PortletActionSecurityPathBehavior xref

View Javadoc

1   /*
2    * Licensed to the Apache Software Foundation (ASF) under one or more
3    * contributor license agreements.  See the NOTICE file distributed with
4    * this work for additional information regarding copyright ownership.
5    * The ASF licenses this file to You under the Apache License, Version 2.0
6    * (the "License"); you may not use this file except in compliance with
7    * the License.  You may obtain a copy of the License at
8    * 
9    *      http://www.apache.org/licenses/LICENSE-2.0
10   * 
11   * Unless required by applicable law or agreed to in writing, software
12   * distributed under the License is distributed on an "AS IS" BASIS,
13   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14   * See the License for the specific language governing permissions and
15   * limitations under the License.
16   */
17  package org.apache.jetspeed.layout.impl;
18  
19  import org.apache.commons.logging.Log;
20  import org.apache.commons.logging.LogFactory;
21  import org.apache.jetspeed.JetspeedActions;
22  import org.apache.jetspeed.layout.PortletActionSecurityBehavior;
23  import org.apache.jetspeed.om.folder.Folder;
24  import org.apache.jetspeed.om.page.ContentPageImpl;
25  import org.apache.jetspeed.om.page.Page;
26  import org.apache.jetspeed.page.PageManager;
27  import org.apache.jetspeed.profiler.impl.ProfilerValveImpl;
28  import org.apache.jetspeed.request.RequestContext;
29  
30  /***
31   * Abstracted behavior of security checks for portlet actions
32   *
33   * @author <a href="mailto:taylor@apache.org">David Sean Taylor</a>
34   * @version $Id: $
35   */
36  public class PortletActionSecurityPathBehavior implements PortletActionSecurityBehavior
37  {
38      protected Log log = LogFactory.getLog(PortletActionSecurityPathBehavior.class);    
39      protected PageManager pageManager;
40      private boolean enableCreateUserPagesFromRolesOnEdit;
41      
42      public PortletActionSecurityPathBehavior(PageManager pageManager )
43      {
44      	this( pageManager, Boolean.FALSE ) ;
45      }
46      public PortletActionSecurityPathBehavior(PageManager pageManager, Boolean enableCreateUserPagesFromRolesOnEdit )
47      {
48          this.pageManager = pageManager;
49          this.enableCreateUserPagesFromRolesOnEdit = ( enableCreateUserPagesFromRolesOnEdit == null ? false : enableCreateUserPagesFromRolesOnEdit.booleanValue() );
50      }
51  
52      public boolean checkAccess(RequestContext context, String action)
53      {
54          Page page = context.getPage();
55          String path = page.getPath();
56          if (path == null)
57              return false;
58          if (path.indexOf(Folder.ROLE_FOLDER) > -1 || path.indexOf(Folder.GROUP_FOLDER) > -1)
59          {
60              if (action.equals(JetspeedActions.VIEW))
61                  return true;
62              return false;
63          }
64          return true;
65      }
66      
67      public boolean isCreateNewPageOnEditEnabled()
68      {
69      	return enableCreateUserPagesFromRolesOnEdit;
70      }
71      public boolean isPageQualifiedForCreateNewPageOnEdit(RequestContext context)
72      {
73      	if ( ! this.enableCreateUserPagesFromRolesOnEdit || context == null )
74      		return false ;
75      	return isPageQualifiedForCreateNewPageOnEdit( context.getPage().getPath() );
76      }
77      
78      protected boolean isPageQualifiedForCreateNewPageOnEdit( String pagePath )
79      {
80          if (pagePath == null)
81          	return false;
82          // page must be in role directory
83          return (pagePath.indexOf(Folder.ROLE_FOLDER) == 0);
84      }
85  
86      public boolean createNewPageOnEdit(RequestContext context)
87      {
88      	if ( ! this.enableCreateUserPagesFromRolesOnEdit )
89      		return false ;
90  
91          Page page = context.getPage();        
92          String pagePath = page.getPath();
93          try
94          {
95          	if ( isPageQualifiedForCreateNewPageOnEdit( pagePath ) )
96              {
97          		String pageName = page.getName();
98                  this.pageManager.createUserHomePagesFromRoles(context.getSubject());
99                  page = this.pageManager.getPage(Folder.USER_FOLDER 
100                                                 + context.getRequest().getUserPrincipal().getName()
101                                                 + Folder.PATH_SEPARATOR 
102                                                 + pageName);   // was Folder.FALLBACK_DEFAULT_PAGE prior to 2007-11-06
103                 context.setPage(new ContentPageImpl(page));
104                 context.getRequest().getSession().removeAttribute(ProfilerValveImpl.PORTAL_SITE_SESSION_CONTEXT_ATTR_KEY);                
105             }            
106         }
107         catch (Exception e)
108         {
109             // already logged error
110             return false;
111         }
112         return true;
113     }
114 }