From 0f216345dc28257dcfdfd900f9482b5f239a0bf9 Mon Sep 17 00:00:00 2001
From: Bruno Sinou <bsinou@argeo.org>
Date: Fri, 25 Oct 2013 12:31:16 +0000
Subject: [PATCH] enables the execution of a privileged action outside of the
 UI thread, typically to execute batch updates on a JCR repository.
 https://www.argeo.org/bugzilla/show_bug.cgi?id=181

git-svn-id: https://svn.argeo.org/commons/branches/1.x@6573 4cfe0d0a-d680-48aa-b62c-e0a02a3f76cc
---
 .../org/argeo/security/ui/PrivilegedJob.java  | 46 +++++++++++++++++++
 1 file changed, 46 insertions(+)
 create mode 100644 security/plugins/org.argeo.security.ui/src/main/java/org/argeo/security/ui/PrivilegedJob.java

diff --git a/security/plugins/org.argeo.security.ui/src/main/java/org/argeo/security/ui/PrivilegedJob.java b/security/plugins/org.argeo.security.ui/src/main/java/org/argeo/security/ui/PrivilegedJob.java
new file mode 100644
index 000000000..1ded50fdb
--- /dev/null
+++ b/security/plugins/org.argeo.security.ui/src/main/java/org/argeo/security/ui/PrivilegedJob.java
@@ -0,0 +1,46 @@
+package org.argeo.security.ui;
+
+import java.security.AccessController;
+import java.security.PrivilegedAction;
+
+import javax.security.auth.Subject;
+
+import org.eclipse.core.runtime.IProgressMonitor;
+import org.eclipse.core.runtime.IStatus;
+import org.eclipse.core.runtime.jobs.Job;
+import org.springframework.security.Authentication;
+import org.springframework.security.context.SecurityContextHolder;
+
+/**
+ * Propagate authentication to an eclipse job. Typically to execute a privileged
+ * action outside the UI thread
+ */
+public abstract class PrivilegedJob extends Job {
+
+	private final Authentication authentication;
+	private Subject subject;
+
+	public PrivilegedJob(String jobName) {
+		super(jobName);
+		authentication = SecurityContextHolder.getContext().getAuthentication();
+		subject = Subject.getSubject(AccessController.getContext());
+	}
+
+	@Override
+	protected IStatus run(final IProgressMonitor progressMonitor) {
+		PrivilegedAction<IStatus> privilegedAction = new PrivilegedAction<IStatus>() {
+			public IStatus run() {
+				SecurityContextHolder.getContext().setAuthentication(
+						authentication);
+				return doRun(progressMonitor);
+			}
+		};
+		return Subject.doAs(subject, privilegedAction);
+	}
+
+	/**
+	 * Implement here what should be executed with default context
+	 * authentication
+	 */
+	protected abstract IStatus doRun(IProgressMonitor progressMonitor);
+}
\ No newline at end of file
-- 
2.30.2