/* (non-Javadoc)
* @see org.springframework.extensions.surf.mvc.AbstractWebFrameworkView#validateRequestContext(org.springframework.extensions.surf.RequestContext, javax.servlet.http.HttpServletRequest)
*/
@Override
protected void validateRequestContext(RequestContext rc, HttpServletRequest req)
throws Exception {
super.validateRequestContext(rc, req);
String themeId = null;
// test to see if this is a site page
String siteId = rc.getUriTokens().get("site");
if (siteId != null) {
// find the site dashboard page - and look for a theme override
Page dashboard = getObjectService().getPage("site/" + siteId + "/dashboard");
if (dashboard != null) {
themeId = dashboard.getProperty("theme");
}
} else {
// examine current page directly for custom properties with a theme override
// this allows a different theme per page
themeId = rc.getPage().getProperty("theme");
}
// if themeId different to current theme then look it up
if (themeId != null && themeId.length() != 0 && !rc.getThemeId().equals(themeId)) {
Theme theme = getObjectService().getTheme(themeId);
if (theme != null) {
// found a valid theme - set it current ready for page rendering
rc.setTheme(theme);
}
}
}
@Override
protected boolean loginRequiredForPage(
RequestContext context, HttpServletRequest request, Page page) {
boolean externalAuth = false;
EndpointDescriptor descriptor =
getRemoteConfig(context).getEndpointDescriptor(AlfrescoUserFactory.ALFRESCO_ENDPOINT_ID);
if (descriptor != null) {
externalAuth = descriptor.getExternalAuth();
}
boolean login = false;
User user = context.getUser();
switch (page.getAuthentication()) {
case guest:
{
login = (user == null);
break;
}
// Enhanced test over the super class implementation - to check that the user has
// credentials to
// use the default "alfresco" endpoint - ensures that say a user ID is in the session from
// access to an RSS feed endpoint, they are not given permission to proceed until after a
// full login
case user:
{
try {
login =
(user == null || AuthenticationUtil.isGuest(user.getId()))
|| (!context
.getServiceRegistry()
.getConnectorService()
.getCredentialVault(request.getSession(), user.getId())
.hasCredentials(AlfrescoUserFactory.ALFRESCO_ENDPOINT_ID)
&& externalAuth == false);
} catch (CredentialVaultProviderException err) {
throw new PlatformRuntimeException(
"Unable to retrieve credentials for current user.", err);
}
break;
}
case admin:
{
try {
login =
(user == null || !user.isAdmin())
|| (!context
.getServiceRegistry()
.getConnectorService()
.getCredentialVault(request.getSession(), user.getId())
.hasCredentials(AlfrescoUserFactory.ALFRESCO_ENDPOINT_ID)
&& externalAuth == false);
} catch (CredentialVaultProviderException err) {
throw new PlatformRuntimeException(
"Unable to retrieve credentials for current user.", err);
}
if (login) {
// special case for admin - need to clear user context before
// we can login again to "upgrade" our user authentication level
AuthenticationUtil.clearUserContext(request);
}
break;
}
}
return login;
}