Author: tchemit Date: 2012-06-15 23:26:08 +0200 (Fri, 15 Jun 2012) New Revision: 3487 Url: http://chorem.org/repositories/revision/pollen/3487 Log: - refs #609: Review security access for administrator - refs #612: Review security access for creator - add fixme in tests Added: trunk/pollen-ui-struts2/src/main/java/org/chorem/pollen/ui/security/PollCreatorAccessRequired.java trunk/pollen-ui-struts2/src/main/java/org/chorem/pollen/ui/security/PollResultAccessRequired.java trunk/pollen-ui-struts2/src/main/java/org/chorem/pollen/ui/security/PollVoteAccessRequired.java trunk/pollen-ui-struts2/src/main/webapp/WEB-INF/jsp/security/illegal_access.jsp Removed: trunk/pollen-ui-struts2/src/main/java/org/chorem/pollen/ui/security/PollAccessRequired.java trunk/pollen-ui-struts2/src/main/java/org/chorem/pollen/ui/security/PollCreatorRequired.java trunk/pollen-ui-struts2/src/main/java/org/chorem/pollen/ui/security/PollRequired.java trunk/pollen-ui-struts2/src/main/java/org/chorem/pollen/ui/security/ResultAccessRequired.java trunk/pollen-ui-struts2/src/main/webapp/WEB-INF/jsp/security/poll_access_required.jsp trunk/pollen-ui-struts2/src/main/webapp/WEB-INF/jsp/security/poll_creator_required.jsp trunk/pollen-ui-struts2/src/main/webapp/WEB-INF/jsp/security/poll_required.jsp trunk/pollen-ui-struts2/src/main/webapp/WEB-INF/jsp/security/result_access_required.jsp Modified: trunk/pollen-ui-struts2/src/main/java/org/chorem/pollen/ui/security/AbstractPollenAuthorization.java trunk/pollen-ui-struts2/src/main/resources/i18n/pollen-ui-struts2_en_GB.properties trunk/pollen-ui-struts2/src/main/resources/i18n/pollen-ui-struts2_fr_FR.properties trunk/pollen-ui-struts2/src/main/resources/shiro.ini trunk/pollen-ui-struts2/src/main/webapp/WEB-INF/jsp/security/admin_required.jsp trunk/pollen-ui-struts2/src/main/webapp/WEB-INF/jsp/security/connected_required.jsp trunk/pollen-ui-struts2/src/test/java/org/chorem/pollen/ui/PollenFixtures.java trunk/pollen-ui-struts2/src/test/java/org/chorem/pollen/ui/its/CreateFreeTextPollSIT.java trunk/pollen-ui-struts2/src/test/java/org/chorem/pollen/ui/its/PollenBaseWebDriverIT.java trunk/pollen-ui-struts2/src/test/java/org/chorem/pollen/ui/its/SecurityAccessSIT.java Modified: trunk/pollen-ui-struts2/src/main/java/org/chorem/pollen/ui/security/AbstractPollenAuthorization.java =================================================================== --- trunk/pollen-ui-struts2/src/main/java/org/chorem/pollen/ui/security/AbstractPollenAuthorization.java 2012-06-15 21:13:46 UTC (rev 3486) +++ trunk/pollen-ui-struts2/src/main/java/org/chorem/pollen/ui/security/AbstractPollenAuthorization.java 2012-06-15 21:26:08 UTC (rev 3487) @@ -23,18 +23,20 @@ package org.chorem.pollen.ui.security; import com.google.common.base.Preconditions; +import com.google.common.collect.Maps; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.apache.shiro.util.StringUtils; import org.apache.shiro.web.filter.authz.AuthorizationFilter; import org.apache.shiro.web.util.WebUtils; +import org.chorem.pollen.PollenApplicationContext; import org.chorem.pollen.bean.PollUri; import org.chorem.pollen.business.persistence.UserAccount; import org.chorem.pollen.services.DefaultPollenServiceContext; import org.chorem.pollen.services.PollenServiceContext; import org.chorem.pollen.services.PollenServiceFactory; +import org.chorem.pollen.services.exceptions.PollNotFoundException; import org.chorem.pollen.services.impl.SecurityService; -import org.chorem.pollen.PollenApplicationContext; import org.chorem.pollen.ui.PollenSession; import org.chorem.pollen.ui.PollenUIUtils; import org.nuiton.topia.TopiaContext; @@ -47,9 +49,12 @@ import javax.servlet.http.HttpServletResponse; import java.io.IOException; import java.util.Locale; +import java.util.Map; import java.util.regex.Matcher; import java.util.regex.Pattern; +import static org.nuiton.i18n.I18n.n_; + public abstract class AbstractPollenAuthorization extends AuthorizationFilter { /** @@ -67,6 +72,9 @@ private static final Log log = LogFactory.getLog(AbstractPollenAuthorization.class); + private static final String ERROR_MESSAGE_PARAMETER = + "securityPollenErrorMessage"; + protected AbstractPollenAuthorization() { if (log.isInfoEnabled()) { log.info("Init - " + this); @@ -137,10 +145,82 @@ String unauthorizedUrl = getUnauthorizedUrl(); //SHIRO-142 - ensure that redirect _or_ error code occurs - both cannot happen due to response commit: if (StringUtils.hasText(unauthorizedUrl)) { - WebUtils.issueRedirect(request, response, unauthorizedUrl); + String attribute = (String) request.getAttribute(ERROR_MESSAGE_PARAMETER); + if (StringUtils.hasText(attribute)) { + + // add a params + Map<String, String> params = Maps.newHashMap(); + params.put("errorMessage", attribute); + WebUtils.issueRedirect(request, response, unauthorizedUrl, params); +// request.removeAttribute(ERROR_MESSAGE_PARAMETER); + + } else { + + WebUtils.issueRedirect(request, response, unauthorizedUrl); + } } else { WebUtils.toHttp(response).sendError(HttpServletResponse.SC_UNAUTHORIZED); } return false; } + + protected boolean isPollIdSane(PollUri pollUri, + SecurityService securityService, + ServletRequest request) { + + String errorMessage = null; + if (pollUri == null) { + + // no pollUri in url + errorMessage = n_("pollen.security.error.no.pollId"); + + } else { + + if (!pollUri.isPollIdNotBlank()) { + + // no pollId in uri + errorMessage = n_("pollen.security.error.no.pollId"); + } else { + + // there is a pollId check that it exists + + try { + securityService.checkPoll(pollUri); + + if (log.isDebugEnabled()) { + log.debug("Can access to this poll " + + pollUri.getPollId()); + } + + } catch (PollNotFoundException e) { + if (log.isDebugEnabled()) { + log.debug("Poll not found!"); + } + errorMessage = n_("pollen.security.error.poll.not.found"); + } + } + } + boolean isAccessAllowed; + + if (errorMessage == null) { + + // no error message seems ok + isAccessAllowed = true; + + } else { + + // something wrong happens + isAccessAllowed = false; + + registerError(request, errorMessage); + } + + return isAccessAllowed; + } + + + protected void registerError(ServletRequest request, String errorMessage) { + request.setAttribute(ERROR_MESSAGE_PARAMETER, errorMessage); + } + } Deleted: trunk/pollen-ui-struts2/src/main/java/org/chorem/pollen/ui/security/PollAccessRequired.java =================================================================== --- trunk/pollen-ui-struts2/src/main/java/org/chorem/pollen/ui/security/PollAccessRequired.java 2012-06-15 21:13:46 UTC (rev 3486) +++ trunk/pollen-ui-struts2/src/main/java/org/chorem/pollen/ui/security/PollAccessRequired.java 2012-06-15 21:26:08 UTC (rev 3487) @@ -1,105 +0,0 @@ -/* - * #%L - * Pollen :: UI (struts2) - * $Id$ - * $HeadURL$ - * %% - * Copyright (C) 2009 - 2012 CodeLutin, Tony Chemit - * %% - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License as published by - * the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License - * along with this program. If not, see <http://www.gnu.org/licenses/>. - * #L% - */ -package org.chorem.pollen.ui.security; - -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; -import org.chorem.pollen.bean.PollUri; -import org.chorem.pollen.services.exceptions.PollNotFoundException; -import org.chorem.pollen.services.exceptions.UnauthorizedPollAccessException; -import org.chorem.pollen.services.impl.SecurityService; - -import javax.servlet.ServletRequest; -import javax.servlet.ServletResponse; - -public class PollAccessRequired extends AbstractPollenAuthorization { - - private static final Log log = - LogFactory.getLog(PollAccessRequired.class); - - protected final AdminUserRequired adminFilter; - - protected final PollCreatorRequired pollCreatorFilter; - - public PollAccessRequired() { - adminFilter = new AdminUserRequired(); - pollCreatorFilter = new PollCreatorRequired(); - } - - @Override - protected boolean isAccessAllowed(ServletRequest request, - ServletResponse response, - Object mappedValue) { - - boolean isAccessAllowed; - - if (adminFilter.isAccessAllowed(request, response, mappedValue)) { - - // user is connected ans admin, so - isAccessAllowed = true; - - } else if (pollCreatorFilter.isAccessAllowed(request, response, mappedValue)) { - - // user is connected ans admin, so - isAccessAllowed = true; - - } else { - - PollUri pollUri = getPollUri(request); - - if (pollUri == null) { - - // no uriId given - isAccessAllowed = false; - - - } else { - - SecurityService securityService = getSecurityService(request); - - try { - securityService.checkPollAccount(pollUri); - isAccessAllowed = true; - - if (log.isDebugEnabled()) { - log.debug("Can access to this poll " + pollUri.getPollId()); - } - } catch (PollNotFoundException e) { - if (log.isDebugEnabled()) { - log.debug("Poll not found!"); - } - isAccessAllowed = false; - } catch (UnauthorizedPollAccessException e) { - if (log.isDebugEnabled()) { - log.debug("User can not access page"); - } - isAccessAllowed = false; - } - - } - } - - return isAccessAllowed; - } - -} Added: trunk/pollen-ui-struts2/src/main/java/org/chorem/pollen/ui/security/PollCreatorAccessRequired.java =================================================================== --- trunk/pollen-ui-struts2/src/main/java/org/chorem/pollen/ui/security/PollCreatorAccessRequired.java (rev 0) +++ trunk/pollen-ui-struts2/src/main/java/org/chorem/pollen/ui/security/PollCreatorAccessRequired.java 2012-06-15 21:26:08 UTC (rev 3487) @@ -0,0 +1,135 @@ +/* + * #%L + * Pollen :: UI (struts2) + * $Id$ + * $HeadURL$ + * %% + * Copyright (C) 2009 - 2012 CodeLutin + * %% + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + * #L% + */ +package org.chorem.pollen.ui.security; + +import org.chorem.pollen.bean.PollUri; +import org.chorem.pollen.business.persistence.Poll; +import org.chorem.pollen.business.persistence.UserAccount; +import org.chorem.pollen.services.PollenServiceContext; +import org.chorem.pollen.services.impl.PollService; +import org.chorem.pollen.services.impl.SecurityService; + +import javax.servlet.ServletRequest; +import javax.servlet.ServletResponse; + +import static org.nuiton.i18n.I18n.n_; + +/** + * Check that a user can show results of a poll. + * + * @author tchemit <chemit@codelutin.com> + * @since 1.4 + */ +public class PollCreatorAccessRequired extends AbstractPollenAuthorization { + + protected final AdminUserRequired adminFilter; + + public PollCreatorAccessRequired() { + adminFilter = new AdminUserRequired(); + } + + @Override + protected boolean isAccessAllowed(ServletRequest request, + ServletResponse response, + Object mappedValue) { + + PollenServiceContext serviceContext = getServiceContext(request); + + PollUri pollUri = getPollUri(request); + + SecurityService securityService = + serviceContext.newService(SecurityService.class); + + // test that poll is sane + boolean isAccessAllowed = isPollIdSane(pollUri, securityService, request); + + SecurityService.AccountIdRole accountIdRole = + SecurityService.AccountIdRole.UNDEFINED; + + if (isAccessAllowed) { + + // pollId is sane (poll exists from it) + + // get it + Poll poll = serviceContext.newService(PollService.class).getPollByPollId( + pollUri.getPollId()); + + // test if user is admin + boolean isAdmin = adminFilter.isAccessAllowed(request, + response, + mappedValue); + + boolean withAccountId = pollUri.isAccountIdNotBlank(); + + if (withAccountId) { + + // there is a account id, must validate it + accountIdRole = securityService.getAccountIdRole( + poll, pollUri.getAccountId()); + + if (accountIdRole == SecurityService.AccountIdRole.UNDEFINED) { + + // bad account Id + isAccessAllowed = false; + registerError( + request, n_("pollen.security.error.bad.accountId")); + } + } + + if (isAdmin) { + + // admin user acts as a poll creator + accountIdRole = SecurityService.AccountIdRole.CREATOR; + } else { + + UserAccount userAccount = getPollenUserAccount(request); + if (userAccount != null && + userAccount.equals(poll.getCreator().getUserAccount())) { + + //conntected user is the creator + accountIdRole = SecurityService.AccountIdRole.CREATOR; + } + } + } + + if (isAccessAllowed) { + + // pollId is sane + // accountId also + + // check now that account role is a creator + + if (accountIdRole != SecurityService.AccountIdRole.CREATOR) { + + // not a creator, access not granted + isAccessAllowed = false; + registerError( + request, + n_("pollen.security.error.creatorId.or.admin.required")); + } + } + + return isAccessAllowed; + } + +} \ No newline at end of file Property changes on: trunk/pollen-ui-struts2/src/main/java/org/chorem/pollen/ui/security/PollCreatorAccessRequired.java ___________________________________________________________________ Added: svn:keywords + Author Date Id Revision HeadURL Added: svn:eol-style + native Deleted: trunk/pollen-ui-struts2/src/main/java/org/chorem/pollen/ui/security/PollCreatorRequired.java =================================================================== --- trunk/pollen-ui-struts2/src/main/java/org/chorem/pollen/ui/security/PollCreatorRequired.java 2012-06-15 21:13:46 UTC (rev 3486) +++ trunk/pollen-ui-struts2/src/main/java/org/chorem/pollen/ui/security/PollCreatorRequired.java 2012-06-15 21:26:08 UTC (rev 3487) @@ -1,96 +0,0 @@ -/* - * #%L - * Pollen :: UI (struts2) - * $Id$ - * $HeadURL$ - * %% - * Copyright (C) 2009 - 2012 CodeLutin, Tony Chemit - * %% - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License as published by - * the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License - * along with this program. If not, see <http://www.gnu.org/licenses/>. - * #L% - */ -package org.chorem.pollen.ui.security; - -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; -import org.chorem.pollen.bean.PollUri; -import org.chorem.pollen.services.exceptions.PollNotFoundException; -import org.chorem.pollen.services.exceptions.UnauthorizedPollAccessException; -import org.chorem.pollen.services.impl.SecurityService; - -import javax.servlet.ServletRequest; -import javax.servlet.ServletResponse; - -public class PollCreatorRequired extends AbstractPollenAuthorization { - - private static final Log log = LogFactory.getLog(PollCreatorRequired.class); - - protected final AdminUserRequired adminFilter; - - public PollCreatorRequired() { - adminFilter = new AdminUserRequired(); - } - - @Override - protected boolean isAccessAllowed(ServletRequest request, - ServletResponse response, - Object mappedValue) { - - boolean isAccessAllowed; - - if (adminFilter.isAccessAllowed(request, response, mappedValue)) { - - // user is connected and admin, so access granted - isAccessAllowed = true; - - } else { - - PollUri pollUri = getPollUri(request); - - if (pollUri == null) { - - // no uriId given - isAccessAllowed = false; - - - } else { - SecurityService securityService = getSecurityService(request); - - try { - securityService.checkPollCreator(pollUri); - isAccessAllowed = true; - - if (log.isDebugEnabled()) { - log.debug("Can access to this poll " + - pollUri.getPollId()); - } - } catch (PollNotFoundException e) { - if (log.isDebugEnabled()) { - log.debug("Poll not found!"); - } - isAccessAllowed = false; - } catch (UnauthorizedPollAccessException e) { - if (log.isDebugEnabled()) { - log.debug("User can not access page"); - } - isAccessAllowed = false; - } - - } - } - - return isAccessAllowed; - } - -} Deleted: trunk/pollen-ui-struts2/src/main/java/org/chorem/pollen/ui/security/PollRequired.java =================================================================== --- trunk/pollen-ui-struts2/src/main/java/org/chorem/pollen/ui/security/PollRequired.java 2012-06-15 21:13:46 UTC (rev 3486) +++ trunk/pollen-ui-struts2/src/main/java/org/chorem/pollen/ui/security/PollRequired.java 2012-06-15 21:26:08 UTC (rev 3487) @@ -1,75 +0,0 @@ -/* - * #%L - * Pollen :: UI (struts2) - * $Id$ - * $HeadURL$ - * %% - * Copyright (C) 2009 - 2012 CodeLutin, Tony Chemit - * %% - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License as published by - * the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License - * along with this program. If not, see <http://www.gnu.org/licenses/>. - * #L% - */ -package org.chorem.pollen.ui.security; - -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; -import org.chorem.pollen.bean.PollUri; -import org.chorem.pollen.services.exceptions.PollNotFoundException; -import org.chorem.pollen.services.impl.SecurityService; - -import javax.servlet.ServletRequest; -import javax.servlet.ServletResponse; - -public class PollRequired extends AbstractPollenAuthorization { - - private static final Log log = - LogFactory.getLog(PollRequired.class); - - @Override - protected boolean isAccessAllowed(ServletRequest request, - ServletResponse response, - Object mappedValue) { - - boolean isAccessAllowed; - - PollUri pollUri = getPollUri(request); - - if (pollUri == null) { - - // no uriId given - isAccessAllowed = false; - - } else { - - SecurityService securityService = getSecurityService(request); - - try { - securityService.checkPoll(pollUri); - isAccessAllowed = true; - - if (log.isDebugEnabled()) { - log.debug("Can access to this poll " + pollUri.getPollId()); - } - } catch (PollNotFoundException e) { - if (log.isDebugEnabled()) { - log.debug("Poll not found!"); - } - isAccessAllowed = false; - } - } - - return isAccessAllowed; - } - -} Added: trunk/pollen-ui-struts2/src/main/java/org/chorem/pollen/ui/security/PollResultAccessRequired.java =================================================================== --- trunk/pollen-ui-struts2/src/main/java/org/chorem/pollen/ui/security/PollResultAccessRequired.java (rev 0) +++ trunk/pollen-ui-struts2/src/main/java/org/chorem/pollen/ui/security/PollResultAccessRequired.java 2012-06-15 21:26:08 UTC (rev 3487) @@ -0,0 +1,162 @@ +/* + * #%L + * Pollen :: UI (struts2) + * $Id$ + * $HeadURL$ + * %% + * Copyright (C) 2009 - 2012 CodeLutin + * %% + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + * #L% + */ +package org.chorem.pollen.ui.security; + +import org.chorem.pollen.bean.PollUri; +import org.chorem.pollen.business.persistence.Poll; +import org.chorem.pollen.common.PollType; +import org.chorem.pollen.services.PollenServiceContext; +import org.chorem.pollen.services.impl.PollService; +import org.chorem.pollen.services.impl.SecurityService; + +import javax.servlet.ServletRequest; +import javax.servlet.ServletResponse; + +import static org.nuiton.i18n.I18n.n_; + +/** + * Check that a user can show results of a poll. + * + * @author tchemit <chemit@codelutin.com> + * @since 1.4 + */ +public class PollResultAccessRequired extends AbstractPollenAuthorization { + + protected final AdminUserRequired adminFilter; + + public PollResultAccessRequired() { + adminFilter = new AdminUserRequired(); + } + + @Override + protected boolean isAccessAllowed(ServletRequest request, + ServletResponse response, + Object mappedValue) { + + PollenServiceContext serviceContext = getServiceContext(request); + + PollUri pollUri = getPollUri(request); + + SecurityService securityService = + serviceContext.newService(SecurityService.class); + + // test that poll is sane + boolean isAccessAllowed = isPollIdSane(pollUri, securityService, request); + + Poll poll = null; + + SecurityService.AccountIdRole accountIdRole = null; + + if (isAccessAllowed) { + + // pollId is sane (poll exists from it) + + // get it + poll = serviceContext.newService(PollService.class).getPollByPollId( + pollUri.getPollId()); + + // test if user is admin + + boolean isAdmin = adminFilter.isAccessAllowed(request, + response, + mappedValue); + + + boolean withAccountId = pollUri.isAccountIdNotBlank(); + + if (withAccountId) { + + // there is a account id, must validate it + accountIdRole = securityService.getAccountIdRole( + poll, pollUri.getAccountId()); + + if (accountIdRole == SecurityService.AccountIdRole.UNDEFINED) { + + // bad account Id + isAccessAllowed = false; + registerError( + request, + n_("pollen.security.error.bad.accountId")); + } + } + + if (isAdmin) { + + // admin user acts as a poll creator + accountIdRole = SecurityService.AccountIdRole.CREATOR; + } + } + + if (isAccessAllowed) { + + // pollId is sane + // accountId also + + // check now poll results can be displayed + + boolean publicResults = poll.isPublicResults(); + boolean continuousResults = poll.isContinuousResults(); + + if (!continuousResults && !poll.isClosed()) { + + // results are not continuous and poll is not closed + isAccessAllowed = false; + registerError( + request, + n_("pollen.security.error.poll.not.closed.and.results.not.continuous")); + } + + if (isAccessAllowed) { + + if (!publicResults && + accountIdRole != SecurityService.AccountIdRole.CREATOR) { + + // poll results are private, only poll admin can see results + isAccessAllowed = false; + registerError( + request, + n_("pollen.security.error.poll.result.private.and.access.not.granted")); + } + } + + if (isAccessAllowed) { + + boolean pollIsFree = PollType.FREE == poll.getPollType(); + + if (publicResults && + !pollIsFree && + !SecurityService.NONE_FREE_ACCOUNT_ID_ROLES.contains(accountIdRole)) { + + // on none free poll, only creator or restricted user can have it + isAccessAllowed = false; + registerError( + request, + n_("pollen.security.error.poll.not.free.and.access.not.granted")); + } + } + } + + return isAccessAllowed; + } + +} \ No newline at end of file Property changes on: trunk/pollen-ui-struts2/src/main/java/org/chorem/pollen/ui/security/PollResultAccessRequired.java ___________________________________________________________________ Added: svn:keywords + Author Date Id Revision HeadURL Added: svn:eol-style + native Added: trunk/pollen-ui-struts2/src/main/java/org/chorem/pollen/ui/security/PollVoteAccessRequired.java =================================================================== --- trunk/pollen-ui-struts2/src/main/java/org/chorem/pollen/ui/security/PollVoteAccessRequired.java (rev 0) +++ trunk/pollen-ui-struts2/src/main/java/org/chorem/pollen/ui/security/PollVoteAccessRequired.java 2012-06-15 21:26:08 UTC (rev 3487) @@ -0,0 +1,132 @@ +/* + * #%L + * Pollen :: UI (struts2) + * $Id$ + * $HeadURL$ + * %% + * Copyright (C) 2009 - 2012 CodeLutin + * %% + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + * #L% + */ +package org.chorem.pollen.ui.security; + +import org.chorem.pollen.bean.PollUri; +import org.chorem.pollen.business.persistence.Poll; +import org.chorem.pollen.common.PollType; +import org.chorem.pollen.services.PollenServiceContext; +import org.chorem.pollen.services.impl.PollService; +import org.chorem.pollen.services.impl.SecurityService; + +import javax.servlet.ServletRequest; +import javax.servlet.ServletResponse; + +import static org.nuiton.i18n.I18n.n_; + +/** + * Check that a user can vote. + * + * @author tchemit <chemit@codelutin.com> + * @since 1.4 + */ +public class PollVoteAccessRequired extends AbstractPollenAuthorization { + + protected final AdminUserRequired adminFilter; + + public PollVoteAccessRequired() { + adminFilter = new AdminUserRequired(); + } + + @Override + protected boolean isAccessAllowed(ServletRequest request, + ServletResponse response, + Object mappedValue) { + + PollenServiceContext serviceContext = getServiceContext(request); + + PollUri pollUri = getPollUri(request); + + SecurityService securityService = + serviceContext.newService(SecurityService.class); + + // test that poll is sane + boolean isAccessAllowed = isPollIdSane(pollUri, securityService, + request); + + Poll poll = null; + + SecurityService.AccountIdRole accountIdRole = null; + + if (isAccessAllowed) { + + // pollId is sane (poll exists from it) + + // get it + poll = serviceContext.newService(PollService.class).getPollByPollId( + pollUri.getPollId()); + + // test if user is admin + boolean isAdmin = adminFilter.isAccessAllowed(request, + response, + mappedValue); + + boolean withAccountId = pollUri.isAccountIdNotBlank(); + + if (withAccountId) { + + // there is a account id, must validate it + accountIdRole = securityService.getAccountIdRole( + poll, pollUri.getAccountId()); + + if (accountIdRole == SecurityService.AccountIdRole.UNDEFINED) { + + // bad account Id + isAccessAllowed = false; + registerError( + request, + n_("pollen.security.error.bad.accountId")); + } + } + + if (isAdmin) { + + // admin user acts as a poll creator + accountIdRole = SecurityService.AccountIdRole.CREATOR; + } + } + + if (isAccessAllowed) { + + // pollId is sane + // accountId also + + // check now poll votes can be displayed + + boolean pollIsFree = PollType.FREE == poll.getPollType(); + + if (!pollIsFree && + !SecurityService.NONE_FREE_ACCOUNT_ID_ROLES.contains(accountIdRole)) { + + // on none free poll, only creator or restricted user can have it + isAccessAllowed = false; + registerError( + request, + n_("pollen.security.error.poll.not.free.and.access.not.granted")); + } + } + + return isAccessAllowed; + } + +} \ No newline at end of file Property changes on: trunk/pollen-ui-struts2/src/main/java/org/chorem/pollen/ui/security/PollVoteAccessRequired.java ___________________________________________________________________ Added: svn:keywords + Author Date Id Revision HeadURL Added: svn:eol-style + native Deleted: trunk/pollen-ui-struts2/src/main/java/org/chorem/pollen/ui/security/ResultAccessRequired.java =================================================================== --- trunk/pollen-ui-struts2/src/main/java/org/chorem/pollen/ui/security/ResultAccessRequired.java 2012-06-15 21:13:46 UTC (rev 3486) +++ trunk/pollen-ui-struts2/src/main/java/org/chorem/pollen/ui/security/ResultAccessRequired.java 2012-06-15 21:26:08 UTC (rev 3487) @@ -1,102 +0,0 @@ -/* - * #%L - * Pollen :: UI (struts2) - * $Id$ - * $HeadURL$ - * %% - * Copyright (C) 2009 - 2012 CodeLutin, Tony Chemit - * %% - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License as published by - * the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License - * along with this program. If not, see <http://www.gnu.org/licenses/>. - * #L% - */ -package org.chorem.pollen.ui.security; - -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; -import org.chorem.pollen.bean.PollUri; -import org.chorem.pollen.services.exceptions.PollNotFoundException; -import org.chorem.pollen.services.exceptions.UnauthorizedPollAccessException; -import org.chorem.pollen.services.impl.SecurityService; - -import javax.servlet.ServletRequest; -import javax.servlet.ServletResponse; - -public class ResultAccessRequired extends AbstractPollenAuthorization { - - private static final Log log = - LogFactory.getLog(ResultAccessRequired.class); - - protected final AdminUserRequired adminFilter; - - protected final PollCreatorRequired pollCreatorFilter; - - protected final PollAccessRequired pollAccountFilter; - - public ResultAccessRequired() { - adminFilter = new AdminUserRequired(); - pollCreatorFilter = new PollCreatorRequired(); - pollAccountFilter = new PollAccessRequired(); - } - - @Override - protected boolean isAccessAllowed(ServletRequest request, - ServletResponse response, - Object mappedValue) { - - boolean isAccessAllowed; - - if (adminFilter.isAccessAllowed(request, response, mappedValue)) { - - // user is connected ans admin, so - isAccessAllowed = true; - - } else if (pollCreatorFilter.isAccessAllowed(request, response, mappedValue)) { - - // account is creator - isAccessAllowed = true; - - } else if (pollAccountFilter.isAccessAllowed(request, response, mappedValue)) { - - PollUri pollUri = getPollUri(request); - - SecurityService securityService = getSecurityService(request); - - try { - securityService.checkPollResult(pollUri); - isAccessAllowed = true; - - if (log.isDebugEnabled()) { - log.debug("Can display result for this poll " + pollUri.getPollId()); - } - } catch (PollNotFoundException e) { - if (log.isDebugEnabled()) { - log.debug("Poll not found!"); - } - isAccessAllowed = false; - } catch (UnauthorizedPollAccessException e) { - if (log.isDebugEnabled()) { - log.debug("User can not access page"); - } - isAccessAllowed = false; - } - - } else { - - isAccessAllowed = false; - } - - return isAccessAllowed; - } - -} Modified: trunk/pollen-ui-struts2/src/main/resources/i18n/pollen-ui-struts2_en_GB.properties =================================================================== --- trunk/pollen-ui-struts2/src/main/resources/i18n/pollen-ui-struts2_en_GB.properties 2012-06-15 21:13:46 UTC (rev 3486) +++ trunk/pollen-ui-struts2/src/main/resources/i18n/pollen-ui-struts2_en_GB.properties 2012-06-15 21:26:08 UTC (rev 3487) @@ -305,8 +305,16 @@ pollen.menu.register=Register pollen.menu.userFavoriteLists=Voting lists pollen.security.error.admin_required=You must be connected as an administrator to access this page. +pollen.security.error.bad.accountId=Bad account id pollen.security.error.connected_required=You must be connected to access this page. +pollen.security.error.creatorId.or.admin.required=Only the poll creator or an administrator can access this page. pollen.security.error.creator_required=Only the poll creator or an administrator can access this page. +pollen.security.error.illegal_access=You are not authorise to access this page for following reason\: +pollen.security.error.no.pollId=No poll id given +pollen.security.error.poll.not.closed.and.results.not.continuous=The poll is not closed and results are not continuous +pollen.security.error.poll.not.found=Poll not found with this id +pollen.security.error.poll.not.free.and.access.not.granted=You can not access to this non free poll +pollen.security.error.poll.result.private.and.access.not.granted=Results of the poll are private and you do not have credentials to see them pollen.security.error.poll_access_required=You are not authorise to access this poll page. pollen.security.error.poll_required=No poll found with the given url. pollen.security.error.result_access_required=You are not authorise to access this result page. Modified: trunk/pollen-ui-struts2/src/main/resources/i18n/pollen-ui-struts2_fr_FR.properties =================================================================== --- trunk/pollen-ui-struts2/src/main/resources/i18n/pollen-ui-struts2_fr_FR.properties 2012-06-15 21:13:46 UTC (rev 3486) +++ trunk/pollen-ui-struts2/src/main/resources/i18n/pollen-ui-struts2_fr_FR.properties 2012-06-15 21:26:08 UTC (rev 3487) @@ -305,8 +305,16 @@ pollen.menu.register=Inscrivez-vous pollen.menu.userFavoriteLists=Listes de votants pollen.security.error.admin_required=Vous devez être connecté en administrateur pour accéder à cette page. +pollen.security.error.bad.accountId=L'identifiant de compte n'est pas bon pollen.security.error.connected_required=Vous devez être connecté pour accéder à cette page. +pollen.security.error.creatorId.or.admin.required=Seul le créateur du sondage ou un administrateur peut accéder à cette page. pollen.security.error.creator_required=Seul le créateur du sondage ou un administrateur peut accéder à cette page. +pollen.security.error.illegal_access=Vous n'êtes pas autorisé à accéder à cette page pour la raison suivante \: +pollen.security.error.no.pollId=Pas d'identifiant de sondage donné. +pollen.security.error.poll.not.closed.and.results.not.continuous= +pollen.security.error.poll.not.found=Sondage non trouvé pour l'identifiant donné +pollen.security.error.poll.not.free.and.access.not.granted=Vou s n'avez pas accès à ce sondage restreint +pollen.security.error.poll.result.private.and.access.not.granted=Vous n'avez pas accès aux résultats privés de ce sondage pollen.security.error.poll_access_required=Vous n'êtes pas autorisé à accéder à cette page de sondage. pollen.security.error.poll_required=Aucun sondage à l'url donné. pollen.security.error.result_access_required=Vous n'êtes pas autorisé à accéder à cette page de résultats. Modified: trunk/pollen-ui-struts2/src/main/resources/shiro.ini =================================================================== --- trunk/pollen-ui-struts2/src/main/resources/shiro.ini 2012-06-15 21:13:46 UTC (rev 3486) +++ trunk/pollen-ui-struts2/src/main/resources/shiro.ini 2012-06-15 21:26:08 UTC (rev 3487) @@ -29,18 +29,15 @@ admin=org.chorem.pollen.ui.security.AdminUserRequired admin.unauthorizedUrl=/security/admin_required -poll=org.chorem.pollen.ui.security.PollRequired -poll.unauthorizedUrl=/security/poll_required +pollCreatorAccess=org.chorem.pollen.ui.security.PollCreatorAccessRequired +pollCreatorAccess.unauthorizedUrl=/security/illegal_access -pollAccess=org.chorem.pollen.ui.security.PollAccessRequired -pollAccess.unauthorizedUrl=/security/poll_access_required +pollVoteAccess=org.chorem.pollen.ui.security.PollVoteAccessRequired +pollVoteAccess.unauthorizedUrl=/security/illegal_access -pollCreator=org.chorem.pollen.ui.security.PollCreatorRequired -pollCreator.unauthorizedUrl=/security/poll_creator_required +pollResultAccess=org.chorem.pollen.ui.security.PollResultAccessRequired +pollResultAccess.unauthorizedUrl=/security/illegal_access -resultAccess=org.chorem.pollen.ui.security.ResultAccessRequired -resultAccess.unauthorizedUrl=/security/result_access_required - [urls] # anon urls @@ -65,15 +62,17 @@ /json/getUser=connected,admin /json/getPolls=connected,admin -# is pollAccount (can vote and see result of a poll) -/poll/votefor/**=poll,pollAccess -/poll/VoteFor/**=poll,pollAccess -/poll/results/**=poll,resultAccess +# is poll exists and user can vote to it +/poll/votefor/**=pollVoteAccess +/poll/VoteFor/**=pollVoteAccess -# is pollCreator (can admin a poll) -/poll/modification/**=poll,pollCreator -/poll/summary/**=poll,pollCreator -/poll/moderate/**=poll,pollCreator -/poll/clone/**=poll,pollCreator -/poll/resultLink/**=poll,pollCreator -/poll/resume/**=poll,pollCreator \ No newline at end of file +# is poll exists and user can access to his result +/poll/results/**=pollResultAccess + +# is poll exists and user can admin it (his creator or an admin) +/poll/modification/**=pollCreatorAccess +/poll/summary/**=pollCreatorAccess +/poll/moderate/**=pollCreatorAccess +/poll/clone/**=pollCreatorAccess +/poll/resultLink/**=pollCreatorAccess +/poll/resume/**=pollCreatorAccess \ No newline at end of file Modified: trunk/pollen-ui-struts2/src/main/webapp/WEB-INF/jsp/security/admin_required.jsp =================================================================== --- trunk/pollen-ui-struts2/src/main/webapp/WEB-INF/jsp/security/admin_required.jsp 2012-06-15 21:13:46 UTC (rev 3486) +++ trunk/pollen-ui-struts2/src/main/webapp/WEB-INF/jsp/security/admin_required.jsp 2012-06-15 21:26:08 UTC (rev 3487) @@ -1,24 +1,24 @@ <%-- #%L -Pollen :: UI (struts2) -$Id$ -$HeadURL$ -%% -Copyright (C) 2009 - 2012 CodeLutin, Tony Chemit -%% -This program is free software: you can redistribute it and/or modify -it under the terms of the GNU Affero General Public License as published by -the Free Software Foundation, either version 3 of the License, or -(at your option) any later version. - -This program is distributed in the hope that it will be useful, -but WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -GNU General Public License for more details. - -You should have received a copy of the GNU Affero General Public License -along with this program. If not, see <http://www.gnu.org/licenses/>. -#L% + Pollen :: UI (struts2) + $Id$ + $HeadURL$ + %% + Copyright (C) 2009 - 2012 CodeLutin, Tony Chemit + %% + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU Affero General Public License as published by + the Free Software Foundation, either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU Affero General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. + #L% --%> <%@ taglib prefix="s" uri="/struts-tags" %> <%@ page contentType="text/html;charset=UTF-8" language="java" %> Modified: trunk/pollen-ui-struts2/src/main/webapp/WEB-INF/jsp/security/connected_required.jsp =================================================================== --- trunk/pollen-ui-struts2/src/main/webapp/WEB-INF/jsp/security/connected_required.jsp 2012-06-15 21:13:46 UTC (rev 3486) +++ trunk/pollen-ui-struts2/src/main/webapp/WEB-INF/jsp/security/connected_required.jsp 2012-06-15 21:26:08 UTC (rev 3487) @@ -1,24 +1,24 @@ <%-- #%L -Pollen :: UI (struts2) -$Id$ -$HeadURL$ -%% -Copyright (C) 2009 - 2012 CodeLutin, Tony Chemit -%% -This program is free software: you can redistribute it and/or modify -it under the terms of the GNU Affero General Public License as published by -the Free Software Foundation, either version 3 of the License, or -(at your option) any later version. - -This program is distributed in the hope that it will be useful, -but WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -GNU General Public License for more details. - -You should have received a copy of the GNU Affero General Public License -along with this program. If not, see <http://www.gnu.org/licenses/>. -#L% + Pollen :: UI (struts2) + $Id$ + $HeadURL$ + %% + Copyright (C) 2009 - 2012 CodeLutin, Tony Chemit + %% + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU Affero General Public License as published by + the Free Software Foundation, either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU Affero General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. + #L% --%> <%@ taglib prefix="s" uri="/struts-tags" %> <%@ page contentType="text/html;charset=UTF-8" language="java" %> Added: trunk/pollen-ui-struts2/src/main/webapp/WEB-INF/jsp/security/illegal_access.jsp =================================================================== --- trunk/pollen-ui-struts2/src/main/webapp/WEB-INF/jsp/security/illegal_access.jsp (rev 0) +++ trunk/pollen-ui-struts2/src/main/webapp/WEB-INF/jsp/security/illegal_access.jsp 2012-06-15 21:26:08 UTC (rev 3487) @@ -0,0 +1,37 @@ +<%-- +#%L + Pollen :: UI (struts2) + $Id$ + $HeadURL$ + %% + Copyright (C) 2009 - 2012 CodeLutin, Tony Chemit + %% + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU Affero General Public License as published by + the Free Software Foundation, either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU Affero General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. + #L% +--%> +<%@ taglib prefix="s" uri="/struts-tags" %> +<%@ page contentType="text/html;charset=UTF-8" language="java" %> +<div class="info_error"> + <ul class="actionErrors"> + <li> + <span> + <s:text name="pollen.security.error.illegal_access"/> + <br/> + <strong> + <s:property value='%{getText(#parameters.errorMessage)}'/> + </strong> + </span> + </li> + </ul> +</div> Property changes on: trunk/pollen-ui-struts2/src/main/webapp/WEB-INF/jsp/security/illegal_access.jsp ___________________________________________________________________ Added: svn:keywords + Author Date Id Revision HeadURL Added: svn:eol-style + native Deleted: trunk/pollen-ui-struts2/src/main/webapp/WEB-INF/jsp/security/poll_access_required.jsp =================================================================== --- trunk/pollen-ui-struts2/src/main/webapp/WEB-INF/jsp/security/poll_access_required.jsp 2012-06-15 21:13:46 UTC (rev 3486) +++ trunk/pollen-ui-struts2/src/main/webapp/WEB-INF/jsp/security/poll_access_required.jsp 2012-06-15 21:26:08 UTC (rev 3487) @@ -1,33 +0,0 @@ -<%-- -#%L -Pollen :: UI (struts2) -$Id$ -$HeadURL$ -%% -Copyright (C) 2009 - 2012 CodeLutin, Tony Chemit -%% -This program is free software: you can redistribute it and/or modify -it under the terms of the GNU Affero General Public License as published by -the Free Software Foundation, either version 3 of the License, or -(at your option) any later version. - -This program is distributed in the hope that it will be useful, -but WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -GNU General Public License for more details. - -You should have received a copy of the GNU Affero General Public License -along with this program. If not, see <http://www.gnu.org/licenses/>. -#L% ---%> -<%@ taglib prefix="s" uri="/struts-tags" %> -<%@ page contentType="text/html;charset=UTF-8" language="java" %> -<div class="info_error"> - <ul class="actionErrors"> - <li> - <span> - <s:text name="pollen.security.error.poll_access_required"/> - </span> - </li> - </ul> -</div> Deleted: trunk/pollen-ui-struts2/src/main/webapp/WEB-INF/jsp/security/poll_creator_required.jsp =================================================================== --- trunk/pollen-ui-struts2/src/main/webapp/WEB-INF/jsp/security/poll_creator_required.jsp 2012-06-15 21:13:46 UTC (rev 3486) +++ trunk/pollen-ui-struts2/src/main/webapp/WEB-INF/jsp/security/poll_creator_required.jsp 2012-06-15 21:26:08 UTC (rev 3487) @@ -1,33 +0,0 @@ -<%-- -#%L -Pollen :: UI (struts2) -$Id$ -$HeadURL$ -%% -Copyright (C) 2009 - 2012 CodeLutin, Tony Chemit -%% -This program is free software: you can redistribute it and/or modify -it under the terms of the GNU Affero General Public License as published by -the Free Software Foundation, either version 3 of the License, or -(at your option) any later version. - -This program is distributed in the hope that it will be useful, -but WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -GNU General Public License for more details. - -You should have received a copy of the GNU Affero General Public License -along with this program. If not, see <http://www.gnu.org/licenses/>. -#L% ---%> -<%@ taglib prefix="s" uri="/struts-tags" %> -<%@ page contentType="text/html;charset=UTF-8" language="java" %> -<div class="info_error"> - <ul class="actionErrors"> - <li> - <span> - <s:text name="pollen.security.error.creator_required"/> - </span> - </li> - </ul> -</div> Deleted: trunk/pollen-ui-struts2/src/main/webapp/WEB-INF/jsp/security/poll_required.jsp =================================================================== --- trunk/pollen-ui-struts2/src/main/webapp/WEB-INF/jsp/security/poll_required.jsp 2012-06-15 21:13:46 UTC (rev 3486) +++ trunk/pollen-ui-struts2/src/main/webapp/WEB-INF/jsp/security/poll_required.jsp 2012-06-15 21:26:08 UTC (rev 3487) @@ -1,33 +0,0 @@ -<%-- -#%L -Pollen :: UI (struts2) -$Id$ -$HeadURL$ -%% -Copyright (C) 2009 - 2012 CodeLutin, Tony Chemit -%% -This program is free software: you can redistribute it and/or modify -it under the terms of the GNU Affero General Public License as published by -the Free Software Foundation, either version 3 of the License, or -(at your option) any later version. - -This program is distributed in the hope that it will be useful, -but WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -GNU General Public License for more details. - -You should have received a copy of the GNU Affero General Public License -along with this program. If not, see <http://www.gnu.org/licenses/>. -#L% ---%> -<%@ taglib prefix="s" uri="/struts-tags" %> -<%@ page contentType="text/html;charset=UTF-8" language="java" %> -<div class="info_error"> - <ul class="actionErrors"> - <li> - <span> - <s:text name="pollen.security.error.poll_required"/> - </span> - </li> - </ul> -</div> Deleted: trunk/pollen-ui-struts2/src/main/webapp/WEB-INF/jsp/security/result_access_required.jsp =================================================================== --- trunk/pollen-ui-struts2/src/main/webapp/WEB-INF/jsp/security/result_access_required.jsp 2012-06-15 21:13:46 UTC (rev 3486) +++ trunk/pollen-ui-struts2/src/main/webapp/WEB-INF/jsp/security/result_access_required.jsp 2012-06-15 21:26:08 UTC (rev 3487) @@ -1,33 +0,0 @@ -<%-- -#%L -Pollen :: UI (struts2) -$Id$ -$HeadURL$ -%% -Copyright (C) 2009 - 2012 CodeLutin, Tony Chemit -%% -This program is free software: you can redistribute it and/or modify -it under the terms of the GNU Affero General Public License as published by -the Free Software Foundation, either version 3 of the License, or -(at your option) any later version. - -This program is distributed in the hope that it will be useful, -but WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -GNU General Public License for more details. - -You should have received a copy of the GNU Affero General Public License -along with this program. If not, see <http://www.gnu.org/licenses/>. -#L% ---%> -<%@ taglib prefix="s" uri="/struts-tags" %> -<%@ page contentType="text/html;charset=UTF-8" language="java" %> -<div class="info_error"> - <ul class="actionErrors"> - <li> - <span> - <s:text name="pollen.security.error.result_access_required"/> - </span> - </li> - </ul> -</div> Modified: trunk/pollen-ui-struts2/src/test/java/org/chorem/pollen/ui/PollenFixtures.java =================================================================== --- trunk/pollen-ui-struts2/src/test/java/org/chorem/pollen/ui/PollenFixtures.java 2012-06-15 21:13:46 UTC (rev 3486) +++ trunk/pollen-ui-struts2/src/test/java/org/chorem/pollen/ui/PollenFixtures.java 2012-06-15 21:26:08 UTC (rev 3487) @@ -132,15 +132,15 @@ } public String poll_requiredURL() { - return baseUrl() + "security/poll_required"; + return baseUrl() + "security/illegal_access"; } public String poll_access_requiredURL() { - return baseUrl() + "security/poll_access_required"; + return baseUrl() + "security/illegal_access"; } public String poll_creator_requiredURL() { - return baseUrl() + "security/poll_creator_required"; + return baseUrl() + "security/illegal_access"; } public String createPollURL() { Modified: trunk/pollen-ui-struts2/src/test/java/org/chorem/pollen/ui/its/CreateFreeTextPollSIT.java =================================================================== --- trunk/pollen-ui-struts2/src/test/java/org/chorem/pollen/ui/its/CreateFreeTextPollSIT.java 2012-06-15 21:13:46 UTC (rev 3486) +++ trunk/pollen-ui-struts2/src/test/java/org/chorem/pollen/ui/its/CreateFreeTextPollSIT.java 2012-06-15 21:26:08 UTC (rev 3487) @@ -34,7 +34,7 @@ /** * Test the well work of a Free text poll creation page. - * + * <p/> * Tested cases : * <ul> * <li>Classic creation with filled mandatory fields (OK)</li> @@ -51,7 +51,6 @@ * </ul> * * @author ymartel <martel@codelutin.com> - * * @since 1.4 */ public class CreateFreeTextPollSIT extends PollenBaseWebDriverIT { @@ -472,7 +471,8 @@ submit.click(); // No choices, should stay on create poll page - checkCurrentUrl(fixtures.createPollURL(), false); + //FIXME-tchemit-2012-06-15 (see http://chorem.org/issues/618) + checkCurrentUrl(fixtures.savePollURL(), false); } Modified: trunk/pollen-ui-struts2/src/test/java/org/chorem/pollen/ui/its/PollenBaseWebDriverIT.java =================================================================== --- trunk/pollen-ui-struts2/src/test/java/org/chorem/pollen/ui/its/PollenBaseWebDriverIT.java 2012-06-15 21:13:46 UTC (rev 3486) +++ trunk/pollen-ui-struts2/src/test/java/org/chorem/pollen/ui/its/PollenBaseWebDriverIT.java 2012-06-15 21:26:08 UTC (rev 3487) @@ -72,7 +72,7 @@ @Rule public WebDriverResource seleniumServer; - protected PollenFixtures fixtures ; + protected PollenFixtures fixtures; protected WebDriver driver; @@ -112,7 +112,6 @@ } else { expectedUrl = fallBackUrl; } - checkCurrentUrl(expectedUrl, strict); } @@ -120,13 +119,12 @@ * Check that the current URL is the expected one. * If it is a strict comparison, the URL should be the same that the wanted. * If not, it only checks that the current URL start with the wanted url. - * */ protected void checkCurrentUrl(String expectedUrl, boolean strict) { if (strict) { - Assert.assertEquals(expectedUrl, driver.getCurrentUrl()); + Assert.assertEquals("Current url [" + driver.getCurrentUrl() + "] should be " + expectedUrl, expectedUrl, driver.getCurrentUrl()); } else { - Assert.assertTrue(driver.getCurrentUrl().startsWith(expectedUrl)); + Assert.assertTrue("Current url [" + driver.getCurrentUrl() + "] should starts with " + expectedUrl, driver.getCurrentUrl().startsWith(expectedUrl)); } } @@ -181,7 +179,7 @@ if (safeDrivers == null) { List<Class<? extends WebDriver>> allDrivers = Lists.newArrayList(); -// allDrivers.add(HtmlUnitDriver.class); + allDrivers.add(HtmlUnitDriver.class); allDrivers.add(FirefoxDriver.class); // allDrivers.add(ChromeDriver.class); // allDrivers.add(InternetExplorerDriver.class); Modified: trunk/pollen-ui-struts2/src/test/java/org/chorem/pollen/ui/its/SecurityAccessSIT.java =================================================================== --- trunk/pollen-ui-struts2/src/test/java/org/chorem/pollen/ui/its/SecurityAccessSIT.java 2012-06-15 21:13:46 UTC (rev 3486) +++ trunk/pollen-ui-struts2/src/test/java/org/chorem/pollen/ui/its/SecurityAccessSIT.java 2012-06-15 21:26:08 UTC (rev 3487) @@ -323,7 +323,7 @@ * @throws Exception */ @Test - public void accessNormalPoolActionsAsOwner() throws Exception { + public void accessNormalPollActionsAsOwner() throws Exception { // Go on home page gotoUrl(fixtures.homeURL());