Пример #1
0
  /* (non-Javadoc)
   * @see org.springframework.extensions.surf.mvc.AbstractWebFrameworkView#validateRequestContext(org.springframework.extensions.surf.RequestContext, javax.servlet.http.HttpServletRequest)
   */
  @Override
  protected void validateRequestContext(RequestContext rc, HttpServletRequest req)
      throws Exception {
    super.validateRequestContext(rc, req);

    String themeId = null;

    // test to see if this is a site page
    String siteId = rc.getUriTokens().get("site");
    if (siteId != null) {
      // find the site dashboard page - and look for a theme override
      Page dashboard = getObjectService().getPage("site/" + siteId + "/dashboard");
      if (dashboard != null) {
        themeId = dashboard.getProperty("theme");
      }
    } else {
      // examine current page directly for custom properties with a theme override
      // this allows a different theme per page
      themeId = rc.getPage().getProperty("theme");
    }

    // if themeId different to current theme then look it up
    if (themeId != null && themeId.length() != 0 && !rc.getThemeId().equals(themeId)) {
      Theme theme = getObjectService().getTheme(themeId);
      if (theme != null) {
        // found a valid theme - set it current ready for page rendering
        rc.setTheme(theme);
      }
    }
  }
Пример #2
0
  @Override
  protected boolean loginRequiredForPage(
      RequestContext context, HttpServletRequest request, Page page) {
    boolean externalAuth = false;
    EndpointDescriptor descriptor =
        getRemoteConfig(context).getEndpointDescriptor(AlfrescoUserFactory.ALFRESCO_ENDPOINT_ID);
    if (descriptor != null) {
      externalAuth = descriptor.getExternalAuth();
    }

    boolean login = false;
    User user = context.getUser();
    switch (page.getAuthentication()) {
      case guest:
        {
          login = (user == null);
          break;
        }

        // Enhanced test over the super class implementation - to check that the user has
        // credentials to
        // use the default "alfresco" endpoint - ensures that say a user ID is in the session from
        // access to an RSS feed endpoint, they are not given permission to proceed until after a
        // full login
      case user:
        {
          try {
            login =
                (user == null || AuthenticationUtil.isGuest(user.getId()))
                    || (!context
                            .getServiceRegistry()
                            .getConnectorService()
                            .getCredentialVault(request.getSession(), user.getId())
                            .hasCredentials(AlfrescoUserFactory.ALFRESCO_ENDPOINT_ID)
                        && externalAuth == false);
          } catch (CredentialVaultProviderException err) {
            throw new PlatformRuntimeException(
                "Unable to retrieve credentials for current user.", err);
          }
          break;
        }

      case admin:
        {
          try {
            login =
                (user == null || !user.isAdmin())
                    || (!context
                            .getServiceRegistry()
                            .getConnectorService()
                            .getCredentialVault(request.getSession(), user.getId())
                            .hasCredentials(AlfrescoUserFactory.ALFRESCO_ENDPOINT_ID)
                        && externalAuth == false);
          } catch (CredentialVaultProviderException err) {
            throw new PlatformRuntimeException(
                "Unable to retrieve credentials for current user.", err);
          }
          if (login) {
            // special case for admin - need to clear user context before
            // we can login again to "upgrade" our user authentication level
            AuthenticationUtil.clearUserContext(request);
          }
          break;
        }
    }
    return login;
  }