Subversion Repositories SmartDukaan

Rev

Rev 22109 | Rev 22139 | Go to most recent revision | Details | Compare with Previous | Last modification | View Log | RSS feed

Rev Author Line No. Line
22107 ashik.ali 1 
package com.spice.profitmandi.web.interceptor;
2 
 
3 
import java.util.HashSet;
4 
import java.util.Set;
5 
import java.util.function.Predicate;
6 
 
7 
import javax.servlet.http.HttpServletRequest;
8 
import javax.servlet.http.HttpServletResponse;
9 
 
10 
import org.slf4j.Logger;
11 
import org.slf4j.LoggerFactory;
12 
import org.springframework.beans.factory.annotation.Autowired;
13 
import org.springframework.http.HttpStatus;
14 
import org.springframework.http.MediaType;
15 
import org.springframework.stereotype.Component;
16 
import org.springframework.web.servlet.HandlerInterceptor;
17 
import org.springframework.web.servlet.ModelAndView;
18 
 
19 
import com.spice.profitmandi.common.exception.ProfitMandiBusinessException;
20 
import com.spice.profitmandi.dao.enumuration.dtr.RoleType;
21 
import com.spice.profitmandi.dao.repository.dtr.UserRepository;
22 
import com.spice.profitmandi.dao.repository.dtr.UserRoleRepository;
23 
import com.spice.profitmandi.web.model.FofoDetails;
24 
import com.spice.profitmandi.web.util.CookiesProcessor;
25 
import com.spice.profitmandi.web.util.MVCResponseSender;
26 
 
22111 ashik.ali 27 
import in.shop2020.utils.Role;
28 
 
22107 ashik.ali 29 
@Component
30 
public class RoleInterceptor implements HandlerInterceptor {
31 
 
32 
	private static final Logger LOGGER = LoggerFactory.getLogger(RoleInterceptor.class);
33 
 
34 
	private static final Set<String> REQUESTED_URI_PATTERNS = new HashSet<>();
35 
	static{
36 
		REQUESTED_URI_PATTERNS.add("/fofo");
22111 ashik.ali 37 
		REQUESTED_URI_PATTERNS.add("/fofo/");
38 
		REQUESTED_URI_PATTERNS.add("/fofo/-?[0-9]{1,10}/edit");
39 
		REQUESTED_URI_PATTERNS.add("/fofo/-?[0-9]{1,10}/edit/");
40 
		REQUESTED_URI_PATTERNS.add("/file-display/-?[1-9]{1,10}");
41 
		REQUESTED_URI_PATTERNS.add("/file-display/-?[1-9]{1,10}/");
22107 ashik.ali 42 
	}
43 
	@Autowired
44 
	UserRepository userRepository;
45 
 
46 
	@Autowired
47 
	UserRoleRepository userRoleRepository;
48 
 
49 
	@Autowired
50 
	MVCResponseSender mvcResponseSender;
51 
 
52 
	@Autowired
53 
	CookiesProcessor cookiesProcessor;
54 
 
55 
	@Override
56 
	public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object arg2, Exception arg3)
57 
			throws Exception {
58 
	}
59 
 
60 
	@Override
61 
	public void postHandle(HttpServletRequest request, HttpServletResponse response, Object arg2, ModelAndView arg3)
62 
			throws Exception {
63 
		LOGGER.info("request is received after : "+request.getRequestURL().toString());
64 
	}
65 
 
66 
	@Override
67 
	public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object object) throws Exception {
22109 ashik.ali 68 
		LOGGER.info("request is received before uri : "+request.getRequestURI());
22107 ashik.ali 69 
		LOGGER.info("Request method {}",request.getMethod());
70 
		try {
71 
			FofoDetails fofoDetails = cookiesProcessor.getCookiesObject(request);
22111 ashik.ali 72 
			LOGGER.info(fofoDetails.toString());
22107 ashik.ali 73 
			if(
74 
				// condition start
75 
				// first condition start
76 
				REQUESTED_URI_PATTERNS.stream().anyMatch(new Predicate<String>() {
77 
					@Override
78 
					public boolean test(String regexUriPattern) {
22111 ashik.ali 79 
						LOGGER.info("requestedUri == predefinedPattern {}=={} => {}", request.getRequestURI(), regexUriPattern, request.getRequestURI().matches(request.getContextPath() + regexUriPattern));
22109 ashik.ali 80 
						return request.getRequestURI().matches(request.getContextPath() + regexUriPattern);
22111 ashik.ali 81 
				};})
22107 ashik.ali 82 
				// first condition end
83 
				&&
84 
				// second condition start
22111 ashik.ali 85 
				fofoDetails.getRoleTypes().stream().noneMatch(new Predicate<RoleType>() {
22107 ashik.ali 86 
					@Override
22111 ashik.ali 87 
					public boolean test(RoleType roleType) {
88 
						LOGGER.info("roleType == actualRoleType {}!={} => {}", roleType, RoleType.FOFO_ADMIN, roleType != RoleType.FOFO_ADMIN);
89 
						return roleType == RoleType.FOFO_ADMIN;
90 
				};}))
22107 ashik.ali 91 
				// second condition end
92 
				// condition end
93 
			{
22111 ashik.ali 94 
				LOGGER.error("Accessed Uri {} is forbidden", request.getRequestURI());
22107 ashik.ali 95 
				response.setStatus(HttpStatus.FORBIDDEN.value());
96 
				response.setContentType(MediaType.APPLICATION_JSON_VALUE);
97 
				response.setCharacterEncoding("UTF-8");
98 
				response.getWriter().write(mvcResponseSender.createResponseString("GE_1004", false, "/error"));
99 
				response.getWriter().flush();
22111 ashik.ali 100 
				return false;
22107 ashik.ali 101 
			}
102 
			return true;
103 
		} catch (ProfitMandiBusinessException e) {
104 
			LOGGER.error("Requested session is expired", e);
105 
			return false;
106 
		}
107 
	}
108 
}