001
014
015 package com.liferay.portal.security.ac;
016
017 import com.liferay.portal.kernel.exception.PortalException;
018 import com.liferay.portal.model.User;
019 import com.liferay.portal.security.auth.AccessControlContext;
020 import com.liferay.portal.security.auth.AuthException;
021 import com.liferay.portal.security.auth.AuthVerifierPipeline;
022 import com.liferay.portal.security.auth.AuthVerifierResult;
023 import com.liferay.portal.security.auth.CompanyThreadLocal;
024 import com.liferay.portal.security.auth.PrincipalThreadLocal;
025 import com.liferay.portal.security.permission.PermissionChecker;
026 import com.liferay.portal.security.permission.PermissionCheckerFactoryUtil;
027 import com.liferay.portal.security.permission.PermissionThreadLocal;
028 import com.liferay.portal.service.UserLocalServiceUtil;
029
030 import java.util.Map;
031
032 import javax.servlet.http.HttpServletRequest;
033 import javax.servlet.http.HttpServletResponse;
034
035
038 public class AccessControlImpl implements AccessControl {
039
040 @Override
041 public void initAccessControlContext(
042 HttpServletRequest request, HttpServletResponse response,
043 Map<String, Object> settings) {
044
045 AccessControlContext accessControlContext =
046 AccessControlUtil.getAccessControlContext();
047
048 if (accessControlContext != null) {
049 throw new IllegalStateException(
050 "Authentication context is already initialized");
051 }
052
053 accessControlContext = new AccessControlContext();
054
055 accessControlContext.setRequest(request);
056 accessControlContext.setResponse(response);
057
058 Map<String, Object> accessControlContextSettings =
059 accessControlContext.getSettings();
060
061 accessControlContextSettings.putAll(settings);
062
063 AccessControlUtil.setAccessControlContext(accessControlContext);
064 }
065
066 @Override
067 public void initContextUser(long userId) throws AuthException {
068 try {
069 User user = UserLocalServiceUtil.getUser(userId);
070
071 CompanyThreadLocal.setCompanyId(user.getCompanyId());
072
073 PrincipalThreadLocal.setName(userId);
074
075 PermissionChecker permissionChecker =
076 PermissionCheckerFactoryUtil.create(user);
077
078 PermissionThreadLocal.setPermissionChecker(permissionChecker);
079
080 AccessControlThreadLocal.setRemoteAccess(false);
081 }
082 catch (Exception e) {
083 throw new AuthException(e.getMessage(), e);
084 }
085 }
086
087 @Override
088 public AuthVerifierResult.State verifyRequest() throws PortalException {
089 AccessControlContext accessControlContext =
090 AccessControlUtil.getAccessControlContext();
091
092 AuthVerifierResult authVerifierResult =
093 AuthVerifierPipeline.verifyRequest(accessControlContext);
094
095 Map<String, Object> authVerifierResultSettings =
096 authVerifierResult.getSettings();
097
098 if (authVerifierResultSettings != null) {
099 Map<String, Object> settings = accessControlContext.getSettings();
100
101 settings.putAll(authVerifierResultSettings);
102 }
103
104 accessControlContext.setAuthVerifierResult(authVerifierResult);
105
106 return authVerifierResult.getState();
107 }
108
109 }