X-Git-Url: https://git.argeo.org/?a=blobdiff_plain;f=org.argeo.cms%2Fsrc%2Forg%2Fargeo%2Fcms%2Fauth%2FCurrentUser.java;h=13b54a549a83eac180c3116f017eb204bc0856dc;hb=1079048d9b6dc6003169327ea77eb64029283ecb;hp=86a748325ec0e0a553ab3e46d2be403a59fe5c73;hpb=c615307d7b87bcb260d8a9f402c6e0a880862f38;p=lgpl%2Fargeo-commons.git diff --git a/org.argeo.cms/src/org/argeo/cms/auth/CurrentUser.java b/org.argeo.cms/src/org/argeo/cms/auth/CurrentUser.java index 86a748325..13b54a549 100644 --- a/org.argeo.cms/src/org/argeo/cms/auth/CurrentUser.java +++ b/org.argeo.cms/src/org/argeo/cms/auth/CurrentUser.java @@ -1,11 +1,11 @@ package org.argeo.cms.auth; -import java.security.AccessController; import java.security.Principal; import java.security.PrivilegedAction; import java.security.PrivilegedActionException; import java.security.PrivilegedExceptionAction; import java.util.HashSet; +import java.util.Iterator; import java.util.Locale; import java.util.Set; import java.util.UUID; @@ -19,6 +19,7 @@ import org.argeo.api.cms.CmsSessionId; import org.argeo.cms.internal.auth.CmsSessionImpl; import org.argeo.cms.internal.auth.ImpliedByPrincipal; import org.argeo.cms.internal.runtime.CmsContextImpl; +import org.argeo.util.CurrentSubject; import org.osgi.service.useradmin.Authorization; /** @@ -68,6 +69,11 @@ public final class CurrentUser { return roles.contains(role); } + /** Implies this {@link SystemRole} in this context. */ + public final static boolean implies(SystemRole role, String context) { + return role.implied(currentSubject(), context); + } + /** Executes as the current user */ public final static T doAs(PrivilegedAction action) { return Subject.doAs(currentSubject(), action); @@ -123,22 +129,20 @@ public final class CurrentUser { public static CmsSession getCmsSession() { Subject subject = currentSubject(); - CmsSessionId cmsSessionId = subject.getPrivateCredentials(CmsSessionId.class).iterator().next(); - return CmsSessionImpl.getByUuid(cmsSessionId.getUuid()); + Iterator it = subject.getPrivateCredentials(CmsSessionId.class).iterator(); + if (!it.hasNext()) + throw new IllegalStateException("No CMS session id available for " + subject); + CmsSessionId cmsSessionId = it.next(); + if (it.hasNext()) + throw new IllegalStateException("More than one CMS session id available for " + subject); + return CmsContextImpl.getCmsContext().getCmsSessionByUuid(cmsSessionId.getUuid()); } /* * HELPERS */ private static Subject currentSubject() { - Subject subject = getAccessControllerSubject(); - if (subject != null) - return subject; - throw new IllegalStateException("Cannot find related subject"); - } - - private static Subject getAccessControllerSubject() { - return Subject.getSubject(AccessController.getContext()); + return CurrentSubject.current(); } private static Authorization getAuthorization(Subject subject) { @@ -151,7 +155,7 @@ public final class CurrentUser { nodeSessionId = subject.getPrivateCredentials(CmsSessionId.class).iterator().next().getUuid(); else return false; - CmsSessionImpl cmsSession = CmsSessionImpl.getByUuid(nodeSessionId.toString()); + CmsSessionImpl cmsSession = CmsContextImpl.getCmsContext().getCmsSessionByUuid(nodeSessionId); // FIXME logout all views // TODO check why it is sometimes null @@ -162,6 +166,7 @@ public final class CurrentUser { return true; } + /** singleton */ private CurrentUser() { } }