Project

General

Profile

« Previous | Next » 

Revision 3419b32d

Added by Andreas Kohlbecker over 6 years ago

ref #7035 unbinding ConversationHolder on access denied situations

View differences:

src/main/java/eu/etaxonomy/cdm/vaadin/security/AccessRestrictedView.java
17 17 
 * @since Apr 25, 2017
18 18 
 *
19 19 
 */
20 
public interface AccessRestrictedView {
20 
public interface AccessRestrictedView extends ReleasableResourcesView {
21 21 

  		




  22
  22
  
    
    /**


  		




  23
  23
  
    
     * @return


  		












  

    
      src/main/java/eu/etaxonomy/cdm/vaadin/security/AnnotationBasedAccessControlBean.java
    
  





  42
  42
  
    
        // no RequireAuthentication annotation => grant access


  		




  43
  43
  
    

  		




  44
  44
  
    
        if(AccessRestrictedView.class.isAssignableFrom(view.getClass())){


  		




  45
  
  
    
            AccessRestrictedView resticedView = (AccessRestrictedView)view;


  		




  46
  
  
    
            if(resticedView.allowAnonymousAccess()){


  		




  
  45
  
    
            AccessRestrictedView restricedView = (AccessRestrictedView)view;


  		




  
  46
  
    
            if(restricedView.allowAnonymousAccess()){


  		




  47
  47
  
    
                if(logger.isTraceEnabled()){


  		




  48
  48
  
    
                    logger.trace("anonymous access to " + view.getClass().getName() + " allowed");


  		




  49
  49
  
    
                }


  		




  ......




  60
  60
  
    
                if(logger.isTraceEnabled()){


  		




  61
  61
  
    
                    logger.trace("denying access to " + view.getClass().getName());


  		




  62
  62
  
    
                }


  		




  
  63
  
    
                restricedView.releaseResourcesOnAccessDenied();


  		




  63
  64
  
    
                return false;


  		




  64
  65
  
    
                // FIMXE implement further checks


  		




  65
  66
  
    
                // TODO use the UserHelperBean?


  		












  

    
      src/main/java/eu/etaxonomy/cdm/vaadin/security/ReleasableResourcesView.java
    
  





  
  1
  
    
/**


  		




  
  2
  
    
* Copyright (C) 2017 EDIT


  		




  
  3
  
    
* European Distributed Institute of Taxonomy


  		




  
  4
  
    
* http://www.e-taxonomy.eu


  		




  
  5
  
    
*


  		




  
  6
  
    
* The contents of this file are subject to the Mozilla Public License Version 1.1


  		




  
  7
  
    
* See LICENSE.TXT at the top of this package for the full license terms.


  		




  
  8
  
    
*/


  		




  
  9
  
    
package eu.etaxonomy.cdm.vaadin.security;


  		




  
  10
  
    

  		




  
  11
  
    
/**


  		




  
  12
  
    
 * @author a.kohlbecker


  		




  
  13
  
    
 * @since 25.10.2017


  		




  
  14
  
    
 *


  		




  
  15
  
    
 */


  		




  
  16
  
    
public interface ReleasableResourcesView {


  		




  
  17
  
    

  		




  
  18
  
    
    /**


  		




  
  19
  
    
     * Callback


  		




  
  20
  
    
     */


  		




  
  21
  
    
    public void releaseResourcesOnAccessDenied();


  		




  
  22
  
    

  		




  
  23
  
    
}


  		












  

    
      src/main/java/eu/etaxonomy/cdm/vaadin/view/LoginPresenter.java
    
  





  81
  81
  
    
            }


  		




  82
  82
  
    
        } catch (AuthenticationException e){


  		




  83
  83
  
    
            getView().showErrorMessage("Login failed! Please check your username and password.");


  		




  
  84
  
    
        } finally {


  		




  
  85
  
    
            unbindConversation();


  		




  84
  86
  
    
        }


  		




  85
  87
  
    
        return false;


  		




  86
  88
  
    
    }


  		












  

    
      src/main/java/eu/etaxonomy/cdm/vaadin/view/distributionStatus/DistributionTablePresenter.java
    
  





  70
  70
  
    
    @Qualifier("cdmRepository")


  		




  71
  71
  
    
    private CdmRepository repo;


  		




  72
  72
  
    

  		




  
  73
  
    

  		




  73
  74
  
    
	public int updateDistributionField(String distributionAreaString, Object comboValue, Taxon taxon) {


  		




  74
  75
  
    
	    TransactionStatus tx = repo.startTransaction();


  		




  75
  76
  
    
	    taxon = (Taxon)repo.getTaxonService().find(taxon.getUuid());


  		












  

    
      src/main/java/eu/etaxonomy/vaadin/mvp/AbstractView.java
    
  





  11
  11
  
    

  		




  12
  12
  
    
import com.vaadin.ui.CustomComponent;


  		




  13
  13
  
    

  		




  
  14
  
    
import eu.etaxonomy.cdm.vaadin.security.ReleasableResourcesView;


  		




  
  15
  
    

  		




  14
  16
  
    
/**


  		




  15
  17
  
    
 * AbstractView is the base class of all MVP views. It takes care of finding


  		




  16
  18
  
    
 * appropriate presenter component for the view.


  		




  ......




  24
  26
  
    
 */


  		




  25
  27
  
    
@SuppressWarnings("serial")


  		




  26
  28
  
    
public abstract class AbstractView<P extends AbstractPresenter> extends CustomComponent


  		




  27
  
  
    
		implements ApplicationContextAware {


  		




  
  29
  
    
		implements ApplicationContextAware, ReleasableResourcesView {


  		




  28
  30
  
    

  		




  29
  31
  
    

  		




  30
  32
  
    
    public static final Logger logger = Logger.getLogger(AbstractView.class);


  		




  ......




  92
  94
  
    
	public ApplicationEventPublisher getEventBus(){


  		




  93
  95
  
    
	    return eventBus;


  		




  94
  96
  
    
	}


  		




  
  97
  
    

  		




  
  98
  
    
   @Override


  		




  
  99
  
    
    public void releaseResourcesOnAccessDenied() {


  		




  
  100
  
    
        getPresenter().onViewExit();


  		




  
  101
  
    
    }


  		




  95
  102
  
    
}


  		












Also available in:  Unified diff