source: src/main/java/edu/gjoko/schedlr/config/AppFilter.java@ 8bcd64c

Last change on this file since 8bcd64c was 8bcd64c, checked in by Gjoko Kostadinov <gjoko.kostadinov@…>, 15 months ago

Add admin functionality and business admin functionality.
  • Property mode set to 100644
File size: 3.9 KB
Line 
1package edu.gjoko.schedlr.config;
2
3import edu.gjoko.schedlr.services.PostgresUserDetailsService;
4import lombok.RequiredArgsConstructor;
5import org.springframework.security.core.GrantedAuthority;
6import org.springframework.security.core.context.SecurityContextImpl;
7import org.springframework.security.core.userdetails.UserDetails;
8import org.springframework.util.StringUtils;
9import org.springframework.web.bind.annotation.RequestBody;
10import org.springframework.web.filter.GenericFilterBean;
11
12import javax.servlet.FilterChain;
13import javax.servlet.ServletException;
14import javax.servlet.ServletRequest;
15import javax.servlet.ServletResponse;
16import javax.servlet.http.HttpServletRequest;
17import javax.servlet.http.HttpServletResponse;
18import javax.servlet.http.HttpSession;
19import java.io.IOException;
20import java.util.Collection;
21import java.util.HashMap;
22import java.util.Map;
23
24@RequiredArgsConstructor
25public class AppFilter extends GenericFilterBean {
26
27 private final PostgresUserDetailsService userDetailsService;
28 @Override
29 public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
30 HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
31 HttpSession session = httpServletRequest.getSession(false);
32 HttpServletResponse response = (HttpServletResponse) servletResponse;
33
34 if(httpServletRequest.getRequestURI().endsWith(".js")
35 || httpServletRequest.getRequestURI().endsWith(".css")) {
36 filterChain.doFilter(servletRequest, servletResponse);
37 return;
38 }
39
40 if(httpServletRequest.getRequestURI().startsWith("/api")) {
41 session = ((HttpServletRequest) servletRequest).getSession(true);
42 SecurityContextImpl sci = (SecurityContextImpl) session.getAttribute("SPRING_SECURITY_CONTEXT");
43
44 if(sci != null && session.getAttribute("stakeholderId") == null) {
45 UserDetails userDetails = (UserDetails) sci.getAuthentication().getPrincipal();
46 Long stakeholderId = userDetailsService.loadStakeholderId(userDetails.getUsername());
47 session.setAttribute("stakeholderId", stakeholderId);
48 }
49 filterChain.doFilter(servletRequest, servletResponse);
50 return;
51 }
52
53 if(session != null) {
54 SecurityContextImpl sci = (SecurityContextImpl) session.getAttribute("SPRING_SECURITY_CONTEXT");
55 if(sci != null) {
56 UserDetails userDetails = (UserDetails) sci.getAuthentication().getPrincipal();
57 Long stakeholderId = userDetailsService.loadStakeholderId(userDetails.getUsername());
58 session.setAttribute("stakeholderId", stakeholderId);
59
60 final Collection<? extends GrantedAuthority> authorities = userDetails.getAuthorities();
61 for (final GrantedAuthority grantedAuthority : authorities) {
62 String authorityName = grantedAuthority.getAuthority();
63 String page = "";
64 switch (authorityName) {
65 case "ADMIN":
66 page = "/admin";
67 break;
68 case "CUSTOMER":
69 page = "/homepage";
70 break;
71 case "BUSINESS_OWNER":
72 page = "/business_admin";
73 break;
74 default:
75 break;
76 }
77 if(page != null && !page.trim().isEmpty()) {
78 servletRequest.getRequestDispatcher(page).forward(servletRequest, servletResponse);
79 return;
80 }
81 }
82 }
83 }
84 filterChain.doFilter(servletRequest, servletResponse);
85 }
86}
Note: See TracBrowser for help on using the repository browser.