AuthorizationConstraintsInterceptor.java
package usecase.auth;
import common.http.interceptor.HttpServletBiConsumer;
import common.http.interceptor.ServletInterceptor;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.util.Arrays;
import java.util.EnumSet;
import java.util.Set;
import static usecase.auth.AuthorizationConstraints.Types.*;
public class AuthorizationConstraintsInterceptor extends ServletInterceptor<AuthorizationConstraints> {
private Set<AuthorizationConstraints.Types> authorizationConstraintTypes;
@Override
protected void init(AuthorizationConstraints annotation) {
authorizationConstraintTypes = EnumSet.noneOf(AuthorizationConstraints.Types.class);
authorizationConstraintTypes.addAll(Arrays.asList(annotation.value()));
}
@Override
public void handle(HttpServletRequest req, HttpServletResponse resp, HttpServletBiConsumer next) throws ServletException, IOException {
CurrentUser currentUser = (CurrentUser) req.getAttribute("currentUser");
if(authorizationConstraintTypes.contains(ADMINS_ONLY)
|| authorizationConstraintTypes.contains(REQUIRE_AUTHENTICATION)){
//controlla se l'utente รจ autenticato
if(!currentUser.isLoggedIn()){
throw new AuthenticationRequiredException();
}
}
if(authorizationConstraintTypes.contains(ADMINS_ONLY)){
if(!currentUser.isAdmin()){
throw new AuthorizationException();
}
}
if(authorizationConstraintTypes.contains(DENY_BANNED_USERS)){
if(currentUser.getBanDuration() != null){
throw new BannedUserException();
}
}
next.handle(req,resp);
}
@Override
public int priority() {
return super.priority();
}
}