Package loxia.struts2.interceptor

Source Code of loxia.struts2.interceptor.AuthorizationInterceptor

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
package loxia.struts2.interceptor;

import java.lang.reflect.Method;
import java.util.Arrays;
import java.util.Enumeration;
import java.util.Locale;

import javax.servlet.ServletContext;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import loxia.security.LoxiaGrantedAuthority;
import loxia.security.LoxiaUserDetails;

import org.apache.struts2.StrutsStatics;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.Authentication;
import org.springframework.security.GrantedAuthority;
import org.springframework.security.context.SecurityContextHolder;
import org.springframework.web.context.WebApplicationContext;
import org.springframework.web.context.support.WebApplicationContextUtils;

import loxia.dao.OperatingUnitDao;
import loxia.exception.BusinessException;
import loxia.exception.PreserveErrorCode;
import loxia.struts2.BaseAction;
import loxia.struts2.BaseProfileAction;
import loxia.struts2.LoxiaUserDetailsAware;
import loxia.web.annotation.Acl;

import com.opensymphony.xwork2.ActionContext;
import com.opensymphony.xwork2.ActionInvocation;
import com.opensymphony.xwork2.interceptor.AbstractInterceptor;
import com.opensymphony.xwork2.util.LocalizedTextUtil;

public class AuthorizationInterceptor extends AbstractInterceptor implements StrutsStatics {

  /**
   *
   */
  private static final long serialVersionUID = 6983132502906240133L;
 
  static final Logger logger = LoggerFactory.getLogger(AuthorizationInterceptor.class);

  @SuppressWarnings("unchecked")
  @Override
  public String intercept(ActionInvocation invocation) throws Exception {
    logger.debug("Start AuthenticationInterceptor");
    final Object action = invocation.getAction();
    final ActionContext context = invocation.getInvocationContext();
    WebApplicationContext ctx = WebApplicationContextUtils.
      getWebApplicationContext((ServletContext) context.get(SERVLET_CONTEXT));
    HttpServletRequest request = (HttpServletRequest)context.get(HTTP_REQUEST);
    HttpServletResponse response = (HttpServletResponse)context.get(HTTP_RESPONSE);
   
    OperatingUnitDao operatingUnitDao = (OperatingUnitDao)ctx.getBean("loxiaOperatingUnitDao");
   
    String strMethod = invocation.getProxy().getMethod();
    Method m = getActionMethod(action.getClass(), strMethod);
    Acl acl = m.getAnnotation(Acl.class);
    if(acl == null)
      acl = action.getClass().getAnnotation(Acl.class);
       
    boolean needCheck = true;
    boolean needCredential = true;
    if(acl == null){
      needCheck = false;
      needCredential = false;
    }else if(acl.value().length == 0
        || Arrays.asList(acl.value()).contains(""))
      needCheck = false;
    if(logger.isDebugEnabled()){
      if(needCredential)
        logger.debug("Credential is required.");
      logger.debug("Current ACL:{}", needCheck ? acl : "");
    }
   
    Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
   
    if(needCredential && authentication == null){
      logger.error("Session timeout.");
      throw new BusinessException(PreserveErrorCode.SESSION_TIMEOUT);
    }
   
    if(needCheck){
      BaseProfileAction act = (BaseProfileAction)action;
                 
      LoxiaUserDetails userDetails = (LoxiaUserDetails)authentication.getPrincipal();
      logger.debug("Current Principal:" + userDetails);
      String entryAcl = act.getAcl();
      if(entryAcl != null){
        userDetails.setCurrentOu(null);
        logger.debug("Function Entrance... Organization need to repick");
       
        for(GrantedAuthority auth: userDetails.getAuthorities()){
          LoxiaGrantedAuthority lauth = (LoxiaGrantedAuthority)auth;
          if(lauth.getAuthority().equals(entryAcl)){
            userDetails.setCurrentAuthority(lauth);
            break;
          }
        }
        if(userDetails.getCurrentAuthority() == null ||
            userDetails.getCurrentAuthority().getOuIds().size() == 0){
          logger.error("No sufficicent privilege.");
          throw new BusinessException(PreserveErrorCode.NO_SUFFICICENT_PRIVILEGE);
        }else{
          if(userDetails.getCurrentAuthority().
              getOuIds().size() == 1){
            userDetails.setCurrentOu(operatingUnitDao.getByPrimaryKey(
                userDetails.getCurrentAuthority().getOuIds().iterator().next()));
          }else{
            logger.debug("Redirect Invocation");
           
            String url = request.getRequestURI();
            Enumeration<String> paramNames = request.getParameterNames();
            StringBuffer paramsSb = new StringBuffer();
            while (paramNames.hasMoreElements()) {
              String name = (String) paramNames.nextElement();
              if (!"acl".equalsIgnoreCase(name)){
                paramsSb.append(name + "=" + request.getParameter(name) + "&");
              }
            }
            if (paramsSb.length() > 0){
              paramsSb.deleteCharAt(paramsSb.length()-1);
              url = url + "?" + paramsSb.toString();
            }
            request.getSession().setAttribute(BaseAction.FOLLOWING_URL_AFTER_OPERATING_UNIT_PICKUP, url);
            response.sendRedirect(request.getContextPath() + "/operatingunitpickup.do");
            return null;
          }
        }
      }else{
        if(act.getSelectedOuId() != null){
          //set Current OperatingUint in up
          userDetails.setCurrentOu(operatingUnitDao.getByPrimaryKey(act.getSelectedOuId()));
        }else{
          if(!userDetails.checkAuthority(acl.value())){
            logger.error("No sufficicent privilege.");
            throw new BusinessException(PreserveErrorCode.NO_SUFFICICENT_PRIVILEGE);
          }
        }         
      }
           
    }
   
    if(authentication != null && authentication.getPrincipal()instanceof LoxiaUserDetails){   
      LoxiaUserDetails userDetails = (LoxiaUserDetails)authentication.getPrincipal();
      if(action instanceof LoxiaUserDetailsAware){
        LoxiaUserDetailsAware aware = (LoxiaUserDetailsAware)action;
        aware.setLoxiaUserDetails(userDetails);
      }
      if(userDetails.getCurrentOu() == null){
        logger.debug("Set CurrentOu for develope purpose. Current Ou:{}",userDetails.getUser().getOu().getName());
        userDetails.setCurrentOu(userDetails.getUser().getOu());
      }
    }
       
    return invocation.invoke();
   
  }
 
  @SuppressWarnings("unchecked")
  protected Method getActionMethod(Class actionClass, String methodName) throws NoSuchMethodException {
        Method method;
        try {
            method = actionClass.getMethod(methodName, new Class[0]);
        } catch (NoSuchMethodException e) {
            // hmm -- OK, try doXxx instead
            try {
                String altMethodName = "do" + methodName.substring(0, 1).toUpperCase() + methodName.substring(1);
                method = actionClass.getMethod(altMethodName, new Class[0]);
            } catch (NoSuchMethodException e1) {
                // throw the original one
                throw e;
            }
        }
        return method;
    }
 
  protected String getMessage(Locale locale, String key, Object[] args){
    return LocalizedTextUtil.findText(this.getClass(), key, locale, key, args);
  }
}
TOP

Related Classes of loxia.struts2.interceptor.AuthorizationInterceptor

  • com.opensymphony.xwork2.ActionContext
  • com.sun.mirror.apt.AnnotationProcessor
  • com.sun.mirror.declaration.AnnotationValue
  • com.sun.mirror.declaration.MethodDeclaration
  • com.sun.mirror.declaration.TypeDeclaration
  • freemarker.template.Configuration
  • freemarker.template.DefaultObjectWrapper
  • freemarker.template.Template
  • loxia.dao.OperatingUnitDao
  • loxia.dao.Sort
    • TOP
    Copyright © 2018 www.massapi.com. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.