@Path(":pages") @GET @Produces(MimeTypes.APPLICATION_JSON_UTF8) public NavigationItem getPages() { List<PageInstance> pageInstancePath = new ArrayList<PageInstance>(); PageInstance current = pageInstance; while (current != null) { pageInstancePath.add(0, current); current = current.getParent(); } //TODO |dispatch is not cached in REST calls, so we have to build it from actual page instances //TODO |to avoid building it from scratch and losing potential modifications to page instances title and //TODO |description done by pages in the path. Dispatch dispatch = new Dispatch(pageInstancePath.toArray(new PageInstance[pageInstancePath.size()])); return new Navigation( portofinoConfiguration, dispatch, SecurityUtils.getSubject(), false). getRootNavigationItem(); }
@Override @Before public Resolution prepare() { originalPath = "/"; File rootDir = pagesDir; Page rootPage; try { rootPage = DispatcherLogic.getPage(rootDir); } catch (Exception e) { throw new Error("Couldn't load root page", e); } pageInstance = new PageInstance(null, rootDir, rootPage, SafeModeAction.class); dispatch = new Dispatch(pageInstance); return null; }
protected void checkActionBeanInvocation(ContainerRequestContext requestContext, PageAction pageAction) { Method handler = resourceInfo.getResourceMethod(); List<PageInstance> pageInstancePath = new ArrayList<PageInstance>(); PageInstance last = pageAction.getPageInstance(); while(last != null) { pageInstancePath.add(0, last); last = last.getParent(); } Dispatch dispatch = new Dispatch(pageInstancePath.toArray(new PageInstance[pageInstancePath.size()])); HttpServletRequest request = ElementsThreadLocals.getHttpServletRequest(); if(!SecurityLogic.isAllowed(request, dispatch, pageAction, handler)) { Response.Status status = SecurityUtils.getSubject().isAuthenticated() ? Response.Status.FORBIDDEN : Response.Status.UNAUTHORIZED; requestContext.abortWith(Response.status(status).build()); } else if(!ButtonsLogic.doGuardsPass(pageAction, handler)) { requestContext.abortWith( Response.status(Response.Status.CONFLICT) .entity("The action couldn't be invoked, a guard did not pass") .build()); } else { logger.debug("Portofino-specific security check passed"); } }
dispatch = new Dispatch(pagePath.toArray(new PageInstance[pagePath.size()])); cache.put(path, dispatch); return dispatch;