All Downloads are FREE. Search and download functionalities are using the official Maven repository.

psiprobe.tools.SecurityUtils Maven / Gradle / Ivy

There is a newer version: 5.1.1
Show newest version
/*
 * Licensed under the GPL License. You may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *   https://www.gnu.org/licenses/old-licenses/gpl-2.0.html
 *
 * THIS PACKAGE IS PROVIDED "AS IS" AND WITHOUT ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING,
 * WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR
 * PURPOSE.
 */
package psiprobe.tools;

import java.util.Collection;

import javax.servlet.ServletContext;
import javax.servlet.http.HttpServletRequest;

import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.context.SecurityContextHolder;

/**
 * The Class SecurityUtils.
 */
public final class SecurityUtils {

  /**
   * Prevent Instantiation of security utils.
   */
  private SecurityUtils() {
    // Prevent Instantiation
  }

  /**
   * Checks for attribute value role.
   *
   * @param servletContext the servlet context
   * @param request the request
   *
   * @return true, if successful
   */
  public static boolean hasAttributeValueRole(ServletContext servletContext,
      HttpServletRequest request) {

    String[] privilegedRoles = getPrivilegedRoles(servletContext).split(",", -1);
    for (String privilegedRole : privilegedRoles) {
      if (userHasRole(privilegedRole)) {
        return true;
      }
    }
    return false;
  }

  /**
   * User has role.
   *
   * @param privilegedRole the privileged role
   *
   * @return true, if successful
   */
  private static boolean userHasRole(String privilegedRole) {
    Collection authorities =
        SecurityContextHolder.getContext().getAuthentication().getAuthorities();

    boolean result = false;
    for (GrantedAuthority authority : authorities) {
      if (privilegedRole.equals(authority.getAuthority())) {
        result = true;
        break;
      }
    }
    return result;
  }

  /**
   * Gets the privileged roles.
   *
   * @param servletContext the servlet context
   *
   * @return the privileged roles
   */
  private static String getPrivilegedRoles(ServletContext servletContext) {
    return servletContext.getInitParameter("attribute.value.roles");
  }

}




© 2015 - 2024 Weber Informatics LLC | Privacy Policy