ServicePrivilegeCheckValve.java

/**
 * Function: 拦截器
 * 
 * File Created at 2011-08-11
 * 
 * Copyright 2011 Alibaba.com Croporation Limited.
 * All rights reserved.
 */
package com.alibaba.dubbo.governance.web.common.interceptor;

import static com.alibaba.citrus.turbine.util.TurbineUtil.getTurbineRunData;

import java.util.Map;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;

import org.springframework.beans.factory.annotation.Autowired;

import com.alibaba.citrus.service.pipeline.PipelineContext;
import com.alibaba.citrus.service.pipeline.support.AbstractValve;
import com.alibaba.citrus.turbine.TurbineRunData;
import com.alibaba.dubbo.common.logger.Logger;
import com.alibaba.dubbo.common.logger.LoggerFactory;
import com.alibaba.dubbo.governance.web.util.WebConstants;
import com.alibaba.dubbo.registry.common.domain.User;

/**
 * @author guanghui.shigh
 */
public class ServicePrivilegeCheckValve extends AbstractValve {
    private static final Logger     logger = LoggerFactory.getLogger(ServicePrivilegeCheckValve.class);

    @Autowired
    private HttpServletRequest      request;

    @Override
    protected void init() throws Exception {
    }

    public void invoke(PipelineContext pipelineContext) throws Exception {
        User user = (User) request.getSession().getAttribute(WebConstants.CURRENT_USER_KEY);
        invokeCheckServicePrivilege(user);
        pipelineContext.invokeNext();
    }
    
    
    private void invokeCheckServicePrivilege(User user) {
    	TurbineRunData rundata = getTurbineRunData(request);
    	HttpSession session = request.getSession();
    	
    	@SuppressWarnings("unchecked")
    	Map<String, String[]> requestMapping = request.getParameterMap();
    	
    	//记录上次操作到请求中
		String returnURL = "";
		if(session.getAttribute("returnURL")==null){
			returnURL = request.getContextPath();
		}else{
			returnURL = (String)session.getAttribute("returnURL");
		}
    	
    	if(requestMapping.get("service").length>0){
    		String service = ((String[]) requestMapping.get("service"))[0];
    		String method = "index";
    		if(requestMapping.get("_method").length>0){
    			method = requestMapping.get("_method")[0];
    		}
    		
    		boolean exclude = "index".equals(method) || "show".equals(method);
    		if(!exclude){
           	 	if (user != null && !user.hasServicePrivilege(service)) {
           	 		request.setAttribute("returnURL",returnURL);
           	 		redirectToNoRight(rundata);
                }
    		}
    	}
    	String type = requestMapping.get("_type").length == 0 ? null : requestMapping.get("_type")[0];
    	if(!"noServicePrivilege".equals(type)){
    		session.setAttribute("returnURL", request.getRequestURI());
    	}
    	return;
	}

	/**
     * 无权限跳转
     * @param rundata
     */
    private void redirectToNoRight(TurbineRunData rundata) {
        if(logger.isInfoEnabled()) {
            logger.info("No right to access: " + request.getRequestURI());
        }
        
    	rundata.getParameters().setString("returnURL1", (String)rundata.getRequest().getAttribute("returnURL"));
        rundata.setRedirectLocation("http://localhost:8080/governance/noServicePrivilege?returnURL="+rundata.getRequest().getAttribute("returnURL"));
    	return;
	}
}