Subversion Repositories SmartDukaan

Rev

Rev 22533 | Rev 22927 | Go to most recent revision | Details | Compare with Previous | Last modification | View Log | RSS feed

Rev Author Line No. Line
22107 ashik.ali 1 
package com.spice.profitmandi.web.interceptor;
2 
 
3 
import java.util.HashSet;
4 
import java.util.Set;
5 
import java.util.function.Predicate;
6 
 
7 
import javax.servlet.http.HttpServletRequest;
8 
import javax.servlet.http.HttpServletResponse;
9 
 
10 
import org.slf4j.Logger;
11 
import org.slf4j.LoggerFactory;
12 
import org.springframework.beans.factory.annotation.Autowired;
13 
import org.springframework.http.HttpStatus;
14 
import org.springframework.http.MediaType;
15 
import org.springframework.stereotype.Component;
16 
import org.springframework.web.servlet.HandlerInterceptor;
17 
import org.springframework.web.servlet.ModelAndView;
18 
 
19 
import com.spice.profitmandi.common.exception.ProfitMandiBusinessException;
22533 ashik.ali 20 
import com.spice.profitmandi.common.web.util.ResponseSender;
22107 ashik.ali 21 
import com.spice.profitmandi.dao.enumuration.dtr.RoleType;
22 
import com.spice.profitmandi.dao.repository.dtr.UserRepository;
23 
import com.spice.profitmandi.dao.repository.dtr.UserRoleRepository;
22139 amit.gupta 24 
import com.spice.profitmandi.web.model.LoginDetails;
22107 ashik.ali 25 
import com.spice.profitmandi.web.util.CookiesProcessor;
26 
import com.spice.profitmandi.web.util.MVCResponseSender;
27 
 
28 
@Component
29 
public class RoleInterceptor implements HandlerInterceptor {
30 
 
31 
	private static final Logger LOGGER = LoggerFactory.getLogger(RoleInterceptor.class);
32 
 
33 
	private static final Set<String> REQUESTED_URI_PATTERNS = new HashSet<>();
34 
	static{
35 
		REQUESTED_URI_PATTERNS.add("/fofo");
22111 ashik.ali 36 
		REQUESTED_URI_PATTERNS.add("/fofo/");
37 
		REQUESTED_URI_PATTERNS.add("/fofo/-?[0-9]{1,10}/edit");
38 
		REQUESTED_URI_PATTERNS.add("/fofo/-?[0-9]{1,10}/edit/");
22533 ashik.ali 39 
		REQUESTED_URI_PATTERNS.add("/fofo/-?[0-9]{1,10}/file-display");
40 
		REQUESTED_URI_PATTERNS.add("/fofo/-?[0-9]{1,10}/file-display/");
22860 ashik.ali 41 
		REQUESTED_URI_PATTERNS.add("/adminDashboard");
22107 ashik.ali 42 
	}
43 
	@Autowired
44 
	UserRepository userRepository;
45 
 
46 
	@Autowired
47 
	UserRoleRepository userRoleRepository;
48 
 
49 
	@Autowired
50 
	MVCResponseSender mvcResponseSender;
51 
 
52 
	@Autowired
53 
	CookiesProcessor cookiesProcessor;
54 
 
22533 ashik.ali 55 
	@Autowired
56 
	ResponseSender<?> responseSender;
57 
 
22107 ashik.ali 58 
	@Override
59 
	public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object arg2, Exception arg3)
60 
			throws Exception {
61 
	}
62 
 
63 
	@Override
64 
	public void postHandle(HttpServletRequest request, HttpServletResponse response, Object arg2, ModelAndView arg3)
65 
			throws Exception {
66 
		LOGGER.info("request is received after : "+request.getRequestURL().toString());
67 
	}
68 
 
69 
	@Override
70 
	public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object object) throws Exception {
22109 ashik.ali 71 
		LOGGER.info("request is received before uri : "+request.getRequestURI());
22107 ashik.ali 72 
		LOGGER.info("Request method {}",request.getMethod());
73 
		try {
22139 amit.gupta 74 
			LoginDetails fofoDetails = cookiesProcessor.getCookiesObject(request);
22111 ashik.ali 75 
			LOGGER.info(fofoDetails.toString());
22107 ashik.ali 76 
			if(
77 
				// condition start
78 
				// first condition start
22139 amit.gupta 79 
				(REQUESTED_URI_PATTERNS.stream().anyMatch(new Predicate<String>() {
22107 ashik.ali 80 
					@Override
81 
					public boolean test(String regexUriPattern) {
22533 ashik.ali 82 
						LOGGER.info("requestedUri {} == predefinedPattern {} => {}", request.getRequestURI(), request.getContextPath() + regexUriPattern, request.getRequestURI().matches(request.getContextPath() + regexUriPattern));
22109 ashik.ali 83 
						return request.getRequestURI().matches(request.getContextPath() + regexUriPattern);
22139 amit.gupta 84 
					};
85 
				})
22107 ashik.ali 86 
				// first condition end
87 
				&&
88 
				// second condition start
22860 ashik.ali 89 
				fofoDetails.getRoleTypes().contains(RoleType.FOFO_ADMIN)
22139 amit.gupta 90 
				)
91 
				||
92 
				(REQUESTED_URI_PATTERNS.stream().noneMatch((new Predicate<String>() {
93 
					@Override
94 
					public boolean test(String regexUriPattern) {
95 
						return request.getRequestURI().matches(request.getContextPath() + regexUriPattern);
96 
					};
97 
				}))
98 
				&&
22533 ashik.ali 99 
				fofoDetails.getRoleTypes().contains(RoleType.FOFO)
22139 amit.gupta 100 
				)
101 
			) {
102 
				return true;
103 
			} else {
22111 ashik.ali 104 
				LOGGER.error("Accessed Uri {} is forbidden", request.getRequestURI());
22107 ashik.ali 105 
				response.setStatus(HttpStatus.FORBIDDEN.value());
106 
				response.setContentType(MediaType.APPLICATION_JSON_VALUE);
107 
				response.setCharacterEncoding("UTF-8");
108 
				response.getWriter().write(mvcResponseSender.createResponseString("GE_1004", false, "/error"));
109 
				response.getWriter().flush();
22111 ashik.ali 110 
				return false;
22107 ashik.ali 111 
			}
112 
		} catch (ProfitMandiBusinessException e) {
113 
			LOGGER.error("Requested session is expired", e);
114 
			return false;
115 
		}
116 
	}
117 
}