<%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%> <%@ page trimDirectiveWhitespaces="true" %> <%@ page import="org.crosswire.utils.Sessions" %> <%@ page import="org.crosswire.webtools.RightsAndRoles" %> <%@ page import="org.crosswire.community.projects.ntmss.data.Document" %> <%@ page import="org.crosswire.community.projects.ntmss.data.Page" %> <%@ page import="org.crosswire.xml.XMLBlock" %> <%@ page import="org.crosswire.webtools.annotation.*" %> <%@ page import="org.crosswire.webtools.*" %> <%@ page import="javax.validation.constraints.NotNull" %> <%! @Description(value = "Submit a new or modified page for a manuscript.", name = "manuscript/putpage") public static class MyParameters extends Parameters { @NotNull @Description(value = "manuscript id", example = "10046") public Integer docID; @NotNull @Description(value = "page id", example = "10") public Integer pageID; @Description(value = "folio number", example = "27r") public String folio; @Override protected void customValidation() { if (getUser() == null) { addError(-5, "Must be logged in."); return; } } } %> <% MyParameters params = new MyParameters().loadFromRequest(request, response, false); if (params.getErrors().size() == 0) { String userName = Sessions.getSessionStringValue(request, "userName"); StringBuffer retVal = new StringBuffer(); Document doc = Document.getDocument(params.docID); if (doc == null) { params.addError(-6, "Document docID: " + params.docID + " not found."); } else { String role = "Transcription Manager"; boolean permission = params.getUser().hasRole(role) || params.getUser().hasRole("VMR Administrator") || (params.getUser().getUserName().equals(doc.getUserID())); if (!permission) { params.getUser().includeUserRoles(); XMLBlock ur = params.getUser().getBlock("userRoles"); if (ur != null) { XMLBlock rs[] = ur.getBlocks("role"); for (XMLBlock r : rs) { String roleName = r.getAttribute("roleName"); if (roleName.startsWith("Catalog Admin:")) { try { int min = Integer.parseInt(roleName.split(":")[1].split("-")[0].trim()); int max = Integer.parseInt(roleName.split("-")[1].trim()); if (params.docID >= min && params.docID <= max) permission = true; } catch(Exception e) {} } } } } Page p = Page.getPage(params.docID, params.pageID); // edit an existing page if (p != null) { Page pOrig = (Page)p.clone(); // if (p.getFolioNumber() != null && p.getFolioNumber().length() > 0 && !permission) { // for folios, we want anyone to be able to edit as long as they are logged in p.setFolioNumber(params.folio); p.save(pOrig); retVal.append(""); } // new page else { // we check permissions here instead of at the top because folio editing can be done by anyone logged in if (!permission) { params.addError(-7, "User is not the owner of this document nor has the role: " + role + "."); } else { p = new Page(); p.setDocumentID(params.docID); p.setPageID(params.pageID); if (params.folio != null) { p.setFolioNumber(params.folio); } p.saveNew(); retVal.append(""); } } } if (retVal.length() > 0) { Serializer.output(response, out, params, XMLBlock.createXMLBlock(retVal.toString())); return; } } else params.format = "html"; Serializer.reportErrors(request, response, out, params, true); %>