| Line 18... |
Line 18... |
| 18 |
|
18 |
|
| 19 |
import com.spice.profitmandi.common.exception.ProfitMandiBusinessException;
|
19 |
import com.spice.profitmandi.common.exception.ProfitMandiBusinessException;
|
| 20 |
import com.spice.profitmandi.dao.enumuration.dtr.RoleType;
|
20 |
import com.spice.profitmandi.dao.enumuration.dtr.RoleType;
|
| 21 |
import com.spice.profitmandi.dao.repository.dtr.UserRepository;
|
21 |
import com.spice.profitmandi.dao.repository.dtr.UserRepository;
|
| 22 |
import com.spice.profitmandi.dao.repository.dtr.UserRoleRepository;
|
22 |
import com.spice.profitmandi.dao.repository.dtr.UserRoleRepository;
|
| 23 |
import com.spice.profitmandi.web.model.FofoDetails;
|
23 |
import com.spice.profitmandi.web.model.LoginDetails;
|
| 24 |
import com.spice.profitmandi.web.util.CookiesProcessor;
|
24 |
import com.spice.profitmandi.web.util.CookiesProcessor;
|
| 25 |
import com.spice.profitmandi.web.util.MVCResponseSender;
|
25 |
import com.spice.profitmandi.web.util.MVCResponseSender;
|
| 26 |
|
26 |
|
| 27 |
import in.shop2020.utils.Role;
|
- |
|
| 28 |
|
- |
|
| 29 |
@Component
|
27 |
@Component
|
| 30 |
public class RoleInterceptor implements HandlerInterceptor {
|
28 |
public class RoleInterceptor implements HandlerInterceptor {
|
| 31 |
|
29 |
|
| 32 |
private static final Logger LOGGER = LoggerFactory.getLogger(RoleInterceptor.class);
|
30 |
private static final Logger LOGGER = LoggerFactory.getLogger(RoleInterceptor.class);
|
| 33 |
|
31 |
|
| Line 66... |
Line 64... |
| 66 |
@Override
|
64 |
@Override
|
| 67 |
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object object) throws Exception {
|
65 |
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object object) throws Exception {
|
| 68 |
LOGGER.info("request is received before uri : "+request.getRequestURI());
|
66 |
LOGGER.info("request is received before uri : "+request.getRequestURI());
|
| 69 |
LOGGER.info("Request method {}",request.getMethod());
|
67 |
LOGGER.info("Request method {}",request.getMethod());
|
| 70 |
try {
|
68 |
try {
|
| 71 |
FofoDetails fofoDetails = cookiesProcessor.getCookiesObject(request);
|
69 |
LoginDetails fofoDetails = cookiesProcessor.getCookiesObject(request);
|
| 72 |
LOGGER.info(fofoDetails.toString());
|
70 |
LOGGER.info(fofoDetails.toString());
|
| 73 |
if(
|
71 |
if(
|
| 74 |
// condition start
|
72 |
// condition start
|
| 75 |
// first condition start
|
73 |
// first condition start
|
| 76 |
REQUESTED_URI_PATTERNS.stream().anyMatch(new Predicate<String>() {
|
74 |
(REQUESTED_URI_PATTERNS.stream().anyMatch(new Predicate<String>() {
|
| 77 |
@Override
|
75 |
@Override
|
| 78 |
public boolean test(String regexUriPattern) {
|
76 |
public boolean test(String regexUriPattern) {
|
| 79 |
LOGGER.info("requestedUri == predefinedPattern {}=={} => {}", request.getRequestURI(), regexUriPattern, request.getRequestURI().matches(request.getContextPath() + regexUriPattern));
|
77 |
LOGGER.info("requestedUri == predefinedPattern {}=={} => {}", request.getRequestURI(), regexUriPattern, request.getRequestURI().matches(request.getContextPath() + regexUriPattern));
|
| 80 |
return request.getRequestURI().matches(request.getContextPath() + regexUriPattern);
|
78 |
return request.getRequestURI().matches(request.getContextPath() + regexUriPattern);
|
| - |
|
79 |
};
|
| 81 |
};})
|
80 |
})
|
| 82 |
// first condition end
|
81 |
// first condition end
|
| 83 |
&&
|
82 |
&&
|
| 84 |
// second condition start
|
83 |
// second condition start
|
| 85 |
fofoDetails.getRoleTypes().stream().noneMatch(new Predicate<RoleType>() {
|
84 |
fofoDetails.getRoleTypes().stream().anyMatch((new Predicate<RoleType>() {
|
| 86 |
@Override
|
85 |
@Override
|
| 87 |
public boolean test(RoleType roleType) {
|
86 |
public boolean test(RoleType roleType) {
|
| 88 |
LOGGER.info("roleType == actualRoleType {}!={} => {}", roleType, RoleType.FOFO_ADMIN, roleType != RoleType.FOFO_ADMIN);
|
- |
|
| 89 |
return roleType == RoleType.FOFO_ADMIN;
|
87 |
return roleType == RoleType.FOFO_ADMIN;
|
| - |
|
88 |
};
|
| 90 |
};}))
|
89 |
}))
|
| - |
|
90 |
)
|
| - |
|
91 |
||
|
| - |
|
92 |
(REQUESTED_URI_PATTERNS.stream().noneMatch((new Predicate<String>() {
|
| 91 |
// second condition end
|
93 |
@Override
|
| - |
|
94 |
public boolean test(String regexUriPattern) {
|
| - |
|
95 |
return request.getRequestURI().matches(request.getContextPath() + regexUriPattern);
|
| - |
|
96 |
};
|
| - |
|
97 |
}))
|
| - |
|
98 |
&&
|
| 92 |
// condition end
|
99 |
fofoDetails.isFofo()
|
| - |
|
100 |
)
|
| 93 |
{
|
101 |
) {
|
| - |
|
102 |
return true;
|
| - |
|
103 |
} else {
|
| 94 |
LOGGER.error("Accessed Uri {} is forbidden", request.getRequestURI());
|
104 |
LOGGER.error("Accessed Uri {} is forbidden", request.getRequestURI());
|
| 95 |
response.setStatus(HttpStatus.FORBIDDEN.value());
|
105 |
response.setStatus(HttpStatus.FORBIDDEN.value());
|
| 96 |
response.setContentType(MediaType.APPLICATION_JSON_VALUE);
|
106 |
response.setContentType(MediaType.APPLICATION_JSON_VALUE);
|
| 97 |
response.setCharacterEncoding("UTF-8");
|
107 |
response.setCharacterEncoding("UTF-8");
|
| 98 |
response.getWriter().write(mvcResponseSender.createResponseString("GE_1004", false, "/error"));
|
108 |
response.getWriter().write(mvcResponseSender.createResponseString("GE_1004", false, "/error"));
|
| 99 |
response.getWriter().flush();
|
109 |
response.getWriter().flush();
|
| 100 |
return false;
|
110 |
return false;
|
| 101 |
}
|
111 |
}
|
| 102 |
return true;
|
- |
|
| 103 |
} catch (ProfitMandiBusinessException e) {
|
112 |
} catch (ProfitMandiBusinessException e) {
|
| 104 |
LOGGER.error("Requested session is expired", e);
|
113 |
LOGGER.error("Requested session is expired", e);
|
| 105 |
return false;
|
114 |
return false;
|
| 106 |
}
|
115 |
}
|
| 107 |
}
|
116 |
}
|