@Override
protected void handleRequest(HttpServletRequest request,
HttpServletResponse response) {
Command command = (Command) request.getAttribute("command");
ItemManager itemManager = new ItemManager();
WorkflowManager workflowManager = new WorkflowManager();
User user = (User) request.getSession().getAttribute("user");
ArrayList<String> errors = new ArrayList<String>();
HashMap<String, String> fieldMessages = new HashMap<String, String>();
Item item = null;
boolean updated = false;
// handle the "view vs. admin"-specific changes
String openNodesAttributeName = command.isViewCommand() ? "openViewNodes"
: "openTreeNodes";
String contentListPage = "/"
+ command.getDisplayProject()
+ (command.isViewCommand() ? "/Content.jsp"
: "/admin/ContentList.jsp");
String vboViewPage = "/"
+ command.getDisplayProject()
+ (command.isViewCommand() ? "/VBODisplay.jsp"
: "/admin/Item.jsp");
if (command.isViewCommand()) {
request.setAttribute("vboType", "Item");
}
// then do the regular page processing
ArrayList<Integer> openNodes = (ArrayList<Integer>) request
.getSession().getAttribute(openNodesAttributeName);
if (openNodes == null) {
openNodes = new ArrayList<Integer>();
}
boolean goToList = true;
String cancel;
if ((command.getModifier() != null)
&& (command.getModifier().equals("search"))) {
// prep for search functions
setSearchObject(command, new ItemManager(), request, errors);
} else if ((command.getModifier() != null)
&& (command.getModifier().equals("open"))) {
// open nodes in the content tree
openNodes(command, request, "openTreeNodes", openNodes);
} else if ((command.getModifier() != null)
&& (command.getModifier().equals("close"))) {
// close nodes in the content tree
closeNodes(command, request, "openTreeNodes", openNodes);
} else if (((cancel = request.getParameter("cancelChanges")) != null)
&& (cancel.equals("yes"))) {
// user is canceling changes made to the item edit form
request.setAttribute("successMessages",
"Your changes have been cancelled.");
int idToCancel = Integer.parseInt(request.getParameter("itemId"));
ContentLockManager.unlockContentByTypeAndID(ContentType.ITEM
.getValue(), idToCancel);
goToList = true;
} else if ((command.getModifier() != null)
&& (command.getModifier().equals("add"))) {
// user has requested an item to add
goToList = false;
try {
item = itemManager.getItem(command, -1, false);
if ((command.getOther() != null)
&& (command.getOther().get(0).equals("to"))) {
int parentId = Integer.parseInt(command.getOther().get(1));
// verify that the user can edit the requested parent
if (!workflowManager.canEdit(user, command.getProject(),
command.getCommand(), parentId)) {
errors.add("You don't have permission to add a "
+ "item to the requested object.");
goToList = true;
} else {
try {
ContentType parentType = DAOFactory.getHelperDAO()
.getContentTypeById(parentId);
if (parentType != ContentType.ITEM) {
if (!openNodes.contains(parentId)) {
openNodes.add(parentId);
request.getSession().setAttribute(
"openTreeNodes", openNodes);
}
request.setAttribute("parentId", String
.valueOf(parentId));
} else {
errors.add("You can't add a bundle to "
+ "the requested element type.");
goToList = true;
}
} catch (NoAvailableDAOException e) {
Logger.fatal("Couldn't get helper DAO", e);
errors
.add("A fatal internal error has occurred. "
+ "Please contact the system administrator.");
goToList = true;
}
}
} else {
errors
.add("An item must be added to a parent collection or community.");
}
} catch (NoSuchItemException e) {
Logger.error("An empty item couldn't be created.", e);
errors.add("Empty item couldn't be constructed.");
goToList = true;
}
} else if ((command.getModifier() != null)
&& (command.getModifier().equals("delete"))) {
// user is deleting an item
try {
int itemId = Integer.parseInt(command.getOther().get(0));
if (!workflowManager.canEdit(user, command.getProject(),
command.getCommand(), itemId)) {
errors.add("You don't have permission to delete "
+ "the requested item.");
} else {
try {
item = itemManager.getItemForUpdate(command, itemId,
false, request.getSession());
itemManager.deleteItem(item, ((User) request
.getSession().getAttribute("user")));
updated = true;
request.setAttribute("successMessage", "Item " + itemId
+ " successfully deleted.");
} catch (NoSuchItemException e) {
errors.add("The item to delete either doesn't exist, "
+ "or it isn't empty and can't be deleted.");
} catch (SQLException e) {
Logger.error("Couldn't delete item.", e);
errors
.add("A database error occurred processing your request.");
} catch (ContentLockedException e) {
errors.add(e.getMessage());
}
}
} catch (NumberFormatException e) {
errors.add("Invalid item ID format.");
} catch (NullPointerException e) {
errors.add("Invalid item ID format.");
}
goToList = true;
} else if ((command.getModifier() != null)
&& (command.getModifier().equals("view"))
&& (command.isViewCommand())) {
// user is requesting a page from the public face
goToList = false;
try {
item = itemManager.getItem(command, Integer.parseInt(command
.getOther().get(0)), true);
} catch (NumberFormatException e) {
Logger.warn("Couldn't get requested item: "
+ command.getOther() == null ? "{null}" : command
.getOther().get(0));
goToList = true;
} catch (NoSuchItemException e) {
Logger.warn("Couldn't get requested item: "
+ command.getOther() == null ? "{null}" : command
.getOther().get(0));
goToList = true;
}
if (item != null) {
request.setAttribute("vbo", item);
int resultsPerPage = Configuration.getInt("publicItemsPerPage");
request.setAttribute("resultsPerPage", resultsPerPage);
request
.setAttribute("crumbSet", TreeManager.getInstance()
.getBreadCrumbsForVBO(command.getProject(),
item, true));
}
} else if ((command.getModifier() != null)
&& (command.getModifier().equals("update"))
&& (!command.isViewCommand())) {
// user has requested a document to update, or has submitted an
// update to a document from the form
if ((command.getOther() != null) && (command.getOther().size() > 1)) {
request.getSession().setAttribute("itemListStart",
command.getOther().get(1));
request.getSession().setAttribute("itemListCount",
command.getOther().get(2));
request.getSession().setAttribute("itemListParent",
command.getOther().get(3));
}
int parentId = -1;
goToList = false;
if (request.getParameter("parentId") != null) {
parentId = Integer.parseInt(request.getParameter("parentId"));
// verify that the user can edit the requested parent
if (!workflowManager.canEdit(user, command.getProject(),
command.getCommand(), parentId)) {
errors.add("You don't have permission to add a "
+ "item to the requested object.");
goToList = true;
} else {
request.setAttribute("parentId", request
.getParameter("parentId"));
}
}
if (!goToList) {
try {
int itemId;
boolean isFormSubmission = false;
if (request.getParameter("itemId") != null) {
// the id comes from the request if it's a form
// submission
itemId = Integer.parseInt(request
.getParameter("itemId"));
isFormSubmission = true;
} else {
// the id comes from the "other" portion of the command
// if the user's clicked the item for editing
itemId = Integer.parseInt(command.getOther().get(0));
}
if (itemId == -1) {
// this is a new item
try {
item = itemManager.getItem(command, -1, false);
} catch (NoSuchItemException e) {
Logger.error("An empty item couldn't be created.",
e);
errors.add("Empty item couldn't be constructed.");
goToList = true;
}
} else {
// this is an existing item
// first make sure that the user can edit it
if (!workflowManager.canEdit(user,
command.getProject(), command.getCommand(),
itemId)) {
errors.add("You don't have permission to edit "
+ "the requested item.");
goToList = true;
} else {
try {
item = itemManager.getItemForUpdate(command,
itemId, false, request.getSession());
} catch (NoSuchItemException e) {
Logger.warn("Requested item (" + itemId
+ ") couldn't be retrieved", e);
errors.add("Requested item (" + itemId
+ ") couldn't be retrieved");
goToList = true;
} catch (ContentLockedException e) {
errors.add(e.getMessage());
goToList = true;
}
}
}
if ((isFormSubmission) && (item != null)) {
String oldData = item.toString();
populateVBOFromRequest(item, request, fieldMessages,
true);
String addToRepeatables = request
.getParameter("addToRepeatables");
if ((addToRepeatables == null)
|| (addToRepeatables.trim().length() == 0)) {
if (oldData.equals(item.toString())) {
errors.add("No changes detected.");
}
if ((errors.size() == 0)
&& (fieldMessages.size() == 0)) {
try {
if (item.getId() == -1) {
itemManager.addItem(user, item,
parentId);
request.setAttribute("successMessage",
"Item successfully added.");
} else {
itemManager.updateItem(item,
((User) request.getSession()
.getAttribute("user")),
oldData);
updated = true;
request
.setAttribute(
"successMessage",
"Item '"
+ item
.getMetadataBasedTitle()
+ "' successfully updated.");
if ((request.getParameter("fs") != null)
&& (request
.getSession()
.getAttribute(
"searchResults") != null)) {
SearchManager
.updateSessionSearchResults(
request, item);
}
}
goToList = true;
} catch (NoSuchItemException e) {
Logger.warn("Item " + item.getItemId()
+ " couldn't be found for update",
e);
errors.add(e.getMessage());
} catch (SQLException e) {
Logger
.error(
"Couldn't add an item to the database",
e);
errors
.add("A database problem occurred while updating your item: "
+ e.getMessage());
}
}
}
}
request.setAttribute("item", item);
} catch (NumberFormatException e) {
errors.add("Invalid item ID");
goToList = true;
}
if (fieldMessages.size() != 0) {
String plural = "";
if (fieldMessages.size() > 1) {
plural = "s";
}
errors.add("Form field" + plural
+ " failed validation (see below).");
}
}
} else if ((command.getModifier() != null)
&& (command.getModifier().equals("history"))) {
// user is requesting an old item record from the audit log
goToList = false;
String[] vals = command.getOther().get(0).split("\\|");
AuditLogManager alm = new AuditLogManager();
int itemId = -1;
try {
itemId = Integer.parseInt(vals[2]);
if (!workflowManager.canEdit(user, command.getProject(),
command.getCommand(), itemId)) {
errors.add("You don't have permission to edit "
+ "the requested item.");
goToList = true;
} else {
AuditLog record = alm.getRecord(Integer.parseInt(vals[0]),
ContentType.valueOf(Integer.parseInt(vals[1])),
(itemId = Integer.parseInt(vals[2])), Timestamp
.valueOf(vals[3]));
String data = record.getDataExport();
item = new Item();
item.fromString(data);
}
} catch (NullPointerException e) {
goToList = true;
errors.add("Invalid history request format.");
} catch (NumberFormatException e) {
goToList = true;
errors.add("Invalid history request format.");
} catch (NoSuchAuditLogRecordException e) {
errors.add("The history record requested couldn't be located.");
} catch (DataTypeMismatchException e) {
Logger.error("Data type mismatch occurred pulling "
+ command.getOther().get(0) + " from the audit log", e);
errors
.add("A system error was encountered (DataTypeMismatch). "
+ "Please contact a system administrator.");
}
if (!goToList) {
if (item == null) {
try {
item = itemManager.getItem(command, itemId, false);
} catch (NoSuchItemException e) {
goToList = true;
errors.add("No such item (" + itemId + ") found.");
}
}
}
request.setAttribute("isDirty", "t");
}
// one last permissions check if we're on our way to the edit page
if ((item != null)
&& (!command.isViewCommand())
&& (errors.size() == 0)
&& (fieldMessages.size() == 0)
&& (!goToList)
&& (!workflowManager.canEdit(user, command.getProject(),
command.getCommand(), item.getItemId()))) {
errors.add("You don't have permission to "
+ "work on the requested content.");
goToList = true;
}