/** * Establishes the user associated with the operation. * * @param context the assertion operation context * @throws NotAuthorizedException if authentication was required * @throws AsnInsufficientPrivilegeException if the user has insufficient privilege * @throws AsnUnestablishedUserException if the user could not be established */ public void establishUser(AsnContext context) throws NotAuthorizedException, AsnUnestablishedUserException { // initialize this.setWasUserEstablished(false); AsnOperation operation = context.getOperation(); User user = context.getRequestContext().getUser(); // establish the user part of the operation if (operation.getUserPart() == null) { operation.setUserPart(new AsnUserPart()); } operation.getUserPart().setIPAddress(context.getRequestOptions().getIPAddress()); AsnAuthPolicy authPolicy = operation.getAuthPolicy(); if (authPolicy.getAuthenticationRequired()) { if ((user == null) || !user.getAuthenticationStatus().getWasAuthenticated()) { throw new NotAuthorizedException("Not authorized."); } } if ((user == null) || !user.getAuthenticationStatus().getWasAuthenticated()) { operation.getUserPart().setName(AsnConstants.ANONYMOUS_USERNAME); this.setWasUserEstablished(true); } else { String key = Val.chkStr(user.getKey()); if (key.length() > 0) { operation.getUserPart().setKey(key); if (user.getLocalID() >= 0) { operation.getUserPart().setID("" + user.getLocalID()); String name = Val.chkStr(user.getName()); if (name.length() > 0) { operation.getUserPart().setName(name); this.setWasUserEstablished(true); } } } } if (!this.getWasUserEstablished()) { throw new AsnUnestablishedUserException(); } // check the admin database for a disabled user:ipaddress or user:key // check the admin index for moderation privileges }
/** * Constructs a administrator based upon the user associated with the current request context. * * @param context the current request context (contains the active user) * @throws NotAuthorizedException if the user does not have publishing rights */ protected void checkRole(RequestContext context) throws NotAuthorizedException { // initialize User user = context.getUser(); user.setKey(user.getKey()); user.setLocalID(user.getLocalID()); user.setDistinguishedName(user.getDistinguishedName()); user.setName(user.getName()); // establish credentials UsernamePasswordCredentials creds = new UsernamePasswordCredentials(); creds.setUsername(user.getName()); user.setCredentials(creds); user.setAuthenticationStatus(user.getAuthenticationStatus()); assertAdministratorRole(user); }