SessionHandler.java
4.09 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
/*
* To change this template, choose Tools | Templates
* and open the template in the editor.
*/
package fi.insomnia.bortal.handler;
import javax.ejb.EJB;
import javax.faces.bean.ManagedBean;
import javax.faces.bean.SessionScoped;
import javax.faces.context.FacesContext;
import javax.servlet.http.HttpSession;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import fi.insomnia.bortal.beans.EventBeanLocal;
import fi.insomnia.bortal.beans.SecurityBeanLocal;
import fi.insomnia.bortal.beans.UserBeanLocal;
import fi.insomnia.bortal.enums.Permission;
import fi.insomnia.bortal.enums.RolePermission;
import fi.insomnia.bortal.model.User;
/**
*
* @author tuukka
*/
@ManagedBean(name = "sessionHandler")
@SessionScoped
public class SessionHandler {
private static final Logger logger = LoggerFactory.getLogger(SessionHandler.class);
private User thisuser = null;
@EJB
private SecurityBeanLocal secubean;
@EJB
private EventBeanLocal eventbean;
@EJB
private UserBeanLocal userbean;
/** Creates a new instance of SessionHandler */
public SessionHandler() {
}
public boolean hasPermission(String target, String permission) {
RolePermission perm = null;
if (permission.equalsIgnoreCase("read")) {
perm = RolePermission.READ;
} else if (permission.equals("write")) {
perm = RolePermission.WRITE;
} else if (permission.equals("execute")) {
perm = RolePermission.EXECUTE;
}
return hasPermission(target, perm);
}
private HttpSession getHttpSession() {
FacesContext ctx = FacesContext.getCurrentInstance();
HttpSession sess = (HttpSession) ctx.getExternalContext().getSession(false);
return sess;
}
public boolean hasPermission(Permission target, RolePermission permission) {
if (target == null) {
throw new RuntimeException("Empty target");
}
return userbean.hasPermission(target, getUser(), permission);
}
public boolean hasPermission(String target, RolePermission permission) {
return hasPermission(Permission.getPermission(target), permission);
}
public boolean canWrite(Permission p) {
return hasPermission(p, RolePermission.WRITE);
}
public boolean canWrite(String target) {
return hasPermission(target, RolePermission.WRITE);
}
public boolean canRead(String target) {
return hasPermission(target, RolePermission.READ);
}
public boolean canRead(Permission target) {
return hasPermission(target, RolePermission.READ);
}
public boolean canExecute(String target) {
return hasPermission(target, RolePermission.EXECUTE);
}
public boolean canExecute(Permission target) {
return hasPermission(target, RolePermission.EXECUTE);
}
private boolean impersonating = false;
public void impersonateUser(User user) {
if (user == null) {
this.thisuser = getUser();
impersonating = false;
} else if (canExecute("user")) {
secubean.logMessage(userbean.getCurrentUser(), "Successfully impersonating user id: " + user.getId() + " and login: " + user.getLogin());
this.thisuser = user;
impersonating = true;
} else {
secubean.logMessage(userbean.getCurrentUser(), "User tried to impersonate as id: " + user.getId() + " login: " + user.getLogin() + " but did not have enough rights");
}
}
public User getUser() {
boolean iscurruser = userbean.isCurrentUser(thisuser);
logger.debug("Current user {}", (thisuser == null) ? "null" : thisuser.getNick());
if (thisuser == null || (!impersonating && !iscurruser)) {
thisuser = userbean.getCurrentUser();
}
return thisuser;
}
public String logout() {
FacesContext ctx = FacesContext.getCurrentInstance();
HttpSession sess = (HttpSession) ctx.getExternalContext().getSession(false);
if (sess != null) {
sess.invalidate();
}
thisuser = null;
return "logout";
}
}