X-Git-Url: http://git.argeo.org/?a=blobdiff_plain;f=org.argeo.cms%2Fsrc%2Forg%2Fargeo%2Fcms%2FAbstractCmsEntryPoint.java;h=a9ad03a12470055dfac85116237bf5f825235dcc;hb=0b3ea4f2c08f00100e962272bf21f4f32346fd61;hp=cd7eae42346104197264428562d6768bf26da6a1;hpb=0aace113e5cd3c265f2a1c7aeec5bac565fe581a;p=lgpl%2Fargeo-commons.git diff --git a/org.argeo.cms/src/org/argeo/cms/AbstractCmsEntryPoint.java b/org.argeo.cms/src/org/argeo/cms/AbstractCmsEntryPoint.java index cd7eae423..a9ad03a12 100644 --- a/org.argeo.cms/src/org/argeo/cms/AbstractCmsEntryPoint.java +++ b/org.argeo.cms/src/org/argeo/cms/AbstractCmsEntryPoint.java @@ -1,66 +1,107 @@ package org.argeo.cms; +import java.security.AccessControlContext; +import java.security.PrivilegedAction; +import java.util.HashMap; import java.util.Locale; +import java.util.Map; import java.util.ResourceBundle; import javax.jcr.Node; +import javax.jcr.Property; import javax.jcr.Repository; import javax.jcr.RepositoryException; import javax.jcr.Session; import javax.jcr.nodetype.NodeType; +import javax.security.auth.Subject; +import javax.security.auth.login.LoginException; +import javax.security.auth.x500.X500Principal; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpSession; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; +import org.argeo.ArgeoException; +import org.argeo.cms.auth.ArgeoLoginContext; +import org.argeo.cms.auth.LoginRequiredException; import org.argeo.cms.i18n.Msg; import org.argeo.jcr.JcrUtils; import org.eclipse.rap.rwt.RWT; import org.eclipse.rap.rwt.application.AbstractEntryPoint; +import org.eclipse.rap.rwt.client.WebClient; import org.eclipse.rap.rwt.client.service.BrowserNavigation; import org.eclipse.rap.rwt.client.service.BrowserNavigationEvent; import org.eclipse.rap.rwt.client.service.BrowserNavigationListener; +import org.eclipse.rap.rwt.client.service.JavaScriptExecutor; +import org.eclipse.swt.widgets.Composite; import org.eclipse.swt.widgets.Display; import org.eclipse.swt.widgets.Shell; -import org.springframework.security.core.context.SecurityContextHolder; /** Manages history and navigation */ -abstract class AbstractCmsEntryPoint extends AbstractEntryPoint implements - CmsSession { +public abstract class AbstractCmsEntryPoint extends AbstractEntryPoint + implements CmsView { private final Log log = LogFactory.getLog(AbstractCmsEntryPoint.class); - private Repository repository; - private String workspace; - private Session session; + private final Subject subject; + + private final Repository repository; + private final String workspace; + private final String defaultPath; + private final Map factoryProperties; - // current state + // Current state + private Session session; private Node node; private String state; private String page; private Throwable exception; - private BrowserNavigation history; - - public AbstractCmsEntryPoint(Repository repository, String workspace) { - // if (SecurityContextHolder.getContext().getAuthentication() == null) { - // HttpSession httpSession = RWT.getRequest().getSession(); - // // log.debug("Session: " + httpSession.getId()); - // SecurityContext contextFromSessionObject = (SecurityContext) - // httpSession - // .getAttribute(SPRING_SECURITY_CONTEXT_KEY); - // if (contextFromSessionObject != null) - // SecurityContextHolder.setContext(contextFromSessionObject); - // else - // logAsAnonymous(); - // } + // Client services + private final JavaScriptExecutor jsExecutor; + private final BrowserNavigation browserNavigation; + public AbstractCmsEntryPoint(Repository repository, String workspace, + String defaultPath, Map factoryProperties) { this.repository = repository; this.workspace = workspace; + this.defaultPath = defaultPath; + this.factoryProperties = new HashMap(factoryProperties); + + // load context from session + HttpServletRequest httpRequest = RWT.getRequest(); + final HttpSession httpSession = httpRequest.getSession(); + AccessControlContext acc = (AccessControlContext) httpSession + .getAttribute(KernelHeader.ACCESS_CONTROL_CONTEXT); + if (acc != null + && Subject.getSubject(acc).getPrincipals(X500Principal.class) + .size() == 1) { + subject = Subject.getSubject(acc); + } else { + subject = new Subject(); + + // Initial login + try { + new ArgeoLoginContext(KernelHeader.LOGIN_CONTEXT_USER, subject) + .login(); + } catch (LoginException e) { + // if (log.isTraceEnabled()) + // log.trace("Cannot authenticate user", e); + try { + new ArgeoLoginContext(KernelHeader.LOGIN_CONTEXT_ANONYMOUS, + subject).login(); + } catch (LoginException eAnonymous) { + throw new ArgeoException("Cannot initialize subject", + eAnonymous); + } + } + } authChange(); - history = RWT.getClient().getService(BrowserNavigation.class); - if (history != null) - history.addBrowserNavigationListener(new CmsNavigationListener()); - - // RWT.setLocale(Locale.FRANCE); + jsExecutor = RWT.getClient().getService(JavaScriptExecutor.class); + browserNavigation = RWT.getClient().getService(BrowserNavigation.class); + if (browserNavigation != null) + browserNavigation + .addBrowserNavigationListener(new CmsNavigationListener()); } @Override @@ -79,169 +120,200 @@ abstract class AbstractCmsEntryPoint extends AbstractEntryPoint implements return shell; } - /** Recreate header UI */ - protected abstract void refreshHeader(); + @Override + protected final void createContents(final Composite parent) { + getShell().getDisplay().setData(CmsView.KEY, this); + Subject.doAs(subject, new PrivilegedAction() { + @Override + public Void run() { + try { + createUi(parent); + } catch (Exception e) { + throw new CmsException("Cannot create entrypoint contents", + e); + } + return null; + } + }); + } - /** Recreate body UI */ - protected abstract void refreshBody(); + /** Create UI */ + protected abstract void createUi(Composite parent); - /** Log as anonymous */ - protected abstract void logAsAnonymous(); + /** Recreate UI after navigation or auth change */ + protected abstract void refresh(); /** * The node to return when no node was found (for authenticated users and * anonymous) */ - protected abstract Node getDefaultNode(Session session) - throws RepositoryException; - - /** - * Reasonable default since it is a nt:hierarchyNode and is thus compatible - * with the obvious default folder type, nt:folder, conceptual equivalent of - * an empty text file in an operating system. To be overridden. - */ - protected String getDefaultNewNodeType() { - return CmsTypes.CMS_TEXT; + protected Node getDefaultNode(Session session) throws RepositoryException { + if (!session.hasPermission(defaultPath, "read")) { + if (session.getUserID().equals("anonymous")) + throw new LoginRequiredException(); + else + throw new CmsException("Unauthorized"); + } + return session.getNode(defaultPath); } - /** Default new folder type (used in mkdirs) is nt:folder. To be overridden. */ - protected String getDefaultNewFolderType() { - return NodeType.NT_FOLDER; + protected String getBaseTitle() { + return factoryProperties.get(WebClient.PAGE_TITLE); } public void navigateTo(String state) { exception = null; - setState(state); - refreshBody(); - if (history != null) - history.pushState(state, state); + String title = setState(state); + doRefresh(); + if (browserNavigation != null) + browserNavigation.pushState(state, title); + } + + @Override + public Subject getSubject() { + return subject; } @Override public void authChange() { - try { - String currentPath = null; - if (node != null) - currentPath = node.getPath(); - JcrUtils.logoutQuietly(session); - - if (SecurityContextHolder.getContext().getAuthentication() == null) - logAsAnonymous(); - session = repository.login(workspace); - if (currentPath != null) - node = session.getNode(currentPath); - - // refresh UI - refreshHeader(); - refreshBody(); - } catch (RepositoryException e) { - throw new CmsException("Cannot perform auth change", e); - } + Subject.doAs(subject, new PrivilegedAction() { + + @Override + public Void run() { + try { + String currentPath = null; + if (node != null) + currentPath = node.getPath(); + JcrUtils.logoutQuietly(session); + + session = repository.login(workspace); + if (currentPath != null) + try { + node = session.getNode(currentPath); + } catch (Exception e) { + try { + // TODO find a less hacky way to log out + new ArgeoLoginContext( + KernelHeader.LOGIN_CONTEXT_ANONYMOUS, + subject).logout(); + new ArgeoLoginContext( + KernelHeader.LOGIN_CONTEXT_ANONYMOUS, + subject).login(); + } catch (LoginException eAnonymous) { + throw new ArgeoException( + "Cannot reset to anonymous", eAnonymous); + } + JcrUtils.logoutQuietly(session); + session = repository.login(workspace); + navigateTo("~"); + throw e; + } + + // refresh UI + doRefresh(); + } catch (RepositoryException e) { + throw new CmsException("Cannot perform auth change", e); + } + return null; + } + + }); } @Override - public void exception(Throwable e) { - this.exception = e; + public void exception(final Throwable e) { + AbstractCmsEntryPoint.this.exception = e; log.error("Unexpected exception in CMS", e); - refreshBody(); + doRefresh(); } - @Override - public Object local(Msg msg) { - String key = msg.getId(); - int lastDot = key.lastIndexOf('.'); - String className = key.substring(0, lastDot); - String fieldName = key.substring(lastDot + 1); - Locale locale = RWT.getLocale(); - ResourceBundle rb = ResourceBundle.getBundle(className, locale, - msg.getClassLoader()); - return rb.getString(fieldName); + protected void doRefresh() { + Subject.doAs(subject, new PrivilegedAction() { + @Override + public Void run() { + refresh(); + return null; + } + }); } + // @Override + // public Object local(Msg msg) { + // String key = msg.getId(); + // int lastDot = key.lastIndexOf('.'); + // String className = key.substring(0, lastDot); + // String fieldName = key.substring(lastDot + 1); + // Locale locale = RWT.getLocale(); + // ResourceBundle rb = ResourceBundle.getBundle(className, locale, + // msg.getClassLoader()); + // return rb.getString(fieldName); + // } + /** Sets the state of the entry point and retrieve the related JCR node. */ - protected synchronized void setState(String newState) { + protected synchronized String setState(String newState) { String previousState = this.state; node = null; page = null; this.state = newState; + if (newState.equals("~")) + this.state = ""; try { int firstSlash = state.indexOf('/'); if (firstSlash == 0) { - if (!session.nodeExists(state)) - node = addNode(session, state, null); - else + if (session.nodeExists(state)) node = session.getNode(state); + else + throw new CmsException("Data " + state + " does not exist"); page = ""; } else if (firstSlash > 0) { String prefix = state.substring(0, firstSlash); String path = state.substring(firstSlash); - if (session.getWorkspace().getNodeTypeManager() - .hasNodeType(prefix)) { - String nodeType = prefix; - if (!session.nodeExists(path)) - node = addNode(session, path, nodeType); - else { - node = session.getNode(path); - if (!node.isNodeType(nodeType)) - throw new CmsException("Node " + path - + " not of type " + nodeType); - } - } else if ("delete".equals(prefix)) { - if (session.itemExists(path)) { - Node nodeToDelete = session.getNode(path); - // TODO "Are you sure?" - nodeToDelete.remove(); - session.save(); - log.debug("Deleted " + path); - navigateTo(previousState); - } else - throw new CmsException("Data " + path - + " does not exist"); - } else { - if (session.itemExists(path)) - node = session.getNode(path); - else - throw new CmsException("Data " + path - + " does not exist"); - } + if (session.nodeExists(path)) + node = session.getNode(path); + else + throw new CmsException("Data " + path + " does not exist"); page = prefix; } else { node = getDefaultNode(session); page = state; } + // Title + String title; + if (node.isNodeType(NodeType.MIX_TITLE) + && node.hasProperty(Property.JCR_TITLE)) + title = node.getProperty(Property.JCR_TITLE).getString() + + " - " + getBaseTitle(); + else + title = getBaseTitle(); + jsExecutor.execute("document.title = \"" + title + "\""); + if (log.isTraceEnabled()) log.trace("node=" + node + ", state=" + state + " (page=" - + page); - - } catch (RepositoryException e) { - throw new CmsException("Cannot retrieve node", e); + + page + ", title=" + title + ")"); + + return title; + } catch (Exception e) { + log.error("Cannot set state '" + state + "'", e); + if (previousState.equals("")) + previousState = "~"; + navigateTo(previousState); + throw new CmsException("Unexpected issue when accessing #" + + newState, e); } } - protected Node addNode(Session session, String path, String nodeType) - throws RepositoryException { - return JcrUtils.mkdirs(session, path, nodeType != null ? nodeType - : getDefaultNewNodeType(), getDefaultNewFolderType(), false); - // not saved, so that the UI can discard it later on - } - protected Node getNode() { return node; } - @Override - public String getState() { + protected String getState() { return state; } - // String getPage() { - // return page; - // } - protected Throwable getException() { return exception; } @@ -260,8 +332,7 @@ abstract class AbstractCmsEntryPoint extends AbstractEntryPoint implements @Override public void navigated(BrowserNavigationEvent event) { setState(event.getState()); - refreshBody(); + refresh(); } } - -} +} \ No newline at end of file