001    /**
002     * Copyright (c) 2000-2013 Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portlet.requests.action;
016    
017    import com.liferay.portal.kernel.servlet.SessionErrors;
018    import com.liferay.portal.kernel.util.ParamUtil;
019    import com.liferay.portal.kernel.util.Validator;
020    import com.liferay.portal.model.Group;
021    import com.liferay.portal.model.User;
022    import com.liferay.portal.security.auth.PrincipalException;
023    import com.liferay.portal.security.permission.ActionKeys;
024    import com.liferay.portal.service.GroupLocalServiceUtil;
025    import com.liferay.portal.service.UserLocalServiceUtil;
026    import com.liferay.portal.service.permission.UserPermissionUtil;
027    import com.liferay.portal.struts.PortletAction;
028    import com.liferay.portal.theme.ThemeDisplay;
029    import com.liferay.portal.util.PortalUtil;
030    import com.liferay.portal.util.WebKeys;
031    import com.liferay.portlet.social.NoSuchRequestException;
032    import com.liferay.portlet.social.model.SocialRequest;
033    import com.liferay.portlet.social.service.SocialRequestLocalServiceUtil;
034    
035    import javax.portlet.ActionRequest;
036    import javax.portlet.ActionResponse;
037    import javax.portlet.PortletConfig;
038    
039    import org.apache.struts.action.ActionForm;
040    import org.apache.struts.action.ActionMapping;
041    
042    /**
043     * @author Brian Wing Shun Chan
044     */
045    public class UpdateRequestAction extends PortletAction {
046    
047            @Override
048            public void processAction(
049                            ActionMapping actionMapping, ActionForm actionForm,
050                            PortletConfig portletConfig, ActionRequest actionRequest,
051                            ActionResponse actionResponse)
052                    throws Exception {
053    
054                    try {
055                            ThemeDisplay themeDisplay =
056                                    (ThemeDisplay)actionRequest.getAttribute(WebKeys.THEME_DISPLAY);
057    
058                            Group group = GroupLocalServiceUtil.getGroup(
059                                    themeDisplay.getScopeGroupId());
060    
061                            User user = themeDisplay.getUser();
062    
063                            if (group.isUser()) {
064                                    user = UserLocalServiceUtil.getUserById(group.getClassPK());
065                            }
066    
067                            if (!UserPermissionUtil.contains(
068                                            themeDisplay.getPermissionChecker(), user.getUserId(),
069                                            ActionKeys.UPDATE)) {
070    
071                                    throw new PrincipalException();
072                            }
073    
074                            updateRequest(actionRequest);
075    
076                            String redirect = PortalUtil.escapeRedirect(
077                                    ParamUtil.getString(actionRequest, "redirect"));
078    
079                            if (Validator.isNotNull(redirect)) {
080                                    actionResponse.sendRedirect(redirect);
081                            }
082                    }
083                    catch (Exception e) {
084                            if (e instanceof NoSuchRequestException ||
085                                    e instanceof PrincipalException) {
086    
087                                    SessionErrors.add(actionRequest, e.getClass());
088    
089                                    setForward(actionRequest, "portlet.requests.error");
090                            }
091                            else {
092                                    throw e;
093                            }
094                    }
095            }
096    
097            protected void updateRequest(ActionRequest actionRequest) throws Exception {
098                    ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
099                            WebKeys.THEME_DISPLAY);
100    
101                    long requestId = ParamUtil.getLong(actionRequest, "requestId");
102                    int status = ParamUtil.getInteger(actionRequest, "status");
103    
104                    SocialRequest request = SocialRequestLocalServiceUtil.getSocialRequest(
105                            requestId);
106    
107                    if (!PortalUtil.isOmniadmin(themeDisplay.getUserId()) &&
108                            (themeDisplay.getUserId() != request.getReceiverUserId())) {
109    
110                            throw new PrincipalException();
111                    }
112    
113                    SocialRequestLocalServiceUtil.updateRequest(
114                            requestId, status, themeDisplay);
115            }
116    
117    }