Source code

001/*
002 *  Copyright 2016 Anyware Services
003 *
004 *  Licensed under the Apache License, Version 2.0 (the "License");
005 *  you may not use this file except in compliance with the License.
006 *  You may obtain a copy of the License at
007 *
008 *      http://www.apache.org/licenses/LICENSE-2.0
009 *
010 *  Unless required by applicable law or agreed to in writing, software
011 *  distributed under the License is distributed on an "AS IS" BASIS,
012 *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
013 *  See the License for the specific language governing permissions and
014 *  limitations under the License.
015 */
016package org.ametys.core.authentication;
017
018import java.util.Map;
019
020import org.apache.avalon.framework.parameters.Parameters;
021import org.apache.avalon.framework.service.ServiceException;
022import org.apache.avalon.framework.service.ServiceManager;
023import org.apache.cocoon.acting.ServiceableAction;
024import org.apache.cocoon.environment.ObjectModelHelper;
025import org.apache.cocoon.environment.Redirector;
026import org.apache.cocoon.environment.Request;
027import org.apache.cocoon.environment.SourceResolver;
028
029import org.ametys.core.user.CurrentUserProvider;
030import org.ametys.runtime.authentication.AccessDeniedException;
031
032/**
033 * Checks that the current user is authenticated or throw an {@link AccessDeniedException}.
034 */
035public class CheckAuthenticationAction extends ServiceableAction
036{
037    /** The current user provider impl */
038    protected CurrentUserProvider _currentUserProvider;
039    
040    @Override
041    public void service(ServiceManager smanager) throws ServiceException
042    {
043        super.service(smanager);
044        _currentUserProvider = (CurrentUserProvider) smanager.lookup(CurrentUserProvider.ROLE);
045    }
046    
047    @Override
048    public Map act(Redirector redirector, SourceResolver resolver, Map objectModel, String source, Parameters parameters) throws Exception
049    {
050        Request request = ObjectModelHelper.getRequest(objectModel);
051        
052        if (request.getAttribute(AuthenticateAction.REQUEST_ATTRIBUTE_INTERNAL_ALLOWED) == null && _currentUserProvider.getUser() == null)
053        {
054            // user is not authenticated
055            throw new AccessDeniedException("The requested URL '" + request.getSitemapURI() + "' could only be issued by an authenticated user.");
056        }
057        
058        return null;
059    }
060}