Coverage Report

Coverage Report - net.sourceforge.pebble.web.action.AbstractCommentAction

Classes in this File

Line Coverage

Branch Coverage

Complexity

AbstractCommentAction

54%

47/86

30%

13/42

6.2

 /*
  * Copyright (c) 2003-2011, Simon Brown
  * All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions are met:
  *
  *   - Redistributions of source code must retain the above copyright
  *     notice, this list of conditions and the following disclaimer.
  *
  *   - Redistributions in binary form must reproduce the above copyright
  *     notice, this list of conditions and the following disclaimer in
  *     the documentation and/or other materials provided with the
  *     distribution.
  *
  *   - Neither the name of Pebble nor the names of its contributors may
  *     be used to endorse or promote products derived from this software
  *     without specific prior written permission.
  *
  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
  * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
  * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
  * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
  * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
  * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
  * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
  * POSSIBILITY OF SUCH DAMAGE.
  */
 
 package net.sourceforge.pebble.web.action;
 
 import java.io.UnsupportedEncodingException;
 import java.net.URLDecoder;
 import java.net.URLEncoder;
 
 import javax.servlet.http.Cookie;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
 import net.sourceforge.pebble.domain.Blog;
 import net.sourceforge.pebble.domain.BlogEntry;
 import net.sourceforge.pebble.domain.BlogService;
 import net.sourceforge.pebble.domain.BlogServiceException;
 import net.sourceforge.pebble.domain.Comment;
 import net.sourceforge.pebble.security.PebbleUserDetails;
 import net.sourceforge.pebble.util.CookieUtils;
 import net.sourceforge.pebble.util.MailUtils;
 import net.sourceforge.pebble.util.SecurityUtils;
 import net.sourceforge.pebble.util.StringUtils;
 import net.sourceforge.pebble.web.validation.ValidationContext;
 
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 
 /**
  * Adds a comment to an existing blog entry.
  *
  * @author    Simon Brown
  */
 public abstract class AbstractCommentAction extends Action {
 
   private static final Log log = LogFactory.getLog(AbstractCommentAction.class);
 
   protected Comment createComment(HttpServletRequest request, BlogEntry blogEntry) {
     String author = StringUtils.transformHTML(request.getParameter("author"));
     String email = request.getParameter("email");
     String website = request.getParameter("website");
     String avatar = request.getParameter("avatar");
     String ipAddress = request.getRemoteAddr();
     String title = StringUtils.transformHTML(request.getParameter("title"));
     String body = request.getParameter("commentBody");
 
     Comment comment = blogEntry.createComment(title, body, author, email, website, avatar, ipAddress);
 
     // if the user is authenticated, overwrite the author information
     if (SecurityUtils.isUserAuthenticated()) {
       PebbleUserDetails user = SecurityUtils.getUserDetails();
       if (user != null) {
         comment.setAuthor(user.getName());
         comment.setEmail(user.getEmailAddress());
         if (user.getWebsite() != null && !user.getWebsite().equals("")) {
           comment.setWebsite(user.getWebsite());
         } else {
           comment.setWebsite(blogEntry.getBlog().getUrl() + "authors/" + user.getUsername() + "/");
         }
         comment.setAuthenticated(true);
       }
     }
 
     // are we replying to an existing comment?
     String parentCommentId = request.getParameter("comment");
     if (parentCommentId != null && parentCommentId.length() > 0) {
       long parent = Long.parseLong(parentCommentId);
       Comment parentComment = blogEntry.getComment(parent);
       if (parentComment != null) {
         comment.setParent(parentComment);
       }
     }
 
     return comment;
   }
 
   protected Comment createBlankComment(Blog blog, BlogEntry blogEntry, HttpServletRequest request) {
     Comment comment = blogEntry.createComment("", "", "", "", "", "", request.getRemoteAddr());
 
     // populate the author, email and website from one of :
     // - the logged in user details
     // - the "remember me" cookie
     if (SecurityUtils.isUserAuthenticated()) {
       PebbleUserDetails user = SecurityUtils.getUserDetails();
       if (user != null) {
         comment.setAuthor(user.getName());
         comment.setEmail(user.getEmailAddress());
         if (user.getWebsite() != null && !user.getWebsite().equals("")) {
           comment.setWebsite(user.getWebsite());
         } else {
           comment.setWebsite(blogEntry.getBlog().getUrl() + "authors/" + user.getUsername() + "/");
         }
         comment.setAuthenticated(true);
       }
     } else {
       try {
         // is "remember me" set?
         Cookie rememberMe = CookieUtils.getCookie(request.getCookies(), "rememberMe");
         if (rememberMe != null) {
           // remember me has been checked and we're not already previewing a comment
           // so create a new comment as this will populate the author/email/website
           Cookie author = CookieUtils.getCookie(request.getCookies(), "rememberMe.author");
           if (author != null) {
             comment.setAuthor(URLDecoder.decode(author.getValue(), blog.getCharacterEncoding()));
           }
 
           Cookie email = CookieUtils.getCookie(request.getCookies(), "rememberMe.email");
           if (email != null) {
             comment.setEmail(URLDecoder.decode(email.getValue(), blog.getCharacterEncoding()));
           }
 
           Cookie website = CookieUtils.getCookie(request.getCookies(), "rememberMe.website");
           if (website != null) {
             comment.setWebsite(URLDecoder.decode(website.getValue(), blog.getCharacterEncoding()));
           }
         }
       } catch (UnsupportedEncodingException e) {
         log.error("Exception encountered", e);
       }
     }
 
     // are we replying to an existing comment?
     String parentCommentId = request.getParameter("comment");
     if (parentCommentId != null && parentCommentId.length() > 0) {
       long parent = Long.parseLong(parentCommentId);
       Comment parentComment = blogEntry.getComment(parent);
       if (parentComment != null) {
         comment.setParent(parentComment);
         comment.setTitle(parentComment.getTitle());
       }
     }
 
     return comment;
   }
 
   protected ValidationContext validateComment(Comment comment) {
     ValidationContext context = new ValidationContext();
     try {
       MailUtils.validate(comment.getEmail(), context);
     } catch (NoClassDefFoundError e) {
       // most likely: JavaMail is not in classpath
       // ignore, when we can not send email we must not validate address
       // this might lead to problems when mail is activated later without this
       // address being validated... Discussion started on mailing list, Oct-25 2008
     }
     getModel().put("validationContext", context);
     return context;
   }
 
   protected void saveComment(HttpServletRequest request, HttpServletResponse response, BlogEntry blogEntry, Comment comment) throws BlogServiceException {
     Blog blog = blogEntry.getBlog();
     blogEntry.addComment(comment);
 
     BlogService service = new BlogService();
     service.putBlogEntry(blogEntry);
 
     // remember me functionality
     String rememberMe = (String)request.getSession().getAttribute("rememberMe");
     if (rememberMe != null && rememberMe.equals("true")) {
       CookieUtils.addCookie(response, "rememberMe", "true", CookieUtils.ONE_MONTH);
       CookieUtils.addCookie(response, "rememberMe.author", encode(comment.getAuthor(), blog.getCharacterEncoding()), CookieUtils.ONE_MONTH);
       CookieUtils.addCookie(response, "rememberMe.email", encode(comment.getEmail(), blog.getCharacterEncoding()), CookieUtils.ONE_MONTH);
       CookieUtils.addCookie(response, "rememberMe.website", encode(comment.getWebsite(), blog.getCharacterEncoding()), CookieUtils.ONE_MONTH);
     } else {
       CookieUtils.removeCookie(response, "rememberMe");
       CookieUtils.removeCookie(response, "rememberMe.author");
       CookieUtils.removeCookie(response, "rememberMe.email");
       CookieUtils.removeCookie(response, "rememberMe.website");
     }
   }
 
   private String encode(String s, String characterEncoding) {
     if (s == null) {
       return "";
     } else {
       try {
         return URLEncoder.encode(s, characterEncoding);
       } catch (UnsupportedEncodingException e) {
         log.error("Exception encountered", e);
         return "";
       }
     }
   }
 
 }

1		/*
2		* Copyright (c) 2003-2011, Simon Brown
3		* All rights reserved.
4		*
5		* Redistribution and use in source and binary forms, with or without
6		* modification, are permitted provided that the following conditions are met:
7		*
8		* - Redistributions of source code must retain the above copyright
9		* notice, this list of conditions and the following disclaimer.
10		*
11		* - Redistributions in binary form must reproduce the above copyright
12		* notice, this list of conditions and the following disclaimer in
13		* the documentation and/or other materials provided with the
14		* distribution.
15		*
16		* - Neither the name of Pebble nor the names of its contributors may
17		* be used to endorse or promote products derived from this software
18		* without specific prior written permission.
19		*
20		* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
21		* AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22		* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23		* ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
24		* LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
25		* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
26		* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
27		* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
28		* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
29		* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
30		* POSSIBILITY OF SUCH DAMAGE.
31		*/
32
33		package net.sourceforge.pebble.web.action;
34
35		import java.io.UnsupportedEncodingException;
36		import java.net.URLDecoder;
37		import java.net.URLEncoder;
38
39		import javax.servlet.http.Cookie;
40		import javax.servlet.http.HttpServletRequest;
41		import javax.servlet.http.HttpServletResponse;
42
43		import net.sourceforge.pebble.domain.Blog;
44		import net.sourceforge.pebble.domain.BlogEntry;
45		import net.sourceforge.pebble.domain.BlogService;
46		import net.sourceforge.pebble.domain.BlogServiceException;
47		import net.sourceforge.pebble.domain.Comment;
48		import net.sourceforge.pebble.security.PebbleUserDetails;
49		import net.sourceforge.pebble.util.CookieUtils;
50		import net.sourceforge.pebble.util.MailUtils;
51		import net.sourceforge.pebble.util.SecurityUtils;
52		import net.sourceforge.pebble.util.StringUtils;
53		import net.sourceforge.pebble.web.validation.ValidationContext;
54
55		import org.apache.commons.logging.Log;
56		import org.apache.commons.logging.LogFactory;
57
58		/**
59		* Adds a comment to an existing blog entry.
60		*
61		* @author Simon Brown
62		*/
63	40	public abstract class AbstractCommentAction extends Action {
64
65	4	private static final Log log = LogFactory.getLog(AbstractCommentAction.class);
66
67		protected Comment createComment(HttpServletRequest request, BlogEntry blogEntry) {
68	16	String author = StringUtils.transformHTML(request.getParameter("author"));
69	16	String email = request.getParameter("email");
70	16	String website = request.getParameter("website");
71	16	String avatar = request.getParameter("avatar");
72	16	String ipAddress = request.getRemoteAddr();
73	16	String title = StringUtils.transformHTML(request.getParameter("title"));
74	16	String body = request.getParameter("commentBody");
75
76	16	Comment comment = blogEntry.createComment(title, body, author, email, website, avatar, ipAddress);
77
78		// if the user is authenticated, overwrite the author information
79	16	if (SecurityUtils.isUserAuthenticated()) {
80	16	PebbleUserDetails user = SecurityUtils.getUserDetails();
81	16	if (user != null) {
82	0	comment.setAuthor(user.getName());
83	0	comment.setEmail(user.getEmailAddress());
84	0	if (user.getWebsite() != null && !user.getWebsite().equals("")) {
85	0	comment.setWebsite(user.getWebsite());
86		} else {
87	0	comment.setWebsite(blogEntry.getBlog().getUrl() + "authors/" + user.getUsername() + "/");
88		}
89	0	comment.setAuthenticated(true);
90		}
91		}
92
93		// are we replying to an existing comment?
94	16	String parentCommentId = request.getParameter("comment");
95	16	if (parentCommentId != null && parentCommentId.length() > 0) {
96	8	long parent = Long.parseLong(parentCommentId);
97	8	Comment parentComment = blogEntry.getComment(parent);
98	8	if (parentComment != null) {
99	4	comment.setParent(parentComment);
100		}
101		}
102
103	16	return comment;
104		}
105
106		protected Comment createBlankComment(Blog blog, BlogEntry blogEntry, HttpServletRequest request) {
107	8	Comment comment = blogEntry.createComment("", "", "", "", "", "", request.getRemoteAddr());
108
109		// populate the author, email and website from one of :
110		// - the logged in user details
111		// - the "remember me" cookie
112	8	if (SecurityUtils.isUserAuthenticated()) {
113	4	PebbleUserDetails user = SecurityUtils.getUserDetails();
114	4	if (user != null) {
115	0	comment.setAuthor(user.getName());
116	0	comment.setEmail(user.getEmailAddress());
117	0	if (user.getWebsite() != null && !user.getWebsite().equals("")) {
118	0	comment.setWebsite(user.getWebsite());
119		} else {
120	0	comment.setWebsite(blogEntry.getBlog().getUrl() + "authors/" + user.getUsername() + "/");
121		}
122	0	comment.setAuthenticated(true);
123		}
124	4	} else {
125		try {
126		// is "remember me" set?
127	4	Cookie rememberMe = CookieUtils.getCookie(request.getCookies(), "rememberMe");
128	4	if (rememberMe != null) {
129		// remember me has been checked and we're not already previewing a comment
130		// so create a new comment as this will populate the author/email/website
131	0	Cookie author = CookieUtils.getCookie(request.getCookies(), "rememberMe.author");
132	0	if (author != null) {
133	0	comment.setAuthor(URLDecoder.decode(author.getValue(), blog.getCharacterEncoding()));
134		}
135
136	0	Cookie email = CookieUtils.getCookie(request.getCookies(), "rememberMe.email");
137	0	if (email != null) {
138	0	comment.setEmail(URLDecoder.decode(email.getValue(), blog.getCharacterEncoding()));
139		}
140
141	0	Cookie website = CookieUtils.getCookie(request.getCookies(), "rememberMe.website");
142	0	if (website != null) {
143	0	comment.setWebsite(URLDecoder.decode(website.getValue(), blog.getCharacterEncoding()));
144		}
145		}
146	0	} catch (UnsupportedEncodingException e) {
147	0	log.error("Exception encountered", e);
148	4	}
149		}
150
151		// are we replying to an existing comment?
152	8	String parentCommentId = request.getParameter("comment");
153	8	if (parentCommentId != null && parentCommentId.length() > 0) {
154	0	long parent = Long.parseLong(parentCommentId);
155	0	Comment parentComment = blogEntry.getComment(parent);
156	0	if (parentComment != null) {
157	0	comment.setParent(parentComment);
158	0	comment.setTitle(parentComment.getTitle());
159		}
160		}
161
162	8	return comment;
163		}
164
165		protected ValidationContext validateComment(Comment comment) {
166	16	ValidationContext context = new ValidationContext();
167		try {
168	16	MailUtils.validate(comment.getEmail(), context);
169	0	} catch (NoClassDefFoundError e) {
170		// most likely: JavaMail is not in classpath
171		// ignore, when we can not send email we must not validate address
172		// this might lead to problems when mail is activated later without this
173		// address being validated... Discussion started on mailing list, Oct-25 2008
174	16	}
175	16	getModel().put("validationContext", context);
176	16	return context;
177		}
178
179		protected void saveComment(HttpServletRequest request, HttpServletResponse response, BlogEntry blogEntry, Comment comment) throws BlogServiceException {
180	12	Blog blog = blogEntry.getBlog();
181	12	blogEntry.addComment(comment);
182
183	12	BlogService service = new BlogService();
184	12	service.putBlogEntry(blogEntry);
185
186		// remember me functionality
187	12	String rememberMe = (String)request.getSession().getAttribute("rememberMe");
188	12	if (rememberMe != null && rememberMe.equals("true")) {
189	0	CookieUtils.addCookie(response, "rememberMe", "true", CookieUtils.ONE_MONTH);
190	0	CookieUtils.addCookie(response, "rememberMe.author", encode(comment.getAuthor(), blog.getCharacterEncoding()), CookieUtils.ONE_MONTH);
191	0	CookieUtils.addCookie(response, "rememberMe.email", encode(comment.getEmail(), blog.getCharacterEncoding()), CookieUtils.ONE_MONTH);
192	0	CookieUtils.addCookie(response, "rememberMe.website", encode(comment.getWebsite(), blog.getCharacterEncoding()), CookieUtils.ONE_MONTH);
193		} else {
194	12	CookieUtils.removeCookie(response, "rememberMe");
195	12	CookieUtils.removeCookie(response, "rememberMe.author");
196	12	CookieUtils.removeCookie(response, "rememberMe.email");
197	12	CookieUtils.removeCookie(response, "rememberMe.website");
198		}
199	12	}
200
201		private String encode(String s, String characterEncoding) {
202	0	if (s == null) {
203	0	return "";
204		} else {
205		try {
206	0	return URLEncoder.encode(s, characterEncoding);
207	0	} catch (UnsupportedEncodingException e) {
208	0	log.error("Exception encountered", e);
209	0	return "";
210		}
211		}
212		}
213
214		}