@Override
public Result filter(final FilterChain filterChain, final Context context) {
boolean blocked = false;
UserDetail userDetail = SecurityUtil.getCurrentUser(context);
if (userDetail == null) {
blocked = true;
}
if (!blocked
&& null != context.getRoute().getControllerClass().getAnnotation(PermissionPolicy.class)) {
blocked = filterWithClassAnnotation(context, userDetail);
}
if (!blocked
&& null != context.getRoute().getControllerMethod().getAnnotation(PermissionPolicy.class)) {
blocked = filterWithMethodAnnotation(context, userDetail);
}
if (blocked) {
return Results.forbidden();
}
return filterChain.next(context);
}
@Override
public Result filter(FilterChain filterChain, Context context) {
if (props.isProd()) {
context.getFlashScope().error("error.unauthorizedAccess");
return Results.redirect(router.getReverseRoute(AuthController.class, "login"));
}
return filterChain.next(context);
}