|
| 1 | +/** |
| 2 | + * This file is part of the Meeds project (https://meeds.io/). |
| 3 | + * |
| 4 | + * Copyright (C) 2020 - 2024 Meeds Association [email protected] |
| 5 | + * |
| 6 | + * This program is free software; you can redistribute it and/or |
| 7 | + * modify it under the terms of the GNU Lesser General Public |
| 8 | + * License as published by the Free Software Foundation; either |
| 9 | + * version 3 of the License, or (at your option) any later version. |
| 10 | + * This program is distributed in the hope that it will be useful, |
| 11 | + * but WITHOUT ANY WARRANTY; without even the implied warranty of |
| 12 | + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
| 13 | + * Lesser General Public License for more details. |
| 14 | + * |
| 15 | + * You should have received a copy of the GNU Lesser General Public License |
| 16 | + * along with this program; if not, write to the Free Software Foundation, |
| 17 | + * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. |
| 18 | + */ |
| 19 | +package io.meeds.social.handler; |
| 20 | + |
| 21 | +import jakarta.servlet.ServletConfig; |
| 22 | +import jakarta.servlet.http.HttpServletRequest; |
| 23 | +import jakarta.servlet.http.HttpSession; |
| 24 | +import org.apache.commons.lang3.StringUtils; |
| 25 | +import org.exoplatform.container.PortalContainer; |
| 26 | +import org.exoplatform.portal.config.UserPortalConfigService; |
| 27 | +import org.exoplatform.portal.mop.SiteKey; |
| 28 | +import org.exoplatform.portal.url.PortalURLContext; |
| 29 | +import org.exoplatform.services.security.ConversationState; |
| 30 | +import org.exoplatform.social.core.activity.model.ExoSocialActivity; |
| 31 | +import org.exoplatform.social.core.manager.ActivityManager; |
| 32 | +import org.exoplatform.social.core.manager.IdentityManager; |
| 33 | +import org.exoplatform.social.core.space.SpaceAccessType; |
| 34 | +import org.exoplatform.social.core.space.model.Space; |
| 35 | +import org.exoplatform.social.core.space.spi.SpaceService; |
| 36 | +import org.exoplatform.web.ControllerContext; |
| 37 | +import org.exoplatform.web.WebAppController; |
| 38 | +import org.exoplatform.web.WebRequestHandler; |
| 39 | +import org.exoplatform.web.url.URLFactoryService; |
| 40 | +import org.exoplatform.web.url.navigation.NavigationResource; |
| 41 | +import org.exoplatform.web.url.navigation.NodeURL; |
| 42 | + |
| 43 | +import java.io.IOException; |
| 44 | +import java.util.Arrays; |
| 45 | + |
| 46 | +public class ActivityAccessHandler extends WebRequestHandler { |
| 47 | + |
| 48 | + public static final String PAGE_URI = "space-access"; |
| 49 | + |
| 50 | + private IdentityManager identityManager; |
| 51 | + private ActivityManager activityManager; |
| 52 | + |
| 53 | + private SpaceService spaceService; |
| 54 | + |
| 55 | + private URLFactoryService urlFactoryService; |
| 56 | + |
| 57 | + private UserPortalConfigService userPortalConfigService; |
| 58 | + |
| 59 | + |
| 60 | + @Override |
| 61 | + public void onInit(WebAppController controller, ServletConfig sConfig) throws Exception { |
| 62 | + super.onInit(controller, sConfig); |
| 63 | + |
| 64 | + PortalContainer container = PortalContainer.getInstance(); |
| 65 | + this.spaceService = container.getComponentInstanceOfType(SpaceService.class); |
| 66 | + this.identityManager = container.getComponentInstanceOfType(IdentityManager.class); |
| 67 | + this.activityManager = container.getComponentInstanceOfType(ActivityManager.class); |
| 68 | + this.urlFactoryService = container.getComponentInstanceOfType(URLFactoryService.class); |
| 69 | + this.userPortalConfigService = container.getComponentInstanceOfType(UserPortalConfigService.class); |
| 70 | + } |
| 71 | + |
| 72 | + @Override |
| 73 | + public String getHandlerName() { |
| 74 | + return "activity-access"; |
| 75 | + } |
| 76 | + |
| 77 | + @Override |
| 78 | + protected boolean getRequiresLifeCycle() { |
| 79 | + return true; |
| 80 | + } |
| 81 | + |
| 82 | + @Override |
| 83 | + public boolean execute(ControllerContext controllerContext) throws Exception { |
| 84 | + String username = controllerContext.getRequest().getRemoteUser(); |
| 85 | + |
| 86 | + String idParameter = controllerContext.getRequest().getParameter("id"); |
| 87 | + if (idParameter!=null) { |
| 88 | + ExoSocialActivity activity = activityManager.getActivity(idParameter); |
| 89 | + org.exoplatform.services.security.Identity authenticatedUserIdentity = ConversationState.getCurrent().getIdentity(); |
| 90 | + if (activity != null && !activityManager.isActivityViewable(activity, authenticatedUserIdentity)) { |
| 91 | + if (activity.isComment()) { |
| 92 | + activity = activityManager.getActivity(activity.getParentId()); |
| 93 | + } |
| 94 | + String spaceId = activity.getSpaceId(); |
| 95 | + Space space = spaceService.getSpaceById(spaceId); |
| 96 | + if (space == null || Space.HIDDEN.equals(space.getVisibility())) { |
| 97 | + return false; |
| 98 | + } else if (username == null) { |
| 99 | + return false; |
| 100 | + } else { |
| 101 | + processSpaceAccess(controllerContext, authenticatedUserIdentity.getUserId(), space); |
| 102 | + return true; |
| 103 | + } |
| 104 | + } |
| 105 | + } |
| 106 | + return false; |
| 107 | + } |
| 108 | + |
| 109 | + private void processSpaceAccess(ControllerContext controllerContext, |
| 110 | + String remoteId, |
| 111 | + Space space) throws IOException { |
| 112 | + org.exoplatform.social.core.identity.model.Identity identity = identityManager.getOrCreateUserIdentity(remoteId); |
| 113 | + if (identity.isExternal() |
| 114 | + && (space == null || !spaceService.isInvitedUser(space, remoteId))) { |
| 115 | + controllerContext.getResponse().sendRedirect("/"); |
| 116 | + return; |
| 117 | + } |
| 118 | + |
| 119 | + SpaceAccessType spaceAccessType = Arrays.stream(SpaceAccessType.values()) |
| 120 | + .filter(accessType -> accessType.doCheck(remoteId, space)) |
| 121 | + .findFirst() |
| 122 | + .orElse(null); |
| 123 | + sendRedirect(controllerContext, spaceAccessType, space); |
| 124 | + } |
| 125 | + |
| 126 | + private void sendRedirect(ControllerContext controllerContext, SpaceAccessType type, Space space) throws IOException { |
| 127 | + // set original parameter in session to share it with SpaceAccess App after |
| 128 | + // redirection |
| 129 | + HttpServletRequest request = controllerContext.getRequest(); |
| 130 | + HttpSession session = request.getSession(); |
| 131 | + session.setAttribute(SpaceAccessType.ACCESSED_TYPE_KEY, type); |
| 132 | + |
| 133 | + if (space == null) { |
| 134 | + session.removeAttribute(SpaceAccessType.ACCESSED_SPACE_PRETTY_NAME_KEY); |
| 135 | + session.removeAttribute(SpaceAccessType.ACCESSED_SPACE_DISPLAY_NAME_KEY); |
| 136 | + } else { |
| 137 | + session.setAttribute(SpaceAccessType.ACCESSED_SPACE_ID_KEY, space.getId()); |
| 138 | + session.setAttribute(SpaceAccessType.ACCESSED_SPACE_PRETTY_NAME_KEY, space.getDisplayName()); |
| 139 | + session.setAttribute(SpaceAccessType.ACCESSED_SPACE_DISPLAY_NAME_KEY, space.getPrettyName()); |
| 140 | + session.setAttribute(SpaceAccessType.ACCESSED_SPACE_REQUEST_PATH_KEY, request.getRequestURI()); |
| 141 | + } |
| 142 | + |
| 143 | + controllerContext.getResponse().sendRedirect(getURI(controllerContext, PAGE_URI)); |
| 144 | + } |
| 145 | + |
| 146 | + private String getURI(ControllerContext controllerContext, String uri) { |
| 147 | + String portalName = userPortalConfigService.getMetaPortal(); |
| 148 | + |
| 149 | + SiteKey siteKey = SiteKey.portal(portalName); |
| 150 | + NavigationResource resource = new NavigationResource(siteKey.getType(), siteKey.getName(), uri); |
| 151 | + |
| 152 | + NodeURL url = urlFactoryService.newURL(NodeURL.TYPE, new PortalURLContext(controllerContext, siteKey)); |
| 153 | + url.setAjax(false); |
| 154 | + url.setResource(resource); |
| 155 | + return url.toString(); |
| 156 | + } |
| 157 | + |
| 158 | + private String getPageNotFoundSite(String username) { |
| 159 | + return StringUtils.isBlank(username) ? "public" : userPortalConfigService.getMetaPortal(); |
| 160 | + } |
| 161 | +} |
0 commit comments