diff --git a/src/main/java/de/srsoftware/widerhall/data/MailingList.java b/src/main/java/de/srsoftware/widerhall/data/MailingList.java index d44d9cc..dd1a90f 100644 --- a/src/main/java/de/srsoftware/widerhall/data/MailingList.java +++ b/src/main/java/de/srsoftware/widerhall/data/MailingList.java @@ -187,7 +187,7 @@ public class MailingList implements MessageHandler, ProblemListener { } private void forward(Message message, Stream members) throws MessagingException { - if (hasState(STATE_PUBLIC_ARCHIVE)) storeMessage(message); + if (hasPublicArchive()) storeMessage(message); String newSender = !hasState(STATE_FORWARD_FROM) ? email() : null; var receivers = members .map(ListMember::user) @@ -238,6 +238,10 @@ public class MailingList implements MessageHandler, ProblemListener { return ml; } + public boolean hasPublicArchive() { + return hasState(STATE_PUBLIC_ARCHIVE); + } + public boolean hasState(int test){ return (state & test) > 0; } @@ -603,9 +607,9 @@ public class MailingList implements MessageHandler, ProblemListener { if (hasState(STATE_FORWARD_ATTACHED)) map.put(t("forward_attached"),HIDDEN); if (hasState(STATE_HIDE_RECEIVERS)) map.put(t("hide_receivers"),HIDDEN); if (hasState(STATE_REPLY_TO_LIST)) map.put(t("reply_to_list"),HIDDEN); - if (hasState(STATE_OPEN_FOR_GUESTS)) map.put(t("open_for_guests"),HIDDEN); - if (hasState(STATE_OPEN_FOR_SUBSCRIBERS)) map.put(t("open_for_subscribers"),HIDDEN); - if (hasState(STATE_PUBLIC_ARCHIVE)) map.put(t("archive"),VISIBLE); + if (isOpenForGuests()) map.put(t("open_for_guests"),HIDDEN); + if (isOpenForSubscribers()) map.put(t("open_for_subscribers"),HIDDEN); + if (hasPublicArchive()) map.put(t("archive"),VISIBLE); return map; } diff --git a/src/main/java/de/srsoftware/widerhall/web/Rest.java b/src/main/java/de/srsoftware/widerhall/web/Rest.java index bfe4d8e..c813f70 100644 --- a/src/main/java/de/srsoftware/widerhall/web/Rest.java +++ b/src/main/java/de/srsoftware/widerhall/web/Rest.java @@ -13,6 +13,7 @@ import javax.servlet.ServletException; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; +import javax.ws.rs.NotAllowedException; import java.io.IOException; import java.sql.SQLException; import java.util.HashMap; @@ -62,31 +63,29 @@ public class Rest extends HttpServlet { return Map.of(SUCCESS,"Updated user permissions"); } - private Map archive(HttpServletRequest req, User user){ + private Map archive(HttpServletRequest req, User user) throws SQLException { var list = Util.getMailingList(req); - if (list != null){ - try { - var allEmails = user != null || list.hasState(STATE_OPEN_FOR_SUBSCRIBERS) || list.hasState(STATE_OPEN_FOR_GUESTS); - var limitedSenders = allEmails ? null : list.moderators().map(ListMember::user).map(User::email).toList(); - - String month = req.getParameter(MONTH); - boolean userIsMod = list.mayBeAlteredBy(user); - if (month == null || month.isBlank()) { - return Map.of(LIST,list.email(),MODERATOR,userIsMod,"summary",Post.summarize(list,limitedSenders)); - } else { - return Map.of(LIST,list.email(),MODERATOR,userIsMod,"posts",Post.find(list,month,limitedSenders).stream().map(Post::safeMap).toList()); - } - } catch (SQLException e) { - e.printStackTrace(); - } - } - LOG.debug("list: {}",list.email()); - return Map.of(); + if (list == null) throw new IllegalArgumentException(t("You are trying to access a non-existing list!")); + var allowed = list.hasPublicArchive() || list.mayBeAlteredBy(user); + if (!allowed) throw new NotAllowedException(t("You are not allowed to access the archive of this list!")); + + var allEmails = user != null || list.hasState(STATE_OPEN_FOR_SUBSCRIBERS) || list.hasState(STATE_OPEN_FOR_GUESTS); + var limitedSenders = allEmails ? null : list.moderators().map(ListMember::user).map(User::email).toList(); + + boolean userIsMod = list.mayBeAlteredBy(user); + String month = req.getParameter(MONTH); + if (month == null || month.isBlank()) return Map.of(LIST,list.email(),MODERATOR,userIsMod,"summary",Post.summarize(list,limitedSenders)); + return Map.of(LIST,list.email(),MODERATOR,userIsMod,"posts",Post.find(list,month,limitedSenders).stream().map(Post::safeMap).toList()); } @Override protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { - String error = handleGet(req, resp); + String error; + try { + error = handleGet(req, resp); + } catch (SQLException e) { + error = e.getMessage(); + } if (error != null) resp.sendError(400,error); } @@ -166,7 +165,7 @@ public class Rest extends HttpServlet { } } - public String handleGet(HttpServletRequest req, HttpServletResponse resp){ + public String handleGet(HttpServletRequest req, HttpServletResponse resp) throws SQLException { var user = Util.getUser(req); var path = Util.getPath(req); @@ -176,9 +175,6 @@ public class Rest extends HttpServlet { json.put(USER,user.safeMap()); switch (path) { case LIST_ARCHIVE: - var list = Util.getMailingList(req); - var allowed = list.hasState(STATE_PUBLIC_ARCHIVE) || list.mayBeAlteredBy(user); - if (!allowed) return t("Sie sind nicht berechtigt, das Archiv dieser Liste einzusehen!"); json.put("archive",archive(req,user)); break; case USER_LIST: @@ -202,10 +198,7 @@ public class Rest extends HttpServlet { } else { switch (path) { case LIST_ARCHIVE: - var list = Util.getMailingList(req); - var allowed = list.hasState(STATE_PUBLIC_ARCHIVE); - if (!allowed) return t("This mailing list has no public archive!"); - json.put("archive",archive(req,user)); + json.put("archive",archive(req,null)); break; case LIST_SUBSCRIBABLE: json.put("lists", MailingList.subscribable().stream().map(MailingList::minimalMap).toList()); @@ -337,7 +330,7 @@ public class Rest extends HttpServlet { if (list.hasState(MailingList.STATE_REPLY_TO_LIST)) map.put(KEY_REPLY_TO_LIST,true); if (list.isOpenForGuests()) map.put(KEY_OPEN_FOR_GUESTS,true); if (list.isOpenForSubscribers()) map.put(KEY_OPEN_FOR_SUBSCRIBERS,true); - if (list.hasState(MailingList.STATE_PUBLIC_ARCHIVE)) map.put(KEY_ARCHIVE,true); + if (list.hasPublicArchive()) map.put(KEY_ARCHIVE,true); if (list.hasState(STATE_MODS_CAN_EDIT_MODS)) map.put(KEY_MODS_CAN_EDIT_MODS,true); if (list.holdTime() != null) map.put(KEY_DELETE_MESSAGES,list.holdTime()); return map; diff --git a/src/main/java/de/srsoftware/widerhall/web/Web.java b/src/main/java/de/srsoftware/widerhall/web/Web.java index ee78d74..4ee6b10 100644 --- a/src/main/java/de/srsoftware/widerhall/web/Web.java +++ b/src/main/java/de/srsoftware/widerhall/web/Web.java @@ -133,15 +133,18 @@ public class Web extends TemplateServlet { } } - private String archive(HttpServletRequest req, HttpServletResponse resp) { + private String archive(MailingList list, User user, HttpServletRequest req, HttpServletResponse resp) { + if (list == null) return t("The mailing list you are trying to view does not exist!"); + + var allowed = list.hasPublicArchive() || list.mayBeAlteredBy(user); + if (!allowed) return t("You are not allowed to access the archive of this list"); + var map = new HashMap(); - var list = Util.getMailingList(req); map.put(LIST,list.email()); var month = req.getParameter(MONTH); if (month != null && !month.isBlank()){ map.put(MONTH,month); - var user = Util.getUser(req); map.put(MODERATOR,list.mayBeAlteredBy(user)); } return loadTemplate(ARCHIVE,map,resp); @@ -284,7 +287,7 @@ public class Web extends TemplateServlet { if (list != null) data.put(LIST,list.minimalMap()); switch (path){ case ARCHIVE: - return archive(req,resp); + return archive(list,user,req,resp); case CONFIRM: return confirm(req,resp); case POST: