From b6b58497f045f7826bd4cca29f7f87f2f248fb8c Mon Sep 17 00:00:00 2001
From: srosse <stephane.rosse@frentix.com>
Date: Thu, 26 Jul 2018 10:05:54 +0200
Subject: [PATCH] no-jira: fallback in site security callback to admin only if
 the callback doesn't exists (for backwards compatibility 13.0 to 12.5)

---
 .../navigation/AbstractSiteDefinition.java        | 15 ++++++++++++++-
 1 file changed, 14 insertions(+), 1 deletion(-)

diff --git a/src/main/java/org/olat/core/gui/control/navigation/AbstractSiteDefinition.java b/src/main/java/org/olat/core/gui/control/navigation/AbstractSiteDefinition.java
index 1708d98543f..752f3e50593 100644
--- a/src/main/java/org/olat/core/gui/control/navigation/AbstractSiteDefinition.java
+++ b/src/main/java/org/olat/core/gui/control/navigation/AbstractSiteDefinition.java
@@ -30,6 +30,8 @@ import org.olat.core.CoreSpringFactory;
 import org.olat.core.configuration.AbstractConfigOnOff;
 import org.olat.core.gui.UserRequest;
 import org.olat.core.gui.control.WindowControl;
+import org.olat.core.logging.OLog;
+import org.olat.core.logging.Tracing;
 import org.olat.core.util.StringHelper;
 
 /**
@@ -37,6 +39,8 @@ import org.olat.core.util.StringHelper;
  */
 public abstract class AbstractSiteDefinition extends AbstractConfigOnOff implements SiteDefinition {
 	
+	private static final OLog log = Tracing.createLoggerFor(AbstractSiteDefinition.class);
+	
 	private int order;
 	private String defaultSiteSecurityCallbackBeanId;
 		
@@ -65,7 +69,7 @@ public abstract class AbstractSiteDefinition extends AbstractConfigOnOff impleme
 		
 		String secCallbackBeanId = config.getSecurityCallbackBeanId();
 		if(StringHelper.containsNonWhitespace(secCallbackBeanId)) {
-			Object siteSecCallback = CoreSpringFactory.getBean(secCallbackBeanId);
+			Object siteSecCallback = getSiteSecurityCallback(secCallbackBeanId);
 			if (siteSecCallback instanceof SiteViewSecurityCallback) {
 				if(!((SiteViewSecurityCallback)siteSecCallback).isAllowedToViewSite(ureq)) {
 					return null;
@@ -77,6 +81,15 @@ public abstract class AbstractSiteDefinition extends AbstractConfigOnOff impleme
 		return createSite(ureq, wControl, config);
 	}
 	
+	private Object getSiteSecurityCallback(String secCallbackBeanId) {
+		try {
+			return CoreSpringFactory.getBean(secCallbackBeanId);
+		} catch (Exception e) {
+			log.error("Cannot find security callback: " + secCallbackBeanId + " return administrator only security callback");
+			return CoreSpringFactory.getBean("adminSiteSecurityCallback");
+		}
+	}
+	
 	protected abstract SiteInstance createSite(UserRequest ureq, WindowControl wControl, SiteConfiguration config);
 	
 	protected SiteConfiguration getSiteConfiguration() {
-- 
GitLab