X-Git-Url: https://git.argeo.org/?a=blobdiff_plain;f=org.argeo.cms%2Fsrc%2Forg%2Fargeo%2Fcms%2Fauth%2FCurrentUser.java;h=41a6a880d438297a0a3260d0d26a0da045240dd8;hb=de8f04a41db19968896b15cd7f43c819a28e7158;hp=13b54a549a83eac180c3116f017eb204bc0856dc;hpb=1079048d9b6dc6003169327ea77eb64029283ecb;p=lgpl%2Fargeo-commons.git diff --git a/org.argeo.cms/src/org/argeo/cms/auth/CurrentUser.java b/org.argeo.cms/src/org/argeo/cms/auth/CurrentUser.java index 13b54a549..41a6a880d 100644 --- a/org.argeo.cms/src/org/argeo/cms/auth/CurrentUser.java +++ b/org.argeo.cms/src/org/argeo/cms/auth/CurrentUser.java @@ -13,13 +13,15 @@ import java.util.UUID; import javax.security.auth.Subject; import javax.security.auth.x500.X500Principal; +import org.argeo.api.acr.NamespaceUtils; import org.argeo.api.cms.CmsConstants; import org.argeo.api.cms.CmsSession; import org.argeo.api.cms.CmsSessionId; +import org.argeo.cms.SystemRole; import org.argeo.cms.internal.auth.CmsSessionImpl; import org.argeo.cms.internal.auth.ImpliedByPrincipal; import org.argeo.cms.internal.runtime.CmsContextImpl; -import org.argeo.util.CurrentSubject; +import org.argeo.cms.util.CurrentSubject; import org.osgi.service.useradmin.Authorization; /** @@ -74,6 +76,11 @@ public final class CurrentUser { return role.implied(currentSubject(), context); } + /** Implies this role name, also independently of the context. */ + public final static boolean implies(String role, String context) { + return SystemRole.implied(NamespaceUtils.parsePrefixedName(role), currentSubject(), context); + } + /** Executes as the current user */ public final static T doAs(PrivilegedAction action) { return Subject.doAs(currentSubject(), action); @@ -138,11 +145,18 @@ public final class CurrentUser { return CmsContextImpl.getCmsContext().getCmsSessionByUuid(cmsSessionId.getUuid()); } + public static boolean isAvailable() { + return CurrentSubject.current() != null; + } + /* * HELPERS */ private static Subject currentSubject() { - return CurrentSubject.current(); + Subject subject = CurrentSubject.current(); + if (subject == null) + throw new IllegalStateException("Cannot find related subject"); + return subject; } private static Authorization getAuthorization(Subject subject) {