← Back to team overview

dhis2-devs team mailing list archive

[Branch ~dhis2-devs-core/dhis2/trunk] Rev 1905: Providing message when attempting ajax requests with insufficient authorities.

 

------------------------------------------------------------
revno: 1905
committer: Lars <larshelg@larshelg-laptop>
branch nick: trunk
timestamp: Wed 2010-05-26 16:45:10 +0200
message:
  Providing message when attempting ajax requests with insufficient authorities.
added:
  dhis-2/dhis-web/dhis-web-commons-resources/src/main/webapp/dhis-web-commons/ajax/jsonAccessDenied.vm
modified:
  dhis-2/dhis-web/dhis-web-commons-resources/src/main/webapp/dhis-web-commons/util/commons.js
  dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/interceptor/ExceptionInterceptor.java
  dhis-2/dhis-web/dhis-web-commons/src/main/resources/dhis-web-commons.xml


--
lp:dhis2
https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk

Your team DHIS 2 developers is subscribed to branch lp:dhis2.
To unsubscribe from this branch go to https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk/+edit-subscription
=== added file 'dhis-2/dhis-web/dhis-web-commons-resources/src/main/webapp/dhis-web-commons/ajax/jsonAccessDenied.vm'
--- dhis-2/dhis-web/dhis-web-commons-resources/src/main/webapp/dhis-web-commons/ajax/jsonAccessDenied.vm	1970-01-01 00:00:00 +0000
+++ dhis-2/dhis-web/dhis-web-commons-resources/src/main/webapp/dhis-web-commons/ajax/jsonAccessDenied.vm	2010-05-26 14:45:10 +0000
@@ -0,0 +1,4 @@
+{
+  "response": "error",
+  "message": "$!encoder.jsEncode( $i18n.getString( 'access_denied' ) ) - $!encoder.jsEncode( $i18n.getString( 'access_denied_message' ) )"
+}
\ No newline at end of file

=== modified file 'dhis-2/dhis-web/dhis-web-commons-resources/src/main/webapp/dhis-web-commons/util/commons.js'
--- dhis-2/dhis-web/dhis-web-commons-resources/src/main/webapp/dhis-web-commons/util/commons.js	2010-05-04 06:47:28 +0000
+++ dhis-2/dhis-web/dhis-web-commons-resources/src/main/webapp/dhis-web-commons/util/commons.js	2010-05-26 14:45:10 +0000
@@ -742,10 +742,6 @@
         
                     showWarning();
     	    	}
-				else if ( json.response == "nonSufficientAuthority" )
-				{
-					window.location.href = "../dhis-web-commons-about/showSufficientFeedbackForm.action";
-				}
     	    }
     	);
     }

=== modified file 'dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/interceptor/ExceptionInterceptor.java'
--- dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/interceptor/ExceptionInterceptor.java	2010-05-26 12:34:02 +0000
+++ dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/interceptor/ExceptionInterceptor.java	2010-05-26 14:45:10 +0000
@@ -39,6 +39,10 @@
 import com.opensymphony.xwork2.interceptor.Interceptor;
 
 /**
+ * This interceptor will intercept exceptions and redirect to appropriate
+ * exception results / pages defined in the global-results section in the XWork 
+ * configuration.
+ * 
  * @author Torgeir Lorange Ostby
  * @version $Id: WebWorkExceptionInterceptor.java 6335 2008-11-20 11:11:26Z larshelg $
  */
@@ -48,15 +52,11 @@
     private static final Log LOG = LogFactory.getLog( ExceptionInterceptor.class );
 
     public static final String EXCEPTION_RESULT_KEY = "onExceptionReturn";
-
     public static final String EXCEPTION_RESULT_DEFAULT = "exceptionDefault";
-
     public static final String EXCEPTION_RESULT_PLAIN_TEXT = "plainTextError";
-
-    public static final String EXCEPTION_RESULT_ACCESS_DENIED = "accessDenied";
-
+    public static final String EXCEPTION_RESULT_ACCESS_DENIED = "accessDenied";    
+    public static final String EXCEPTION_RESULT_JSON_ACCESS_DENIED = "jsonAccessDenied";
     public static final String TEMPLATE_KEY_EXCEPTION = "exception";
-
     public static final String TEMPLATE_KEY_SHOW_STACK_TRACE = "showStackTrace";
 
     // -------------------------------------------------------------------------
@@ -109,13 +109,11 @@
             if ( e instanceof AccessDeniedException || e instanceof InsufficientAuthenticationException )
             {
                 if ( EXCEPTION_RESULT_PLAIN_TEXT.equals( exceptionResultName ) )
-                {
-                    // Access denied as plain text
-                    return EXCEPTION_RESULT_PLAIN_TEXT;
+                {                    
+                    return EXCEPTION_RESULT_JSON_ACCESS_DENIED; // Access denied as JSON
                 }
-
-                // Access denied as nice page
-                return EXCEPTION_RESULT_ACCESS_DENIED;
+                
+                return EXCEPTION_RESULT_ACCESS_DENIED; // Access denied as nice page
             }
 
             LOG.error( "Error while executing action", e );

=== modified file 'dhis-2/dhis-web/dhis-web-commons/src/main/resources/dhis-web-commons.xml'
--- dhis-2/dhis-web/dhis-web-commons/src/main/resources/dhis-web-commons.xml	2010-05-26 11:47:25 +0000
+++ dhis-2/dhis-web/dhis-web-commons/src/main/resources/dhis-web-commons.xml	2010-05-26 14:45:10 +0000
@@ -104,10 +104,9 @@
 		<default-interceptor-ref name="exceptionStack" />
 
 		<global-results>
-			<result name="exceptionDefault" type="velocity">/exception.vm
-			</result>
-			<result name="accessDenied" type="velocity">/accessDenied.vm
-			</result>
+			<result name="exceptionDefault" type="velocity">/exception.vm</result>
+			<result name="accessDenied" type="velocity">/accessDenied.vm</result>
+			<result name="jsonAccessDenied" type="velocity">/dhis-web-commons/ajax/jsonAccessDenied.vm</result>
 			<result name="plainTextError" type="plainTextErrorResult">
 				<param name="parse">true</param>
 				<param name="message">${exception.class.name}: ${exception.message}</param>