| 1 |
|
|
| 2 |
|
|
| 3 |
|
|
| 4 |
|
|
| 5 |
|
|
| 6 |
|
|
| 7 |
|
|
| 8 |
|
|
| 9 |
|
|
| 10 |
|
|
| 11 |
|
|
| 12 |
|
|
| 13 |
|
|
| 14 |
|
|
| 15 |
|
|
| 16 |
|
|
| 17 |
|
|
| 18 |
|
|
| 19 |
|
package org.itracker.web.servlets; |
| 20 |
|
|
| 21 |
|
import java.io.IOException; |
| 22 |
|
import java.util.Locale; |
| 23 |
|
import java.util.Map; |
| 24 |
|
import java.util.Set; |
| 25 |
|
|
| 26 |
|
import javax.servlet.RequestDispatcher; |
| 27 |
|
import javax.servlet.ServletContext; |
| 28 |
|
import javax.servlet.ServletException; |
| 29 |
|
import javax.servlet.http.HttpServlet; |
| 30 |
|
import javax.servlet.http.HttpServletRequest; |
| 31 |
|
import javax.servlet.http.HttpServletResponse; |
| 32 |
|
import javax.servlet.http.HttpSession; |
| 33 |
|
|
| 34 |
|
import org.apache.commons.lang.StringUtils; |
| 35 |
|
import org.apache.log4j.Logger; |
| 36 |
|
import org.apache.struts.Globals; |
| 37 |
|
import org.apache.struts.action.ActionErrors; |
| 38 |
|
import org.itracker.model.PermissionType; |
| 39 |
|
import org.itracker.model.User; |
| 40 |
|
import org.itracker.services.ITrackerServices; |
| 41 |
|
import org.itracker.services.util.UserUtilities; |
| 42 |
|
import org.itracker.web.util.Constants; |
| 43 |
|
import org.itracker.web.util.LoginUtilities; |
| 44 |
|
import org.itracker.web.util.ServletContextUtils; |
| 45 |
|
|
| 46 |
|
|
| 47 |
|
|
| 48 |
|
|
| 49 |
|
|
| 50 |
|
|
| 51 |
|
|
| 52 |
|
|
| 53 |
|
|
| 54 |
|
@deprecated |
| 55 |
|
|
| 56 |
|
|
| 57 |
|
|
| 58 |
|
@author |
| 59 |
|
|
|
|
|
| 0% |
Uncovered Elements: 76 (76) |
Complexity: 21 |
Complexity Density: 0.49 |
|
| 60 |
|
public abstract class GenericController extends HttpServlet { |
| 61 |
|
|
| 62 |
|
|
| 63 |
|
|
| 64 |
|
|
| 65 |
|
private static final long serialVersionUID = 1L; |
| 66 |
|
private static final Logger logger = Logger.getLogger(GenericController.class); |
| 67 |
|
|
|
|
|
| - |
Uncovered Elements: 0 (0) |
Complexity: 1 |
Complexity Density: - |
|
| 68 |
0
|
 public GenericController() {... |
| 69 |
|
} |
| 70 |
|
|
|
|
|
| 0% |
Uncovered Elements: 5 (5) |
Complexity: 2 |
Complexity Density: 0.67 |
|
| 71 |
0
|
@SuppressWarnings("unchecked")... |
| 72 |
|
protected Map<Integer, Set<PermissionType>> getPermissions(HttpSession session) { |
| 73 |
0
|
if (session == null) { |
| 74 |
0
|
return null; |
| 75 |
|
} |
| 76 |
0
|
return (Map<Integer, Set<PermissionType>>) session.getAttribute("permissions"); |
| 77 |
|
} |
| 78 |
|
|
|
|
|
| 0% |
Uncovered Elements: 6 (6) |
Complexity: 3 |
Complexity Density: 0.75 |
|
| 79 |
0
|
protected void saveMessages(HttpServletRequest request, ActionErrors errors) {... |
| 80 |
|
|
| 81 |
0
|
if ((errors == null) || errors.isEmpty()) { |
| 82 |
0
|
request.removeAttribute(Globals.ERROR_KEY); |
| 83 |
0
|
return; |
| 84 |
|
} |
| 85 |
0
|
request.setAttribute(Globals.ERROR_KEY, errors); |
| 86 |
|
} |
| 87 |
|
|
|
|
|
| 0% |
Uncovered Elements: 12 (12) |
Complexity: 3 |
Complexity Density: 0.38 |
|
| 88 |
0
|
protected boolean hasPermission(int[] permissionsNeeded,... |
| 89 |
|
HttpServletRequest request, |
| 90 |
|
HttpServletResponse response) |
| 91 |
|
throws IOException, ServletException { |
| 92 |
0
|
if (isLoggedIn(request, response)) { |
| 93 |
0
|
HttpSession session = request.getSession(false); |
| 94 |
0
|
Map<Integer, Set<PermissionType>> permissions = getPermissions(session); |
| 95 |
0
|
if (!UserUtilities.hasPermission(permissions, permissionsNeeded)) { |
| 96 |
0
|
forward("/unauthorized.jsp", request, response); |
| 97 |
0
|
return false; |
| 98 |
|
} |
| 99 |
0
|
return true; |
| 100 |
|
} |
| 101 |
0
|
return false; |
| 102 |
|
} |
| 103 |
|
|
|
|
|
| 0% |
Uncovered Elements: 12 (12) |
Complexity: 3 |
Complexity Density: 0.38 |
|
| 104 |
0
|
protected boolean hasPermission(int permissionNeeded,... |
| 105 |
|
HttpServletRequest request, |
| 106 |
|
HttpServletResponse response) |
| 107 |
|
throws IOException, ServletException { |
| 108 |
0
|
if (isLoggedIn(request, response)) { |
| 109 |
0
|
HttpSession session = request.getSession(false); |
| 110 |
0
|
Map<Integer, Set<PermissionType>> permissionsMap = getPermissions(session); |
| 111 |
0
|
if (!UserUtilities.hasPermission(permissionsMap, permissionNeeded)) { |
| 112 |
0
|
forward("/unauthorized.jsp", request, response); |
| 113 |
0
|
return false; |
| 114 |
|
} |
| 115 |
0
|
return true; |
| 116 |
|
} |
| 117 |
0
|
return false; |
| 118 |
|
} |
| 119 |
|
|
|
|
|
| 0% |
Uncovered Elements: 8 (8) |
Complexity: 1 |
Complexity Density: 0.25 |
|
| 120 |
0
|
protected boolean isLoggedIn(HttpServletRequest request,... |
| 121 |
|
HttpServletResponse response) |
| 122 |
|
throws IOException, ServletException { |
| 123 |
0
|
HttpSession session = request.getSession(false); |
| 124 |
0
|
User user = (session == null ? null : (User) session.getAttribute("user")); |
| 125 |
0
|
String login = (user == null ? null : user.getLogin()); |
| 126 |
|
|
| 127 |
0
|
return !StringUtils.isEmpty(login); |
| 128 |
|
} |
| 129 |
|
|
|
|
|
| 0% |
Uncovered Elements: 11 (11) |
Complexity: 3 |
Complexity Density: 0.43 |
|
| 130 |
0
|
protected boolean isLoggedInWithRedirect(HttpServletRequest request,... |
| 131 |
|
HttpServletResponse response) |
| 132 |
|
throws IOException, ServletException { |
| 133 |
0
|
if (!isLoggedIn(request, response)) { |
| 134 |
0
|
String requestPath = request.getRequestURI(); |
| 135 |
0
|
if (!requestPath.endsWith("/login.jsp")) { |
| 136 |
0
|
String redirectURL = request.getRequestURI().substring(request.getContextPath().length()); |
| 137 |
0
|
forward("/login.jsp?" + Constants.AUTH_REDIRECT_KEY + "=" + redirectURL, request, response); |
| 138 |
|
} |
| 139 |
0
|
return false; |
| 140 |
|
} |
| 141 |
0
|
return true; |
| 142 |
|
} |
| 143 |
|
|
|
|
|
| 0% |
Uncovered Elements: 6 (6) |
Complexity: 2 |
Complexity Density: 0.5 |
|
| 144 |
0
|
protected void forward(String url, HttpServletRequest request, HttpServletResponse response)... |
| 145 |
|
throws IOException, ServletException { |
| 146 |
0
|
RequestDispatcher rd = request.getRequestDispatcher(url); |
| 147 |
0
|
if (rd == null) { |
| 148 |
0
|
throw new ServletException("RequestDispatcher is null. URL: " + url); |
| 149 |
|
} |
| 150 |
|
|
| 151 |
0
|
rd.forward(request, response); |
| 152 |
|
} |
| 153 |
|
|
|
|
|
| 0% |
Uncovered Elements: 2 (2) |
Complexity: 1 |
Complexity Density: 0.5 |
|
| 154 |
0
|
protected void redirect(String url, HttpServletRequest request, HttpServletResponse response)... |
| 155 |
|
throws IOException, ServletException { |
| 156 |
|
|
| 157 |
0
|
String baseURL = request.getScheme() + "://" + request.getServerName() + ":" + request.getServerPort() + |
| 158 |
|
request.getContextPath(); |
| 159 |
|
|
| 160 |
0
|
response.sendRedirect(baseURL + url); |
| 161 |
|
} |
| 162 |
|
|
|
|
|
| 0% |
Uncovered Elements: 2 (2) |
Complexity: 1 |
Complexity Density: 0.5 |
|
| 163 |
0
|
public Locale getLocale(HttpServletRequest request) {... |
| 164 |
0
|
Locale |
| 165 |
|
locale = LoginUtilities.getCurrentLocale(request); |
| 166 |
|
|
| 167 |
0
|
return locale; |
| 168 |
|
} |
| 169 |
|
|
|
|
|
| 0% |
Uncovered Elements: 1 (1) |
Complexity: 1 |
Complexity Density: 1 |
|
| 170 |
0
|
protected ITrackerServices getITrackerServices(ServletContext context) {... |
| 171 |
0
|
return ServletContextUtils.getItrackerServices(); |
| 172 |
|
} |
| 173 |
|
|
| 174 |
|
|
| 175 |
|
} |
