Example usage for javax.servlet.http HttpServletRequest isUserInRole

List of usage examples for javax.servlet.http HttpServletRequest isUserInRole

Introduction

In this page you can find the example usage for javax.servlet.http HttpServletRequest isUserInRole.

Prototype

public boolean isUserInRole(String role);

Source Link

Document

Returns a boolean indicating whether the authenticated user is included in the specified logical "role".

Usage

From source file:org.springframework.security.web.authentication.preauth.j2ee.J2eeBasedPreAuthenticatedWebAuthenticationDetailsSource.java

/**
 * Obtains the list of user roles based on the current user's JEE roles. The
 * {@link javax.servlet.http.HttpServletRequest#isUserInRole(String)} method is called
 * for each of the values in the {@code j2eeMappableRoles} set to determine if that
 * role should be assigned to the user./*w  w  w  . ja  v  a 2  s  . c  o m*/
 *
 * @param request the request which should be used to extract the user's roles.
 * @return The subset of {@code j2eeMappableRoles} which applies to the current user
 * making the request.
 */
protected Collection<String> getUserRoles(HttpServletRequest request) {
    ArrayList<String> j2eeUserRolesList = new ArrayList<>();

    for (String role : j2eeMappableRoles) {
        if (request.isUserInRole(role)) {
            j2eeUserRolesList.add(role);
        }
    }

    return j2eeUserRolesList;
}

From source file:org.openlaszlo.auth.RoleAuthentication.java

public int login(HttpServletRequest req, HttpServletResponse res, HashMap param, StringBuffer xmlResponse) {

    mLogger.debug("login(req,res,param,xmlResponse)");
    String role = req.getParameter("role");
    return req.isUserInRole(role) ? 0 : 1;
}

From source file:org.lamsfoundation.lams.admin.web.action.EmailUserAction.java

public ActionForward composeMail(ActionMapping mapping, ActionForm form, HttpServletRequest request,
        HttpServletResponse response) throws Exception {
    initServices();//from  w ww . java  2  s .com

    if (!(request.isUserInRole(Role.SYSADMIN) || service.isUserGlobalGroupAdmin())) {
        request.setAttribute("errorName", "UserAction");
        request.setAttribute("errorMessage", messageService.getMessage("error.authorisation"));
        return mapping.findForward("error");
    }

    Integer userId = WebUtil.readIntParam(request, "userId");
    User user = (User) service.findById(User.class, userId);
    request.setAttribute("user", user);

    return mapping.findForward("emailuser");
}

From source file:de.atomspace.webapp.core.SpringController.java

@RequestMapping(value = "/cocktails", method = RequestMethod.GET)
public String getCockailListPage(@RequestParam(value = "id", required = false) boolean error, ModelMap model,
        HttpServletRequest request) {
    if (request.isUserInRole("ROLE_USER") || request.isUserInRole("ROLE_ADMIN")) {
        //FOR REALY USERS
        model.put("page", "cocktail/cocktail-list.zul");
        return "pages/index.jsp";
    } else {/*from  www.j av a  2s .  co m*/
        //FOR SEO ROBOTs, anonymousUsers and no JavaScript-Support
        model.put("page", "cocktail/cocktail-list.jsp");
        List<String> list = new ArrayList<String>();
        list.add("ROW01");
        list.add("ROW02");
        list.add("ROW03");
        list.add("ROW04");
        list.add("ROW05");
        model.put("list", list);
        return "pages/index.jsp";
    }
}

From source file:de.atomspace.webapp.core.SpringController.java

@RequestMapping(value = "/units", method = RequestMethod.GET)
public String getUnitListPage(@RequestParam(value = "id", required = false) boolean error, ModelMap model,
        HttpServletRequest request) {
    if (request.isUserInRole("ROLE_USER") || request.isUserInRole("ROLE_ADMIN")) {
        //FOR REALY USERS
        model.put("page", "unit/unit-list.zul");
        return "pages/index.jsp";
    } else {//from ww w .j  av a  2s  .  c om
        //FOR SEO ROBOTs, anonymousUsers and no JavaScript-Support
        model.put("page", "unit/unit-list.jsp");
        List<String> list = new ArrayList<String>();
        list.add("ROW01");
        list.add("ROW02");
        list.add("ROW03");
        list.add("ROW04");
        list.add("ROW05");
        model.put("list", list);
        return "pages/index.jsp";
    }
}

From source file:org.lamsfoundation.lams.admin.web.action.EmailUserAction.java

public ActionForward send(ActionMapping mapping, ActionForm form, HttpServletRequest request,
        HttpServletResponse response) throws Exception {
    initServices();//w w  w .j a  v  a2s  .  co m

    if (!(request.isUserInRole(Role.SYSADMIN) || service.isUserGlobalGroupAdmin())) {
        request.setAttribute("errorName", "UserAction");
        request.setAttribute("errorMessage", messageService.getMessage("error.authorisation"));
        return mapping.findForward("error");
    }

    EmailForm emailForm = (EmailForm) form;
    Integer userId = emailForm.getUserId();
    User user = (User) service.findById(User.class, userId);

    //String to = WebUtil.readStrParam(request, "to");
    String subject = emailForm.getSubject();
    // strip HTML tags from body
    String body = emailForm.getBody().replaceAll("<BR>", "\n").replaceAll("\\<.*?\\>", "");

    HttpSession ss1 = SessionManager.getSession();
    UserDTO administrator = (UserDTO) ss1.getAttribute(AttributeNames.USER);

    String to = user.getEmail();
    String toPerson = user.getFirstName() + " " + user.getLastName();

    String from = administrator.getEmail();
    String fromPerson = administrator.getFirstName() + " " + administrator.getLastName();

    EmailUserAction.log.debug("Administrator " + fromPerson + " (" + from + ") " + " sent email to user "
            + toPerson + "( " + to + ") " + ": \n[subject] " + subject + "\n[message] " + body);
    Properties properties = new Properties();

    Emailer.send(subject, to, toPerson, from, fromPerson, body, properties);

    return mapping.findForward("usersearch");
}

From source file:org.lamsfoundation.lams.admin.web.action.CleanupTempFilesAction.java

public ActionForward execute(ActionMapping mapping, ActionForm form, HttpServletRequest request,
        HttpServletResponse response) throws Exception {

    // check user is sysadmin
    if (!(request.isUserInRole(Role.SYSADMIN))) {
        request.setAttribute("errorName", "CleanupTempFilesAction");
        request.setAttribute("errorMessage", AdminServiceProxy
                .getMessageService(getServlet().getServletContext()).getMessage("error.need.sysadmin"));
        return mapping.findForward("error");
    }/*ww w .j a  v a 2s.c om*/

    if (isCancelled(request)) {
        return mapping.findForward("sysadmin");
    }

    // check if url contains request for refresh folder sizes only
    String action = WebUtil.readStrParam(request, "action", true);
    if (action != null && StringUtils.equals(action, "refresh")) {
        return refresh(mapping, form, request, response);
    }

    ActionMessages errors = new ActionMessages();
    DynaActionForm dynaForm = (DynaActionForm) form;
    Integer numDays = (Integer) dynaForm.get("numDays");

    // delete directories if form has been submitted
    if (numDays != null) {
        if (numDays >= 0) {
            int filesDeleted = FileUtil.cleanupOldFiles(FileUtil.getOldTempFiles(numDays));
            MessageService messageService = AdminServiceProxy
                    .getMessageService(getServlet().getServletContext());
            String args[] = new String[1];
            args[0] = new Integer(filesDeleted).toString();
            request.setAttribute("filesDeleted", messageService.getMessage("msg.cleanup.files.deleted", args));
        } else {
            errors.add("numDays", new ActionMessage("error.non.negative.number.required"));
        }
    } else {
        // recommended number of days to leave temp files
        dynaForm.set("numDays", new Integer(1));
    }

    return mapping.findForward("cleanup");
}

From source file:de.atomspace.webapp.core.SpringController.java

@RequestMapping(value = "/ingredients/{id}", method = RequestMethod.GET)
public String getIngredientListPage(@PathVariable("id") int id, ModelMap model, HttpServletRequest request) {
    int limit = 20;
    if (request.isUserInRole("ROLE_USER") || request.isUserInRole("ROLE_ADMIN")) {
        //FOR REALY USERS
        model.put("id", id);
        model.put("limit", 20);
        model.put("page", "ingredient/ingredient-list.zul");
        return "pages/index.jsp";
    } else {//from   w w w  .  j a  v  a 2s  . com
        //FOR SEO ROBOTs, anonymousUsers and no JavaScript-Support
        model.put("page", "ingredient/ingredient-list.jsp");
        List<String> list = new ArrayList<String>();
        model.put("list", list);
        return "pages/index.jsp";
    }
}

From source file:de.atomspace.webapp.core.SpringController.java

@RequestMapping(value = "/unit/{id}", method = RequestMethod.GET)
public String getUnitDetailPage(@PathVariable("id") String id, ModelMap model, HttpServletRequest request) {
    model.put("id", id);
    if (request.isUserInRole("ROLE_USER") || request.isUserInRole("ROLE_ADMIN")) {
        //FOR REALY USERS
        model.put("page", "unit/unit-detail.zul");
        return "pages/index.jsp";
    } else {/*from   ww w . jav  a2 s  .  c o m*/
        //FOR SEO ROBOTs, anonymousUsers and no JavaScript-Support
        model.put("page", "unit/unit-detail.jsp");
        List<String> list = new ArrayList<String>();
        list.add("ROW01");
        list.add("ROW02");
        list.add("ROW03");
        list.add("ROW04");
        list.add("ROW05");
        model.put("list", list);
        return "pages/index.jsp";
    }
}

From source file:ejportal.webapp.interceptor.UserRoleAuthorizationInterceptor.java

/**
 * Intercept the action invocation and check to see if the user has the
 * proper role.//from w  w  w  .  j a  v  a2 s .  c om
 * 
 * @param invocation
 *            the current action invocation
 * @return the method's return value, or null after setting
 *         HttpServletResponse.SC_FORBIDDEN
 * @throws Exception
 *             when setting the error on the response fails
 */
public String intercept(final ActionInvocation invocation) throws Exception {
    final HttpServletRequest request = ServletActionContext.getRequest();

    if (this.authorizedRoles != null) {
        for (final String authorizedRole : this.authorizedRoles) {
            if (request.isUserInRole(authorizedRole))
                return invocation.invoke();
        }
    }

    final HttpServletResponse response = ServletActionContext.getResponse();
    this.handleNotAuthorized(request, response);
    return null;
}