com.synhaptein.scalator.security.SecurityHandler.scala Maven / Gradle / Ivy
The newest version!
package com.synhaptein.scalator.security
import com.synhaptein.scalator.handlers.RequestHandler
import com.synhaptein.scalator.RequestContainer
import javax.servlet.FilterConfig
import com.synhaptein.scalator.context.Context
import com.synhaptein.scalator.exceptions.ErrorViewException
/**
* Request handle to handle security annotation on commands.
*
* Redistributions of files must retain the above copyright notice.
*
* @copyright Copyright 2010-2011, SynHaptein (http://www.synhaptein.com)
* @link http://www.synhaptein.com/scalator scalator project
* @since scalator 0.1
* @license http://www.synhaptein.com/scalator/license.html
*/
class SecurityHandler extends RequestHandler
{
def handle(filterConfig: FilterConfig, url: String, context: Context, requestContainer: RequestContainer): Unit = {
val securityMethod = requestContainer.method.getAnnotation(classOf[Security])
val securityClass = requestContainer.clazz.getAnnotation(classOf[Security])
val roles = if(containsRoles(securityMethod)) {
extractRoles(securityMethod)
}
else if(containsRoles(securityClass)) {
extractRoles(securityMethod)
}
else {
Set[String]()
}
if(roles.size > 0) {
context.session[User[_]](UserServiceConstants.USER) match {
case Some(user) =>
roles foreach { role =>
if(!user.roles.contains(role)) throw new ErrorViewException("403")
}
case _ =>
throw new ErrorViewException("403")
}
}
}
private def containsRoles(security: Security): Boolean = {
security != null && (!"".equals(security.group()) || security.groups().length > 0)
}
private def extractRoles(security: Security): Set[String] = {
if(!"".equals(security.group())) {
Set[String]() + security.group()
}
else if(security.groups().length > 0) {
security.groups().foldLeft(Set[String]())((set, role) => set + role)
}
else {
Set[String]()
}
}
}