diff --git a/webapp/src/edu/cornell/mannlib/vedit/controller/BaseEditController.java b/webapp/src/edu/cornell/mannlib/vedit/controller/BaseEditController.java index 93c1497d4..79a74cde5 100644 --- a/webapp/src/edu/cornell/mannlib/vedit/controller/BaseEditController.java +++ b/webapp/src/edu/cornell/mannlib/vedit/controller/BaseEditController.java @@ -115,7 +115,12 @@ public class BaseEditController extends VitroHttpServlet { */ protected boolean checkLoginStatus(HttpServletRequest request, HttpServletResponse response) { - return checkLoginStatus(request, response, LoginStatusBean.ANYBODY); + if (LoginStatusBean.getBean(request).isLoggedIn()) { + return true; + } else { + redirectToLoginPage(request, response); + return false; + } } /** @@ -125,8 +130,18 @@ public class BaseEditController extends VitroHttpServlet { HttpServletResponse response, int minimumLevel) { if (LoginStatusBean.getBean(request).isLoggedInAtLeast(minimumLevel)) { return true; + } else { + redirectToLoginPage(request, response); + return false; } - + } + + /** + * Not adequately logged in. Send them to the login page, and then back to + * the page that invoked this. + */ + private void redirectToLoginPage(HttpServletRequest request, + HttpServletResponse response) { request.getSession().setAttribute("postLoginRequest", request.getRequestURI() + "?" + request.getQueryString()); try { @@ -135,7 +150,6 @@ public class BaseEditController extends VitroHttpServlet { } catch (IOException ioe) { log.error("checkLoginStatus() could not redirect to login page"); } - return false; } protected void setRequestAttributes(HttpServletRequest request, EditProcessObject epo){ diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/FedoraDatastreamController.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/FedoraDatastreamController.java index c1221087b..ace916635 100644 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/FedoraDatastreamController.java +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/FedoraDatastreamController.java @@ -17,7 +17,6 @@ import javax.servlet.ServletContext; import javax.servlet.ServletException; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import javax.servlet.http.HttpSession; import org.apache.commons.fileupload.FileItem; import org.apache.commons.logging.Log; @@ -34,7 +33,7 @@ import com.hp.hpl.jena.vocabulary.RDFS; import com.hp.hpl.jena.vocabulary.XSD; import com.ibm.icu.util.Calendar; -import edu.cornell.mannlib.vedit.beans.LoginFormBean; +import edu.cornell.mannlib.vedit.beans.LoginStatusBean; import edu.cornell.mannlib.vitro.webapp.ConfigurationProperties; import edu.cornell.mannlib.vitro.webapp.beans.DataProperty; import edu.cornell.mannlib.vitro.webapp.beans.DataPropertyStatement; @@ -483,9 +482,7 @@ public class FedoraDatastreamController extends VitroHttpServlet implements Cons //System.out.println("Delete event name is " +deleteEventName + " - delete time is " + formattedDeleteDate); //Get current user - HttpSession session = req.getSession(true); - LoginFormBean loginBean = (LoginFormBean) session.getAttribute("loginHandler"); - String userURI = loginBean.getUserURI(); + String userURI = LoginStatusBean.getBean(req).getUserURI(); //System.out.println("Current logged in user uri is " + userURI); //Update model diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/SparqlQueryServlet.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/SparqlQueryServlet.java index 2f46007b0..ed5d24314 100644 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/SparqlQueryServlet.java +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/SparqlQueryServlet.java @@ -107,8 +107,9 @@ public class SparqlQueryServlet extends BaseEditController { // TODO Actually, this only allows someone who is logged in to use this servlet. // If a self-editor is not logged in, they will not have access. -- jb - if( !checkLoginStatus(request, response) ) + if( !checkLoginStatus(request, response) ) { return; + } VitroRequest vreq = new VitroRequest(request); diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/CloneEntityServlet.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/CloneEntityServlet.java index 6ea8d2b78..610a2c3a6 100644 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/CloneEntityServlet.java +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/CloneEntityServlet.java @@ -18,7 +18,7 @@ import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.joda.time.DateTime; -import edu.cornell.mannlib.vedit.beans.LoginFormBean; +import edu.cornell.mannlib.vedit.beans.LoginStatusBean; import edu.cornell.mannlib.vedit.controller.BaseEditController; import edu.cornell.mannlib.vitro.webapp.beans.Individual; import edu.cornell.mannlib.vitro.webapp.beans.PropertyInstance; @@ -79,7 +79,7 @@ public class CloneEntityServlet extends BaseEditController { return; } - LoginFormBean loginBean = (LoginFormBean) request.getSession().getAttribute("loginHandler"); + LoginStatusBean loginBean = LoginStatusBean.getBean(request); WebappDaoFactory myWebappDaoFactory = request.getFullWebappDaoFactory().getUserAwareDaoFactory(loginBean.getUserURI()); IndividualDao individualDao = myWebappDaoFactory.getIndividualDao(); PropertyInstanceDao propertyInstanceDao = myWebappDaoFactory.getPropertyInstanceDao(); diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/EntityRetryController.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/EntityRetryController.java index df4a56531..75c80253a 100644 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/EntityRetryController.java +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/EntityRetryController.java @@ -28,7 +28,7 @@ import edu.cornell.mannlib.vedit.beans.DynamicField; import edu.cornell.mannlib.vedit.beans.DynamicFieldRow; import edu.cornell.mannlib.vedit.beans.EditProcessObject; import edu.cornell.mannlib.vedit.beans.FormObject; -import edu.cornell.mannlib.vedit.beans.LoginFormBean; +import edu.cornell.mannlib.vedit.beans.LoginStatusBean; import edu.cornell.mannlib.vedit.beans.Option; import edu.cornell.mannlib.vedit.controller.BaseEditController; import edu.cornell.mannlib.vedit.forwarder.PageForwarder; @@ -86,7 +86,7 @@ public class EntityRetryController extends BaseEditController { WebappDaoFactory wadf = (vreq.getAssertionsWebappDaoFactory()!=null) ? vreq.getAssertionsWebappDaoFactory() : vreq.getFullWebappDaoFactory(); - LoginFormBean loginBean = (LoginFormBean) request.getSession().getAttribute("loginHandler"); + LoginStatusBean loginBean = LoginStatusBean.getBean(request); WebappDaoFactory myWebappDaoFactory = wadf.getUserAwareDaoFactory(loginBean.getUserURI()); IndividualDao ewDao = myWebappDaoFactory.getIndividualDao(); diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/N3MultiPartUpload.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/N3MultiPartUpload.java index ec2ddf6a3..6bdc07bfd 100644 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/N3MultiPartUpload.java +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/N3MultiPartUpload.java @@ -32,7 +32,7 @@ import com.hp.hpl.jena.rdf.model.ResourceFactory; import com.hp.hpl.jena.rdf.model.StmtIterator; import com.hp.hpl.jena.shared.Lock; -import edu.cornell.mannlib.vedit.beans.LoginFormBean; +import edu.cornell.mannlib.vedit.beans.LoginStatusBean; import edu.cornell.mannlib.vitro.webapp.ConfigurationProperties; import edu.cornell.mannlib.vitro.webapp.controller.VitroHttpServlet; import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest; @@ -508,7 +508,7 @@ public class N3MultiPartUpload extends VitroHttpServlet { } public void sendUserEmail(HttpServletRequest request, HttpSession session, String uploadFileName) { - LoginFormBean loginBean = (LoginFormBean) session.getAttribute("loginHandler"); + LoginStatusBean loginBean = LoginStatusBean.getBean(request); String userURI = loginBean.getUserURI(); try{ System.out.println("User URI is " + userURI); diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/PrimitiveRdfEdit.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/PrimitiveRdfEdit.java index 81fb60104..5f43d383a 100644 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/PrimitiveRdfEdit.java +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/PrimitiveRdfEdit.java @@ -4,9 +4,7 @@ package edu.cornell.mannlib.vitro.webapp.controller.edit; import java.io.IOException; import java.io.StringReader; -import java.util.HashMap; import java.util.HashSet; -import java.util.Map; import java.util.Set; import javax.servlet.ServletContext; @@ -23,7 +21,7 @@ import com.hp.hpl.jena.ontology.OntModel; import com.hp.hpl.jena.rdf.model.Model; import com.hp.hpl.jena.shared.Lock; -import edu.cornell.mannlib.vedit.beans.LoginFormBean; +import edu.cornell.mannlib.vedit.beans.LoginStatusBean; import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest; import edu.cornell.mannlib.vitro.webapp.controller.freemarker.FreemarkerHttpServlet; import edu.cornell.mannlib.vitro.webapp.controller.freemarker.UrlBuilder; @@ -236,12 +234,7 @@ public class PrimitiveRdfEdit extends FreemarkerHttpServlet{ static public boolean checkLoginStatus(HttpServletRequest request){ - LoginFormBean loginBean = (LoginFormBean) request.getSession().getAttribute("loginHandler"); - if (loginBean == null){ - return false; - } else { - return true; - } + return LoginStatusBean.getBean(request).isLoggedIn(); } diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/RefactorOperationController.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/RefactorOperationController.java index 2ff8d39c9..b0914e783 100644 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/RefactorOperationController.java +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/RefactorOperationController.java @@ -16,11 +16,7 @@ import javax.servlet.http.HttpServletResponse; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; - import com.hp.hpl.jena.datatypes.xsd.XSDDatatype; -import com.hp.hpl.jena.iri.IRI; -import com.hp.hpl.jena.iri.IRIFactory; -import com.hp.hpl.jena.iri.Violation; import com.hp.hpl.jena.ontology.DatatypeProperty; import com.hp.hpl.jena.ontology.OntModel; import com.hp.hpl.jena.ontology.OntProperty; @@ -42,11 +38,9 @@ import com.hp.hpl.jena.util.iterator.ClosableIterator; import com.hp.hpl.jena.util.iterator.ExtendedIterator; import com.hp.hpl.jena.vocabulary.RDF; - import edu.cornell.mannlib.vedit.beans.EditProcessObject; -import edu.cornell.mannlib.vedit.beans.LoginFormBean; +import edu.cornell.mannlib.vedit.beans.LoginStatusBean; import edu.cornell.mannlib.vedit.controller.BaseEditController; -import edu.cornell.mannlib.vitro.webapp.auth.policy.JenaNetidPolicy.ContextSetup; import edu.cornell.mannlib.vitro.webapp.beans.Portal; import edu.cornell.mannlib.vitro.webapp.controller.Controllers; import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest; @@ -58,13 +52,6 @@ public class RefactorOperationController extends BaseEditController { private String doFixDataTypes(HttpServletRequest request, HttpServletResponse response) { - - String userURI = null; - LoginFormBean loginBean = (LoginFormBean) request.getSession().getAttribute("loginHandler"); - if (loginBean != null) { - userURI = loginBean.getUserURI(); - } - try { super.doGet(request,response); } catch (Exception e) { @@ -196,12 +183,7 @@ public class RefactorOperationController extends BaseEditController { } private String doRenameResource(VitroRequest request, HttpServletResponse response, EditProcessObject epo) { - - String userURI = null; - LoginFormBean loginBean = (LoginFormBean) request.getSession().getAttribute("loginHandler"); - if (loginBean != null) { - userURI = loginBean.getUserURI(); - } + String userURI = LoginStatusBean.getBean(request).getUserURI(); OntModel ontModel = (OntModel) getServletContext().getAttribute("baseOntModel"); @@ -296,11 +278,7 @@ public class RefactorOperationController extends BaseEditController { } private void doMovePropertyStatements(VitroRequest request, HttpServletResponse response, EditProcessObject epo) { - String userURI = null; - LoginFormBean loginBean = (LoginFormBean) request.getSession().getAttribute("loginHandler"); - if (loginBean != null) { - userURI = loginBean.getUserURI(); - } + String userURI = LoginStatusBean.getBean(request).getUserURI(); OntModel ontModel = (OntModel) getServletContext().getAttribute("jenaOntModel"); @@ -379,11 +357,7 @@ public class RefactorOperationController extends BaseEditController { } private void doMoveInstances(VitroRequest request, HttpServletResponse response, EditProcessObject epo) { - String userURI = null; - LoginFormBean loginBean = (LoginFormBean) request.getSession().getAttribute("loginHandler"); - if (loginBean != null) { - userURI = loginBean.getUserURI(); - } + String userURI = LoginStatusBean.getBean(request).getUserURI(); OntModel ontModel = (OntModel) getServletContext().getAttribute("baseOntModel"); if (ontModel==null) { diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/SiteAdminController.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/SiteAdminController.java index 4c8afc202..35da13f35 100644 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/SiteAdminController.java +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/SiteAdminController.java @@ -16,7 +16,7 @@ import org.apache.commons.logging.LogFactory; import edu.cornell.mannlib.vedit.beans.EditProcessObject; import edu.cornell.mannlib.vedit.beans.FormObject; -import edu.cornell.mannlib.vedit.beans.LoginFormBean; +import edu.cornell.mannlib.vedit.beans.LoginStatusBean; import edu.cornell.mannlib.vedit.controller.BaseEditController; import edu.cornell.mannlib.vedit.util.FormUtils; import edu.cornell.mannlib.vitro.webapp.beans.Portal; @@ -59,22 +59,14 @@ public class SiteAdminController extends BaseEditController { request.setAttribute("languageModeStr", "RDF Schema Mode" ); } - - LoginFormBean loginHandler = (LoginFormBean)request.getSession().getAttribute("loginHandler"); - if( loginHandler != null ){ - String status = loginHandler.getLoginStatus(); - if ( "authenticated".equals(status) ) { - int securityLevel = Integer.parseInt( loginHandler.getLoginRole() ); - if(securityLevel >= loginHandler.CURATOR ){ - String verbose = request.getParameter("verbose"); - if( "true".equals(verbose)) { - request.getSession().setAttribute(VERBOSE, Boolean.TRUE); - } else if( "false".equals(verbose)) { - request.getSession().setAttribute(VERBOSE, Boolean.FALSE); - } - } - } - } + if (LoginStatusBean.getBean(vreq).isLoggedInAtLeast(LoginStatusBean.CURATOR)) { + String verbose = request.getParameter("verbose"); + if ("true".equals(verbose)) { + request.getSession().setAttribute(VERBOSE, Boolean.TRUE); + } else if ("false".equals(verbose)) { + request.getSession().setAttribute(VERBOSE, Boolean.FALSE); + } + } request.setAttribute("singlePortal",new Boolean(vreq.getFullWebappDaoFactory().getPortalDao().isSinglePortal())); diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/UpdateEntityFlagServlet.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/UpdateEntityFlagServlet.java index 1d6184e07..fde0dee7d 100644 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/UpdateEntityFlagServlet.java +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/UpdateEntityFlagServlet.java @@ -6,19 +6,15 @@ import java.sql.Connection; import java.sql.SQLException; import java.sql.Statement; -import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import javax.servlet.http.HttpSession; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; -import edu.cornell.mannlib.vedit.beans.LoginFormBean; -import edu.cornell.mannlib.vitro.webapp.search.indexing.IndexBuilder; -import edu.cornell.mannlib.vitro.webapp.auth.policy.JenaNetidPolicy.ContextSetup; import edu.cornell.mannlib.vitro.webapp.controller.VitroHttpServlet; import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest; +import edu.cornell.mannlib.vitro.webapp.search.indexing.IndexBuilder; public class UpdateEntityFlagServlet extends VitroHttpServlet { private static final int DEFAULT_PORTAL_ID=1; @@ -30,11 +26,6 @@ public class UpdateEntityFlagServlet extends VitroHttpServlet { Connection con=null; try { - HttpSession session = request.getSession(); - LoginFormBean f = (LoginFormBean) session.getAttribute( "loginHandler" ); - - //don't need to touch the users database for now - // JCR 20040905 passing on portal home parameter String portalIdStr=(portalIdStr=request.getParameter("home"))==null?String.valueOf(DEFAULT_PORTAL_ID):portalIdStr; //request.setAttribute("home",portalIdStr); diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/UserRetryController.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/UserRetryController.java index 421c35181..9ff57a034 100644 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/UserRetryController.java +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/UserRetryController.java @@ -18,7 +18,7 @@ import org.apache.commons.logging.LogFactory; import edu.cornell.mannlib.vedit.beans.EditProcessObject; import edu.cornell.mannlib.vedit.beans.FormObject; -import edu.cornell.mannlib.vedit.beans.LoginFormBean; +import edu.cornell.mannlib.vedit.beans.LoginStatusBean; import edu.cornell.mannlib.vedit.beans.Option; import edu.cornell.mannlib.vedit.controller.BaseEditController; import edu.cornell.mannlib.vedit.forwarder.PageForwarder; @@ -126,34 +126,34 @@ public class UserRetryController extends BaseEditController { HashMap optionMap = new HashMap(); - LoginFormBean loginBean = (LoginFormBean) request.getSession().getAttribute("loginHandler"); + LoginStatusBean loginBean = LoginStatusBean.getBean(request); List roleOptionList = new LinkedList(); /* bdc34: Datastar needs non-backend-editing users for logging in non-Cornell people*/ /* SelfEditingPolicySetup.SELF_EDITING_POLICY_WAS_SETUP is set by the SelfEditingPolicySetup context listener */ boolean selfEditing = (Boolean)getServletContext().getAttribute(SelfEditingPolicySetup.SELF_EDITING_POLICY_WAS_SETUP) == Boolean.TRUE; - Option nonEditor = new Option(ROLE_PROTOCOL+loginBean.NON_EDITOR, "self editor"); + Option nonEditor = new Option(ROLE_PROTOCOL+LoginStatusBean.NON_EDITOR, "self editor"); /* self editing should be displayed if we are editing a user account that is already * self-editing even if self editing is off. */ if( selfEditing || ( !"insert".equals(action) && userForEditing.getRoleURI().equals(nonEditor.getValue()) )){ nonEditor.setSelected(userForEditing.getRoleURI().equals(nonEditor.getValue())); - if (nonEditor.getSelected() || (Integer.decode(loginBean.getLoginRole()) >= loginBean.NON_EDITOR)) + if (nonEditor.getSelected() || loginBean.isLoggedInAtLeast(LoginStatusBean.NON_EDITOR)) roleOptionList.add(nonEditor); } - Option editor = new Option(ROLE_PROTOCOL+loginBean.EDITOR, "editor"); + Option editor = new Option(ROLE_PROTOCOL+LoginStatusBean.EDITOR, "editor"); editor.setSelected(userForEditing.getRoleURI().equals(editor.getValue())); - Option curator = new Option(ROLE_PROTOCOL+loginBean.CURATOR, "curator"); + Option curator = new Option(ROLE_PROTOCOL+LoginStatusBean.CURATOR, "curator"); curator.setSelected(userForEditing.getRoleURI().equals(curator.getValue())); - Option administrator = new Option (ROLE_PROTOCOL+loginBean.DBA, "system administrator"); + Option administrator = new Option (ROLE_PROTOCOL+LoginStatusBean.DBA, "system administrator"); administrator.setSelected(userForEditing.getRoleURI().equals(administrator.getValue())); - if (editor.getSelected() || (Integer.decode(loginBean.getLoginRole()) >= loginBean.EDITOR)) + if (editor.getSelected() || loginBean.isLoggedInAtLeast(LoginStatusBean.EDITOR)) roleOptionList.add(editor); - if (curator.getSelected() || (Integer.decode(loginBean.getLoginRole()) >= loginBean.CURATOR)) + if (curator.getSelected() || loginBean.isLoggedInAtLeast(LoginStatusBean.CURATOR)) roleOptionList.add(curator); - if (administrator.getSelected() || (Integer.decode(loginBean.getLoginRole()) >= loginBean.DBA)) + if (administrator.getSelected() || loginBean.isLoggedInAtLeast(LoginStatusBean.DBA)) roleOptionList.add(administrator); optionMap.put("Role", roleOptionList); diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/search/controller/IndexController.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/search/controller/IndexController.java index c26e247a5..0e1f0173f 100644 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/search/controller/IndexController.java +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/search/controller/IndexController.java @@ -8,7 +8,7 @@ import java.util.Map; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; -import edu.cornell.mannlib.vedit.beans.LoginFormBean; +import edu.cornell.mannlib.vedit.beans.LoginStatusBean; import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest; import edu.cornell.mannlib.vitro.webapp.controller.freemarker.FreemarkerHttpServlet; import edu.cornell.mannlib.vitro.webapp.controller.freemarker.UrlBuilder; @@ -40,15 +40,7 @@ public class IndexController extends FreemarkerHttpServlet { // // public void doGet( HttpServletRequest request, HttpServletResponse response ) // throws IOException, ServletException { -// -// Object obj = request.getSession().getAttribute("loginHandler"); -// LoginFormBean loginHandler = null; -// if( obj != null && obj instanceof LoginFormBean ) -// loginHandler = ((LoginFormBean)obj); -// if( loginHandler == null || -// ! "authenticated".equalsIgnoreCase(loginHandler.getLoginStatus()) || -// Integer.parseInt(loginHandler.getLoginRole()) <= 5 ){ -// +// if (!LoginStatusBean.getBean(vreq).isLoggedInAtLeast(LoginStatusBean.DBA)) { // String redirectURL=request.getContextPath() + Controllers.SITE_ADMIN + "?login=block"; // response.sendRedirect(redirectURL); // return; @@ -76,21 +68,13 @@ public class IndexController extends FreemarkerHttpServlet { } @Override - protected ResponseValues processRequest(VitroRequest vreq) { - - Object obj = vreq.getSession().getAttribute("loginHandler"); - Map body = new HashMap(); - - LoginFormBean loginHandler = null; - if( obj != null && obj instanceof LoginFormBean ) - loginHandler = ((LoginFormBean)obj); - if( loginHandler == null || - ! "authenticated".equalsIgnoreCase(loginHandler.getLoginStatus()) || - Integer.parseInt(loginHandler.getLoginRole()) <= LoginFormBean.CURATOR ){ - + protected ResponseValues processRequest(VitroRequest vreq) { + if (!LoginStatusBean.getBean(vreq).isLoggedInAtLeast(LoginStatusBean.DBA)) { return new RedirectResponseValues(UrlBuilder.getUrl(Route.LOGIN)); } + Map body = new HashMap(); + // long start = System.currentTimeMillis(); try { IndexBuilder builder = (IndexBuilder)getServletContext().getAttribute(IndexBuilder.class.getName());