Subversion Repositories SmartDukaan

Rev

Rev 22860 | Rev 23173 | Go to most recent revision | Details | Compare with Previous | Last modification | View Log | RSS feed

Rev Author Line No. Line
22107 ashik.ali 1 
package com.spice.profitmandi.web.interceptor;
2 
 
3 
import java.util.HashSet;
4 
import java.util.Set;
5 
import java.util.function.Predicate;
6 
 
7 
import javax.servlet.http.HttpServletRequest;
8 
import javax.servlet.http.HttpServletResponse;
9 
 
10 
import org.slf4j.Logger;
11 
import org.slf4j.LoggerFactory;
12 
import org.springframework.beans.factory.annotation.Autowired;
13 
import org.springframework.http.HttpStatus;
14 
import org.springframework.http.MediaType;
15 
import org.springframework.stereotype.Component;
16 
import org.springframework.web.servlet.HandlerInterceptor;
17 
import org.springframework.web.servlet.ModelAndView;
18 
 
19 
import com.spice.profitmandi.common.exception.ProfitMandiBusinessException;
20 
import com.spice.profitmandi.dao.enumuration.dtr.RoleType;
22139 amit.gupta 21 
import com.spice.profitmandi.web.model.LoginDetails;
22107 ashik.ali 22 
import com.spice.profitmandi.web.util.CookiesProcessor;
23 
import com.spice.profitmandi.web.util.MVCResponseSender;
24 
 
25 
@Component
26 
public class RoleInterceptor implements HandlerInterceptor {
27 
 
28 
	private static final Logger LOGGER = LoggerFactory.getLogger(RoleInterceptor.class);
29 
 
30 
	private static final Set<String> REQUESTED_URI_PATTERNS = new HashSet<>();
31 
	static{
32 
		REQUESTED_URI_PATTERNS.add("/fofo");
22111 ashik.ali 33 
		REQUESTED_URI_PATTERNS.add("/fofo/");
34 
		REQUESTED_URI_PATTERNS.add("/fofo/-?[0-9]{1,10}/edit");
35 
		REQUESTED_URI_PATTERNS.add("/fofo/-?[0-9]{1,10}/edit/");
22533 ashik.ali 36 
		REQUESTED_URI_PATTERNS.add("/fofo/-?[0-9]{1,10}/file-display");
37 
		REQUESTED_URI_PATTERNS.add("/fofo/-?[0-9]{1,10}/file-display/");
22860 ashik.ali 38 
		REQUESTED_URI_PATTERNS.add("/adminDashboard");
22107 ashik.ali 39 
	}
40 
 
41 
	@Autowired
22927 ashik.ali 42 
	private MVCResponseSender mvcResponseSender;
22107 ashik.ali 43 
 
44 
	@Autowired
22927 ashik.ali 45 
	private CookiesProcessor cookiesProcessor;
22107 ashik.ali 46 
 
47 
	@Override
48 
	public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object arg2, Exception arg3)
49 
			throws Exception {
50 
	}
51 
 
52 
	@Override
53 
	public void postHandle(HttpServletRequest request, HttpServletResponse response, Object arg2, ModelAndView arg3)
54 
			throws Exception {
55 
		LOGGER.info("request is received after : "+request.getRequestURL().toString());
56 
	}
57 
 
58 
	@Override
59 
	public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object object) throws Exception {
22109 ashik.ali 60 
		LOGGER.info("request is received before uri : "+request.getRequestURI());
22107 ashik.ali 61 
		LOGGER.info("Request method {}",request.getMethod());
62 
		try {
22139 amit.gupta 63 
			LoginDetails fofoDetails = cookiesProcessor.getCookiesObject(request);
22111 ashik.ali 64 
			LOGGER.info(fofoDetails.toString());
22107 ashik.ali 65 
			if(
66 
				// condition start
67 
				// first condition start
22139 amit.gupta 68 
				(REQUESTED_URI_PATTERNS.stream().anyMatch(new Predicate<String>() {
22107 ashik.ali 69 
					@Override
70 
					public boolean test(String regexUriPattern) {
22533 ashik.ali 71 
						LOGGER.info("requestedUri {} == predefinedPattern {} => {}", request.getRequestURI(), request.getContextPath() + regexUriPattern, request.getRequestURI().matches(request.getContextPath() + regexUriPattern));
22109 ashik.ali 72 
						return request.getRequestURI().matches(request.getContextPath() + regexUriPattern);
22139 amit.gupta 73 
					};
74 
				})
22107 ashik.ali 75 
				// first condition end
76 
				&&
77 
				// second condition start
22860 ashik.ali 78 
				fofoDetails.getRoleTypes().contains(RoleType.FOFO_ADMIN)
22139 amit.gupta 79 
				)
80 
				||
81 
				(REQUESTED_URI_PATTERNS.stream().noneMatch((new Predicate<String>() {
82 
					@Override
83 
					public boolean test(String regexUriPattern) {
84 
						return request.getRequestURI().matches(request.getContextPath() + regexUriPattern);
85 
					};
86 
				}))
87 
				&&
22533 ashik.ali 88 
				fofoDetails.getRoleTypes().contains(RoleType.FOFO)
22139 amit.gupta 89 
				)
90 
			) {
91 
				return true;
92 
			} else {
22111 ashik.ali 93 
				LOGGER.error("Accessed Uri {} is forbidden", request.getRequestURI());
22107 ashik.ali 94 
				response.setStatus(HttpStatus.FORBIDDEN.value());
95 
				response.setContentType(MediaType.APPLICATION_JSON_VALUE);
96 
				response.setCharacterEncoding("UTF-8");
97 
				response.getWriter().write(mvcResponseSender.createResponseString("GE_1004", false, "/error"));
98 
				response.getWriter().flush();
22111 ashik.ali 99 
				return false;
22107 ashik.ali 100 
			}
101 
		} catch (ProfitMandiBusinessException e) {
102 
			LOGGER.error("Requested session is expired", e);
103 
			return false;
104 
		}
105 
	}
106 
}