View Javadoc

1   /*
2    * Licensed to the Apache Software Foundation (ASF) under one or more
3    * contributor license agreements.  See the NOTICE file distributed with
4    * this work for additional information regarding copyright ownership.
5    * The ASF licenses this file to You under the Apache License, Version 2.0
6    * (the "License"); you may not use this file except in compliance with
7    * the License.  You may obtain a copy of the License at
8    * 
9    *      http://www.apache.org/licenses/LICENSE-2.0
10   * 
11   * Unless required by applicable law or agreed to in writing, software
12   * distributed under the License is distributed on an "AS IS" BASIS,
13   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14   * See the License for the specific language governing permissions and
15   * limitations under the License.
16   */
17  package org.apache.jetspeed.layout.impl;
18  
19  import org.apache.commons.logging.Log;
20  import org.apache.commons.logging.LogFactory;
21  import org.apache.jetspeed.JetspeedActions;
22  import org.apache.jetspeed.layout.PortletActionSecurityBehavior;
23  import org.apache.jetspeed.om.folder.Folder;
24  import org.apache.jetspeed.om.page.ContentPageImpl;
25  import org.apache.jetspeed.om.page.Page;
26  import org.apache.jetspeed.page.PageManager;
27  import org.apache.jetspeed.profiler.impl.ProfilerValveImpl;
28  import org.apache.jetspeed.request.RequestContext;
29  
30  /***
31   * Abstracted behavior of security checks for portlet actions
32   *
33   * @author <a href="mailto:taylor@apache.org">David Sean Taylor</a>
34   * @version $Id: $
35   */
36  public class PortletActionSecurityPathBehavior implements PortletActionSecurityBehavior
37  {
38      protected Log log = LogFactory.getLog(PortletActionSecurityPathBehavior.class);    
39      protected PageManager pageManager;
40      
41      public PortletActionSecurityPathBehavior(PageManager pageManager)
42      {
43          this.pageManager = pageManager;
44      }
45  
46      public boolean checkAccess(RequestContext context, String action)
47      {
48          Page page = context.getPage();
49          String path = page.getPath();
50          if (path == null)
51              return false;
52          if (path.indexOf(Folder.ROLE_FOLDER) > -1 || path.indexOf(Folder.GROUP_FOLDER) > -1)
53          {
54              if (action.equals(JetspeedActions.VIEW))
55                  return true;
56              return false;
57          }
58          return true;
59      }
60  
61      public boolean createNewPageOnEdit(RequestContext context)
62      {
63          Page page = context.getPage();        
64          String path = page.getPath();
65          try
66          {        
67              if (path == null)
68                  return false;
69              // make sure we are not copying from user area
70              if (path.indexOf(Folder.USER_FOLDER) == -1)
71              {
72                  this.pageManager.createUserHomePagesFromRoles(context.getSubject());
73                  page = this.pageManager.getPage(Folder.USER_FOLDER 
74                                                  + context.getRequest().getUserPrincipal().getName()
75                                                  + Folder.PATH_SEPARATOR 
76                                                  + Folder.FALLBACK_DEFAULT_PAGE);                 
77                  context.setPage(new ContentPageImpl(page));
78                  context.getRequest().getSession().removeAttribute(ProfilerValveImpl.PORTAL_SITE_SESSION_CONTEXT_ATTR_KEY);                
79              }            
80          }
81          catch (Exception e)
82          {
83              // already logged error
84              return false;
85          }
86          return true;
87      }
88  }