/*
* Copyright (C) 2005-2007 Alfresco Software Limited.
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or (at your option) any later version.
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
* As a special exception to the terms and conditions of version 2.0 of
* the GPL, you may redistribute this Program in connection with Free/Libre
* and Open Source Software ("FLOSS") applications as described in Alfresco's
* FLOSS exception. You should have recieved a copy of the text describing
* the FLOSS exception, and it is also available here:
* http://www.alfresco.com/legal/licensing"
*/
package org.alfresco.web.app.servlet;
import java.io.IOException;
import java.text.MessageFormat;
import java.util.StringTokenizer;
import javax.faces.application.NavigationHandler;
import javax.faces.context.FacesContext;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.alfresco.repo.webdav.WebDAVServlet;
import org.alfresco.service.ServiceRegistry;
import org.alfresco.service.cmr.repository.NodeRef;
import org.alfresco.service.cmr.repository.StoreRef;
import org.alfresco.service.cmr.security.AccessStatus;
import org.alfresco.service.cmr.security.PermissionService;
import org.alfresco.web.app.AlfrescoNavigationHandler;
import org.alfresco.web.app.Application;
import org.alfresco.web.bean.BrowseBean;
import org.alfresco.web.bean.NavigationBean;
import org.alfresco.web.bean.dashboard.DashboardManager;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
/**
* Servlet allowing external URL access to various global JSF views in the Web Client.
*
* The servlet accepts a well formed URL that can easily be generated from a Content or Space NodeRef.
* The URL also specifies the JSF "outcome" to be executed which provides the correct JSF View to be
* displayed. The JSF "outcome" must equate to a global navigation rule or it will not be displayed.
* Servlet URL is of the form:
*
* http://<server>/alfresco/navigate/<outcome>[/<workspace>/<store>/<nodeId>] or
* http://<server>/alfresco/navigate/<outcome>[/webdav/<path/to/node>]
*
* Like most Alfresco servlets, the URL may be followed by a valid 'ticket' argument for authentication:
* ?ticket=1234567890
*
* And/or also followed by the "?guest=true" argument to force guest access login for the URL.
*
* @author Kevin Roast
*/
public class ExternalAccessServlet extends BaseServlet
{
private static final long serialVersionUID = -4118907921337237802L;
private static Log logger = LogFactory.getLog(ExternalAccessServlet.class);
public final static String OUTCOME_DOCDETAILS = "showDocDetails";
public final static String OUTCOME_SPACEDETAILS = "showSpaceDetails";
public final static String OUTCOME_BROWSE = "browse";
public final static String OUTCOME_MYALFRESCO = "myalfresco";
public final static String OUTCOME_LOGOUT = "logout";
public final static String OUTCOME_DIALOG = "dialog";
public final static String OUTCOME_WIZARD = "wizard";
private static final String ARG_TEMPLATE = "template";
private static final String ARG_PAGE = "page";
/**
* @see javax.servlet.http.HttpServlet#service(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
*/
protected void service(HttpServletRequest req, HttpServletResponse res)
throws ServletException, IOException
{
String uri = req.getRequestURI();
if (logger.isDebugEnabled())
logger.debug("Processing URL: " + uri + (req.getQueryString() != null ? ("?" + req.getQueryString()) : ""));
AuthenticationStatus status = servletAuthenticate(req, res);
if (status == AuthenticationStatus.Failure)
{
return;
}
setNoCacheHeaders(res);
uri = uri.substring(req.getContextPath().length());
StringTokenizer t = new StringTokenizer(uri, "/");
int tokenCount = t.countTokens();
if (tokenCount < 2)
{
throw new IllegalArgumentException("Externally addressable URL did not contain all required args: " + uri);
}
t.nextToken(); // skip servlet name
String outcome = t.nextToken();
// get rest of the tokens arguments
String[] args = new String[tokenCount - 2];
for (int i=0; i= 3)
{
NodeRef nodeRef = null;
int offset = 0;
offset = args.length - 3;
StoreRef storeRef = new StoreRef(args[0+offset], args[1+offset]);
nodeRef = new NodeRef(storeRef, args[2+offset]);
// check that the user has at least READ access - else redirect to the login page
if (permissionService.hasPermission(nodeRef, PermissionService.READ) == AccessStatus.DENIED)
{
if (logger.isDebugEnabled())
logger.debug("User does not have permissions to READ NodeRef: " + nodeRef.toString());
redirectToLoginPage(req, res, getServletContext());
return;
}
// this call sets up the current node Id, and updates or initialises the
// breadcrumb component with the selected node as appropriate.
browseBean.updateUILocation(nodeRef);
// force a "late" refresh of the BrowseBean to handle external servlet access URL
browseBean.externalAccessRefresh();
// check for view mode first argument
if (args[0].equals(ARG_TEMPLATE))
{
browseBean.setDashboardView(true);
}
// the above calls into BrowseBean setup the NavigationHandler automatically
}
else
{
// perform the appropriate JSF navigation outcome
NavigationHandler navigationHandler = fc.getApplication().getNavigationHandler();
navigationHandler.handleNavigation(fc, null, outcome);
}
}
else if (OUTCOME_MYALFRESCO.equals(outcome))
{
// setup the Dashboard Manager ready for the page we want to display
if (req.getParameter(ARG_PAGE) != null)
{
DashboardManager manager = (DashboardManager)FacesHelper.getManagedBean(fc, DashboardManager.BEAN_NAME);
manager.getPageConfig().setCurrentPage(req.getParameter(ARG_PAGE));
}
// perform the appropriate JSF navigation outcome
NavigationHandler navigationHandler = fc.getApplication().getNavigationHandler();
navigationHandler.handleNavigation(fc, null, outcome);
}
else if (OUTCOME_DIALOG.equals(outcome) || OUTCOME_WIZARD.equals(outcome))
{
if (args.length != 0)
{
if (args.length > 1)
{
// if a GUID was passed, use it to init the NavigationBean current context
NavigationBean navigator = (NavigationBean)FacesHelper.getManagedBean(fc, NavigationBean.BEAN_NAME);
navigator.setCurrentNodeId(args[1]);
}
// set the external container session flag so that a plain container gets used
fc.getExternalContext().getSessionMap().put(
AlfrescoNavigationHandler.EXTERNAL_CONTAINER_SESSION, Boolean.TRUE);
NavigationHandler navigationHandler = fc.getApplication().getNavigationHandler();
navigationHandler.handleNavigation(fc, null, outcome + ':' + args[0]);
}
}
else if (OUTCOME_LOGOUT.equals(outcome))
{
// special case for logout
req.getSession().invalidate();
res.sendRedirect(req.getContextPath() + FACES_SERVLET + Application.getLoginPage(getServletContext()));
return;
}
// perform the forward to the page processed by the Faces servlet
String viewId = fc.getViewRoot().getViewId();
getServletContext().getRequestDispatcher(FACES_SERVLET + viewId).forward(req, res);
}
/**
* Generate a URL to the External Access Servlet.
* Allows access to JSF views (via an "outcome" ID) from external URLs.
*
* @param outcome
* @param args
*
* @return URL
*/
public final static String generateExternalURL(String outcome, String args)
{
if (args == null)
{
return MessageFormat.format(EXTERNAL_URL, new Object[] {outcome} );
}
else
{
return MessageFormat.format(EXTERNAL_URL_ARGS, new Object[] {outcome, args} );
}
}
// example: http:///alfresco/navigate/[///]
private static final String EXTERNAL_URL = "/n/{0}";
private static final String EXTERNAL_URL_ARGS = "/n/{0}/{1}";
}