Example 1 with ClientConfigElement
use of org.alfresco.web.config.ClientConfigElement in project acs-community-packaging by Alfresco.
the class ScriptCommandProcessor method validateArguments.
/**
* @see org.alfresco.web.app.servlet.command.CommandProcessor#validateArguments(javax.servlet.ServletContext, java.lang.String, java.util.Map, java.lang.String[])
*/
public boolean validateArguments(ServletContext sc, String command, Map<String, String> args, String[] urlElements) {
boolean allowed = false;
String scriptPath = args.get(ARG_SCRIPT_PATH);
if (scriptPath != null) {
// resolve path to a node
this.scriptRef = BaseServlet.resolveNamePath(sc, scriptPath).NodeRef;
// same for the document context path if specified
String docPath = args.get(ARG_CONTEXT_PATH);
if (docPath != null) {
this.docRef = BaseServlet.resolveNamePath(sc, docPath).NodeRef;
}
} else {
if (urlElements.length < 3) {
throw new IllegalArgumentException("Not enough URL arguments passed to command servlet.");
}
// get NodeRef to the node script to execute
StoreRef storeRef = new StoreRef(urlElements[0], urlElements[1]);
this.scriptRef = new NodeRef(storeRef, urlElements[2]);
if (urlElements.length >= 6) {
storeRef = new StoreRef(urlElements[3], urlElements[4]);
this.docRef = new NodeRef(storeRef, urlElements[5]);
}
}
// check we can READ access the nodes specified
PermissionService ps = Repository.getServiceRegistry(sc).getPermissionService();
allowed = (ps.hasPermission(this.scriptRef, PermissionService.READ) == AccessStatus.ALLOWED);
if (this.docRef != null) {
allowed &= (ps.hasPermission(this.docRef, PermissionService.READ) == AccessStatus.ALLOWED);
}
// check to see if user is allowed to execute arbituary javascript
// by default only an admin authority can perform this action
ConfigService configService = Application.getConfigService(sc);
ClientConfigElement configElement = (ClientConfigElement) configService.getGlobalConfig().getConfigElement("client");
boolean allowScriptExecute = configElement.getAllowUserScriptExecute();
AuthorityService authService = Repository.getServiceRegistry(sc).getAuthorityService();
allowed &= (allowScriptExecute || authService.isAdminAuthority(AuthenticationUtil.getFullyAuthenticatedUser()));
return allowed;
}
Also used :
PermissionService(org.alfresco.service.cmr.security.PermissionService)
StoreRef(org.alfresco.service.cmr.repository.StoreRef)
NodeRef(org.alfresco.service.cmr.repository.NodeRef)
ConfigService(org.springframework.extensions.config.ConfigService)
AuthorityService(org.alfresco.service.cmr.security.AuthorityService)
ClientConfigElement(org.alfresco.web.config.ClientConfigElement)
Example 2 with ClientConfigElement
use of org.alfresco.web.config.ClientConfigElement in project acs-community-packaging by Alfresco.
the class WorkflowBean method getTasksCompleted.
/**
* Returns a list of nodes representing the completed tasks the
* current user has.
*
* @return List of completed tasks
*/
public List<Node> getTasksCompleted() {
if (this.completedTasks == null) {
// get the current username
FacesContext context = FacesContext.getCurrentInstance();
User user = Application.getCurrentUser(context);
String userName = user.getUserName();
UserTransaction tx = null;
try {
tx = Repository.getUserTransaction(context, true);
tx.begin();
// get the current in progress tasks for the current user
ClientConfigElement clientConfig = (ClientConfigElement) Application.getConfigService(context).getGlobalConfig().getConfigElement(ClientConfigElement.CONFIG_ELEMENT_ID);
WorkflowTaskQuery query = new WorkflowTaskQuery();
query.setActive(null);
query.setActorId(userName);
query.setTaskState(WorkflowTaskState.COMPLETED);
query.setLimit(clientConfig.getTasksCompletedMaxResults());
List<WorkflowTask> tasks = this.getWorkflowService().queryTasks(query);
// create a list of transient nodes to represent
this.completedTasks = new ArrayList<Node>(tasks.size());
for (WorkflowTask task : tasks) {
Node node = createTask(task);
this.completedTasks.add(node);
if (logger.isDebugEnabled())
logger.debug("Added completed task: " + node);
}
// commit the changes
tx.commit();
} catch (Throwable e) {
// rollback the transaction
try {
if (tx != null) {
tx.rollback();
}
} catch (Exception ex) {
}
Utils.addErrorMessage("Failed to get completed tasks: " + e.toString(), e);
}
}
return this.completedTasks;
}
Also used :
UserTransaction(javax.transaction.UserTransaction)
FacesContext(javax.faces.context.FacesContext)
User(org.alfresco.web.bean.repository.User)
Node(org.alfresco.web.bean.repository.Node)
TransientNode(org.alfresco.web.bean.repository.TransientNode)
TransientMapNode(org.alfresco.web.bean.repository.TransientMapNode)
WorkflowTask(org.alfresco.service.cmr.workflow.WorkflowTask)
ClientConfigElement(org.alfresco.web.config.ClientConfigElement)
WorkflowTaskQuery(org.alfresco.service.cmr.workflow.WorkflowTaskQuery)
Example 3 with ClientConfigElement
use of org.alfresco.web.config.ClientConfigElement in project acs-community-packaging by Alfresco.
the class AlfrescoFacesPortlet method facesRender.
/**
* @see org.apache.myfaces.portlet.MyFacesGenericPortlet#facesRender(javax.portlet.RenderRequest, javax.portlet.RenderResponse)
*/
protected void facesRender(RenderRequest request, RenderResponse response) throws PortletException, IOException {
Application.setInPortalServer(true);
try {
// Set the current locale
I18NUtil.setLocale(getLanguage(request.getPortletSession()));
if (request.getParameter(ERROR_OCCURRED) != null) {
String errorPage = getErrorPage();
if (logger.isDebugEnabled())
logger.debug("An error has occurred, redirecting to error page: " + errorPage);
response.setContentType("text/html");
PortletRequestDispatcher dispatcher = getPortletContext().getRequestDispatcher(errorPage);
dispatcher.include(request, response);
} else {
WebApplicationContext ctx = (WebApplicationContext) getPortletContext().getAttribute(WebApplicationContext.ROOT_WEB_APPLICATION_CONTEXT_ATTRIBUTE);
AuthenticationService auth = (AuthenticationService) ctx.getBean("AuthenticationService");
// if we have no User object in the session then an HTTP Session timeout must have occured
// use the viewId to check that we are not already on the login page
PortletSession session = request.getPortletSession();
String viewId = request.getParameter(VIEW_ID);
// keep track of last view id so we can use it as return page from multi-part requests
request.getPortletSession().setAttribute(SESSION_LAST_VIEW_ID, viewId);
SessionUser sessionUser = (SessionUser) request.getPortletSession().getAttribute(AuthenticationHelper.AUTHENTICATION_USER, PortletSession.APPLICATION_SCOPE);
User user = sessionUser instanceof User ? (User) sessionUser : null;
if (user == null && (viewId == null || viewId.equals(getLoginPage()) == false)) {
if (portalGuestAuthenticate(ctx, session, auth) != null) {
if (logger.isDebugEnabled())
logger.debug("Guest access successful.");
// perform the forward to the page processed by the Faces servlet
response.setContentType("text/html");
request.getPortletSession().setAttribute(PortletUtil.PORTLET_REQUEST_FLAG, "true");
// get the start location as configured by the web-client config
ConfigService configService = (ConfigService) ctx.getBean("webClientConfigService");
ClientConfigElement configElement = (ClientConfigElement) configService.getGlobalConfig().getConfigElement("client");
if (NavigationBean.LOCATION_MYALFRESCO.equals(configElement.getInitialLocation())) {
nonFacesRequest(request, response, "/jsp/dashboards/container.jsp");
} else {
nonFacesRequest(request, response, FacesHelper.BROWSE_VIEW_ID);
}
} else {
if (logger.isDebugEnabled())
logger.debug("No valid User login, requesting login page. ViewId: " + viewId);
// set last used username as special session value used by the LoginBean
session.setAttribute(AuthenticationHelper.SESSION_USERNAME, request.getPreferences().getValue(PREF_ALF_USERNAME, null));
// login page is the default portal page
response.setContentType("text/html");
request.getPortletSession().setAttribute(PortletUtil.PORTLET_REQUEST_FLAG, "true");
nonFacesRequest(request, response);
}
} else {
if (session.getAttribute(AuthenticationHelper.SESSION_INVALIDATED) != null) {
// remove the username preference value as explicit logout was requested by the user
if (request.getPreferences().isReadOnly(PREF_ALF_USERNAME) == false) {
request.getPreferences().reset(PREF_ALF_USERNAME);
}
session.removeAttribute(AuthenticationHelper.SESSION_INVALIDATED);
}
try {
if (user != null) {
if (logger.isDebugEnabled())
logger.debug("Validating ticket: " + user.getTicket());
// setup the authentication context
auth.validate(user.getTicket());
}
// do the normal JSF processing
super.facesRender(request, response);
} catch (AuthenticationException authErr) {
// ticket is no longer valid!
if (logger.isDebugEnabled())
logger.debug("Invalid ticket, requesting login page.");
// remove User object as it's now useless
session.removeAttribute(AuthenticationHelper.AUTHENTICATION_USER, PortletSession.APPLICATION_SCOPE);
// login page is the default portal page
response.setContentType("text/html");
request.getPortletSession().setAttribute(PortletUtil.PORTLET_REQUEST_FLAG, "true");
nonFacesRequest(request, response);
} catch (Throwable e) {
if (getErrorPage() != null) {
handleError(request, response, e);
} else {
logger.warn("No error page configured, re-throwing exception");
if (e instanceof PortletException) {
throw (PortletException) e;
} else if (e instanceof IOException) {
throw (IOException) e;
} else {
throw new PortletException(e);
}
}
}
}
}
} finally {
Application.setInPortalServer(false);
}
}
Also used :
User(org.alfresco.web.bean.repository.User)
SessionUser(org.alfresco.repo.SessionUser)
AuthenticationException(org.alfresco.repo.security.authentication.AuthenticationException)
PortletException(javax.portlet.PortletException)
IOException(java.io.IOException)
ClientConfigElement(org.alfresco.web.config.ClientConfigElement)
WebApplicationContext(org.springframework.web.context.WebApplicationContext)
PortletRequestDispatcher(javax.portlet.PortletRequestDispatcher)
SessionUser(org.alfresco.repo.SessionUser)
ConfigService(org.springframework.extensions.config.ConfigService)
PortletSession(javax.portlet.PortletSession)
AuthenticationService(org.alfresco.service.cmr.security.AuthenticationService)
Example 4 with ClientConfigElement
use of org.alfresco.web.config.ClientConfigElement in project acs-community-packaging by Alfresco.
the class Application method getLoginPage.
/**
* Retrieves the configured login page for the application
*
* @param context The Spring contexr
* @return The configured login page or null if the configuration is missing
*/
public static String getLoginPage(ApplicationContext context) {
String loginPage = null;
ConfigService svc = (ConfigService) context.getBean(BEAN_CONFIG_SERVICE);
ClientConfigElement clientConfig = (ClientConfigElement) svc.getGlobalConfig().getConfigElement(ClientConfigElement.CONFIG_ELEMENT_ID);
if (clientConfig != null) {
loginPage = clientConfig.getLoginPage();
}
return loginPage;
}
Also used :
ConfigService(org.springframework.extensions.config.ConfigService)
ClientConfigElement(org.alfresco.web.config.ClientConfigElement)
Example 5 with ClientConfigElement
use of org.alfresco.web.config.ClientConfigElement in project acs-community-packaging by Alfresco.
the class Application method getErrorPage.
/**
* Retrieves the configured error page for the application
*
* @param context The Spring context
* @return The configured error page or null if the configuration is missing
*/
public static String getErrorPage(ApplicationContext context) {
String errorPage = null;
ConfigService svc = (ConfigService) context.getBean(BEAN_CONFIG_SERVICE);
ClientConfigElement clientConfig = (ClientConfigElement) svc.getGlobalConfig().getConfigElement(ClientConfigElement.CONFIG_ELEMENT_ID);
if (clientConfig != null) {
errorPage = clientConfig.getErrorPage();
}
return errorPage;
}
Also used :
ConfigService(org.springframework.extensions.config.ConfigService)
ClientConfigElement(org.alfresco.web.config.ClientConfigElement)
Aggregations
ClientConfigElement (org.alfresco.web.config.ClientConfigElement)6
ConfigService (org.springframework.extensions.config.ConfigService)4
User (org.alfresco.web.bean.repository.User)2
IOException (java.io.IOException)1
FacesContext (javax.faces.context.FacesContext)1
PortletException (javax.portlet.PortletException)1
PortletRequestDispatcher (javax.portlet.PortletRequestDispatcher)1
PortletSession (javax.portlet.PortletSession)1
UserTransaction (javax.transaction.UserTransaction)1
SessionUser (org.alfresco.repo.SessionUser)1
AuthenticationException (org.alfresco.repo.security.authentication.AuthenticationException)1
NodeRef (org.alfresco.service.cmr.repository.NodeRef)1
StoreRef (org.alfresco.service.cmr.repository.StoreRef)1
AuthenticationService (org.alfresco.service.cmr.security.AuthenticationService)1
AuthorityService (org.alfresco.service.cmr.security.AuthorityService)1
PermissionService (org.alfresco.service.cmr.security.PermissionService)1
WorkflowTask (org.alfresco.service.cmr.workflow.WorkflowTask)1
WorkflowTaskQuery (org.alfresco.service.cmr.workflow.WorkflowTaskQuery)1
Node (org.alfresco.web.bean.repository.Node)1
TransientMapNode (org.alfresco.web.bean.repository.TransientMapNode)1
