diff --git a/src/main/java/org/nrg/xnat/security/XnatInitCheckFilter.java b/src/main/java/org/nrg/xnat/security/XnatInitCheckFilter.java
index cd2826f9b4c75d8918e599d4894842864aefc73e..1960e057270a5954e951e0ea662ac613953b4f9c 100644
--- a/src/main/java/org/nrg/xnat/security/XnatInitCheckFilter.java
+++ b/src/main/java/org/nrg/xnat/security/XnatInitCheckFilter.java
@@ -10,25 +10,23 @@
*/
package org.nrg.xnat.security;
-import java.io.IOException;
-import java.util.ArrayList;
-import java.util.List;
+import org.nrg.xdat.XDAT;
+import org.nrg.xdat.security.helpers.Roles;
+import org.nrg.xft.security.UserI;
+import org.nrg.xnat.utils.XnatHttpUtils;
+import org.springframework.jdbc.core.JdbcTemplate;
+import org.springframework.web.filter.GenericFilterBean;
+import javax.inject.Inject;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
-
-import org.nrg.xdat.XDAT;
-import org.nrg.xdat.om.ArcArchivespecification;
-import org.nrg.xdat.security.helpers.Roles;
-import org.nrg.xdat.turbine.utils.TurbineUtils;
-import org.nrg.xft.security.UserI;
-import org.nrg.xnat.turbine.utils.ArcSpecManager;
-import org.nrg.xnat.utils.XnatHttpUtils;
-import org.springframework.web.filter.GenericFilterBean;
+import java.io.IOException;
+import java.util.ArrayList;
+import java.util.List;
public class XnatInitCheckFilter extends GenericFilterBean {
@@ -37,11 +35,11 @@ public class XnatInitCheckFilter extends GenericFilterBean {
final HttpServletRequest request = (HttpServletRequest) req;
final HttpServletResponse response = (HttpServletResponse) res;
- // MIGRATION: Get rid of the arcspec!!!
- final ArcArchivespecification arcSpec = ArcSpecManager.GetInstance();
-
- if (arcSpec != null && arcSpec.isComplete()) {
- //If arc spec has already been set, do not redirect.
+ // In this case, the count of siteUrl is a proxy for whether the system has been initialized.
+ @SuppressWarnings({"SqlDialectInspection", "SqlNoDataSourceInspection"})
+ final boolean initialized = _template.queryForObject("select count(*) from xhbm_preference p, xhbm_tool t where t.tool_id = 'siteConfig' and p.tool = t.id and p.name = 'siteUrl';", Integer.class) > 0;
+ if (initialized) {
+ // If the site URL has already been set, do not redirect.
chain.doFilter(req, res);
} else {
final UserI user = XDAT.getUserDetails();
@@ -50,7 +48,8 @@ public class XnatInitCheckFilter extends GenericFilterBean {
if (user == null) {
String header = request.getHeader("Authorization");
if (header != null && header.startsWith("Basic ") && !uri.contains(_initializationPath)) {
- //Users that authenticated using basic authentication receive an error message informing them that the arc spec is not set.
+ // Users that authenticated using basic authentication receive an error message informing
+ // them that the system is not yet initialized.
response.sendError(HttpServletResponse.SC_FORBIDDEN, "Site has not yet been configured.");
return;
}
@@ -66,25 +65,20 @@ public class XnatInitCheckFilter extends GenericFilterBean {
// the request is not for another page (preventing the user from navigating away from the Configuration page via the menu bar).
chain.doFilter(req, res);
} else {
- try {
- if(user == null) {
- // user not authenticated, let another filter handle the redirect
- // (NB: I tried putting this check up with the basic auth check,
- // but you get this weird redirect with 2 login pages on the same screen. Seems to work here).
- chain.doFilter(req, res);
+ if(user == null) {
+ // user not authenticated, let another filter handle the redirect
+ // (NB: I tried putting this check up with the basic auth check,
+ // but you get this weird redirect with 2 login pages on the same screen. Seems to work here).
+ chain.doFilter(req, res);
+ } else {
+ final String serverPath = XnatHttpUtils.getServerRoot(request);
+ if (Roles.isSiteAdmin(user)) {
+ //Otherwise, if the user has administrative permissions, direct the user to the configuration page.
+ response.sendRedirect(serverPath + _configurationPath);
} else {
- final String serverPath = XnatHttpUtils.getServerRoot(request);
- if (Roles.isSiteAdmin(user)) {
- //Otherwise, if the user has administrative permissions, direct the user to the configuration page.
- response.sendRedirect(serverPath + _configurationPath);
- } else {
- //The arc spec is not set but the user does not have administrative permissions. Direct the user to an error page.
- response.sendRedirect(serverPath + _nonAdminErrorPath);
- }
+ //The system is not initialized but the user does not have administrative permissions. Direct the user to an error page.
+ response.sendRedirect(serverPath + _nonAdminErrorPath);
}
- } catch (Exception e) {
- logger.error("Error checking user role in the Arc Spec Filter.", e);
- response.sendRedirect(TurbineUtils.GetFullServerPath() + _nonAdminErrorPath);
}
}
}
@@ -116,6 +110,9 @@ public class XnatInitCheckFilter extends GenericFilterBean {
return false;
}
+ @Inject
+ private JdbcTemplate _template;
+
private String _initializationPath = "";
private String _configurationPath = "";
private String _nonAdminErrorPath = "";