package com.epam.wilma.webapp.security;
/*==========================================================================
Copyright 2013-2017 EPAM Systems
This file is part of Wilma.
Wilma is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
Wilma is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with Wilma. If not, see <http://www.gnu.org/licenses/>.
===========================================================================*/
import java.util.ArrayList;
import java.util.List;
import javax.servlet.ServletRequest;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.ApplicationListener;
import org.springframework.context.event.ContextRefreshedEvent;
import org.springframework.stereotype.Component;
import com.epam.wilma.core.configuration.domain.WilmaAdminHostsDTO;
import com.epam.wilma.webapp.helper.IpAddressResolver;
/**
* Class which determines if the request originates from an admin host or not.
* @author Adam_Csaba_Kiraly
*
*/
@Component
public class HostValidatorService implements ApplicationListener<ContextRefreshedEvent> {
private List<String> allowedHosts;
@Autowired
private WilmaAdminHostsDTO wilmaAdminHostsDTO;
@Autowired
private IpAddressResolver ipAddressResolver;
/**
* Determines if the provided request, came from an admin.
* @param request the provided request
* @return true if the request originated from an admin, false otherwise.
*/
public boolean isRequestFromAdmin(final ServletRequest request) {
String host = ipAddressResolver.resolveToHostName(request.getRemoteAddr());
return !wilmaAdminHostsDTO.isSecurityEnabled() || allowedHosts.contains(host);
}
private void initializeAllowedHosts() {
allowedHosts = new ArrayList<>();
for (String ipOrHost : wilmaAdminHostsDTO.getWilmaAdminHosts()) {
allowedHosts.add(ipAddressResolver.resolveToHostName(ipOrHost));
}
}
@Override
public void onApplicationEvent(final ContextRefreshedEvent event) {
initializeAllowedHosts();
}
}