Subversion Repositories SmartDukaan

Rev

Rev 22111 | Rev 22533 | Go to most recent revision | Details | Compare with Previous | Last modification | View Log | RSS feed

Rev Author Line No. Line
22107 ashik.ali 1 
package com.spice.profitmandi.web.interceptor;
2 
 
3 
import java.util.HashSet;
4 
import java.util.Set;
5 
import java.util.function.Predicate;
6 
 
7 
import javax.servlet.http.HttpServletRequest;
8 
import javax.servlet.http.HttpServletResponse;
9 
 
10 
import org.slf4j.Logger;
11 
import org.slf4j.LoggerFactory;
12 
import org.springframework.beans.factory.annotation.Autowired;
13 
import org.springframework.http.HttpStatus;
14 
import org.springframework.http.MediaType;
15 
import org.springframework.stereotype.Component;
16 
import org.springframework.web.servlet.HandlerInterceptor;
17 
import org.springframework.web.servlet.ModelAndView;
18 
 
19 
import com.spice.profitmandi.common.exception.ProfitMandiBusinessException;
20 
import com.spice.profitmandi.dao.enumuration.dtr.RoleType;
21 
import com.spice.profitmandi.dao.repository.dtr.UserRepository;
22 
import com.spice.profitmandi.dao.repository.dtr.UserRoleRepository;
22139 amit.gupta 23 
import com.spice.profitmandi.web.model.LoginDetails;
22107 ashik.ali 24 
import com.spice.profitmandi.web.util.CookiesProcessor;
25 
import com.spice.profitmandi.web.util.MVCResponseSender;
26 
 
27 
@Component
28 
public class RoleInterceptor implements HandlerInterceptor {
29 
 
30 
	private static final Logger LOGGER = LoggerFactory.getLogger(RoleInterceptor.class);
31 
 
32 
	private static final Set<String> REQUESTED_URI_PATTERNS = new HashSet<>();
33 
	static{
34 
		REQUESTED_URI_PATTERNS.add("/fofo");
22111 ashik.ali 35 
		REQUESTED_URI_PATTERNS.add("/fofo/");
36 
		REQUESTED_URI_PATTERNS.add("/fofo/-?[0-9]{1,10}/edit");
37 
		REQUESTED_URI_PATTERNS.add("/fofo/-?[0-9]{1,10}/edit/");
38 
		REQUESTED_URI_PATTERNS.add("/file-display/-?[1-9]{1,10}");
39 
		REQUESTED_URI_PATTERNS.add("/file-display/-?[1-9]{1,10}/");
22107 ashik.ali 40 
	}
41 
	@Autowired
42 
	UserRepository userRepository;
43 
 
44 
	@Autowired
45 
	UserRoleRepository userRoleRepository;
46 
 
47 
	@Autowired
48 
	MVCResponseSender mvcResponseSender;
49 
 
50 
	@Autowired
51 
	CookiesProcessor cookiesProcessor;
52 
 
53 
	@Override
54 
	public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object arg2, Exception arg3)
55 
			throws Exception {
56 
	}
57 
 
58 
	@Override
59 
	public void postHandle(HttpServletRequest request, HttpServletResponse response, Object arg2, ModelAndView arg3)
60 
			throws Exception {
61 
		LOGGER.info("request is received after : "+request.getRequestURL().toString());
62 
	}
63 
 
64 
	@Override
65 
	public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object object) throws Exception {
22109 ashik.ali 66 
		LOGGER.info("request is received before uri : "+request.getRequestURI());
22107 ashik.ali 67 
		LOGGER.info("Request method {}",request.getMethod());
68 
		try {
22139 amit.gupta 69 
			LoginDetails fofoDetails = cookiesProcessor.getCookiesObject(request);
22111 ashik.ali 70 
			LOGGER.info(fofoDetails.toString());
22107 ashik.ali 71 
			if(
72 
				// condition start
73 
				// first condition start
22139 amit.gupta 74 
				(REQUESTED_URI_PATTERNS.stream().anyMatch(new Predicate<String>() {
22107 ashik.ali 75 
					@Override
76 
					public boolean test(String regexUriPattern) {
22111 ashik.ali 77 
						LOGGER.info("requestedUri == predefinedPattern {}=={} => {}", request.getRequestURI(), regexUriPattern, request.getRequestURI().matches(request.getContextPath() + regexUriPattern));
22109 ashik.ali 78 
						return request.getRequestURI().matches(request.getContextPath() + regexUriPattern);
22139 amit.gupta 79 
					};
80 
				})
22107 ashik.ali 81 
				// first condition end
82 
				&&
83 
				// second condition start
22139 amit.gupta 84 
				fofoDetails.getRoleTypes().stream().anyMatch((new Predicate<RoleType>() {
22107 ashik.ali 85 
					@Override
22111 ashik.ali 86 
					public boolean test(RoleType roleType) {
87 
						return roleType == RoleType.FOFO_ADMIN;
22139 amit.gupta 88 
					};
89 
				}))
90 
				)
91 
				||
92 
				(REQUESTED_URI_PATTERNS.stream().noneMatch((new Predicate<String>() {
93 
					@Override
94 
					public boolean test(String regexUriPattern) {
95 
						return request.getRequestURI().matches(request.getContextPath() + regexUriPattern);
96 
					};
97 
				}))
98 
				&&
99 
				fofoDetails.isFofo()
100 
				)
101 
			) {
102 
				return true;
103 
			} else {
22111 ashik.ali 104 
				LOGGER.error("Accessed Uri {} is forbidden", request.getRequestURI());
22107 ashik.ali 105 
				response.setStatus(HttpStatus.FORBIDDEN.value());
106 
				response.setContentType(MediaType.APPLICATION_JSON_VALUE);
107 
				response.setCharacterEncoding("UTF-8");
108 
				response.getWriter().write(mvcResponseSender.createResponseString("GE_1004", false, "/error"));
109 
				response.getWriter().flush();
22111 ashik.ali 110 
				return false;
22107 ashik.ali 111 
			}
112 
		} catch (ProfitMandiBusinessException e) {
113 
			LOGGER.error("Requested session is expired", e);
114 
			return false;
115 
		}
116 
	}
117 
}