litvinovg/vitro
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Restructure so when you start self-editing you are no longer logged in, and when you stop you are logged in again.

Browse source
This commit is contained in:
jeb228 2010-10-07 20:52:00 +00:00
parent d6e507691a
commit 659a5b41df
1 changed files with 90 additions and 27 deletions
Download patch file Download diff file Expand all files Collapse all files

117
webapp/src/edu/cornell/mannlib/vitro/webapp/controller/FakeSelfEditController.java
View file

@ -13,11 +13,18 @@ import javax.servlet.http.HttpSession;
import org.apache.commons.logging.Log; import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory; import org.apache.commons.logging.LogFactory;
import edu.cornell.mannlib.vedit.beans.LoginFormBean; import edu.cornell.mannlib.vedit.beans.LoginStatusBean;
import edu.cornell.mannlib.vitro.webapp.auth.identifier.FakeSelfEditingIdentifierFactory; import edu.cornell.mannlib.vitro.webapp.auth.identifier.FakeSelfEditingIdentifierFactory;
import edu.cornell.mannlib.vitro.webapp.filters.VitroRequestPrep; import edu.cornell.mannlib.vitro.webapp.filters.VitroRequestPrep;
/**
* TODO This is caught in the middle of the transition from LoginFormBean to LoginStatusBean.
*/
public class FakeSelfEditController extends VitroHttpServlet { public class FakeSelfEditController extends VitroHttpServlet {
private static final String ATTRIBUTE_LOGIN_FORM_BEAN = "loginHandler";
private static final String ATTRIBUTE_LOGIN_STATUS_BEAN = "loginStatus";
private static final String ATTRIBUTE_LOGIN_FORM_SAVE = "saveLoginHandler";
private static final String ATTRIBUTE_LOGIN_STATUS_SAVE = "saveLoginStatus";
private static final Log log = LogFactory private static final Log log = LogFactory
.getLog(FakeSelfEditController.class.getName()); .getLog(FakeSelfEditController.class.getName());
@ -27,37 +34,18 @@ public class FakeSelfEditController extends VitroHttpServlet {
try { try {
super.doGet(request, response); super.doGet(request, response);
VitroRequest vreq = new VitroRequest(request); VitroRequest vreq = new VitroRequest(request);
HttpSession session = request.getSession(); HttpSession session = request.getSession();
if (!LoginFormBean.loggedIn(request, LoginFormBean.CURATOR)) { if (!isAuthorized(session)) {
// Not logged in as site admin sendToLogin(vreq, response);
session.setAttribute("postLoginRequest", vreq.getRequestURI());
response.sendRedirect(request.getContextPath()
+ Controllers.LOGIN + "?login=block");
} else if (vreq.getParameter("force") != null) { } else if (vreq.getParameter("force") != null) {
// Logged in as site admin: Form to use netid startFaking(vreq, response);
VitroRequestPrep.forceToSelfEditing(request); } else if (vreq.getParameter("stopfaking") != null) {
String id = request.getParameter("netid"); stopFaking(vreq, response, session);
FakeSelfEditingIdentifierFactory.putFakeIdInSession(id, session);
// Remove the login bean - so we are ONLY self-editing
session.removeAttribute("loginHandler");
response.sendRedirect(request.getContextPath()
+ Controllers.ENTITY + "?netid=" + id);
} else if (request.getParameter("stopfaking") != null) {
// Logged in as site admin: Form to stop using netid
VitroRequestPrep.forceOutOfSelfEditing(request);
FakeSelfEditingIdentifierFactory.clearFakeIdInSession(session);
response.sendRedirect(request.getContextPath() + "/");
} else { } else {
// Logged in as site admin: Form not yet submitted showTheForm(vreq, response, session);
request.setAttribute("msg", figureMessage(session));
request.setAttribute("title", "Self-Edit Test");
request.setAttribute("bodyJsp", "/admin/fakeselfedit.jsp");
RequestDispatcher rd = request.getRequestDispatcher(Controllers.BASIC_JSP);
rd.forward(request, response);
} }
} catch (Exception e) { } catch (Exception e) {
log.error("FakeSelfEditController could not forward to view."); log.error("FakeSelfEditController could not forward to view.");
@ -65,6 +53,63 @@ public class FakeSelfEditController extends VitroHttpServlet {
} }
} }
private boolean isAuthorized(HttpSession session) {
boolean isFakingAlready = (session.getAttribute(ATTRIBUTE_LOGIN_STATUS_SAVE) != null);
boolean isAdmin = LoginStatusBean.getBean(session).isLoggedInAtLeast(LoginStatusBean.CURATOR);
return isAdmin || isFakingAlready;
}
private void sendToLogin(VitroRequest vreq, HttpServletResponse response)
throws IOException {
HttpSession session = vreq.getSession();
session.setAttribute("postLoginRequest", vreq.getRequestURI());
response.sendRedirect(vreq.getContextPath() + Controllers.LOGIN
+ "?login=block");
}
private void startFaking(VitroRequest vreq, HttpServletResponse response)
throws IOException {
HttpSession session = vreq.getSession();
VitroRequestPrep.forceToSelfEditing(vreq);
String id = vreq.getParameter("netid");
FakeSelfEditingIdentifierFactory.putFakeIdInSession(id, session);
// Remove the login bean - so we are ONLY self-editing
moveAttribute(session, ATTRIBUTE_LOGIN_FORM_BEAN,
ATTRIBUTE_LOGIN_FORM_SAVE);
moveAttribute(session, ATTRIBUTE_LOGIN_STATUS_BEAN,
ATTRIBUTE_LOGIN_STATUS_SAVE);
response.sendRedirect(vreq.getContextPath() + Controllers.ENTITY
+ "?netid=" + id);
}
private void stopFaking(VitroRequest request, HttpServletResponse response,
HttpSession session) throws IOException {
VitroRequestPrep.forceOutOfSelfEditing(request);
FakeSelfEditingIdentifierFactory.clearFakeIdInSession(session);
// Restore our original login status.
restoreAttribute(session, ATTRIBUTE_LOGIN_FORM_BEAN,
ATTRIBUTE_LOGIN_FORM_SAVE);
restoreAttribute(session, ATTRIBUTE_LOGIN_STATUS_BEAN,
ATTRIBUTE_LOGIN_STATUS_SAVE);
response.sendRedirect(request.getContextPath() + "/");
}
private void showTheForm(VitroRequest request,
HttpServletResponse response, HttpSession session)
throws ServletException, IOException {
// Logged in as site admin: Form not yet submitted
request.setAttribute("msg", figureMessage(session));
request.setAttribute("title", "Self-Edit Test");
request.setAttribute("bodyJsp", "/admin/fakeselfedit.jsp");
RequestDispatcher rd = request
.getRequestDispatcher(Controllers.BASIC_JSP);
rd.forward(request, response);
}
/** /**
* Check if already logged in from previous form submission * Check if already logged in from previous form submission
*/ */
@ -77,6 +122,24 @@ public class FakeSelfEditController extends VitroHttpServlet {
} }
} }
private void moveAttribute(HttpSession session,
String realAttribute, String saveAttribute) {
Object value = session.getAttribute(realAttribute);
if (value != null) {
session.setAttribute(saveAttribute, value);
session.removeAttribute(realAttribute);
}
}
private void restoreAttribute(HttpSession session,
String realAttribute, String saveAttribute) {
Object value = session.getAttribute(saveAttribute);
if (value != null) {
session.setAttribute(realAttribute, value);
session.removeAttribute(saveAttribute);
}
}
public void doPost(HttpServletRequest request, HttpServletResponse response) public void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException { throws ServletException, IOException {
doGet(request, response); doGet(request, response);