AbstractSecureContentObjectAspect.java

/*
 * Copyright (C) 2005-2012 BetaCONCEPT Limited
 *
 * This file is part of Astroboa.
 *
 * Astroboa is free software: you can redistribute it and/or modify
 * it under the terms of the GNU Lesser General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * Astroboa is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU Lesser General Public License for more details.
 *
 * You should have received a copy of the GNU Lesser General Public License
 * along with Astroboa.  If not, see <http://www.gnu.org/licenses/>.
 */
package org.betaconceptframework.astroboa.engine.service.security.aspect;

import java.util.Set;

import javax.jcr.Node;
import javax.jcr.NodeIterator;
import javax.jcr.RepositoryException;

import org.apache.commons.lang.StringUtils;
import org.betaconceptframework.astroboa.api.model.exception.CmsException;
import org.betaconceptframework.astroboa.api.model.query.criteria.ContentObjectCriteria;
import org.betaconceptframework.astroboa.api.security.RepositoryUserIdPrincipal;
import org.betaconceptframework.astroboa.context.AstroboaClientContextHolder;
import org.betaconceptframework.astroboa.context.SecurityContext;
import org.betaconceptframework.astroboa.engine.jcr.dao.JcrDaoSupport;
import org.betaconceptframework.astroboa.engine.jcr.query.CmsQueryHandler;
import org.betaconceptframework.astroboa.engine.jcr.query.CmsQueryResult;
import org.betaconceptframework.astroboa.engine.jcr.util.CmsRepositoryEntityUtils;
import org.betaconceptframework.astroboa.engine.service.security.exception.NonAuthenticatedOperationException;
import org.betaconceptframework.astroboa.model.factory.CmsCriteriaFactory;
import org.betaconceptframework.astroboa.model.impl.item.CmsBuiltInItem;
import org.betaconceptframework.astroboa.util.CmsConstants;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;

/**
 * @author Gregory Chomatas (gchomatas@betaconcept.com)
 * @author Savvas Triantafyllou (striantafyllou@betaconcept.com)
 * 
 */
public abstract class AbstractSecureContentObjectAspect extends JcrDaoSupport{

	protected final Logger logger = LoggerFactory.getLogger(getClass());

	@Autowired
	private CmsRepositoryEntityUtils cmsRepositoryEntityUtils;
	
	@Autowired
	private CmsQueryHandler cmsQueryHandler;

	public static SecurityContext retrieveSecurityContext() {
		SecurityContext activeSecurityContext = AstroboaClientContextHolder.getActiveSecurityContext();
		
		if (activeSecurityContext == null){
			throw new NonAuthenticatedOperationException();
		}

		String userId = activeSecurityContext.getIdentity();
		if (StringUtils.isBlank(userId)){
			throw new NonAuthenticatedOperationException();
		}
		
		return activeSecurityContext;
	}
	
	public static boolean userHasRole(SecurityContext activeSecurityContext, String role) {
		return activeSecurityContext.hasRole(role);
	}

	protected void checkContentObjectIsNotNull(Object contentObject, String userId) {
		if (contentObject == null){
			
			if (userId == null){
				SecurityContext activeSecurityContext = retrieveSecurityContext();
				if (activeSecurityContext != null){
					userId = activeSecurityContext.getIdentity();
				}
			}
			
			throw new CmsException("Cannot save null content object for user "+userId);
		}
	}
	
	protected String retrieveOwnerFromContentObjectNode(Node contentObjectNode) throws RepositoryException {

		//Retrieve owner of content object node
		if (! contentObjectNode.hasProperty(CmsBuiltInItem.OwnerCmsIdentifier.getJcrName()))
		{
			//THIS SHOULD NEVER HAPPEN
			logger.error("Found content object node "+ contentObjectNode.getPath() + " without property "+ CmsBuiltInItem.OwnerCmsIdentifier.getJcrName()+
			" This means that a content object was saved without owner...");
			throw new CmsException("System error");
		}

		return contentObjectNode.getProperty(CmsBuiltInItem.OwnerCmsIdentifier.getJcrName()).getString();

	}
	
	protected Node retrieveContentObjectNodeForContentObject(
			String contentObjectId) throws RepositoryException {

		return cmsRepositoryEntityUtils.retrieveUniqueNodeForContentObject(getSession(), contentObjectId);
	}

	public Node getContentObjectNodeByIdOrSystemName(String contentObjectIdOrSystemName){
		try{
			Node contentObjectNode = null;
			
			if (CmsConstants.UUIDPattern.matcher(contentObjectIdOrSystemName).matches()){
				contentObjectNode = cmsRepositoryEntityUtils.retrieveUniqueNodeForContentObject(getSession(), contentObjectIdOrSystemName);

				if (contentObjectNode != null){
					return contentObjectNode;
				}
			}
			else{
				ContentObjectCriteria contentObjectCriteria = CmsCriteriaFactory.newContentObjectCriteria();
				contentObjectCriteria.addSystemNameEqualsCriterion(contentObjectIdOrSystemName);
				contentObjectCriteria.setOffsetAndLimit(0, 1);
				
				CmsQueryResult nodes = cmsQueryHandler.getNodesFromXPathQuery(getSession(), contentObjectCriteria, true);
				
				if (nodes.getTotalRowCount() > 0){
					return ((NodeIterator) nodes.getNodeIterator()).nextNode();
				}
			}
			
			return null;
		}
		catch (Exception e) {
			throw new CmsException(e);
		}
	}
	protected String retrieveRepositoryUserIdForLoggedInUser(
			SecurityContext activeSecurityContext, String userId,
			Node contentObjectNode) throws RepositoryException {

		if (activeSecurityContext.getSubject() != null)
		{
			Set<RepositoryUserIdPrincipal> repositoryUserIdPrincipalSet = activeSecurityContext.getSubject().getPrincipals(RepositoryUserIdPrincipal.class);
		
			if (repositoryUserIdPrincipalSet != null && ! repositoryUserIdPrincipalSet.isEmpty())
			{
				return repositoryUserIdPrincipalSet.iterator().next().getName();
			}
		}

		return null;
	}


}