Subversion Repositories bacoAlunos

Rev

Go to most recent revision | Blame | Compare with Previous | Last modification | View Log | RSS feed

package pt.estgp.es.exemplos.hibernate.security.logic;

import org.apache.log4j.Logger;
import org.aspectj.lang.ProceedingJoinPoint;
import org.aspectj.lang.annotation.Around;
import org.aspectj.lang.annotation.Aspect;
import org.aspectj.lang.annotation.Pointcut;
import pt.estgp.es.exemplos.hibernate.HibernateUtils;
import pt.estgp.es.exemplos.hibernate.UserSession;
import pt.estgp.es.exemplos.hibernate.security.SecurityContextProvider;


/**
 * Created by jorgemachado on 18/10/18.
 */
@Aspect
public class SecurityAspects
{
    private static final 1.5.0/docs/api/java/util/logging/Logger.html">Logger logger= 1.5.0/docs/api/java/util/logging/Logger.html">Logger.getLogger(SecurityAspects.class);


    //Defines a pointcut that we can use in the @Before,@After, @AfterThrowing, @AfterReturning,@Around specifications
    //The pointcut will look for the @YourAnnotation
    @Pointcut("@annotation(Transaction)")
    public void serviceTransactionPointCutDefinition(){}

    @Pointcut("@annotation(IsAuthenticated)")
    public void isAuthenticatedPointCut(){}

    @Pointcut("@annotation(hasRole)")
    public void hasRolePointCut(HasRole hasRole){}

    @Pointcut("@annotation(printParameterExample)")
    public void printParameterExamplePointCut(PrintParameterExample printParameterExample){}

    @Pointcut("execution(* *(..))")
    public void executionPointCut(){}

    @Around("serviceTransactionPointCutDefinition() && executionPointCut()")
    public 5+0%2Fdocs%2Fapi+Object">Object envolventeServico(ProceedingJoinPoint pjp) throws 1.5.0/docs/api/java/lang/Throwable.html">Throwable
    {
        HibernateUtils.getCurrentSession().beginTransaction();
        //Sugestão: um motor de serviços poderia neste ponto abrir a transação na base de dados
        1.5.0/docs/api/java/lang/System.html">System.out.println("Iniciando chamada do servico:" + pjp.getSignature().getName() +
                " na classe " + pjp.getSourceLocation().getClass().getName());
        try {
            5+0%2Fdocs%2Fapi+Object">Object returnObj = pjp.proceed();
            //Sugestão: um motor de serviços poderia neste ponto fazer commit da transação na base de dados
            1.5.0/docs/api/java/lang/System.html">System.out.println("Terminado chamada do servico");
            HibernateUtils.getCurrentSession().getTransaction().commit();

            return returnObj;
        } catch (1.5.0/docs/api/java/lang/Exception.html">Exception e) {
            HibernateUtils.getCurrentSession().getTransaction().rollback();

            //Sugestão: um motor de serviços poderia neste ponto fazer rollback da transação na base de dados
            1.5.0/docs/api/java/lang/System.html">System.out.println("Excepcao no Servico");
            throw e;
        }
    }

    @Around("isAuthenticatedPointCut() && executionPointCut()")
    public 5+0%2Fdocs%2Fapi+Object">Object isAuthenticatedAdvise(ProceedingJoinPoint pjp) throws 1.5.0/docs/api/java/lang/Throwable.html">Throwable
    {
        1.5.0/docs/api/java/lang/String.html">String cookie = SecurityContextProvider.getInstance().getSecuritySessionContext().getRequester();

        //Com o cookie ir buscar a sessao e seguidamente o User e ver se esta logado
        if(true)
            return pjp.proceed();
        throw new NotAuthenticatedException("Access Denied, not authenticated at " + pjp.getSourceLocation().getFileName() + " " + pjp.getSourceLocation().getLine() + " service: " + pjp.getSignature().getName());
    }

    @Around("hasRolePointCut(hasRole) && executionPointCut()")
    public 5+0%2Fdocs%2Fapi+Object">Object hasRoleAdvise(ProceedingJoinPoint pjp, HasRole hasRole) throws 1.5.0/docs/api/java/lang/Throwable.html">Throwable
    {
        //String username = SecurityContextProvider.getInstance().getSecuritySessionContext().getUsername();
        1.5.0/docs/api/java/lang/String.html">String cookie = SecurityContextProvider.getInstance().getSecuritySessionContext().getRequester();
        //verificar se o username é um user com o role que está em hasRole.role()
        /*if(session.getUser() == null){
            throw new FailRoleException("Access Denied, does not have role " + hasRole.role() + " at " + pjp.getSourceLocation().getFileName() + " " + pjp.getSourceLocation().getLine() + " service: " + pjp.getSignature().getName());
        }*/
        boolean pass = false;
        if(pass)
           return pjp.proceed();
        throw new FailRoleException("Access Denied, does not have role " + hasRole.role() + " at " + pjp.getSourceLocation().getFileName() + " " + pjp.getSourceLocation().getLine() + " service: " + pjp.getSignature().getName());
    }

    @Around("printParameterExamplePointCut(printParameterExample) && executionPointCut()")
    public 5+0%2Fdocs%2Fapi+Object">Object printParameterExampleAdvise(ProceedingJoinPoint pjp, PrintParameterExample printParameterExample) throws 1.5.0/docs/api/java/lang/Throwable.html">Throwable
    {
        1.5.0/docs/api/java/lang/System.html">System.out.println("PARAMETRO: " + JointPointUtils.getParameter(pjp,printParameterExample.paramName()));
        return pjp.proceed();
    }
}