Coverage Report

Coverage Report - org.apache.turbine.modules.actions.LogoutUser

Classes in this File

Line Coverage

Branch Coverage

Complexity

LogoutUser

88%

16/18

50%

3/6

 package org.apache.turbine.modules.actions;
 
 /*
  * Licensed to the Apache Software Foundation (ASF) under one
  * or more contributor license agreements.  See the NOTICE file
  * distributed with this work for additional information
  * regarding copyright ownership.  The ASF licenses this file
  * to you under the Apache License, Version 2.0 (the
  * "License"); you may not use this file except in compliance
  * with the License.  You may obtain a copy of the License at
  *
  *   http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing,
  * software distributed under the License is distributed on an
  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
  * KIND, either express or implied.  See the License for the
  * specific language governing permissions and limitations
  * under the License.
  */
 
 import org.apache.fulcrum.security.util.FulcrumSecurityException;
 import org.apache.turbine.TurbineConstants;
 import org.apache.turbine.annotation.TurbineConfiguration;
 import org.apache.turbine.annotation.TurbineService;
 import org.apache.turbine.modules.Action;
 import org.apache.turbine.om.security.User;
 import org.apache.turbine.pipeline.PipelineData;
 import org.apache.turbine.services.security.SecurityService;
 import org.apache.turbine.util.RunData;
 
 /**
  * This action removes a user from the session. It makes sure to save
  * the User object in the session.
  *
  * @author <a href="mailto:mbryson@mont.mindspring.com">Dave Bryson</a>
  * @author <a href="mailto:hps@intermeta.de">Henning P. Schmiedehausen</a>
  * @author <a href="mailto:peter@courcoux.biz">Peter Courcoux</a>
  * @version $Id: LogoutUser.java 1773378 2016-12-09 13:19:59Z tv $
  */
 public class LogoutUser
         extends Action
 {
     /** Injected service instance */
     @TurbineService
     private SecurityService security;
 
     @TurbineConfiguration( TurbineConstants.LOGOUT_MESSAGE )
     private String logoutMessage;
 
     @TurbineConfiguration( TurbineConstants.ACTION_LOGOUT_KEY )
     private String actionLogout = TurbineConstants.ACTION_LOGOUT_DEFAULT;
 
     @TurbineConfiguration( TurbineConstants.SCREEN_HOMEPAGE )
     private String screenHomepage;
 
     /**
      * Clears the PipelineData user object back to an anonymous status not
      * logged in, and with a null ACL.  If the tr.props ACTION_LOGIN
      * is anything except "LogoutUser", flow is transfered to the
      * SCREEN_HOMEPAGE
      *
      * If this action name is the value of action.logout then we are
      * being run before the session validator, so we don't need to
      * set the screen (we assume that the session validator will handle
      * that). This is basically still here simply to preserve old behavior
      * - it is recommended that action.logout is set to "LogoutUser" and
      * that the session validator does handle setting the screen/template
      * for a logged out (read not-logged-in) user.
      *
      * @param pipelineData Turbine information.
      * @throws FulcrumSecurityException a problem occurred in the security
      *            service.
      */
     @Override
     public void doPerform(PipelineData pipelineData)
             throws FulcrumSecurityException
     {
         RunData data = getRunData(pipelineData);
 
         // Session validator did not run, so RunData is not populated
         User user = data.getUserFromSession();
 
         if (!security.isAnonymousUser(user))
         {
             // Make sure that the user has really logged in...
             if (!user.hasLoggedIn())
             {
                 return;
             }
 
             user.setHasLoggedIn(Boolean.FALSE);
             security.saveUser(user);
         }
 
         data.setMessage(logoutMessage);
 
         // This will cause the acl to be removed from the session in
         // the Turbine servlet code.
         data.setACL(null);
 
         // Retrieve an anonymous user.
         User anonymousUser = security.getAnonymousUser();
         data.setUser(anonymousUser);
         data.save();
 
         // In the event that the current screen or related navigations
         // require acl info, we cannot wait for Turbine to handle
         // regenerating acl.
         data.getSession().removeAttribute(TurbineConstants.ACL_SESSION_KEY);
 
         // If this action name is the value of action.logout then we are
         // being run before the session validator, so we don't need to
         // set the screen (we assume that the session validator will handle
         // that). This is basically still here simply to preserve old behavior
         // - it is recommended that action.logout is set to "LogoutUser" and
         // that the session validator does handle setting the screen/template
         // for a logged out (read not-logged-in) user.
         if (!actionLogout.equals(TurbineConstants.ACTION_LOGOUT_DEFAULT))
         {
             data.setScreen(screenHomepage);
         }
     }
 }

1		package org.apache.turbine.modules.actions;
2
3		/*
4		* Licensed to the Apache Software Foundation (ASF) under one
5		* or more contributor license agreements. See the NOTICE file
6		* distributed with this work for additional information
7		* regarding copyright ownership. The ASF licenses this file
8		* to you under the Apache License, Version 2.0 (the
9		* "License"); you may not use this file except in compliance
10		* with the License. You may obtain a copy of the License at
11		*
12		* http://www.apache.org/licenses/LICENSE-2.0
13		*
14		* Unless required by applicable law or agreed to in writing,
15		* software distributed under the License is distributed on an
16		* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
17		* KIND, either express or implied. See the License for the
18		* specific language governing permissions and limitations
19		* under the License.
20		*/
21
22		import org.apache.fulcrum.security.util.FulcrumSecurityException;
23		import org.apache.turbine.TurbineConstants;
24		import org.apache.turbine.annotation.TurbineConfiguration;
25		import org.apache.turbine.annotation.TurbineService;
26		import org.apache.turbine.modules.Action;
27		import org.apache.turbine.om.security.User;
28		import org.apache.turbine.pipeline.PipelineData;
29		import org.apache.turbine.services.security.SecurityService;
30		import org.apache.turbine.util.RunData;
31
32		/**
33		* This action removes a user from the session. It makes sure to save
34		* the User object in the session.
35		*
36		* @author <a href="mailto:mbryson@mont.mindspring.com">Dave Bryson</a>
37		* @author <a href="mailto:hps@intermeta.de">Henning P. Schmiedehausen</a>
38		* @author <a href="mailto:peter@courcoux.biz">Peter Courcoux</a>
39		* @version $Id: LogoutUser.java 1773378 2016-12-09 13:19:59Z tv $
40		*/
41	1	public class LogoutUser
42		extends Action
43		{
44		/** Injected service instance */
45		@TurbineService
46		private SecurityService security;
47
48		@TurbineConfiguration( TurbineConstants.LOGOUT_MESSAGE )
49		private String logoutMessage;
50
51	1	@TurbineConfiguration( TurbineConstants.ACTION_LOGOUT_KEY )
52		private String actionLogout = TurbineConstants.ACTION_LOGOUT_DEFAULT;
53
54		@TurbineConfiguration( TurbineConstants.SCREEN_HOMEPAGE )
55		private String screenHomepage;
56
57		/**
58		* Clears the PipelineData user object back to an anonymous status not
59		* logged in, and with a null ACL. If the tr.props ACTION_LOGIN
60		* is anything except "LogoutUser", flow is transfered to the
61		* SCREEN_HOMEPAGE
62		*
63		* If this action name is the value of action.logout then we are
64		* being run before the session validator, so we don't need to
65		* set the screen (we assume that the session validator will handle
66		* that). This is basically still here simply to preserve old behavior
67		* - it is recommended that action.logout is set to "LogoutUser" and
68		* that the session validator does handle setting the screen/template
69		* for a logged out (read not-logged-in) user.
70		*
71		* @param pipelineData Turbine information.
72		* @throws FulcrumSecurityException a problem occurred in the security
73		* service.
74		*/
75		@Override
76		public void doPerform(PipelineData pipelineData)
77		throws FulcrumSecurityException
78		{
79	1	RunData data = getRunData(pipelineData);
80
81		// Session validator did not run, so RunData is not populated
82	1	User user = data.getUserFromSession();
83
84	1	if (!security.isAnonymousUser(user))
85		{
86		// Make sure that the user has really logged in...
87	1	if (!user.hasLoggedIn())
88		{
89	0	return;
90		}
91
92	1	user.setHasLoggedIn(Boolean.FALSE);
93	1	security.saveUser(user);
94		}
95
96	1	data.setMessage(logoutMessage);
97
98		// This will cause the acl to be removed from the session in
99		// the Turbine servlet code.
100	1	data.setACL(null);
101
102		// Retrieve an anonymous user.
103	1	User anonymousUser = security.getAnonymousUser();
104	1	data.setUser(anonymousUser);
105	1	data.save();
106
107		// In the event that the current screen or related navigations
108		// require acl info, we cannot wait for Turbine to handle
109		// regenerating acl.
110	1	data.getSession().removeAttribute(TurbineConstants.ACL_SESSION_KEY);
111
112		// If this action name is the value of action.logout then we are
113		// being run before the session validator, so we don't need to
114		// set the screen (we assume that the session validator will handle
115		// that). This is basically still here simply to preserve old behavior
116		// - it is recommended that action.logout is set to "LogoutUser" and
117		// that the session validator does handle setting the screen/template
118		// for a logged out (read not-logged-in) user.
119	1	if (!actionLogout.equals(TurbineConstants.ACTION_LOGOUT_DEFAULT))
120		{
121	0	data.setScreen(screenHomepage);
122		}
123	1	}
124		}