public void testServiceFailure() throws ApsSystemException {
RequestContext reqCtx = this.getRequestContext();
Role role = new Role();
role.setName("testRole");
User user = new User();
user.addAutority(role);
reqCtx.getRequest().getSession().setAttribute(SystemConstants.SESSIONPARAM_CURRENT_USER, user);
Page page = new Page();
page.setCode("login");
page.setGroup("free");
page.setModel(new PageModel());
reqCtx.addExtraParam(SystemConstants.EXTRAPAR_CURRENT_PAGE, page);
Lang lang = new Lang();
lang.setCode("it");
reqCtx.addExtraParam(SystemConstants.EXTRAPAR_CURRENT_LANG, lang);
MockHttpServletRequest request = (MockHttpServletRequest) reqCtx.getRequest();
request.setRemoteAddr("255.255.255.255");
request.addHeader("Referer", "homeTest");
request.addHeader("User-Agent", "Mio Test Browser");
request.addHeader("accept-language", "sardo");
int status = _statMonitor.service(reqCtx, ControllerManager.CONTINUE);
assertEquals(status, ControllerManager.CONTINUE);
this.deleteStatsRecord();
}
/**
* Verifica che l'utente in sessione sia abilitato all'accesso alla pagina richiesta. Se è
* autorizzato il metodo termina con CONTINUE, altrimenti con REDIRECT impostando prima i
* parametri di redirezione alla pagina di login.
*
* @param reqCtx Il contesto di richiesta
* @param status Lo stato di uscita del servizio precedente
* @return Lo stato di uscita
*/
@Override
public int service(RequestContext reqCtx, int status) {
if (_log.isLoggable(Level.FINEST)) {
_log.finest("Invoked: " + this.getClass().getName());
}
int retStatus = ControllerManager.INVALID_STATUS;
if (status == ControllerManager.ERROR) {
return status;
}
try {
HttpServletRequest req = reqCtx.getRequest();
HttpSession session = req.getSession();
IPage currentPage = (IPage) reqCtx.getExtraParam(SystemConstants.EXTRAPAR_CURRENT_PAGE);
UserDetails currentUser =
(UserDetails) session.getAttribute(SystemConstants.SESSIONPARAM_CURRENT_USER);
if (null == currentUser) {
throw new ApsSystemException("no user on session");
}
boolean authorized = this.getAuthManager().isAuth(currentUser, currentPage);
if (authorized) {
retStatus = ControllerManager.CONTINUE;
} else {
retStatus = this.redirect(this.getLoginPageCode(), reqCtx);
}
} catch (Throwable t) {
ApsSystemUtils.logThrowable(t, this, "service", "Error while processing the request");
retStatus = ControllerManager.SYS_ERROR;
reqCtx.setHTTPError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
}
return retStatus;
}
public void testServiceFailure_2() throws Throwable {
RequestContext reqCtx = this.getRequestContext();
reqCtx.getRequest().getSession().removeAttribute(SystemConstants.SESSIONPARAM_CURRENT_USER);
IPage root = this._pageManager.getRoot();
reqCtx.addExtraParam(SystemConstants.EXTRAPAR_CURRENT_PAGE, root);
int status = _authorizator.service(reqCtx, ControllerManager.CONTINUE);
assertEquals(status, ControllerManager.SYS_ERROR);
}
public void testServiceFailure_2() throws ApsSystemException {
RequestContext reqCtx = this.getRequestContext();
((MockHttpServletRequest) reqCtx.getRequest()).setServletPath("/wrongpath.wp"); // wrong path
int status = _requestValidator.service(reqCtx, ControllerManager.CONTINUE);
assertEquals(ControllerManager.REDIRECT, status);
String redirectUrl = (String) reqCtx.getExtraParam(RequestContext.EXTRAPAR_REDIRECT_URL);
assertEquals("/Entando/it/errorpage.page?redirectflag=1", redirectUrl);
}
@Override
public int service(RequestContext reqCtx, int status) {
if (_log.isLoggable(Level.FINEST)) {
_log.finest("Invoked " + this.getClass().getName());
}
int retStatus = ControllerManager.INVALID_STATUS;
if (status == ControllerManager.ERROR) {
return status;
}
try {
String isActive =
this.getConfigManager()
.getParam(CasClientPluginSystemCostants.JPCASCLIENT_EXTENDED_ISACTIVE);
if (!isActive.equals("true")) {
// if cas client is disactivate normal Authorization on request
return super.service(reqCtx, retStatus);
} else {
HttpServletRequest req = reqCtx.getRequest();
HttpSession session = req.getSession();
IPage currentPage = (IPage) reqCtx.getExtraParam(SystemConstants.EXTRAPAR_CURRENT_PAGE);
UserDetails currentUser =
(UserDetails) session.getAttribute(SystemConstants.SESSIONPARAM_CURRENT_USER);
boolean authorized = this.getAuthManager().isAuth(currentUser, currentPage);
if (authorized) {
retStatus = ControllerManager.CONTINUE;
} else if (SystemConstants.GUEST_USER_NAME.equals(currentUser.getUsername())) {
_log.info("CAS - user not authorized and guest");
CasClientUtils casClientUtils = new CasClientUtils();
String loginBaseUrl =
this.getConfigManager().getParam(CasClientPluginSystemCostants.JPCASCLIENT_LOGIN_URL);
StringBuffer loginUrl = new StringBuffer(loginBaseUrl);
loginUrl.append("?service=");
PageURL pageUrl = this.getUrlManager().createURL(reqCtx);
String serviceUrl = casClientUtils.getURLStringWithoutTicketParam(pageUrl, reqCtx);
loginUrl.append(serviceUrl);
reqCtx.addExtraParam(RequestContext.EXTRAPAR_REDIRECT_URL, loginUrl.toString());
retStatus = ControllerManager.REDIRECT;
} else {
_log.info("CAS - user authenticated but not authorized");
Lang currentLang = (Lang) reqCtx.getExtraParam(SystemConstants.EXTRAPAR_CURRENT_LANG);
String notAuthPageCode =
this.getConfigManager()
.getParam(CasClientPluginSystemCostants.JPCASCLIENT_NO_AUTH_PAGE);
IPage page = this.getPageManager().getPage(notAuthPageCode);
String url =
this.getUrlManager().createUrl(page, currentLang, new HashMap<String, String>());
reqCtx.addExtraParam(RequestContext.EXTRAPAR_REDIRECT_URL, url);
retStatus = ControllerManager.REDIRECT;
}
}
} catch (Throwable t) {
ApsSystemUtils.logThrowable(t, this, "service", "Error in processing the request");
retStatus = ControllerManager.ERROR;
}
return retStatus;
}
/**
* Crea e restituisce una lista di oggetti NavigatorTarget, che wrappano pagine del portale e
* possono essere utilizzati dai sub-tag.
*
* @param spec L'espressione usata la specificazione delle pagine da selezionare; possono essere
* assolute o relative o miste.
* @param reqCtx Il contesto della richiesta corrente.
* @return La lista di oggetti NavigatorTarget.
*/
@Override
public List<NavigatorTarget> parseSpec(String spec, RequestContext reqCtx) {
IPage currentPage = (IPage) reqCtx.getExtraParam(SystemConstants.EXTRAPAR_CURRENT_PAGE);
UserDetails currentUser =
(UserDetails)
reqCtx
.getRequest()
.getSession()
.getAttribute(SystemConstants.SESSIONPARAM_CURRENT_USER);
return this.parseSpec(spec, currentPage, currentUser);
}
protected boolean isPageAllowed(RequestContext reqCtx, String pageCode) {
UserDetails user = null;
if (null != reqCtx) {
user =
(UserDetails)
reqCtx
.getRequest()
.getSession()
.getAttribute(SystemConstants.SESSIONPARAM_CURRENT_USER);
}
return this.isPageAllowed(user, pageCode);
}
public void testService() throws ApsSystemException {
RequestContext reqCtx = this.getRequestContext();
((MockHttpServletRequest) reqCtx.getRequest()).setServletPath("/it/homepage.wp");
int status = this._requestValidator.service(reqCtx, ControllerManager.CONTINUE);
assertEquals(ControllerManager.CONTINUE, status);
Lang lang = (Lang) reqCtx.getExtraParam(SystemConstants.EXTRAPAR_CURRENT_LANG);
IPage page = (IPage) reqCtx.getExtraParam(SystemConstants.EXTRAPAR_CURRENT_PAGE);
assertNotNull(page);
assertNotNull(lang);
assertEquals("it", lang.getCode());
assertEquals("homepage", page.getCode());
}
/**
* Questo controller si incarica di caricare in sessione, quando possibile, la configurazione
* personalizzata dell'utente correntemente loggato. NOTA: la sessione viene esplicitamente
* ripulita da qualsiasi configurazione personalizzata non allineata all'utente corrente
*/
@Override
public int service(RequestContext reqCtx, int status) {
if (_log.isLoggable(Level.FINEST)) {
_log.finest("Invocata " + this.getClass().getName());
}
int retStatus = ControllerManager.INVALID_STATUS;
if (status == ControllerManager.ERROR) {
return status;
}
try {
HttpServletRequest req = reqCtx.getRequest();
HttpSession session = req.getSession();
UserDetails currentUser =
(UserDetails) session.getAttribute(SystemConstants.SESSIONPARAM_CURRENT_USER);
if (null == currentUser) {
throw new ApsSystemException("no user on session");
}
PageModelUserConfigBean userConfigBean =
(PageModelUserConfigBean)
session.getAttribute(
JpmyportalSystemConstants.SESSIONPARAM_CURRENT_USER_PAGE_MODEL_CONFIG);
if (!currentUser.getUsername().equals(SystemConstants.GUEST_USER_NAME)
&& !currentUser.getUsername().equals(SystemConstants.ADMIN_USER_NAME)) {
if ((null == userConfigBean
|| !currentUser.getUsername().equals(userConfigBean.getUsername()))) {
userConfigBean =
this.getPageModelUserConfigManager().getUserConfig(currentUser.getUsername());
if (null != userConfigBean) {
session.setAttribute(
JpmyportalSystemConstants.SESSIONPARAM_CURRENT_USER_PAGE_MODEL_CONFIG,
userConfigBean);
} else {
session.removeAttribute(
JpmyportalSystemConstants.SESSIONPARAM_CURRENT_USER_PAGE_MODEL_CONFIG);
}
}
} else {
session.removeAttribute(
JpmyportalSystemConstants.SESSIONPARAM_CURRENT_USER_PAGE_MODEL_CONFIG);
}
retStatus = ControllerManager.CONTINUE;
} catch (Throwable t) {
ApsSystemUtils.logThrowable(t, this, "service", "Error while processing the request");
retStatus = ControllerManager.SYS_ERROR;
reqCtx.setHTTPError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
}
return retStatus;
}
/**
* Recupera un parametro della richiesta.
*
* @param name Il nome del parametro.
* @param reqCtx Il contesto di richiesta.
* @return Il valore del parametro
*/
protected String getParameter(String name, RequestContext reqCtx) {
String param = reqCtx.getRequest().getParameter(name);
return param;
}