r3516 - in trunk: pollen-services/src/main/java/org/chorem/pollen/bean pollen-services/src/main/java/org/chorem/pollen/services/impl pollen-ui-struts2/src/main/java/org/chorem/pollen/ui pollen-ui-struts2/src/main/java/org/chorem/pollen/ui/actions/poll pollen-ui-struts2/src/main/java/org/chorem/pollen/ui/security pollen-ui-struts2/src/main/resources/i18n pollen-ui-struts2/src/main/webapp/WEB-INF/jsp/poll pollen-ui-struts2/src/main/webapp/js src/site/rst
Author: tchemit Date: 2012-06-18 18:19:22 +0200 (Mon, 18 Jun 2012) New Revision: 3516 Url: http://chorem.org/repositories/revision/pollen/3516 Log: - fixes #609: Review security access for administrator (should review it when using shiro permissions) - continuous results have nothing to see with public results - have same actions on results page than in vote-moderate page - remove Dummy ChoiceHelper class (at last!) - remove ResultLink action (at last!) Removed: trunk/pollen-services/src/main/java/org/chorem/pollen/bean/ChoiceHelper.java trunk/pollen-ui-struts2/src/main/java/org/chorem/pollen/ui/actions/poll/ResultLink.java Modified: trunk/pollen-services/src/main/java/org/chorem/pollen/services/impl/SecurityService.java trunk/pollen-ui-struts2/src/main/java/org/chorem/pollen/ui/PollenUIUtils.java trunk/pollen-ui-struts2/src/main/java/org/chorem/pollen/ui/actions/poll/AbstractPollForm.java trunk/pollen-ui-struts2/src/main/java/org/chorem/pollen/ui/actions/poll/AbstractVoteAction.java trunk/pollen-ui-struts2/src/main/java/org/chorem/pollen/ui/actions/poll/AddChoice.java trunk/pollen-ui-struts2/src/main/java/org/chorem/pollen/ui/actions/poll/AddComment.java trunk/pollen-ui-struts2/src/main/java/org/chorem/pollen/ui/actions/poll/DeleteComment.java trunk/pollen-ui-struts2/src/main/java/org/chorem/pollen/ui/actions/poll/ModeratePoll.java trunk/pollen-ui-struts2/src/main/java/org/chorem/pollen/ui/actions/poll/ResultForPoll.java trunk/pollen-ui-struts2/src/main/java/org/chorem/pollen/ui/actions/poll/SummaryPoll.java trunk/pollen-ui-struts2/src/main/java/org/chorem/pollen/ui/actions/poll/VoteForPoll.java trunk/pollen-ui-struts2/src/main/java/org/chorem/pollen/ui/security/PollCreatorAccessRequired.java trunk/pollen-ui-struts2/src/main/java/org/chorem/pollen/ui/security/PollResultAccessRequired.java trunk/pollen-ui-struts2/src/main/java/org/chorem/pollen/ui/security/PollVoteAccessRequired.java trunk/pollen-ui-struts2/src/main/resources/i18n/pollen-ui-struts2_en_GB.properties trunk/pollen-ui-struts2/src/main/resources/i18n/pollen-ui-struts2_fr_FR.properties trunk/pollen-ui-struts2/src/main/webapp/WEB-INF/jsp/poll/result.jsp trunk/pollen-ui-struts2/src/main/webapp/WEB-INF/jsp/poll/vote.jsp trunk/pollen-ui-struts2/src/main/webapp/js/createPoll.js trunk/src/site/rst/security.rst Deleted: trunk/pollen-services/src/main/java/org/chorem/pollen/bean/ChoiceHelper.java =================================================================== --- trunk/pollen-services/src/main/java/org/chorem/pollen/bean/ChoiceHelper.java 2012-06-18 14:16:41 UTC (rev 3515) +++ trunk/pollen-services/src/main/java/org/chorem/pollen/bean/ChoiceHelper.java 2012-06-18 16:19:22 UTC (rev 3516) @@ -1,106 +0,0 @@ -/* - * #%L - * Pollen :: Services - * $Id$ - * $HeadURL$ - * %% - * Copyright (C) 2009 - 2012 CodeLutin, Tony Chemit - * %% - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License as published by - * the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License - * along with this program. If not, see <http://www.gnu.org/licenses/>. - * #L% - */ -package org.chorem.pollen.bean; - -import com.google.common.collect.Iterables; -import org.chorem.pollen.business.persistence.Choice; -import org.chorem.pollen.common.ChoiceType; -import org.chorem.pollen.services.PollenServiceFunctions; - -/** - * Used to manage all objects from {@link Choice} inheritance tree depends - * on {@link ChoiceType}. - * <p/> - * Created: 30/03/12 - * - * @author fdesbois <desbois@codelutin.com> - * @since 1.3 - * @deprecated will be removed soon a class form this is not required :( - */ -@Deprecated -public final class ChoiceHelper { - - private ChoiceHelper() { - } - -// public static Object toValue(Choice choice, ChoiceType choiceType) { -// Object result; -// switch (choiceType) { -// case DATE: -// if (choice instanceof PollDateChoice) { -// result = ((PollDateChoice) choice).getDate(); -// } else { -// result = new Date(Long.parseLong(choice.getName())); -// } -// break; -// case IMAGE: -// if (choice instanceof PollImageChoice) { -// result = ((PollImageChoice) choice).getLocation(); -// } else { -// result = choice.getName(); -// } -// break; -// case TEXT: -// default: -// result = choice.getName(); -// } -// return result; -// } - -// public static Function<Choice, Object> toValue(final ChoiceType type) { -// return new Function<Choice, Object>() { -// -// @Override -// public Object apply(Choice input) { -// return toValue(input, type); -// } -// }; -// } - -// public static Iterable<Object> toValues(Iterable<Choice> choices, -// ChoiceType choiceType) { -// return Iterables.transform(choices, toValue(choiceType)); -// } - - public static Iterable<String> toNames(Iterable<Choice> choices) { - return Iterables.transform(choices, - PollenServiceFunctions.CHOICE_TO_NAME); - } - -// public static String getValuePropertyName(ChoiceType choiceType) { -// String result; -// switch (choiceType) { -// case DATE: -// result = PollDateChoice.PROPERTY_DATE; -// break; -// case IMAGE: -// result = PollImageChoice.PROPERTY_LOCATION; -// break; -// case TEXT: -// default: -// result = Choice.PROPERTY_NAME; -// } -// return result; -// } - -} Modified: trunk/pollen-services/src/main/java/org/chorem/pollen/services/impl/SecurityService.java =================================================================== --- trunk/pollen-services/src/main/java/org/chorem/pollen/services/impl/SecurityService.java 2012-06-18 14:16:41 UTC (rev 3515) +++ trunk/pollen-services/src/main/java/org/chorem/pollen/services/impl/SecurityService.java 2012-06-18 16:19:22 UTC (rev 3516) @@ -27,6 +27,7 @@ import org.apache.commons.lang3.StringUtils; import org.chorem.pollen.PollenTechnicalException; import org.chorem.pollen.bean.PollUri; +import org.chorem.pollen.bean.PollUrl; import org.chorem.pollen.business.persistence.Comment; import org.chorem.pollen.business.persistence.Poll; import org.chorem.pollen.business.persistence.PollAccount; @@ -50,12 +51,12 @@ */ public class SecurityService extends PollenServiceSupport { - public boolean isPollCreator(Poll poll, PollUri uriId, + public boolean isPollCreator(Poll poll, String accountId, UserAccount pollenUserAccount) { PollAccount creator = poll.getCreator(); - boolean result = creator.getAccountId().equals(uriId.getAccountId()); + boolean result = creator.getAccountId().equals(accountId); if (!result) { if (pollenUserAccount != null) { @@ -67,7 +68,28 @@ return result; } + public boolean isCanClosePoll(Poll poll, AccountIdRole accountIdRole) { + boolean result = !poll.isClosed(); + + if (result) { + + // poll can be closed, check user can do action + result = accountIdRole == AccountIdRole.CREATOR; + } + + return result; + } + + public void removeAccountIdWhenConnected(PollUrl url, + UserAccount userAccount) { + if (userAccount != null) { + + // remove accountId from url + url.getPollUri().setAccountId(null); + } + } + /** * To define meaning of a accountId. * @@ -99,83 +121,6 @@ AccountIdRole.CREATOR ); -// public void checkPoll(PollUri uri) throws PollNotFoundException { -// -// getExistingPoll(uri); -// } - -// public void checkPollResult(PollUri uri) throws PollNotFoundException, UnauthorizedPollAccessException { -// -// Poll poll = getExistingPoll(uri); -// -// if (!poll.isPublicResults()) { -// throw new UnauthorizedPollAccessException(); -// } -// } - -// public void checkPollAccount(PollUri uri) throws PollNotFoundException, UnauthorizedPollAccessException { -// -// -// String accountId = uri.getAccountId(); -// -// Poll poll = getExistingPoll(uri); -// -// PollAccountDAO dao = getDAO(PollAccount.class); -// -// String pollId = uri.getPollId(); -// -// if (poll.getPollType() == PollType.FREE) { -// -// // free poll -// if (accountId != null) { -// -// // account Id is given check there is a such vote for this account -// -// try { -// -// if (!dao.existsByPollVoteAccountId(pollId, accountId)) { -// throw new UnauthorizedPollAccessException(); -// } -// } catch (TopiaException e) { -// throw new PollenTechnicalException( -// "Could not check pollAccount existence from poll '" + -// pollId + "' and account '" + accountId + "'", e); -// } -// } -// } else { -// -// // check that uri contains a correct poll account for this -// -// // Use PersonToList association entity to find coherence between -// // the poll and votingId -// -// try { -// PollAccount result = -// dao.getRestrictedPollAccount(pollId, accountId); -// -// if (result == null) { -// throw new UnauthorizedPollAccessException(); -// } -// } catch (TopiaException e) { -// throw new PollenTechnicalException( -// "Could not obtain restricted pollAccount", e); -// } -// } -// } - -// public void checkPollCreator(PollUri uri) throws PollNotFoundException, UnauthorizedPollAccessException { -// -// String accountId = uri.getAccountId(); -// -// Poll poll = getExistingPoll(uri); -// -// String creatorId = poll.getCreator().getAccountId(); -// -// if (!creatorId.equals(accountId)) { -// throw new UnauthorizedPollAccessException(); -// } -// } - public AccountIdRole getAccountIdRole(Poll poll, String accountId) { Preconditions.checkNotNull(poll); @@ -248,7 +193,9 @@ return null; } - public String isCanAccessVote(Poll poll, String accountId, AccountIdRole accountIdRole) { + public String isCanAccessVote(Poll poll, + String accountId, + AccountIdRole accountIdRole) { if (AccountIdRole.CREATOR == accountIdRole) { @@ -275,7 +222,6 @@ String accountId, AccountIdRole accountIdRole) { - Date now = serviceContext.getCurrentTime(); if (!poll.isRunning(now)) { Modified: trunk/pollen-ui-struts2/src/main/java/org/chorem/pollen/ui/PollenUIUtils.java =================================================================== --- trunk/pollen-ui-struts2/src/main/java/org/chorem/pollen/ui/PollenUIUtils.java 2012-06-18 14:16:41 UTC (rev 3515) +++ trunk/pollen-ui-struts2/src/main/java/org/chorem/pollen/ui/PollenUIUtils.java 2012-06-18 16:19:22 UTC (rev 3516) @@ -22,14 +22,10 @@ */ package org.chorem.pollen.ui; -import org.apache.struts2.ServletActionContext; -import org.chorem.pollen.PollenTechnicalException; +import org.chorem.pollen.services.impl.SecurityService; import javax.servlet.ServletContext; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import java.net.MalformedURLException; -import java.net.URL; +import javax.servlet.ServletRequest; /** * Useful ui methods. @@ -42,6 +38,8 @@ /** Keep the servlet context */ private static ServletContext servletContext; + private static final String ACCOUNT_ID_ROLE = "accountIdRole"; + public static ServletContext getServletContext() { return servletContext; } @@ -50,39 +48,18 @@ PollenUIUtils.servletContext = servletContext; } - public static void redirect(String url) throws Exception { - - HttpServletResponse response = ServletActionContext.getResponse(); - HttpServletRequest request = ServletActionContext.getRequest(); - - String path = request.getContextPath(); - if (!url.startsWith("/")) { - path += "/"; - } - response.sendRedirect(path + url); + public static void setAccountIdRole(ServletRequest request, + SecurityService.AccountIdRole accountIdRole) { + request.setAttribute(ACCOUNT_ID_ROLE, accountIdRole); } - public static URL getApplicationBase(HttpServletRequest request) { - - // get port - String port; - if ("http".equalsIgnoreCase(request.getScheme()) && request.getServerPort() != 80 || - "https".equalsIgnoreCase(request.getScheme()) && request.getServerPort() != 443) { - port = ":" + request.getServerPort(); - } else { - port = ""; - } - - String applicationBase = request.getScheme() + "://" + request.getServerName() + - port + request.getContextPath(); - try { - return new URL(applicationBase); - } catch (MalformedURLException e) { - throw new PollenTechnicalException( - "Could not compute pollen url", e); - } + public static SecurityService.AccountIdRole getAccountIdRole(ServletRequest request) { + SecurityService.AccountIdRole result = (SecurityService.AccountIdRole) + request.getAttribute(ACCOUNT_ID_ROLE); + return result; } protected PollenUIUtils() { + // helper can not be instanciated } } Modified: trunk/pollen-ui-struts2/src/main/java/org/chorem/pollen/ui/actions/poll/AbstractPollForm.java =================================================================== --- trunk/pollen-ui-struts2/src/main/java/org/chorem/pollen/ui/actions/poll/AbstractPollForm.java 2012-06-18 14:16:41 UTC (rev 3515) +++ trunk/pollen-ui-struts2/src/main/java/org/chorem/pollen/ui/actions/poll/AbstractPollForm.java 2012-06-18 16:19:22 UTC (rev 3516) @@ -459,12 +459,12 @@ poll.setMaxChoiceNb(0); } - if (!poll.isPublicResults()) { +// if (!poll.isPublicResults()) { +// +// // force to not have continous results +// poll.setContinuousResults(false); +// } - // force to not have continous results - poll.setContinuousResults(false); - } - if (poll.isAnonymous()) { // force to not have choice to vote anonymously Modified: trunk/pollen-ui-struts2/src/main/java/org/chorem/pollen/ui/actions/poll/AbstractVoteAction.java =================================================================== --- trunk/pollen-ui-struts2/src/main/java/org/chorem/pollen/ui/actions/poll/AbstractVoteAction.java 2012-06-18 14:16:41 UTC (rev 3515) +++ trunk/pollen-ui-struts2/src/main/java/org/chorem/pollen/ui/actions/poll/AbstractVoteAction.java 2012-06-18 16:19:22 UTC (rev 3516) @@ -30,6 +30,7 @@ import org.apache.struts2.interceptor.ServletRequestAware; import org.chorem.pollen.bean.PollResult; import org.chorem.pollen.bean.PollResultList; +import org.chorem.pollen.bean.PollUrl; import org.chorem.pollen.business.persistence.Choice; import org.chorem.pollen.business.persistence.Comment; import org.chorem.pollen.business.persistence.Poll; @@ -43,8 +44,8 @@ import org.chorem.pollen.services.exceptions.PollAccountNotFound; import org.chorem.pollen.services.exceptions.PollNotFoundException; import org.chorem.pollen.services.impl.SecurityService; +import org.chorem.pollen.ui.PollenUIUtils; import org.chorem.pollen.ui.actions.PageSkin; -import org.chorem.pollen.ui.security.PollVoteAccessRequired; import javax.servlet.http.HttpServletRequest; import java.util.Date; @@ -65,6 +66,8 @@ /** Logger. */ private static final Log log = LogFactory.getLog(AbstractVoteAction.class); + public static final String PREPARE_VOTE_PAGE = "prepareVotePage"; + /** * Loaded poll. * @@ -73,7 +76,7 @@ private Poll poll; /** - * Is feed existfor this poll ? + * Is feed exists for this poll ? * * @since 1.3 */ @@ -93,17 +96,21 @@ */ private PollAccount pollAccount; - //TODO-thcemit-2012-06-03 Do we use this ? nobody set it... so always false - private boolean alreadyVoted; - /** - * Is votr allowed for current user? + * Is vote allowed for current user? * * @since 1.3 */ private boolean voteAllowed; /** + * Is current user can go to results. + * + * @since 1.4 + */ + private boolean resultAllowed; + + /** * All votes for the poll. * * @since 1.3 @@ -159,6 +166,11 @@ */ private transient HttpServletRequest request; + /** + * @return {@code true} if moderation is possible, {@code false} otherwise + * @since 1.4 + */ + public abstract boolean isModerate(); @Override public PageSkin getSkin() { @@ -179,10 +191,6 @@ return poll; } - public boolean isFeedFileExisting() { - return feedFileExisting; - } - public PollAccount getPollAccount() { return pollAccount; } @@ -195,27 +203,57 @@ return vote; } - public boolean isPollChoiceOrVoteStarted() { - Date now = serviceContext.getCurrentTime(); - return poll.isAddChoiceStarted(now) || poll.isStarted(now); + public List<PollResult> getResults() { + return results; } - public boolean isAlreadyVoted() { - return alreadyVoted; + public List<Comment> getComments() { + return comments; } - public boolean isAnonymousVote() { - return poll.isAnonymous(); + public String getCreatorName() { + return poll.getCreator().getVotingId(); } - public List<PollResult> getResults() { - return results; + public String getVoteSizeMessage() { + return _("pollen.common.voteNbVotes", getPoll().sizeVote()); } - public List<Comment> getComments() { - return comments; + public String getCommentAuthor() { + if (commentAuthor == null) { + + UserAccount user = getPollenUserAccount(); + if (user == null) { + + // Use current pollAccount name for comment + commentAuthor = getPollAccount().getVotingId(); + + } else { + + // Connecter user name + commentAuthor = user.getDisplayName(); + } + } + return commentAuthor; } + public String getSummaryUrl() { + PollUrl url = getPollUrlService().getPollSummaryUrl(poll); + getSecurityService().removeAccountIdWhenConnected(url, getPollenUserAccount()); + return url.getUrl(); + } + + public String getResultUrl() { + PollUrl url = getPollUrlService().getPollResultUrl(poll); + url.getPollUri().setAccountId(getAccountId()); + getSecurityService().removeAccountIdWhenConnected(url, getPollenUserAccount()); + return url.getUrl(); + } + + public boolean isFeedFileExisting() { + return feedFileExisting; + } + public boolean isCreatorUser() { return creatorUser; } @@ -224,17 +262,28 @@ return !poll.isAnonymous() || isRestrictedPoll() || isGroupPoll(); } + public boolean isPollChoiceOrVoteStarted() { + Date now = serviceContext.getCurrentTime(); + return poll.isAddChoiceStarted(now) || poll.isStarted(now); + } + + public boolean isAnonymousVote() { + return poll.isAnonymous(); + } + public boolean isPollChoiceRunning() { Date now = serviceContext.getCurrentTime(); return poll.isAddChoiceRunning(now); } - public String getCreatorName() { - return poll.getCreator().getVotingId(); + public boolean isPollStarted() { + Date now = serviceContext.getCurrentTime(); + return poll.getBeginDate() == null || poll.getBeginDate().before(now); } - public String getVoteSizeMessage() { - return _("pollen.common.voteNbVotes", getPoll().sizeVote()); + public boolean isPollFinished() { + Date now = serviceContext.getCurrentTime(); + return poll.getEndDate() != null && poll.getEndDate().before(now); } public boolean isDescNull(Choice choice) { @@ -281,80 +330,37 @@ return poll.getVoteCountingType() == VoteCountingType.NUMBER; } - public boolean isPollStarted() { - Date now = serviceContext.getCurrentTime(); - return poll.getBeginDate() == null || poll.getBeginDate().before(now); + public boolean isVoteAllowed() { + return voteAllowed; } - public boolean isPollFinished() { - Date now = serviceContext.getCurrentTime(); - return poll.getEndDate() != null && poll.getEndDate().before(now); + public boolean isResultAllowed() { + return resultAllowed; } - public String getCommentAuthor() { - if (commentAuthor == null) { - - UserAccount user = getPollenUserAccount(); - if (user == null) { - - // Use current pollAccount name for comment - commentAuthor = getPollAccount().getVotingId(); - - } else { - - // Connecter user name - commentAuthor = user.getDisplayName(); - } - } - return commentAuthor; + public boolean isModifyVoteAllowed(Vote vote) { + return getSecurityService().isCanModifyVote( + getPoll(), + vote.getTopiaId(), + getAccountId(), + getPollenUserAccount()); } - public void setCommentAuthor(String commentAuthor) { - this.commentAuthor = commentAuthor; + public boolean isDeleteCommentAllowed(Comment comment) { + return getSecurityService().isCanDeleteComment( + comment, + getUriId().getAccountId(), + accountIdRole, + getPollenUserAccount()); } - protected String prepareVotePage(boolean moderate) throws Exception { - - loadPoll(); - - // Current poll account - loadPollAccount(); - - // All votes - // TODO no pagination for the moment, need to retrieve the correct page depends on current pollAccount - votes = getVoteService().getAllVotes(poll); - - accountIdRole = (SecurityService.AccountIdRole) - request.getAttribute(PollVoteAccessRequired.ACCOUNT_ID_ROLE); - - voteAllowed = !moderate && - getSecurityService().isCanVote(poll, - getAccountId(), - accountIdRole); - - // Current vote - if (voteAllowed) { - vote = getVoteService().getVoteEditable(poll, pollAccount); - } - - loadPollResults(); - loadPollComments(); - - feedFileExisting = getPollFeedService().isFeedExists(poll); - - creatorUser = getSecurityService().isPollCreator(poll, - getUriId(), - getPollenUserAccount()); - - if (log.isInfoEnabled()) { - Date now = serviceContext.getCurrentTime(); - log.info("pollChoiceOrVoteStarted = " + isPollChoiceOrVoteStarted()); - log.info("pollChoiceRunning = " + isPollChoiceRunning()); - log.info("pollRunning = " + poll.isRunning(now)); - log.info("accountFieldDisplayed = " + isAccountFieldDisplayed()); - log.info("creatorUser = " + creatorUser); - } - return INPUT; + public boolean isDeleteVoteAllowed(Vote vote) { + return getSecurityService().isCanDeleteVote( + getPoll(), + vote.getTopiaId(), + getUriId().getAccountId(), + accountIdRole, + getPollenUserAccount()); } public String getResultValue(Choice choice) { @@ -390,45 +396,93 @@ return result; } - public boolean isModifyVoteAllowed(Vote vote) { - return getSecurityService().isCanModifyVote( - getPoll(), - vote.getTopiaId(), - getAccountId(), - getPollenUserAccount()); + public Date getChoiceAsDate(Choice choice) { + return new Date(Long.valueOf(choice.getName())); } - public boolean isVoteAllowed() { - return voteAllowed; + public void setCommentAuthor(String commentAuthor) { + this.commentAuthor = commentAuthor; } - public boolean isDeleteCommentAllowed(Comment comment) { - return getSecurityService().isCanDeleteComment( - comment, - getUriId().getAccountId(), - accountIdRole, - getPollenUserAccount()); - } + public String prepareVotePage() throws Exception { - public boolean isDeleteVoteAllowed(Vote vote) { - return getSecurityService().isCanDeleteVote( - getPoll(), - vote.getTopiaId(), - getUriId().getAccountId(), - accountIdRole, - getPollenUserAccount()); -// // can delete a vote if admin or poll creator -// return isUserAdmin() || isCreatorUser(); + boolean moderate = isModerate(); + + loadPoll(); + + // Current poll account + loadPollAccount(); + + // All votes + // TODO no pagination for the moment, need to retrieve the correct page depends on current pollAccount + votes = getVoteService().getAllVotes(poll); + + accountIdRole = PollenUIUtils.getAccountIdRole(request); + + // is vote allowed ? + if (moderate) { + voteAllowed = false; + } else { + String accountId = getAccountId(); + if (accountIdRole == SecurityService.AccountIdRole.CREATOR) { + + // remove accountId (can vote even if creator ?) + accountId = null; + } + voteAllowed = getSecurityService().isCanVote(poll, + null, + accountIdRole); + } + + // is can display result link ? + resultAllowed = + getSecurityService().isCanAccessResult(poll, accountIdRole) + == null; + + if (voteAllowed) { + + // load modifiable vote + vote = getVoteService().getVoteEditable(poll, pollAccount); + } + + // load poll results + PollResultList pollResultList = + getPollResultsService().getResults(poll); + + results = pollResultList.getPollResults(); + + if (log.isDebugEnabled()) { + for (PollResult res : results) { + log.debug(res.getName() + ": " + res.getValue() + + ", (voteCounting=" + res.getVoteCountingType() + + ", byGroup=" + res.isByGroup() + ")"); + } + } + + // load comments + comments = getPollCommentService().getAllComments(poll.getPollId()); + + feedFileExisting = getPollFeedService().isFeedExists(poll); + + creatorUser = getSecurityService().isPollCreator(poll, + getAccountId(), + getPollenUserAccount()); + + if (log.isInfoEnabled()) { + Date now = serviceContext.getCurrentTime(); + log.info("pollChoiceOrVoteStarted = " + isPollChoiceOrVoteStarted()); + log.info("pollChoiceRunning = " + isPollChoiceRunning()); + log.info("pollRunning = " + poll.isRunning(now)); + log.info("accountFieldDisplayed = " + isAccountFieldDisplayed()); + log.info("creatorUser = " + creatorUser); + } + return INPUT; } public String escapeLineBreak(String text) { return text; } - public Date getChoiceAsDate(Choice choice) { - return new Date(Long.valueOf(choice.getName())); - } - protected void loadPollAccount() throws PollAccountNotFound { // Current poll account @@ -453,24 +507,4 @@ } } - protected void loadPollComments() { - - comments = getPollCommentService().getAllComments(poll.getPollId()); - } - - protected void loadPollResults() throws PollNotFoundException { - - PollResultList pollResultList = - getPollResultsService().getResults(poll); - - results = pollResultList.getPollResults(); - - if (log.isDebugEnabled()) { - for (PollResult res : results) { - log.debug(res.getName() + ": " + res.getValue() - + ", (voteCounting=" + res.getVoteCountingType() - + ", byGroup=" + res.isByGroup() + ")"); - } - } - } } Modified: trunk/pollen-ui-struts2/src/main/java/org/chorem/pollen/ui/actions/poll/AddChoice.java =================================================================== --- trunk/pollen-ui-struts2/src/main/java/org/chorem/pollen/ui/actions/poll/AddChoice.java 2012-06-18 14:16:41 UTC (rev 3515) +++ trunk/pollen-ui-struts2/src/main/java/org/chorem/pollen/ui/actions/poll/AddChoice.java 2012-06-18 16:19:22 UTC (rev 3516) @@ -22,11 +22,9 @@ */ package org.chorem.pollen.ui.actions.poll; -import com.google.common.collect.Iterables; import com.opensymphony.xwork2.Preparable; import com.opensymphony.xwork2.interceptor.annotations.InputConfig; import org.apache.commons.lang3.StringUtils; -import org.chorem.pollen.bean.ChoiceHelper; import org.chorem.pollen.bean.PollImageChoice; import org.chorem.pollen.business.persistence.Choice; import org.chorem.pollen.common.ChoiceType; @@ -74,6 +72,11 @@ } @Override + public boolean isModerate() { + return false; + } + + @Override public void prepare() throws PollNotFoundException { loadPoll(); @@ -107,24 +110,23 @@ _("pollen.error.choice.empty", typeLabel)); } else { - //TODO-tchemit-2012-06-16 Remove this code and perfomr a real validation (name not empty, name not duplicated) - // Retrieve existing values to check if the new choice not already exists - Iterable<String> pollChoiceValues = ChoiceHelper.toNames( - getPoll().getChoice()); + if (!getPoll().isChoiceEmpty()) { - // -- Validate value notExists - if (Iterables.contains(pollChoiceValues, choiceName)) { - addFieldError("choice." + propName, - _("pollen.error.poll.detected.duplicate.choice.name")); + // check that the choice is not already used + + for (Choice pollChoice : getPoll().getChoice()) { + String pollChoiceName = pollChoice.getName(); + if (pollChoiceName.equals(choiceName)) { + addFieldError("choice." + propName, + _("pollen.error.poll.choice.already.used.name")); + break; + } + } } } } - public String prepareVotePage() throws Exception { - return prepareVotePage(false); - } - - @InputConfig(methodName = "prepareVotePage") + @InputConfig(methodName = PREPARE_VOTE_PAGE) @Override public String execute() throws Exception { Modified: trunk/pollen-ui-struts2/src/main/java/org/chorem/pollen/ui/actions/poll/AddComment.java =================================================================== --- trunk/pollen-ui-struts2/src/main/java/org/chorem/pollen/ui/actions/poll/AddComment.java 2012-06-18 14:16:41 UTC (rev 3515) +++ trunk/pollen-ui-struts2/src/main/java/org/chorem/pollen/ui/actions/poll/AddComment.java 2012-06-18 16:19:22 UTC (rev 3516) @@ -53,6 +53,11 @@ } @Override + public boolean isModerate() { + return false; + } + + @Override public void prepare() throws Exception { loadPoll(); @@ -71,7 +76,7 @@ } } - @InputConfig(methodName = "prepareVotePage") + @InputConfig(methodName = PREPARE_VOTE_PAGE) @Override public String execute() throws Exception { Modified: trunk/pollen-ui-struts2/src/main/java/org/chorem/pollen/ui/actions/poll/DeleteComment.java =================================================================== --- trunk/pollen-ui-struts2/src/main/java/org/chorem/pollen/ui/actions/poll/DeleteComment.java 2012-06-18 14:16:41 UTC (rev 3515) +++ trunk/pollen-ui-struts2/src/main/java/org/chorem/pollen/ui/actions/poll/DeleteComment.java 2012-06-18 16:19:22 UTC (rev 3516) @@ -58,8 +58,13 @@ this.reason = reason; } - @InputConfig(methodName = "prepareVotePage") @Override + public boolean isModerate() { + return false; + } + + @InputConfig(methodName = PREPARE_VOTE_PAGE) + @Override public String execute() throws Exception { Preconditions.checkNotNull(getPollId()); Modified: trunk/pollen-ui-struts2/src/main/java/org/chorem/pollen/ui/actions/poll/ModeratePoll.java =================================================================== --- trunk/pollen-ui-struts2/src/main/java/org/chorem/pollen/ui/actions/poll/ModeratePoll.java 2012-06-18 14:16:41 UTC (rev 3515) +++ trunk/pollen-ui-struts2/src/main/java/org/chorem/pollen/ui/actions/poll/ModeratePoll.java 2012-06-18 16:19:22 UTC (rev 3516) @@ -35,9 +35,14 @@ @Override public String input() throws Exception { - prepareVotePage(true); + prepareVotePage(); addFlashWarning(_("pollen.information.moderate.page")); return INPUT; } + + @Override + public boolean isModerate() { + return true; + } } Modified: trunk/pollen-ui-struts2/src/main/java/org/chorem/pollen/ui/actions/poll/ResultForPoll.java =================================================================== --- trunk/pollen-ui-struts2/src/main/java/org/chorem/pollen/ui/actions/poll/ResultForPoll.java 2012-06-18 14:16:41 UTC (rev 3515) +++ trunk/pollen-ui-struts2/src/main/java/org/chorem/pollen/ui/actions/poll/ResultForPoll.java 2012-06-18 16:19:22 UTC (rev 3516) @@ -36,6 +36,7 @@ import org.apache.struts2.views.util.UrlHelper; import org.chorem.pollen.bean.PollResult; import org.chorem.pollen.bean.PollResultList; +import org.chorem.pollen.bean.PollUrl; import org.chorem.pollen.business.persistence.Poll; import org.chorem.pollen.common.ChoiceType; import org.chorem.pollen.common.PollType; @@ -82,13 +83,20 @@ private boolean userAllowed; /** - * Is user is poll(s creator ? + * Is user is poll's creator ? * * @since 1.4 */ private boolean creatorUser; /** + * Is feed exists for this poll ? + * + * @since 1.4 + */ + private boolean feedFileExisting; + + /** * Résultats du sondage. * <p/> * La map est indexée par les noms de choix. @@ -150,6 +158,29 @@ return creatorUser; } + public boolean isFeedFileExisting() { + return feedFileExisting; + } + + public String getSummaryUrl() { + PollUrl url = getPollUrlService().getPollSummaryUrl(poll); + url.getPollUri().setAccountId(getAccountId()); + getSecurityService().removeAccountIdWhenConnected(url, getPollenUserAccount()); + return url.getUrl(); + } + + public String getVoteUrl() { + PollUrl url = getPollUrlService().getPollVoteUrl(poll); + url.getPollUri().setAccountId(getAccountId()); + if (poll.getPollType() == PollType.FREE) { + + // can removed accountId only for free poll + //FIXME Should found out in ohter case the accountId (if exists for the connected id) if no accountId is given + getSecurityService().removeAccountIdWhenConnected(url, getPollenUserAccount()); + } + return url.getUrl(); + } + public List<PollResult> getResults() { return results; } @@ -206,6 +237,8 @@ poll = getPollService().getExistingPollByPollId(pollId); + feedFileExisting = getPollFeedService().isFeedExists(poll); + if (byGroup == null) { // default byGroup value Deleted: trunk/pollen-ui-struts2/src/main/java/org/chorem/pollen/ui/actions/poll/ResultLink.java =================================================================== --- trunk/pollen-ui-struts2/src/main/java/org/chorem/pollen/ui/actions/poll/ResultLink.java 2012-06-18 14:16:41 UTC (rev 3515) +++ trunk/pollen-ui-struts2/src/main/java/org/chorem/pollen/ui/actions/poll/ResultLink.java 2012-06-18 16:19:22 UTC (rev 3516) @@ -1,68 +0,0 @@ -/* - * #%L - * Pollen :: UI (struts2) - * $Id$ - * $HeadURL$ - * %% - * Copyright (C) 2009 - 2012 CodeLutin, Tony Chemit - * %% - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License as published by - * the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License - * along with this program. If not, see <http://www.gnu.org/licenses/>. - * #L% - */ -package org.chorem.pollen.ui.actions.poll; - -import com.google.common.base.Preconditions; -import org.chorem.pollen.business.persistence.Poll; -import org.chorem.pollen.ui.actions.PageSkin; - -/** - * Display the result link page. - * - * @author fdesbois <desbois@codelutin.com> - * @since 1.3 - */ -public class ResultLink extends AbstractPollUriIdAction { - - private static final long serialVersionUID = 1L; - - protected Poll poll; - - protected String pollResultUrl; - - @Override - public PageSkin getSkin() { - return PageSkin.EDITION; - } - - public Poll getPoll() { - return poll; - } - - public String getPollResultUrl() { - return pollResultUrl; - } - - @Override - public String execute() throws Exception { - - String pollUid = getPollId(); - Preconditions.checkNotNull(pollUid); - - poll = getPollService().getExistingPollByPollId(pollUid); - - pollResultUrl = getPollUrlService().getPollResultUrl(poll).getUrl(); - - return SUCCESS; - } -} Modified: trunk/pollen-ui-struts2/src/main/java/org/chorem/pollen/ui/actions/poll/SummaryPoll.java =================================================================== --- trunk/pollen-ui-struts2/src/main/java/org/chorem/pollen/ui/actions/poll/SummaryPoll.java 2012-06-18 14:16:41 UTC (rev 3515) +++ trunk/pollen-ui-struts2/src/main/java/org/chorem/pollen/ui/actions/poll/SummaryPoll.java 2012-06-18 16:19:22 UTC (rev 3516) @@ -23,18 +23,23 @@ package org.chorem.pollen.ui.actions.poll; import com.google.common.base.Preconditions; +import org.apache.struts2.interceptor.ServletRequestAware; +import org.chorem.pollen.bean.PollUrl; import org.chorem.pollen.business.persistence.Poll; import org.chorem.pollen.common.PollType; import org.chorem.pollen.services.impl.SecurityService; +import org.chorem.pollen.ui.PollenUIUtils; import org.chorem.pollen.ui.actions.PageSkin; +import javax.servlet.http.HttpServletRequest; + /** * Action to display summary of a poll for his creator (or an admin). * * @author tchemit <chemit@codelutin.com> * @since 1.4 */ -public class SummaryPoll extends AbstractPollUriIdAction { +public class SummaryPoll extends AbstractPollUriIdAction implements ServletRequestAware { private static final long serialVersionUID = 1L; @@ -45,8 +50,23 @@ */ private Poll poll; - public Poll getPoll() { - return poll; + /** + * The accountId role on this page. + * + * @since 1.4 + */ + private SecurityService.AccountIdRole accountIdRole; + + /** + * The incoming request (some stuff are store in it from security filters). + * + * @since 1.4 + */ + private transient HttpServletRequest request; + + @Override + public void setServletRequest(HttpServletRequest request) { + this.request = request; } @Override @@ -54,55 +74,69 @@ return PageSkin.EDITION; } + public Poll getPoll() { + return poll; + } + public String getVoteUrl() { - return getPollUrlService().getPollVoteUrl(poll).getUrl(); + PollUrl url = getPollUrlService().getPollVoteUrl(poll); + if (poll.getPollType() == PollType.FREE) { + + // can removed accountId only for free poll + //FIXME Should found out in ohter case the accountId (if exists for the connected id) if no accountId is given + getSecurityService().removeAccountIdWhenConnected(url, getPollenUserAccount()); + } + return url.getUrl(); } public String getModerateUrl() { - return getPollUrlService().getPollModerateUrl(poll).getUrl(); + PollUrl url = getPollUrlService().getPollModerateUrl(poll); + getSecurityService().removeAccountIdWhenConnected(url, getPollenUserAccount()); + return url.getUrl(); } public String getEditUrl() { - return getPollUrlService().getPollEditUrl(poll).getUrl(); + PollUrl url = getPollUrlService().getPollEditUrl(poll); + getSecurityService().removeAccountIdWhenConnected(url, getPollenUserAccount()); + return url.getUrl(); } public String getCloneUrl() { - return getPollUrlService().getPollCloneUrl(poll).getUrl(); + PollUrl url = getPollUrlService().getPollCloneUrl(poll); + getSecurityService().removeAccountIdWhenConnected(url, getPollenUserAccount()); + return url.getUrl(); } public String getExportUrl() { - return getPollUrlService().getPollExportUrl(poll).getUrl(); + PollUrl url = getPollUrlService().getPollExportUrl(poll); + getSecurityService().removeAccountIdWhenConnected(url, getPollenUserAccount()); + return url.getUrl(); } public String getResultUrl() { - return getPollUrlService().getPollResultUrl(poll).getUrl(); + PollUrl url = getPollUrlService().getPollResultUrl(poll); + getSecurityService().removeAccountIdWhenConnected(url, getPollenUserAccount()); + return url.getUrl(); } public boolean isCanClose() { - return !poll.isClosed(); + return getSecurityService().isCanClosePoll(poll, accountIdRole); } public boolean isCanShowResult() { String errorMessage = getSecurityService().isCanAccessResult( - poll, SecurityService.AccountIdRole.CREATOR); + poll, accountIdRole); return errorMessage == null; } public boolean isCanVote() { - //FIXME-tchemit-2012-06-05 Should check that creator can vote instead - PollType pollType = poll.getPollType(); - return pollType == PollType.FREE; - -// boolean result; -// try { -// getSecurityService().checkPollAccount(getUriId()); -// result = true; -// } catch (PollNotFoundException e) { -// result = false; -// } catch (UnauthorizedPollAccessException e) { -// result = false; -// } -// return result; + String accountId = getAccountId(); + if (accountIdRole == SecurityService.AccountIdRole.CREATOR) { + accountId = null; + } + return getSecurityService().isCanVote(poll, + accountId, + accountIdRole); } @Override @@ -114,6 +148,8 @@ poll = getPollService().getExistingPollByPollId(pollId); + accountIdRole = PollenUIUtils.getAccountIdRole(request); + return SUCCESS; } } Modified: trunk/pollen-ui-struts2/src/main/java/org/chorem/pollen/ui/actions/poll/VoteForPoll.java =================================================================== --- trunk/pollen-ui-struts2/src/main/java/org/chorem/pollen/ui/actions/poll/VoteForPoll.java 2012-06-18 14:16:41 UTC (rev 3515) +++ trunk/pollen-ui-struts2/src/main/java/org/chorem/pollen/ui/actions/poll/VoteForPoll.java 2012-06-18 16:19:22 UTC (rev 3516) @@ -49,9 +49,14 @@ private static final long serialVersionUID = 1L; @Override + public boolean isModerate() { + return false; + } + + @Override public void prepare() throws Exception { - prepareVotePage(false); + prepareVotePage(); // Messages if (getPoll().isClosed()) { @@ -61,11 +66,11 @@ } else if (isPollFinished()) { addFlashMessage(_("pollen.information.pollFinished")); } else if (isCreatorUser()) { - if (getUriId().isAccountIdNotBlank()) { - - // account Id setted in url, so should not be abel to vote - addFlashWarning(_("pollen.information.vote.creatorUser")); - } +// if (getUriId().isAccountIdNotBlank()) { +// +// // account Id setted in url, so should not be abel to vote +// addFlashWarning(_("pollen.information.vote.creatorUser")); +// } } if (isPollChoiceRunning()) { addFlashMessage(_("pollen.information.pollChoiceRunning")); Modified: trunk/pollen-ui-struts2/src/main/java/org/chorem/pollen/ui/security/PollCreatorAccessRequired.java =================================================================== --- trunk/pollen-ui-struts2/src/main/java/org/chorem/pollen/ui/security/PollCreatorAccessRequired.java 2012-06-18 14:16:41 UTC (rev 3515) +++ trunk/pollen-ui-struts2/src/main/java/org/chorem/pollen/ui/security/PollCreatorAccessRequired.java 2012-06-18 16:19:22 UTC (rev 3516) @@ -27,6 +27,7 @@ import org.chorem.pollen.business.persistence.UserAccount; import org.chorem.pollen.services.PollenServiceContext; import org.chorem.pollen.services.impl.SecurityService; +import org.chorem.pollen.ui.PollenUIUtils; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; @@ -129,8 +130,7 @@ if (isAccessAllowed) { // store accountIdRole in request - request.setAttribute(PollVoteAccessRequired.ACCOUNT_ID_ROLE, - accountIdRole); + PollenUIUtils.setAccountIdRole(request, accountIdRole); } return isAccessAllowed; Modified: trunk/pollen-ui-struts2/src/main/java/org/chorem/pollen/ui/security/PollResultAccessRequired.java =================================================================== --- trunk/pollen-ui-struts2/src/main/java/org/chorem/pollen/ui/security/PollResultAccessRequired.java 2012-06-18 14:16:41 UTC (rev 3515) +++ trunk/pollen-ui-struts2/src/main/java/org/chorem/pollen/ui/security/PollResultAccessRequired.java 2012-06-18 16:19:22 UTC (rev 3516) @@ -26,6 +26,7 @@ import org.chorem.pollen.business.persistence.Poll; import org.chorem.pollen.services.PollenServiceContext; import org.chorem.pollen.services.impl.SecurityService; +import org.chorem.pollen.ui.PollenUIUtils; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; @@ -121,8 +122,7 @@ if (isAccessAllowed) { // store accountIdRole in request - request.setAttribute(PollVoteAccessRequired.ACCOUNT_ID_ROLE, - accountIdRole); + PollenUIUtils.setAccountIdRole(request, accountIdRole); } return isAccessAllowed; } Modified: trunk/pollen-ui-struts2/src/main/java/org/chorem/pollen/ui/security/PollVoteAccessRequired.java =================================================================== --- trunk/pollen-ui-struts2/src/main/java/org/chorem/pollen/ui/security/PollVoteAccessRequired.java 2012-06-18 14:16:41 UTC (rev 3515) +++ trunk/pollen-ui-struts2/src/main/java/org/chorem/pollen/ui/security/PollVoteAccessRequired.java 2012-06-18 16:19:22 UTC (rev 3516) @@ -26,6 +26,7 @@ import org.chorem.pollen.business.persistence.Poll; import org.chorem.pollen.services.PollenServiceContext; import org.chorem.pollen.services.impl.SecurityService; +import org.chorem.pollen.ui.PollenUIUtils; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; @@ -40,8 +41,6 @@ */ public class PollVoteAccessRequired extends AbstractPollenAuthorization { - public static final String ACCOUNT_ID_ROLE = "accountIdRole"; - protected final AdminUserRequired adminFilter; public PollVoteAccessRequired() { @@ -121,7 +120,7 @@ if (isAccessAllowed) { // store accountIdRole in request - request.setAttribute(ACCOUNT_ID_ROLE, accountIdRole); + PollenUIUtils.setAccountIdRole(request, accountIdRole); } return isAccessAllowed; Modified: trunk/pollen-ui-struts2/src/main/resources/i18n/pollen-ui-struts2_en_GB.properties =================================================================== --- trunk/pollen-ui-struts2/src/main/resources/i18n/pollen-ui-struts2_en_GB.properties 2012-06-18 14:16:41 UTC (rev 3515) +++ trunk/pollen-ui-struts2/src/main/resources/i18n/pollen-ui-struts2_en_GB.properties 2012-06-18 16:19:22 UTC (rev 3516) @@ -32,6 +32,7 @@ pollen.action.importPersonListToExistingVotingList=Add selected voting list pollen.action.importPersonListToNewVotingList=Create a new group from the selected voting list pollen.action.login=Log me In +pollen.action.moderatePoll=Moderate the poll pollen.action.modify=Modify pollen.action.pollChoiceDelete=Delete this choice pollen.action.pollChoiceDown=Down this choice Modified: trunk/pollen-ui-struts2/src/main/resources/i18n/pollen-ui-struts2_fr_FR.properties =================================================================== --- trunk/pollen-ui-struts2/src/main/resources/i18n/pollen-ui-struts2_fr_FR.properties 2012-06-18 14:16:41 UTC (rev 3515) +++ trunk/pollen-ui-struts2/src/main/resources/i18n/pollen-ui-struts2_fr_FR.properties 2012-06-18 16:19:22 UTC (rev 3516) @@ -32,6 +32,7 @@ pollen.action.importPersonListToExistingVotingList=Ajouter la liste sélectionnée de votants pollen.action.importPersonListToNewVotingList=Créer un groupe à partir de la liste sélectionnée pollen.action.login=M'identifier +pollen.action.moderatePoll=Modérer le sondage pollen.action.modify=Modifier pollen.action.pollChoiceDelete=Supprimer ce choix pollen.action.pollChoiceDown=Descendre ce choix Modified: trunk/pollen-ui-struts2/src/main/webapp/WEB-INF/jsp/poll/result.jsp =================================================================== --- trunk/pollen-ui-struts2/src/main/webapp/WEB-INF/jsp/poll/result.jsp 2012-06-18 14:16:41 UTC (rev 3515) +++ trunk/pollen-ui-struts2/src/main/webapp/WEB-INF/jsp/poll/result.jsp 2012-06-18 16:19:22 UTC (rev 3516) @@ -80,17 +80,23 @@ <legend><s:text name="pollen.common.aboutPoll"/></legend> <div style="float: right"> <s:if test="creatorUser or userAdmin"> - <s:a namespace="/poll" action="summary/%{uriId}"> + <s:a href="%{summaryUrl}"> <img src="<s:url value='/img/editSmall.png'/>" - title="<s:text name='pollen.action.editPoll'/>" - alt="<s:text name='pollen.action.editPoll'/>"/> + title="<s:text name='pollen.action.summaryPoll'/>" + alt="<s:text name='pollen.action.summaryPoll'/>"/> </s:a> </s:if> - <s:a namespace="/poll" action="votefor/%{uriId}"> + <s:a href='%{voteUrl}'> <img src="<s:url value='/img/vote.png'/>" title="<s:text name="pollen.common.vote.return-help"/>" alt="<s:text name="pollen.common.vote.return"/>"/> </s:a> + <s:if test="feedFileExisting"> + <s:a namespace="/poll" action="getFeed"> + <s:param name="pollId" value="poll.pollId"/> + <img src="<s:url value='/img/feed.png'/>" title="Atom" alt="Atom"/> + </s:a> + </s:if> </div> <s:label value="%{poll.creator.votingId}" key='pollen.common.pollCreator'/> Modified: trunk/pollen-ui-struts2/src/main/webapp/WEB-INF/jsp/poll/vote.jsp =================================================================== --- trunk/pollen-ui-struts2/src/main/webapp/WEB-INF/jsp/poll/vote.jsp 2012-06-18 14:16:41 UTC (rev 3515) +++ trunk/pollen-ui-struts2/src/main/webapp/WEB-INF/jsp/poll/vote.jsp 2012-06-18 16:19:22 UTC (rev 3516) @@ -124,14 +124,14 @@ <legend><s:text name="pollen.common.aboutPoll"/></legend> <div style="float: right"> <s:if test="creatorUser or userAdmin"> - <s:a namespace="/poll" action="summary/%{uriId}"> + <s:a href="%{summaryUrl}"> <img src="<s:url value='/img/editSmall.png'/>" title="<s:text name='pollen.action.summaryPoll'/>" alt="<s:text name='pollen.action.summaryPoll'/>"/> </s:a> </s:if> - <s:if test="poll.publicResults"> - <s:a namespace="/poll" action="results/%{uriId}"> + <s:if test="resultAllowed"> + <s:a href="%{resultUrl}"> <img src="<s:url value='/img/count.png'/>" title="<s:text name='pollen.common.vote.results-help'/>" alt="<s:text name='pollen.common.vote.results'/>"/> @@ -405,10 +405,10 @@ </tr> </s:iterator> </s:if> -<s:if test="poll.continuousResults"> +<s:if test="resultAllowed"> <tr> <td> - <s:a namespace="/poll" action="results/%{poll.pollId}"> + <s:a href='%{resultUrl}'> <s:text name="pollen.common.vote.results"/> </s:a> </td> Modified: trunk/pollen-ui-struts2/src/main/webapp/js/createPoll.js =================================================================== --- trunk/pollen-ui-struts2/src/main/webapp/js/createPoll.js 2012-06-18 14:16:41 UTC (rev 3515) +++ trunk/pollen-ui-struts2/src/main/webapp/js/createPoll.js 2012-06-18 16:19:22 UTC (rev 3516) @@ -581,10 +581,6 @@ $('[name="reminderHourCountdown"]').attr('disabled', !val); } - function changePublicOption(val) { - $('[name="poll.continuousResults"]').attr('disabled', !val); - } - function changeAnonymousOption(val) { $('[name="poll.anonymousVoteAllowed"]').attr('disabled', val); } @@ -630,9 +626,6 @@ changeChoiceAddAllowed($(this).prop('checked')); }); - $('[name="poll.publicResults"]').change(function () { - changePublicOption($(this).prop('checked')); - }); $('[name="poll.anonymous"]').change(function () { changeAnonymousOption($(this).prop('checked')); }); @@ -667,7 +660,6 @@ changeChoiceAddAllowed(datas['choiceAddAllowed'] == 'true'); changeLimitChoice(datas['limitChoice'] == 'true'); changeReminder(datas['reminder'] == 'true'); - changePublicOption(datas['publicOption'] == 'true'); changeAnonymousOption(datas['anonymousOption'] == 'true'); changeChoiceType(datas['choiceType']); Modified: trunk/src/site/rst/security.rst =================================================================== --- trunk/src/site/rst/security.rst 2012-06-18 14:16:41 UTC (rev 3515) +++ trunk/src/site/rst/security.rst 2012-06-18 16:19:22 UTC (rev 3516) @@ -105,6 +105,7 @@ - poll:create - poll:modify +- poll:accesVote - poll:vote - poll:close - poll:delete
participants (1)
-
tchemit@users.chorem.org