Improve ACR attribute typing.

[lgpl/argeo-commons.git] / org.argeo.cms / src / org / argeo / cms / acr / CmsContentRepository.java

diff --git a/org.argeo.cms/src/org/argeo/cms/acr/CmsContentRepository.java b/org.argeo.cms/src/org/argeo/cms/acr/CmsContentRepository.java
index 6285710e8a0eff395acf8ab73a3877f66ae05c73..89e725043923694498846d06b0307fd9d454fa50 100644 (file)
--- a/org.argeo.cms/src/org/argeo/cms/acr/CmsContentRepository.java
+++ b/org.argeo.cms/src/org/argeo/cms/acr/CmsContentRepository.java
@@ -5,6 +5,7 @@ import java.util.HashMap;
 import java.util.Locale;
 import java.util.Map;
 
+import javax.security.auth.Subject;
 import javax.security.auth.login.LoginContext;
 import javax.security.auth.login.LoginException;
 
@@ -13,9 +14,11 @@ import org.argeo.api.acr.spi.ProvidedRepository;
 import org.argeo.api.cms.CmsAuth;
 import org.argeo.api.cms.CmsSession;
 import org.argeo.api.cms.CmsState;
+import org.argeo.api.cms.DataAdminPrincipal;
 import org.argeo.api.uuid.UuidFactory;
-import org.argeo.cms.auth.CurrentUser;
+import org.argeo.cms.CurrentUser;
 import org.argeo.cms.internal.runtime.CmsContextImpl;
+import org.argeo.cms.util.CurrentSubject;
 
 /**
  * Multi-session {@link ProvidedRepository}, integrated with a CMS.
@@ -40,7 +43,17 @@ public class CmsContentRepository extends AbstractContentRepository {
 
        @Override
        public ContentSession get(Locale locale) {
-               // Subject subject = Subject.getSubject(AccessController.getContext());
+               Subject subject = CurrentSubject.current();
+               if (subject == null)
+                       throw new IllegalStateException("Caller must be authenticated");
+               if (!CmsSession.hasCmsSession(subject)) {
+                       if (DataAdminPrincipal.isDataAdmin(subject)) {
+                               // TODO open multiple data admin sessions?
+                               return getSystemSession();
+                       }
+                       throw new IllegalStateException("Caller must be authenticated");
+               }
+
                CmsSession cmsSession = CurrentUser.getCmsSession();
                CmsContentSession contentSession = userSessions.get(cmsSession);
                if (contentSession == null) {