public boolean isSessionValid(UserSession userSession, RequestContext request) {
String remoteUser = null;
Cookie SSOCookie = ControllerUtils.getCookie("JforumSSO"); // my app login cookie
logger.info("DEBUG - CustomSSO - isSessionValid - Getting JForumSSO Cookie!");
if (SSOCookie != null) remoteUser = SSOCookie.getValue(); // jforum username
if (remoteUser == null) {
logger.info("DEBUG - CustomSSO - isSessionValid - JForumSSO Cookie is NULL!");
JForumExecutionContext.setRedirect(SystemGlobals.getValue(ConfigKeys.SSO_REDIRECT));
return false;
} else if (remoteUser.equals("")) {
logger.info("DEBUG - CustomSSO - isSessionValid - JForumSSO Cookie is empty!");
JForumExecutionContext.setRedirect(SystemGlobals.getValue(ConfigKeys.SSO_REDIRECT));
return false;
// user has since logged in
} else if (remoteUser != null
&& userSession.getUserId() == SystemGlobals.getIntValue(ConfigKeys.ANONYMOUS_USER_ID)) {
logger.info("DEBUG - CustomSSO - isSessionValid - JForumSSO Cookie is Anonymous!");
return false;
// user has changed user
} else if (remoteUser != null && !remoteUser.equals(userSession.getUsername())) {
logger.info("DEBUG - CustomSSO - isSessionValid - JForumSSO Cookie User Mismatch");
return false;
}
logger.info("DEBUG - CustomSSO - isSessionValid - Returning True");
return true; // sso pool apps user and forum user the same
}
/**
* Gets all forums available to the user.
*
* @param us An <code>UserSession</code> instance with user information
* @param anonymousUserId The id which represents the anonymous user
* @param tracking <code>Map</code> instance with information about the topics read by the user
* @param checkUnreadPosts <code>true</code> if is to search for unread topics inside the forums,
* or <code>false</code> if this action is not needed.
* @return A <code>List</code> instance where each record is an instance of a <code>Category
* </code> object
*/
public static List getAllCategoriesAndForums(
UserSession us, int anonymousUserId, Map tracking, boolean checkUnreadPosts) {
long lastVisit = 0;
int userId = anonymousUserId;
if (us != null) {
lastVisit = us.getLastVisit().getTime();
userId = us.getUserId();
}
// Do not check for unread posts if the user is not logged in
checkUnreadPosts = checkUnreadPosts && (userId != anonymousUserId);
List categories = ForumRepository.getAllCategories(userId);
if (!checkUnreadPosts) {
return categories;
}
List returnCategories = new ArrayList();
for (Iterator iter = categories.iterator(); iter.hasNext(); ) {
Category c = new Category((Category) iter.next());
for (Iterator tmpIterator = c.getForums().iterator(); tmpIterator.hasNext(); ) {
Forum f = (Forum) tmpIterator.next();
ForumCommon.checkUnreadPosts(f, tracking, lastVisit);
}
returnCategories.add(c);
}
return returnCategories;
}
/**
* @see #getAllCategoriesAndForums(boolean)
* @return List
*/
public static List getAllCategoriesAndForums() {
LOG.trace("getAllCategoriesAndForums");
UserSession us = SessionFacade.getUserSession();
boolean checkUnread =
(us != null && us.getUserId() != SystemGlobals.getIntValue(ConfigKeys.ANONYMOUS_USER_ID));
return getAllCategoriesAndForums(checkUnread);
}
/**
* Check if the logged user has access to the role. This method gets user's id from its session.
*
* @param roleName The role name to verify
* @param value The value relacted to the role to verify for access
* @return <code>true</code> if the user has access to the role, <code>false</code> if access is
* denied
*/
public static boolean canAccess(String roleName, String value) {
UserSession us = SessionFacade.getUserSession();
if (us == null) {
logger.warn(
"Found null userSession. Going anonymous. Session id #"
+ JForumExecutionContext.getRequest().getSessionContext().getId());
us = new UserSession();
us.makeAnonymous();
}
return canAccess(us.getUserId(), roleName, value);
}
