SecurityParameterProvider securityParams = new SecurityParameterProvider( userSession );
boolean isAdministrator = Boolean.valueOf( (String) securityParams.getParameter( "principalAdministrator" ) );
boolean isAuthenticated = userSession.isAuthenticated();
try {
final CommentsEngine engine = CommentsEngine.getInstance();
final String action = params.getStringParameter( Parameter.ACTION, "" );
final CommentsEngine.Operation operation = CommentsEngine.Operation.get( action );
if ( Operation.DELETE == operation || Operation.ARCHIVE == operation ) {
if ( !isAuthenticated ) {
final PrintWriter pw = new PrintWriter( out );
pw.println( JsonUtil.makeJsonErrorResponse( "Operation not authorized: requires authentication",
false ).toString( 2 ) );
pw.flush();
return;
}
}
switch( operation ) {
case ADD:
result =
engine.add( params.getStringParameter( Parameter.PAGE, "" ), params.getStringParameter(
Parameter.COMMENT, "" ), userSession.getName() );
break;
case DELETE:
result =
engine.delete( Integer.parseInt( params.getStringParameter( Parameter.COMMENT_ID, "-1" ) ), Boolean
.valueOf( params.getStringParameter( Parameter.VALUE, "true" ) ), userSession.getName(),
isAdministrator );
break;
case ARCHIVE:
result =
engine.archive( Integer.parseInt( params.getStringParameter( Parameter.COMMENT_ID, "-1" ) ), Boolean
.valueOf( params.getStringParameter( Parameter.VALUE, "true" ) ), userSession.getName(),
isAdministrator );
break;
case LIST:
result =
engine.list( params.getStringParameter( Parameter.PAGE, "" ), Integer.parseInt( params
.getStringParameter( Parameter.FIRST_RESULT, "0" ) ), Integer.parseInt( params.getStringParameter(
Parameter.MAX_RESULTS, "20" ) ), ( isAdministrator ? Boolean.valueOf( params.getStringParameter(
Parameter.DELETED, "false" ) ) : false ), ( isAdministrator ? Boolean.valueOf( params
.getStringParameter( Parameter.ARCHIVED, "false" ) ) : false ), userSession.getName() );
break;