Change from boolean requiresLogin() to requiresLoginLevel() so that pages can require a specific login level. Remove login level checks from Freemarker controllers and handle using requiresLoginLevel() instead. If a user is already logged in and navigates or gets redirected to login page, show a message instead of a blank page.

webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/PrimitiveRdfEdit.java

@@ -40,12 +40,12 @@ public class PrimitiveRdfEdit extends FreemarkerHttpServlet{
     }
 
     @Override
-    protected ResponseValues processRequest(VitroRequest vreq) {
+    protected int requiresLoginLevel() {
-        boolean loggedIn = checkLoginStatus(vreq);
+        return LoginStatusBean.EDITOR;
-        if( !loggedIn){
+    }
-            return new RedirectResponseValues(UrlBuilder.getUrl(Route.LOGIN));
-        }
     
+    @Override
+    protected ResponseValues processRequest(VitroRequest vreq) {
         return new TemplateResponseValues("primitiveRdfEdit.ftl");
     }
     

webapp/src/edu/cornell/mannlib/vitro/webapp/controller/freemarker/FreemarkerHttpServlet.java

@@ -82,8 +82,8 @@ public class FreemarkerHttpServlet extends VitroHttpServlet {
 	        
 	        ResponseValues responseValues;
 	        
-	        // checkLoginStatus() does a redirect if the user is not logged in.
+	        // This method does a redirect if the required login level is not met, so just return.
-	        if (requiresLogin() && !checkLoginStatus(request, response)) {
+	        if (requiredLoginLevelNotFound(request, response)) {
 	            return; 
 	        } else {
 	            responseValues = processRequest(vreq);
@@ -107,13 +107,26 @@ public class FreemarkerHttpServlet extends VitroHttpServlet {
         return loader.getConfig(vreq);
     }
 
+    private boolean requiredLoginLevelNotFound(HttpServletRequest request, HttpServletResponse response) {
+        int requiredLoginLevel = requiresLoginLevel();
+        // checkLoginStatus() does a redirect if the user is not logged in.
+        if (requiredLoginLevel > LoginStatusBean.ANYBODY && !checkLoginStatus(request, response, requiredLoginLevel)) {
+            return true;
+        }
+        return false;
+    }
+    
     protected boolean requiresLogin() {
+        return false;
+    }
+    
+    protected int requiresLoginLevel() {
         // By default, user does not need to be logged in to view pages.
-        // Subclasses that require login to process their page will override to return true.
+        // Subclasses that require login to process their page will override to return the required login level.
         // NB This method can't be static, because then the superclass method gets called rather than
         // the subclass method. For the same reason, it can't refer to a static or instance field
-        // REQUIRES_LOGIN which is overridden in the subclass.
+        // REQUIRES_LOGIN_LEVEL which is overridden in the subclass.
-        return false;
+        return LoginStatusBean.ANYBODY;
     }
     
     // Subclasses will override

webapp/src/edu/cornell/mannlib/vitro/webapp/controller/freemarker/RevisionInfoController.java

@@ -8,6 +8,7 @@ import java.util.Map;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 
+import edu.cornell.mannlib.vedit.beans.LoginStatusBean;
 import edu.cornell.mannlib.vitro.webapp.config.RevisionInfoBean;
 import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
 
@@ -19,6 +20,11 @@ public class RevisionInfoController extends FreemarkerHttpServlet {
     private static final Log log = LogFactory.getLog(RevisionInfoController.class);
     private static final String TEMPLATE_DEFAULT = "revisionInfo.ftl";
 
+    @Override
+    protected int requiresLoginLevel() {
+        return LoginStatusBean.EDITOR;
+    }
+    
     @Override
     protected ResponseValues processRequest(VitroRequest vreq) {
         Map<String, Object> body = new HashMap<String, Object>();

webapp/src/edu/cornell/mannlib/vitro/webapp/controller/freemarker/SiteAdminController.java

@@ -35,36 +35,35 @@ public class SiteAdminController extends FreemarkerHttpServlet {
 	}
 
     @Override
-    protected boolean requiresLogin() {
+    protected int requiresLoginLevel() {
         // User must be logged in to view this page.
-        return true;
+        return LoginStatusBean.EDITOR;
     }
     
     @Override
     protected ResponseValues processRequest(VitroRequest vreq) {
-
+        // Note that we don't get here unless logged in at least at editor level, due
+        // to requiresLoginLevel().
     	LoginStatusBean loginBean = LoginStatusBean.getBean(vreq);
     	
         Map<String, Object> body = new HashMap<String, Object>();        
 
-        if (loginBean.isLoggedInAtLeast(LoginStatusBean.EDITOR)) {
+        UrlBuilder urlBuilder = new UrlBuilder(vreq.getPortal());
         
-            UrlBuilder urlBuilder = new UrlBuilder(vreq.getPortal());
+        body.put("dataInput", getDataInputData(vreq));
 
-            body.put("dataInput", getDataInputData(vreq));
+        if (loginBean.isLoggedInAtLeast(LoginStatusBean.CURATOR)) {
+            body.put("siteConfig", getSiteConfigurationData(vreq, urlBuilder));
+            body.put("ontologyEditor", getOntologyEditorData(vreq, urlBuilder));
             
-            if (loginBean.isLoggedInAtLeast(LoginStatusBean.CURATOR)) {
+            if (loginBean.isLoggedInAtLeast(LoginStatusBean.DBA)) {
-                body.put("siteConfig", getSiteConfigurationData(vreq, urlBuilder));
+                body.put("dataTools", getDataToolsData(vreq, urlBuilder));
-                body.put("ontologyEditor", getOntologyEditorData(vreq, urlBuilder));
                 
-                if (loginBean.isLoggedInAtLeast(LoginStatusBean.DBA)) {
+                // Only for DataStar. Should handle without needing a DataStar-specific version of this controller.
-                    body.put("dataTools", getDataToolsData(vreq, urlBuilder));
+                //body.put("customReports", getCustomReportsData(vreq));
-                    
-                    // Only for DataStar. Should handle without needing a DataStar-specific version of this controller.
-                    //body.put("customReports", getCustomReportsData(vreq));
-                }
             }
         }
+        
         return new TemplateResponseValues(TEMPLATE_DEFAULT, body);
  
     }

webapp/src/edu/cornell/mannlib/vitro/webapp/search/controller/IndexController.java

@@ -67,15 +67,20 @@ public class IndexController extends FreemarkerHttpServlet {
         return "Full Search Index Rebuild";
     }
     
+//    @Override
+//    protected int requiresLoginLevel() {
+//        // User must be logged in to view this page.
+//        return LoginStatusBean.DBA;
+//    }
+    
     @Override
     protected ResponseValues processRequest(VitroRequest vreq) { 
+        // Due to requiresLoginLevel(), we don't get here unless logged in as DBA
         if (!LoginStatusBean.getBean(vreq).isLoggedInAtLeast(LoginStatusBean.DBA)) {
             return new RedirectResponseValues(UrlBuilder.getUrl(Route.LOGIN));
         }
-        
         Map<String, Object> body = new HashMap<String, Object>();
         
-        // long start = System.currentTimeMillis();
         try {
             IndexBuilder builder = (IndexBuilder)getServletContext().getAttribute(IndexBuilder.class.getName());
             if( vreq.getParameter("update") != null ){

webapp/src/edu/cornell/mannlib/vitro/webapp/web/widgets/LoginWidget.java

@@ -12,6 +12,7 @@ import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 
 import edu.cornell.mannlib.vedit.beans.LoginStatusBean;
+import edu.cornell.mannlib.vitro.webapp.controller.freemarker.UrlBuilder.Route;
 import edu.cornell.mannlib.vitro.webapp.controller.login.LoginProcessBean;
 import edu.cornell.mannlib.vitro.webapp.controller.login.LoginProcessBean.State;
 import freemarker.core.Environment;
@@ -24,6 +25,7 @@ public class LoginWidget extends Widget {
     private static enum Macro {
         LOGIN("loginForm"),
         FORCE_PASSWORD_CHANGE("forcePasswordChange"),
+        ALREADY_LOGGED_IN("alreadyLoggedIn"),
         SERVER_ERROR("error");
         
         private final String macroName;
@@ -71,7 +73,15 @@ public class LoginWidget extends Widget {
                         
             switch (state) {
             case LOGGED_IN:
-                return null;
+                // On the login page itself, show a message that the user is already logged in.
+                // Otherwise, when redirecting to login page from a page that the logged-in user
+                // doesn't have access to, we would just show a blank page.
+                if (request.getServletPath().equals(Route.LOGIN.path())) {
+                    values = showMessageToLoggedInUser(request);
+                    break;
+                } else {
+                    return null;
+                }
             case FORCED_PASSWORD_CHANGE:
                 values = showPasswordChangeScreen(request);
                 break;
@@ -114,6 +124,10 @@ public class LoginWidget extends Widget {
         return values;
     }
     
+    private WidgetTemplateValues showMessageToLoggedInUser(HttpServletRequest request) {
+        return new WidgetTemplateValues(Macro.ALREADY_LOGGED_IN.toString());
+    }
+
     /**
      * The user has given the correct password, but now they are required to
      * change it (unless they cancel out).

webapp/web/templates/freemarker/widgets/widget-login.ftl

@@ -78,6 +78,11 @@
     </section>
 </#macro>
 
+<#macro alreadyLoggedIn>
+    <h2>Log in</h2>
+    <p>You are already logged in. You may have been redirected to this page because you tried to access a page that you do not have permission to view.</p>
+</#macro>
+
 <#macro error>
     <p>There was an error in the system.</p>
 </#macro>