package net.sourceforge.blogentis.xmlrpc.impl;
   
   //-----------------------------------------------------------------------
   //Blogentis - a blog publishing platform.
   //Copyright (C) 2004 Tassos Bassoukos <abassouk@gmail.com>
   //
   //This library is free software; you can redistribute it and/or
   //modify it under the terms of the GNU Lesser General Public
   //License as published by the Free Software Foundation; either
  //version 2.1 of the License, or (at your option) any later version.
  //
  //This library is distributed in the hope that it will be useful,
  //but WITHOUT ANY WARRANTY; without even the implied warranty of
  //MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
  //Lesser General Public License for more details.
  //
  //You should have received a copy of the GNU Lesser General Public
  //License along with this library; if not, write to the Free Software
  //Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
  //-----------------------------------------------------------------------
  //
  //$Id: AuthenticationExecutor.java,v 1.2 2004/10/28 10:45:51 tassos Exp $
  //
  
  import java.util.List;
  
  import net.sourceforge.blogentis.om.Blog;
  import net.sourceforge.blogentis.om.Post;
  import net.sourceforge.blogentis.om.PostPeer;
  import net.sourceforge.blogentis.utils.BlogManagerService;
  
  import org.apache.torque.TorqueException;
  import org.apache.torque.util.Criteria;
  import org.apache.turbine.om.security.User;
  import org.apache.turbine.services.security.TurbineSecurity;
  import org.apache.turbine.util.security.PasswordMismatchException;
  import org.apache.turbine.util.security.UnknownEntityException;
  import org.apache.xmlrpc.XmlRpcException;
  
  /***
   * Base class for all XML-RPC executors that need authentication (practically
   * all).
   * 
   * @author abas
   */
  public abstract class AuthenticationExecutor {
      protected User haveUser(String username, String password)
              throws XmlRpcException {
          try {
              User u = TurbineSecurity.getAuthenticatedUser(username, password);
              return u;
          } catch (UnknownEntityException pw) {
              throw new XmlRpcException(1, "Invalid Username/Password.");
          } catch (PasswordMismatchException pw) {
              throw new XmlRpcException(1, "Invalid Username/Password.");
          } catch (Exception e) {
              throw new XmlRpcException(1, "Could not authenticate user.");
          }
      }
  
      protected Blog isAuthenticatedForBlog(String blogid, User u,
                                            String permission)
              throws XmlRpcException {
          Blog b;
          try {
              b = BlogManagerService.getBlog(blogid);
          } catch (TorqueException e) {
              throw new XmlRpcException(1, "No such blog found!");
          }
          if (permission == null)
              return b;
          try {
              if (TurbineSecurity.getACL(u).hasPermission(permission, blogid))
                  return b;
              throw new XmlRpcException(1, "Permission Denied");
          } catch (Exception e1) {
              throw new XmlRpcException(1, "Permission Denied");
          }
      }
  
      protected List getLatestPosts(Blog b, int numberOfPosts)
              throws XmlRpcException {
          Criteria c = new Criteria();
          c.add(PostPeer.POSTED_TIME, (Object)"", Criteria.ISNOTNULL);
          c.add(PostPeer.BLOG_ID, b.getBlogId());
          c.addDescendingOrderByColumn(PostPeer.POSTED_TIME);
          c.setLimit(numberOfPosts);
          try {
              return PostPeer.doSelect(c);
          } catch (TorqueException e) {
              throw new XmlRpcException(1, "Could not retrieve the lastest posts");
          }
      }
  
      protected void setAuthorID(Post p, User u)
              throws TorqueException {
          p.setAuthorId(u.getName());
      }
  }