Package net.diegomaia.vraptor.saci.component.checker

Source Code of net.diegomaia.vraptor.saci.component.checker.RestrictionChecker

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
/*
* Copyright 2010 Diego Maia da Silva http://dev.diegomaia.net
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
*   http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*
*/

package net.diegomaia.vraptor.saci.component.checker;

import java.lang.reflect.Method;

import net.diegomaia.vraptor.saci.annotation.AccessLevel;
import net.diegomaia.vraptor.saci.annotation.LoggedIn;
import net.diegomaia.vraptor.saci.annotation.Roles;
import net.diegomaia.vraptor.saci.component.startup.PageHandler;
import net.diegomaia.vraptor.saci.interfaces.Profile;
import net.diegomaia.vraptor.saci.restriction.RestrictionResult;

import br.com.caelum.vraptor.Result;
import br.com.caelum.vraptor.ioc.Component;
import br.com.caelum.vraptor.view.Results;

/**
* RestrictionChecker looks for restrictions present in the resource
* (class) or in the requested method.
*
* @author Diego Maia da Silva a.k.a. Bronx
*/
@Component
public class RestrictionChecker {

  private String defaultLoginPage = new String();
  private String defaultAccessDeniedPage = new String();
  private PageHandler pageHandler;
  private Restrictor restrictor;
  private Result result;
 
  public RestrictionChecker(PageHandler pageHandler, Restrictor restrictor
                ,Result result){
    this.pageHandler = pageHandler;
    this.restrictor = restrictor;
    this.result = result;
  }

  public RestrictionResult checkRestrictions(Method method, Profile profile, Boolean handleRedirection) {
    RestrictionResult restrictionResult = this.restrictor.checkRestriction(method, profile);
    this.confirmDestination(restrictionResult);
    if (restrictionResult.isRestricted() && handleRedirection) {
      this.handleRedirection(restrictionResult.isHttp403(), restrictionResult.getDestination());
      restrictionResult = null;
    }
    return restrictionResult;
  }

  private void handleRedirection(boolean forceHttp403, String destination) {
    if (forceHttp403) {
      this.result.use(Results.http()).sendError(403);
    } else {
      this.result.use(Results.page()).redirectTo(destination);
    }
  }

  private void confirmDestination(RestrictionResult restrictionResult) {
    if (restrictionResult.isRestricted()) {
      switch (restrictionResult.getRestrictionReason()){
      case USER_NOT_LOGGED_IN:
        if (!restrictionResult.isHttp403()) {
          if (restrictionResult.getDestination().isEmpty()) {
            if (!this.defaultLoginPage.isEmpty()) {
              restrictionResult.setDestination(this.defaultLoginPage);
            } else {
              if (!this.pageHandler.getLoginPageURL().isEmpty()) {
                restrictionResult.setDestination(this.pageHandler.getLoginPageURL());
              } else {
                restrictionResult.setHttp403(true);
              }
            }
          }
        }
        break;
      case ACCESS_LEVEL_OUT_OF_RANGE:
      case ROLE_NOT_PLAYED_BY_USER:
        if (!restrictionResult.isHttp403()) {
          if (restrictionResult.getDestination().isEmpty()) {
            if (!this.defaultAccessDeniedPage.isEmpty()) {
              restrictionResult.setDestination(this.defaultAccessDeniedPage);
            } else {
              if (!this.pageHandler.getAccessDeniedPageURL().isEmpty()) {
                restrictionResult.setDestination(this.pageHandler.getAccessDeniedPageURL());
              } else {
                restrictionResult.setHttp403(true);
              }           
            }
          }
        }
        break;
      }
    }
  }

  public boolean hasRestriction(Method method) {
    boolean hasRestriction = this.hasResourceRestriction(method.getDeclaringClass());
    if (!hasRestriction){
      hasRestriction = this.hasMethodRestriction(method);
    }
    return hasRestriction;
  }

  private boolean hasMethodRestriction(Method method) {
    return  (method.isAnnotationPresent(LoggedIn.class) ||
         method.isAnnotationPresent(AccessLevel.class) ||
         method.isAnnotationPresent(Roles.class));
  }

  private boolean hasResourceRestriction(Class<?> resourceClass) {
    return (resourceClass.isAnnotationPresent(LoggedIn.class) ||
        resourceClass.isAnnotationPresent(AccessLevel.class) ||
        resourceClass.isAnnotationPresent(Roles.class));
  }

  public void setDefaultLoginPage(String defaultLoginPage) {
    this.defaultLoginPage = defaultLoginPage;
  }

  public void setDefaultAccessDeniedPage(String defaultAccessDeniedPage) {
    this.defaultAccessDeniedPage = defaultAccessDeniedPage;
  }

}
TOP

Related Classes of net.diegomaia.vraptor.saci.component.checker.RestrictionChecker

  • net.diegomaia.vraptor.saci.restriction.RestrictionResult
    • TOP
    Copyright © 2018 www.massapi.com. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.