AccessReferenceMapperImpl.java example

Explorer
Consent2Share-master
package gov.samhsa.consent2share.infrastructure.security;

import javax.servlet.http.HttpSession;

import org.owasp.esapi.AccessReferenceMap;
import org.owasp.esapi.errors.AccessControlException;
import org.owasp.esapi.reference.RandomAccessReferenceMap;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;

/**
 * The Class AccessReferenceMapperImpl.
 */
public class AccessReferenceMapperImpl implements AccessReferenceMapper {

	/** The logger. */
	final Logger logger = LoggerFactory.getLogger(this.getClass());

	/** The Constant MAP_NAME. */
	final static String MAP_NAME = "AccessReferenceMap";

	/*
	 * (non-Javadoc)
	 * 
	 * @see
	 * gov.samhsa.consent2share.infrastructure.security.AccessReferenceMapper
	 * #getDirectReference(java.lang.String)
	 */
	@Override
	public long getDirectReference(String indirectReference) {
		HttpSession session = getSession();
		AccessReferenceMap<String> map = getMap();
		Long directReference = null;
		try {
			directReference = Long.parseLong((String) map
					.getDirectReference(indirectReference));
		} catch (AccessControlException e1) {
			logger.error(e1.getLogMessage());
		}
		return directReference;
	}

	/*
	 * (non-Javadoc)
	 * 
	 * @see
	 * gov.samhsa.consent2share.infrastructure.security.AccessReferenceMapper
	 * #getIndirectReference(long)
	 */
	@Override
	public String getIndirectReference(String directReference) {
		HttpSession session = getSession();
		AccessReferenceMap<String> map = getMap();
		String indirectReference = map.addDirectReference(directReference);
		session.setAttribute("AccessReferenceMap", map);
		return indirectReference;
	}

	/*
	 * (non-Javadoc)
	 * 
	 * @see
	 * gov.samhsa.consent2share.infrastructure.security.AccessReferenceMapper
	 * #setupAccessReferenceMap(java.lang.Iterable)
	 */
	@Override
	public void setupAccessReferenceMap(Iterable<? extends HasId> objects) {
		HttpSession session = getSession();
		AccessReferenceMap<String> map = getMap();
		for (HasId o : objects) {
			String indirectReference = map.addDirectReference(o.getId());
			o.setId(indirectReference);
		}
		session.setAttribute("AccessReferenceMap", map);
	}

	/**
	 * Gets the session.
	 *
	 * @return the session
	 */
	HttpSession getSession() {
		ServletRequestAttributes attr = (ServletRequestAttributes) RequestContextHolder
				.currentRequestAttributes();
		HttpSession session = attr.getRequest().getSession();
		return session;
	}

	/**
	 * Gets the map.
	 *
	 * @return the map
	 */
	AccessReferenceMap<String> getMap() {
		AccessReferenceMap<String> map = (AccessReferenceMap<String>) getSession()
				.getAttribute(MAP_NAME);
		if (map == null)
			map = new RandomAccessReferenceMap();
		return map;
	}
}