fr.exanpe.t5.lib.internal.authorize.AuthorizePageFilter.java Source code

Java tutorial

  1. HOME
  2. Java
  3. fr.exanpe.t5.lib.internal.authorize.AuthorizePageFilter.java

Introduction

Here is the source code for fr.exanpe.t5.lib.internal.authorize.AuthorizePageFilter.java

Source

//
// Copyright 2011 EXANPE <exanpe@gmail.com>
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
//

package fr.exanpe.t5.lib.internal.authorize;

import java.io.IOException;
import java.security.Principal;
import java.util.List;

import org.apache.commons.lang.ClassUtils;
import org.apache.tapestry5.runtime.Component;
import org.apache.tapestry5.services.ComponentEventRequestParameters;
import org.apache.tapestry5.services.ComponentRequestFilter;
import org.apache.tapestry5.services.ComponentRequestHandler;
import org.apache.tapestry5.services.ComponentSource;
import org.apache.tapestry5.services.PageRenderRequestParameters;
import org.apache.tapestry5.services.RequestGlobals;
import org.slf4j.Logger;

import fr.exanpe.t5.lib.annotation.Authorize;
import fr.exanpe.t5.lib.exception.AuthorizeException;
import fr.exanpe.t5.lib.services.AuthorizeBusinessService;

/**
 * This class handles the security for {@link Authorize} annotation declared at class level.<br/>
 * {@link AuthorizeException} is thrown on access denied.
 * 
 * @see AuthorizeException
 * @author jmaupoux
 */
public class AuthorizePageFilter implements ComponentRequestFilter {
    private AuthorizeBusinessService authorizeBusinessService;
    private RequestGlobals requestGlobals;
    private ComponentSource componentSource;
    private Logger logger;

    public AuthorizePageFilter(AuthorizeBusinessService abs, RequestGlobals request,
            ComponentSource componentSource, Logger logger) {
        this.authorizeBusinessService = abs;
        this.requestGlobals = request;
        this.componentSource = componentSource;
        this.logger = logger;
    }

    /*
     * (non-Javadoc)
     * @see
     * org.apache.tapestry5.services.ComponentRequestFilter#handleComponentEvent(org.apache.tapestry5
     * .services.ComponentEventRequestParameters,
     * org.apache.tapestry5.services.ComponentRequestHandler)
     */
    public void handleComponentEvent(ComponentEventRequestParameters parameters, ComponentRequestHandler handler)
            throws IOException {
        Authorize auth = process(parameters.getActivePageName());

        if (auth == null
                || (authorizeBusinessService.applyAll(auth.all()) && authorizeBusinessService.applyAny(auth.any())
                        && authorizeBusinessService.applyNot(auth.not()))) {
            handler.handleComponentEvent(parameters);
        } else {
            throwAuthorizeException(parameters.getActivePageName());
        }
    }

    /*
     * (non-Javadoc)
     * @see
     * org.apache.tapestry5.services.ComponentRequestFilter#handlePageRender(org.apache.tapestry5
     * .services.PageRenderRequestParameters, org.apache.tapestry5.services.ComponentRequestHandler)
     */
    public void handlePageRender(PageRenderRequestParameters parameters, ComponentRequestHandler handler)
            throws IOException {
        Authorize auth = process(parameters.getLogicalPageName());

        if (auth == null
                || (authorizeBusinessService.applyAll(auth.all()) && authorizeBusinessService.applyAny(auth.any())
                        && authorizeBusinessService.applyNot(auth.not()))) {
            handler.handlePageRender(parameters);
        } else {
            throwAuthorizeException(parameters.getLogicalPageName());
        }
    }

    private void throwAuthorizeException(String page) {
        logger.debug("Illegal access to page {} for user {}", page, getUsername());
        throw new AuthorizeException(page, getUsername());
    }

    private String getUsername() {
        Principal p = requestGlobals.getHTTPServletRequest().getUserPrincipal();
        if (p == null) {
            return "-";
        }
        return p.getName();
    }

    /**
     * Look for an {@link Authorize} annotation in the Page class or superclass
     * 
     * @param pageName the name of the page
     * @return the annotation found, or null
     */
    @SuppressWarnings("unchecked")
    private Authorize process(String pageName) {
        Component page = componentSource.getPage(pageName);

        Authorize auth = null;

        if ((auth = process(page.getClass())) != null) {
            return auth;
        }

        // handle inheritance
        for (Class<?> c : (List<Class<?>>) ClassUtils.getAllSuperclasses(page.getClass())) {
            if ((auth = process(c)) != null) {
                return auth;
            }
        }

        // handle inheritance
        for (Class<?> c : (List<Class<?>>) ClassUtils.getAllInterfaces(page.getClass())) {
            if ((auth = process(c)) != null) {
                return auth;
            }
        }

        return auth;
    }

    /**
     * Return the {@link Authorize} annotation if found
     * 
     * @param clazz the class to look for
     * @return the annotation, or null
     */
    private Authorize process(Class<?> clazz) {
        if (!clazz.isAnnotationPresent(Authorize.class)) {
            return null;
        }

        return clazz.getAnnotation(Authorize.class);
    }
}