/*
* Copyright (c) 2008-2016 Computer Network Information Center (CNIC), Chinese Academy of Sciences.
*
* This file is part of Duckling project.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*
*/
package cn.vlabs.umt.ui.rest;
import cn.vlabs.rest.RestSession;
import cn.vlabs.rest.ServiceAction;
import cn.vlabs.rest.ServiceException;
import cn.vlabs.umt.exceptions.ErrorCode;
public abstract class SecuredAction implements ServiceAction {
public Object doAction(RestSession session, Object arg)
throws ServiceException {
if (LoginUtil.isLoggedin(session)){
if (LoginUtil.hasPermission(session)){
return service(session, arg);
}else{
throw new ServiceException(ErrorCode.ACCESS_FORBIDDEN, "无权访问该服务。");
}
}else{
throw new ServiceException(ErrorCode.NOT_LOGIN, "还未登录。");
}
}
protected abstract Object service(RestSession session, Object arg) throws ServiceException;
}