package eu.semberal.reminders.stripes.ext;
import eu.semberal.reminders.entity.User;
import eu.semberal.reminders.stripes.action.AbstractActionBean;
import eu.semberal.reminders.stripes.action.LoginActionBean;
import net.sourceforge.stripes.action.*;
import org.stripesstuff.plugin.security.J2EESecurityManager;
import org.stripesstuff.plugin.security.SecurityHandler;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.lang.reflect.Method;
public class CustomSecurityManager extends J2EESecurityManager implements SecurityHandler {
@Override
public Resolution handleAccessDenied(ActionBean actionBean, Method method) {
if (!isUserAuthenticated(actionBean, method)) { //pokud neni autentizovan, posli na login screen
return new RedirectResolution(LoginActionBean.class, "form").addParameter("access-denied", true);
}
return new ErrorResolution(HttpServletResponse.SC_UNAUTHORIZED);
}
@Override
protected Boolean isUserAuthenticated(ActionBean bean, Method handler) {
return ((CustomActionBeanContext) (bean.getContext())).isAuthenticated();
}
@Override
protected Boolean hasRole(ActionBean bean, Method handler, String role) {
User u = ((CustomActionBeanContext) (bean.getContext())).getUser();
if (u != null) {
return u.getRoles() != null && u.getRoles().contains(role);
}
return false;
}
}