mirror of
https://github.com/Alfresco/alfresco-community-repo.git
synced 2025-08-07 17:49:17 +00:00
43ba7b38b5
15579: Merged V3.1 to V3.2
14048: Fixed ETHREEOH-1612: Unable to modify the 'guest' username(s)
14093: Build/test fix - fallout from recent guest changes
15581: Removed reference to 'alfresco.messages.portlets' resource bundle
15582: Fixed merge errors after guest user changes
15583: Merged V3.1 to V3.2
14049: Minor addition to ETHREEOH-1612 fix: Guest and Admin usernames should not be changed AFTER INSTALLATION
14060: Handle null username in calls to authenticate
14086: Removed references to non-existent GROUP_ALFRESCO_GUESTS.
15584: Merged V3.1 to V3.2
14103: Build/test fix - fallout from recent guest changes (revert previous change + move makeHomeFolderIfRequired out of getPersonOrNull)
15585: Merged V3.1 to V3.2
14110: Build/test fix (CMISTest) - fallout from recent guest changes (test server ctx must be init'ed before calling runAs)
14166: Fixed ETHREEOH-2016: Usernames with domain-name separators lead to "bad filename" errors
14184: *RECORD ONLY* Fixed ETHREEOH-2018: NTLM SSO fails with NPE
14495: *RECORD ONLY*
14511: *RECORD ONLY*
14516: ETHREEOH-2162 (DB2 script key rename)
___________________________________________________________________
Modified: svn:mergeinfo
Merged /alfresco/BRANCHES/V3.0:r14494
Merged /alfresco/BRANCHES/V3.1:r14048-14049,14060,14086,14093,14103,14110,14166,14184,14495,14511,14516
Merged /alfresco/BRANCHES/V3.2:r15579,15581-15585
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@16859 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
195 lines
8.2 KiB
Java
195 lines
8.2 KiB
Java
/*
|
|
* Copyright (C) 2005-2007 Alfresco Software Limited.
|
|
*
|
|
* This program is free software; you can redistribute it and/or
|
|
* modify it under the terms of the GNU General Public License
|
|
* as published by the Free Software Foundation; either version 2
|
|
* of the License, or (at your option) any later version.
|
|
|
|
* This program is distributed in the hope that it will be useful,
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
* GNU General Public License for more details.
|
|
|
|
* You should have received a copy of the GNU General Public License
|
|
* along with this program; if not, write to the Free Software
|
|
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
|
|
|
|
* As a special exception to the terms and conditions of version 2.0 of
|
|
* the GPL, you may redistribute this Program in connection with Free/Libre
|
|
* and Open Source Software ("FLOSS") applications as described in Alfresco's
|
|
* FLOSS exception. You should have recieved a copy of the text describing
|
|
* the FLOSS exception, and it is also available here:
|
|
* http://www.alfresco.com/legal/licensing"
|
|
*/
|
|
package org.alfresco.web.app.servlet;
|
|
|
|
import java.io.IOException;
|
|
import java.text.MessageFormat;
|
|
import java.util.Map;
|
|
|
|
import javax.servlet.ServletException;
|
|
import javax.servlet.http.HttpServletRequest;
|
|
import javax.servlet.http.HttpServletResponse;
|
|
|
|
import org.alfresco.model.ContentModel;
|
|
import org.alfresco.repo.security.authentication.AuthenticationUtil;
|
|
import org.alfresco.repo.security.authentication.AuthenticationUtil.RunAsWork;
|
|
import org.alfresco.service.ServiceRegistry;
|
|
import org.alfresco.service.cmr.repository.InvalidNodeRefException;
|
|
import org.alfresco.service.cmr.repository.NodeRef;
|
|
import org.alfresco.service.cmr.repository.NodeService;
|
|
import org.alfresco.service.cmr.security.AuthenticationService;
|
|
import org.alfresco.service.cmr.security.PermissionService;
|
|
import org.alfresco.service.cmr.security.PersonService;
|
|
import org.alfresco.web.bean.repository.User;
|
|
import org.alfresco.web.ui.repo.component.template.DefaultModelHelper;
|
|
import org.apache.commons.logging.Log;
|
|
import org.apache.commons.logging.LogFactory;
|
|
|
|
/**
|
|
* Servlet responsible for streaming content from a template processed against a node directly
|
|
* to the response stream.
|
|
* <p>
|
|
* The URL to the servlet should be generated thus:
|
|
* <pre>/alfresco/template/workspace/SpacesStore/0000-0000-0000-0000</pre>
|
|
* or
|
|
* <pre>/alfresco/template/workspace/SpacesStore/0000-0000-0000-0000/workspace/SpacesStore/0000-0000-0000-0000</pre>
|
|
* or
|
|
* <pre>/alfresco/template?templatePath=/Company%20Home/Data%20Dictionary/Presentation%20Templates/doc_info.ftl&contextPath=/Company%20Home/mydoc.txt</pre>
|
|
* <p>
|
|
* The store protocol, followed by the store ID, followed by the content Node Id used to
|
|
* identify the node to execute the default template for. The second set of elements encode
|
|
* the store and node Id of the template to used if a default is not set or not requested. Instead
|
|
* of using NodeRef references to the template and context, path arguments can be used. The URL args
|
|
* of 'templatePath' and 'contextPath' can be used instead to specify name based encoded Paths to the
|
|
* template and its context.
|
|
* <p>
|
|
* The URL may be followed by a 'mimetype' argument specifying the mimetype to return the result as
|
|
* on the stream. Otherwise it is assumed that HTML is the default response mimetype.
|
|
* <p>
|
|
* Like most Alfresco servlets, the URL may be followed by a valid 'ticket' argument for authentication:
|
|
* ?ticket=1234567890
|
|
* <p>
|
|
* And/or also followed by the "?guest=true" argument to force guest access login for the URL. If the
|
|
* guest=true parameter is used the current session will be logged out and the guest user logged in.
|
|
* Therefore upon completion of this request the current user will be "guest".
|
|
* <p>
|
|
* This servlet only accesses content available to the guest user. If the guest user does not
|
|
* have access to the requested a 401 Forbidden response is returned to the caller.
|
|
* <p>
|
|
* This servlet does not effect the current session, therefore if guest access is required to a
|
|
* resource this servlet can be used without logging out the current user.
|
|
*
|
|
* @author gavinc
|
|
*/
|
|
public class GuestTemplateContentServlet extends BaseTemplateContentServlet
|
|
{
|
|
private static final long serialVersionUID = -2510767849932627519L;
|
|
|
|
private static final Log logger = LogFactory.getLog(GuestTemplateContentServlet.class);
|
|
|
|
private static final String DEFAULT_URL = "/guestTemplate/{0}/{1}/{2}";
|
|
private static final String TEMPLATE_URL = "/guestTemplate/{0}/{1}/{2}/{3}/{4}/{5}";
|
|
|
|
@Override
|
|
protected Log getLogger()
|
|
{
|
|
return logger;
|
|
}
|
|
|
|
@Override
|
|
protected Map<String, Object> buildModel(ServiceRegistry services, HttpServletRequest req,
|
|
NodeRef templateRef)
|
|
{
|
|
// setup the guest user to pass to the build model helper method
|
|
AuthenticationService auth = (AuthenticationService)services.getAuthenticationService();
|
|
PersonService personService = (PersonService)services.getPersonService();
|
|
NodeService nodeService = (NodeService)services.getNodeService();
|
|
|
|
NodeRef guestRef = personService.getPerson(AuthenticationUtil.getGuestUserName());
|
|
User guestUser = new User(AuthenticationUtil.getGuestUserName(), auth.getCurrentTicket(), guestRef);
|
|
NodeRef guestHomeRef = (NodeRef)nodeService.getProperty(guestRef, ContentModel.PROP_HOMEFOLDER);
|
|
if (nodeService.exists(guestHomeRef) == false)
|
|
{
|
|
throw new InvalidNodeRefException(guestHomeRef);
|
|
}
|
|
guestUser.setHomeSpaceId(guestHomeRef.getId());
|
|
|
|
// build the default model
|
|
return DefaultModelHelper.buildDefaultModel(services, guestUser, templateRef, this.imageResolver);
|
|
}
|
|
|
|
/**
|
|
* @see javax.servlet.http.HttpServlet#doGet(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
|
|
*/
|
|
protected void service(HttpServletRequest req, HttpServletResponse res)
|
|
throws ServletException, IOException
|
|
{
|
|
if (logger.isDebugEnabled())
|
|
{
|
|
String queryString = req.getQueryString();
|
|
logger.debug("Setting up guest access to URL: " + req.getRequestURI() +
|
|
((queryString != null && queryString.length() > 0) ? ("?" + queryString) : ""));
|
|
}
|
|
|
|
TemplateContentWork tcw = new TemplateContentWork(req, res);
|
|
AuthenticationUtil.runAs(tcw, AuthenticationUtil.getGuestUserName());
|
|
}
|
|
|
|
/**
|
|
* Helper to generate a URL to process a template against a node.
|
|
* <p>
|
|
* The result of the template is supplied returned as the response.
|
|
*
|
|
* @param nodeRef NodeRef of the content node to generate URL for (cannot be null)
|
|
* @param templateRef NodeRef of the template to process against, or null to use default
|
|
*
|
|
* @return URL to process the template
|
|
*/
|
|
public final static String generateURL(NodeRef nodeRef, NodeRef templateRef)
|
|
{
|
|
if (templateRef == null)
|
|
{
|
|
return MessageFormat.format(DEFAULT_URL, new Object[] {
|
|
nodeRef.getStoreRef().getProtocol(),
|
|
nodeRef.getStoreRef().getIdentifier(),
|
|
nodeRef.getId() } );
|
|
}
|
|
else
|
|
{
|
|
return MessageFormat.format(TEMPLATE_URL, new Object[] {
|
|
nodeRef.getStoreRef().getProtocol(),
|
|
nodeRef.getStoreRef().getIdentifier(),
|
|
nodeRef.getId(),
|
|
templateRef.getStoreRef().getProtocol(),
|
|
templateRef.getStoreRef().getIdentifier(),
|
|
templateRef.getId()} );
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Class to wrap the call to processTemplateRequest.
|
|
*
|
|
* @author gavinc
|
|
*/
|
|
public class TemplateContentWork implements RunAsWork<Object>
|
|
{
|
|
private HttpServletRequest req = null;
|
|
private HttpServletResponse res = null;
|
|
|
|
public TemplateContentWork(HttpServletRequest req, HttpServletResponse res)
|
|
{
|
|
this.req = req;
|
|
this.res = res;
|
|
}
|
|
|
|
public Object doWork() throws Exception
|
|
{
|
|
processTemplateRequest(this.req, this.res, false);
|
|
|
|
return null;
|
|
}
|
|
}
|
|
}
|