001
014
015 package com.liferay.portal.security.access.control;
016
017 import com.liferay.portal.kernel.exception.PortalException;
018 import com.liferay.portal.kernel.security.access.control.AccessControl;
019 import com.liferay.portal.kernel.security.access.control.AccessControlThreadLocal;
020 import com.liferay.portal.kernel.security.access.control.AccessControlUtil;
021 import com.liferay.portal.kernel.security.auth.verifier.AuthVerifierResult;
022 import com.liferay.portal.kernel.security.pacl.DoPrivileged;
023 import com.liferay.portal.model.User;
024 import com.liferay.portal.security.auth.AccessControlContext;
025 import com.liferay.portal.security.auth.AuthException;
026 import com.liferay.portal.security.auth.AuthVerifierPipeline;
027 import com.liferay.portal.security.auth.CompanyThreadLocal;
028 import com.liferay.portal.security.auth.PrincipalThreadLocal;
029 import com.liferay.portal.security.permission.PermissionChecker;
030 import com.liferay.portal.security.permission.PermissionCheckerFactoryUtil;
031 import com.liferay.portal.security.permission.PermissionThreadLocal;
032 import com.liferay.portal.service.UserLocalServiceUtil;
033
034 import java.util.Map;
035
036 import javax.servlet.http.HttpServletRequest;
037 import javax.servlet.http.HttpServletResponse;
038
039
042 @DoPrivileged
043 public class AccessControlImpl implements AccessControl {
044
045 @Override
046 public void initAccessControlContext(
047 HttpServletRequest request, HttpServletResponse response,
048 Map<String, Object> settings) {
049
050 AccessControlContext accessControlContext =
051 AccessControlUtil.getAccessControlContext();
052
053 if (accessControlContext != null) {
054 throw new IllegalStateException(
055 "Authentication context is already initialized");
056 }
057
058 accessControlContext = new AccessControlContext();
059
060 accessControlContext.setRequest(request);
061 accessControlContext.setResponse(response);
062
063 Map<String, Object> accessControlContextSettings =
064 accessControlContext.getSettings();
065
066 accessControlContextSettings.putAll(settings);
067
068 AccessControlUtil.setAccessControlContext(accessControlContext);
069 }
070
071 @Override
072 public void initContextUser(long userId) throws AuthException {
073 try {
074 User user = UserLocalServiceUtil.getUser(userId);
075
076 CompanyThreadLocal.setCompanyId(user.getCompanyId());
077
078 PrincipalThreadLocal.setName(userId);
079
080 PermissionChecker permissionChecker =
081 PermissionCheckerFactoryUtil.create(user);
082
083 PermissionThreadLocal.setPermissionChecker(permissionChecker);
084
085 AccessControlThreadLocal.setRemoteAccess(false);
086 }
087 catch (Exception e) {
088 throw new AuthException(e.getMessage(), e);
089 }
090 }
091
092 @Override
093 public AuthVerifierResult.State verifyRequest() throws PortalException {
094 AccessControlContext accessControlContext =
095 AccessControlUtil.getAccessControlContext();
096
097 AuthVerifierResult authVerifierResult =
098 AuthVerifierPipeline.verifyRequest(accessControlContext);
099
100 Map<String, Object> authVerifierResultSettings =
101 authVerifierResult.getSettings();
102
103 if (authVerifierResultSettings != null) {
104 Map<String, Object> settings = accessControlContext.getSettings();
105
106 settings.putAll(authVerifierResultSettings);
107 }
108
109 accessControlContext.setAuthVerifierResult(authVerifierResult);
110
111 return authVerifierResult.getState();
112 }
113
114 }