Example usage for com.liferay.portal.security.lang PortalSecurityManagerThreadLocal isEnabled

List of usage examples for com.liferay.portal.security.lang PortalSecurityManagerThreadLocal isEnabled

  1. HOME
  2. Java
  3. com.liferay.portal
  4. com.liferay.portal.security.lang.*
  5. PortalSecurityManagerThreadLocal
  6. isEnabled

Introduction

In this page you can find the example usage for com.liferay.portal.security.lang PortalSecurityManagerThreadLocal isEnabled.

Prototype

public static boolean isEnabled()

Source Link

Usage

From source file:com.security.portal.security.pacl.PACLAdvice.java

License:Open Source License

@Override
public Object invoke(MethodInvocation methodInvocation) throws Throwable {
    if (!PortalSecurityManagerThreadLocal.isEnabled()) {

        // Proceed so that we do not remove the advice

        try {//from  w  w w  . java2s.  c o m
            return methodInvocation.proceed();
        } catch (Throwable throwable) {
            throw throwable;
        }
    }

    if (!PACLPolicyManager.isActive()) {
        ServiceBeanAopProxy.removeMethodInterceptor(methodInvocation, this);

        try {
            return methodInvocation.proceed();
        } catch (Throwable throwable) {
            throw throwable;
        }
    }

    Object thisObject = methodInvocation.getThis();
    Method method = methodInvocation.getMethod();
    Object[] arguments = methodInvocation.getArguments();

    boolean debug = false;

    if (_log.isDebugEnabled()) {
        Class<?> clazz = thisObject.getClass();

        String className = clazz.getName();

        if (className.equals(PortalServiceImpl.class.getName())
                || className.equals(_ENTRY_LOCAL_SERVICE_IMPL_CLASS_NAME)
                || className.equals(_STATUS_LOCAL_SERVICE_IMPL_CLASS_NAME)) {

            debug = true;

            _log.debug("Intercepting " + className + "#" + method.getName());
        }
    }

    if (method.getDeclaringClass() == Object.class) {
        String methodName = method.getName();

        if (methodName.equals("equals")) {
            if (thisObject == arguments[0]) {
                return true;
            } else {
                return false;
            }
        } else if (methodName.equals("toString")) {
            return method.invoke(thisObject, arguments);
        }
    }

    if (!PACLPolicyManager.isActive()) {
        return method.invoke(thisObject, arguments);
    }

    PACLPolicy paclPolicy = PACLClassUtil.getPACLPolicy(false, debug);

    if (debug) {
        if (paclPolicy != null) {
            _log.debug("Retrieved PACL policy for " + paclPolicy.getServletContextName());
        }
    }

    if (paclPolicy == null) {
        return methodInvocation.proceed();
    }

    if (!paclPolicy.hasPortalService(thisObject, method, arguments)) {
        String message = "Attempted to invoke " + method;
        System.err.println("Testing permissions, got error: " + message);
        //            throw new SecurityException("Attempted to invoke " + method);
    }

    boolean checkSQL = PortalSecurityManagerThreadLocal.isCheckSQL();

    try {
        Class<?> thisObjectClass = thisObject.getClass();

        if (paclPolicy.getClassLoader() != PACLClassLoaderUtil.getClassLoader(thisObjectClass)) {

            // Disable the portal security manager so that PACLDataSource
            // does not try to check access to tables that can be accessed
            // since the service is already approved

            PortalSecurityManagerThreadLocal.setCheckSQL(false);
        }

        return methodInvocation.proceed();
    } finally {
        PortalSecurityManagerThreadLocal.setCheckSQL(checkSQL);
    }
}