001/* 002 * Copyright 2017 Anyware Services 003 * 004 * Licensed under the Apache License, Version 2.0 (the "License"); 005 * you may not use this file except in compliance with the License. 006 * You may obtain a copy of the License at 007 * 008 * http://www.apache.org/licenses/LICENSE-2.0 009 * 010 * Unless required by applicable law or agreed to in writing, software 011 * distributed under the License is distributed on an "AS IS" BASIS, 012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 013 * See the License for the specific language governing permissions and 014 * limitations under the License. 015 */ 016package org.ametys.web.rights; 017 018import java.util.ArrayList; 019import java.util.Arrays; 020import java.util.List; 021import java.util.Set; 022import java.util.stream.Collectors; 023 024import org.apache.avalon.framework.context.Context; 025import org.apache.avalon.framework.context.ContextException; 026import org.apache.avalon.framework.context.Contextualizable; 027import org.apache.cocoon.components.ContextHelper; 028import org.apache.cocoon.environment.Request; 029import org.apache.commons.lang3.StringUtils; 030 031import org.ametys.cms.rights.ContentTypeAccessController; 032import org.ametys.core.right.AccessController; 033 034/** 035 * {@link AccessController} for a context objects (strings starting with "/content-types") but limited to the current website. 036 * If no website can be defined, keep the initial context 037 */ 038public class WebContentTypeAccessController extends ContentTypeAccessController implements Contextualizable 039{ 040 private Context _context; 041 042 public void contextualize(Context context) throws ContextException 043 { 044 _context = context; 045 } 046 047 @Override 048 protected Object _convertContext(Object initialContext) 049 { 050 String supportedContext = (String) initialContext; 051 List<String> contexts = new ArrayList<>(Arrays.asList(StringUtils.split(supportedContext, '/'))); 052 contexts.add(1, _getSiteName()); 053 return "/" + StringUtils.join(contexts, "/"); 054 } 055 056 @Override 057 protected Set< ? extends Object> _convertWorkspaceToRootRightContexts(Set<Object> workspacesContexts) 058 { 059 Set< ? extends Object> superContexts = super._convertWorkspaceToRootRightContexts(workspacesContexts); 060 if (superContexts == null) 061 { 062 return null; 063 } 064 065 String sitename = _getSiteName(); 066 067 return superContexts.stream().map(c -> c + "/" + sitename).collect(Collectors.toSet()); 068 } 069 070 private String _getSiteName() 071 { 072 Request request = ContextHelper.getRequest(_context); 073 String siteName = request.getParameter("siteName"); 074 075 if (siteName == null) 076 { 077 siteName = (String) request.getAttribute("siteName"); 078 } 079 080 if (siteName == null) 081 { 082 siteName = (String) request.getAttribute("site"); 083 } 084 085 return siteName; 086 } 087}