Coverage Report

Coverage Report - org.apache.turbine.modules.actions.LogoutUser

Classes in this File

Line Coverage

Branch Coverage

Complexity

LogoutUser

88%

16/18

50%

3/6

 package org.apache.turbine.modules.actions;
 
 /*
  * Licensed to the Apache Software Foundation (ASF) under one
  * or more contributor license agreements.  See the NOTICE file
  * distributed with this work for additional information
  * regarding copyright ownership.  The ASF licenses this file
  * to you under the Apache License, Version 2.0 (the
  * "License"); you may not use this file except in compliance
  * with the License.  You may obtain a copy of the License at
  *
  *   http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing,
  * software distributed under the License is distributed on an
  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
  * KIND, either express or implied.  See the License for the
  * specific language governing permissions and limitations
  * under the License.
  */
 
 import org.apache.fulcrum.security.util.FulcrumSecurityException;
 import org.apache.turbine.TurbineConstants;
 import org.apache.turbine.annotation.TurbineConfiguration;
 import org.apache.turbine.annotation.TurbineService;
 import org.apache.turbine.modules.Action;
 import org.apache.turbine.om.security.User;
 import org.apache.turbine.pipeline.PipelineData;
 import org.apache.turbine.services.security.SecurityService;
 import org.apache.turbine.util.RunData;
 
 /**
  * This action removes a user from the session. It makes sure to save
  * the User object in the session.
  *
  * @author <a href="mailto:mbryson@mont.mindspring.com">Dave Bryson</a>
  * @author <a href="mailto:hps@intermeta.de">Henning P. Schmiedehausen</a>
  * @author <a href="mailto:peter@courcoux.biz">Peter Courcoux</a>
  * @version $Id: LogoutUser.java 1854797 2019-03-04 20:41:39Z tv $
  */
 public class LogoutUser implements Action
 {
     /** Injected service instance */
     @TurbineService
     private SecurityService security;
 
     @TurbineConfiguration( TurbineConstants.LOGOUT_MESSAGE )
     private String logoutMessage;
 
     @TurbineConfiguration( TurbineConstants.ACTION_LOGOUT_KEY )
     private String actionLogout = TurbineConstants.ACTION_LOGOUT_DEFAULT;
 
     @TurbineConfiguration( TurbineConstants.SCREEN_HOMEPAGE )
     private String screenHomepage;
 
     /**
      * Clears the PipelineData user object back to an anonymous status not
      * logged in, and with a null ACL.  If the tr.props ACTION_LOGIN
      * is anything except "LogoutUser", flow is transfered to the
      * SCREEN_HOMEPAGE
      *
      * If this action name is the value of action.logout then we are
      * being run before the session validator, so we don't need to
      * set the screen (we assume that the session validator will handle
      * that). This is basically still here simply to preserve old behavior
      * - it is recommended that action.logout is set to "LogoutUser" and
      * that the session validator does handle setting the screen/template
      * for a logged out (read not-logged-in) user.
      *
      * @param pipelineData Turbine information.
      * @throws FulcrumSecurityException a problem occurred in the security
      *            service.
      */
     @Override
     public void doPerform(PipelineData pipelineData)
             throws FulcrumSecurityException
     {
         RunData data = pipelineData.getRunData();
 
         // Session validator did not run, so RunData is not populated
         User user = data.getUserFromSession();
 
         if (!security.isAnonymousUser(user))
         {
             // Make sure that the user has really logged in...
             if (!user.hasLoggedIn())
             {
                 return;
             }
 
             user.setHasLoggedIn(Boolean.FALSE);
             security.saveUser(user);
         }
 
         data.setMessage(logoutMessage);
 
         // This will cause the acl to be removed from the session in
         // the Turbine servlet code.
         data.setACL(null);
 
         // Retrieve an anonymous user.
         User anonymousUser = security.getAnonymousUser();
         data.setUser(anonymousUser);
         data.save();
 
         // In the event that the current screen or related navigations
         // require acl info, we cannot wait for Turbine to handle
         // regenerating acl.
         data.getSession().removeAttribute(TurbineConstants.ACL_SESSION_KEY);
 
         // If this action name is the value of action.logout then we are
         // being run before the session validator, so we don't need to
         // set the screen (we assume that the session validator will handle
         // that). This is basically still here simply to preserve old behavior
         // - it is recommended that action.logout is set to "LogoutUser" and
         // that the session validator does handle setting the screen/template
         // for a logged out (read not-logged-in) user.
         if (!actionLogout.equals(TurbineConstants.ACTION_LOGOUT_DEFAULT))
         {
             data.setScreen(screenHomepage);
         }
     }
 }

1		package org.apache.turbine.modules.actions;
2
3		/*
4		* Licensed to the Apache Software Foundation (ASF) under one
5		* or more contributor license agreements. See the NOTICE file
6		* distributed with this work for additional information
7		* regarding copyright ownership. The ASF licenses this file
8		* to you under the Apache License, Version 2.0 (the
9		* "License"); you may not use this file except in compliance
10		* with the License. You may obtain a copy of the License at
11		*
12		* http://www.apache.org/licenses/LICENSE-2.0
13		*
14		* Unless required by applicable law or agreed to in writing,
15		* software distributed under the License is distributed on an
16		* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
17		* KIND, either express or implied. See the License for the
18		* specific language governing permissions and limitations
19		* under the License.
20		*/
21
22		import org.apache.fulcrum.security.util.FulcrumSecurityException;
23		import org.apache.turbine.TurbineConstants;
24		import org.apache.turbine.annotation.TurbineConfiguration;
25		import org.apache.turbine.annotation.TurbineService;
26		import org.apache.turbine.modules.Action;
27		import org.apache.turbine.om.security.User;
28		import org.apache.turbine.pipeline.PipelineData;
29		import org.apache.turbine.services.security.SecurityService;
30		import org.apache.turbine.util.RunData;
31
32		/**
33		* This action removes a user from the session. It makes sure to save
34		* the User object in the session.
35		*
36		* @author <a href="mailto:mbryson@mont.mindspring.com">Dave Bryson</a>
37		* @author <a href="mailto:hps@intermeta.de">Henning P. Schmiedehausen</a>
38		* @author <a href="mailto:peter@courcoux.biz">Peter Courcoux</a>
39		* @version $Id: LogoutUser.java 1854797 2019-03-04 20:41:39Z tv $
40		*/
41	3	public class LogoutUser implements Action
42		{
43		/** Injected service instance */
44		@TurbineService
45		private SecurityService security;
46
47		@TurbineConfiguration( TurbineConstants.LOGOUT_MESSAGE )
48		private String logoutMessage;
49
50	3	@TurbineConfiguration( TurbineConstants.ACTION_LOGOUT_KEY )
51		private String actionLogout = TurbineConstants.ACTION_LOGOUT_DEFAULT;
52
53		@TurbineConfiguration( TurbineConstants.SCREEN_HOMEPAGE )
54		private String screenHomepage;
55
56		/**
57		* Clears the PipelineData user object back to an anonymous status not
58		* logged in, and with a null ACL. If the tr.props ACTION_LOGIN
59		* is anything except "LogoutUser", flow is transfered to the
60		* SCREEN_HOMEPAGE
61		*
62		* If this action name is the value of action.logout then we are
63		* being run before the session validator, so we don't need to
64		* set the screen (we assume that the session validator will handle
65		* that). This is basically still here simply to preserve old behavior
66		* - it is recommended that action.logout is set to "LogoutUser" and
67		* that the session validator does handle setting the screen/template
68		* for a logged out (read not-logged-in) user.
69		*
70		* @param pipelineData Turbine information.
71		* @throws FulcrumSecurityException a problem occurred in the security
72		* service.
73		*/
74		@Override
75		public void doPerform(PipelineData pipelineData)
76		throws FulcrumSecurityException
77		{
78	3	RunData data = pipelineData.getRunData();
79
80		// Session validator did not run, so RunData is not populated
81	3	User user = data.getUserFromSession();
82
83	3	if (!security.isAnonymousUser(user))
84		{
85		// Make sure that the user has really logged in...
86	3	if (!user.hasLoggedIn())
87		{
88	0	return;
89		}
90
91	3	user.setHasLoggedIn(Boolean.FALSE);
92	3	security.saveUser(user);
93		}
94
95	3	data.setMessage(logoutMessage);
96
97		// This will cause the acl to be removed from the session in
98		// the Turbine servlet code.
99	3	data.setACL(null);
100
101		// Retrieve an anonymous user.
102	3	User anonymousUser = security.getAnonymousUser();
103	3	data.setUser(anonymousUser);
104	3	data.save();
105
106		// In the event that the current screen or related navigations
107		// require acl info, we cannot wait for Turbine to handle
108		// regenerating acl.
109	3	data.getSession().removeAttribute(TurbineConstants.ACL_SESSION_KEY);
110
111		// If this action name is the value of action.logout then we are
112		// being run before the session validator, so we don't need to
113		// set the screen (we assume that the session validator will handle
114		// that). This is basically still here simply to preserve old behavior
115		// - it is recommended that action.logout is set to "LogoutUser" and
116		// that the session validator does handle setting the screen/template
117		// for a logged out (read not-logged-in) user.
118	3	if (!actionLogout.equals(TurbineConstants.ACTION_LOGOUT_DEFAULT))
119		{
120	0	data.setScreen(screenHomepage);
121		}
122	3	}
123		}