X-Git-Url: https://git.argeo.org/?a=blobdiff_plain;f=org.argeo.cms%2Fsrc%2Forg%2Fargeo%2Fcms%2Futil%2FUserMenu.java;h=72289cb3e544783d1c6e3f490f15953e4db7e57b;hb=1819f201d384ec80725c6dcc18c46cc7b795c09a;hp=ad47d1850b34fb3d767d5aaa60e804e629dcd454;hpb=044c3a3ad42f74f2e0595dc6c723a3f493063bd6;p=lgpl%2Fargeo-commons.git

diff --git a/org.argeo.cms/src/org/argeo/cms/util/UserMenu.java b/org.argeo.cms/src/org/argeo/cms/util/UserMenu.java
index ad47d1850..72289cb3e 100644
--- a/org.argeo.cms/src/org/argeo/cms/util/UserMenu.java
+++ b/org.argeo.cms/src/org/argeo/cms/util/UserMenu.java
@@ -1,6 +1,12 @@
 package org.argeo.cms.util;
 
+import static org.argeo.cms.auth.AuthConstants.ACCESS_CONTROL_CONTEXT;
+import static org.argeo.cms.auth.AuthConstants.LOGIN_CONTEXT_ANONYMOUS;
+import static org.argeo.cms.auth.AuthConstants.LOGIN_CONTEXT_USER;
+
 import java.io.IOException;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
 
 import javax.security.auth.Subject;
 import javax.security.auth.callback.Callback;
@@ -10,13 +16,15 @@ import javax.security.auth.callback.PasswordCallback;
 import javax.security.auth.callback.UnsupportedCallbackException;
 import javax.security.auth.login.LoginContext;
 import javax.security.auth.login.LoginException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpSession;
 
 import org.argeo.cms.CmsException;
 import org.argeo.cms.CmsMsg;
-import org.argeo.cms.CmsSession;
 import org.argeo.cms.CmsStyles;
-import org.argeo.cms.KernelHeader;
-import org.argeo.cms.auth.ArgeoLoginContext;
+import org.argeo.cms.CmsView;
+import org.argeo.cms.auth.AuthConstants;
+import org.argeo.cms.auth.CurrentUser;
 import org.eclipse.rap.rwt.RWT;
 import org.eclipse.swt.SWT;
 import org.eclipse.swt.events.MouseAdapter;
@@ -25,70 +33,83 @@ import org.eclipse.swt.events.ShellAdapter;
 import org.eclipse.swt.events.ShellEvent;
 import org.eclipse.swt.events.TraverseEvent;
 import org.eclipse.swt.events.TraverseListener;
+import org.eclipse.swt.graphics.Point;
+import org.eclipse.swt.graphics.Rectangle;
 import org.eclipse.swt.layout.GridData;
 import org.eclipse.swt.layout.GridLayout;
 import org.eclipse.swt.widgets.Composite;
 import org.eclipse.swt.widgets.Control;
+import org.eclipse.swt.widgets.Display;
 import org.eclipse.swt.widgets.Label;
 import org.eclipse.swt.widgets.Shell;
 import org.eclipse.swt.widgets.Text;
-import org.springframework.security.core.Authentication;
-import org.springframework.security.core.context.SecurityContextHolder;
 
 /** The site-related user menu */
-public class UserMenu extends Shell implements CmsStyles, CallbackHandler {
-	private static final long serialVersionUID = -5788157651532106301L;
+public class UserMenu implements CmsStyles, CallbackHandler {
+	private final CmsView cmsView;
+	private final Shell shell;
+
 	private Text username, password;
 
-	public UserMenu(Control source) {
-		super(source.getDisplay(), SWT.NO_TRIM | SWT.BORDER | SWT.ON_TOP);
-		setData(RWT.CUSTOM_VARIANT, CMS_USER_MENU);
+	public UserMenu(Control source, boolean autoclose) {
+		shell = new Shell(source.getDisplay(), SWT.NO_TRIM | SWT.BORDER
+				| SWT.ON_TOP);
+		shell.setData(RWT.CUSTOM_VARIANT, CMS_USER_MENU);
+		// cmsView = (CmsView) shell.getDisplay().getData(CmsView.KEY);
+		cmsView = CmsUtils.getCmsView();
+
+		if (cmsView != null) {
+			String username = CurrentUser.getUsername(CmsUtils.getCmsView()
+					.getSubject());
+			if (username == null
+					|| username.equalsIgnoreCase(AuthConstants.ROLE_ANONYMOUS)) {
+				username = null;
+				anonymousUi(shell);
+			} else {
+				userUi(shell);
+			}
+		} else {
+			anonymousUi(shell);
+		}
 
-		Authentication authentication = SecurityContextHolder.getContext()
-				.getAuthentication();
-		if (authentication == null)
-			throw new CmsException("No authentication available");
+		shell.pack();
+		shell.layout();
+		if (autoclose)// popup
+			shell.setLocation(source.toDisplay(
+					source.getSize().x - shell.getSize().x, source.getSize().y));
+		else // centered
+		{
+			Rectangle shellBounds = Display.getCurrent().getBounds();// RAP
+			Point dialogSize = shell.getSize();
+			int x = shellBounds.x + (shellBounds.width - dialogSize.x) / 2;
+			int y = shellBounds.y + (shellBounds.height - dialogSize.y) / 2;
+			shell.setLocation(x, y);
 
-		String username = authentication.getName();
-		if (username.equals(KernelHeader.USERNAME_ANONYMOUS)) {
-			username = null;
-			anonymousUi();
-		} else {
-			userUi();
 		}
+		if (autoclose)
+			shell.addShellListener(new ShellAdapter() {
+				private static final long serialVersionUID = 5178980294808435833L;
 
-		pack();
-		layout();
-		setLocation(source.toDisplay(source.getSize().x - getSize().x,
-				source.getSize().y));
+				@Override
+				public void shellDeactivated(ShellEvent e) {
+					closeShell();
+				}
+			});
+		shell.open();
 
-		addShellListener(new ShellAdapter() {
-			private static final long serialVersionUID = 5178980294808435833L;
+	}
 
-			@Override
-			public void shellDeactivated(ShellEvent e) {
-				close();
-				dispose();
-			}
-		});
-		open();
+	protected void closeShell() {
+		shell.close();
+		shell.dispose();
 	}
 
-	protected void userUi() {
-		setLayout(CmsUtils.noSpaceGridLayout());
-		Composite c = new Composite(this, SWT.NONE);
+	protected void userUi(Composite parent) {
+		parent.setLayout(CmsUtils.noSpaceGridLayout());
+		Composite c = new Composite(parent, SWT.NONE);
 		c.setLayout(new GridLayout());
 		c.setLayoutData(CmsUtils.fillAll());
 
-		// String username = SecurityContextHolder.getContext()
-		// .getAuthentication().getName();
-		//
-		// Label l = new Label(c, SWT.NONE);
-		// l.setData(RWT.CUSTOM_VARIANT, CMS_USER_MENU_ITEM);
-		// l.setData(RWT.MARKUP_ENABLED, true);
-		// l.setLayoutData(CmsUtils.fillWidth());
-		// l.setText("<b>" + username + "</b>");
-
 		specificUserUi(c);
 
 		Label l = new Label(c, SWT.NONE);
@@ -107,27 +128,21 @@ public class UserMenu extends Shell implements CmsStyles, CallbackHandler {
 		});
 	}
 
-	protected String getUsername() {
-		String username = SecurityContextHolder.getContext()
-				.getAuthentication().getName();
-		return username;
-	}
-
 	/** To be overridden */
 	protected void specificUserUi(Composite parent) {
 
 	}
 
-	protected void anonymousUi() {
-		setLayout(CmsUtils.noSpaceGridLayout());
+	protected void anonymousUi(Composite parent) {
+		parent.setLayout(CmsUtils.noSpaceGridLayout());
 
 		// We need a composite for the traversal
-		Composite c = new Composite(this, SWT.NONE);
+		Composite c = new Composite(parent, SWT.NONE);
 		c.setLayout(new GridLayout());
 		c.setLayoutData(CmsUtils.fillAll());
 
 		Integer textWidth = 120;
-		setData(RWT.CUSTOM_VARIANT, CMS_USER_MENU);
+		parent.setData(RWT.CUSTOM_VARIANT, CMS_USER_MENU);
 
 		// new Label(this, SWT.NONE).setText(CmsMsg.username.lead());
 		username = new Text(c, SWT.BORDER);
@@ -156,57 +171,63 @@ public class UserMenu extends Shell implements CmsStyles, CallbackHandler {
 		c.addTraverseListener(tl);
 		username.addTraverseListener(tl);
 		password.addTraverseListener(tl);
-		setTabList(new Control[] { c });
+		parent.setTabList(new Control[] { c });
 		c.setTabList(new Control[] { username, password });
 		c.setFocus();
 	}
 
 	protected void login() {
-		CmsSession cmsSession = (CmsSession) getDisplay().getData(
-				CmsSession.KEY);
-		Subject subject = cmsSession.getSubject();
+		Subject subject = cmsView.getSubject();
 		try {
 			//
 			// LOGIN
 			//
-			new ArgeoLoginContext(KernelHeader.LOGIN_CONTEXT_ANONYMOUS, subject)
-					.logout();
-			LoginContext loginContext = new ArgeoLoginContext(
-					KernelHeader.LOGIN_CONTEXT_USER, subject, this);
+			new LoginContext(LOGIN_CONTEXT_ANONYMOUS, subject).logout();
+			LoginContext loginContext = new LoginContext(LOGIN_CONTEXT_USER,
+					subject, this);
 			loginContext.login();
+
+			// save context in session
+			final HttpSession httpSession = RWT.getRequest().getSession();
+			Subject.doAs(subject, new PrivilegedAction<Void>() {
+
+				@Override
+				public Void run() {
+					httpSession.setAttribute(ACCESS_CONTROL_CONTEXT,
+							AccessController.getContext());
+					return null;
+				}
+			});
 		} catch (LoginException e1) {
 			try {
-				new ArgeoLoginContext(KernelHeader.LOGIN_CONTEXT_ANONYMOUS,
-						subject).login();
+				new LoginContext(LOGIN_CONTEXT_ANONYMOUS, subject).login();
 			} catch (LoginException e) {
 				throw new CmsException("Cannot authenticate anonymous", e1);
 			}
 			throw new CmsException("Cannot authenticate", e1);
 		}
-		close();
-		dispose();
-		cmsSession.authChange();
+		closeShell();
+		cmsView.authChange();
 	}
 
 	protected void logout() {
-		final CmsSession cmsSession = (CmsSession) getDisplay().getData(
-				CmsSession.KEY);
-		Subject subject = cmsSession.getSubject();
+		Subject subject = cmsView.getSubject();
 		try {
 			//
 			// LOGOUT
 			//
-			new ArgeoLoginContext(KernelHeader.LOGIN_CONTEXT_USER, subject)
-					.logout();
-			new ArgeoLoginContext(KernelHeader.LOGIN_CONTEXT_ANONYMOUS, subject)
-					.login();
+			new LoginContext(LOGIN_CONTEXT_USER, subject).logout();
+			new LoginContext(LOGIN_CONTEXT_ANONYMOUS, subject).login();
+
+			HttpServletRequest httpRequest = RWT.getRequest();
+			HttpSession httpSession = httpRequest.getSession();
+			httpSession.setAttribute(ACCESS_CONTROL_CONTEXT, null);
 		} catch (LoginException e1) {
 			throw new CmsException("Cannot authenticate anonymous", e1);
 		}
-		close();
-		dispose();
-		cmsSession.navigateTo("~");
-		cmsSession.authChange();
+		closeShell();
+		cmsView.navigateTo("~");
+		cmsView.authChange();
 	}
 
 	@Override
@@ -216,4 +237,8 @@ public class UserMenu extends Shell implements CmsStyles, CallbackHandler {
 		((PasswordCallback) callbacks[1]).setPassword(password.getTextChars());
 	}
 
+	public Shell getShell() {
+		return shell;
+	}
+
 }