001
014
015 package com.liferay.portal.security.access.control;
016
017 import com.liferay.portal.kernel.exception.PortalException;
018 import com.liferay.portal.kernel.security.access.control.AccessControl;
019 import com.liferay.portal.kernel.security.access.control.AccessControlThreadLocal;
020 import com.liferay.portal.kernel.security.auth.verifier.AuthVerifierResult;
021 import com.liferay.portal.model.User;
022 import com.liferay.portal.security.auth.AccessControlContext;
023 import com.liferay.portal.security.auth.AuthException;
024 import com.liferay.portal.security.auth.AuthVerifierPipeline;
025 import com.liferay.portal.security.auth.CompanyThreadLocal;
026 import com.liferay.portal.security.auth.PrincipalThreadLocal;
027 import com.liferay.portal.security.permission.PermissionChecker;
028 import com.liferay.portal.security.permission.PermissionCheckerFactoryUtil;
029 import com.liferay.portal.security.permission.PermissionThreadLocal;
030 import com.liferay.portal.service.UserLocalServiceUtil;
031
032 import java.util.Map;
033
034 import javax.servlet.http.HttpServletRequest;
035 import javax.servlet.http.HttpServletResponse;
036
037
040 public class AccessControlImpl implements AccessControl {
041
042 @Override
043 public void initAccessControlContext(
044 HttpServletRequest request, HttpServletResponse response,
045 Map<String, Object> settings) {
046
047 AccessControlContext accessControlContext =
048 AccessControlUtil.getAccessControlContext();
049
050 if (accessControlContext != null) {
051 throw new IllegalStateException(
052 "Authentication context is already initialized");
053 }
054
055 accessControlContext = new AccessControlContext();
056
057 accessControlContext.setRequest(request);
058 accessControlContext.setResponse(response);
059
060 Map<String, Object> accessControlContextSettings =
061 accessControlContext.getSettings();
062
063 accessControlContextSettings.putAll(settings);
064
065 AccessControlUtil.setAccessControlContext(accessControlContext);
066 }
067
068 @Override
069 public void initContextUser(long userId) throws AuthException {
070 try {
071 User user = UserLocalServiceUtil.getUser(userId);
072
073 CompanyThreadLocal.setCompanyId(user.getCompanyId());
074
075 PrincipalThreadLocal.setName(userId);
076
077 PermissionChecker permissionChecker =
078 PermissionCheckerFactoryUtil.create(user);
079
080 PermissionThreadLocal.setPermissionChecker(permissionChecker);
081
082 AccessControlThreadLocal.setRemoteAccess(false);
083 }
084 catch (Exception e) {
085 throw new AuthException(e.getMessage(), e);
086 }
087 }
088
089 @Override
090 public AuthVerifierResult.State verifyRequest() throws PortalException {
091 AccessControlContext accessControlContext =
092 AccessControlUtil.getAccessControlContext();
093
094 AuthVerifierResult authVerifierResult =
095 AuthVerifierPipeline.verifyRequest(accessControlContext);
096
097 Map<String, Object> authVerifierResultSettings =
098 authVerifierResult.getSettings();
099
100 if (authVerifierResultSettings != null) {
101 Map<String, Object> settings = accessControlContext.getSettings();
102
103 settings.putAll(authVerifierResultSettings);
104 }
105
106 accessControlContext.setAuthVerifierResult(authVerifierResult);
107
108 return authVerifierResult.getState();
109 }
110
111 }