in jspwiki-main/src/main/java/org/apache/wiki/WikiSession.java [244:366]
public void actionPerformed( final WikiEvent event ) {
if ( event instanceof WikiSecurityEvent ) {
final WikiSecurityEvent e = (WikiSecurityEvent)event;
if ( e.getTarget() != null ) {
switch( e.getType() ) {
case WikiSecurityEvent.GROUP_ADD:
final Group groupAdd = ( Group )e.getTarget();
if( isInGroup( groupAdd ) ) {
m_subject.getPrincipals().add( groupAdd.getPrincipal() );
}
break;
case WikiSecurityEvent.GROUP_REMOVE:
final Group group = ( Group )e.getTarget();
m_subject.getPrincipals().remove( group.getPrincipal() );
break;
case WikiSecurityEvent.GROUP_CLEAR_GROUPS:
m_subject.getPrincipals().removeAll( m_subject.getPrincipals( GroupPrincipal.class ) );
break;
case WikiSecurityEvent.LOGIN_INITIATED:
// Do nothing
break;
case WikiSecurityEvent.PRINCIPAL_ADD:
final WikiSession targetPA = ( WikiSession )e.getTarget();
if( this.equals( targetPA ) && m_status.equals( AUTHENTICATED ) ) {
final Set< Principal > principals = m_subject.getPrincipals();
principals.add( ( Principal )e.getPrincipal() );
}
break;
case WikiSecurityEvent.LOGIN_ANONYMOUS:
final WikiSession targetLAN = ( WikiSession )e.getTarget();
if( this.equals( targetLAN ) ) {
m_status = ANONYMOUS;
// Set the login/user principals and login status
final Set< Principal > principals = m_subject.getPrincipals();
m_loginPrincipal = ( Principal )e.getPrincipal();
m_userPrincipal = m_loginPrincipal;
// Add the login principal to the Subject, and set the built-in roles
principals.clear();
principals.add( m_loginPrincipal );
principals.add( Role.ALL );
principals.add( Role.ANONYMOUS );
}
break;
case WikiSecurityEvent.LOGIN_ASSERTED:
final WikiSession targetLAS = ( WikiSession )e.getTarget();
if( this.equals( targetLAS ) ) {
m_status = ASSERTED;
// Set the login/user principals and login status
final Set< Principal > principals = m_subject.getPrincipals();
m_loginPrincipal = ( Principal )e.getPrincipal();
m_userPrincipal = m_loginPrincipal;
// Add the login principal to the Subject, and set the built-in roles
principals.clear();
principals.add( m_loginPrincipal );
principals.add( Role.ALL );
principals.add( Role.ASSERTED );
}
break;
case WikiSecurityEvent.LOGIN_AUTHENTICATED:
final WikiSession targetLAU = ( WikiSession )e.getTarget();
if( this.equals( targetLAU ) ) {
m_status = AUTHENTICATED;
// Set the login/user principals and login status
final Set< Principal > principals = m_subject.getPrincipals();
m_loginPrincipal = ( Principal )e.getPrincipal();
m_userPrincipal = m_loginPrincipal;
// Add the login principal to the Subject, and set the built-in roles
principals.clear();
principals.add( m_loginPrincipal );
principals.add( Role.ALL );
principals.add( Role.AUTHENTICATED );
// Add the user and group principals
injectUserProfilePrincipals(); // Add principals for the user profile
injectGroupPrincipals(); // Inject group principals
}
break;
case WikiSecurityEvent.PROFILE_SAVE:
final WikiSession sourcePS = e.getSrc();
if( this.equals( sourcePS ) ) {
injectUserProfilePrincipals(); // Add principals for the user profile
injectGroupPrincipals(); // Inject group principals
}
break;
case WikiSecurityEvent.PROFILE_NAME_CHANGED:
// Refresh user principals based on new user profile
final WikiSession sourcePNC = e.getSrc();
if( this.equals( sourcePNC ) && m_status.equals( AUTHENTICATED ) ) {
// To prepare for refresh, set the new full name as the primary principal
final UserProfile[] profiles = ( UserProfile[] )e.getTarget();
final UserProfile newProfile = profiles[ 1 ];
if( newProfile.getFullname() == null ) {
throw new IllegalStateException( "User profile FullName cannot be null." );
}
final Set< Principal > principals = m_subject.getPrincipals();
m_loginPrincipal = new WikiPrincipal( newProfile.getLoginName() );
// Add the login principal to the Subject, and set the built-in roles
principals.clear();
principals.add( m_loginPrincipal );
principals.add( Role.ALL );
principals.add( Role.AUTHENTICATED );
// Add the user and group principals
injectUserProfilePrincipals(); // Add principals for the user profile
injectGroupPrincipals(); // Inject group principals
}
break;
// No action, if the event is not recognized.
default:
break;
}
}
}
}