X-Git-Url: http://git.argeo.org/?a=blobdiff_plain;f=org.argeo.cms%2Fsrc%2Forg%2Fargeo%2Fcms%2Fauth%2FCurrentUser.java;h=a23822b21fe48c7db3f43a090c059fdccfb4400a;hb=255654a72d48b875d71cea637532784953d80499;hp=1ec52f057523cbe9aacade8a5ca55e1362acf390;hpb=972528f4de2d00690362c01d3ce843ca9cd10250;p=lgpl%2Fargeo-commons.git diff --git a/org.argeo.cms/src/org/argeo/cms/auth/CurrentUser.java b/org.argeo.cms/src/org/argeo/cms/auth/CurrentUser.java index 1ec52f057..a23822b21 100644 --- a/org.argeo.cms/src/org/argeo/cms/auth/CurrentUser.java +++ b/org.argeo.cms/src/org/argeo/cms/auth/CurrentUser.java @@ -25,12 +25,14 @@ import javax.security.auth.Subject; import javax.security.auth.x500.X500Principal; import org.argeo.cms.CmsException; -import org.argeo.cms.CmsView; import org.argeo.eclipse.ui.specific.UiContext; +import org.argeo.node.NodeConstants; +import org.argeo.node.security.NodeAuthenticated; import org.osgi.service.useradmin.Authorization; /** Static utilities */ public final class CurrentUser { + /** * @return the authenticated username or null if not authenticated / * anonymous @@ -47,38 +49,34 @@ public final class CurrentUser { return isAnonymous(currentSubject()); } - public static boolean isAnonymous(Subject subject) { - String username = getUsername(subject); - return username == null || username.equalsIgnoreCase(AuthConstants.ROLE_ANONYMOUS); + public static boolean isRegistered() { + return !isAnonymous(); } - private static Subject currentSubject() { - CmsView cmsView = getCmsView(); - if (cmsView != null) - return cmsView.getSubject(); - Subject subject = Subject.getSubject(AccessController.getContext()); - if (subject != null) - return subject; - throw new CmsException("Cannot find related subject"); + public static boolean isAnonymous(Subject subject) { + if (subject == null) + return true; + String username = getUsername(subject); + return username == null + || username.equalsIgnoreCase(NodeConstants.ROLE_ANONYMOUS); } /** - * The CMS view related to this display, or null if none is available from - * this call. + * The node authenticated component (typically a CMS view) related to this + * display, or null if none is available from this call. */ - private static CmsView getCmsView() { - return UiContext.getData(CmsView.KEY); + public static NodeAuthenticated getNodeAuthenticated() { + return UiContext.getData(NodeAuthenticated.KEY); } public final static String getUsername(Subject subject) { - // Subject subject = Subject.getSubject(AccessController.getContext()); - // if (subject == null) - // return null; + if (subject == null) + throw new CmsException("Subject cannot be null"); if (subject.getPrincipals(X500Principal.class).size() != 1) - return null; - Principal principal = subject.getPrincipals(X500Principal.class).iterator().next(); + return NodeConstants.ROLE_ANONYMOUS; + Principal principal = subject.getPrincipals(X500Principal.class) + .iterator().next(); return principal.getName(); - } public final static String getDisplayName(Subject subject) { @@ -86,17 +84,33 @@ public final class CurrentUser { } private static Authorization getAuthorization(Subject subject) { - return subject.getPrivateCredentials(Authorization.class).iterator().next(); + return subject.getPrivateCredentials(Authorization.class).iterator() + .next(); } public final static Set roles() { return roles(currentSubject()); } + private static Subject currentSubject() { + NodeAuthenticated cmsView = getNodeAuthenticated(); + if (cmsView != null) + return cmsView.getLoginContext().getSubject(); + Subject subject = Subject.getSubject(AccessController.getContext()); + if (subject != null) + return subject; + throw new CmsException("Cannot find related subject"); + } + + /** Returns true if the current user is in the specified role */ + public static boolean isInRole(String role) { + Set roles = roles(); + return roles.contains(role); + } + public final static Set roles(Subject subject) { Set roles = new HashSet(); - X500Principal userPrincipal = subject.getPrincipals(X500Principal.class).iterator().next(); - roles.add(userPrincipal.getName()); + roles.add(getUsername(subject)); for (Principal group : subject.getPrincipals(Group.class)) { roles.add(group.getName()); }