com.nec.harvest.servlet.interceptor.BackOriginGroupInterceptor.java Source code

Introduction

Here is the source code for com.nec.harvest.servlet.interceptor.BackOriginGroupInterceptor.java

Source

/*
 * Copyright(C) 2014
 * NEC Corporation All rights reserved.
 * 
 * No permission to use, copy, modify and distribute this software
 * and its documentation for any purpose is granted.
 * This software is provided under applicable license agreement only.
 */
package com.nec.harvest.servlet.interceptor;

import java.util.Map;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import org.apache.commons.lang.ArrayUtils;
import org.apache.commons.lang.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.HandlerMapping;
import org.springframework.web.servlet.ModelAndView;

import com.nec.core.container.ContextAwareContainer;
import com.nec.harvest.constant.Constants;
import com.nec.harvest.constant.MsgConstants;
import com.nec.harvest.controller.AbstractRenderer;
import com.nec.harvest.controller.BaseController;
import com.nec.harvest.controller.MenuController;
import com.nec.harvest.controller.PageRenderer;
import com.nec.harvest.helper.MessageHelper;
import com.nec.harvest.http.HttpServletContentType;
import com.nec.harvest.menu.group.DailyReportingProGroup;
import com.nec.harvest.menu.group.MasterManagementProGroup;
import com.nec.harvest.menu.group.ProfitAndLossManagementProGroup;
import com.nec.harvest.model.BusinessDay;
import com.nec.harvest.model.User;
import com.nec.harvest.service.BusinessDayService;
import com.nec.harvest.service.MenuGroupService;
import com.nec.harvest.userdetails.AuthenticatedUserDetails;

/**
 * This interceptor allow use set back to original group menu into SESSION
 * 
 * @author <a href="mailto:sondn@nec.vn">Ngoc Son Dang</a>
 * @version BackOriginGroupInterceptor.java
 * @since 2014/06/11
 * 
 */
public class BackOriginGroupInterceptor extends HandlerInterceptorAdapterWithAddons {

    private static final Logger logger = LoggerFactory.getLogger(BackOriginGroupInterceptor.class);

    private final MenuGroupService menuGroupService;

    public BackOriginGroupInterceptor(MenuGroupService menuGroupService) {
        this.menuGroupService = menuGroupService;
    }

    @Override
    @SuppressWarnings("unchecked")
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler)
            throws Exception {
        final User userPricipal = AuthenticatedUserDetails.getUserPrincipal();
        if (userPricipal == null || userPricipal.getOrganization() == null) {
            if (logger.isDebugEnabled()) {
                logger.debug("Please login again with right permission");
            }
            logger.info("Sorry, you don't have permission to access this url");

            // Sorry, you don't have permission to access this url. Please login again with right permission
            response.setContentType(HttpServletContentType.PLAN_TEXT);
            response.sendRedirect(request.getContextPath() + "/logout");
            response.flushBuffer();
            return false;
        }

        final HandlerMethod handlerMethod = (org.springframework.web.method.HandlerMethod) handler;
        final Object controller = handlerMethod.getBean();
        if (controller instanceof MenuController) {
            return super.preHandle(request, response, handler);
        }

        final Map<String, Object> pathVariables = (Map<String, Object>) request
                .getAttribute(HandlerMapping.URI_TEMPLATE_VARIABLES_ATTRIBUTE);

        final String PRO_GROUP_NO = "proGNo";
        final String proGroupNo = (String) pathVariables.get(PRO_GROUP_NO);
        final boolean hasMenuGroups = menuGroupService
                .hasMenuGroupByUserRoleAndSpecificGroup(userPricipal.getUsrKbn(), proGroupNo);
        if (!hasMenuGroups) {
            logger.info("Sorry, you don't have permission to access this url");

            // Sorry, you don't have permission to access this url. Please login again with right permission
            response.setContentType(HttpServletContentType.PLAN_TEXT);
            response.sendRedirect(request.getContextPath() + "/logout");
            response.flushBuffer();
            return false;
        }

        final String ORG_CODE = "orgCode";
        final HttpSession session = request.getSession();

        // Get active original code
        String orgCode = (String) pathVariables.get(ORG_CODE);
        if (StringUtils.isNotEmpty(orgCode)) {
            final String userOrgCode = (String) session.getAttribute(Constants.SESS_ORGANIZATION_CODE);
            if (!userOrgCode.equals(orgCode)) {
                logger.info("Sorry, you don't have permission to access this url");

                // Sorry, you don't have permission to access this url. Please login again with right permission
                response.setContentType(HttpServletContentType.PLAN_TEXT);
                response.sendRedirect(request.getContextPath() + "/logout");
                response.flushBuffer();
                return false;
            }
        }

        // All of original groups
        String[] processGroupNumbers = null;
        if (controller instanceof DailyReportingProGroup) {
            processGroupNumbers = ((DailyReportingProGroup) controller).getProcessGroupNumber();
        } else if (controller instanceof MasterManagementProGroup) {
            processGroupNumbers = ((MasterManagementProGroup) controller).getProcessGroupNumber();
        } else if (controller instanceof ProfitAndLossManagementProGroup) {
            processGroupNumbers = ((ProfitAndLossManagementProGroup) controller).getProcessGroupNumber();
        }

        // If the end-user already logged in into Harvest system, but have an error occurred 
        // when trying to set some information into SESSION then we can reset again that 
        // information into SESSION
        orgCode = (String) session.getAttribute(Constants.SESS_ORGANIZATION_CODE);
        if (orgCode == null) {
            session.setAttribute(Constants.SESS_ORGANIZATION_CODE, userPricipal.getOrganization().getStrCode());
        }

        final Object businessDay = session.getAttribute(Constants.SESS_BUSINESS_DAY);
        if (businessDay == null) {
            BusinessDayService businessDayService = ContextAwareContainer.getInstance()
                    .getComponent(BusinessDayService.class);
            final BusinessDay businessDate = businessDayService.findLatest();

            // 
            session.setAttribute(Constants.SESS_BUSINESS_DAY, businessDate.getEigDate());
        }

        // Granted authority of user logged-in
        final String grantedAuthority = userPricipal.getUsrKbn();
        final Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        for (GrantedAuthority authority : authentication.getAuthorities()) {
            logger.info("User {} was logged-in with granted role {}", authentication.getName(),
                    authority.getAuthority());
        }

        /**
         * ?
         * 
         * 1?2?3??4
         */
        logger.info(
                "Granted authority of logged user: {}, NOTE: 1?2?3??4",
                grantedAuthority);

        // 
        if (StringUtils.isNotEmpty(grantedAuthority)) {
            if (ArrayUtils.isNotEmpty(processGroupNumbers)) {
                // Trying to store the original group menu into the REQUEST
                final String processGroupNumber = processGroupNumbers[Integer.valueOf(grantedAuthority) - 1];
                request.setAttribute(Constants.SESS_ORIGINAL_GROUP, processGroupNumber);

                // 
                logger.info("Were are trying to handle the sub-menu of group {}", processGroupNumber);
            }
        }

        return super.preHandle(request, response, handler);
    }

    @Override
    public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler,
            ModelAndView modelAndView) throws Exception {
        final HandlerMethod handlerMethod = (org.springframework.web.method.HandlerMethod) handler;
        final Object controller = handlerMethod.getBean();
        if (controller instanceof AbstractRenderer || controller instanceof PageRenderer) {
            final HttpSession session = request.getSession();
            final Object userOrgCode = (String) session.getAttribute(Constants.SESS_ORGANIZATION_CODE);

            String viewName = null;
            if (controller instanceof AbstractRenderer) {
                viewName = ((AbstractRenderer) controller).getViewName();
            } else if (controller instanceof PageRenderer) {
                viewName = ((PageRenderer) controller).getViewName();
            }

            if (userOrgCode == null) {
                logger.warn("?????????????");

                // ?????????????
                modelAndView.setViewName(viewName);
                modelAndView.addObject(BaseController.ERROR, Boolean.TRUE);
                modelAndView.addObject(BaseController.ERROR_MESSAGE,
                        MessageHelper.get(MsgConstants.AF001_ENT_CHK_M02));
            }

            final Object businessDay = session.getAttribute(Constants.SESS_BUSINESS_DAY);
            if (businessDay == null) {
                logger.warn("?????????????");

                // ?????????????
                modelAndView.setViewName(viewName);
                modelAndView.addObject(BaseController.ERROR, Boolean.TRUE);
                modelAndView.addObject(BaseController.ERROR_MESSAGE,
                        MessageHelper.get(MsgConstants.AF001_ENT_CHK_M03));
            }
        }
        super.postHandle(request, response, handler, modelAndView);
    }

}