MolgenisPluginInterceptor.java

package org.molgenis.ui;

import org.molgenis.data.Entity;
import org.molgenis.security.core.MolgenisPermissionService;
import org.molgenis.security.core.Permission;
import org.molgenis.security.core.utils.SecurityUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.ModelAndView;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import static java.util.Objects.requireNonNull;
import static org.molgenis.ui.MolgenisPluginAttributes.*;

/**
 * Interceptor that adds default model objects to all plugin requests that return a view.
 */
public class MolgenisPluginInterceptor extends HandlerInterceptorAdapter
{
	private final MolgenisUi molgenisUi;
	private final MolgenisPermissionService permissionService;

	@Autowired
	public MolgenisPluginInterceptor(MolgenisUi molgenisUi, MolgenisPermissionService permissionService)
	{
		this.molgenisUi = requireNonNull(molgenisUi);
		this.permissionService = requireNonNull(permissionService);
	}

	@Override
	public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception
	{
		MolgenisPluginController molgenisPlugin = validateHandler(handler);

		// determine context url for this plugin if no context exists
		String contextUrl = (String) request.getAttribute(MolgenisPluginAttributes.KEY_CONTEXT_URL);
		if (contextUrl == null)
		{
			request.setAttribute(MolgenisPluginAttributes.KEY_CONTEXT_URL, molgenisPlugin.getUri());
		}

		return true;
	}

	@Override
	public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler,
			ModelAndView modelAndView) throws Exception
	{
		if (modelAndView != null)
		{
			MolgenisPluginController molgenisPlugin = validateHandler(handler);
			String pluginId = molgenisPlugin.getId();

			// allow controllers that handle multiple plugins to set their plugin id
			if (!modelAndView.getModel().containsKey(KEY_PLUGIN_ID))
			{
				modelAndView.addObject(KEY_PLUGIN_ID, pluginId);
			}

			Entity pluginSettings = molgenisPlugin.getPluginSettings();
			Boolean pluginSettingsCanWrite;
			if (pluginSettings != null)
			{
				String pluginSettingsEntityName = pluginSettings.getEntityType().getName();
				pluginSettingsCanWrite = permissionService
						.hasPermissionOnEntity(pluginSettingsEntityName, Permission.WRITE);
			}
			else
			{
				pluginSettingsCanWrite = null;
			}

			modelAndView.addObject(KEY_PLUGIN_SETTINGS, pluginSettings);
			modelAndView.addObject(KEY_PLUGIN_SETTINGS_CAN_WRITE, pluginSettingsCanWrite);
			modelAndView.addObject(KEY_MOLGENIS_UI, molgenisUi);
			modelAndView.addObject(KEY_AUTHENTICATED, SecurityUtils.currentUserIsAuthenticated());
			modelAndView.addObject(KEY_PLUGIN_ID_WITH_QUERY_STRING, getPluginIdWithQueryString(request, pluginId));
		}
	}

	public MolgenisPluginController validateHandler(Object handler)
	{
		if (!(handler instanceof HandlerMethod))
		{
			throw new RuntimeException("handler is not of type " + HandlerMethod.class.getSimpleName());
		}
		Object bean = ((HandlerMethod) handler).getBean();
		if (!(bean instanceof MolgenisPluginController))
		{
			throw new RuntimeException(
					"controller does not implement " + MolgenisPluginController.class.getSimpleName());
		}
		return (MolgenisPluginController) bean;
	}

	private String getPluginIdWithQueryString(HttpServletRequest request, String pluginId)
	{
		if (null != request)
		{
			String queryString = request.getQueryString();
			StringBuilder pluginIdAndQueryStringUrlPart = new StringBuilder();
			pluginIdAndQueryStringUrlPart.append(pluginId);
			if (queryString != null && !queryString.isEmpty())
				pluginIdAndQueryStringUrlPart.append('?').append(queryString);
			return pluginIdAndQueryStringUrlPart.toString();
		}
		else
		{
			return "";
		}
	}
}