BaseInterceptorMadMax.java

/*
*
* Copyright 2005 AgileTec s.r.l. (http://www.agiletec.it) All rights reserved.
*
* This file is part of jAPS software.
* jAPS is a free software; 
* you can redistribute it and/or modify it
* under the terms of the GNU General Public License (GPL) as published by the Free Software Foundation; version 2.
* 
* See the file License for the specific language governing permissions   
* and limitations under the License
* 
* 
* 
* Copyright 2005 AgileTec s.r.l. (http://www.agiletec.it) All rights reserved.
*
*/
package com.agiletec.apsadmin.system;

import javax.servlet.http.HttpSession;

import org.apache.struts2.ServletActionContext;

import com.agiletec.aps.system.ApsSystemUtils;
import com.agiletec.aps.system.SystemConstants;
import com.agiletec.aps.system.services.authorization.IAuthorizationManager;
import com.agiletec.aps.system.services.role.Permission;
import com.agiletec.aps.system.services.user.UserDetails;
import com.agiletec.aps.util.ApsWebApplicationUtils;
import com.opensymphony.xwork2.ActionInvocation;
import com.opensymphony.xwork2.interceptor.AbstractInterceptor;

/**
 * Interceptor gestore della verifica delle autorizzazioni dell'utente corrente.
 * Verifica che l'utente corrente sia abilitato all'esecuzione dell'azione richiesta.
 * @author E.Santoboni
 */
public abstract class BaseInterceptorMadMax extends AbstractInterceptor {
	
	@Override
	public String intercept(ActionInvocation invocation) throws Exception {
		boolean isAuthorized = false;
		try {
			HttpSession session = ServletActionContext.getRequest().getSession();
			UserDetails currentUser = (UserDetails) session.getAttribute(SystemConstants.SESSIONPARAM_CURRENT_USER);
			IAuthorizationManager authManager = (IAuthorizationManager) ApsWebApplicationUtils.getBean(SystemConstants.AUTHORIZATION_SERVICE, ServletActionContext.getRequest());
			if (currentUser != null) {
				String requiredPermission = this.getRequiredPermission();
				isAuthorized = (requiredPermission == null || authManager.isAuthOnPermission(currentUser, Permission.SUPERUSER) || 
						authManager.isAuthOnPermission(currentUser, requiredPermission));
				if (!isAuthorized) return this.getErrorResultName();
			}
			if (isAuthorized) {
				return this.invoke(invocation);
			}
		} catch (Throwable t) {
			ApsSystemUtils.logThrowable(t, this, "intercept", "Error occurred verifying authority of current user");
			return BaseAction.FAILURE;
		}
		return this.getErrorResultName();
	}
	
	/**
	 * Restituisce il permesso specifico.
	 * @return Il permesso specifico.
	 */
	public abstract String getRequiredPermission();
	
	public abstract String getErrorResultName();
	
	/**
	 * Invokes the next step in processing this ActionInvocation. 
	 * @see com.opensymphony.xwork2.ActionInvocation#invoke()
	 * @return The code of the execution result.
	 */
	protected String invoke(ActionInvocation invocation) throws Exception {
		return invocation.invoke();
	}
	
}