}
@Around("@annotation(loxia.web.annotation.Acl)")
public Object authorize(ProceedingJoinPoint pjp) throws Throwable{
logger.debug("Begin authorization check...");
BaseProfileController controller = null;
if(pjp.getThis() instanceof BaseProfileController){
controller = (BaseProfileController)pjp.getThis();
}else{
logger.info("Currently we only check privilege on controllers.");
return pjp.proceed(pjp.getArgs());
}
MethodSignature ms = (MethodSignature)pjp.getSignature();
Acl acl = ms.getMethod().getAnnotation(Acl.class);
logger.debug("Acl found: {}", Arrays.asList(acl.value()));
OperatingUnitDao operatingUnitDao = (OperatingUnitDao)context.getBean("loxiaOperatingUnitDao");
OperatingUnit currentOu = null;
Annotation[][] paramAnnos = ms.getMethod().getParameterAnnotations();
for(int i=0; i < paramAnnos.length; i++){
for(int j=0; j< paramAnnos[i].length; j++){
if(paramAnnos[i][j] != null && paramAnnos[i][j] instanceof CurrentOu){
Long ouId = null;
if(pjp.getArgs()[i] instanceof OperatingUnit){
ouId = ((OperatingUnit)pjp.getArgs()[i]).getId();
}else if(pjp.getArgs()[i] instanceof Long){
ouId = (Long)pjp.getArgs()[i];
}else
throw new IllegalArgumentException("Current Ou setting error.");
if(ouId != null)
currentOu = operatingUnitDao.getByPrimaryKey(ouId);
if(currentOu == null)
throw new IllegalArgumentException("Current Ou is null.");
break;
}
}
if(currentOu != null) break;
}
if(currentOu != null){
logger.debug("New current ou is set:{}[{}]", currentOu.getName(), currentOu.getId());
controller.setCurrentOperatingUnit(currentOu);
}else{
logger.debug("Current ou isn't changed.");
}
if(controller.getCurrentOperatingUnit() == null){
logger.warn("Current ou is null.");
throw new BusinessException(PreserveErrorCode.NO_SUFFICICENT_PRIVILEGE);
}
if(controller.checkPrivilege(acl.value())){
logger.debug("User pass the authorization.");
return pjp.proceed(pjp.getArgs());
}else{
throw new BusinessException(PreserveErrorCode.NO_SUFFICICENT_PRIVILEGE);
}