package org.argeo.cms;
-import static org.argeo.cms.internal.kernel.KernelConstants.SPRING_SECURITY_CONTEXT_KEY;
-
-import java.util.Locale;
-import java.util.ResourceBundle;
+import java.security.PrivilegedAction;
+import java.util.HashMap;
+import java.util.Map;
import javax.jcr.Node;
+import javax.jcr.Property;
import javax.jcr.Repository;
import javax.jcr.RepositoryException;
import javax.jcr.Session;
import javax.jcr.nodetype.NodeType;
-import javax.servlet.http.HttpSession;
+import javax.security.auth.Subject;
+import javax.security.auth.login.CredentialNotFoundException;
+import javax.security.auth.login.LoginContext;
+import javax.security.auth.login.LoginException;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
+import org.argeo.ArgeoException;
+import org.argeo.cms.auth.AuthConstants;
+import org.argeo.cms.auth.HttpRequestCallbackHandler;
+import org.argeo.eclipse.ui.specific.UiContext;
import org.argeo.jcr.JcrUtils;
import org.eclipse.rap.rwt.RWT;
import org.eclipse.rap.rwt.application.AbstractEntryPoint;
+import org.eclipse.rap.rwt.client.WebClient;
import org.eclipse.rap.rwt.client.service.BrowserNavigation;
import org.eclipse.rap.rwt.client.service.BrowserNavigationEvent;
import org.eclipse.rap.rwt.client.service.BrowserNavigationListener;
+import org.eclipse.rap.rwt.client.service.JavaScriptExecutor;
+import org.eclipse.swt.widgets.Composite;
import org.eclipse.swt.widgets.Display;
import org.eclipse.swt.widgets.Shell;
-import org.springframework.security.core.context.SecurityContext;
-import org.springframework.security.core.context.SecurityContextHolder;
/** Manages history and navigation */
-abstract class AbstractCmsEntryPoint extends AbstractEntryPoint implements
- CmsSession {
+public abstract class AbstractCmsEntryPoint extends AbstractEntryPoint
+ implements CmsView {
private final Log log = LogFactory.getLog(AbstractCmsEntryPoint.class);
- private Repository repository;
- private String workspace;
- private Session session;
+ private final Subject subject;
+ private LoginContext loginContext;
- // current state
+ private final Repository repository;
+ private final String workspace;
+ private final String defaultPath;
+ private final Map<String, String> factoryProperties;
+
+ // Current state
+ private Session session;
private Node node;
private String state;
- // private String page;
+ private String page;
private Throwable exception;
- private BrowserNavigation history;
-
- public AbstractCmsEntryPoint(Repository repository, String workspace) {
- if (SecurityContextHolder.getContext().getAuthentication() == null) {
- HttpSession httpSession = RWT.getRequest().getSession();
- // log.debug("Session: " + httpSession.getId());
- SecurityContext contextFromSessionObject = (SecurityContext) httpSession
- .getAttribute(SPRING_SECURITY_CONTEXT_KEY);
- if (contextFromSessionObject != null)
- SecurityContextHolder.setContext(contextFromSessionObject);
- else
- logAsAnonymous();
- }
+ // Client services
+ private final JavaScriptExecutor jsExecutor;
+ private final BrowserNavigation browserNavigation;
+ public AbstractCmsEntryPoint(Repository repository, String workspace,
+ String defaultPath, Map<String, String> factoryProperties) {
this.repository = repository;
this.workspace = workspace;
- authChange();
+ this.defaultPath = defaultPath;
+ this.factoryProperties = new HashMap<String, String>(factoryProperties);
+ subject = new Subject();
- history = RWT.getClient().getService(BrowserNavigation.class);
- if (history != null)
- history.addBrowserNavigationListener(new CmsNavigationListener());
+ // Initial login
+ try {
+ loginContext = new LoginContext(AuthConstants.LOGIN_CONTEXT_USER,
+ subject, new HttpRequestCallbackHandler(
+ UiContext.getHttpRequest()));
+ loginContext.login();
+ } catch (CredentialNotFoundException e) {
+ try {
+ loginContext = new LoginContext(
+ AuthConstants.LOGIN_CONTEXT_ANONYMOUS, subject);
+ loginContext.login();
+ } catch (LoginException e1) {
+ throw new ArgeoException("Cannot log as anonymous", e);
+ }
+ } catch (LoginException e) {
+ throw new ArgeoException("Cannot initialize subject", e);
+ }
+ authChange(loginContext);
- // RWT.setLocale(Locale.FRANCE);
+ jsExecutor = RWT.getClient().getService(JavaScriptExecutor.class);
+ browserNavigation = RWT.getClient().getService(BrowserNavigation.class);
+ if (browserNavigation != null)
+ browserNavigation
+ .addBrowserNavigationListener(new CmsNavigationListener());
}
@Override
return shell;
}
- /** Recreate header UI */
- protected abstract void refreshHeader();
+ @Override
+ protected final void createContents(final Composite parent) {
+ UiContext.setData(CmsView.KEY, this);
+ Subject.doAs(subject, new PrivilegedAction<Void>() {
+ @Override
+ public Void run() {
+ try {
+ initUi(parent);
+ } catch (Exception e) {
+ throw new CmsException("Cannot create entrypoint contents",
+ e);
+ }
+ return null;
+ }
+ });
+ }
- /** Recreate body UI */
- protected abstract void refreshBody();
+ /** Create UI */
+ protected abstract void initUi(Composite parent);
- /** Log as anonymous */
- protected abstract void logAsAnonymous();
+ /** Recreate UI after navigation or auth change */
+ protected abstract void refresh();
/**
* The node to return when no node was found (for authenticated users and
* anonymous)
*/
- protected abstract Node getDefaultNode(Session session)
- throws RepositoryException;
-
- /**
- * Reasonable default since it is a nt:hierarchyNode and is thus compatible
- * with the obvious default folder type, nt:folder, conceptual equivalent of
- * an empty text file in an operating system. To be overridden.
- */
- protected String getDefaultNewNodeType() {
- return CmsTypes.CMS_TEXT;
+ protected Node getDefaultNode(Session session) throws RepositoryException {
+ if (!session.hasPermission(defaultPath, "read")) {
+ if (session.getUserID().equals(AuthConstants.ROLE_ANONYMOUS))
+ // TODO throw a special exception
+ throw new CmsException("Login required");
+ else
+ throw new CmsException("Unauthorized");
+ }
+ return session.getNode(defaultPath);
}
- /** Default new folder type (used in mkdirs) is nt:folder. To be overridden. */
- protected String getDefaultNewFolderType() {
- return NodeType.NT_FOLDER;
+ protected String getBaseTitle() {
+ return factoryProperties.get(WebClient.PAGE_TITLE);
}
public void navigateTo(String state) {
exception = null;
- setState(state);
- refreshBody();
- if (history != null)
- history.pushState(state, state);
+ String title = setState(state);
+ doRefresh();
+ if (browserNavigation != null)
+ browserNavigation.pushState(state, title);
+ }
+
+ @Override
+ public Subject getSubject() {
+ return subject;
}
@Override
- public void authChange() {
+ public void logout() {
+ if (loginContext == null)
+ throw new CmsException("Login context should not be null");
try {
- String currentPath = null;
- if (node != null)
- currentPath = node.getPath();
- JcrUtils.logoutQuietly(session);
-
- if (SecurityContextHolder.getContext().getAuthentication() == null)
- logAsAnonymous();
- session = repository.login(workspace);
- if (currentPath != null)
- node = session.getNode(currentPath);
-
- // refresh UI
- refreshHeader();
- refreshBody();
- } catch (RepositoryException e) {
- throw new CmsException("Cannot perform auth change", e);
+ loginContext.logout();
+ LoginContext anonymousLc = new LoginContext(
+ AuthConstants.LOGIN_CONTEXT_ANONYMOUS, subject);
+ anonymousLc.login();
+ authChange(anonymousLc);
+ } catch (LoginException e) {
+ throw new CmsException("Cannot logout", e);
}
+ }
+
+ @Override
+ public void authChange(LoginContext loginContext) {
+ if (loginContext == null)
+ throw new CmsException("Login context cannot be null");
+ this.loginContext = loginContext;
+ Subject.doAs(subject, new PrivilegedAction<Void>() {
+
+ @Override
+ public Void run() {
+ try {
+ String currentPath = null;
+ if (node != null)
+ currentPath = node.getPath();
+ JcrUtils.logoutQuietly(session);
+
+ session = repository.login(workspace);
+ if (currentPath != null)
+ try {
+ node = session.getNode(currentPath);
+ } catch (Exception e) {
+ logout();
+ session = repository.login(workspace);
+ navigateTo("~");
+ throw e;
+ }
+
+ // refresh UI
+ doRefresh();
+ } catch (RepositoryException e) {
+ throw new CmsException("Cannot perform auth change", e);
+ }
+ return null;
+ }
+
+ });
}
@Override
- public void exception(Throwable e) {
- this.exception = e;
+ public void exception(final Throwable e) {
+ AbstractCmsEntryPoint.this.exception = e;
log.error("Unexpected exception in CMS", e);
- refreshBody();
+ doRefresh();
}
- @Override
- public Object local(Msg msg) {
- String key = msg.getId();
- int lastDot = key.lastIndexOf('.');
- String className = key.substring(0, lastDot);
- String fieldName = key.substring(lastDot + 1);
- Locale locale = RWT.getLocale();
- ResourceBundle rb = ResourceBundle.getBundle(className, locale,
- msg.getClassLoader());
- return rb.getString(fieldName);
+ protected void doRefresh() {
+ Subject.doAs(subject, new PrivilegedAction<Void>() {
+ @Override
+ public Void run() {
+ refresh();
+ return null;
+ }
+ });
}
+ // @Override
+ // public Object local(Msg msg) {
+ // String key = msg.getId();
+ // int lastDot = key.lastIndexOf('.');
+ // String className = key.substring(0, lastDot);
+ // String fieldName = key.substring(lastDot + 1);
+ // Locale locale = RWT.getLocale();
+ // ResourceBundle rb = ResourceBundle.getBundle(className, locale,
+ // msg.getClassLoader());
+ // return rb.getString(fieldName);
+ // }
+
/** Sets the state of the entry point and retrieve the related JCR node. */
- protected synchronized void setState(String newState) {
+ protected synchronized String setState(String newState) {
String previousState = this.state;
node = null;
- // page = null;
+ page = null;
this.state = newState;
+ if (newState.equals("~"))
+ this.state = "";
try {
int firstSlash = state.indexOf('/');
if (firstSlash == 0) {
- if (!session.nodeExists(state))
- node = addNode(session, state, null);
- else
+ if (session.nodeExists(state))
node = session.getNode(state);
- // page = "";
+ else
+ throw new CmsException("Data " + state + " does not exist");
+ page = "";
} else if (firstSlash > 0) {
String prefix = state.substring(0, firstSlash);
String path = state.substring(firstSlash);
- if (session.getWorkspace().getNodeTypeManager()
- .hasNodeType(prefix)) {
- String nodeType = prefix;
- if (!session.nodeExists(path))
- node = addNode(session, path, nodeType);
- else {
- node = session.getNode(path);
- if (!node.isNodeType(nodeType))
- throw new CmsException("Node " + path
- + " not of type " + nodeType);
- }
- } else if ("delete".equals(prefix)) {
- if (session.itemExists(path)) {
- Node nodeToDelete = session.getNode(path);
- // TODO "Are you sure?"
- nodeToDelete.remove();
- session.save();
- log.debug("Deleted " + path);
- navigateTo(previousState);
- } else
- throw new CmsException("Data " + path
- + " does not exist");
- } else {
- if (session.itemExists(path))
- node = session.getNode(path);
- else
- throw new CmsException("Data " + path
- + " does not exist");
- }
- throw new CmsException("Unsupported state prefix '" + prefix
- + "'");
- // page = prefix;
+ if (session.nodeExists(path))
+ node = session.getNode(path);
+ else
+ throw new CmsException("Data " + path + " does not exist");
+ page = prefix;
} else {
node = getDefaultNode(session);
- // if (state.equals("~"))
- // page = "";
- // else
- // page = state;
+ page = state;
}
- if (log.isTraceEnabled())
- log.trace("node=" + node + ", state=" + state);
+ // Title
+ String title;
+ if (node.isNodeType(NodeType.MIX_TITLE)
+ && node.hasProperty(Property.JCR_TITLE))
+ title = node.getProperty(Property.JCR_TITLE).getString()
+ + " - " + getBaseTitle();
+ else
+ title = getBaseTitle();
+ jsExecutor.execute("document.title = \"" + title + "\"");
- } catch (RepositoryException e) {
- throw new CmsException("Cannot retrieve node", e);
+ if (log.isTraceEnabled())
+ log.trace("node=" + node + ", state=" + state + " (page="
+ + page + ", title=" + title + ")");
+
+ return title;
+ } catch (Exception e) {
+ log.error("Cannot set state '" + state + "'", e);
+ if (previousState.equals(""))
+ previousState = "~";
+ navigateTo(previousState);
+ throw new CmsException("Unexpected issue when accessing #"
+ + newState, e);
}
}
- protected Node addNode(Session session, String path, String nodeType)
- throws RepositoryException {
- return JcrUtils.mkdirs(session, path, nodeType != null ? nodeType
- : getDefaultNewNodeType(), getDefaultNewFolderType(), false);
- // not saved, so that the UI can discard it later on
- }
-
protected Node getNode() {
return node;
}
- @Override
- public String getState() {
+ protected String getState() {
return state;
}
- // protected String getPage() {
- // return page;
- // }
-
protected Throwable getException() {
return exception;
}
@Override
public void navigated(BrowserNavigationEvent event) {
setState(event.getState());
- refreshBody();
+ refresh();
}
}
-
-}
+}
\ No newline at end of file
projects / lgpl / argeo-commons.git / blobdiff