Author: fdesbois Date: 2010-03-12 15:31:05 +0100 (Fri, 12 Mar 2010) New Revision: 2933 Log: - Loading not optimized for restricted poll (with list) - Must validate the accountUId from url to allow the vote Modified: branches/pollen-1.2.3-1.2.x/pollen-business/src/main/java/org/chorem/pollen/business/services/ServicePoll.java branches/pollen-1.2.3-1.2.x/pollen-business/src/main/java/org/chorem/pollen/business/services/ServicePollImpl.java branches/pollen-1.2.3-1.2.x/pollen-business/src/main/java/org/chorem/pollen/business/services/ServiceVoteImpl.java branches/pollen-1.2.3-1.2.x/pollen-ui/src/main/java/org/chorem/pollen/ui/pages/poll/VoteForPoll.java branches/pollen-1.2.3-1.2.x/pollen-ui/src/main/resources/org/chorem/pollen/ui/pages/poll/VoteForPoll_en.properties branches/pollen-1.2.3-1.2.x/pollen-ui/src/main/resources/org/chorem/pollen/ui/pages/poll/VoteForPoll_fr.properties Modified: branches/pollen-1.2.3-1.2.x/pollen-business/src/main/java/org/chorem/pollen/business/services/ServicePoll.java =================================================================== --- branches/pollen-1.2.3-1.2.x/pollen-business/src/main/java/org/chorem/pollen/business/services/ServicePoll.java 2010-03-11 17:42:05 UTC (rev 2932) +++ branches/pollen-1.2.3-1.2.x/pollen-business/src/main/java/org/chorem/pollen/business/services/ServicePoll.java 2010-03-12 14:31:05 UTC (rev 2933) @@ -19,6 +19,7 @@ import java.util.List; import java.util.Map; +import org.chorem.pollen.business.dto.PollAccountDTO; import org.chorem.pollen.business.dto.PollDTO; /** @@ -126,4 +127,16 @@ * @return true si le vote a été ajouté */ public boolean addVoteToPoll(String pollId, String voteId); + + /** + * Return the pollAccount corresponding to the {@code accountUId} for the + * restricted {@code poll}. + * TODO : need JUnit test, must be done for 1.3 + * + * @param accountUId to check the restriction constraint + * @param poll reference + * @return the pollAccount found from poll or null if there is no + * pollAccount in poll restriction for the accountUId in argument + */ + public PollAccountDTO getRestrictedAccount(String accountUId, PollDTO poll); } \ No newline at end of file Modified: branches/pollen-1.2.3-1.2.x/pollen-business/src/main/java/org/chorem/pollen/business/services/ServicePollImpl.java =================================================================== --- branches/pollen-1.2.3-1.2.x/pollen-business/src/main/java/org/chorem/pollen/business/services/ServicePollImpl.java 2010-03-11 17:42:05 UTC (rev 2932) +++ branches/pollen-1.2.3-1.2.x/pollen-business/src/main/java/org/chorem/pollen/business/services/ServicePollImpl.java 2010-03-12 14:31:05 UTC (rev 2933) @@ -25,7 +25,9 @@ import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; +import org.chorem.pollen.business.converters.DataPollAccountConverter; import org.chorem.pollen.business.converters.DataPollConverter; +import org.chorem.pollen.business.dto.PollAccountDTO; import org.chorem.pollen.business.dto.PollDTO; import org.chorem.pollen.business.persistence.PersonToList; import org.chorem.pollen.business.persistence.Poll; @@ -534,4 +536,43 @@ ContextUtil.doFinally(transaction); } } + + @Override + public PollAccountDTO getRestrictedAccount(String accountUId, PollDTO poll) { + TopiaContext transaction = null; + PollAccountDTO result = null; + try { + transaction = rootContext.beginTransaction(); + + if (log.isInfoEnabled()) { + log.info("getRestrictedAccount : accountUId = " + accountUId + + " _ pollUId = " + poll.getPollId()); + } + + // Use PersonToList association entity to find coherence between + // the poll and votingId + List<PersonToList> tmp = transaction.find( + "FROM " + PersonToList.class.getName() + + " WHERE pollAccount.accountId = :accountUId" + + " AND votingList.poll.pollId = :pollUId", + "accountUId", accountUId, + "pollUId", poll.getPollId()); + + if (tmp.size() > 0) { + PollAccount account = tmp.get(0).getPollAccount(); + DataPollAccountConverter converter = + new DataPollAccountConverter(); + converter.setTransaction(transaction); + result = converter.createPollAccountDTO(account); + } + + } catch (Exception eee) { + ContextUtil.doCatch(eee, transaction, + "Unable to retrieve restricted account with accountUId = " + + accountUId + " and poll with uid = " + poll.getPollId()); + } finally { + ContextUtil.doFinally(transaction); + } + return result; + } } \ No newline at end of file Modified: branches/pollen-1.2.3-1.2.x/pollen-business/src/main/java/org/chorem/pollen/business/services/ServiceVoteImpl.java =================================================================== --- branches/pollen-1.2.3-1.2.x/pollen-business/src/main/java/org/chorem/pollen/business/services/ServiceVoteImpl.java 2010-03-11 17:42:05 UTC (rev 2932) +++ branches/pollen-1.2.3-1.2.x/pollen-business/src/main/java/org/chorem/pollen/business/services/ServiceVoteImpl.java 2010-03-12 14:31:05 UTC (rev 2933) @@ -27,10 +27,8 @@ import org.chorem.pollen.business.dto.PollAccountDTO; import org.chorem.pollen.business.dto.PollDTO; import org.chorem.pollen.business.dto.VoteDTO; -import org.chorem.pollen.business.persistence.Poll; import org.chorem.pollen.business.persistence.PollAccount; import org.chorem.pollen.business.persistence.PollAccountDAO; -import org.chorem.pollen.business.persistence.PollDAO; import org.chorem.pollen.business.persistence.PollenModelDAOHelper; import org.chorem.pollen.business.persistence.Vote; import org.chorem.pollen.business.persistence.VoteDAO; Modified: branches/pollen-1.2.3-1.2.x/pollen-ui/src/main/java/org/chorem/pollen/ui/pages/poll/VoteForPoll.java =================================================================== --- branches/pollen-1.2.3-1.2.x/pollen-ui/src/main/java/org/chorem/pollen/ui/pages/poll/VoteForPoll.java 2010-03-11 17:42:05 UTC (rev 2932) +++ branches/pollen-1.2.3-1.2.x/pollen-ui/src/main/java/org/chorem/pollen/ui/pages/poll/VoteForPoll.java 2010-03-12 14:31:05 UTC (rev 2933) @@ -58,7 +58,6 @@ import org.chorem.pollen.business.dto.ResultListDTO; import org.chorem.pollen.business.dto.UserDTO; import org.chorem.pollen.business.dto.VoteDTO; -import org.chorem.pollen.business.dto.VotingListDTO; import org.chorem.pollen.business.services.ServiceChoice; import org.chorem.pollen.business.services.ServiceComment; import org.chorem.pollen.business.services.ServicePoll; @@ -461,26 +460,53 @@ // Contrôle de la présence du votant dans les listes de votants // du sondage (si le sondage n'est pas libre) - if (!isFreePoll()) { - restrictedListsForbidden = true; - for (VotingListDTO list : poll.getVotingListDTOs()) { - for (PollAccountDTO account : list.getPollAccountDTOs()) { - if (pollAccount.getVotingId().equals(account.getVotingId())) { - restrictedListsForbidden = false; - pollAccount = servicePollAccount - .findPollAccountById(account.getId()); - pollAccount.setVotingListId(list.getId()); - pollAccount.setWeight(account.getWeight()); - logger.debug("Compte \"" + account.getVotingId() - + "\" présent dans la liste \"" - + list.getName() + "\" (poids=" - + account.getWeight() + ")"); - } +// if (!isFreePoll()) { +// restrictedListsForbidden = true; +// for (VotingListDTO list : poll.getVotingListDTOs()) { +// for (PollAccountDTO account : list.getPollAccountDTOs()) { +// if (pollAccount.getVotingId().equals(account.getVotingId())) { +// restrictedListsForbidden = false; +// pollAccount = servicePollAccount +// .findPollAccountById(account.getId()); +// pollAccount.setVotingListId(list.getId()); +// pollAccount.setWeight(account.getWeight()); +// logger.debug("Compte \"" + account.getVotingId() +// + "\" présent dans la liste \"" +// + list.getName() + "\" (poids=" +// + account.getWeight() + ")"); +// } +// } +// } +// } + + // The calcul of alreadyVoted will be needed for no double votingId + // Carefull, not correct for an anonymous vote + alreadyVoted = serviceVote.hasAlreadyVoted(votingId, poll); + + // Check for restricted poll + if (!alreadyVoted && !isFreePoll()) { + if (getAccountUId() != null) { + // The accountUId must be valid for the poll + PollAccountDTO restrictedAccount = + servicePoll.getRestrictedAccount(getAccountUId(), poll); + + if (restrictedAccount != null) { + // PollAccount is replaced by the good account from db + pollAccount = restrictedAccount; + // Refresh alreadyVoted value depends on pollAccount + alreadyVoted = pollAccount.isHasVoted(); + // Existing account is null is forbidden for a restricted poll + } else { + restrictedListsForbidden = true; } + // Not allowed to vote without an accountUId + } else { + restrictedListsForbidden = true; } + if (restrictedListsForbidden) { - voteForm.recordError(nameField, messages.format( - "restrictedListsForbidden", pollAccount.getVotingId())); + voteForm.recordError(nameField, + messages.get("restrictedListsForbidden")); } } @@ -498,14 +524,7 @@ pollAccount.setUserId(user.getId()); } else { pollAccount.setUserId(""); - } - - // Contrôle si le votant n'a pas déjà voté - if (log.isInfoEnabled()) { - log.info("BUSINESS REQUEST [hasAlreadyVoted]"); - } - alreadyVoted = serviceVote.hasAlreadyVoted( - pollAccount.getVotingId(), poll); + } modifAllowed = isModifAllowed(pollAccount.getVotingId()); if (alreadyVoted && !modifAllowed) { @@ -1084,10 +1103,9 @@ if (poll != null) { // Identification du votant - if (param.split(":", 2).length == 2) { - String accountId = param.split(":", 2)[1]; + if (getAccountUId() != null) { pollAccount = servicePollAccount - .findPollAccountByAccountId(accountId); + .findPollAccountByAccountId(getAccountUId()); pollAccountId = pollAccount.getId(); } @@ -1134,6 +1152,15 @@ } } + private String accountUId; + + public String getAccountUId() { + if (accountUId == null && param.split(":", 2).length == 2) { + accountUId = param.split(":", 2)[1]; + } + return accountUId; + } + /** * Méthode appelée au moment de la désactivation de la page * Modified: branches/pollen-1.2.3-1.2.x/pollen-ui/src/main/resources/org/chorem/pollen/ui/pages/poll/VoteForPoll_en.properties =================================================================== --- branches/pollen-1.2.3-1.2.x/pollen-ui/src/main/resources/org/chorem/pollen/ui/pages/poll/VoteForPoll_en.properties 2010-03-11 17:42:05 UTC (rev 2932) +++ branches/pollen-1.2.3-1.2.x/pollen-ui/src/main/resources/org/chorem/pollen/ui/pages/poll/VoteForPoll_en.properties 2010-03-12 14:31:05 UTC (rev 2933) @@ -51,7 +51,7 @@ #messages pollNotFound=No such poll exists. Please make sure that you are using the correct link and copy it completely into your browser's address field. anonymousForbidden=Anonymous vote is forbidden for this poll. Enter a name. -restrictedListsForbidden=The poll is restricted and the name %s is not allowed. +restrictedListsForbidden=The poll is restricted and you are not allowed to vote. Check if you have correctly used the link sent to you by email. alreadyVoted=Someone has already used the name %s to vote. tooManyChoices=The maximal number of choices is %d. not100percent=The sum of the values must be equals to 100. Modified: branches/pollen-1.2.3-1.2.x/pollen-ui/src/main/resources/org/chorem/pollen/ui/pages/poll/VoteForPoll_fr.properties =================================================================== --- branches/pollen-1.2.3-1.2.x/pollen-ui/src/main/resources/org/chorem/pollen/ui/pages/poll/VoteForPoll_fr.properties 2010-03-11 17:42:05 UTC (rev 2932) +++ branches/pollen-1.2.3-1.2.x/pollen-ui/src/main/resources/org/chorem/pollen/ui/pages/poll/VoteForPoll_fr.properties 2010-03-12 14:31:05 UTC (rev 2933) @@ -51,7 +51,7 @@ #messages pollNotFound=Il n'y a pas de sondage \u00E0 cette adresse. Veuillez verifier que vous utilisez le lien correcte et copiez-le compl\u00E8tement dans le champ d'adresse de votre navigateur. anonymousForbidden=Le vote anonyme est interdit pour ce sondage. Saisissez un nom. -restrictedListsForbidden=Le sondage est restreint et le nom %s n'est pas autoris\u00E9. +restrictedListsForbidden=Le sondage est restreint et vous n'\u00EAtes pas autoris\u00E9 \u00E0 voter. V\u00E9rifiez que vous avez bien utiliser le lien qui vous a \u00E9t\u00E9 envoy\u00E9. alreadyVoted=Une personne a d\u00E9j\u00E0 vot\u00E9 sous le nom %s. tooManyChoices=Le nombre de choix maximal est de %d. not100percent=La somme des valeurs doit \u00EAtre \u00E9gale \u00E0 100.