1 | package edu.gjoko.schedlr.config;
|
---|
2 |
|
---|
3 | import org.springframework.security.core.GrantedAuthority;
|
---|
4 | import org.springframework.security.core.context.SecurityContextImpl;
|
---|
5 | import org.springframework.security.core.userdetails.UserDetails;
|
---|
6 | import org.springframework.web.filter.GenericFilterBean;
|
---|
7 |
|
---|
8 | import javax.servlet.FilterChain;
|
---|
9 | import javax.servlet.ServletException;
|
---|
10 | import javax.servlet.ServletRequest;
|
---|
11 | import javax.servlet.ServletResponse;
|
---|
12 | import javax.servlet.http.HttpServletRequest;
|
---|
13 | import javax.servlet.http.HttpSession;
|
---|
14 | import java.io.IOException;
|
---|
15 | import java.util.Collection;
|
---|
16 | import java.util.HashMap;
|
---|
17 | import java.util.Map;
|
---|
18 |
|
---|
19 | public class AppFilter extends GenericFilterBean {
|
---|
20 | @Override
|
---|
21 | public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
|
---|
22 | HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
|
---|
23 | HttpSession session = httpServletRequest.getSession(false);
|
---|
24 |
|
---|
25 | if(session != null) {
|
---|
26 | Map<String, String> roleTargetUrlMap = new HashMap<>();
|
---|
27 | roleTargetUrlMap.put("ADMIN", "/date");
|
---|
28 | roleTargetUrlMap.put("CUSTOMER", "/number");
|
---|
29 | roleTargetUrlMap.put("BUSINESS_OWNER", "");
|
---|
30 | SecurityContextImpl sci = (SecurityContextImpl) session.getAttribute("SPRING_SECURITY_CONTEXT");
|
---|
31 | if(sci != null) {
|
---|
32 | UserDetails userDetails = (UserDetails) sci.getAuthentication().getPrincipal();
|
---|
33 | final Collection<? extends GrantedAuthority> authorities = userDetails.getAuthorities();
|
---|
34 | for (final GrantedAuthority grantedAuthority : authorities) {
|
---|
35 | String authorityName = grantedAuthority.getAuthority();
|
---|
36 | if("DATE".equalsIgnoreCase(authorityName)) {
|
---|
37 | servletRequest.getRequestDispatcher("date").forward(servletRequest, servletResponse);
|
---|
38 | return;
|
---|
39 | } else if("GUESS_NUMBER".equalsIgnoreCase(authorityName)) {
|
---|
40 | try {
|
---|
41 | servletRequest.getRequestDispatcher("number").forward(servletRequest, servletResponse);
|
---|
42 | } catch (Exception e) {
|
---|
43 | e.printStackTrace();
|
---|
44 | }
|
---|
45 |
|
---|
46 | return;
|
---|
47 | }
|
---|
48 | }
|
---|
49 | }
|
---|
50 | }
|
---|
51 | filterChain.doFilter(servletRequest, servletResponse);
|
---|
52 | }
|
---|
53 | }
|
---|