001
014
015 package com.liferay.portal.kernel.portlet;
016
017 import com.liferay.portal.kernel.log.Log;
018 import com.liferay.portal.kernel.log.LogFactoryUtil;
019 import com.liferay.portal.kernel.servlet.PersistentHttpServletRequestWrapper;
020 import com.liferay.portal.kernel.servlet.RequestDispatcherAttributeNames;
021 import com.liferay.portal.kernel.util.Mergeable;
022 import com.liferay.portal.kernel.util.PropsKeys;
023 import com.liferay.portal.kernel.util.PropsUtil;
024 import com.liferay.portal.kernel.util.WebKeys;
025
026 import java.util.Collections;
027 import java.util.Enumeration;
028 import java.util.HashMap;
029 import java.util.HashSet;
030 import java.util.Map;
031 import java.util.Set;
032 import java.util.concurrent.locks.Lock;
033
034 import javax.servlet.ServletRequest;
035 import javax.servlet.http.HttpServletRequest;
036
037
040 public class RestrictPortletServletRequest
041 extends PersistentHttpServletRequestWrapper {
042
043 public static boolean isSharedRequestAttribute(String name) {
044 for (String requestSharedAttribute : _REQUEST_SHARED_ATTRIBUTES) {
045 if (name.startsWith(requestSharedAttribute)) {
046 return true;
047 }
048 }
049
050 return false;
051 }
052
053 public RestrictPortletServletRequest(HttpServletRequest request) {
054 super(request);
055 }
056
057 @Override
058 public Object getAttribute(String name) {
059 if (RequestDispatcherAttributeNames.contains(name)) {
060 return super.getAttribute(name);
061 }
062
063 Object value = _attributes.get(name);
064
065 if (value == _nullValue) {
066 return null;
067 }
068
069 if (value != null) {
070 return value;
071 }
072
073 return super.getAttribute(name);
074 }
075
076 @Override
077 public Enumeration<String> getAttributeNames() {
078 Enumeration<String> superEnumeration = super.getAttributeNames();
079
080 if (_attributes.isEmpty()) {
081 return superEnumeration;
082 }
083
084 Set<String> names = new HashSet<>();
085
086 while (superEnumeration.hasMoreElements()) {
087 names.add(superEnumeration.nextElement());
088 }
089
090 for (Map.Entry<String, Object> entry : _attributes.entrySet()) {
091 String key = entry.getKey();
092 Object value = entry.getValue();
093
094 if (value == null) {
095 names.remove(key);
096 }
097 else {
098 names.add(key);
099 }
100 }
101
102 names.addAll(_attributes.keySet());
103
104 return Collections.enumeration(names);
105 }
106
107 public Map<String, Object> getAttributes() {
108 return _attributes;
109 }
110
111 public void mergeSharedAttributes() {
112 ServletRequest servletRequest = getRequest();
113
114 Lock lock = (Lock)servletRequest.getAttribute(
115 WebKeys.PARALLEL_RENDERING_MERGE_LOCK);
116
117 if (lock != null) {
118 lock.lock();
119 }
120
121 try {
122 doMergeSharedAttributes(servletRequest);
123 }
124 finally {
125 if (lock != null) {
126 lock.unlock();
127 }
128 }
129 }
130
131 @Override
132 public void removeAttribute(String name) {
133 if (RequestDispatcherAttributeNames.contains(name)) {
134 super.removeAttribute(name);
135 }
136 else {
137 _attributes.put(name, _nullValue);
138 }
139 }
140
141 @Override
142 public void setAttribute(String name, Object value) {
143 if (RequestDispatcherAttributeNames.contains(name)) {
144 super.setAttribute(name, value);
145 }
146 else {
147 if (value == null) {
148 value = _nullValue;
149 }
150
151 _attributes.put(name, value);
152 }
153 }
154
155 protected void doMergeSharedAttributes(ServletRequest servletRequest) {
156 for (Map.Entry<String, Object> entry : _attributes.entrySet()) {
157 String name = entry.getKey();
158 Object value = entry.getValue();
159
160 doMergeSharedAttributes(servletRequest, name, value);
161 }
162 }
163
164 protected void doMergeSharedAttributes(
165 ServletRequest servletRequest, String name, Object value) {
166
167 if (isSharedRequestAttribute(name)) {
168 if (value == _nullValue) {
169 servletRequest.removeAttribute(name);
170
171 if (_log.isDebugEnabled()) {
172 _log.debug("Remove shared attribute " + name);
173 }
174 }
175 else {
176 Object masterValue = servletRequest.getAttribute(name);
177
178 if ((masterValue == null) || !(value instanceof Mergeable)) {
179 servletRequest.setAttribute(name, value);
180
181 if (_log.isDebugEnabled()) {
182 _log.debug("Set shared attribute " + name);
183 }
184 }
185 else {
186 Mergeable<Object> masterMergeable =
187 (Mergeable<Object>)masterValue;
188 Mergeable<Object> slaveMergeable = (Mergeable<Object>)value;
189
190 masterMergeable.merge(slaveMergeable);
191
192 if (_log.isDebugEnabled()) {
193 _log.debug("Merge shared attribute " + name);
194 }
195 }
196 }
197 }
198 else {
199 if ((value != _nullValue) && _log.isDebugEnabled()) {
200 _log.debug("Ignore setting restricted attribute " + name);
201 }
202 }
203 }
204
205 private static final String[] _REQUEST_SHARED_ATTRIBUTES =
206 PropsUtil.getArray(PropsKeys.REQUEST_SHARED_ATTRIBUTES);
207
208 private static final Log _log = LogFactoryUtil.getLog(
209 RestrictPortletServletRequest.class);
210
211 private static final Object _nullValue = new Object();
212
213 private final Map<String, Object> _attributes = new HashMap<>();
214
215 }