Subversion Repositories bacoAlunos

package pt.estgp.es.exemplos.hibernate.web;

import pt.estgp.es.exemplos.hibernate.HibernateUtils;
import pt.estgp.es.exemplos.hibernate.User;
import pt.estgp.es.exemplos.hibernate.UserSession;

import javax.servlet.*;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;


import java.io.IOException;

import static org.hibernate.criterion.Restrictions.like;

public class UserFilter implements 1.5.0/docs/api/java/util/logging/Filter.html">Filter {
  @1.5.0/docs/api/java/lang/Override.html">Override
  public void init(FilterConfig filterConfig) throws ServletException{

  }

  @1.5.0/docs/api/java/lang/Override.html">Override
  public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws 1.5.0/docs/api/java/io/IOException.html">IOException, ServletException {
    HttpServletResponse response=(HttpServletResponse) servletResponse;

    HttpServletRequest request = (HttpServletRequest) servletRequest;
    //request.getSession().getId();
    //SecurityCotextProvider.getInstance().registerSessionContext(request.getSession().getId());

    1.5.0/docs/api/java/lang/System.html">System.out.println(request.getSession().getId());

    HibernateUtils.getCurrentSession().beginTransaction();

    UserSession session= (UserSession) HibernateUtils.getCurrentSession().load(UserSession.class, request.getSession().getId());;
    User u = session.getUser();

    if(u!=null && u.isAdmin()) {
      filterChain.doFilter(servletRequest, response);
    }
    else
      response.sendError(403);

    HibernateUtils.getCurrentSession().getTransaction().commit();
  }

  @1.5.0/docs/api/java/lang/Override.html">Override
  public void destroy() {

  }

}