Subversion Repositories SmartDukaan

Rev

Rev 22109 | Rev 22139 | Go to most recent revision | View as "text/plain" | Blame | Compare with Previous | Last modification | View Log | RSS feed 

package com.spice.profitmandi.web.interceptor;

import java.util.HashSet;
import java.util.Set;
import java.util.function.Predicate;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpStatus;
import org.springframework.http.MediaType;
import org.springframework.stereotype.Component;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;

import com.spice.profitmandi.common.exception.ProfitMandiBusinessException;
import com.spice.profitmandi.dao.enumuration.dtr.RoleType;
import com.spice.profitmandi.dao.repository.dtr.UserRepository;
import com.spice.profitmandi.dao.repository.dtr.UserRoleRepository;
import com.spice.profitmandi.web.model.FofoDetails;
import com.spice.profitmandi.web.util.CookiesProcessor;
import com.spice.profitmandi.web.util.MVCResponseSender;

import in.shop2020.utils.Role;

@Component
public class RoleInterceptor implements HandlerInterceptor {

        private static final Logger LOGGER = LoggerFactory.getLogger(RoleInterceptor.class);
        
        private static final Set<String> REQUESTED_URI_PATTERNS = new HashSet<>();
        static{
                REQUESTED_URI_PATTERNS.add("/fofo");
                REQUESTED_URI_PATTERNS.add("/fofo/");
                REQUESTED_URI_PATTERNS.add("/fofo/-?[0-9]{1,10}/edit");
                REQUESTED_URI_PATTERNS.add("/fofo/-?[0-9]{1,10}/edit/");
                REQUESTED_URI_PATTERNS.add("/file-display/-?[1-9]{1,10}");
                REQUESTED_URI_PATTERNS.add("/file-display/-?[1-9]{1,10}/");
        }
        @Autowired
        UserRepository userRepository;
        
        @Autowired
        UserRoleRepository userRoleRepository;
        
        @Autowired
        MVCResponseSender mvcResponseSender;
        
        @Autowired
        CookiesProcessor cookiesProcessor;
        
        @Override
        public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object arg2, Exception arg3)
                        throws Exception {
        }

        @Override
        public void postHandle(HttpServletRequest request, HttpServletResponse response, Object arg2, ModelAndView arg3)
                        throws Exception {
                LOGGER.info("request is received after : "+request.getRequestURL().toString());
        }

        @Override
        public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object object) throws Exception {
                LOGGER.info("request is received before uri : "+request.getRequestURI());
                LOGGER.info("Request method {}",request.getMethod());
                try {
                        FofoDetails fofoDetails = cookiesProcessor.getCookiesObject(request);
                        LOGGER.info(fofoDetails.toString());
                        if(
                                // condition start
                                // first condition start
                                REQUESTED_URI_PATTERNS.stream().anyMatch(new Predicate<String>() {
                                        @Override
                                        public boolean test(String regexUriPattern) {
                                                LOGGER.info("requestedUri == predefinedPattern {}=={} => {}", request.getRequestURI(), regexUriPattern, request.getRequestURI().matches(request.getContextPath() + regexUriPattern));
                                                return request.getRequestURI().matches(request.getContextPath() + regexUriPattern);
                                };})
                                // first condition end
                                &&
                                // second condition start
                                fofoDetails.getRoleTypes().stream().noneMatch(new Predicate<RoleType>() {
                                        @Override
                                        public boolean test(RoleType roleType) {
                                                LOGGER.info("roleType == actualRoleType {}!={} => {}", roleType, RoleType.FOFO_ADMIN, roleType != RoleType.FOFO_ADMIN);
                                                return roleType == RoleType.FOFO_ADMIN;
                                };}))
                                // second condition end
                                // condition end
                        {
                                LOGGER.error("Accessed Uri {} is forbidden", request.getRequestURI());
                                response.setStatus(HttpStatus.FORBIDDEN.value());
                                response.setContentType(MediaType.APPLICATION_JSON_VALUE);
                                response.setCharacterEncoding("UTF-8");
                                response.getWriter().write(mvcResponseSender.createResponseString("GE_1004", false, "/error"));
                                response.getWriter().flush();
                                return false;
                        }
                        return true;
                } catch (ProfitMandiBusinessException e) {
                        LOGGER.error("Requested session is expired", e);
                        return false;
                }
        }
}