]> git.argeo.org Git - lgpl/argeo-commons.git/blob - eclipse/org.argeo.cms.e4/src/org/argeo/cms/e4/addons/AuthAddon.java
projects / lgpl / argeo-commons.git / blob
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Mini desktop graalvm packaging.
[lgpl/argeo-commons.git] / eclipse / org.argeo.cms.e4 / src / org / argeo / cms / e4 / addons / AuthAddon.java
1 package org.argeo.cms.e4.addons;
2
3 import java.security.AccessController;
4 import java.util.Iterator;
5
6 import javax.annotation.PostConstruct;
7 import javax.security.auth.Subject;
8 import javax.servlet.http.HttpServletRequest;
9
10 import org.argeo.api.cms.CmsLog;
11 import org.argeo.cms.CmsException;
12 import org.argeo.cms.auth.CurrentUser;
13 import org.eclipse.e4.ui.model.application.MApplication;
14 import org.eclipse.e4.ui.model.application.ui.MElementContainer;
15 import org.eclipse.e4.ui.model.application.ui.MUIElement;
16 import org.eclipse.e4.ui.model.application.ui.basic.MTrimBar;
17 import org.eclipse.e4.ui.model.application.ui.basic.MTrimmedWindow;
18 import org.eclipse.e4.ui.model.application.ui.basic.MWindow;
19
20 public class AuthAddon {
21 private final static CmsLog log = CmsLog.getLog(AuthAddon.class);
22
23 public final static String AUTH = "auth.";
24
25 @PostConstruct
26 void init(MApplication application) {
27 Iterator<MWindow> windows = application.getChildren().iterator();
28 boolean atLeastOneTopLevelWindowVisible = false;
29 windows: while (windows.hasNext()) {
30 MWindow window = windows.next();
31 // main window
32 boolean windowVisible = process(window);
33 if (!windowVisible) {
34 // windows.remove();
35 continue windows;
36 }
37 atLeastOneTopLevelWindowVisible = true;
38 // trim bars
39 if (window instanceof MTrimmedWindow) {
40 Iterator<MTrimBar> trimBars = ((MTrimmedWindow) window).getTrimBars().iterator();
41 while (trimBars.hasNext()) {
42 MTrimBar trimBar = trimBars.next();
43 if (!process(trimBar)) {
44 trimBars.remove();
45 }
46 }
47 }
48 }
49
50 if (!atLeastOneTopLevelWindowVisible) {
51 log.warn("No top-level window is authorized for user " + CurrentUser.getUsername() + ", logging out..");
52 logout();
53 }
54 }
55
56 protected boolean process(MUIElement element) {
57 for (String tag : element.getTags()) {
58 if (tag.startsWith(AUTH)) {
59 String role = tag.substring(AUTH.length(), tag.length());
60 if (!CurrentUser.isInRole(role)) {
61 element.setVisible(false);
62 element.setToBeRendered(false);
63 return false;
64 }
65 }
66 }
67
68 // children
69 if (element instanceof MElementContainer) {
70 @SuppressWarnings("unchecked")
71 MElementContainer<? extends MUIElement> container = (MElementContainer<? extends MUIElement>) element;
72 Iterator<? extends MUIElement> children = container.getChildren().iterator();
73 while (children.hasNext()) {
74 MUIElement child = children.next();
75 boolean visible = process(child);
76 if (!visible)
77 children.remove();
78 }
79
80 for (Object child : container.getChildren()) {
81 if (child instanceof MUIElement) {
82 boolean visible = process((MUIElement) child);
83 if (!visible)
84 container.getChildren().remove(child);
85 }
86 }
87 }
88
89 return true;
90 }
91
92 protected void logout() {
93 Subject subject = Subject.getSubject(AccessController.getContext());
94 try {
95 CurrentUser.logoutCmsSession(subject);
96 } catch (Exception e) {
97 throw new CmsException("Cannot log out", e);
98 }
99 HttpServletRequest request = org.argeo.eclipse.ui.specific.UiContext.getHttpRequest();
100 if (request != null)
101 request.getSession().setMaxInactiveInterval(0);
102 }
103
104 }
Argeo Commons - Lightweight integration framework in pure Java/OSGi