001
014
015 package com.liferay.portal.security.ac;
016
017 import com.liferay.portal.kernel.exception.PortalException;
018 import com.liferay.portal.kernel.exception.SystemException;
019 import com.liferay.portal.model.User;
020 import com.liferay.portal.security.auth.AccessControlContext;
021 import com.liferay.portal.security.auth.AuthException;
022 import com.liferay.portal.security.auth.AuthVerifierPipeline;
023 import com.liferay.portal.security.auth.AuthVerifierResult;
024 import com.liferay.portal.security.auth.CompanyThreadLocal;
025 import com.liferay.portal.security.auth.PrincipalThreadLocal;
026 import com.liferay.portal.security.permission.PermissionChecker;
027 import com.liferay.portal.security.permission.PermissionCheckerFactoryUtil;
028 import com.liferay.portal.security.permission.PermissionThreadLocal;
029 import com.liferay.portal.service.UserLocalServiceUtil;
030
031 import java.util.Map;
032
033 import javax.servlet.http.HttpServletRequest;
034 import javax.servlet.http.HttpServletResponse;
035
036
039 public class AccessControlImpl implements AccessControl {
040
041 public void initAccessControlContext(
042 HttpServletRequest request, HttpServletResponse response,
043 Map<String, Object> settings) {
044
045 AccessControlContext accessControlContext =
046 AccessControlUtil.getAccessControlContext();
047
048 if (accessControlContext != null) {
049 throw new IllegalStateException(
050 "Authentication context is already initialized");
051 }
052
053 accessControlContext = new AccessControlContext();
054
055 accessControlContext.setRequest(request);
056 accessControlContext.setResponse(response);
057
058 Map<String, Object> accessControlContextSettings =
059 accessControlContext.getSettings();
060
061 accessControlContextSettings.putAll(settings);
062
063 AccessControlUtil.setAccessControlContext(accessControlContext);
064 }
065
066 public void initContextUser(long userId) throws AuthException {
067 try {
068 User user = UserLocalServiceUtil.getUser(userId);
069
070 CompanyThreadLocal.setCompanyId(user.getCompanyId());
071
072 PrincipalThreadLocal.setName(userId);
073
074 PermissionChecker permissionChecker =
075 PermissionCheckerFactoryUtil.create(user);
076
077 PermissionThreadLocal.setPermissionChecker(permissionChecker);
078
079 AccessControlThreadLocal.setRemoteAccess(false);
080 }
081 catch (Exception e) {
082 throw new AuthException(e.getMessage(), e);
083 }
084 }
085
086 public AuthVerifierResult.State verifyRequest()
087 throws PortalException, SystemException {
088
089 AccessControlContext accessControlContext =
090 AccessControlUtil.getAccessControlContext();
091
092 AuthVerifierResult authVerifierResult =
093 AuthVerifierPipeline.verifyRequest(accessControlContext);
094
095 Map<String, Object> authVerifierResultSettings =
096 authVerifierResult.getSettings();
097
098 if (authVerifierResultSettings != null) {
099 Map<String, Object> settings = accessControlContext.getSettings();
100
101 settings.putAll(authVerifierResultSettings);
102 }
103
104 accessControlContext.setAuthVerifierResult(authVerifierResult);
105
106 return authVerifierResult.getState();
107 }
108
109 }