I tend to have this statement
STKUser authenticatedUser = (STKUser) request.getSession().getAttribute("STKUserSession");
in every method of my Classes. authenticatedUser is used for authorization checks/ logic flow. Is this OK or should I be coding this class differently??? Also are there any recommended books that could help improve my coding for Java Classes like the one below, which are used in web applicatons? Most of my Classes looked like the one below.
public class TD0301AssignmentForm extends Form {
private boolean notifyApprover = false;
boolean employeeChange = false;
public TD0301AssignmentForm(TD0301AssignmentDAO dao) {
this.dao = dao;
}
private TD0301Assignment unlockAssignment(HttpServletRequest request) {
STKUser authenticatedUser = (STKUser) request.getSession().getAttribute("STKUserSession");
TD0301Assignment tdas = new TD0301Assignment();
notifyApprover = true;
boolean unlock = false;
try {
// get the original data
tdas = dao.retreive(request.getParameter("calc_num"), request.getParameter("calc_rev"), request.getParameter("calc_dept"), authenticatedUser);
if ("3".equals(tdas.getForm_approve_state()) && authenticatedUser.getBadge().equals(tdas.getOriginator())) {
tdas.setForm_approve_state("1");
notifyApprover = true;
unlock = true;
}
}
public TD0301Assignment updateAssignment(HttpServletRequest request) {
STKUser authenticatedUser = (STKUser) request.getSession().getAttribute("STKUserSession");
....
if (authenticatedUser.getBadge().equals(tdas.getOriginator())) {
//do something
}
EDIT
The TD0301AssignmentForm Class is accessed using these two Classes.
Servlet
TD0301AssignmentDAO dao = new TD0301AssignmentDAO();
TD0301AssignmentForm form = new TD0301AssignmentForm(dao);
TD0301Assignment obj = new TD0301Assignment();
String pkString = "calc_num=" + request.getParameter("calc_num") + "&calc_rev=" + request.getParameter("calc_rev") + "&calc_dept="
+ request.getParameter("calc_dept");
modelMap.put("dbTable", dbTable);
modelMap.put("action", request.getRequestURL());
modelMap.put("reportTitle", "CommitmentReport");
// I think this is the Application Controller Strategy
actionMap.put(null, new ListAction(modelMap, form, "WEB-INF/views/genericList_v.jsp", "WEB-INF/views/genericList_v.jsp"));
actionMap.put("list", new ListAction(modelMap, form, "WEB-INF/views/genericList_v.jsp", "WEB-INF/views/genericList_v.jsp"));
actionMap.put("view", new ViewAction(modelMap, form, obj, "WEB-INF/views/genericView_v.jsp", "WEB-INF/views/genericView_v.jsp"));
actionMap.put("delete", new DeleteAction(modelMap, form, obj, "WEB-INF/views/genericDeleteConfirm_v.jsp", "WEB-INF/views/genericView_v.jsp"));
actionMap.put("sqlConfirmDelete", new DeleteConfirmAction(form, request.getRequestURL() + "?message=Deletion was successful!", request.getRequestURL()
+ "?method=view&" + pkString));
actionMap.put("edit", new EditAction(modelMap, form, obj, "WEB-INF/views/genericEdit_v.jsp", "WEB-INF/views/genericView_v.jsp"));
actionMap.put("sqlUpdate", new UpdateAction(modelMap, form, obj, request.getRequestURL() + "?message=Update was successful!", "WEB-INF/views/genericEdit_v.jsp"));
actionMap.put("new", new NewAction(modelMap, form, "WEB-INF/views/genericAdd_v.jsp"));
actionMap.put("sqlInsert", new InsertAction(modelMap, form, obj, request.getRequestURL() + "?message=Insert was successful!", "WEB-INF/views/genericAdd_v.jsp"));
String op = request.getParameter("method");
ControllerAction action = (ControllerAction) actionMap.get(op);
if (action != null) {
action.service(request, response);
} else {
String url = "WEB-INF/views/errorMessage_v.jsp";
String errMessage = "Operation '" + op + "' not a valid for in '" + request.getServletPath() + "' !!";
request.setAttribute("message", errMessage);
request.getRequestDispatcher(url).forward(request, response);
}
public class EditAction implements ControllerAction {
private Form form;
private Object obj;
private String xPage;
private String yPage;
private HashMap modelMap;
public EditAction(HashMap modelMap, Form form, Object obj, String yPage, String xPage) {
this.form = form;
this.obj = obj;
this.xPage = xPage;
this.yPage = yPage;
this.modelMap = modelMap;
}
public void service(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
obj = form.edit(request);
Iterator it = modelMap.entrySet().iterator();
while (it.hasNext()) {
Map.Entry pairs = (Map.Entry)it.next();
request.setAttribute(pairs.getKey().toString(), pairs.getValue());
}
request.setAttribute("obj", obj);
request.setAttribute("form", form);
if (form.isSucces()) {
RequestDispatcher view = request.getRequestDispatcher(yPage);
view.forward(request, response);
}
else {
RequestDispatcher view = request.getRequestDispatcher(xPage);
view.forward(request, response);
}
}
}
If you find yourself retrieving the same value all the time, you’d probably at least want to abstract it into a method in a base class:
Another, potentially cleaner option depending on your dispatch/instantiation/etc. mechanism would be to inject the value into your forms (if they’re not singletons, unclear):
Or provide it as an argument to form methods (if they are):
It’s unfortunate your forms are tied directly to the servlet spec; it’s more pleasant to do as much development as possible without that requirement.