X-Git-Url: http://git.argeo.org/?a=blobdiff_plain;f=org.argeo.cms%2Fsrc%2Forg%2Fargeo%2Fcms%2Facr%2FCmsContentRepository.java;h=89e725043923694498846d06b0307fd9d454fa50;hb=7f1b071dd54b9c3b85fc82d64993e1450cb99a12;hp=6285710e8a0eff395acf8ab73a3877f66ae05c73;hpb=dca2b13e0e3ca3e7a9469e089b980c48c880ad1a;p=lgpl%2Fargeo-commons.git diff --git a/org.argeo.cms/src/org/argeo/cms/acr/CmsContentRepository.java b/org.argeo.cms/src/org/argeo/cms/acr/CmsContentRepository.java index 6285710e8..89e725043 100644 --- a/org.argeo.cms/src/org/argeo/cms/acr/CmsContentRepository.java +++ b/org.argeo.cms/src/org/argeo/cms/acr/CmsContentRepository.java @@ -5,6 +5,7 @@ import java.util.HashMap; import java.util.Locale; import java.util.Map; +import javax.security.auth.Subject; import javax.security.auth.login.LoginContext; import javax.security.auth.login.LoginException; @@ -13,9 +14,11 @@ import org.argeo.api.acr.spi.ProvidedRepository; import org.argeo.api.cms.CmsAuth; import org.argeo.api.cms.CmsSession; import org.argeo.api.cms.CmsState; +import org.argeo.api.cms.DataAdminPrincipal; import org.argeo.api.uuid.UuidFactory; -import org.argeo.cms.auth.CurrentUser; +import org.argeo.cms.CurrentUser; import org.argeo.cms.internal.runtime.CmsContextImpl; +import org.argeo.cms.util.CurrentSubject; /** * Multi-session {@link ProvidedRepository}, integrated with a CMS. @@ -40,7 +43,17 @@ public class CmsContentRepository extends AbstractContentRepository { @Override public ContentSession get(Locale locale) { - // Subject subject = Subject.getSubject(AccessController.getContext()); + Subject subject = CurrentSubject.current(); + if (subject == null) + throw new IllegalStateException("Caller must be authenticated"); + if (!CmsSession.hasCmsSession(subject)) { + if (DataAdminPrincipal.isDataAdmin(subject)) { + // TODO open multiple data admin sessions? + return getSystemSession(); + } + throw new IllegalStateException("Caller must be authenticated"); + } + CmsSession cmsSession = CurrentUser.getCmsSession(); CmsContentSession contentSession = userSessions.get(cmsSession); if (contentSession == null) {