diff --git a/ccm-core/src/com/arsdigita/kernel/security/LoginContext.java b/ccm-core/src/com/arsdigita/kernel/security/LoginContext.java
index 864579c58..152e9dcd0 100755
--- a/ccm-core/src/com/arsdigita/kernel/security/LoginContext.java
+++ b/ccm-core/src/com/arsdigita/kernel/security/LoginContext.java
@@ -32,16 +32,17 @@ import javax.security.auth.callback.UnsupportedCallbackException;
import org.apache.log4j.Logger;
/**
- * An in-house implementation of JAAS's LoginContext class.
- * Needed to workaround a bug in JAAS 1.0 that requires LoginModules to be
- * loaded by the system classloader. This class loads LoginModules using
- * Class.forName(). The JAAS bug will be fixed in JDK 1.4.
+ * An in-house implementation of JAAS's LoginContext class. Needed to workaround a bug
+ * in JAAS 1.0 that requires LoginModules to be loaded by the system classloader. This class loads
+ * LoginModules using Class.forName(). The JAAS bug will be fixed in JDK 1.4.
*
* @author Sameer Ajmani
* @version $Id: LoginContext.java 287 2005-02-22 00:29:02Z sskracic $
- **/
+ *
+ */
public class LoginContext {
- private final static Logger s_log = Logger.getLogger( LoginContext.class );
+
+ private final static Logger s_log = Logger.getLogger(LoginContext.class);
private Subject m_subject;
private CallbackHandler m_handler;
@@ -64,14 +65,15 @@ public class LoginContext {
Subject subject)
throws LoginException {
this(name, subject, new CallbackHandler() {
- public void handle(Callback[] cbs)
- throws UnsupportedCallbackException {
- if (cbs.length > 0) {
- throw new UnsupportedCallbackException
- (cbs[0], "CallbackHandler not defined");
- }
+
+ public void handle(Callback[] cbs)
+ throws UnsupportedCallbackException {
+ if (cbs.length > 0) {
+ throw new UnsupportedCallbackException(cbs[0], "CallbackHandler not defined");
}
- });
+ }
+
+ });
}
/**
@@ -98,44 +100,37 @@ public class LoginContext {
throw new LoginException("Login config not defined");
}
- AppConfigurationEntry[] entries =
- config.getAppConfigurationEntry(name);
+ AppConfigurationEntry[] entries = config.getAppConfigurationEntry(name);
if (entries == null) {
- throw new LoginException
- ("Login config for '"+name+"' not defined");
+ throw new LoginException("Login config for '" + name + "' not defined");
}
m_modules = new LoginModule[entries.length];
- m_flags = new AppConfigurationEntry.LoginModuleControlFlag
- [entries.length];
+ m_flags = new AppConfigurationEntry.LoginModuleControlFlag[entries.length];
for (int i = 0; i < m_modules.length; i++) {
String module = entries[i].getLoginModuleName();
try {
- m_modules[i] = (LoginModule)
- Class.forName(module).newInstance();
+ m_modules[i] = (LoginModule) Class.forName(module).newInstance();
m_modules[i].initialize(m_subject, m_handler, m_shared,
entries[i].getOptions());
m_flags[i] = entries[i].getControlFlag();
} catch (ClassNotFoundException e) {
- throw new KernelLoginException(module+" not found", e);
+ throw new KernelLoginException(module + " not found", e);
} catch (ExceptionInInitializerError e) {
- throw new KernelLoginException(module+" initializer error", e);
+ throw new KernelLoginException(module + " initializer error", e);
} catch (LinkageError e) {
- throw new KernelLoginException(module+" linkage error", e);
+ throw new KernelLoginException(module + " linkage error", e);
} catch (IllegalAccessException e) {
- throw new KernelLoginException
- (module+" illegal access: "
- +"requires public no-argument constructor", e);
+ throw new KernelLoginException(module + " illegal access: "
+ + "requires public no-argument constructor", e);
} catch (InstantiationException e) {
- throw new KernelLoginException
- (module+" instantiation exception: "
- +"requires public no-argument constructor", e);
+ throw new KernelLoginException(module + " instantiation exception: "
+ + "requires public no-argument constructor", e);
} catch (SecurityException e) {
- throw new KernelLoginException
- (module+" security exception: check permissions", e);
+ throw new KernelLoginException(module + " security exception: check permissions", e);
} catch (ClassCastException e) {
- throw new KernelLoginException(module+" not a LoginModule", e);
+ throw new KernelLoginException(module + " not a LoginModule", e);
}
}
}
@@ -156,16 +151,15 @@ public class LoginContext {
// login
for (int i = 0; i < m_modules.length; i++) {
try {
- if( s_log.isDebugEnabled() ) {
- s_log.debug( "Login on " + m_modules[i].getClass().getName() );
- }
+ if (s_log.isDebugEnabled()) {
+ s_log.debug("Login on " + m_modules[i].getClass().getName());
+ }
m_modules[i].login();
- s_log.debug( "Login succeeded" );
+ s_log.debug("Login succeeded");
- if (m_flags[i] == AppConfigurationEntry
- .LoginModuleControlFlag.SUFFICIENT) {
+ if (m_flags[i] == AppConfigurationEntry.LoginModuleControlFlag.SUFFICIENT) {
// sufficient module succeeded
break; // end login
}
@@ -174,16 +168,14 @@ public class LoginContext {
first = e;
}
- if( s_log.isDebugEnabled() ) {
- s_log.debug( "Login failed: " + m_flags[i], e );
- }
+ if (s_log.isDebugEnabled()) {
+ s_log.debug("Login failed: " + m_flags[i], e);
+ }
- if (m_flags[i] == AppConfigurationEntry
- .LoginModuleControlFlag.REQUIRED) {
+ if (m_flags[i] == AppConfigurationEntry.LoginModuleControlFlag.REQUIRED) {
// required module failed
gotFailure = true;
- } else if (m_flags[i] == AppConfigurationEntry
- .LoginModuleControlFlag.REQUISITE) {
+ } else if (m_flags[i] == AppConfigurationEntry.LoginModuleControlFlag.REQUISITE) {
// requisite module failed
gotFailure = true;
break; // end login
@@ -191,29 +183,29 @@ public class LoginContext {
}
}
- if( s_log.isDebugEnabled() ) {
- s_log.debug( "gotFailure: " + gotFailure );
- }
+ if (s_log.isDebugEnabled()) {
+ s_log.debug("gotFailure: " + gotFailure);
+ }
// commit
if (!gotFailure) {
// We want to report the first interesting exception. If we got here
- // then login succeeded, so that's no longer interesting.
- first = null;
+ // then login succeeded, so that's no longer interesting.
+ first = null;
- s_log.debug( "Doing commit" );
+ s_log.debug("Doing commit");
for (int i = 0; i < m_modules.length; i++) {
try {
- if( s_log.isDebugEnabled() ) {
- s_log.debug( "Commit on " + m_modules[i].getClass().getName() );
- }
+ if (s_log.isDebugEnabled()) {
+ s_log.debug("Commit on " + m_modules[i].getClass().getName());
+ }
m_modules[i].commit();
- s_log.debug( "Commit succeeded" );
+ s_log.debug("Commit succeeded");
} catch (LoginException e) {
- s_log.debug( "Commit failed", e );
+ s_log.debug("Commit failed", e);
gotFailure = true;
if (first == null) {
@@ -227,20 +219,20 @@ public class LoginContext {
// commit failed, fall through to abort
}
- s_log.debug( "Doing abort" );
+ s_log.debug("Doing abort");
// abort
for (int i = 0; i < m_modules.length; i++) {
try {
- if( s_log.isDebugEnabled() ) {
- s_log.debug( "Abort on " + m_modules[i].getClass().getName() );
- }
+ if (s_log.isDebugEnabled()) {
+ s_log.debug("Abort on " + m_modules[i].getClass().getName());
+ }
m_modules[i].abort();
- s_log.debug( "Abort succeeded" );
+ s_log.debug("Abort succeeded");
} catch (LoginException e) {
- s_log.debug( "Abort failed", e );
+ s_log.debug("Abort failed", e);
gotFailure = true;
if (first == null) {
@@ -274,4 +266,5 @@ public class LoginContext {
throw first;
}
}
+
}
diff --git a/ccm-core/src/com/arsdigita/kernel/security/UserContext.java b/ccm-core/src/com/arsdigita/kernel/security/UserContext.java
index 9b87fd0d6..860eea90e 100755
--- a/ccm-core/src/com/arsdigita/kernel/security/UserContext.java
+++ b/ccm-core/src/com/arsdigita/kernel/security/UserContext.java
@@ -57,8 +57,7 @@ import org.apache.commons.codec.binary.Base64;
import org.apache.log4j.Logger;
/**
- * Provides methods for logging in and logging out the current user and
- * accessing the user ID.
+ * Provides methods for logging in and logging out the current user and accessing the user ID.
*
* @author Sameer Ajmani
* @version $Id: UserContext.java 1498 2007-03-19 16:22:15Z apevec $
@@ -102,31 +101,28 @@ public class UserContext {
}
/**
- * Loads the values for this UserContext from the given
- * Subject.
+ * Loads the values for this UserContext from the given Subject.
*/
private void loadValues(Subject subject)
throws LoginException {
// read the user ID (m_user loaded in getUser)
m_userID = getUserID(subject);
- s_log.debug("userID == "+m_userID);
+ s_log.debug("userID == " + m_userID);
// check whether recovering from forgotten password
m_recovering = RecoveryLoginModule
.isRecovering(subject);
- s_log.debug("recovering == "+m_recovering);
+ s_log.debug("recovering == " + m_recovering);
// read set of URL params provided by login modules
m_params = subject.getPublicCredentials(ParameterData.class);
- s_log.debug("params.size == "+m_params.size());
+ s_log.debug("params.size == " + m_params.size());
}
/**
- * Creates a user context from an HTTP request. Attempts to log in the
- * user automatically to load the user ID. Code should access this
- * class using
+ * Creates a user context from an HTTP request. Attempts to log in the user automatically to
+ * load the user ID. Code should access this class using
* KernelHelper.getKernelRequestContext(req).getUserContext().
*
- * @throws RedirectException if the user should be redirected to the
- * login page.
+ * @throws RedirectException if the user should be redirected to the login page.
*/
public UserContext(HttpServletRequest req,
HttpServletResponse res)
@@ -144,7 +140,7 @@ public class UserContext {
*
* @throws AccountNotFoundException if the target user does not exist.
*
- * @throws LoginException if login(User) fails.
+ * @throws LoginException if login(User) fails.
*/
public void login(String username)
throws LoginException {
@@ -153,8 +149,7 @@ public class UserContext {
login(UserAuthentication.retrieveForLoginName(username).getUser());
s_log.debug("SUCCESS login(username)");
} catch (DataObjectNotFoundException e) {
- throw new AccountNotFoundException
- ("user "+username+" does not exist", e);
+ throw new AccountNotFoundException("user " + username + " does not exist", e);
}
}
@@ -165,7 +160,7 @@ public class UserContext {
*
* @throws AccountNotFoundException if the target user does not exist.
*
- * @throws LoginException if login(User) fails.
+ * @throws LoginException if login(User) fails.
*/
public void login(BigDecimal userID)
throws LoginException {
@@ -174,8 +169,7 @@ public class UserContext {
login(User.retrieve(userID));
s_log.debug("SUCCESS login(userID)");
} catch (DataObjectNotFoundException e) {
- throw new AccountNotFoundException
- ("user "+userID+" does not exist", e);
+ throw new AccountNotFoundException("user " + userID + " does not exist", e);
}
}
@@ -184,10 +178,10 @@ public class UserContext {
*
* @param target the User to become
*
- * @throws FailedLoginException if the current user is not logged in,
- * doesn't exist, or doesn't have admin privileges on the target user.
+ * @throws FailedLoginException if the current user is not logged in, doesn't exist, or doesn't
+ * have admin privileges on the target user.
*
- * @throws LoginException if an error occurs.
+ * @throws LoginException if an error occurs.
*/
public void login(User target)
throws LoginException {
@@ -207,29 +201,27 @@ public class UserContext {
// Now we check whether the target user is banned. If they are then
// it is not possible to become this user. This situation will be
// generally avoided by hiding the 'become user' link for banned users
- if(Kernel.getSecurityConfig().isUserBanOn() && target.isBanned()) {
+ if (Kernel.getSecurityConfig().isUserBanOn() && target.isBanned()) {
throw new LoginException("This user is currently banned");
}
- PermissionDescriptor superuser = new PermissionDescriptor
- (PrivilegeDescriptor.ADMIN, target, user);
+ PermissionDescriptor superuser = new PermissionDescriptor(PrivilegeDescriptor.ADMIN, target,
+ user);
if (!PermissionService.checkPermission(superuser)) {
s_log.debug("FAILURE login(User): insufficient privileges");
SecurityLogger.warn("user " + user.getID()
- + " failed to log in as user "
- + target.getID()
- + " due to insufficient privileges");
- throw new FailedLoginException
- ("insufficient privileges to become target user");
+ + " failed to log in as user "
+ + target.getID()
+ + " due to insufficient privileges");
+ throw new FailedLoginException("insufficient privileges to become target user");
}
// set the target user ID in the Subject and login
Subject subject = new Subject();
subject.getPrincipals().add(new PartyPrincipal(target.getID()));
CallbackHandler handler = new RequestCallbackHandler();
- LoginContext context = new LoginContext
- (REQUEST_LOGIN_CONTEXT, subject, handler);
+ LoginContext context = new LoginContext(REQUEST_LOGIN_CONTEXT, subject, handler);
clearValues();
context.login();
loadValues(context.getSubject());
@@ -249,8 +241,7 @@ public class UserContext {
/**
* Determines whether the user is logged in.
*
- * @return true if the user is logged in,
- * false otherwise.
+ * @return true if the user is logged in, false otherwise.
*/
public boolean isLoggedIn() {
return (m_userID != null);
@@ -259,15 +250,14 @@ public class UserContext {
/**
* Determines whether the user is recovering a forgotten password.
*
- * @return true if the user is recovering,
- * false otherwise.
+ * @return true if the user is recovering, false otherwise.
*/
public boolean isRecovering() {
return m_recovering;
}
/**
- * Returns URL parameters that authenticate this user. Package-private.
+ * Returns URL parameters that authenticate this user. Package-private.
*
* @return an unmodifiable set of bebop ParameterData.
*/
@@ -276,22 +266,18 @@ public class UserContext {
}
/**
- * Returns the set of all possible URL params used by UserContext.
- * Package-private.
+ * Returns the set of all possible URL params used by UserContext. Package-private.
*
* @return an unmodifiable set of bebop ParameterModels.
*/
static Set getModels() {
try {
// LoginModules add ParameterModels to Subject in initialize()
- LoginContext context =
- new LoginContext(REQUEST_LOGIN_CONTEXT);
- return Collections.unmodifiableSet
- (context.getSubject().getPublicCredentials
- (ParameterModel.class));
+ LoginContext context = new LoginContext(REQUEST_LOGIN_CONTEXT);
+ return Collections.unmodifiableSet(context.getSubject().getPublicCredentials(
+ ParameterModel.class));
} catch (LoginException e) {
- throw new UncheckedWrapperException
- ("Could not load context", e);
+ throw new UncheckedWrapperException("Could not load context", e);
}
}
@@ -310,12 +296,10 @@ public class UserContext {
}
/**
- * Returns a User object for the current user. Subsequent calls to this
- * method return references to the same User object until the
- * logout method is called.
+ * Returns a User object for the current user. Subsequent calls to this method return references
+ * to the same User object until the logout method is called.
*
- * @return the User object for the logged in user or null if the
- * user is not found.
+ * @return the User object for the logged in user or null if the user is not found.
*
* @throws IllegalStateException if the user is not logged in.
*/
@@ -330,18 +314,17 @@ public class UserContext {
if (m_user != null) {
m_user.disconnect();
}
-
- }
+
+ }
return m_user;
}
/**
- * Logs in the user from data in the current request. Checks the
- * session ID using SessionContext.
+ * Logs in the user from data in the current request. Checks the session ID using
+ * SessionContext.
*
- * @throws RedirectException if the user should be redirected to the
- * login page.
+ * @throws RedirectException if the user should be redirected to the login page.
*/
private void login()
throws RedirectException {
@@ -357,8 +340,8 @@ public class UserContext {
// Check that the user making this request is not banned. If they
// are we logout the context and throw an exception.
- if(Kernel.getSecurityConfig().isUserBanOn()
- && User.retrieve(m_userID).isBanned()) {
+ if (Kernel.getSecurityConfig().isUserBanOn()
+ && User.retrieve(m_userID).isBanned()) {
context.logout();
throw new LoginException("This user is banned");
}
@@ -378,8 +361,8 @@ public class UserContext {
if (!success) {
// common code for all exception cases
if (Util.getSecurityHelper().requiresLogin(m_req)) {
- s_log.debug("This request requires logging in; " +
- "requesting redirect to login UI");
+ s_log.debug("This request requires logging in; "
+ + "requesting redirect to login UI");
redirectToLoginPage(m_req);
} else {
s_log.debug("This request does not require logging in");
@@ -400,6 +383,7 @@ public class UserContext {
*/
private class RequestCallbackHandler
implements CallbackHandler {
+
String m_username = null;
char[] m_password = null;
@@ -408,20 +392,19 @@ public class UserContext {
// HTTP Basic Authentication
String auth = m_req.getHeader("Authorization");
if ((auth == null)
- || !auth.toUpperCase().startsWith("BASIC")) {
+ || !auth.toUpperCase().startsWith("BASIC")) {
return;
}
String encoded = auth.substring(6).trim(); // remove "Basic "
byte[] decoded = new Base64().decode(
- encoded.getBytes(Crypto.CHARACTER_ENCODING));
+ encoded.getBytes(Crypto.CHARACTER_ENCODING));
String userpass = new String(decoded, Crypto.CHARACTER_ENCODING);
int colon = userpass.indexOf(':');
if (colon < 0) {
return;
}
m_username = userpass.substring(0, colon);
- m_password = userpass.substring
- (colon+1, userpass.length()).toCharArray();
+ m_password = userpass.substring(colon + 1, userpass.length()).toCharArray();
} catch (IOException e) {
throw new UncheckedWrapperException(e);
}
@@ -433,32 +416,30 @@ public class UserContext {
for (int i = 0; i < callbacks.length; i++) {
Callback cb = callbacks[i];
if (cb instanceof HTTPRequestCallback) {
- ((HTTPRequestCallback)cb).setRequest
- (UserContext.this.m_req);
+ ((HTTPRequestCallback) cb).setRequest(UserContext.this.m_req);
} else if (cb instanceof HTTPResponseCallback) {
- ((HTTPResponseCallback)cb).setResponse
- (UserContext.this.m_res);
+ ((HTTPResponseCallback) cb).setResponse(UserContext.this.m_res);
} else if (cb instanceof LifetimeCallback) {
- ((LifetimeCallback)cb).setForever(false);
+ ((LifetimeCallback) cb).setForever(false);
} else if (cb instanceof NameCallback) {
- ((NameCallback)cb).setName(m_username);
+ ((NameCallback) cb).setName(m_username);
} else if (cb instanceof PasswordCallback) {
- ((PasswordCallback)cb).setPassword(m_password);
+ ((PasswordCallback) cb).setPassword(m_password);
} else {
UserContext.reportUnsupportedCallback(cb);
}
}
}
+
}
/**
- * Creates a URL to send the user to the login page and then return to
- * the current page.
+ * Creates a URL to send the user to the login page and then return to the current page.
*
* @throws com.arsdigita.web.LoginSignal
*/
@@ -467,25 +448,24 @@ public class UserContext {
}
/**
- * Name of the request parameter that stores the URL to return to after
- * redirecting to the login page.
+ * Name of the request parameter that stores the URL to return to after redirecting to the login
+ * page.
*
- * @deprecated Use com.arsdigita.ui.login.LoginHelper.RETURN_URL_PARAM_NAME
- * instead
+ * @deprecated Use com.arsdigita.ui.login.LoginHelper.RETURN_URL_PARAM_NAME instead
*/
public final static String RETURN_URL_PARAM_NAME = "return_url";
/**
- * Encodes the given request into a return URL parameter. Returns
+ * Encodes the given request into a return URL parameter. Returns
* URLencode(returnURL) where returnURL is
- * returnURI?key=URLencode(val)&.... The original
- * parameter values are doubly-encoded so that they are decoded
- * appropriately.
+ * returnURI?key=URLencode(val)&.... The original parameter values are
+ * doubly-encoded so that they are decoded appropriately.
*
*
* @param req the request to encode
*
* @return the URL-encoded parameter
+ *
* @deprecated This should be moved to a more appropriate class.
*/
public static String encodeReturnURL(HttpServletRequest req) {
@@ -515,33 +495,30 @@ public class UserContext {
}
/**
- * Logs in the user. Checks the session ID using
- * SessionContext.
+ * Logs in the user. Checks the session ID using SessionContext.
*
* @param username the user's username
* @param password the user's password
- * @param forever true if the user requests permanent login
+ * @param forever true if the user requests permanent login
*
* @throws LoginException if login fails.
*/
public void login(String username,
char[] password,
boolean forever)
- throws LoginException {
+ throws LoginException {
s_log.debug("START login(username, password, forever)");
try {
- CallbackHandler handler = new LoginCallbackHandler
- (username, password, forever);
- LoginContext context = new LoginContext
- (REGISTER_LOGIN_CONTEXT, handler);
+ CallbackHandler handler = new LoginCallbackHandler(username, password, forever);
+ LoginContext context = new LoginContext(REGISTER_LOGIN_CONTEXT, handler);
clearValues();
context.login();
// We now check if the user is banned and, if so, we don't allow
// the user to login.
- if(Kernel.getSecurityConfig().isUserBanOn()
- && UserAuthentication.retrieveForLoginName(username).getUser()
- .isBanned()) {
+ if (Kernel.getSecurityConfig().isUserBanOn()
+ && UserAuthentication.retrieveForLoginName(username).getUser()
+ .isBanned()) {
throw new LoginException("This user is currently banned");
}
@@ -555,9 +532,10 @@ public class UserContext {
}
/**
- * Logs in the user using alternative "RegisterSSO" login context.
- * It is expected that SSO token is present in the request
- * @see SimpleSSOLoginModule
+ * Logs in the user using alternative "RegisterSSO" login context. It is expected that SSO token
+ * is present in the request
+ *
+ * @see SimpleSSOLoginModule
* @throws LoginException
*/
public void loginSSO() throws LoginException {
@@ -568,7 +546,7 @@ public class UserContext {
CallbackHandler handler = new RequestCallbackHandler();
LoginContext context = new LoginContext(REGISTER_SSO_LOGIN_CONTEXT,
- handler);
+ handler);
clearValues();
context.login();
@@ -592,24 +570,25 @@ public class UserContext {
/**
* Constructor.
- *
+ *
* @param username
* @param password
- * @param forever
+ * @param forever
*/
public LoginCallbackHandler(String username,
char[] password,
boolean forever) {
m_username = username;
m_password = password;
- m_forever = forever;
+ m_forever = forever;
}
/**
- *
+ *
* @param callbacks
+ *
* @throws IOException
- * @throws UnsupportedCallbackException
+ * @throws UnsupportedCallbackException
*/
public void handle(Callback[] callbacks)
throws IOException, UnsupportedCallbackException {
@@ -617,27 +596,26 @@ public class UserContext {
for (int i = 0; i < callbacks.length; i++) {
Callback cb = callbacks[i];
if (cb instanceof HTTPRequestCallback) {
- ((HTTPRequestCallback)cb).setRequest
- (UserContext.this.m_req);
+ ((HTTPRequestCallback) cb).setRequest(UserContext.this.m_req);
} else if (cb instanceof HTTPResponseCallback) {
- ((HTTPResponseCallback)cb).setResponse
- (UserContext.this.m_res);
+ ((HTTPResponseCallback) cb).setResponse(UserContext.this.m_res);
} else if (cb instanceof LifetimeCallback) {
- ((LifetimeCallback)cb).setForever(m_forever);
+ ((LifetimeCallback) cb).setForever(m_forever);
} else if (cb instanceof NameCallback) {
- ((NameCallback)cb).setName(m_username);
+ ((NameCallback) cb).setName(m_username);
} else if (cb instanceof PasswordCallback) {
- ((PasswordCallback)cb).setPassword(m_password);
+ ((PasswordCallback) cb).setPassword(m_password);
} else {
UserContext.reportUnsupportedCallback(cb);
}
}
}
+
}
/**
@@ -650,23 +628,22 @@ public class UserContext {
private BigDecimal getUserID(Subject subject) throws LoginException {
Iterator principals = subject.getPrincipals(PartyPrincipal.class)
- .iterator();
+ .iterator();
if (!principals.hasNext()) {
- throw new FailedLoginException
- ("no principal available after login");
+ throw new FailedLoginException("no principal available after login");
}
return ((PartyPrincipal) principals.next()).getID();
}
/**
- * Logs out the user. Clears the cached User object. Loads a new
- * session ID using SessionContext.
+ * Logs out the user. Clears the cached User object. Loads a new session ID using
+ * SessionContext.
*
* @throws LoginException if logout fails.
*/
- public void logout() throws LoginException {
+ public void logout() throws LoginException {
s_log.debug("START logout");
CallbackHandler handler = new RequestCallbackHandler();
@@ -679,15 +656,15 @@ public class UserContext {
}
/**
- * Reports an unsupported callback to the debug log and throws an
- * exception. Package-private.
+ * Reports an unsupported callback to the debug log and throws an exception. Package-private.
*
* @throws UnsupportedCallbackException with appropriate error message
*/
static void reportUnsupportedCallback(Callback cb)
- throws UnsupportedCallbackException {
- s_log.error ("Unsupported callback: "
- +(cb == null ? null : cb.getClass().getName()));
+ throws UnsupportedCallbackException {
+ s_log.error("Unsupported callback: "
+ + (cb == null ? null : cb.getClass().getName()));
throw new UnsupportedCallbackException(cb);
}
+
}
diff --git a/ccm-core/src/com/arsdigita/ui/admin/UserBrowsePane.java b/ccm-core/src/com/arsdigita/ui/admin/UserBrowsePane.java
index b4182e290..9d4366418 100755
--- a/ccm-core/src/com/arsdigita/ui/admin/UserBrowsePane.java
+++ b/ccm-core/src/com/arsdigita/ui/admin/UserBrowsePane.java
@@ -18,8 +18,6 @@
*/
package com.arsdigita.ui.admin;
-
-
import com.arsdigita.ui.admin.ApplicationsAdministrationTab;
import com.arsdigita.bebop.ActionLink;
import com.arsdigita.bebop.BoxPanel;
@@ -53,7 +51,7 @@ import com.arsdigita.bebop.table.TableModel;
import com.arsdigita.bebop.table.TableModelBuilder;
import com.arsdigita.domain.DataObjectNotFoundException;
import com.arsdigita.globalization.GlobalizedMessage;
-import com.arsdigita.ui.UI ;
+import com.arsdigita.ui.UI;
import com.arsdigita.web.URL;
import com.arsdigita.web.Web;
import com.arsdigita.web.RedirectSignal;
@@ -78,23 +76,21 @@ import java.util.ArrayList;
import org.apache.log4j.Logger;
/**
- * This pane contains three main segmented panel which only one is visible at
- * any given time. The first panel is a table listing all available users in
- * the system. The second panel displays read only user information. And the
- * third panel is edit form.
+ * This pane contains three main segmented panel which only one is visible at any given time. The
+ * first panel is a table listing all available users in the system. The second panel displays read
+ * only user information. And the third panel is edit form.
*
* @author David Dao
* @author Ron Henderson
* @version $Id: UserBrowsePane.java 1372 2006-11-13 09:22:54Z chrisgilbert23 $
*/
-
class UserBrowsePane extends SegmentedPanel
- implements TableCellRenderer,
- TableActionListener,
- Resettable,
- ActionListener,
- AdminConstants,
- ChangeListener {
+ implements TableCellRenderer,
+ TableActionListener,
+ Resettable,
+ ActionListener,
+ AdminConstants,
+ ChangeListener {
private static final Logger s_log = Logger.getLogger(UserBrowsePane.class);
@@ -141,26 +137,27 @@ class UserBrowsePane extends SegmentedPanel
}
/**
- * Creates a new UserBrowsePane with multiple panels to help
- * manage various aspects of a user's account.
+ * Creates a new UserBrowsePane with multiple panels to help manage various aspects of a user's
+ * account.
*/
- public UserBrowsePane () {
+ public UserBrowsePane() {
m_user = new RequestLocal() {
- protected Object initialValue(PageState ps) {
- BigDecimal id = (BigDecimal) ps.getValue(USER_ID_PARAM);
- User user;
+ protected Object initialValue(PageState ps) {
+ BigDecimal id = (BigDecimal) ps.getValue(USER_ID_PARAM);
- try {
- user = User.retrieve(id);
- } catch (DataObjectNotFoundException ex) {
- throw new UncheckedWrapperException
- ("Failed to retrieve user: " + id);
- }
+ User user;
- return user;
+ try {
+ user = User.retrieve(id);
+ } catch (DataObjectNotFoundException ex) {
+ throw new UncheckedWrapperException("Failed to retrieve user: " + id);
}
- };
+
+ return user;
+ }
+
+ };
m_userBrowsePanel = buildUserBrowsePanel();
m_panelList.add(m_userBrowsePanel);
@@ -197,26 +194,27 @@ class UserBrowsePane extends SegmentedPanel
/**
* Build the User Information panel
*/
- private Component buildUserInfoPanel () {
+ private Component buildUserInfoPanel() {
// Edit user link
- ActionLink link = new ActionLink
- (new Label(new GlobalizedMessage("ui.admin.user.editlink",
- BUNDLE_NAME)));
+ ActionLink link = new ActionLink(new Label(new GlobalizedMessage("ui.admin.user.editlink",
+ BUNDLE_NAME)));
link.addActionListener(new ActionListener() {
- public void actionPerformed(ActionEvent e) {
- PageState ps = e.getPageState();
- displayEditPanel(ps);
- }
- });
+
+ public void actionPerformed(ActionEvent e) {
+ PageState ps = e.getPageState();
+ displayEditPanel(ps);
+ }
+
+ });
link.setClassAttr("actionLink");
BoxPanel panel = new BoxPanel();
-
+
// panel.add(new UserInfo(this));
final ColumnPanel colPanel = new ColumnPanel(2);
-
+
colPanel.add(new Label(new GlobalizedMessage("ui.admin.user.userinfo.name", BUNDLE_NAME)));
final Label userName = new Label();
userName.addPrintListener(new PrintListener() {
@@ -224,15 +222,17 @@ class UserBrowsePane extends SegmentedPanel
@Override
public void prepare(final PrintEvent event) {
final Label target = (Label) event.getTarget();
- final PageState state = event.getPageState();
+ final PageState state = event.getPageState();
final User user = getUser(state);
-
+
target.setLabel(user.getName());
}
+
});
colPanel.add(userName);
-
- colPanel.add(new Label(new GlobalizedMessage("ui.admin.user.userinfo.screenname", BUNDLE_NAME)));
+
+ colPanel.add(new Label(new GlobalizedMessage("ui.admin.user.userinfo.screenname",
+ BUNDLE_NAME)));
final Label userScreenname = new Label();
userScreenname.addPrintListener(new PrintListener() {
@@ -241,34 +241,32 @@ class UserBrowsePane extends SegmentedPanel
final Label target = (Label) event.getTarget();
final PageState state = event.getPageState();
final User user = getUser(state);
-
+
target.setLabel(user.getScreenName());
}
+
});
colPanel.add(userScreenname);
-
- colPanel.add(new Label(new GlobalizedMessage("ui.admin.user.userinfo.primaryemail", BUNDLE_NAME)));
+
+ colPanel.add(new Label(new GlobalizedMessage("ui.admin.user.userinfo.primaryemail",
+ BUNDLE_NAME)));
final Label userEmail = new Label();
userEmail.addPrintListener(new PrintListener() {
@Override
public void prepare(final PrintEvent event) {
final Label target = (Label) event.getTarget();
- final PageState state = event.getPageState();
+ final PageState state = event.getPageState();
final User user = getUser(state);
-
+
target.setLabel(user.getPrimaryEmail().getEmailAddress());
}
+
});
colPanel.add(userEmail);
-
-
-
-
+
panel.add(colPanel);
panel.add(link);
-
-
return addSegment(USER_INFO_LABEL, panel);
}
@@ -276,9 +274,8 @@ class UserBrowsePane extends SegmentedPanel
/**
* Build the User Edit panel
*/
- private Component buildUserEditPanel () {
- return addSegment
- (USER_EDIT_PANEL_HEADER, new UserEditForm(this));
+ private Component buildUserEditPanel() {
+ return addSegment(USER_EDIT_PANEL_HEADER, new UserEditForm(this));
}
/**
@@ -311,65 +308,69 @@ class UserBrowsePane extends SegmentedPanel
BoxPanel p = new BoxPanel();
// Update password link
-
ActionLink link = new ActionLink(UPDATE_USER_PASSWORD_LABEL);
link.addActionListener(new ActionListener() {
- public void actionPerformed(ActionEvent e) {
- PageState ps = e.getPageState();
- displayUserPasswordPanel(ps);
- }
- });
+
+ public void actionPerformed(ActionEvent e) {
+ PageState ps = e.getPageState();
+ displayUserPasswordPanel(ps);
+ }
+
+ });
link.setClassAttr("actionLink");
p.add(link);
// Become user link
// This will not be shown when the user is banned to prevent security issues
- link = new ActionLink(BECOME_USER_LABEL){
- public boolean isVisible(PageState s) {
- if(!super.isVisible(s)) {
- return false;
- }
- User u = getUser(s);
- return (!u.isBanned());
- }
- };
+ link = new ActionLink(BECOME_USER_LABEL) {
+
+ public boolean isVisible(PageState s) {
+ if (!super.isVisible(s)) {
+ return false;
+ }
+ User u = getUser(s);
+ return (!u.isBanned());
+ }
+
+ };
link.setClassAttr("actionLink");
link.addActionListener(new ActionListener() {
- public void actionPerformed (ActionEvent e) {
- PageState state = e.getPageState();
- BigDecimal id = (BigDecimal) state.getValue(USER_ID_PARAM);
- try {
- UserContext uc = Web.getUserContext();
- uc.login(id);
- } catch (javax.security.auth.login.LoginException ex) {
- throw new UncheckedWrapperException("access denied", ex);
- }
+ public void actionPerformed(ActionEvent e) {
+ PageState state = e.getPageState();
+ BigDecimal id = (BigDecimal) state.getValue(USER_ID_PARAM);
- // Redirect to workspace URL
- final String path = UI.getUserRedirectURL(state.getRequest());
-
- final URL url = URL.there(state.getRequest(), path);
-
- throw new RedirectSignal(url, true);
+ try {
+ UserContext uc = Web.getUserContext();
+ uc.login(id);
+ } catch (javax.security.auth.login.LoginException ex) {
+ throw new UncheckedWrapperException("access denied", ex);
}
- });
+
+ // Redirect to workspace URL
+ final String path = UI.getUserRedirectURL(state.getRequest());
+
+ final URL url = URL.there(state.getRequest(), path);
+
+ throw new RedirectSignal(url, true);
+ }
+
+ });
p.add(link);
// Show all users
-
- link = new ActionLink(new Label
- (new GlobalizedMessage("ui.admin.user.browselink",
- BUNDLE_NAME)));
+ link = new ActionLink(new Label(new GlobalizedMessage("ui.admin.user.browselink",
+ BUNDLE_NAME)));
link.setClassAttr("actionLink");
link.addActionListener(new ActionListener() {
- public void actionPerformed(ActionEvent e) {
- PageState ps = e.getPageState();
- displayUserBrowsePanel(ps);
- }
- });
- p.add(link);
+ public void actionPerformed(ActionEvent e) {
+ PageState ps = e.getPageState();
+ displayUserBrowsePanel(ps);
+ }
+
+ });
+ p.add(link);
return addSegment(USER_ACTION_PANEL_HEADER, p);
}
@@ -379,123 +380,131 @@ class UserBrowsePane extends SegmentedPanel
*/
private Component buildExtremeActionPanel() {
- ActionLink deleteLink = new ActionLink(USER_DELETE_LABEL){
- public boolean isVisible(PageState s) {
- if(!super.isVisible(s)) {
- return false;
- }
+ ActionLink deleteLink = new ActionLink(USER_DELETE_LABEL) {
+
+ public boolean isVisible(PageState s) {
+ if (!super.isVisible(s)) {
+ return false;
+ }
// We show the delete link if the user has never published an item
- // This implicitly checks whether the user is banned - if they
+ // This implicitly checks whether the user is banned - if they
// are deletable they cannot ever have been banned
- User u = getUser(s);
- return (!hasUserPublishedItems(u));
- }
+ User u = getUser(s);
+ return (!hasUserPublishedItems(u));
+ }
+
};
deleteLink.setClassAttr("actionLink");
deleteLink.setConfirmation(USER_DELETE_CONFIRMATION.localize().toString());
deleteLink.addActionListener(new ActionListener() {
- public void actionPerformed (ActionEvent e) {
- PageState state = e.getPageState();
- User user = getUser(state);
- // Delete the user's authentication record
- try {
- UserAuthentication.retrieveForUser(user).delete();
- } catch (DataObjectNotFoundException ex) {
- // ignore this
- }
+ public void actionPerformed(ActionEvent e) {
+ PageState state = e.getPageState();
+ User user = getUser(state);
+ // Delete the user's authentication record
+ try {
+ UserAuthentication.retrieveForUser(user).delete();
+ } catch (DataObjectNotFoundException ex) {
+ // ignore this
+ }
// Delete the user. This might throw an exception
- // because of integrity constraints, which will be
- // fixed when we can mark accounts deleted rather
- // than try to do a "hard delete". For now we'll
- // just catch the exception and display an error
- // message, but note that the account is no longer
- // available for login.
-
- try {
- user.delete();
- displayUserBrowsePanel(state);
- } catch (PersistenceException ex) {
- s_log.error("Unable to delete user: " +
- ex.getMessage());
- displayUserDeleteFailedPanel(state);
- }
+ // because of integrity constraints, which will be
+ // fixed when we can mark accounts deleted rather
+ // than try to do a "hard delete". For now we'll
+ // just catch the exception and display an error
+ // message, but note that the account is no longer
+ // available for login.
+ try {
+ user.delete();
+ displayUserBrowsePanel(state);
+ } catch (PersistenceException ex) {
+ s_log.error("Unable to delete user: " + ex.getMessage());
+ displayUserDeleteFailedPanel(state);
+ }
} // End ActionPerformed method
+
} // End of new ActionListener definition
- );
+ );
// Add link inside a BoxPanel for correct alignment with other
// page elements.
- ActionLink banLink = new ActionLink(USER_BAN_LABEL){
- public boolean isVisible(PageState s) {
- if(!super.isVisible(s)) {
- return false;
- }
+ ActionLink banLink = new ActionLink(USER_BAN_LABEL) {
+
+ public boolean isVisible(PageState s) {
+ if (!super.isVisible(s)) {
+ return false;
+ }
// We show the ban link if the user is not already banned and has never published
- // an item
- User u = getUser(s);
- return ((!u.isBanned()) && (hasUserPublishedItems(u)));
- }
- };
- banLink.setClassAttr("actionLink");
- banLink.setConfirmation(USER_BAN_CONFIRMATION.localize().toString());
- banLink.addActionListener(new ActionListener() {
- public void actionPerformed (ActionEvent e) {
- PageState state = e.getPageState();
- User user = getUser(state);
- user.setBanned(true);
- user.save();
- } // End ActionPerformed method
- } // End of new ActionListener definition
- );
+ // an item
+ User u = getUser(s);
+ return ((!u.isBanned()) && (hasUserPublishedItems(u)));
+ }
+
+ };
+ banLink.setClassAttr("actionLink");
+ banLink.setConfirmation(USER_BAN_CONFIRMATION.localize().toString());
+ banLink.addActionListener(new ActionListener() {
+
+ public void actionPerformed(ActionEvent e) {
+ PageState state = e.getPageState();
+ User user = getUser(state);
+ user.setBanned(true);
+ user.save();
+ } // End ActionPerformed method
- ActionLink unbanLink = new ActionLink(USER_UNBAN_LABEL){
- public boolean isVisible(PageState s) {
- if(!super.isVisible(s)) {
- return false;
- }
- PageState state = s.getPageState();
- User user = getUser(state);
- return user.isBanned();
- }
- };
- unbanLink.setClassAttr("actionLink");
- unbanLink.setConfirmation(USER_UNBAN_CONFIRMATION.localize().toString());
- unbanLink.addActionListener(new ActionListener() {
- public void actionPerformed (ActionEvent e) {
- PageState state = e.getPageState();
- User user = getUser(state);
- user.setBanned(false);
- user.save();
- } // End ActionPerformed method
} // End of new ActionListener definition
- );
+ );
+
+ ActionLink unbanLink = new ActionLink(USER_UNBAN_LABEL) {
+
+ public boolean isVisible(PageState s) {
+ if (!super.isVisible(s)) {
+ return false;
+ }
+ PageState state = s.getPageState();
+ User user = getUser(state);
+ return user.isBanned();
+ }
+
+ };
+ unbanLink.setClassAttr("actionLink");
+ unbanLink.setConfirmation(USER_UNBAN_CONFIRMATION.localize().toString());
+ unbanLink.addActionListener(new ActionListener() {
+
+ public void actionPerformed(ActionEvent e) {
+ PageState state = e.getPageState();
+ User user = getUser(state);
+ user.setBanned(false);
+ user.save();
+ } // End ActionPerformed method
+
+ } // End of new ActionListener definition
+ );
// Add link inside a BoxPanel for correct alignment with other
// page elements.
-
-
BoxPanel p = new BoxPanel();
p.add(deleteLink);
- p.add(banLink);
- p.add(unbanLink);
+ p.add(banLink);
+ p.add(unbanLink);
return addSegment(USER_TAB_EXTREME_ACTION_LABEL, p);
}
/**
- * Build a panel to display an error message when unable to delete
- * a user.
+ * Build a panel to display an error message when unable to delete a user.
*/
private Component buildUserDeleteFailedPanel() {
ActionLink link = new ActionLink(USER_ACTION_CONTINUE);
link.addActionListener(new ActionListener() {
- public void actionPerformed (ActionEvent e) {
- PageState state = e.getPageState();
- displayUserInfoPanel(state);
- }
- });
+
+ public void actionPerformed(ActionEvent e) {
+ PageState state = e.getPageState();
+ displayUserInfoPanel(state);
+ }
+
+ });
Label label = new Label(USER_DELETE_FAILED_MSG);
label.setClassAttr("deleteFailedMessage");
@@ -508,11 +517,10 @@ class UserBrowsePane extends SegmentedPanel
}
/**
- * Build the Browse User panel. Displays a list of all registered
- * users.
+ * Build the Browse User panel. Displays a list of all registered users.
*/
private Component buildUserBrowsePanel() {
- String headers[] = new String[] {
+ String headers[] = new String[]{
"ID", "Name", "Screen Name", "Email", "SSO login"
};
@@ -525,15 +533,16 @@ class UserBrowsePane extends SegmentedPanel
}
private class GroupsModelBuilder extends LockableImpl
- implements ListModelBuilder, AdminConstants {
+ implements ListModelBuilder, AdminConstants {
+
public ListModel makeModel(List list, PageState state) {
User user = getUser(state);
- GroupCollection groups = user.getGroups();
+ GroupCollection groups = user.getGroups();
groups.addOrder("lower(name)");
return new PartyListModel(groups);
}
- }
+ }
void displayUserInfoPanel(PageState ps) {
hideAll(ps);
@@ -564,13 +573,12 @@ class UserBrowsePane extends SegmentedPanel
}
/**
- * Hides all components of the UserBrowsePane in preparation for
- * turning selected components back on.
+ * Hides all components of the UserBrowsePane in preparation for turning selected components
+ * back on.
*/
private void hideAll(PageState ps) {
for (int i = 0; i < m_panelList.size(); i++) {
- ((Component) m_panelList.get(i)).setVisible
- (ps, false);
+ ((Component) m_panelList.get(i)).setVisible(ps, false);
}
}
@@ -605,76 +613,76 @@ class UserBrowsePane extends SegmentedPanel
displayUserBrowsePanel(ps);
}
-
- public void setTabbedPane (TabbedPane tabbedPane) {
+ public void setTabbedPane(TabbedPane tabbedPane) {
m_tabbedPane = tabbedPane;
}
- public void setGroupAdministrationTab(GroupAdministrationTab
- groupAdministrationTab) {
+ public void setGroupAdministrationTab(GroupAdministrationTab groupAdministrationTab) {
m_groupAdministrationTab = groupAdministrationTab;
}
- public void setSitemapAdministrationTab(ApplicationsAdministrationTab
- sitemapAdministrationTab) {
+ public void setSitemapAdministrationTab(ApplicationsAdministrationTab sitemapAdministrationTab) {
m_sitemapAdministrationTab = sitemapAdministrationTab;
}
- // This is how we check if a user is banned or not
- private boolean hasUserPublishedItems(User user) {
- DataQuery query = user.getSession().retrieveQuery("com.arsdigita.versioning.UserPublications");
- query.setParameter("value", new Integer(user.getID().intValue()) );
- query.next();
- Integer count = (Integer) query.get("theCount");
- query.close();
- return count.intValue()!=0;
- }
+ // This is how we check if a user is banned or not
+ private boolean hasUserPublishedItems(User user) {
+ DataQuery query = user.getSession().retrieveQuery(
+ "com.arsdigita.versioning.UserPublications");
+ query.setParameter("value", new Integer(user.getID().intValue()));
+ query.next();
+ Integer count = (Integer) query.get("theCount");
+ query.close();
+ return count.intValue() != 0;
+ }
/**
* Display group information panel when a group name is clicked.
*/
- public void stateChanged (ChangeEvent e) {
- if ( e.getSource() == m_groupList ) {
- if ( m_tabbedPane != null &&
- m_groupAdministrationTab != null ) {
+ public void stateChanged(ChangeEvent e) {
+ if (e.getSource() == m_groupList) {
+ if (m_tabbedPane != null && m_groupAdministrationTab != null) {
PageState ps = e.getPageState();
String id = (String) m_groupList.getSelectedKey(ps);
if (id != null) {
Group group = null;
try {
group = new Group(new BigDecimal(id));
- } catch(DataObjectNotFoundException exc) {
+ } catch (DataObjectNotFoundException exc) {
// Silently ignore if group does not exist.
}
- m_groupAdministrationTab.setGroup (ps, group);
+ m_groupAdministrationTab.setGroup(ps, group);
m_groupAdministrationTab.displayGroupInfoPanel(ps);
- m_tabbedPane.setSelectedIndex (ps, GROUP_TAB_INDEX);
+ m_tabbedPane.setSelectedIndex(ps, GROUP_TAB_INDEX);
} else {
reset(ps);
}
}
}
}
+
}
class UserTableModelBuilder extends LockableImpl implements TableModelBuilder {
+
public TableModel makeModel(Table t, PageState s) {
return new UserTableModel();
}
+
}
+class UserTableModel implements TableModel {
-
-class UserTableModel implements TableModel{
private DataQuery m_coll;
public UserTableModel() {
- m_coll = SessionManager.getSession().retrieveQuery("com.arsdigita.ui.admin.RetrieveAllUsersInfo");
+ m_coll = SessionManager.getSession().retrieveQuery(
+ "com.arsdigita.ui.admin.RetrieveAllUsersInfo");
// some kind of order added - ideally ordering should be by
- // last name then first name, but query returns both as a single
- // item chris.gilbert@westsussex.gov.uk
- m_coll.addOrder("lower(userDisplayName)");
+ // last name then first name, but query returns both as a single
+ // item chris.gilbert@westsussex.gov.uk
+ m_coll.addOrder("lower(userDisplayName)");
}
diff --git a/ccm-navigation/src/com/arsdigita/navigation/ui/object/AtoZObjectList.java b/ccm-navigation/src/com/arsdigita/navigation/ui/object/AtoZObjectList.java
index 36a916699..939cefc2a 100755
--- a/ccm-navigation/src/com/arsdigita/navigation/ui/object/AtoZObjectList.java
+++ b/ccm-navigation/src/com/arsdigita/navigation/ui/object/AtoZObjectList.java
@@ -51,7 +51,7 @@ public class AtoZObjectList extends AbstractObjectList {
private String m_titleProperty = ACSObject.DISPLAY_NAME;
public void setTitleProperty(String property) {
- Assert.isLocked(this);
+ //Assert.isLocked(this);
m_titleProperty = property;
}
diff --git a/ccm-sci-bundle/web/themes/foundry-base/conf/bebop-contextbar.xsl b/ccm-sci-bundle/web/themes/foundry-base/conf/bebop-contextbar.xsl
new file mode 100644
index 000000000..a75579651
--- /dev/null
+++ b/ccm-sci-bundle/web/themes/foundry-base/conf/bebop-contextbar.xsl
@@ -0,0 +1,4 @@
+
+
+ ->
+
\ No newline at end of file
diff --git a/ccm-sci-bundle/web/themes/foundry-base/conf/bebop.xml b/ccm-sci-bundle/web/themes/foundry-base/conf/bebop.xml
new file mode 100644
index 000000000..45eba49c9
--- /dev/null
+++ b/ccm-sci-bundle/web/themes/foundry-base/conf/bebop.xml
@@ -0,0 +1,4 @@
+
+
+ ⓘ
+
\ No newline at end of file
diff --git a/ccm-sci-bundle/web/themes/foundry-base/conf/cms.xml b/ccm-sci-bundle/web/themes/foundry-base/conf/cms.xml
new file mode 100644
index 000000000..9420406cb
--- /dev/null
+++ b/ccm-sci-bundle/web/themes/foundry-base/conf/cms.xml
@@ -0,0 +1,7 @@
+
+
+ horizontal
+ false
+
+
+
\ No newline at end of file
diff --git a/ccm-sci-bundle/web/themes/foundry-base/conf/css-files.xml b/ccm-sci-bundle/web/themes/foundry-base/conf/css-files.xml
new file mode 100644
index 000000000..54f1ac1c7
--- /dev/null
+++ b/ccm-sci-bundle/web/themes/foundry-base/conf/css-files.xml
@@ -0,0 +1,15 @@
+
+
+
+ admin.css
+
+
+ admin.css
+
+
+ public.css
+
+
+ public.css
+
+
\ No newline at end of file
diff --git a/ccm-sci-bundle/web/themes/foundry-base/conf/global.xml b/ccm-sci-bundle/web/themes/foundry-base/conf/global.xml
new file mode 100644
index 000000000..090a8d949
--- /dev/null
+++ b/ccm-sci-bundle/web/themes/foundry-base/conf/global.xml
@@ -0,0 +1,18 @@
+
+
+
+
+
+
+
+
+ master
+
+
+
+ foundry/images/scientificcms_logo.png
+
+
\ No newline at end of file
diff --git a/ccm-sci-bundle/web/themes/foundry-base/conf/templates.xml b/ccm-sci-bundle/web/themes/foundry-base/conf/templates.xml
new file mode 100644
index 000000000..cb5a30c55
--- /dev/null
+++ b/ccm-sci-bundle/web/themes/foundry-base/conf/templates.xml
@@ -0,0 +1,48 @@
+
+
+
+
+ admin-layout.xml
+ admin-layout.xml
+ portal-workspace.xml
+ portal-workspace-grid.xml
+ admin-layout.xml
+ portal-workspace.xml
+ default-layout.xml
+
+
+
+
+
+ content-items/article-detail.xml
+
+
+ content-items/bookmark-detail.xml
+
+
+ content-items/event-detail.xml
+
+
+ content-items/mpa-detail.xml
+
+
+ content-items/news-detail.xml
+
+ content-items/detail-default.xml
+
+
+ content-items/link-default.xml
+
+
+
+ content-items/article-list.xml
+
+
+ content-items/mpa-list.xml
+
+ content-items/list-default.xml
+
+
+
\ No newline at end of file
diff --git a/ccm-sci-bundle/web/themes/foundry-base/fonts/_README_ b/ccm-sci-bundle/web/themes/foundry-base/fonts/_README_
new file mode 100644
index 000000000..a590cd675
--- /dev/null
+++ b/ccm-sci-bundle/web/themes/foundry-base/fonts/_README_
@@ -0,0 +1 @@
+This directory contains fonts used by the theme
diff --git a/ccm-sci-bundle/web/themes/foundry-base/images/_README_ b/ccm-sci-bundle/web/themes/foundry-base/images/_README_
new file mode 100644
index 000000000..50bf9ad9c
--- /dev/null
+++ b/ccm-sci-bundle/web/themes/foundry-base/images/_README_
@@ -0,0 +1,2 @@
+Decorating images for the theme. All other images should be managed using
+the CMS
diff --git a/ccm-sci-bundle/web/themes/foundry-base/styles/_README_ b/ccm-sci-bundle/web/themes/foundry-base/styles/_README_
new file mode 100644
index 000000000..508dc7f1d
--- /dev/null
+++ b/ccm-sci-bundle/web/themes/foundry-base/styles/_README_
@@ -0,0 +1 @@
+This directory contains the CSS files for the theme.
diff --git a/ccm-sci-bundle/web/themes/foundry-base/styles/public.css b/ccm-sci-bundle/web/themes/foundry-base/styles/public.css
new file mode 100644
index 000000000..cb60c5497
--- /dev/null
+++ b/ccm-sci-bundle/web/themes/foundry-base/styles/public.css
@@ -0,0 +1,5 @@
+/*
+
+Public CSS file
+
+*/
\ No newline at end of file
diff --git a/ccm-sci-bundle/web/themes/foundry-base/templates/content-items/article-detail.xml b/ccm-sci-bundle/web/themes/foundry-base/templates/content-items/article-detail.xml
new file mode 100644
index 000000000..1f928aa12
--- /dev/null
+++ b/ccm-sci-bundle/web/themes/foundry-base/templates/content-items/article-detail.xml
@@ -0,0 +1,16 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/ccm-sci-bundle/web/themes/foundry-base/templates/content-items/article-list.xml b/ccm-sci-bundle/web/themes/foundry-base/templates/content-items/article-list.xml
new file mode 100644
index 000000000..3d82092e3
--- /dev/null
+++ b/ccm-sci-bundle/web/themes/foundry-base/templates/content-items/article-list.xml
@@ -0,0 +1,9 @@
+
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/ccm-sci-bundle/web/themes/foundry-base/templates/content-items/bookmark-detail.xml b/ccm-sci-bundle/web/themes/foundry-base/templates/content-items/bookmark-detail.xml
new file mode 100644
index 000000000..af813c9ae
--- /dev/null
+++ b/ccm-sci-bundle/web/themes/foundry-base/templates/content-items/bookmark-detail.xml
@@ -0,0 +1,13 @@
+
+
+
+
\ No newline at end of file
diff --git a/ccm-sci-bundle/web/themes/foundry-base/templates/content-items/detail-default.xml b/ccm-sci-bundle/web/themes/foundry-base/templates/content-items/detail-default.xml
new file mode 100644
index 000000000..3d4f29220
--- /dev/null
+++ b/ccm-sci-bundle/web/themes/foundry-base/templates/content-items/detail-default.xml
@@ -0,0 +1,9 @@
+
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/ccm-sci-bundle/web/themes/foundry-base/templates/content-items/event-detail.xml b/ccm-sci-bundle/web/themes/foundry-base/templates/content-items/event-detail.xml
new file mode 100644
index 000000000..7aa67d210
--- /dev/null
+++ b/ccm-sci-bundle/web/themes/foundry-base/templates/content-items/event-detail.xml
@@ -0,0 +1,72 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+ start-date
+
+
+
+
+
+
+
+ T
+
+
+
+
+
+
+
+ end-date
+
+
+
+
+
+
+
+ T
+
+
+
+
+
+
+
+ location
+
+
+
+
+
+
+ event-type
+
+
+
+
+
+
+ main-contributor
+
+
+
+
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/ccm-sci-bundle/web/themes/foundry-base/templates/content-items/link-default.xml b/ccm-sci-bundle/web/themes/foundry-base/templates/content-items/link-default.xml
new file mode 100644
index 000000000..85758cdf1
--- /dev/null
+++ b/ccm-sci-bundle/web/themes/foundry-base/templates/content-items/link-default.xml
@@ -0,0 +1,6 @@
+
+
+
+
+
+
\ No newline at end of file
diff --git a/ccm-sci-bundle/web/themes/foundry-base/templates/content-items/list-default.xml b/ccm-sci-bundle/web/themes/foundry-base/templates/content-items/list-default.xml
new file mode 100644
index 000000000..d619470a7
--- /dev/null
+++ b/ccm-sci-bundle/web/themes/foundry-base/templates/content-items/list-default.xml
@@ -0,0 +1,6 @@
+
+
+
+
+
+
\ No newline at end of file
diff --git a/ccm-sci-bundle/web/themes/foundry-base/templates/content-items/mpa-detail.xml b/ccm-sci-bundle/web/themes/foundry-base/templates/content-items/mpa-detail.xml
new file mode 100644
index 000000000..5150115a0
--- /dev/null
+++ b/ccm-sci-bundle/web/themes/foundry-base/templates/content-items/mpa-detail.xml
@@ -0,0 +1,53 @@
+
+
+
+
+
+
\ No newline at end of file
diff --git a/ccm-sci-bundle/web/themes/foundry-base/templates/content-items/mpa-list.xml b/ccm-sci-bundle/web/themes/foundry-base/templates/content-items/mpa-list.xml
new file mode 100644
index 000000000..49794fa5d
--- /dev/null
+++ b/ccm-sci-bundle/web/themes/foundry-base/templates/content-items/mpa-list.xml
@@ -0,0 +1,9 @@
+
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/ccm-sci-bundle/web/themes/foundry-base/templates/content-items/news-detail.xml b/ccm-sci-bundle/web/themes/foundry-base/templates/content-items/news-detail.xml
new file mode 100644
index 000000000..cec385d38
--- /dev/null
+++ b/ccm-sci-bundle/web/themes/foundry-base/templates/content-items/news-detail.xml
@@ -0,0 +1,27 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ ..
+
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/ccm-sci-bundle/web/themes/foundry-base/templates/default-layout.xml b/ccm-sci-bundle/web/themes/foundry-base/templates/default-layout.xml
new file mode 100644
index 000000000..42016fb57
--- /dev/null
+++ b/ccm-sci-bundle/web/themes/foundry-base/templates/default-layout.xml
@@ -0,0 +1,119 @@
+
+
+
+
+ <separator>: </separator>
+ <show-text>layout/page/head/title</show-text>
+ <show-page-title/>
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
news-item
+
+
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/ccm-sci-bundle/web/themes/foundry-base/templates/fragments/footer.xml b/ccm-sci-bundle/web/themes/foundry-base/templates/fragments/footer.xml
new file mode 100644
index 000000000..ca641df97
--- /dev/null
+++ b/ccm-sci-bundle/web/themes/foundry-base/templates/fragments/footer.xml
@@ -0,0 +1,6 @@
+
+
+
+ included from fragments/footer.xml
+
+
\ No newline at end of file
diff --git a/ccm-sci-bundle/web/themes/foundry-base/templates/portal-workspace-grid.xml b/ccm-sci-bundle/web/themes/foundry-base/templates/portal-workspace-grid.xml
new file mode 100644
index 000000000..7296e0415
--- /dev/null
+++ b/ccm-sci-bundle/web/themes/foundry-base/templates/portal-workspace-grid.xml
@@ -0,0 +1,64 @@
+
+
+
+
+ <separator>: </separator>
+ <show-text>layout/page/head/title</show-text>
+ <show-page-title/>
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/ccm-sci-bundle/web/themes/foundry-base/templates/portal-workspace.xml b/ccm-sci-bundle/web/themes/foundry-base/templates/portal-workspace.xml
new file mode 100644
index 000000000..ada24efa6
--- /dev/null
+++ b/ccm-sci-bundle/web/themes/foundry-base/templates/portal-workspace.xml
@@ -0,0 +1,90 @@
+
+
+
+
+ <separator>: </separator>
+ <show-text>layout/page/head/title</show-text>
+ <show-page-title/>
+
+
+
+
+
+
+
+
+
+