View Javadoc

1   /*
2    * This software was designed and created by Jason Carroll.
3    * Copyright (c) 2002, 2003, 2004 Jason Carroll.
4    * The author can be reached at jcarroll@cowsultants.com
5    * ITracker website: http://www.cowsultants.com
6    * ITracker forums: http://www.cowsultants.com/phpBB/index.php
7    *
8    * This program is free software; you can redistribute it and/or modify
9    * it only under the terms of the GNU General Public License as published by
10   * the Free Software Foundation; either version 2 of the License, or
11   * (at your option) any later version.
12   *
13   * This program is distributed in the hope that it will be useful,
14   * but WITHOUT ANY WARRANTY; without even the implied warranty of
15   * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
16   * GNU General Public License for more details.
17   */
18  
19  package org.itracker.web.servlets;
20  
21  import java.io.IOException;
22  import java.util.Locale;
23  import java.util.Map;
24  import java.util.Set;
25  
26  import javax.servlet.RequestDispatcher;
27  import javax.servlet.ServletContext;
28  import javax.servlet.ServletException;
29  import javax.servlet.http.HttpServlet;
30  import javax.servlet.http.HttpServletRequest;
31  import javax.servlet.http.HttpServletResponse;
32  import javax.servlet.http.HttpSession;
33  
34  import org.apache.commons.lang.StringUtils;
35  import org.apache.log4j.Logger;
36  import org.apache.struts.Globals;
37  import org.apache.struts.action.ActionErrors;
38  import org.itracker.model.PermissionType;
39  import org.itracker.model.User;
40  import org.itracker.services.ITrackerServices;
41  import org.itracker.services.util.UserUtilities;
42  import org.itracker.web.util.Constants;
43  import org.itracker.web.util.LoginUtilities;
44  import org.itracker.web.util.ServletContextUtils;
45  
46  
47  /**
48   * TODO: Rewrite Javadocs here
49   * This needs documentation.
50   * Is it still used?
51   * What is it used for?
52   * How?
53   * It is referenced by
54   * AttachementDownloadController, (@deprecated Use org.itracker.web.actions.admin.attachment.DownloadAttachmentAction instead.)
55   * ReportChartController,
56   * ReportDownloadController
57   *
58   * @author ready
59   */
60  public abstract class GenericController extends HttpServlet {
61  
62      /**
63       *
64       */
65      private static final long serialVersionUID = 1L;
66      private static final Logger logger = Logger.getLogger(GenericController.class);
67  
68      public GenericController() {
69      }
70  
71      @SuppressWarnings("unchecked")
72      protected Map<Integer, Set<PermissionType>> getPermissions(HttpSession session) {
73          if (session == null) {
74              return null;
75          }
76          return (Map<Integer, Set<PermissionType>>) session.getAttribute("permissions");
77      }
78  
79      protected void saveMessages(HttpServletRequest request, ActionErrors errors) {
80  
81          if ((errors == null) || errors.isEmpty()) {
82              request.removeAttribute(Globals.ERROR_KEY);
83              return;
84          }
85          request.setAttribute(Globals.ERROR_KEY, errors);
86      }
87  
88      protected boolean hasPermission(int[] permissionsNeeded,
89                                      HttpServletRequest request,
90                                      HttpServletResponse response)
91              throws IOException, ServletException {
92          if (isLoggedIn(request, response)) {
93              HttpSession session = request.getSession(false);
94              Map<Integer, Set<PermissionType>> permissions = getPermissions(session);
95              if (!UserUtilities.hasPermission(permissions, permissionsNeeded)) {
96                  forward("/unauthorized.jsp", request, response);
97                  return false;
98              }
99              return true;
100         }
101         return false;
102     }
103 
104     protected boolean hasPermission(int permissionNeeded,
105                                     HttpServletRequest request,
106                                     HttpServletResponse response)
107             throws IOException, ServletException {
108         if (isLoggedIn(request, response)) {
109             HttpSession session = request.getSession(false);
110             Map<Integer, Set<PermissionType>> permissionsMap = getPermissions(session);
111             if (!UserUtilities.hasPermission(permissionsMap, permissionNeeded)) {
112                 forward("/unauthorized.jsp", request, response);
113                 return false;
114             }
115             return true;
116         }
117         return false;
118     }
119 
120     protected boolean isLoggedIn(HttpServletRequest request,
121                                  HttpServletResponse response)
122             throws IOException, ServletException {
123         HttpSession session = request.getSession(false);
124         User user = (session == null ? null : (User) session.getAttribute("user"));
125         String login = (user == null ? null : user.getLogin());
126 
127         return !StringUtils.isEmpty(login);
128     }
129 
130     protected boolean isLoggedInWithRedirect(HttpServletRequest request,
131                                              HttpServletResponse response)
132             throws IOException, ServletException {
133         if (!isLoggedIn(request, response)) {
134             String requestPath = request.getRequestURI();
135             if (!requestPath.endsWith("/login.jsp")) {
136                 String redirectURL = request.getRequestURI().substring(request.getContextPath().length());
137                 forward("/login.jsp?" + Constants.AUTH_REDIRECT_KEY + "=" + redirectURL, request, response);
138             }
139             return false;
140         }
141         return true;
142     }
143 
144     protected void forward(String url, HttpServletRequest request, HttpServletResponse response)
145             throws IOException, ServletException {
146         RequestDispatcher rd = request.getRequestDispatcher(url);
147         if (rd == null) {
148             throw new ServletException("RequestDispatcher is null. URL: " + url);
149         }
150 
151         rd.forward(request, response);
152     }
153 
154     protected void redirect(String url, HttpServletRequest request, HttpServletResponse response)
155             throws IOException, ServletException {
156 
157         String baseURL = request.getScheme() + "://" + request.getServerName() + ":" + request.getServerPort() +
158                 request.getContextPath();
159 
160         response.sendRedirect(baseURL + url);
161     }
162 
163     public Locale getLocale(HttpServletRequest request) {
164         Locale
165                 locale = LoginUtilities.getCurrentLocale(request);
166 
167         return locale;
168     }
169 
170     protected ITrackerServices getITrackerServices(ServletContext context) {
171         return ServletContextUtils.getItrackerServices();
172     }
173 
174 
175 }