> Well what I thought was correct. When the admin user logs in, he can view
> one correct page. After this any navigation to an admin page will print
> false, i.e. he has not passed the admin test, meaning it has reverted to the
> previous user...
@Persist'ed fields are specific to the page you are on, @SessionState
works between pages. If you leave the page then your isAdmin field for
this page is still set, but it won't be transferred to some other
page.
You should definitely take Rich M's suggestion to refactor your code.
It will make it much easier to read and maintain.
Also, I'm a bit bored so I've decided to give you a free code review:
> public Index() throws Exception {
> createDb();
> transfers = new Transfers();
> transfers.getTransferWeek();
> transfers.getCloseWeek();
> }
As others have pointed out, you should not be using the constructor.
Given that your page object is only constructed once I can only
imagine that this is here to test the database connection when the
page is constructed when your app first starts up. In that case it
should be in a method with a more fitting name:
"testDatabaseConnection".
> public boolean validUser() throws SQLException {
This method is poorly named and has side effects that no experienced
engineer would guess, such as populating the User session state
object. Perhaps "public void loadUser()" would be more appropriate,
even better IMHO would be a DAO such as Rich M outlined so you can
call user = userDAO.load() and everyone would know what you were
talking about.
> public void createDb() throws Exception {
Why is this a public method? Also, this should be handled by a DAO
service so you're not replicating this kind of code all over the
place. And you are actually just preparing the connection not actually
creating a DB right? So, if you're not going to create a proper DAO
then perhaps rename this to "public void prepareDbFields()"?
I read a great book recently which outlines a lot of solid programming
practices.
http://www.amazon.com/Clean-Code-Handbook-Software-Craftsmanship/dp/0132350882
Good luck.
Josh
On Mon, Jun 6, 2011 at 10:06 AM, robnangle <robnan...@gmail.com> wrote:
>
> Rich M wrote:
>>
>> On 06/06/2011 12:48 PM, robnangle wrote:
>>> Rich M wrote:
>> Fair enough, I was trying to hypothesize at what might be your problem
>> based on the small subset of related code shown. But you're right, that
>> result does not seem to fit with what I said.
>>
>> It would be more clear to see what is happening to the User object if we
>> could see that code that stores and authorizes the User object before it
>> gets to this page where it can be cleared.
>>
>
> package FantasyGaa.pages;
>
> import java.sql.Connection;
> import java.sql.PreparedStatement;
> import java.sql.ResultSet;
> import java.sql.SQLException;
> import java.util.ArrayList;
> import java.util.List;
>
> import org.apache.tapestry5.annotations.ApplicationState;
> import org.apache.tapestry5.annotations.Component;
> import org.apache.tapestry5.annotations.InjectPage;
> import org.apache.tapestry5.annotations.Persist;
> import org.apache.tapestry5.annotations.Property;
> import org.apache.tapestry5.annotations.SessionState;
> import org.apache.tapestry5.corelib.components.Form;
> import org.apache.tapestry5.corelib.components.PasswordField;
> import org.apache.tapestry5.ioc.annotations.Inject;
> import org.apache.tapestry5.services.ApplicationStateManager;
> import org.apache.tapestry5.services.Request;
> import org.apache.tapestry5.services.Session;
>
> import Db.AppendPlayerNames;
> import Db.GenerateFixtures;
> import Db.Handler;
> import Db.JoinLeague;
> import Db.Transfers;
> import Entities.Fixture;
> import Entities.Player;
> import Entities.PrivateLeague;
> import Entities.Team;
> import Entities.User;
> import FantasyGaa.pages.Private.JoinPrivateLeague;
> import FantasyGaa.pages.login.Login;
> import FantasyGaa.pages.team.SelectPlayers;
> import FantasyGaa.pages.user.EditUser;
>
>
> public class Index {
> private Handler handler;
> private GenerateFixtures genFix;
> private Connection conn;
> private PreparedStatement prep;
>
>
> @Property
> private Transfers transfers;
>
> private List<Fixture> fixtures;
> private Fixture temp;
>
> @Component
> private Form login;
> @Component
> private Form logout;
> @InjectPage
> private Index index;
>
> @InjectPage
> private EditUser edit;
> @InjectPage
> private Login loginPage;
>
> @SessionState(create=false)
> @Property
> private User user;
>
> @Property
> private boolean userExists;
> @Persist
> private boolean adminUser;
> @Component
> private Form side1;
> @Inject
> private Request request;
>
> public Index() throws Exception {
> createDb();
> transfers = new Transfers();
> transfers.getTransferWeek();
> transfers.getCloseWeek();
> }
>
> public void createDb() throws Exception {
> Handler handler = new Handler();
> conn = handler.getConnection();
> prep = handler.getPreparedStatement();
> }
>
> public boolean adminUser() {
> if(user.getUserType() != null &&
> user.getUserType().equalsIgnoreCase("Admin")) {
> adminUser = true;
> setAdminUser(true);
> System.out.println("true");
> }
> else {
> adminUser = false;
> System.out.println("false");
> }
> return adminUser;
> }
>
> public boolean getAdminUser() {
> return adminUser;
> }
>
> public void setAdminUser(boolean adminUser) {
> this.adminUser = adminUser;
> }
>
> public Object onSubmitFromLogin() throws Exception {
> createDb();
> if (validUser()) {
> adminUser();
> return index;
> }
> else {
> login.recordError("Invalid Login");
> return loginPage;
> }
> }
>
> public Object onSubmitFromLogout() throws Exception {
> user = null;
> Session session = request.getSession(false);
> if (session != null) {
> session.invalidate();
> }
> return index;
> }
>
> public boolean validUser() throws SQLException {
> boolean valid = false;
> String check = "Select * from users WHERE (username=?) AND
> (password=?)";
> prep = conn.prepareStatement(check);
> prep.setString(1, username);
> prep.setString(2, password);
> ResultSet rs = (ResultSet) prep.executeQuery();
> while(rs.next()) {
> valid = true;
> user = new User();
> user.setTitle(rs.getString("title"));
> user.setFirstName(rs.getString("firstName"));
> user.setLastName(rs.getString("lastName"));
> user.setAddress1(rs.getString("address1"));
> user.setAddress2(rs.getString("address2"));
> user.setCity(rs.getString("city"));
> user.setCounty(rs.getString("county"));
> user.setPhone(rs.getString("phone"));
> user.setEmail(rs.getString("email"));
> user.setUsername(rs.getString("username"));
> user.setPassword(rs.getString("password"));
> user.setUserType(rs.getString("userType"));
> }
> return valid;
> }
> }
>
>
>
> Rich M wrote:
>>
>> Any luck with some debugging messages to verify what methods are getting
>> called in between the working and broken states?
>>
>
> Well what I thought was correct. When the admin user logs in, he can view
> one correct page. After this any navigation to an admin page will print
> false, i.e. he has not passed the admin test, meaning it has reverted to the
> previous user...
>
>
> --
> View this message in context:
> http://tapestry.1045711.n5.nabble.com/Clearing-SessionState-tp4458525p4459274.html
> Sent from the Tapestry - User mailing list archive at Nabble.com.
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org
> For additional commands, e-mail: users-h...@tapestry.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org
For additional commands, e-mail: users-h...@tapestry.apache.org
