Split rest authentication into two. For web apps integration url is /c/restful/

mindplot/src/main/javascript/RestPersistenceManager.js

@@ -50,14 +50,20 @@ mindplot.RESTPersistenceManager = new Class({
                 url:this.saveUrl.replace("{id}", mapId) + "?" + query,
                 method:'put',
                 async:!sync,
+
                 onSuccess:function (responseText, responseXML) {
                     events.onSuccess();
                     persistence.timestamp = responseText;
                 },
+
                 onException:function (headerName, value) {
+                    console.log("onException....");
+
                     events.onError(persistence._buildError());
                 },
+
                 onFailure:function (xhr) {
+                    console.log("onFailure....");
                     var responseText = xhr.responseText;
                     var error = null;
 
@@ -70,8 +76,16 @@ mindplot.RESTPersistenceManager = new Class({
                             events.onError(persistence._buildError());
                             throw new Error("Unexpected error saving. Error response is not json object:" + responseText);
                         }
+                    } else {
+                        var msg = {severity:"ERROR", message:$msg('SAVE_COULD_NOT_BE_COMPLETED')};
+                        if (this.status == 405) {
+                            msg = {severity:"ERROR", message:$msg('SESSION_EXPIRED')};
                         }
+                        events.onError(msg);
+                    }
+
                 },
+
                 headers:{"Content-Type":"application/json", "Accept":"application/json"},
                 emulation:false,
                 urlEncoded:false

mindplot/src/main/javascript/Topic.js

@@ -629,6 +629,7 @@ mindplot.Topic = new Class({
         fade.addEvent('complete', function () {
         });
         fade.start();
+
         mindplot.EventBus.instance.fireEvent(mindplot.EventBus.events.NodeShrinkEvent, model);
 
     },

mindplot/src/main/resources/messages_en.properties

@@ -36,7 +36,7 @@ ZOOM_ERROR=No more zoom can be applied.
 ONLY_ONE_TOPIC_MUST_BE_SELECTED=Could not create a topic. Only one topic must be selected.
 ONE_TOPIC_MUST_BE_SELECTED=Could not create a topic. One topic must be selected.
 ONLY_ONE_TOPIC_MUST_BE_SELECTED_COLLAPSE=Children can not be collapsed. One topic must be selected.
-SAVE_COULD_NOT_BE_COMPLETED=Save could not be completed. Try latter.
+SAVE_COULD_NOT_BE_COMPLETED=Save could not be completed, please try again latter.
 UNEXPECTED_ERROR_LOADING=We're sorry, an unexpected error has occurred.\nTry again reloading the editor.If the problem persists, contact us to support@wisemapping.com.
 MAIN_TOPIC=Main Topic
 SUB_TOPIC=Sub Topic
@@ -56,4 +56,5 @@ ACCEPT=Accept
 CANCEL=Cancel
 LINK=Link
 OPEN_LINK=Open URL
+SESSION_EXPIRED=Your session has expired, please log-in again.
 

mindplot/src/main/resources/messages_es.properties

@@ -57,3 +57,4 @@ ACCEPT=Aceptar
 CANCEL=Cancelar
 LINK=Enlace
 OPEN_LINK=Abrir Enlace
+SESSION_EXPIRED=Su session ha expirado. Por favor, ingrese nuevamente.

wise-webapp/pom.xml

@@ -162,7 +162,7 @@
             <groupId>org.springframework.security</groupId>
             <artifactId>spring-security-web</artifactId>
             <version>${org.springframework.version}</version>
-            <scope>runtime</scope>
+            <scope>compile</scope>
         </dependency>
         <dependency>
             <groupId>org.springframework.security</groupId>

wise-webapp/src/main/java/com/wisemapping/exceptions/ClientException.java

@@ -18,7 +18,11 @@ abstract public class ClientException extends WiseMappingException {
     String getMsgBundleKey();
 
     public String getMessage(@NotNull final MessageSource messageSource, final @NotNull Locale locale) {
-        return messageSource.getMessage(this.getMsgBundleKey(), null, locale);
+        return messageSource.getMessage(this.getMsgBundleKey(), this.getMsgBundleArgs(), locale);
+    }
+
+    protected  Object[] getMsgBundleArgs(){
+         return null;
     }
 
     public Severity getSeverity() {

wise-webapp/src/main/java/com/wisemapping/exceptions/MultipleSessionsOpenException.java

@@ -35,4 +35,9 @@ public class MultipleSessionsOpenException
     protected String getMsgBundleKey() {
         return MSG_KEY;
     }
+
+    @Override
+    protected Object[] getMsgBundleArgs() {
+        return new String[]{"you"};
+    }
 }

wise-webapp/src/main/java/com/wisemapping/exceptions/SessionExpiredException.java

@@ -18,17 +18,15 @@
 
 package com.wisemapping.exceptions;
 
-import com.wisemapping.model.Collaborator;
+import com.wisemapping.model.User;
 import org.jetbrains.annotations.NotNull;
-import org.jetbrains.annotations.Nullable;
 
 public class SessionExpiredException
         extends ClientException {
     public static final String MSG_KEY = "MINDMAP_TIMESTAMP_OUTDATED";
-    @Nullable
+    private User lastUpdater;
-    private Collaborator lastUpdater;
 
-    public SessionExpiredException(@Nullable Collaborator lastUpdater) {
+    public SessionExpiredException(@NotNull User lastUpdater) {
         super("Map has been updated by " + (lastUpdater != null ? lastUpdater.getEmail() : ""), Severity.FATAL);
         this.lastUpdater = lastUpdater;
     }
@@ -38,4 +36,9 @@ public class SessionExpiredException
     protected String getMsgBundleKey() {
         return MSG_KEY;
     }
+
+    @Override
+    protected Object[] getMsgBundleArgs() {
+        return new String[]{lastUpdater.getFullName() + "<" + lastUpdater.getEmail() + ">"};
+    }
 }

wise-webapp/src/main/java/com/wisemapping/rest/MindmapController.java

@@ -174,31 +174,30 @@ public class MindmapController extends BaseController {
     }
 
     private void verifyLock(@NotNull Mindmap mindmap, @NotNull User user, long session, long timestamp) throws WiseMappingException {
-        throw new SessionExpiredException(user);
 
-//        // The lock was lost, reclaim as the ownership of it.
+        // The lock was lost, reclaim as the ownership of it.
-//        final LockManager lockManager = mindmapService.getLockManager();
+        final LockManager lockManager = mindmapService.getLockManager();
-//        final boolean lockLost = lockManager.isLocked(mindmap);
+        final boolean lockLost = lockManager.isLocked(mindmap);
-//        if (!lockLost) {
+        if (!lockLost) {
-//            lockManager.lock(mindmap, user, session);
+            lockManager.lock(mindmap, user, session);
-//        }
+        }
-//
+
-//        final LockInfo lockInfo = lockManager.getLockInfo(mindmap);
+        final LockInfo lockInfo = lockManager.getLockInfo(mindmap);
-//        if (lockInfo.getCollaborator().equals(user)) {
+        if (lockInfo.getUser().equals(user)) {
-//            final boolean outdated = mindmap.getLastModificationTime().getTimeInMillis() > timestamp;
+            final boolean outdated = mindmap.getLastModificationTime().getTimeInMillis() > timestamp;
-//            if (lockInfo.getSession() == session) {
+            if (lockInfo.getSession() == session) {
-//                // Timestamp might not be returned to the client. This try to cover this case, ignoring the client timestamp check.
+                // Timestamp might not be returned to the client. This try to cover this case, ignoring the client timestamp check.
-//                final User lastEditor = mindmap.getLastEditor();
+                final User lastEditor = mindmap.getLastEditor();
-//                if (outdated && (lockInfo.getPreviousTimestamp() != timestamp || lastEditor == null || !lastEditor.equals(user))) {
+                if (outdated && (lockInfo.getPreviousTimestamp() != timestamp || lastEditor == null || !lastEditor.equals(user))) {
-//                    throw new SessionExpiredException(lastEditor);
+                    throw new SessionExpiredException(lastEditor);
-//                }
+                }
-//            } else if (outdated) {
+            } else if (outdated) {
-//                throw new MultipleSessionsOpenException("The map has been updated and not by you. Session lost.");
+                throw new MultipleSessionsOpenException("The map has been updated and not by you. Session lost.");
-//            }
+            }
-//        } else {
+        } else {
-//            throw new SessionExpiredException(lockInfo.getCollaborator());
+            throw new SessionExpiredException(lockInfo.getUser());
-//
+
-//        }
+        }
     }
 
     /**

wise-webapp/src/main/java/com/wisemapping/rest/model/RestLockInfo.java

@@ -20,10 +20,8 @@ package com.wisemapping.rest.model;
 
 
 import com.wisemapping.model.Collaborator;
-import com.wisemapping.model.User;
 import com.wisemapping.service.LockInfo;
 import org.codehaus.jackson.annotate.JsonAutoDetect;
-import org.codehaus.jackson.annotate.JsonIgnore;
 import org.codehaus.jackson.annotate.JsonIgnoreProperties;
 import org.jetbrains.annotations.NotNull;
 import org.jetbrains.annotations.Nullable;
@@ -31,9 +29,6 @@ import org.jetbrains.annotations.Nullable;
 import javax.xml.bind.annotation.XmlAccessType;
 import javax.xml.bind.annotation.XmlAccessorType;
 import javax.xml.bind.annotation.XmlRootElement;
-import java.util.Calendar;
-import java.util.Date;
-import java.util.Set;
 
 @XmlRootElement(name = "lock")
 @XmlAccessorType(XmlAccessType.PROPERTY)
@@ -73,7 +68,7 @@ public class RestLockInfo {
     }
 
     public boolean isLockedByMe() {
-        return isLocked() && lockInfo != null && lockInfo.getCollaborator().equals(user);
+        return isLocked() && lockInfo != null && lockInfo.getUser().equals(user);
     }
 
     public void setLockedByMe(boolean lockedForMe) {

wise-webapp/src/main/java/com/wisemapping/security/AuthenticationSuccessHandler.java

@@ -0,0 +1,43 @@
+package com.wisemapping.security;
+
+import org.springframework.security.core.Authentication;
+import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;
+import org.springframework.security.web.savedrequest.HttpSessionRequestCache;
+import org.springframework.security.web.savedrequest.RequestCache;
+import org.springframework.security.web.savedrequest.SavedRequest;
+
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+
+
+public class AuthenticationSuccessHandler extends SavedRequestAwareAuthenticationSuccessHandler {
+    private RequestCache cache;
+
+    public AuthenticationSuccessHandler() {
+        cache = new HttpSessionRequestCache();
+        this.setRequestCache(cache);
+    }
+
+    @Override
+    public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws ServletException, IOException {
+
+        SavedRequest savedRequest = cache.getRequest(request, response);
+        if (savedRequest!=null && savedRequest.getRedirectUrl().contains("c/restful")) {
+            cache.removeRequest(request,response);
+        }
+        super.onAuthenticationSuccess(request, response, authentication);
+    }
+
+    @Override
+    protected String determineTargetUrl(HttpServletRequest request, HttpServletResponse response) {
+        String url = super.determineTargetUrl(request, response);
+        // Prevent redirecting to rest services on login ...
+        if (url.contains("c/restful")) {
+            url = this.getDefaultTargetUrl();
+        }
+        return url;
+    }
+
+}

wise-webapp/src/main/java/com/wisemapping/service/LockInfo.java

@@ -18,28 +18,28 @@
 
 package com.wisemapping.service;
 
-import com.wisemapping.model.Collaborator;
 import com.wisemapping.model.Mindmap;
+import com.wisemapping.model.User;
 import org.jetbrains.annotations.NotNull;
 
 import java.util.Calendar;
 
 public class LockInfo {
-    final private Collaborator collaborator;
+    final private User user;
     private Calendar timeout;
     private long session;
     private static int EXPIRATION_MIN = 30;
     private long timestamp = -1;
     private long previousTimestamp;
 
-    public LockInfo(@NotNull Collaborator collaborator, @NotNull Mindmap mindmap, long session) {
+    public LockInfo(@NotNull User user, @NotNull Mindmap mindmap, long session) {
-        this.collaborator = collaborator;
+        this.user = user;
         this.updateTimeout();
         this.updateTimestamp(mindmap);
     }
 
-    public Collaborator getCollaborator() {
+    public User getUser() {
-        return collaborator;
+        return user;
     }
 
     public boolean isExpired() {

wise-webapp/src/main/java/com/wisemapping/service/LockManager.java

@@ -19,10 +19,8 @@
 package com.wisemapping.service;
 
 import com.wisemapping.exceptions.AccessDeniedSecurityException;
-import com.wisemapping.exceptions.ClientException;
 import com.wisemapping.exceptions.LockException;
 import com.wisemapping.exceptions.WiseMappingException;
-import com.wisemapping.model.Collaborator;
 import com.wisemapping.model.Mindmap;
 import com.wisemapping.model.User;
 import org.jetbrains.annotations.NotNull;
@@ -32,13 +30,13 @@ public interface LockManager {
 
     LockInfo getLockInfo(@NotNull Mindmap mindmap);
 
-    LockInfo updateExpirationTimeout(@NotNull Mindmap mindmap, @NotNull Collaborator user,long session);
+    LockInfo updateExpirationTimeout(@NotNull Mindmap mindmap, @NotNull User user,long session);
 
-    void unlock(@NotNull Mindmap mindmap, @NotNull Collaborator user) throws LockException, AccessDeniedSecurityException;
+    void unlock(@NotNull Mindmap mindmap, @NotNull User user) throws LockException, AccessDeniedSecurityException;
 
-    boolean isLockedBy(@NotNull Mindmap mindmap, @NotNull Collaborator collaborator);
+    boolean isLockedBy(@NotNull Mindmap mindmap, @NotNull User collaborator);
 
-    LockInfo lock(@NotNull Mindmap mindmap, @NotNull Collaborator user, long session) throws WiseMappingException;
+    LockInfo lock(@NotNull Mindmap mindmap, @NotNull User user, long session) throws WiseMappingException;
 
     long generateSession();
 }

wise-webapp/src/main/java/com/wisemapping/service/LockManagerImpl.java

@@ -22,8 +22,8 @@ import com.wisemapping.exceptions.AccessDeniedSecurityException;
 import com.wisemapping.exceptions.LockException;
 import com.wisemapping.exceptions.WiseMappingException;
 import com.wisemapping.model.CollaborationRole;
-import com.wisemapping.model.Collaborator;
 import com.wisemapping.model.Mindmap;
+import com.wisemapping.model.User;
 import org.apache.log4j.Logger;
 import org.jetbrains.annotations.NotNull;
 
@@ -63,25 +63,25 @@ class LockManagerImpl implements LockManager {
     }
 
     @Override
-    public LockInfo updateExpirationTimeout(@NotNull Mindmap mindmap, @NotNull Collaborator user, long session) {
+    public LockInfo updateExpirationTimeout(@NotNull Mindmap mindmap, @NotNull User user, long session) {
         if (!this.isLocked(mindmap)) {
             throw new IllegalStateException("Lock lost for map. No update possible.");
         }
 
         final LockInfo result = this.getLockInfo(mindmap);
-        if (!result.getCollaborator().equals(user)) {
+        if (!result.getUser().equals(user)) {
-            throw new IllegalStateException("Could not update map lock timeout if you are not the locking user. User:" + result.getCollaborator() + ", " + user);
+            throw new IllegalStateException("Could not update map lock timeout if you are not the locking user. User:" + result.getUser() + ", " + user);
         }
 
         result.updateTimeout();
         result.setSession(session);
         result.updateTimestamp(mindmap);
-        logger.debug("Timeout updated for:" + mindmap.getId());
+//        logger.debug("Timeout updated for:" + mindmap.getId());
         return result;
     }
 
     @Override
-    public void unlock(@NotNull Mindmap mindmap, @NotNull Collaborator user) throws LockException, AccessDeniedSecurityException {
+    public void unlock(@NotNull Mindmap mindmap, @NotNull User user) throws LockException, AccessDeniedSecurityException {
         if (isLocked(mindmap) && !isLockedBy(mindmap, user)) {
             throw new LockException("Lock can be only revoked by the locker.");
         }
@@ -99,10 +99,10 @@ class LockManagerImpl implements LockManager {
     }
 
     @Override
-    public boolean isLockedBy(@NotNull Mindmap mindmap, @NotNull Collaborator collaborator) {
+    public boolean isLockedBy(@NotNull Mindmap mindmap, @NotNull User collaborator) {
         boolean result = false;
         final LockInfo lockInfo = this.getLockInfo(mindmap);
-        if (lockInfo != null && lockInfo.getCollaborator().equals(collaborator)) {
+        if (lockInfo != null && lockInfo.getUser().equals(collaborator)) {
             result = true;
         }
         return result;
@@ -110,7 +110,7 @@ class LockManagerImpl implements LockManager {
 
     @Override
     @NotNull
-    public LockInfo lock(@NotNull Mindmap mindmap, @NotNull Collaborator user, long session) throws WiseMappingException {
+    public LockInfo lock(@NotNull Mindmap mindmap, @NotNull User user, long session) throws WiseMappingException {
         if (isLocked(mindmap) && !isLockedBy(mindmap, user)) {
             throw new LockException("Invalid lock, this should not happen");
         }

wise-webapp/src/main/java/com/wisemapping/webmvc/ExtensionsController.java

@@ -16,9 +16,8 @@
 *   limitations under the License.
 */
 
-package com.wisemapping.ncontroller;
+package com.wisemapping.webmvc;
 
-import com.wisemapping.model.Mindmap;
 import com.wisemapping.service.MindmapService;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Qualifier;
@@ -26,8 +25,6 @@ import org.springframework.stereotype.Controller;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.servlet.ModelAndView;
 
-import java.io.IOException;
-
 @Controller
 public class ExtensionsController {
     @Qualifier("mindmapService")

wise-webapp/src/main/java/com/wisemapping/webmvc/LoginController.java

@@ -16,7 +16,7 @@
 *   limitations under the License.
 */
 
-package com.wisemapping.ncontroller;
+package com.wisemapping.webmvc;
 
 import com.wisemapping.model.User;
 import com.wisemapping.security.Utils;
@@ -26,8 +26,6 @@ import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestMethod;
 import org.springframework.web.servlet.ModelAndView;
 
-import javax.servlet.http.HttpServletRequest;
-
 @Controller
 public class LoginController {
 

wise-webapp/src/main/java/com/wisemapping/webmvc/MindmapController.java

@@ -16,11 +16,9 @@
 *   limitations under the License.
 */
 
-package com.wisemapping.ncontroller;
+package com.wisemapping.webmvc;
 
 
-import com.wisemapping.exceptions.AccessDeniedSecurityException;
-import com.wisemapping.exceptions.LockException;
 import com.wisemapping.exceptions.WiseMappingException;
 import com.wisemapping.model.CollaborationRole;
 import com.wisemapping.model.Mindmap;

wise-webapp/src/main/java/com/wisemapping/webmvc/PublicPagesController.java

@@ -16,7 +16,7 @@
 *   limitations under the License.
 */
 
-package com.wisemapping.ncontroller;
+package com.wisemapping.webmvc;
 
 import com.wisemapping.service.MindmapService;
 import org.springframework.beans.factory.annotation.Autowired;

wise-webapp/src/main/java/com/wisemapping/webmvc/UsersController.java

@@ -16,7 +16,7 @@
 *   limitations under the License.
 */
 
-package com.wisemapping.ncontroller;
+package com.wisemapping.webmvc;
 
 
 import com.wisemapping.validator.Messages;

wise-webapp/src/main/resources/messages_en.properties

@@ -249,8 +249,8 @@ DIRECT_LINK_EXPLANATION=Copy and paste the link below to share your map with col
 TEMPORAL_PASSWORD_SENT=Your temporal password has been sent
 TEMPORAL_PASSWORD_SENT_DETAILS=We've sent you an email that will allow you to reset your password. Please check your email now.
 TEMPORAL_PASSWORD_SENT_SUPPORT=If you have any problem receiving the email, contact us to  <a href\="mailto\:support@wisemapping.com">support@wisemapping.com </a>
-MINDMAP_TIMESTAMP_OUTDATED=It's not possible to save your changes because your mindmap has been modified by '%s'. Refresh the page and try again.
+MINDMAP_TIMESTAMP_OUTDATED=It's not possible to save your changes because your mindmap has been modified by '{0}'. Refresh the page and try again.
-MINDMAP_LOCKED="This map is being edited by %s <%s>. Map is opened in read only."
+MINDMAP_LOCKED=Map is being edited by {0} <{1}>. Map  is opened in read only mode.
 
 
 

wise-webapp/src/main/resources/messages_es.properties

@@ -248,7 +248,8 @@ DIRECT_LINK_EXPLANATION=Copie y pegue el este enlace para compartir su mapa ment
 TEMPORAL_PASSWORD_SENT_SUPPORT=Si tienes algun problema o no reciviste el mail, contactanos a <a href\="mailto\:support@wisemapping.com">support@wisemapping.com</a>
 TEMPORAL_PASSWORD_SENT_DETAILS=Se te ha enviado un mail con los detalles para cambiar to password. Revisa tu correo ahora.
 TEMPORAL_PASSWORD_SENT=Tu contraseña temporal ha sido enviada
-MINDMAP_LOCKED="This map is being edited by %s <%s>. Map is opened in read only."
+MINDMAP_LOCKED=El mapa esta siendo editado por {0} <{1}>. Mapa sera abierto en modo lectura.
+MINDMAP_TIMESTAMP_OUTDATED=No es posible grabar sus cambios por que el mapa ha sido modificado por {0}'. Refresque la pagina y intentelo nuevamente.
 
 
 

wise-webapp/src/main/resources/messages_fr.properties

@@ -250,7 +250,6 @@ ACCESS_HAS_BEEN_REVOKED= Upps. your access permissions to this map has been revo
 LICENSE=License
 WELCOME_TO_WISEMAPPING=Welcome to WiseMapping
 WELCOME_DETAILS=WiseMapping will enable you to create and read your mind maps everywhere. With WiseMapping you can: <ul><li>Embed mind map it in web pages and blogs</li><li>Link mind map and documents</li><li>Share your maps with friend and colleagues</li><li>Export your maps SVG,PNG,JPG and FreeMind</li></ul>.
-MINDMAP_LOCKED="This map is being edited by %s <%s>. Map is opened in read only."
 
 
 

wise-webapp/src/main/resources/messages_it.properties

@@ -235,7 +235,6 @@ TUTORIAL.FONT_COLOR=Colore
 TUTORIAL.FONT_STYLE=Stili
 TUTORIAL.FONT_TYPE=Font
 TUTORIAL.SAMPLE_NOTE=Questa è una semplice nota !.
-MINDMAP_LOCKED="This map is being edited by %s <%s>. Map is opened in read only."
 
 
 

wise-webapp/src/main/resources/messages_pt_BR.properties

@@ -235,5 +235,4 @@ TUTORIAL.SAMPLE_NOTE=Esta é uma nota simples !.
 SUPPORT=Ajudar
 FEEDBACK=Feedback
 CONTACT_US=Contato
-MINDMAP_LOCKED="This map is being edited by %s <%s>. Map is opened in read only."
 

wise-webapp/src/main/resources/messages_zh_CN.properties

@@ -210,5 +210,4 @@ TERM_OF_USE=条款和条件
 CONTACT_US=联系我们
 FEEDBACK=反馈
 SUPPORT=支援
-MINDMAP_LOCKED="This map is being edited by %s <%s>. Map is opened in read only."
 

wise-webapp/src/main/resources/messages_zh_TW.properties

@@ -210,5 +210,4 @@ TERM_OF_USE=條款和條件
 CONTACT_US=聯繫我們
 FEEDBACK=反饋
 SUPPORT=幫助
-MINDMAP_LOCKED="This map is being edited by %s <%s>. Map is opened in read only."
 

wise-webapp/src/main/webapp/WEB-INF/web.xml

@@ -113,6 +113,11 @@
         <url-pattern>/service/*</url-pattern>
     </servlet-mapping>
 
+    <servlet-mapping>
+        <servlet-name>mvc-rest</servlet-name>
+        <url-pattern>/c/restful/*</url-pattern>
+    </servlet-mapping>
+
     <welcome-file-list>
         <welcome-file>
             index.jsp

wise-webapp/src/main/webapp/WEB-INF/wisemapping-security.xml

@@ -2,14 +2,11 @@
 
 <beans xmlns="http://www.springframework.org/schema/beans"
        xmlns:sec="http://www.springframework.org/schema/security"
-       xmlns:context="http://www.springframework.org/schema/context"
        xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
        xsi:schemaLocation="http://www.springframework.org/schema/beans
           http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
           http://www.springframework.org/schema/security
-          http://www.springframework.org/schema/security/spring-security-3.1.xsd
+          http://www.springframework.org/schema/security/spring-security-3.1.xsd">
-          http://www.springframework.org/schema/context
-          http://www.springframework.org/schema/context/spring-context.xsd">
 
     <bean id="encoder"
           class="com.wisemapping.security.CustomPasswordEncoder"/>
@@ -39,17 +36,19 @@
     <sec:http pattern="/c/try" security="none"/>
 
 
-    <sec:http use-expressions="true" create-session="never" pattern="/service/**">
+    <sec:http use-expressions="true" create-session="stateless" pattern="/service/**">
         <sec:intercept-url pattern="/service/admin/users/**" access="isAuthenticated() and hasRole('ROLE_ADMIN')"/>
         <sec:intercept-url pattern="/service/**" access="isAuthenticated() and hasRole('ROLE_USER')"/>
         <sec:http-basic/>
     </sec:http>
 
     <sec:http use-expressions="true" access-denied-page="/c/login">
+        <sec:intercept-url pattern="/c/restful/admin/users/**" access="isAuthenticated() and hasRole('ROLE_ADMIN')"/>
         <sec:intercept-url pattern="/c/**/*" access="isAuthenticated() and hasRole('ROLE_USER')"/>
+
         <sec:form-login login-page="/c/login"
-                        default-target-url='/c/maps/'
+                        authentication-success-handler-ref="authenticationSuccessHandler"
-                        always-use-default-target='false'
+                        always-use-default-target="false"
                         authentication-failure-url="/c/login?login_error=2"
                         login-processing-url="/c/j_spring_security_check"/>
         <sec:remember-me key="wisemapping-hashed-key"/>
@@ -67,7 +66,13 @@
     </bean>
 
     <bean id="userDetailsService" class="com.wisemapping.security.UserDetailsService">
+        <!--suppress SpringModelInspection -->
         <property name="userService" ref="userService"/>
         <property name="adminUser" value="${admin.user}"/>
     </bean>
+
+    <bean id="authenticationSuccessHandler" class="com.wisemapping.security.AuthenticationSuccessHandler">
+        <property name="defaultTargetUrl" value="/c/maps/"/>
+        <property name="alwaysUseDefaultTargetUrl" value="false"/>
+    </bean>
 </beans>

wise-webapp/src/main/webapp/WEB-INF/wisemapping-servlet.xml

@@ -11,7 +11,7 @@
         http://www.springframework.org/schema/mvc
         http://www.springframework.org/schema/mvc/spring-mvc-3.1.xsd">
 
-    <context:component-scan base-package="com.wisemapping.ncontroller"/>
+    <context:component-scan base-package="com.wisemapping.webmvc"/>
     <context:annotation-config/>
     <mvc:annotation-driven/>
     <context:property-placeholder location="/WEB-INF/app.properties" ignore-unresolvable="true"/>

wise-webapp/src/main/webapp/js/mindmapList.js

@@ -212,7 +212,7 @@ function updateStarred(spanElem) {
         $(spanElem).addClass('starredOff');
     }
 
-    jQuery.ajax("service/maps/" + mapId + "/starred", {
+    jQuery.ajax("c/restful/maps/" + mapId + "/starred", {
         async:false,
         dataType:'json',
         data:"" + starred,
@@ -250,7 +250,7 @@ $(function () {
         function () {
             $("#new-dialog-modal").dialogForm({
                 redirect:"c/maps/{header.resourceId}/edit",
-                url:"service/maps"
+                url:"c/restful/maps"
             });
         });
 
@@ -270,7 +270,7 @@ $(function () {
             // Initialize dialog ...
             $("#duplicate-dialog-modal").dialogForm({
                 redirect:"c/maps/{header.resourceId}/edit",
-                url:"service/maps/" + mapId
+                url:"c/restful/maps/" + mapId
             });
         }
     });
@@ -304,7 +304,7 @@ $(function () {
                     rowData.description = reqBodyData.description;
                     dataTable.fnAddData(JSON.parse(JSON.stringify(rowData)));
                 },
-                url:"service/maps/" + mapId
+                url:"c/restful/maps/" + mapId
             });
         }
     });
@@ -322,7 +322,7 @@ $(function () {
                     // Remove old entry ...
                     tableUI.dataTableExt.removeSelectedRows();
                 },
-                url:"service/maps/batch?ids=" + jQuery.makeArray(mapIds).join(',')
+                url:"c/restful/maps/batch?ids=" + jQuery.makeArray(mapIds).join(',')
             });
         }
     });
@@ -385,7 +385,7 @@ $(function () {
         $('#foldersContainer .active i').addClass('icon-white');
 
         // Reload the table data ...
-        dataTable.fnReloadAjax("service/maps/?q=" + $(this).attr('data-filter'), callbackOnTableInit, true);
+        dataTable.fnReloadAjax("c/restful/maps/?q=" + $(this).attr('data-filter'), callbackOnTableInit, true);
         event.preventDefault();
     });
 });

wise-webapp/src/main/webapp/jsp/accountSettings.jsp

@@ -116,7 +116,7 @@
             $('#changePasswordMsg').removeClass('alert-info').addClass('alert-error').show();
             $('#changePasswordMsg').text('<spring:message code="PASSWORD_MISSMATCH"/>');
         } else {
-            postChange("service/account/password", inputVal, 'changePasswordMsg', '<spring:message code="CHANGE_PASSWORD_SUCCESS"/>');
+            postChange("c/restful/account/password", inputVal, 'changePasswordMsg', '<spring:message code="CHANGE_PASSWORD_SUCCESS"/>');
         }
         event.preventDefault();
     });
@@ -125,15 +125,15 @@
 
         var fistname = $('#changeUserForm #firstname').val();
         var lastname = $('#changeUserForm #lastname').val();
-        postChange("service/account/firstname", fistname, 'changeInfoMsg', '<spring:message code="INFO_UPDATE_SUCCESS"/>');
+        postChange("c/restful/account/firstname", fistname, 'changeInfoMsg', '<spring:message code="INFO_UPDATE_SUCCESS"/>');
-        postChange("service/account/lastname", lastname, 'changeInfoMsg', '<spring:message code="INFO_UPDATE_SUCCESS"/>');
+        postChange("c/restful/account/lastname", lastname, 'changeInfoMsg', '<spring:message code="INFO_UPDATE_SUCCESS"/>');
         event.preventDefault();
     });
 
     $('#languageForm').submit(function (event) {
 
         var locale = $('#languageForm option:selected').val();
-        postChange("service/account/locale", locale, 'languageMsg', '<spring:message code="INFO_UPDATE_SUCCESS"/>');
+        postChange("c/restful/account/locale", locale, 'languageMsg', '<spring:message code="INFO_UPDATE_SUCCESS"/>');
         event.preventDefault();
     });
 </script>

wise-webapp/src/main/webapp/jsp/iframeWrapper.jsp

@@ -40,7 +40,7 @@
         }
     });
 </script>
-<form method="GET" class="form-horizontal" action="service/maps/${mindmap.id}"
+<form method="GET" class="form-horizontal" action="c/restful/maps/${mindmap.id}"
       enctype="application/x-www-form-urlencoded" id="iframeExportForm">
     <input name="svgXml" id="svgXml" value="" type="hidden"/>
     <input name="download" id="download" type="hidden" value="mm"/>

wise-webapp/src/main/webapp/jsp/mindmapEditor.jsp

@@ -9,6 +9,7 @@
 <%--@elvariable id="editorTryMode" type="java.lang.Boolean"--%>
 <%--@elvariable id="editorTryMode" type="java.lang.String"--%>
 <%--@elvariable id="mapXml" type="com.wisemapping.model.User"--%>
+<%--@elvariable id="lockInfo" type="com.wisemapping.service.LockInfo"--%>
 <html>
 <head>
     <base href="${requestScope['site.baseurl']}/">
@@ -37,13 +38,14 @@
             <c:if test="${!memoryPersistence && !readOnlyMode}">
                 options.persistenceManager = new mindplot.RESTPersistenceManager(
                         {
-                            saveUrl:"service/maps/{id}/document",
+                            saveUrl:"c/restful/maps/{id}/document",
-                            revertUrl:"service/maps/{id}/history/latest",
+                            revertUrl:"c/restful/maps/{id}/history/latest",
-                            lockUrl:"service/maps/{id}/lock",
+                            lockUrl:"c/restful/maps/{id}/lock",
                             timestamp: ${lockTimestamp},
                             session: ${lockSession}
                         }
                 );
+
             </c:if>
                 var userOptions = ${mindmap.properties};
                 options.zoom = userOptions.zoom;
@@ -68,7 +70,7 @@
             }
 
             <c:if test="${mindmapLocked}">
-            $notify("<spring:message code="MINDMAP_LOCKED" arguments="${lockInfo.collaborator.email}"/>", false);
+            $notify("<spring:message code="MINDMAP_LOCKED" arguments="${lockInfo.user.fullName},${lockInfo.user.email}"/>", false);
             </c:if>
         });
 

wise-webapp/src/main/webapp/jsp/mindmapExport.jsp

@@ -6,7 +6,7 @@
 </p>
 
 <div>
-    <form method="GET" class="form-horizontal" action="service/maps/${mindmap.id}"
+    <form method="GET" class="form-horizontal" action="c/restful/maps/${mindmap.id}"
           enctype="application/x-www-form-urlencoded" id="dialogMainForm">
         <input name="svgXml" id="svgXml" value="" type="hidden"/>
         <input name="download" type="hidden" value="mm"/>
@@ -75,7 +75,7 @@
         var form = $('#dialogMainForm');
 
         // Restore default ..
-        form.attr('action', 'service/maps/${mindmap.id}.' + formatType);
+        form.attr('action', 'c/restful/maps/${mindmap.id}.' + formatType);
 
         if (formatType == 'image' || formatType == 'svg' || formatType == 'pdf') {
 
@@ -85,7 +85,7 @@
             }
             // Change to transform url ...
             form.attr('method', "POST");
-            form.attr('action', 'service/transform.' + formatType);
+            form.attr('action', 'c/restful/transform.' + formatType);
 
             // Load page SVG ...
             var svgXml = window.parent.document.getElementById('workspaceContainer').innerHTML;

wise-webapp/src/main/webapp/jsp/mindmapHistory.jsp

@@ -26,7 +26,7 @@
 
 <script type="text/javascript">
     var tableElem = $('#historyTable');
-    jQuery.ajax("service/maps/${mindmapId}/history", {
+    jQuery.ajax("c/restful/maps/${mindmapId}/history", {
         async:false,
         dataType:'json',
         type:'GET',
@@ -54,7 +54,7 @@
             });
             tableElem.find('tr a.revert').each(function () {
                 $(this).click(function (event) {
-                    var url = "service/maps/${mindmapId}/history/" + $(this).closest("tr").attr("data-history-id");
+                    var url = "c/restful/maps/${mindmapId}/history/" + $(this).closest("tr").attr("data-history-id");
                     jQuery.post(url, function (data) {
                         window.parent.location = "c/maps/${mindmapId}/edit";
                     });

wise-webapp/src/main/webapp/jsp/mindmapImport.jsp

@@ -48,7 +48,7 @@
         description = description == undefined ? "" : description;
 
         // Save status on click ...
-        jQuery.ajax("service/maps?title=" + encodeURI(title) + "&description=" + encodeURI(description),
+        jQuery.ajax("c/restful/maps?title=" + encodeURI(title) + "&description=" + encodeURI(description),
                 {
                     async:false,
                     data:fileContent,

wise-webapp/src/main/webapp/jsp/mindmapList.jsp

@@ -33,7 +33,7 @@
         $(function () {
             $('#mindmapListTable').dataTable({
                 bProcessing:true,
-                sAjaxSource:"service/maps/",
+                sAjaxSource:"c/restful/maps/",
                 sAjaxDataProp:'mindmapsInfo',
                 fnInitComplete:function () {
                     $('#mindmapListTable tbody').change(updateStatusToolbar);

wise-webapp/src/main/webapp/jsp/mindmapPublish.jsp

@@ -105,7 +105,7 @@ solid black" src="${baseUrl}/c/maps/${mindmap.id}/embed?zoom=1"> </iframe&
 
     // Save status on click ...
     $('#dialogMainForm').submit(function (event) {
-        jQuery.ajax("service/maps/${mindmap.id}/publish", {
+        jQuery.ajax("c/restful/maps/${mindmap.id}/publish", {
             async:false,
             dataType:'json',
             data:$('#dialogMainForm #enablePublicView')[0].checked ? 'true' : 'false',

wise-webapp/src/main/webapp/jsp/mindmapShare.jsp

@@ -164,7 +164,7 @@ var removeCollab = function (email) {
 };
 
 $(function () {
-    jQuery.ajax("service/maps/${mindmap.id}/collabs", {
+    jQuery.ajax("c/restful/maps/${mindmap.id}/collabs", {
         async:false,
         dataType:'json',
         type:'GET',
@@ -284,7 +284,7 @@ var submitDialogForm = function () {
     });
     collabs['message'] = $("#collabMessage").val();
 
-    jQuery.ajax("service/maps/${mindmap.id}/collabs", {
+    jQuery.ajax("c/restful/maps/${mindmap.id}/collabs", {
         async:false,
         dataType:'json',
         type:'PUT',