BaseCasMvcEndpoint.java

package org.apereo.cas.web.report;

import org.apache.commons.lang3.BooleanUtils;
import org.apereo.cas.configuration.CasConfigurationProperties;
import org.apereo.cas.configuration.model.core.monitor.MonitorProperties;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.actuate.endpoint.mvc.AbstractNamedMvcEndpoint;
import org.springframework.context.ApplicationContext;
import org.springframework.http.HttpStatus;
import org.springframework.web.bind.annotation.ResponseStatus;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/**
 * This is {@link BaseCasMvcEndpoint}.
 *
 * @author Misagh Moayyed
 * @since 5.1.0
 */
public abstract class BaseCasMvcEndpoint extends AbstractNamedMvcEndpoint {

    private static final Logger LOGGER = LoggerFactory.getLogger(BaseCasMvcEndpoint.class);
    private static final Boolean DEFAULT_SENSITIVE_VALUE = Boolean.TRUE;

    /**
     * App context.
     */
    @Autowired
    protected ApplicationContext applicationContext;

    /**
     * Instantiates a new Base cas mvc endpoint.
     * Endpoints are by default sensitive.
     *
     * @param name          the name
     * @param path          the path
     * @param endpoint      the endpoint
     * @param casProperties the cas properties
     */
    public BaseCasMvcEndpoint(final String name, final String path,
                              final MonitorProperties.BaseEndpoint endpoint,
                              final CasConfigurationProperties casProperties) {
        super(name, path, DEFAULT_SENSITIVE_VALUE);

        setEndpointSensitivity(endpoint, casProperties);
        setEndpointCapability(endpoint, casProperties);
    }

    private void setEndpointSensitivity(final MonitorProperties.BaseEndpoint endpoint,
                                        final CasConfigurationProperties casProperties) {
        final String endpointName = endpoint.getClass().getSimpleName();
        if (endpoint.isSensitive() == null) {
            LOGGER.debug("Sensitivity for endpoint [{}] is undefined. Checking defaults...", endpointName);
            final Boolean defaultSensitive = casProperties.getMonitor().getEndpoints().isSensitive();
            if (defaultSensitive != null) {
                final boolean s = BooleanUtils.toBoolean(defaultSensitive);
                setSensitive(s);
                LOGGER.debug("Default sensitivity for endpoint [{}] is set to [{}]", endpointName, s);
            } else {
                LOGGER.debug("Default sensitivity for endpoint [{}] is undefined.", endpointName);
                setSensitive(DEFAULT_SENSITIVE_VALUE);
            }
        } else {
            final boolean s = BooleanUtils.toBoolean(endpoint.isSensitive());
            setSensitive(s);
            LOGGER.debug("Explicitly marking endpoint [{}] sensitivity as [{}]", endpointName, s);
        }
    }

    /**
     * Is endpoint capable ?
     *
     * @param endpoint      the endpoint
     * @param casProperties the cas properties
     * @return the boolean
     */
    protected static boolean isEndpointCapable(final MonitorProperties.BaseEndpoint endpoint,
                                               final CasConfigurationProperties casProperties) {
        final String endpointName = endpoint.getClass().getSimpleName();
        if (endpoint.isEnabled() == null) {
            LOGGER.debug("Capability for endpoint [{}] is undefined. Checking defaults...", endpointName);
            final Boolean defaultEnabled = casProperties.getMonitor().getEndpoints().isEnabled();
            if (defaultEnabled != null) {
                final boolean s = BooleanUtils.toBoolean(defaultEnabled);
                LOGGER.debug("Default capability for endpoint [{}] is set to [{}]", endpointName, s);
                return s;
            }
            LOGGER.debug("Default capability for endpoint [{}] is undefined.", endpointName);
            return Boolean.FALSE;

        }
        final boolean s = BooleanUtils.toBoolean(endpoint.isEnabled());
        LOGGER.debug("Explicitly marking endpoint [{}] capability as [{}]", endpointName, s);
        return s;
    }

    private void setEndpointCapability(final MonitorProperties.BaseEndpoint endpoint,
                                       final CasConfigurationProperties casProperties) {
        final String endpointName = endpoint.getClass().getSimpleName();
        final boolean s = isEndpointCapable(endpoint, casProperties);
        LOGGER.debug("Finalized capability for endpoint [{}] is [{}].", endpointName, s);
        setEnabled(s);
    }

    /**
     * Ensure endpoint access is authorized.
     *
     * @param request  the request
     * @param response the response
     */
    protected void ensureEndpointAccessIsAuthorized(final HttpServletRequest request,
                                                    final HttpServletResponse response) {
        if (!isEnabled()) {
            LOGGER.warn("Access to endpoint [{}] is not enabled", getName());
            throw new UnuauthorizedEndpointException();
        }
    }

    /**
     * The type Unuauthorized endpoint exception.
     */
    @ResponseStatus(value = HttpStatus.UNAUTHORIZED, reason = "Access Denied")
    private static class UnuauthorizedEndpointException extends RuntimeException {
        /**
         * The constant serialVersionUID.
         */
        private static final long serialVersionUID = 3192230382776656678L;
    }
}