Details | Last modification | View Log | RSS feed
Rev | Author | Line No. | Line |
---|---|---|---|
2007 | es | 1 | package pt.estgp.es.exemplos.hibernate.security.logic; |
2 | |||
3 | import org.apache.log4j.Logger; |
||
4 | import org.aspectj.lang.ProceedingJoinPoint; |
||
5 | import org.aspectj.lang.annotation.Around; |
||
6 | import org.aspectj.lang.annotation.Aspect; |
||
7 | import org.aspectj.lang.annotation.Pointcut; |
||
8 | import pt.estgp.es.exemplos.hibernate.HibernateUtils; |
||
9 | import pt.estgp.es.exemplos.hibernate.UserSession; |
||
10 | import pt.estgp.es.exemplos.hibernate.security.SecurityContextProvider; |
||
11 | |||
12 | import java.util.Arrays; |
||
13 | |||
14 | |||
15 | /** |
||
16 | * Created by jorgemachado on 18/10/18. |
||
17 | */ |
||
18 | @Aspect |
||
19 | public class SecurityAspects |
||
20 | { |
||
21 | |||
22 | private static final 1.5.0/docs/api/java/util/logging/Logger.html">Logger logger = 1.5.0/docs/api/java/util/logging/Logger.html">Logger.getLogger(SecurityAspects.class); |
||
23 | //Defines a pointcut that we can use in the @Before,@After, @AfterThrowing, @AfterReturning,@Around specifications |
||
24 | //The pointcut will look for the @YourAnnotation |
||
25 | @Pointcut("@annotation(Transaction)") |
||
26 | public void serviceTransactionPointCutDefinition(){} |
||
27 | |||
28 | |||
29 | @Pointcut("@annotation(IsAuthenticated)") |
||
30 | public void isAuthenticatedPointCut(){} |
||
31 | |||
32 | @Pointcut("@annotation(hasRole)") |
||
33 | public void hasRolePointCut(HasRole hasRole){} |
||
34 | |||
35 | @Pointcut("@annotation(printParameterExample)") |
||
36 | public void printParameterExamplePointCut(PrintParameterExample printParameterExample){} |
||
37 | |||
38 | @Pointcut("execution(* *(..))") |
||
39 | public void executionPointCut(){} |
||
40 | |||
41 | |||
42 | @Around("serviceTransactionPointCutDefinition() && executionPointCut()") |
||
43 | public 5+0%2Fdocs%2Fapi+Object">Object envolventeServico(ProceedingJoinPoint pjp) throws 1.5.0/docs/api/java/lang/Throwable.html">Throwable |
||
44 | { |
||
45 | HibernateUtils.getCurrentSession().beginTransaction(); |
||
46 | //Sugestão: um motor de serviços poderia neste ponto abrir a transação na base de dados |
||
47 | logger.info("Iniciando chamada do servico:" + pjp.getSignature().getName() + |
||
48 | " na classe " + pjp.getSourceLocation().getClass().getName()); |
||
49 | try { |
||
50 | 5+0%2Fdocs%2Fapi+Object">Object returnObj = pjp.proceed(); |
||
51 | //Sugestão: um motor de serviços poderia neste ponto fazer commit da transação na base de dados |
||
52 | logger.info("Terminado chamada do servico"); |
||
53 | HibernateUtils.getCurrentSession().getTransaction().commit(); |
||
54 | return returnObj; |
||
55 | } catch (1.5.0/docs/api/java/lang/Exception.html">Exception e) { |
||
56 | HibernateUtils.getCurrentSession().getTransaction().rollback(); |
||
57 | //Sugestão: um motor de serviços poderia neste ponto fazer rollback da transação na base de dados |
||
58 | logger.error("Excepcao no Servico",e); |
||
59 | throw e; |
||
60 | } |
||
61 | } |
||
62 | |||
63 | |||
64 | @Around("isAuthenticatedPointCut() && executionPointCut()") |
||
65 | public 5+0%2Fdocs%2Fapi+Object">Object isAuthenticatedAdvise(ProceedingJoinPoint pjp) throws 1.5.0/docs/api/java/lang/Throwable.html">Throwable |
||
66 | { |
||
67 | logger.info("Is Authenticated Aspect"); |
||
68 | 1.5.0/docs/api/java/lang/String.html">String cookie = SecurityContextProvider.getInstance().getSecuritySessionContext().getRequester(); |
||
69 | UserSession session = (UserSession) HibernateUtils.getCurrentSession().load(UserSession.class,cookie); |
||
70 | |||
71 | if(session.getUser() != null) |
||
72 | return pjp.proceed(); |
||
73 | //Com o cookie ir buscar a sessao e seguidamente o User e ver se esta logado |
||
74 | |||
75 | |||
76 | throw new NotAuthenticatedException("Access Denied, not authenticated at " + pjp.getSourceLocation().getFileName() + " " + pjp.getSourceLocation().getLine() + " service: " + pjp.getSignature().getName()); |
||
77 | } |
||
78 | |||
79 | @Around("hasRolePointCut(hasRole) && executionPointCut()") |
||
80 | public 5+0%2Fdocs%2Fapi+Object">Object hasRoleAdvise(ProceedingJoinPoint pjp, HasRole hasRole) throws 1.5.0/docs/api/java/lang/Throwable.html">Throwable |
||
81 | { |
||
82 | logger.info("Has Role Aspect"); |
||
83 | 1.5.0/docs/api/java/lang/String.html">String cookie = SecurityContextProvider.getInstance().getSecuritySessionContext().getRequester(); |
||
84 | UserSession session = (UserSession) HibernateUtils.getCurrentSession().load(UserSession.class,cookie); |
||
85 | |||
86 | 1.5.0/docs/api/java/lang/String.html">String[] rolesIn = hasRole.role().split(","); |
||
87 | if(session.getUser() == null) |
||
88 | throw new NotAuthenticatedException("Access Denied, not authenticated at " + pjp.getSourceLocation().getFileName() + " " + pjp.getSourceLocation().getLine() + " service: " + pjp.getSignature().getName()); |
||
89 | //session.getUser().get |
||
90 | //verificar se o username é um user com o role que está em hasRole.role() |
||
91 | if(session.getUser().getRoles() == null) |
||
92 | throw new NotAuthenticatedException("Access Denied, missing role at " + pjp.getSourceLocation().getFileName() + " " + pjp.getSourceLocation().getLine() + " service: " + pjp.getSignature().getName()); |
||
93 | |||
94 | 1.5.0/docs/api/java/lang/String.html">String[] roles = session.getUser().getRoles().split(","); |
||
95 | for(1.5.0/docs/api/java/lang/String.html">String checkRole: rolesIn) |
||
96 | { |
||
97 | if(1.5.0/docs/api/java/util/Arrays.html">Arrays.asList(roles).contains(checkRole)) |
||
98 | { |
||
99 | return pjp.proceed(); |
||
100 | } |
||
101 | } |
||
102 | |||
103 | throw new FailRoleException("Access Denied, does not have role " + hasRole.role() + " at " + pjp.getSourceLocation().getFileName() + " " + pjp.getSourceLocation().getLine() + " service: " + pjp.getSignature().getName()); |
||
104 | } |
||
105 | |||
106 | @Around("printParameterExamplePointCut(printParameterExample) && executionPointCut()") |
||
107 | public 5+0%2Fdocs%2Fapi+Object">Object printParameterExampleAdvise(ProceedingJoinPoint pjp, PrintParameterExample printParameterExample) throws 1.5.0/docs/api/java/lang/Throwable.html">Throwable |
||
108 | { |
||
109 | 1.5.0/docs/api/java/lang/System.html">System.out.println("PARAMETRO: " + JointPointUtils.getParameter(pjp,printParameterExample.paramName())); |
||
110 | return pjp.proceed(); |
||
111 | } |
||
112 | |||
113 | |||
114 | |||
115 | } |