Fix for AWC-488 - when a permissions "access is denied" occurs for content/externalaccess/template URL then the login page is now shown

git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@2290 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
2025-07-31 17:39:05 +00:00 · 2006-02-03 10:56:47 +00:00
parent da914e0549
commit 2c8233db84
7 changed files with 111 additions and 37 deletions
--- a/source/java/org/alfresco/web/app/servlet/TemplateContentServlet.java
+++ b/source/java/org/alfresco/web/app/servlet/TemplateContentServlet.java
@@ -38,6 +38,8 @@ import org.alfresco.service.cmr.repository.StoreRef;
 import org.alfresco.service.cmr.repository.TemplateException;
 import org.alfresco.service.cmr.repository.TemplateNode;
 import org.alfresco.service.cmr.repository.TemplateService;
+import org.alfresco.service.cmr.security.AccessStatus;
+import org.alfresco.service.cmr.security.PermissionService;
 import org.alfresco.web.app.Application;
 import org.alfresco.web.ui.repo.component.template.DefaultModelHelper;
 import org.apache.commons.logging.Log;
@@ -120,6 +122,20 @@ public class TemplateContentServlet extends HttpServlet
         templateRef = new NodeRef(storeRef, t.nextToken());
      }
      
+      // get the services we need to retrieve the content
+      ServiceRegistry serviceRegistry = ServletHelper.getServiceRegistry(getServletContext());
+      NodeService nodeService = serviceRegistry.getNodeService();
+      TemplateService templateService = serviceRegistry.getTemplateService();
+      PermissionService permissionService = serviceRegistry.getPermissionService();
+      
+      // check that the user has at least READ access on any nodes - else redirect to the login page
+      if (permissionService.hasPermission(nodeRef, PermissionService.READ) == AccessStatus.DENIED ||
+          (templateRef != null && permissionService.hasPermission(templateRef, PermissionService.READ) == AccessStatus.DENIED))
+      {
+         ServletHelper.redirectToLoginPage(req, res, getServletContext());
+         return;
+      }
+      
      String mimetype = MIMETYPE_HTML;
      if (req.getParameter(ARG_MIMETYPE) != null)
      {
@@ -129,11 +145,6 @@ public class TemplateContentServlet extends HttpServlet
      
      try
      {
-         // get the services we need to retrieve the content
-         ServiceRegistry serviceRegistry = ServletHelper.getServiceRegistry(getServletContext());
-         NodeService nodeService = serviceRegistry.getNodeService();
-         TemplateService templateService = serviceRegistry.getTemplateService();
-         
         UserTransaction txn = null;
         try
         {