001
014
015 package com.liferay.portal.kernel.bean;
016
017 import com.liferay.portal.kernel.util.HtmlUtil;
018
019 import java.io.Serializable;
020
021 import java.lang.reflect.InvocationHandler;
022 import java.lang.reflect.InvocationTargetException;
023 import java.lang.reflect.Method;
024
025
040 public class AutoEscapeBeanHandler implements InvocationHandler, Serializable {
041
042 public AutoEscapeBeanHandler(Object bean) {
043 _bean = (Serializable)bean;
044 }
045
046 public Object getBean() {
047 return _bean;
048 }
049
050 public Object invoke(Object proxy, Method method, Object[] arguments)
051 throws Throwable {
052
053 String methodName = method.getName();
054
055 if (methodName.startsWith("set")) {
056 throw new IllegalAccessException(
057 "Setter methods cannot be called on an escaped bean");
058 }
059
060 if (methodName.endsWith("isEscapedModel")) {
061 return true;
062 }
063 else if (methodName.endsWith("toEscapedModel")) {
064 return proxy;
065 }
066
067 Object result = null;
068
069 try {
070 result = method.invoke(_bean, arguments);
071 }
072 catch (InvocationTargetException ite) {
073 throw ite.getTargetException();
074 }
075
076 if (method.getAnnotation(AutoEscape.class) != null) {
077 result = HtmlUtil.escape((String)result);
078 }
079
080 return result;
081 }
082
083 private Serializable _bean;
084
085 }