14 14:53:37
|
Revision: 436
http://treebase.svn.sourceforge.net/treebase/?rev=436&view=rev
Author: rvos
Date: 2010-01-14 14:53:30 +0000 (Thu, 14 Jan 2010)
Log Message:
-----------
Commented out logging messages.
Modified Paths:
--------------
trunk/treebase-web/src/main/java/org/cipres/treebase/web/controllers/BaseFormController.java
Modified: trunk/treebase-web/src/main/java/org/cipres/treebase/web/controllers/BaseFormController.java
===================================================================
--- trunk/treebase-web/src/main/java/org/cipres/treebase/web/controllers/BaseFormController.java 2010-01-14 14:40:32 UTC (rev 435)
+++ trunk/treebase-web/src/main/java/org/cipres/treebase/web/controllers/BaseFormController.java 2010-01-14 14:53:30 UTC (rev 436)
@@ -177,33 +177,33 @@
Object xAccesCodeObject = pRequest.getSession().getAttribute(Constants.X_ACCESS_CODE);
if ( xAccesCodeObject != null ) {
String storedHashedStudyId = xAccesCodeObject.toString();
- LOGGER.info("x-access-code="+storedHashedStudyId);
+ //LOGGER.info("x-access-code="+storedHashedStudyId);
if ( ! TreebaseUtil.isEmpty(storedHashedStudyId) ) {
Long studyId = ControllerUtil.getStudyId(pRequest);
- LOGGER.info("studyId="+studyId);
+ //LOGGER.info("studyId="+studyId);
TreebaseIDString tbidstr = new TreebaseIDString(Study.class,studyId);
- LOGGER.info("TreebaseIDString="+tbidstr);
+ //LOGGER.info("TreebaseIDString="+tbidstr);
NamespacedGUID nsguid = tbidstr.getNamespacedGUID();
- LOGGER.info("NamespacedGUID="+nsguid);
+ //LOGGER.info("NamespacedGUID="+nsguid);
String computedHashedStudyId = nsguid.getHashedIDString();
- LOGGER.info("computedHashedStudyId="+computedHashedStudyId);
+ //LOGGER.info("computedHashedStudyId="+computedHashedStudyId);
if ( storedHashedStudyId.equals(computedHashedStudyId) ) {
reviewerAccessGranted = true;
saveMessage(pRequest,"You are in reviewer access mode.");
- LOGGER.info("x-access-code matches computed hashed study id");
- LOGGER.info("Reviewer access is granted");
+ //LOGGER.info("x-access-code matches computed hashed study id");
+ //LOGGER.info("Reviewer access is granted");
}
else {
- LOGGER.info("x-access-code doesn't match computed hashed study id");
- LOGGER.info("access denied");
+ //LOGGER.info("x-access-code doesn't match computed hashed study id");
+ //LOGGER.info("access denied");
}
}
else {
- LOGGER.info("x-access-code is empty");
+ //LOGGER.info("x-access-code is empty");
}
}
else {
- LOGGER.info("No x-access-code parameter supplied");
+ //LOGGER.info("No x-access-code parameter supplied");
}
return reviewerAccessGranted;
}
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <rv...@us...> - 2010-01-14 14:56:45
|
Revision: 437
http://treebase.svn.sourceforge.net/treebase/?rev=437&view=rev
Author: rvos
Date: 2010-01-14 14:56:33 +0000 (Thu, 14 Jan 2010)
Log Message:
-----------
Added more logging messages.
Modified Paths:
--------------
trunk/treebase-web/src/main/java/org/cipres/treebase/web/controllers/BaseFormController.java
Modified: trunk/treebase-web/src/main/java/org/cipres/treebase/web/controllers/BaseFormController.java
===================================================================
--- trunk/treebase-web/src/main/java/org/cipres/treebase/web/controllers/BaseFormController.java 2010-01-14 14:53:30 UTC (rev 436)
+++ trunk/treebase-web/src/main/java/org/cipres/treebase/web/controllers/BaseFormController.java 2010-01-14 14:56:33 UTC (rev 437)
@@ -165,9 +165,15 @@
HttpServletResponse pResponse,
BindException pBindException,
Map pMap) throws Exception {
- if (isAuthorizationChecked() || isReviewerAccessGranted(pRequest)) {
+ if ( isAuthorizationChecked() ) {
+ LOGGER.info("returning supplied ModelAndView because access was granted explicitly");
return super.showForm(pRequest, pResponse, pBindException, pMap);
+ }
+ if (isReviewerAccessGranted(pRequest)) {
+ LOGGER.info("returning supplied ModelAndView because reviewer access was granted");
+ return super.showForm(pRequest, pResponse, pBindException, pMap);
} else {
+ LOGGER.info("returning AUTHORIZATION_VIOLATION_VIEW");
return new ModelAndView(AUTHORIZATION_VIOLATION_VIEW);
}
}
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <rv...@us...> - 2010-01-15 12:36:35
|
Revision: 442
http://treebase.svn.sourceforge.net/treebase/?rev=442&view=rev
Author: rvos
Date: 2010-01-15 12:18:59 +0000 (Fri, 15 Jan 2010)
Log Message:
-----------
Changed the way the study id is fetched from the request inside isReviewerAccessGranted, turned on logging.
Modified Paths:
--------------
trunk/treebase-web/src/main/java/org/cipres/treebase/web/controllers/BaseFormController.java
Modified: trunk/treebase-web/src/main/java/org/cipres/treebase/web/controllers/BaseFormController.java
===================================================================
--- trunk/treebase-web/src/main/java/org/cipres/treebase/web/controllers/BaseFormController.java 2010-01-14 19:57:17 UTC (rev 441)
+++ trunk/treebase-web/src/main/java/org/cipres/treebase/web/controllers/BaseFormController.java 2010-01-15 12:18:59 UTC (rev 442)
@@ -183,33 +183,28 @@
Object xAccesCodeObject = pRequest.getSession().getAttribute(Constants.X_ACCESS_CODE);
if ( xAccesCodeObject != null ) {
String storedHashedStudyId = xAccesCodeObject.toString();
- //LOGGER.info("x-access-code="+storedHashedStudyId);
- if ( ! TreebaseUtil.isEmpty(storedHashedStudyId) ) {
- Long studyId = ControllerUtil.getStudyId(pRequest);
- //LOGGER.info("studyId="+studyId);
- TreebaseIDString tbidstr = new TreebaseIDString(Study.class,studyId);
- //LOGGER.info("TreebaseIDString="+tbidstr);
- NamespacedGUID nsguid = tbidstr.getNamespacedGUID();
- //LOGGER.info("NamespacedGUID="+nsguid);
- String computedHashedStudyId = nsguid.getHashedIDString();
- //LOGGER.info("computedHashedStudyId="+computedHashedStudyId);
- if ( storedHashedStudyId.equals(computedHashedStudyId) ) {
- reviewerAccessGranted = true;
- saveMessage(pRequest,"You are in reviewer access mode.");
- //LOGGER.info("x-access-code matches computed hashed study id");
- //LOGGER.info("Reviewer access is granted");
- }
- else {
- //LOGGER.info("x-access-code doesn't match computed hashed study id");
- //LOGGER.info("access denied");
- }
+ LOGGER.info("x-access-code="+storedHashedStudyId);
+ Long studyId = Long.parseLong(pRequest.getParameter("id"));
+ LOGGER.info("studyId="+studyId);
+ TreebaseIDString tbidstr = new TreebaseIDString(Study.class,studyId);
+ LOGGER.info("TreebaseIDString="+tbidstr);
+ NamespacedGUID nsguid = tbidstr.getNamespacedGUID();
+ LOGGER.info("NamespacedGUID="+nsguid);
+ String computedHashedStudyId = nsguid.getHashedIDString();
+ LOGGER.info("computedHashedStudyId="+computedHashedStudyId);
+ if ( storedHashedStudyId.equals(computedHashedStudyId) ) {
+ reviewerAccessGranted = true;
+ saveMessage(pRequest,"You are in reviewer access mode.");
+ LOGGER.info("x-access-code matches computed hashed study id");
+ LOGGER.info("Reviewer access is granted");
}
else {
- //LOGGER.info("x-access-code is empty");
+ LOGGER.info("x-access-code doesn't match computed hashed study id");
+ LOGGER.info("access denied");
}
}
else {
- //LOGGER.info("No x-access-code parameter supplied");
+ LOGGER.info("No x-access-code parameter supplied");
}
return reviewerAccessGranted;
}
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <rv...@us...> - 2010-01-15 14:40:00
|
Revision: 448
http://treebase.svn.sourceforge.net/treebase/?rev=448&view=rev
Author: rvos
Date: 2010-01-15 14:39:53 +0000 (Fri, 15 Jan 2010)
Log Message:
-----------
Fixed typo.
Modified Paths:
--------------
trunk/treebase-web/src/main/java/org/cipres/treebase/web/controllers/BaseFormController.java
Modified: trunk/treebase-web/src/main/java/org/cipres/treebase/web/controllers/BaseFormController.java
===================================================================
--- trunk/treebase-web/src/main/java/org/cipres/treebase/web/controllers/BaseFormController.java 2010-01-15 14:36:49 UTC (rev 447)
+++ trunk/treebase-web/src/main/java/org/cipres/treebase/web/controllers/BaseFormController.java 2010-01-15 14:39:53 UTC (rev 448)
@@ -106,7 +106,7 @@
messages = new ArrayList();
}
messages.add(msg);
- request.setAttribute("messsages", messages);
+ request.setAttribute("messages", messages);
}
/**
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <rv...@us...> - 2010-01-15 14:53:55
|
Revision: 450
http://treebase.svn.sourceforge.net/treebase/?rev=450&view=rev
Author: rvos
Date: 2010-01-15 14:53:41 +0000 (Fri, 15 Jan 2010)
Log Message:
-----------
Now stores reviewer mode as request attribute
Modified Paths:
--------------
trunk/treebase-web/src/main/java/org/cipres/treebase/web/controllers/BaseFormController.java
Modified: trunk/treebase-web/src/main/java/org/cipres/treebase/web/controllers/BaseFormController.java
===================================================================
--- trunk/treebase-web/src/main/java/org/cipres/treebase/web/controllers/BaseFormController.java 2010-01-15 14:52:06 UTC (rev 449)
+++ trunk/treebase-web/src/main/java/org/cipres/treebase/web/controllers/BaseFormController.java 2010-01-15 14:53:41 UTC (rev 450)
@@ -194,7 +194,7 @@
LOGGER.info("computedHashedStudyId="+computedHashedStudyId);
if ( storedHashedStudyId.equals(computedHashedStudyId) ) {
reviewerAccessGranted = true;
- saveMessage(pRequest,"You are in reviewer access mode.");
+ //saveMessage(pRequest,"You are in reviewer access mode.");
LOGGER.info("x-access-code matches computed hashed study id");
LOGGER.info("Reviewer access is granted");
}
@@ -206,6 +206,7 @@
else {
LOGGER.info("No x-access-code parameter supplied");
}
+ pRequest.setAttribute("reviewerAccessGranted", reviewerAccessGranted);
return reviewerAccessGranted;
}
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <rv...@us...> - 2010-01-15 15:21:20
|
Revision: 453
http://treebase.svn.sourceforge.net/treebase/?rev=453&view=rev
Author: rvos
Date: 2010-01-15 15:21:14 +0000 (Fri, 15 Jan 2010)
Log Message:
-----------
NPE workaround
Modified Paths:
--------------
trunk/treebase-web/src/main/java/org/cipres/treebase/web/controllers/BaseFormController.java
Modified: trunk/treebase-web/src/main/java/org/cipres/treebase/web/controllers/BaseFormController.java
===================================================================
--- trunk/treebase-web/src/main/java/org/cipres/treebase/web/controllers/BaseFormController.java 2010-01-15 15:17:49 UTC (rev 452)
+++ trunk/treebase-web/src/main/java/org/cipres/treebase/web/controllers/BaseFormController.java 2010-01-15 15:21:14 UTC (rev 453)
@@ -197,7 +197,7 @@
//saveMessage(pRequest,"You are in reviewer access mode.");
LOGGER.info("x-access-code matches computed hashed study id");
LOGGER.info("Reviewer access is granted");
- if ( ! (Boolean)pRequest.getSession().getAttribute(Constants.REVIEWER_ACCESS_GRANTED) ) {
+ if ( pRequest.getSession().getAttribute(Constants.REVIEWER_ACCESS_GRANTED) == null ) {
pRequest.getSession().setAttribute("displayAgreement",true);
}
pRequest.getSession().setAttribute(Constants.REVIEWER_ACCESS_GRANTED, reviewerAccessGranted);
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <rv...@us...> - 2010-01-15 15:23:54
|
Revision: 454
http://treebase.svn.sourceforge.net/treebase/?rev=454&view=rev
Author: rvos
Date: 2010-01-15 15:23:47 +0000 (Fri, 15 Jan 2010)
Log Message:
-----------
Flag needs to be turned off after initial access granting.
Modified Paths:
--------------
trunk/treebase-web/src/main/java/org/cipres/treebase/web/controllers/BaseFormController.java
Modified: trunk/treebase-web/src/main/java/org/cipres/treebase/web/controllers/BaseFormController.java
===================================================================
--- trunk/treebase-web/src/main/java/org/cipres/treebase/web/controllers/BaseFormController.java 2010-01-15 15:21:14 UTC (rev 453)
+++ trunk/treebase-web/src/main/java/org/cipres/treebase/web/controllers/BaseFormController.java 2010-01-15 15:23:47 UTC (rev 454)
@@ -200,6 +200,9 @@
if ( pRequest.getSession().getAttribute(Constants.REVIEWER_ACCESS_GRANTED) == null ) {
pRequest.getSession().setAttribute("displayAgreement",true);
}
+ else {
+ pRequest.getSession().setAttribute("displayAgreement",false);
+ }
pRequest.getSession().setAttribute(Constants.REVIEWER_ACCESS_GRANTED, reviewerAccessGranted);
}
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <rv...@us...> - 2010-01-15 17:09:13
|
Revision: 461
http://treebase.svn.sourceforge.net/treebase/?rev=461&view=rev
Author: rvos
Date: 2010-01-15 17:09:07 +0000 (Fri, 15 Jan 2010)
Log Message:
-----------
Added shortcut for when the reviewer hits cancel: no access is granted, the agreement is again displayed if the reviewer re-visits the same special URL
Modified Paths:
--------------
trunk/treebase-web/src/main/java/org/cipres/treebase/web/controllers/BaseFormController.java
Modified: trunk/treebase-web/src/main/java/org/cipres/treebase/web/controllers/BaseFormController.java
===================================================================
--- trunk/treebase-web/src/main/java/org/cipres/treebase/web/controllers/BaseFormController.java 2010-01-15 17:07:52 UTC (rev 460)
+++ trunk/treebase-web/src/main/java/org/cipres/treebase/web/controllers/BaseFormController.java 2010-01-15 17:09:07 UTC (rev 461)
@@ -179,6 +179,11 @@
}
private boolean isReviewerAccessGranted(HttpServletRequest pRequest) {
+ if ( "cancel".equals(pRequest.getParameter("agreement")) ) {
+ pRequest.getSession().setAttribute(Constants.REVIEWER_ACCESS_GRANTED, false);
+ pRequest.getSession().setAttribute("displayAgreement",true);
+ return false;
+ }
boolean reviewerAccessGranted = false;
Object xAccesCodeObject = pRequest.getSession().getAttribute(Constants.X_ACCESS_CODE);
if ( xAccesCodeObject != null ) {
@@ -204,7 +209,6 @@
pRequest.getSession().setAttribute("displayAgreement",false);
}
pRequest.getSession().setAttribute(Constants.REVIEWER_ACCESS_GRANTED, reviewerAccessGranted);
-
}
else {
LOGGER.info("x-access-code doesn't match computed hashed study id");
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <rv...@us...> - 2010-01-19 17:59:15
|
Revision: 473
http://treebase.svn.sourceforge.net/treebase/?rev=473&view=rev
Author: rvos
Date: 2010-01-19 17:59:08 +0000 (Tue, 19 Jan 2010)
Log Message:
-----------
Factored isReviewerAccessGranted out to ControllerUtil - this is necessary because not just form controllers but also download controllers and the phylowidget controller need to have access to it. Also, it can be a static anyway so it looks like a utility method.
Modified Paths:
--------------
trunk/treebase-web/src/main/java/org/cipres/treebase/web/controllers/BaseFormController.java
Modified: trunk/treebase-web/src/main/java/org/cipres/treebase/web/controllers/BaseFormController.java
===================================================================
--- trunk/treebase-web/src/main/java/org/cipres/treebase/web/controllers/BaseFormController.java 2010-01-19 17:54:19 UTC (rev 472)
+++ trunk/treebase-web/src/main/java/org/cipres/treebase/web/controllers/BaseFormController.java 2010-01-19 17:59:08 UTC (rev 473)
@@ -153,7 +153,7 @@
protected ModelAndView getConditionalModelAndView(
HttpServletRequest pRequest,
ModelAndView pModelAndView) {
- if ( isReviewerAccessGranted(pRequest) || isAuthorizationChecked() ) {
+ if ( ControllerUtil.isReviewerAccessGranted(pRequest) || isAuthorizationChecked() ) {
return pModelAndView;
} else {
return new ModelAndView(AUTHORIZATION_VIOLATION_VIEW);
@@ -170,7 +170,7 @@
LOGGER.info("returning supplied ModelAndView because access was granted explicitly");
return super.showForm(pRequest, pResponse, pBindException, pMap);
}
- if (isReviewerAccessGranted(pRequest)) {
+ if (ControllerUtil.isReviewerAccessGranted(pRequest)) {
LOGGER.info("returning supplied ModelAndView because reviewer access was granted");
return super.showForm(pRequest, pResponse, pBindException, pMap);
} else {
@@ -179,35 +179,6 @@
}
}
- private boolean isReviewerAccessGranted(HttpServletRequest req) {
- boolean passedHashedIDCheck = false;
- HttpSession session = req.getSession();
- if ( "cancel".equals(req.getParameter("agreement")) ) {
- session.setAttribute(Constants.REVIEWER_AGREEMENT_ACCEPTED, false);
- }
- if ( "ok".equals(req.getParameter("agreement")) ) {
- session.setAttribute(Constants.REVIEWER_AGREEMENT_ACCEPTED, true);
- }
- Object xAccesCodeObject = session.getAttribute(Constants.X_ACCESS_CODE);
- if ( xAccesCodeObject != null ) {
- String suppliedHashedID = xAccesCodeObject.toString();
- TreebaseIDString tbidstr = new TreebaseIDString(Study.class,Long.parseLong(req.getParameter("id")));
- if ( suppliedHashedID.equals(tbidstr.getNamespacedGUID().getHashedIDString()) ) {
- passedHashedIDCheck = true;
- Object agreementAccepted = session.getAttribute(Constants.REVIEWER_AGREEMENT_ACCEPTED);
- if ( agreementAccepted == null || ((Boolean)agreementAccepted).booleanValue() == false ) {
- LOGGER.info("Going to display agreement - agreement acceptance: "+agreementAccepted);
- session.setAttribute("displayAgreement",true);
- }
- else {
- LOGGER.info("Not displaying agreement");
- session.setAttribute("displayAgreement",false);
- }
- }
- }
- return passedHashedIDCheck;
- }
-
protected ModelAndView setAttributeAndShowForm(
HttpServletRequest request,
HttpServletResponse response,
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
×
Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.
Thanks for helping keep SourceForge clean.
X