/* vim: set ts=2 et sw=2 cindent fo=qroca: */
package com.globant.katari.core.security;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import org.apache.commons.lang.Validate;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
/** A filter that adds to the request attributes that will be used by
* freemarker macros.
*
* This filter puts the SecureUrlAccessHelper as an attribute named
* secureUrlHelper, and a boolean (under attribute named securityDebug) that
* indicates if the security debug feature is enabled.
*
* To enable the security debug feature, add securityDebug=true as a request
* parameter, for example:
*
* http://localhost/katari-web/module/user/users.do?securityDebug=true
*
* After that, debug mode is enabled until the request includes a parameter
* securityDebug=false. This only happens if the application is running in
* debug mode.
*
* @author gerardo.bercovich
*/
public class SecureUrlMacroFilter implements Filter {
/** The class logger.
*/
private static Logger log = LoggerFactory.getLogger(
SecureUrlMacroFilter.class);
/** A flag that states if the application is running in debug mode.
*/
private final boolean debugMode;
/** The secure url macro helper.
*
* It is never null.
*/
private final SecureUrlAccessHelper helper;
/** The constructor for an application with no database.
*
* @param theDebugMode a flag that states if the application is running in
* debug mode.
*
* @param theHelper the secure url macro helper instance. It cannot be null.
*/
public SecureUrlMacroFilter(final boolean theDebugMode,
final SecureUrlAccessHelper theHelper) {
Validate.notNull(theHelper, "The SecureUrlAccessHelper cannot be null");
helper = theHelper;
debugMode = theDebugMode;
}
/** Puts the helper in the request and continues with the chain.
*
* {@inheritDoc}
*/
public void doFilter(final ServletRequest request,
final ServletResponse response, final FilterChain chain)
throws IOException, ServletException {
log.trace("Entering doFilter");
if (!(request instanceof HttpServletRequest)) {
throw new ServletException("This filter can only be applied to http"
+ " requests.");
}
HttpServletRequest servletRequest = (HttpServletRequest) request;
String debugParameter = request.getParameter("securityDebug");
if (debugParameter != null) {
// Only consider the debugParameter in a development database. This is
// checked after the debugParameter because checkForDevelopmentDatabase
// hits the database.
HttpSession session = servletRequest.getSession();
if (Boolean.valueOf(debugParameter)) {
log.debug("Enabling security debug mode.");
session.setAttribute("securityDebug", debugParameter);
} else {
log.debug("Disabling security debug mode.");
session.removeAttribute("securityDebug");
}
}
servletRequest.setAttribute("secureUrlHelper", helper);
chain.doFilter(request, response);
log.trace("Leaving doFilter");
}
/** Initializes the filter.
*
* {@inheritDoc}
*/
public void init(final FilterConfig filterConfig) throws ServletException {
}
/** This operation is empty.
* Enviroment
* {@inheritDoc}
*/
public void destroy() {
}
}