From 279c083d8976f19818b0c46125435fd5e06dc8c2 Mon Sep 17 00:00:00 2001
From: jeb228 <jeb228@440791e1-c2bf-4c1e-ad7c-caf3f8b0ebe8>
Date: Tue, 16 Nov 2010 16:13:55 +0000
Subject: [PATCH] VIVO-241 Fix VitroRequestPrep.isSelfEditing(), which should
 fix the controllers that rely on this call. Previously, this worked correctly
 only for "fake" self-editing.

---
 .../controller/FakeSelfEditController.java    |  7 ++--
 .../webapp/filters/VitroRequestPrep.java      | 40 ++++++++++++-------
 2 files changed, 29 insertions(+), 18 deletions(-)

diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/FakeSelfEditController.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/FakeSelfEditController.java
index 4ad0ac40b..301af7385 100644
--- a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/FakeSelfEditController.java
+++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/FakeSelfEditController.java
@@ -15,15 +15,16 @@ import org.apache.commons.logging.LogFactory;
 
 import edu.cornell.mannlib.vedit.beans.LoginStatusBean;
 import edu.cornell.mannlib.vitro.webapp.auth.identifier.FakeSelfEditingIdentifierFactory;
-import edu.cornell.mannlib.vitro.webapp.filters.VitroRequestPrep;
 
 /**
  * TODO This is caught in the middle of the transition from LoginFormBean to LoginStatusBean.
  */
 public class FakeSelfEditController extends VitroHttpServlet {
+	// TODO When the LoginFormBean goes away, these should too.
 	private static final String ATTRIBUTE_LOGIN_FORM_BEAN = "loginHandler";
-	private static final String ATTRIBUTE_LOGIN_STATUS_BEAN = "loginStatus";
 	private static final String ATTRIBUTE_LOGIN_FORM_SAVE = "saveLoginHandler";
+	
+	private static final String ATTRIBUTE_LOGIN_STATUS_BEAN = "loginStatus";
 	private static final String ATTRIBUTE_LOGIN_STATUS_SAVE = "saveLoginStatus";
 
 	private static final Log log = LogFactory
@@ -63,7 +64,6 @@ public class FakeSelfEditController extends VitroHttpServlet {
 	private void startFaking(VitroRequest vreq, HttpServletResponse response)
 			throws IOException {
 		HttpSession session = vreq.getSession();
-		VitroRequestPrep.forceToSelfEditing(vreq);
 		String id = vreq.getParameter("netid");
 		FakeSelfEditingIdentifierFactory.putFakeIdInSession(id, session);
 
@@ -80,7 +80,6 @@ public class FakeSelfEditController extends VitroHttpServlet {
 
 	private void stopFaking(VitroRequest request, HttpServletResponse response,
 			HttpSession session) throws IOException {
-		VitroRequestPrep.forceOutOfSelfEditing(request);
 		FakeSelfEditingIdentifierFactory.clearFakeIdInSession(session);
 
 		// Restore our original login status.
diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/filters/VitroRequestPrep.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/filters/VitroRequestPrep.java
index bfd80d5b3..e8633be02 100644
--- a/webapp/src/edu/cornell/mannlib/vitro/webapp/filters/VitroRequestPrep.java
+++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/filters/VitroRequestPrep.java
@@ -20,11 +20,14 @@ import javax.servlet.http.HttpSession;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 
+import edu.cornell.mannlib.vitro.webapp.auth.identifier.Identifier;
+import edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundle;
+import edu.cornell.mannlib.vitro.webapp.auth.identifier.SelfEditingIdentifierFactory.SelfEditing;
+import edu.cornell.mannlib.vitro.webapp.auth.identifier.ServletIdentifierBundleFactory;
 import edu.cornell.mannlib.vitro.webapp.beans.ApplicationBean;
 import edu.cornell.mannlib.vitro.webapp.beans.BaseResourceBean.RoleLevel;
 import edu.cornell.mannlib.vitro.webapp.beans.Portal;
 import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
-import edu.cornell.mannlib.vitro.webapp.controller.authenticate.Authenticator;
 import edu.cornell.mannlib.vitro.webapp.dao.PortalDao;
 import edu.cornell.mannlib.vitro.webapp.dao.WebappDaoFactory;
 import edu.cornell.mannlib.vitro.webapp.dao.filtering.WebappDaoFactoryFiltering;
@@ -400,19 +403,28 @@ public class VitroRequestPrep implements Filter {
         (new VitroRequest(request)).setPortalId( portalId.toString() );
     }
 
-    public static void forceToSelfEditing(HttpServletRequest request){
-        HttpSession sess = request.getSession(true);
-        sess.setMaxInactiveInterval(Authenticator.LOGGED_IN_TIMEOUT_INTERVAL);
-        sess.setAttribute("inSelfEditing","true");
-    }
-    public static void forceOutOfSelfEditing(HttpServletRequest request){
-        HttpSession sess = request.getSession(true);
-        sess.removeAttribute("inSelfEditing");
-    }
-    public static boolean isSelfEditing(HttpServletRequest request){
-        HttpSession sess = request.getSession(false);
-        return sess != null && "true".equalsIgnoreCase((String)sess.getAttribute("inSelfEditing")) ;
-    }
+	/**
+	 * Check to see whether any of the current identifiers is a SelfEditing
+	 * identifier.
+	 */
+	public static boolean isSelfEditing(HttpServletRequest request) {
+		HttpSession session = request.getSession(false);
+		if (session == null) {
+			return false;
+		}
+		ServletContext sc = session.getServletContext();
+
+		IdentifierBundle idBundle = ServletIdentifierBundleFactory
+				.getIdBundleForRequest(request, session, sc);
+
+		for (Identifier id : idBundle) {
+			if (id instanceof SelfEditing) {
+				return true;
+			}
+		}
+
+		return false;
+	}
 
     public void destroy() {       
     }