perms.jsp

jive3.1.4破解版（非源码）

<%--
  -
  - $RCSfile: perms.jsp,v $
  - $Revision: 1.10.2.16 $
  - $Date: 2003/08/31 01:49:30 $
  -
  - Copyright (C) 2002-2003 Jive Software. All rights reserved.
  -
  - This software is the proprietary information of Jive Software. Use is subject to license terms.
  -
--%>

<%@ page import="java.util.*,
                 java.net.URLEncoder,
                 com.jivesoftware.forum.*,
                 com.jivesoftware.forum.util.*,
                 com.jivesoftware.util.ParamUtils,
                 com.jivesoftware.forum.database.DbForumFactory"
    errorPage="error.jsp"
%>

<%@ include file="global.jsp" %>

<%!	// Global variables, methods, etc

    // ALL CONSTANTS REFERRED TO IN THIS FILE ARE DEFINED IN
    // permMethods.jsp

    static final Map permNames = new HashMap();
    static {
        permNames.put(new Long(READ_FORUM), "Read Forum");
        permNames.put(new Long(CREATE_THREAD), "Create Thread");
        permNames.put(new Long(CREATE_MESSAGE), "Create Message");
        permNames.put(new Long(MODERATOR), "Moderator");
        permNames.put(new Long(CREATE_MESSAGE_ATTACHMENT), "Create Attachment");
        permNames.put(new Long(SYSTEM_ADMIN), "System Admin");
        permNames.put(new Long(CAT_ADMIN), "Category Admin");
        permNames.put(new Long(FORUM_ADMIN), "Forum Admin");
        permNames.put(new Long(GROUP_ADMIN), "Group Admin");
        permNames.put(new Long(USER_ADMIN), "User Admin");
    }

    // types of users/groups to give permissions to
    static final int ANYBODY = 1;
    static final int REGISTERED = 2;
    static final int USER = 3;
    static final int GROUP = 4;

    // anonymous user & special user constants
    static final long GUEST_ID = -1L;
    static final long REGISTERED_ID = 0L;

    private User parseUser(String key, UserManager userManager) {
        int pos = key.lastIndexOf('_');
        long userID = Long.parseLong(key.substring("cb_update_u_".length(), pos));
        try {
            return userManager.getUser(userID);
        }
        catch (NumberFormatException nfe) {}
        catch (UserNotFoundException ignored) {}
        return null;
    }

    private Group parseGroup(String key, GroupManager groupManager) {
        int pos = key.lastIndexOf('_');
        try {
            long groupID = Long.parseLong(key.substring("cb_update_g_".length(), pos));
            return groupManager.getGroup(groupID);
        }
        catch (Exception e) {}
        return null;
    }

    private SortedMap getUserPermMap(PermissionsManager permManager, long[] permGroup) {
        TreeMap userPermMap = new TreeMap(JiveComparators.USER);
        // for each perm type, get the Iterator of users with that perm
        for (int i=0; i<permGroup.length; i++) {
            Iterator usersWithPerm = permManager.usersWithPermission(permGroup[i]);
            // for each perm, get the user associated with it and store it and the perm in
            // the user perm map
            while (usersWithPerm.hasNext()) {
                User user = (User)usersWithPerm.next();
                Permissions newPerm = new Permissions(permGroup[i]);
                if (userPermMap.containsKey(user)) {
                    newPerm = new Permissions((Permissions)userPermMap.get(user), newPerm);
                }
                userPermMap.put(user, newPerm);
            }
        }
        return userPermMap;
    }

    private SortedMap getGroupPermMap(PermissionsManager permManager, long[] permGroup) {
        TreeMap groupPermMap = new TreeMap(JiveComparators.GROUP);
        // for each perm type, get the Iterator of users with that perm
        for (int i=0; i<permGroup.length; i++) {
            Iterator groupsWithPerm = permManager.groupsWithPermission(permGroup[i]);
            // for each perm, get the user associated with it and store it and the perm in
            // the user perm map
            while (groupsWithPerm.hasNext()) {
                Group group = (Group)groupsWithPerm.next();
                Permissions newPerm = new Permissions(permGroup[i]);
                if (groupPermMap.containsKey(group)) {
                    newPerm = new Permissions((Permissions)groupPermMap.get(group), newPerm);
                }
                groupPermMap.put(group, newPerm);
            }
        }
        return groupPermMap;
    }

    private boolean contains(long[] array, long num) {
        for (int i=0; i<array.length; i++) {
            if (array[i] == num) {
                return true;
            }
        }
        return false;
    }
%>

<%	// Permission check
    if (!isSystemAdmin && Version.getEdition() == Version.Edition.LITE) {
        throw new UnauthorizedException("You don't have admin privileges to perform this operation.");
    }
    else if (!isSystemAdmin && !isForumAdmin && !isCatAdmin) {
        throw new UnauthorizedException("You don't have admin privileges to perform this operation.");
    }

    // Check to see what group of perms we're going to administer. We can
    // either modify user & group perms or admin permissions.
    int permGroup = ParamUtils.getIntParameter(request,"permGroup",-1);
    if (permGroup != CONTENT_GROUP && permGroup != ADMIN_GROUP) {
        throw new Exception("No permission group specified");
    }

    // Get parameters
    long forumID = ParamUtils.getLongParameter(request,"forum",-1L);
    long categoryID = ParamUtils.getLongParameter(request,"cat",-1L);
    long userID = ParamUtils.getLongParameter(request,"user", -1L);
    long groupID = ParamUtils.getLongParameter(request,"group", -1L);
    boolean remove = request.getParameter("remove") != null;
    boolean add = request.getParameter("add") != null && !remove;
    boolean cancel = request.getParameter("cancel") != null;
    boolean doAdd = request.getParameter("doAdd") != null && !remove && !cancel;
    boolean update = request.getParameter("update") != null;
    boolean updatedPerms = ParamUtils.getBooleanParameter(request,"updatedPerms");
    long[] newPerms = ParamUtils.getLongParameters(request,"newperm",-1L);
    String show = ParamUtils.getParameter(request,"show");
    String userlist = ParamUtils.getParameter(request,"userlist");
    String grouplist = ParamUtils.getParameter(request,"grouplist");
    String removetype = ParamUtils.getParameter(request,"removetype");

    if (show == null) {
        // show users by default
        show = "perms";
    }
    // also, make sure 'show' equals 'users' or 'groups' only:
    if (!show.equals("perms") && !show.equals("new")) {
        show = "perms";
    }

    if (cancel) {
        response.sendRedirect("perms.jsp?cat="+categoryID+"&forum=" + forumID + "&permGroup="+permGroup+"&show=perms");
    }

    boolean isError = false;

    // UserManager for getting and setting users or lists of users
	UserManager userManager = forumFactory.getUserManager();

    // GroupManager for getting and setting groups or list of groups
	GroupManager groupManager = forumFactory.getGroupManager();

    // Load the category
    ForumCategory category = null;
    if (categoryID != -1L) {
        category = forumFactory.getForumCategory(categoryID);
    }

    // Load the forum
    Forum forum = null;
    if (forumID != -1L) {
        forum = forumFactory.getForum(forumID);
    }

	// Get the permissions manager for the appropriate mode we're in:
	PermissionsManager permManager = null;

    if (category != null) {
        permManager = category.getPermissionsManager();
    }
    else if (forum != null) {
        permManager = forum.getPermissionsManager();
    }
    else {
        permManager = forumFactory.getPermissionsManager();
    }

    // Create the group of permissions we're going to administer:
    long[] permGroupDef = null;
    if (permGroup == CONTENT_GROUP) {
        permGroupDef = new long[] {
            READ_FORUM, CREATE_THREAD, CREATE_MESSAGE, CREATE_MESSAGE_ATTACHMENT
        };
    }
    else if (permGroup == ADMIN_GROUP) {
        if (forum == null) {
            if (category == null) {
                permGroupDef = new long[] {
                    SYSTEM_ADMIN, CAT_ADMIN, FORUM_ADMIN, USER_ADMIN, MODERATOR
                };
            }
            else {
                permGroupDef = new long[] {
                    CAT_ADMIN, FORUM_ADMIN, /*USER_ADMIN,*/ MODERATOR
                };
            }
        }
        else {
            permGroupDef = new long[] {
                FORUM_ADMIN, MODERATOR
            };
        }
    }

    // Update permissions
    if (update) {

        // Build up a Map of the state the checkboxes were in:
        Map oldPerms = new HashMap();

        // Load the map from parameters in the request prefixed by "was"
        for (Enumeration enum=request.getParameterNames(); enum.hasMoreElements(); ) {
            String param = (String)enum.nextElement();
            if (param.startsWith("was")) {
                String key = param.substring(3,param.length()); // remove the "was"
                try {
                    oldPerms.put(key, new Long(Long.parseLong(request.getParameter(param))));
                }
                catch (NumberFormatException nfe) {}
            }
        }

        // Now that we have an idea of what the permissions were, loop over them and compare
        // with the new state of the check boxes. Based on what changed, add or remove perms.

        // Iterate over old permissions
        for (Iterator iter=oldPerms.keySet().iterator(); iter.hasNext(); ) {
            // Get the old value
            String key = (String)iter.next();
            if (key.indexOf("_u_") > -1 || key.indexOf("_anon_") > -1 || key.indexOf("_reg_") > -1) {
                long oldValue = ((Long)oldPerms.get(key)).longValue();
                // Get the new value - it's the param with the same name as the key
                long newValue = ParamUtils.getLongParameter(request,key,-1L);

                // If the new param was not found, so we need to remove the perm:
                if (newValue == -1L) {
                    if (key.indexOf("_anon_") > -1) {
                        permManager.removeAnonymousUserPermission(oldValue);
                    }
                    else if (key.indexOf("_reg_") > -1) {
                        permManager.removeRegisteredUserPermission(oldValue);
                    }
                    else {
                        // get the user, remove the perm
                        User user = parseUser(key, userManager);
                        if (user != null) {
                            permManager.removeUserPermission(user, oldValue);
                        }
                    }
                }
                // Otherwise, we need to add the permission:
                else {
                    // First check to see if the permission already exists. If it doesn't, add it.
                    boolean anonExists = permManager.anonymousUserHasPermission(newValue);
                    boolean regExists = permManager.registeredUserHasPermission(newValue);
                    if (key.indexOf("_anon_") > -1) {
                        if (!anonExists) {
                            permManager.addAnonymousUserPermission(newValue);
                        }
                    }
                    else if (key.indexOf("_reg_") > -1) {
                        if (!regExists) {
                            permManager.addRegisteredUserPermission(newValue);
                        }
                    }
                    else {
                        // get the user, add the perm
                        User user = parseUser(key, userManager);
                        if (user != null) {
                            permManager.addUserPermission(user, oldValue);
                        }
                    }
                }
            }
        }

        // Basically the same scheme as above. Loop through old group perms compare
        // them to what changed then add or remove permissions:
        if (getGroupPermMap(permManager, permGroupDef).size() > 0) {
            for (Iterator iter=oldPerms.keySet().iterator(); iter.hasNext(); ) {
                // Old value
                String key = (String)iter.next();
                if (key.indexOf("_g_") > -1) {
                    long oldValue = ((Long)oldPerms.get(key)).longValue();
                    // New value
                    long newValue = ParamUtils.getLongParameter(request,key,-1L);
                    // Needs to be removed:
                    if (newValue == -1L) {
                        Group group = parseGroup(key, groupManager);
                        if (group != null) {
                            permManager.removeGroupPermission(group, oldValue);
                        }
                    }
                    // Otherwise, perm needs to be added:
                    else {
                        Group group = parseGroup(key, groupManager);
                        if (group != null) {
                            permManager.addGroupPermission(group, oldValue);
                        }
                    }
                }
            }
        }

        if (!isError) {
            // Done, so redirect:
            response.sendRedirect("perms.jsp?cat="+categoryID+"&forum=" + forumID + "&permGroup="+permGroup+"&show="+show+"&updatedPerms=true");
            return;
        }
    }

    // Add a *new* user permission (not an update - that's handled above).
    List userErrors = new ArrayList();
    List groupErrors = new ArrayList();
    boolean noPermSelected = false;
    boolean noPermTargetSelected = false;
    if (doAdd) {
        if (newPerms.length == 0) {
            noPermSelected = true;
        }
        if (userlist == null && grouplist == null) {
            noPermTargetSelected = true;
        }