import java.util.Locale;
import java.util.Map;
+import javax.security.auth.Subject;
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;
import org.argeo.api.cms.CmsAuth;
import org.argeo.api.cms.CmsSession;
import org.argeo.api.cms.CmsState;
+import org.argeo.api.cms.DataAdminPrincipal;
import org.argeo.api.uuid.UuidFactory;
-import org.argeo.cms.auth.CurrentUser;
+import org.argeo.cms.CurrentUser;
import org.argeo.cms.internal.runtime.CmsContextImpl;
+import org.argeo.cms.util.CurrentSubject;
/**
* Multi-session {@link ProvidedRepository}, integrated with a CMS.
@Override
public ContentSession get(Locale locale) {
- // Subject subject = Subject.getSubject(AccessController.getContext());
+ Subject subject = CurrentSubject.current();
+ if (subject == null)
+ throw new IllegalStateException("Caller must be authenticated");
+ if (!CmsSession.hasCmsSession(subject)) {
+ if (DataAdminPrincipal.isDataAdmin(subject)) {
+ // TODO open multiple data admin sessions?
+ return getSystemSession();
+ }
+ throw new IllegalStateException("Caller must be authenticated");
+ }
+
CmsSession cmsSession = CurrentUser.getCmsSession();
CmsContentSession contentSession = userSessions.get(cmsSession);
if (contentSession == null) {
- final CmsContentSession newContentSession = new CmsContentSession(this, cmsSession.getUuid(),
+ final CmsContentSession newContentSession = new CmsContentSession(this, cmsSession.uuid(),
cmsSession.getSubject(), locale, uuidFactory);
cmsSession.addOnCloseCallback((c) -> {
newContentSession.close();