001    /**
002     * Copyright (c) 2000-2013 Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portal.security.pacl;
016    
017    import com.liferay.portal.kernel.security.pacl.permission.PortalServicePermission;
018    
019    import java.lang.reflect.InvocationHandler;
020    import java.lang.reflect.InvocationTargetException;
021    import java.lang.reflect.Method;
022    
023    import java.security.AccessController;
024    import java.security.PrivilegedActionException;
025    import java.security.PrivilegedExceptionAction;
026    
027    import org.springframework.aop.framework.AdvisedSupport;
028    
029    /**
030     * @author Brian Wing Shun Chan
031     * @author Raymond Augé
032     */
033    public class PACLInvocationHandler implements InvocationHandler {
034    
035            public PACLInvocationHandler(InvocationHandler invocationHandler) {
036                    this(invocationHandler, null);
037            }
038    
039            public PACLInvocationHandler(
040                    InvocationHandler invocationHandler, AdvisedSupport advisedSupport) {
041    
042                    _invocationHandler = invocationHandler;
043                    _advisedSupport = advisedSupport;
044            }
045    
046            public Object invoke(Object proxy, Method method, Object[] arguments)
047                    throws Throwable {
048    
049                    try {
050                            return doInvoke(proxy, method, arguments);
051                    }
052                    catch (InvocationTargetException ite) {
053                            throw ite.getTargetException();
054                    }
055            }
056    
057            protected Object doInvoke(Object proxy, Method method, Object[] arguments)
058                    throws Throwable {
059    
060                    if (!PACLPolicyManager.isActive()) {
061                            return _invocationHandler.invoke(proxy, method, arguments);
062                    }
063    
064                    if (method.getDeclaringClass() == Object.class) {
065                            String methodName = method.getName();
066    
067                            if (methodName.equals("equals")) {
068                                    if (proxy == arguments[0]) {
069                                            return true;
070                                    }
071    
072                                    return false;
073                            }
074                            else if (methodName.equals("toString")) {
075                                    return _invocationHandler.invoke(proxy, method, arguments);
076                            }
077                    }
078    
079                    PortalServicePermission.checkService(proxy, method, arguments);
080    
081                    try {
082                            return AccessController.doPrivileged(
083                                    new InvokePrivilegedExceptionAction(
084                                            _invocationHandler, proxy, method, arguments));
085                    }
086                    catch (PrivilegedActionException pae) {
087                            throw pae.getException().getCause();
088                    }
089            }
090    
091            @SuppressWarnings("unused")
092            private AdvisedSupport _advisedSupport;
093    
094            private InvocationHandler _invocationHandler;
095    
096            private class InvokePrivilegedExceptionAction
097                    implements PrivilegedExceptionAction<Object> {
098    
099                    public InvokePrivilegedExceptionAction(
100                            InvocationHandler invocationHandler, Object proxy, Method method,
101                            Object[] arguments) {
102    
103                            _invocationHandler = invocationHandler;
104                            _proxy = proxy;
105                            _method = method;
106                            _arguments = arguments;
107                    }
108    
109                    public Object run() throws Exception {
110                            try {
111                                    return _invocationHandler.invoke(_proxy, _method, _arguments);
112                            }
113                            catch (Throwable t) {
114                                    throw new Exception(t);
115                            }
116                    }
117    
118                    private Object[] _arguments;
119                    private InvocationHandler _invocationHandler;
120                    private Method _method;
121                    private Object _proxy;
122    
123            }
124    
125    }