public ModelAndView handleRequestInternal(
HttpServletRequest request, HttpServletResponse response) throws Exception {
String path = request.getPathInfo();
String collectionUid = path.substring(path.lastIndexOf('/') + 1);
// Get the collection and make sure it's valid.
CollectionItem collection = null;
try {
collection = (CollectionItem) contentService.findItemByUid(collectionUid);
} catch (ClassCastException e) {
// This isn't quite the right thing to do, but is a good idea for now.
return new ModelAndView("error_notfound");
} catch (CosmoSecurityException e) {
new ModelAndView("error_forbidden");
}
if (collection == null) {
return new ModelAndView("error_notfound");
}
Map<String, Object> model = new HashMap<String, Object>();
model.put("collection", collection);
CosmoSecurityContext csc = securityManager.getSecurityContext();
Map<String, String> relationLinks;
Ticket ticket = findTicket(csc);
if (ticket != null)
relationLinks =
serviceLocatorFactory
.createServiceLocator(request, ticket, false)
.getCollectionUrls(collection);
else
relationLinks =
serviceLocatorFactory.createServiceLocator(request, false).getCollectionUrls(collection);
model.put("relationLinks", relationLinks);
model.put("properties", propertyPlaceholderConfigurer.getProperties());
if (ticket != null) {
model.put("ticketKey", ticket.getKey());
return new ModelAndView(pimView, model);
} else {
// If we can't find a ticket principal, use the current user.
User authUser = csc.getUser();
if (authUser != null) {
return new ModelAndView(pimView, model);
}
}
// when all else fails...
return new ModelAndView("error_forbidden");
}
// First try to find a ticket principal
private Ticket findTicket(CosmoSecurityContext csc) {
Set<Ticket> tickets = csc.getTickets();
if (!tickets.isEmpty()) return (Ticket) tickets.toArray()[0];
else return null;
}