/** * Gets the subject out of the application session. * <p> * {@inheritDoc} * * @return the subject */ @Override public Subject getSubject() { return getApplicationSession().getSubject(); }
/** * {@inheritDoc} */ public void checkAccess(ISecurable securable) { SecurityHelper.checkAccess(getApplicationSession().getSubject(), securable, getTranslationProvider(), getLocale()); }
/** * Directly delegates execution to the action after having completed its * execution context with the controller's initial context. * <p> * {@inheritDoc} */ public boolean execute(IAction action, Map<String, Object> context) { if (action == null) { return true; } SecurityHelper.checkAccess(getApplicationSession().getSubject(), action, getTranslationProvider(), getLocale()); Map<String, Object> actionContext = getInitialActionContext(); if (context != null) { context.putAll(actionContext); } return action.execute(this, context); }
/** * {@inheritDoc} */ @Override public boolean isAccessGranted(ISecurable securable) { if (SecurityHelper.isSubjectGranted(getApplicationSession().getSubject(), securable)) { if (customSecurityPlugin != null) { try { pushToSecurityContext(securable); Map<String, Object> securityContext = new HashMap<>(); if (getApplicationSession() != null && getApplicationSession().getPrincipal() != null) { securityContext.put(SecurityContextConstants.USER_ROLES, SecurityHelper.getRoles(getApplicationSession().getSubject())); securityContext.put(SecurityContextConstants.USER_ID, getApplicationSession().getUsername()); Map<String, Object> sessionProperties = getApplicationSession().getCustomValues(); sessionProperties.putAll(getApplicationSession().getPrincipal().getCustomProperties()); securityContext.put(SecurityContextConstants.SESSION_PROPERTIES, sessionProperties); } securityContext.putAll(getSecurityContext()); return customSecurityPlugin.isAccessGranted(securable, securityContext); } finally { restoreLastSecurityContextSnapshot(); } } return true; } return false; }
/** * Executes frontend actions and delegates backend actions execution to its * peer backend controller. * <p> * {@inheritDoc} */ public boolean execute(IAction action, Map<String, Object> context) { if (action == null) { return true; } Map<String, Object> actionContext = getInitialActionContext(); context.putAll(actionContext); try { SecurityHelper.checkAccess(getBackendController().getApplicationSession() .getSubject(), action, getTranslationProvider(), getLocale()); if (action.isBackend()) { return executeBackend(action, context); } return executeFrontend(action, context); } catch (Throwable ex) { handleException(ex, context); return false; } }
/** * {@inheritDoc} */ @Override public boolean execute(IActionHandler actionHandler, Map<String, Object> context) { List<IDisplayableAction> actions = getDialogActions(context); context.put(ModalDialogAction.DIALOG_ACTIONS, actions); IViewDescriptor editViewDescriptor = getViewDescriptor(context); IView<E> dialogView = getViewFactory(context).createView(editViewDescriptor, actionHandler, getLocale(context)); String dialogTitle = getI18nName(getTranslationProvider(context), getLocale(context)); if (dialogTitle != null && dialogTitle.length() > 0) { context.put(ModalDialogAction.DIALOG_TITLE, dialogTitle); } context.put(ModalDialogAction.DIALOG_VIEW, dialogView); Object component = getComponentToEdit(context); IModelDescriptor modelDescriptor = getEditModelDescriptor(context); if (modelDescriptor == null && editViewDescriptor instanceof ICardViewDescriptor) { ICardViewDescriptor cvd = (ICardViewDescriptor) editViewDescriptor; String cardName = cvd.getCardNameForModel(component, getBackendController(context).getApplicationSession() .getSubject()); IViewDescriptor vd = cvd.getCardViewDescriptor(cardName); modelDescriptor = vd.getModelDescriptor(); } IValueConnector componentConnector = getBackendController(context).createModelConnector(ACTION_MODEL_NAME, modelDescriptor); componentConnector.setConnectorValue(component); getMvcBinder(context).bind(dialogView.getConnector(), componentConnector); return super.execute(actionHandler, context); }
/** * Sets the JAAS subject to subject aware extensions. Sets the backend * controller to entity lifecycle handler aware extensions. * <p/> * {@inheritDoc} */ @Override protected void configureExtension(IComponentExtension<IComponent> extension) { super.configureExtension(extension); if (getBackendController() != null) { if (extension instanceof ISubjectAware) { ((ISubjectAware) extension).setSubject(getBackendController().getApplicationSession().getSubject()); } if (extension instanceof IApplicationSessionAware) { ((IApplicationSessionAware) extension).setApplicationSession(getBackendController().getApplicationSession()); } } if (extension instanceof IEntityLifecycleHandlerAware) { ((IEntityLifecycleHandlerAware) extension).setEntityLifecycleHandler(getBackendController()); } }
/** * Sets the JAAS subject to subject aware extensions. * <p> * {@inheritDoc} */ @Override protected void configureExtension(IComponentExtension<IComponent> extension) { super.configureExtension(extension); if (getBackendController() != null) { if (extension instanceof ISubjectAware) { ((ISubjectAware) extension).setSubject(getBackendController() .getApplicationSession().getSubject()); } if (extension instanceof IApplicationSessionAware) { ((IApplicationSessionAware) extension) .setApplicationSession(getBackendController() .getApplicationSession()); } } if (extension instanceof IEntityLifecycleHandlerAware) { ((IEntityLifecycleHandlerAware) extension) .setEntityLifecycleHandler(getBackendController()); } }