Merge tag 'v2.3.18' into testing

[lgpl/argeo-commons.git] / org.argeo.cms / src / org / argeo / cms / acr / CmsContentRepository.java

diff --git a/org.argeo.cms/src/org/argeo/cms/acr/CmsContentRepository.java b/org.argeo.cms/src/org/argeo/cms/acr/CmsContentRepository.java
index 3e01aee8b235ff9d1d0a94d30174d1afa6d6e6f4..15b893bb3d3ade0aab47e084fd0ace6316511910 100644 (file)
--- a/org.argeo.cms/src/org/argeo/cms/acr/CmsContentRepository.java
+++ b/org.argeo.cms/src/org/argeo/cms/acr/CmsContentRepository.java
@@ -5,6 +5,7 @@ import java.util.HashMap;
 import java.util.Locale;
 import java.util.Map;
 
+import javax.security.auth.Subject;
 import javax.security.auth.login.LoginContext;
 import javax.security.auth.login.LoginException;
 
@@ -13,9 +14,11 @@ import org.argeo.api.acr.spi.ProvidedRepository;
 import org.argeo.api.cms.CmsAuth;
 import org.argeo.api.cms.CmsSession;
 import org.argeo.api.cms.CmsState;
+import org.argeo.api.cms.DataAdminPrincipal;
 import org.argeo.api.uuid.UuidFactory;
-import org.argeo.cms.auth.CurrentUser;
+import org.argeo.cms.CurrentUser;
 import org.argeo.cms.internal.runtime.CmsContextImpl;
+import org.argeo.cms.util.CurrentSubject;
 
 /**
  * Multi-session {@link ProvidedRepository}, integrated with a CMS.
@@ -40,12 +43,22 @@ public class CmsContentRepository extends AbstractContentRepository {
 
        @Override
        public ContentSession get(Locale locale) {
-               // Subject subject = Subject.getSubject(AccessController.getContext());
+               Subject subject = CurrentSubject.current();
+               if (subject == null)
+                       throw new IllegalStateException("Caller must be authenticated");
+               if (!CmsSession.hasCmsSession(subject)) {
+                       if (DataAdminPrincipal.isDataAdmin(subject)) {
+                               // TODO open multiple data admin sessions?
+                               return getSystemSession();
+                       }
+                       throw new IllegalStateException("Caller must be authenticated");
+               }
+
                CmsSession cmsSession = CurrentUser.getCmsSession();
                CmsContentSession contentSession = userSessions.get(cmsSession);
                if (contentSession == null) {
-                       final CmsContentSession newContentSession = new CmsContentSession(this, cmsSession.getUuid(),
-                                       cmsSession.getSubject(), locale);
+                       final CmsContentSession newContentSession = new CmsContentSession(this, cmsSession.uuid(),
+                                       cmsSession.getSubject(), locale, uuidFactory);
                        cmsSession.addOnCloseCallback((c) -> {
                                newContentSession.close();
                                userSessions.remove(cmsSession);
@@ -65,8 +78,8 @@ public class CmsContentRepository extends AbstractContentRepository {
                        throw new RuntimeException("Could not login as data admin", e1);
                } finally {
                }
-               return new CmsContentSession(this, getCmsState().getUuid(), loginContext.getSubject(),
-                               Locale.getDefault());
+               return new CmsContentSession(this, getCmsState().getUuid(), loginContext.getSubject(), Locale.getDefault(),
+                               uuidFactory);
        }
 
        protected CmsState getCmsState() {