THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
...
- define security needs of your action.
- remove all attempts to get authenticated user via RollerSession and replace with a simple call to getAuthenticatedUser();if your action tries to create a RollerSession from a request to access the authenticated user then you need to replace that code with a simple call like "UserData user = getAuthenticatedUser();". this is a nice freebee that has been setup via our struts2 config so that the authenticated user is extracted and made available to you automatically by extending the UIAction class. so you don't need to use RollerSession to access the authetnicated user anymore
. access to the authenticated UserData object is provide for you by having your action extend the UIAction class, so there is nothing that you need to do. by default, all actions require an authenticated user, so if the user is not properly authenticated when trying to access an action then they will get an access denied page. - remove all attempts to get the weblog used by the action via a RollerRequest object and replace with a simple call to getActionWeblog(). just like above, this is extracted from the request and populated for you.
- to see how you can control the security options for your action, check out the http://svn.apache.org/viewvc/roller/trunk/src/org/apache/roller/ui/core/util/struts2/UISecurityEnforced.java?revision=529793&view=markup which provides control points. this interface is implemented by the UIAction class which you most likely should be extending, so you can modify the default behavior by simply overriding any of the methods from that interface in your action class.
- remove all attempts to get authenticated user via RollerSession and replace with a simple call to getAuthenticatedUser();if your action tries to create a RollerSession from a request to access the authenticated user then you need to replace that code with a simple call like "UserData user = getAuthenticatedUser();". this is a nice freebee that has been setup via our struts2 config so that the authenticated user is extracted and made available to you automatically by extending the UIAction class. so you don't need to use RollerSession to access the authetnicated user anymore
- fix action method declarations to
- return just a String
- not accept any params
- not throw any exceptions (handle these inside your action method!)
- fix action method results to just return a String instead of an ActionForward
...