001: package com.sun.jspwiki.community;
002:
003: import java.util.*;
004:
005: import com.iplanet.sso.SSOToken;
006: import com.iplanet.sso.SSOTokenManager;
007: import com.iplanet.sso.SSOException;
008: import javax.servlet.http.HttpServletRequest;
009: import javax.servlet.http.HttpServletResponse;
010:
011: import com.sun.portal.community.Community;
012: import com.sun.portal.community.CommunityFactory;
013: import com.sun.portal.community.CommunityUser;
014: import com.sun.portal.community.RoleId;
015: import com.sun.portal.community.CommunityId;
016: import com.sun.portal.community.CommunityException;
017: import com.sun.portal.community.CommunityDoesNotExistException;
018:
019: import com.ecyrd.jspwiki.WikiEngine;
020: import com.ecyrd.jspwiki.WikiContext;
021: import com.ecyrd.jspwiki.WikiPage;
022: import com.ecyrd.jspwiki.auth.permissions.*;
023: import com.ecyrd.jspwiki.auth.UserProfile;
024:
025: import org.apache.log4j.Logger;
026:
027: public class CommunityContext {
028:
029: private String _userId = null;
030: private String _sessionId = null;
031: private HttpServletRequest _req = null;
032: private HttpServletResponse _res = null;
033: private Map _ctymap = new HashMap();
034:
035: static ThreadLocal _context_tl = new ThreadLocal();
036:
037: static Logger log = Logger.getLogger(CommunityContext.class);
038:
039: public CommunityContext(HttpServletRequest req,
040: HttpServletResponse res) {
041: _req = req;
042: _res = res;
043: }
044:
045: private void _obtainUserInfo() throws SecurityException {
046: try {
047: SSOToken ssoToken = SSOTokenManager.getInstance()
048: .createSSOToken(_req);
049: _sessionId = ssoToken.getTokenID().toString();
050: String userDN = ssoToken.getPrincipal().getName();
051: _userId = userDN;
052: } catch (SSOException ssoEx) {
053: throw new SecurityException(ssoEx.getMessage());
054: }
055:
056: }
057:
058: private String _getUserId() throws SecurityException {
059: if (_userId != null)
060: return _userId;
061: _obtainUserInfo();
062: return _userId;
063: }
064:
065: private String _getSessionId() throws SecurityException {
066: if (_sessionId != null)
067: return _sessionId;
068: _obtainUserInfo();
069: return _sessionId;
070: }
071:
072: private Community _getCommunity(CommunityId cid)
073: throws SSOException, CommunityException {
074: Community c = (Community) _ctymap.get(cid);
075: if (c != null)
076: return c;
077: SSOToken ssoToken = SSOTokenManager.getInstance()
078: .createSSOToken(_req);
079: c = CommunityFactory.getInstance().getCommunity(_req, _res,
080: ssoToken, cid);
081: _ctymap.put(cid, c);
082: return c;
083: }
084:
085: public String getUserId() {
086: return _getUserId();
087: }
088:
089: public String getSessionId() {
090: return _getSessionId();
091: }
092:
093: public Community getCommunity(CommunityId cid) throws SSOException,
094: CommunityException {
095: return _getCommunity(cid);
096: }
097:
098: public boolean checkPermission(WikiPage page, UserProfile wup,
099: WikiPermission permission) {
100: try {
101: String cty = WikiEngine.getWikiName(page.getName());
102: if (cty == null) {
103: //
104: // accessing a global (shared) wiki page
105: //
106:
107: // old behaviour - everyone has all permissions to global pages
108: // new behaviour - unauthenticated users only have view permission to global pages
109: try {
110: String u = getUserId();
111: } catch (SecurityException se) {
112: // user is not logged in - treat as a visitor
113: return WikiPermission.newInstance("view").implies(
114: permission);
115: }
116: // user is authenticated - grant permission to global pages
117: // XXX for developer users only??? amadmin??? devadmin???
118: return true;
119:
120: } else {
121: //
122: // accessing a sub-wiki (portal maps to community) page
123: //
124:
125: CommunityId cid = new CommunityId("jdo__" + cty);
126: Community c = null;
127: try {
128: c = getCommunity(cid);
129: } catch (CommunityDoesNotExistException ce) {
130: return false;
131: }
132:
133: // everyone has read permission if cty is not secure
134: if (!c.isDisabled()
135: && !c.isDeleted()
136: && !c.isSecure()
137: && WikiPermission.newInstance("view").implies(
138: permission))
139: return true;
140:
141: // members have all permissions XXX amadmin? org?
142: CommunityUser cuser = CommunityFactory.getInstance()
143: .getCommunityUser(_req, _getUserId());
144: if (cuser.hasRole(cid, RoleId.MEMBER_ROLE))
145: return true;
146: }
147:
148: } catch (Exception e) {
149: log.warn("Error while checking permission - " + page + ","
150: + permission, e);
151: }
152: return false;
153: }
154:
155: /**
156: * provision the wiki tag swap array with community specific substitutions
157: * XXX any user can do this? switch to service provisioning api?
158: */
159: public void insertTags(String wikiName, Map tags) {
160: // The community name is the same as the (raw) wiki name
161: if (wikiName != null) {
162: try {
163: CommunityId cid = new CommunityId("jdo__" + wikiName);
164: Community c = getCommunity(cid);
165: if (c.isDisabled() || c.isDeleted())
166: return;
167: tags.put("%COMMUNITY_CONTAINER%", "jdo__" + wikiName
168: + "_Container");
169: tags.put("%COMMUNITY_DESCRIPTION%", c.getDescription());
170: } catch (Exception e) {
171: log.warn("Error while provisioning community '"
172: + wikiName + "' ", e);
173: }
174: }
175: }
176:
177: }
|