View Javadoc
1   package usecase.auth;
2   
3   import javax.annotation.Priority;
4   import javax.inject.Inject;
5   import javax.interceptor.AroundInvoke;
6   import javax.interceptor.Interceptor;
7   import javax.interceptor.InvocationContext;
8   
9   /**
10   * Classe interceptor per verificare lo stato di admin di un utente loggato.
11   */
12  @Interceptor
13  @AdminsOnly
14  @Priority(Interceptor.Priority.APPLICATION+3)
15  public class AdminsOnlyInterceptor {
16      @Inject private CurrentUser currentUser;
17  
18      /**
19       * Controlla se l'utente loggato รจ un admin.
20       * @param invocationContext
21       * @return Oggetto che autorizza a procedere con le operazioni.
22       * @throws AuthorizationException
23       */
24      @AroundInvoke
25      public Object checkAdmin(InvocationContext invocationContext) throws Exception{
26          if(!currentUser.isLoggedIn() || !currentUser.isAdmin()){
27              throw new AuthorizationException();
28          }
29          return invocationContext.proceed();
30      }
31  }