001    /**
002     * Copyright (c) 2000-2013 Liferay, Inc. All rights reserved.
003     *
004     * The contents of this file are subject to the terms of the Liferay Enterprise
005     * Subscription License ("License"). You may not use this file except in
006     * compliance with the License. You can obtain a copy of the License by
007     * contacting Liferay, Inc. See the License for the specific language governing
008     * permissions and limitations under the License, including but not limited to
009     * distribution rights of the Software.
010     *
011     *
012     *
013     */
014    
015    package com.liferay.portal.security.ac;
016    
017    import com.liferay.portal.spring.aop.AnnotationChainableMethodAdvice;
018    
019    import java.lang.reflect.Method;
020    
021    import org.aopalliance.intercept.MethodInvocation;
022    
023    /**
024     * @author Tomas Polesovsky
025     * @author Igor Spasic
026     * @author Michael C. Han
027     * @author Raymond Augé
028     * @author Shuyang Zhou
029     */
030    public class AccessControlAdvice
031            extends AnnotationChainableMethodAdvice<AccessControlled> {
032    
033            @Override
034            public Object before(MethodInvocation methodInvocation) throws Throwable {
035                    AccessControlled accessControlled = findAnnotation(methodInvocation);
036    
037                    if (accessControlled == AccessControl.NULL_ACCESS_CONTROLLED) {
038                            return null;
039                    }
040    
041                    boolean remoteAccess = AccessControlThreadLocal.isRemoteAccess();
042    
043                    if (remoteAccess) {
044                            Method targetMethod = methodInvocation.getMethod();
045    
046                            _accessControlAdvisor.accept(targetMethod, accessControlled);
047                    }
048    
049                    return null;
050            }
051    
052            @Override
053            public AccessControlled getNullAnnotation() {
054                    return AccessControl.NULL_ACCESS_CONTROLLED;
055            }
056    
057            public void setAccessControlAdvisor(
058                    AccessControlAdvisor accessControlAdvisor) {
059    
060                    _accessControlAdvisor = accessControlAdvisor;
061            }
062    
063            private AccessControlAdvisor _accessControlAdvisor;
064    
065    }