001
014
015 package com.liferay.portal.kernel.bean;
016
017 import com.liferay.portal.kernel.util.HtmlUtil;
018
019 import java.lang.reflect.InvocationHandler;
020 import java.lang.reflect.InvocationTargetException;
021 import java.lang.reflect.Method;
022
023
038 public class AutoEscapeBeanHandler implements InvocationHandler {
039
040 public AutoEscapeBeanHandler(Object bean) {
041 _bean = bean;
042 }
043
044 public Object getBean() {
045 return _bean;
046 }
047
048 public Object invoke(Object proxy, Method method, Object[] args)
049 throws Throwable {
050
051 String methodName = method.getName();
052
053 if (methodName.startsWith("set")) {
054 throw new IllegalAccessException(
055 "Setter methods cannot be called on an escaped bean");
056 }
057
058 if (methodName.endsWith("isEscapedModel")) {
059 return true;
060 }
061
062 Object result = null;
063
064 try {
065 result = method.invoke(_bean, args);
066 }
067 catch (InvocationTargetException ite) {
068 throw ite.getTargetException();
069 }
070
071 if ((method.getAnnotation(AutoEscape.class) != null) ||
072 (method.getAnnotation(
073 com.liferay.portal.kernel.annotation.AutoEscape.class) !=
074 null)) {
075
076 result = HtmlUtil.escape((String)result);
077 }
078
079 return result;
080 }
081
082 private Object _bean;
083
084 }