Source code

001package org.tynamo.security;
002
003import java.io.IOException;
004import java.util.List;
005
006import org.apache.tapestry5.services.ComponentClassResolver;
007import org.apache.tapestry5.services.ComponentEventRequestParameters;
008import org.apache.tapestry5.services.ComponentRequestFilter;
009import org.apache.tapestry5.services.ComponentRequestHandler;
010import org.apache.tapestry5.services.PageRenderRequestParameters;
011import org.tynamo.security.internal.services.LoginContextService;
012import org.tynamo.security.services.ClassInterceptorsCache;
013import org.tynamo.shiro.extension.authz.aop.SecurityInterceptor;
014
015public class SecurityComponentRequestFilter implements ComponentRequestFilter {
016
017        private final ComponentClassResolver resolver;
018        private final ClassInterceptorsCache classInterceptorsCache;
019        private final String loginClassName;
020        private final String unauthorizedClassName;
021        
022        
023        public SecurityComponentRequestFilter(LoginContextService loginContextService,
024                        ComponentClassResolver resolver,
025                        ClassInterceptorsCache classInterceptorsCache) {
026                
027                this.resolver = resolver;
028                this.classInterceptorsCache = classInterceptorsCache;
029                
030                loginClassName = resolver.resolvePageNameToClassName(loginContextService.getLoginPage());
031                unauthorizedClassName = resolver.resolvePageNameToClassName(loginContextService.getUnauthorizedPage());
032                
033        }
034
035        @Override
036        public void handleComponentEvent(
037                        ComponentEventRequestParameters parameters,
038                        ComponentRequestHandler handler) throws IOException {
039                
040                checkInternal(parameters.getActivePageName());
041                handler.handleComponentEvent(parameters);
042        }
043
044        @Override
045        public void handlePageRender(PageRenderRequestParameters parameters,
046                        ComponentRequestHandler handler) throws IOException {
047                
048                checkInternal(parameters.getLogicalPageName());
049                handler.handlePageRender(parameters);   
050        }
051
052        private void checkInternal(String logicalPageName) {
053
054                String pageClassName = resolver.resolvePageNameToClassName(logicalPageName);
055                if (
056                        !(pageClassName.equals(loginClassName) ||
057                          pageClassName.equals(unauthorizedClassName))
058                                        
059                ) {
060                        
061                        String className = resolver.resolvePageNameToClassName(logicalPageName);
062                        
063                        List<SecurityInterceptor> interceptors = classInterceptorsCache.get(className);
064                        
065                        if (interceptors != null) {
066                                for (SecurityInterceptor interceptor : interceptors) {
067                                        interceptor.intercept();
068                                }
069                        }
070                        
071                }                       
072        }
073}