| 1 | package edu.gjoko.schedlr.config;
|
|---|
| 2 |
|
|---|
| 3 | import org.springframework.security.core.GrantedAuthority;
|
|---|
| 4 | import org.springframework.security.core.context.SecurityContextImpl;
|
|---|
| 5 | import org.springframework.security.core.userdetails.UserDetails;
|
|---|
| 6 | import org.springframework.web.filter.GenericFilterBean;
|
|---|
| 7 |
|
|---|
| 8 | import javax.servlet.FilterChain;
|
|---|
| 9 | import javax.servlet.ServletException;
|
|---|
| 10 | import javax.servlet.ServletRequest;
|
|---|
| 11 | import javax.servlet.ServletResponse;
|
|---|
| 12 | import javax.servlet.http.HttpServletRequest;
|
|---|
| 13 | import javax.servlet.http.HttpSession;
|
|---|
| 14 | import java.io.IOException;
|
|---|
| 15 | import java.util.Collection;
|
|---|
| 16 | import java.util.HashMap;
|
|---|
| 17 | import java.util.Map;
|
|---|
| 18 |
|
|---|
| 19 | public class AppFilter extends GenericFilterBean {
|
|---|
| 20 | @Override
|
|---|
| 21 | public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
|
|---|
| 22 | HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
|
|---|
| 23 | HttpSession session = httpServletRequest.getSession(false);
|
|---|
| 24 |
|
|---|
| 25 | if(session != null) {
|
|---|
| 26 | Map<String, String> roleTargetUrlMap = new HashMap<>();
|
|---|
| 27 | roleTargetUrlMap.put("ADMIN", "/date");
|
|---|
| 28 | roleTargetUrlMap.put("CUSTOMER", "/number");
|
|---|
| 29 | roleTargetUrlMap.put("BUSINESS_OWNER", "");
|
|---|
| 30 | SecurityContextImpl sci = (SecurityContextImpl) session.getAttribute("SPRING_SECURITY_CONTEXT");
|
|---|
| 31 | if(sci != null) {
|
|---|
| 32 | UserDetails userDetails = (UserDetails) sci.getAuthentication().getPrincipal();
|
|---|
| 33 | final Collection<? extends GrantedAuthority> authorities = userDetails.getAuthorities();
|
|---|
| 34 | for (final GrantedAuthority grantedAuthority : authorities) {
|
|---|
| 35 | String authorityName = grantedAuthority.getAuthority();
|
|---|
| 36 | if("DATE".equalsIgnoreCase(authorityName)) {
|
|---|
| 37 | servletRequest.getRequestDispatcher("date").forward(servletRequest, servletResponse);
|
|---|
| 38 | return;
|
|---|
| 39 | } else if("GUESS_NUMBER".equalsIgnoreCase(authorityName)) {
|
|---|
| 40 | try {
|
|---|
| 41 | servletRequest.getRequestDispatcher("number").forward(servletRequest, servletResponse);
|
|---|
| 42 | } catch (Exception e) {
|
|---|
| 43 | e.printStackTrace();
|
|---|
| 44 | }
|
|---|
| 45 |
|
|---|
| 46 | return;
|
|---|
| 47 | }
|
|---|
| 48 | }
|
|---|
| 49 | }
|
|---|
| 50 | }
|
|---|
| 51 | filterChain.doFilter(servletRequest, servletResponse);
|
|---|
| 52 | }
|
|---|
| 53 | }
|
|---|
