litvinovg/vitro
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

NIHVIVO-1379 If not sufficiently authorized to view a restricted page, redirect to home page with a message.

Browse source
This commit is contained in:
jeb228 2010-12-08 22:35:04 +00:00
parent 3c239271e3
commit 9046a9c735
5 changed files with 15 additions and 22 deletions
Download patch file Download diff file Expand all files Collapse all files

1
webapp/src/edu/cornell/mannlib/vitro/webapp/controller/Controllers.java
View file

@ -44,7 +44,6 @@ public class Controllers {
public static final String LOGIN_JSP = "/login";
public static final String LOGOUT_JSP = "/logout";
public static final String INSUFFICIENT_AUTHORIZATION = "/insufficientAuthorization";
public static final String BASIC_JSP = "/templates/page/basicPage.jsp";
public static final String DEBUG_JSP = "/templates/page/debug.jsp";

20
webapp/src/edu/cornell/mannlib/vitro/webapp/controller/VitroHttpServlet.java
View file

@ -21,6 +21,7 @@ import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import edu.cornell.mannlib.vedit.beans.LoginStatusBean;
import edu.cornell.mannlib.vitro.webapp.beans.DisplayMessage;
import edu.cornell.mannlib.vitro.webapp.controller.authenticate.LogoutRedirector;
import edu.cornell.mannlib.vitro.webapp.controller.login.LoginProcessBean;
import edu.cornell.mannlib.vitro.webapp.controller.login.LoginProcessBean.State;
@ -43,6 +44,15 @@ public class VitroHttpServlet extends HttpServlet {
public final static String TTL_MIMETYPE = "text/turtle"; // unofficial and
// unregistered
/**
* Show this to the user if they are logged in, but still not authorized to
* view the page.
*/
private static final String INSUFFICIENT_AUTHORIZATION_MESSAGE = "We're sorry, "
+ "but you are not authorized to view the page you requested. "
+ "If you think this is an error, "
+ "please contact us and we'll be happy to help.";
/**
* Setup the auth flag, portal flag and portal bean objects. Put them in the
* request attributes.
@ -108,15 +118,15 @@ public class VitroHttpServlet extends HttpServlet {
/**
* Logged in, but with insufficent authorization. Send them to the
* corresponding page. They won't be coming back.
* home page with a message. They won't be coming back.
*/
public static void redirectToInsufficientAuthorizationPage(
private static void redirectToInsufficientAuthorizationPage(
HttpServletRequest request, HttpServletResponse response) {
try {
response.sendRedirect(request.getContextPath()
+ Controllers.INSUFFICIENT_AUTHORIZATION);
DisplayMessage.setMessage(request, INSUFFICIENT_AUTHORIZATION_MESSAGE);
response.sendRedirect(request.getContextPath());
} catch (IOException e) {
log.error("Could not redirect to insufficient authorization page.");
log.error("Could not redirect to show insufficient authorization.");
}
}

1
webapp/src/edu/cornell/mannlib/vitro/webapp/controller/freemarker/EmptyController.java
View file

@ -24,7 +24,6 @@ public class EmptyController extends FreemarkerHttpServlet {
private static final Map<String, String> urlsToTemplates = new HashMap<String, String>(){
{
put("/login", "login.ftl");
put("/insufficientAuthorization", "insufficientAuthorization.ftl");
}
};