]> git.argeo.org Git - lgpl/argeo-commons.git/blob - org.argeo.cms.e4/src/org/argeo/cms/e4/addons/AuthAddon.java
projects / lgpl / argeo-commons.git / blob
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
[maven-release-plugin] prepare for next development iteration
[lgpl/argeo-commons.git] / org.argeo.cms.e4 / src / org / argeo / cms / e4 / addons / AuthAddon.java
1 package org.argeo.cms.e4.addons;
2
3 import java.security.AccessController;
4 import java.util.Iterator;
5
6 import javax.annotation.PostConstruct;
7 import javax.security.auth.Subject;
8 import javax.servlet.http.HttpServletRequest;
9
10 import org.apache.commons.logging.Log;
11 import org.apache.commons.logging.LogFactory;
12 import org.argeo.cms.CmsException;
13 import org.argeo.cms.auth.CurrentUser;
14 import org.eclipse.e4.ui.model.application.MApplication;
15 import org.eclipse.e4.ui.model.application.ui.MElementContainer;
16 import org.eclipse.e4.ui.model.application.ui.MUIElement;
17 import org.eclipse.e4.ui.model.application.ui.basic.MTrimBar;
18 import org.eclipse.e4.ui.model.application.ui.basic.MTrimmedWindow;
19 import org.eclipse.e4.ui.model.application.ui.basic.MWindow;
20
21 public class AuthAddon {
22 private final static Log log = LogFactory.getLog(AuthAddon.class);
23
24 public final static String AUTH = "auth.";
25
26 @PostConstruct
27 void init(MApplication application) {
28 Iterator<MWindow> windows = application.getChildren().iterator();
29 boolean atLeastOneTopLevelWindowVisible = false;
30 windows: while (windows.hasNext()) {
31 MWindow window = windows.next();
32 // main window
33 boolean windowVisible = process(window);
34 if (!windowVisible) {
35 // windows.remove();
36 continue windows;
37 }
38 atLeastOneTopLevelWindowVisible = true;
39 // trim bars
40 if (window instanceof MTrimmedWindow) {
41 Iterator<MTrimBar> trimBars = ((MTrimmedWindow) window).getTrimBars().iterator();
42 while (trimBars.hasNext()) {
43 MTrimBar trimBar = trimBars.next();
44 if (!process(trimBar)) {
45 trimBars.remove();
46 }
47 }
48 }
49 }
50
51 if (!atLeastOneTopLevelWindowVisible) {
52 log.warn("No top-level window is authorized for user " + CurrentUser.getUsername() + ", logging out..");
53 logout();
54 }
55 }
56
57 protected boolean process(MUIElement element) {
58 for (String tag : element.getTags()) {
59 if (tag.startsWith(AUTH)) {
60 String role = tag.substring(AUTH.length(), tag.length());
61 if (!CurrentUser.isInRole(role)) {
62 element.setVisible(false);
63 element.setToBeRendered(false);
64 return false;
65 }
66 }
67 }
68
69 // children
70 if (element instanceof MElementContainer) {
71 @SuppressWarnings("unchecked")
72 MElementContainer<? extends MUIElement> container = (MElementContainer<? extends MUIElement>) element;
73 Iterator<? extends MUIElement> children = container.getChildren().iterator();
74 while (children.hasNext()) {
75 MUIElement child = children.next();
76 boolean visible = process(child);
77 if (!visible)
78 children.remove();
79 }
80
81 for (Object child : container.getChildren()) {
82 if (child instanceof MUIElement) {
83 boolean visible = process((MUIElement) child);
84 if (!visible)
85 container.getChildren().remove(child);
86 }
87 }
88 }
89
90 return true;
91 }
92
93 protected void logout() {
94 Subject subject = Subject.getSubject(AccessController.getContext());
95 try {
96 CurrentUser.logoutCmsSession(subject);
97 } catch (Exception e) {
98 throw new CmsException("Cannot log out", e);
99 }
100 HttpServletRequest request = org.argeo.eclipse.ui.specific.UiContext.getHttpRequest();
101 if (request != null)
102 request.getSession().setMaxInactiveInterval(0);
103 }
104
105 }
Argeo Commons - Lightweight integration framework in pure Java/OSGi