001    /**
002     * Copyright (c) 2000-present Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portal.security.ac;
016    
017    import com.liferay.portal.kernel.exception.PortalException;
018    import com.liferay.portal.model.User;
019    import com.liferay.portal.security.auth.AccessControlContext;
020    import com.liferay.portal.security.auth.AuthException;
021    import com.liferay.portal.security.auth.AuthVerifierPipeline;
022    import com.liferay.portal.security.auth.AuthVerifierResult;
023    import com.liferay.portal.security.auth.CompanyThreadLocal;
024    import com.liferay.portal.security.auth.PrincipalThreadLocal;
025    import com.liferay.portal.security.permission.PermissionChecker;
026    import com.liferay.portal.security.permission.PermissionCheckerFactoryUtil;
027    import com.liferay.portal.security.permission.PermissionThreadLocal;
028    import com.liferay.portal.service.UserLocalServiceUtil;
029    
030    import java.util.Map;
031    
032    import javax.servlet.http.HttpServletRequest;
033    import javax.servlet.http.HttpServletResponse;
034    
035    /**
036     * @author Raymond Aug??
037     */
038    public class AccessControlImpl implements AccessControl {
039    
040            @Override
041            public void initAccessControlContext(
042                    HttpServletRequest request, HttpServletResponse response,
043                    Map<String, Object> settings) {
044    
045                    AccessControlContext accessControlContext =
046                            AccessControlUtil.getAccessControlContext();
047    
048                    if (accessControlContext != null) {
049                            throw new IllegalStateException(
050                                    "Authentication context is already initialized");
051                    }
052    
053                    accessControlContext = new AccessControlContext();
054    
055                    accessControlContext.setRequest(request);
056                    accessControlContext.setResponse(response);
057    
058                    Map<String, Object> accessControlContextSettings =
059                            accessControlContext.getSettings();
060    
061                    accessControlContextSettings.putAll(settings);
062    
063                    AccessControlUtil.setAccessControlContext(accessControlContext);
064            }
065    
066            @Override
067            public void initContextUser(long userId) throws AuthException {
068                    try {
069                            User user = UserLocalServiceUtil.getUser(userId);
070    
071                            CompanyThreadLocal.setCompanyId(user.getCompanyId());
072    
073                            PrincipalThreadLocal.setName(userId);
074    
075                            PermissionChecker permissionChecker =
076                                    PermissionCheckerFactoryUtil.create(user);
077    
078                            PermissionThreadLocal.setPermissionChecker(permissionChecker);
079    
080                            AccessControlThreadLocal.setRemoteAccess(false);
081                    }
082                    catch (Exception e) {
083                            throw new AuthException(e.getMessage(), e);
084                    }
085            }
086    
087            @Override
088            public AuthVerifierResult.State verifyRequest() throws PortalException {
089                    AccessControlContext accessControlContext =
090                            AccessControlUtil.getAccessControlContext();
091    
092                    AuthVerifierResult authVerifierResult =
093                            AuthVerifierPipeline.verifyRequest(accessControlContext);
094    
095                    Map<String, Object> authVerifierResultSettings =
096                            authVerifierResult.getSettings();
097    
098                    if (authVerifierResultSettings != null) {
099                            Map<String, Object> settings = accessControlContext.getSettings();
100    
101                            settings.putAll(authVerifierResultSettings);
102                    }
103    
104                    accessControlContext.setAuthVerifierResult(authVerifierResult);
105    
106                    return authVerifierResult.getState();
107            }
108    
109    }