Subversion Repositories SmartDukaan

package com.spice.profitmandi.web.interceptor;

import java.util.HashSet;

import java.util.List;

import java.util.Set;

import java.util.function.Predicate;

import javax.servlet.http.HttpServletRequest;

import javax.servlet.http.HttpServletResponse;

import org.slf4j.Logger;

import org.slf4j.LoggerFactory;

import org.springframework.beans.factory.annotation.Autowired;

import org.springframework.http.HttpStatus;

import org.springframework.http.MediaType;

import org.springframework.stereotype.Component;

import org.springframework.web.servlet.HandlerInterceptor;

import org.springframework.web.servlet.ModelAndView;

import com.spice.profitmandi.common.exception.ProfitMandiBusinessException;

import com.spice.profitmandi.dao.entity.dtr.User;

import com.spice.profitmandi.dao.entity.dtr.UserRole;

import com.spice.profitmandi.dao.enumuration.dtr.RoleType;

import com.spice.profitmandi.dao.repository.dtr.UserRepository;

import com.spice.profitmandi.dao.repository.dtr.UserRoleRepository;

import com.spice.profitmandi.web.model.FofoDetails;

import com.spice.profitmandi.web.util.CookiesProcessor;

import com.spice.profitmandi.web.util.MVCResponseSender;

@Component

public class RoleInterceptor implements HandlerInterceptor {

	private static final Logger LOGGER = LoggerFactory.getLogger(RoleInterceptor.class);

	private static final Set<String> REQUESTED_URI_PATTERNS = new HashSet<>();

	static{

		REQUESTED_URI_PATTERNS.add("/fofo");

		REQUESTED_URI_PATTERNS.add("/fofo/[0-9]{1,6}/edit");

		REQUESTED_URI_PATTERNS.add("/file-display/[1-9]{1,6}");

	}

	@Autowired

	UserRepository userRepository;

	@Autowired

	UserRoleRepository userRoleRepository;

	@Autowired

	MVCResponseSender mvcResponseSender;

	@Autowired

	CookiesProcessor cookiesProcessor;

	@Override

	public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object arg2, Exception arg3)

			throws Exception {

	}

	@Override

	public void postHandle(HttpServletRequest request, HttpServletResponse response, Object arg2, ModelAndView arg3)

			throws Exception {

		LOGGER.info("request is received after : "+request.getRequestURL().toString());

	}

	@Override

	public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object object) throws Exception {

		LOGGER.info("request is received before uri : "+request.getRequestURI());

		LOGGER.info("Request method {}",request.getMethod());

		try {

			FofoDetails fofoDetails = cookiesProcessor.getCookiesObject(request);

			User user = userRepository.selectByEmailId(fofoDetails.getEmailId());

			List<UserRole> userRoles = userRoleRepository.selectByUserId(user.getId());

			if(

				// condition start

				// first condition start

				REQUESTED_URI_PATTERNS.stream().anyMatch(new Predicate<String>() {

					@Override

					public boolean test(String regexUriPattern) {

						return request.getRequestURI().matches(request.getContextPath() + regexUriPattern);

					};})

				// first condition end

				&&

				// second condition start

				userRoles.stream().anyMatch(new Predicate<UserRole>() {

					@Override

					public boolean test(UserRole userRole) {

						return userRole.getRoleType() == RoleType.FOFO_ADMIN;

					}

				}))

				// second condition end

				// condition end

			{

				response.setStatus(HttpStatus.FORBIDDEN.value());

				response.setContentType(MediaType.APPLICATION_JSON_VALUE);

				response.setCharacterEncoding("UTF-8");

				response.getWriter().write(mvcResponseSender.createResponseString("GE_1004", false, "/error"));

				response.getWriter().flush();

			}

			return true;

		} catch (ProfitMandiBusinessException e) {

			LOGGER.error("Requested session is expired", e);

			return false;

		}

	}

}