001package org.apache.turbine.modules.actions.sessionvalidator;
002
003/*
004 * Licensed to the Apache Software Foundation (ASF) under one
005 * or more contributor license agreements.  See the NOTICE file
006 * distributed with this work for additional information
007 * regarding copyright ownership.  The ASF licenses this file
008 * to you under the Apache License, Version 2.0 (the
009 * "License"); you may not use this file except in compliance
010 * with the License.  You may obtain a copy of the License at
011 *
012 *   http://www.apache.org/licenses/LICENSE-2.0
013 *
014 * Unless required by applicable law or agreed to in writing,
015 * software distributed under the License is distributed on an
016 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
017 * KIND, either express or implied.  See the License for the
018 * specific language governing permissions and limitations
019 * under the License.
020 */
021
022import org.apache.commons.lang.StringUtils;
023import org.apache.commons.logging.Log;
024import org.apache.commons.logging.LogFactory;
025import org.apache.turbine.Turbine;
026import org.apache.turbine.om.security.User;
027import org.apache.turbine.pipeline.PipelineData;
028import org.apache.turbine.util.RunData;
029
030/**
031 * SessionValidator for use with the Template Service, the
032 * TemplateSessionValidator is virtually identical to the
033 * {@link TemplateSecureSessionValidator} except that it does not transfer to the
034 * login page when it detects a null user (or a user not logged in).
035 *
036 * <p>The Template Service requires a different Session Validator
037 * because of the way it handles screens.
038 *
039 * <p>Note that you will need to set the template.login property to the
040 * login template.
041 *
042 * @see TemplateSecureSessionValidator
043 * @author <a href="mailto:john.mcnally@clearink.com">John D. McNally</a>
044 * @author <a href="mailto:mbryson@mont.mindspring.com">Dave Bryson</a>
045 * @author <a href="mailto:hps@intermeta.de">Henning P. Schmiedehausen</a>
046 * @author <a href="mailto:peter@courcoux.biz">Peter Courcoux</a>
047 * @version $Id: TemplateSessionValidator.java 1812601 2017-10-19 06:40:28Z gk $
048 */
049public class TemplateSessionValidator
050    extends SessionValidator
051{
052    /** Logging */
053    private static Log log = LogFactory.getLog(TemplateSessionValidator.class);
054
055    /**
056     * Execute the action.
057     *
058     * @param pipelineData Turbine information.
059     * @throws Exception The anonymous user could not be obtained
060     *         from the security service
061     */
062    @Override
063    public void doPerform(PipelineData pipelineData) throws Exception
064    {
065        RunData data = getRunData(pipelineData);
066        // Pull user from session.
067        data.populate();
068
069        // The user may have not logged in, so create a "guest/anonymous" user.
070        if (data.getUser() == null)
071        {
072            log.debug("Fixing up empty User Object!");
073            User anonymousUser = security.getAnonymousUser();
074            data.setUser(anonymousUser);
075            data.save();
076        }
077
078        // make sure we have some way to return a response
079        if (!data.hasScreen() && StringUtils.isEmpty(
080                data.getTemplateInfo().getScreenTemplate()))
081        {
082            if (StringUtils.isNotEmpty(templateHomepage))
083            {
084                data.getTemplateInfo().setScreenTemplate(templateHomepage);
085            }
086            else
087            {
088                data.setScreen(screenHomepage);
089            }
090        } else {
091            handleFormCounterToken(data, false);
092        }
093
094        // we do not want to allow both a screen and template parameter.
095        // The template parameter is dominant.
096        if (data.getTemplateInfo().getScreenTemplate() != null)
097        {
098            data.setScreen(null);
099        }
100
101        // Comply with Turbine 4.0 standards
102        pipelineData.get(Turbine.class).put(User.class, data.getUser());
103    }
104}