/** * Calculate the tenant store for the given user Id. * * @param userId User Id to process - must be non-null and cannot be Guest. * @return Tenant store for the user or empty string for the default tenant. */ private final String getTenantUserStore(final String userId) { if (userId == null || AuthenticationUtil.isGuest(userId)) { throw new AlfrescoRuntimeException("User ID must exist and cannot be guest."); } String storeId = ""; // default domain int idx = userId.indexOf('@'); if (idx != -1) { // assume MT so partition by user domain storeId = userId.substring(idx); } return storeId; }
@Override public String toString() { try { String out = ""; final RequestContext rc = ThreadLocalRequestContext.getRequestContext(); final String userId = rc.getUserId(); if (userId != null && !AuthenticationUtil.isGuest(userId)) { int idx = userId.indexOf('@'); if (idx != -1) { out = "Mimetypes for user domain: " + userId.substring(idx) + "\r\n"; } } return out + getMimetypes().toString(); } catch (Throwable e) { return super.toString(); } }
@Override protected boolean loginRequiredForPage( RequestContext context, HttpServletRequest request, Page page) { boolean externalAuth = false; EndpointDescriptor descriptor = getRemoteConfig(context).getEndpointDescriptor(AlfrescoUserFactory.ALFRESCO_ENDPOINT_ID); if (descriptor != null) { externalAuth = descriptor.getExternalAuth(); } boolean login = false; User user = context.getUser(); switch (page.getAuthentication()) { case guest: { login = (user == null); break; } // Enhanced test over the super class implementation - to check that the user has // credentials to // use the default "alfresco" endpoint - ensures that say a user ID is in the session from // access to an RSS feed endpoint, they are not given permission to proceed until after a // full login case user: { try { login = (user == null || AuthenticationUtil.isGuest(user.getId())) || (!context .getServiceRegistry() .getConnectorService() .getCredentialVault(request.getSession(), user.getId()) .hasCredentials(AlfrescoUserFactory.ALFRESCO_ENDPOINT_ID) && externalAuth == false); } catch (CredentialVaultProviderException err) { throw new PlatformRuntimeException( "Unable to retrieve credentials for current user.", err); } break; } case admin: { try { login = (user == null || !user.isAdmin()) || (!context .getServiceRegistry() .getConnectorService() .getCredentialVault(request.getSession(), user.getId()) .hasCredentials(AlfrescoUserFactory.ALFRESCO_ENDPOINT_ID) && externalAuth == false); } catch (CredentialVaultProviderException err) { throw new PlatformRuntimeException( "Unable to retrieve credentials for current user.", err); } if (login) { // special case for admin - need to clear user context before // we can login again to "upgrade" our user authentication level AuthenticationUtil.clearUserContext(request); } break; } } return login; }