Coverage Report

Coverage Report - org.kuali.rice.kns.web.spring.UifControllerHandlerInterceptor

Classes in this File

Line Coverage

Branch Coverage

Complexity

UifControllerHandlerInterceptor

0/27

0/14

3.667

 /*
  * Copyright 2007 The Kuali Foundation
  *
  * Licensed under the Educational Community License, Version 1.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
  *
  * http://www.opensource.org/licenses/ecl1.php
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
 package org.kuali.rice.kns.web.spring;
 
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
 import org.apache.log4j.Level;
 import org.apache.log4j.Logger;
 import org.kuali.rice.core.api.services.CoreApiServiceLocator;
 import org.kuali.rice.core.framework.services.CoreFrameworkServiceLocator;
 import org.kuali.rice.kns.UserSession;
 import org.kuali.rice.kns.uif.UifConstants;
 import org.kuali.rice.kns.util.GlobalVariables;
 import org.kuali.rice.kns.util.KNSConstants;
 import org.kuali.rice.kns.util.WebUtils;
 import org.kuali.rice.kns.web.spring.controller.UifControllerBase;
 import org.kuali.rice.kns.web.spring.form.UifFormBase;
 import org.springframework.web.servlet.HandlerInterceptor;
 import org.springframework.web.servlet.ModelAndView;
 
 /**
  * This is a description of what this class does - swgibson don't forget to fill this in. 
  * 
  * @author Kuali Rice Team (rice.collab@kuali.org)
  *
  */
 public class UifControllerHandlerInterceptor implements HandlerInterceptor {
     
     private static final Logger LOG = Logger.getLogger(UifControllerHandlerInterceptor.class);
     
     private static Boolean OUTPUT_ENCRYPTION_WARNING = null;
 
     @Override
     public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {
 
     // do nothing
     }
 
     @Override
     public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception {
         
         if(handler instanceof UifControllerBase) {
             UifControllerBase controller = (UifControllerBase)handler;
             UifFormBase form = null;
             
             Object model = modelAndView.getModelMap().get(UifConstants.DEFAULT_MODEL_NAME);
             if(model instanceof UifFormBase) {
                 form = (UifFormBase)model;
             }
             
             // store form in session
             form.setPreviousView(null);
             request.getSession().setAttribute(form.getFormKey(), model);
             
             // currently methodToCall must be a regularly parseable request parameter, so just get from request
             String methodToCall = request.getParameter(KNSConstants.DISPATCH_REQUEST_PARAMETER);
             
             // make sure the user can do what they're trying to according to the module that owns the functionality
             // this is done post handle to be able to access the form and whatever processing
             // was done (this was the same pre-krad)
             if (!controller.getMethodToCallsToNotCheckAuthorization().contains(methodToCall)) {
                 if (LOG.isDebugEnabled()) {
                     LOG.debug("'" + methodToCall + "' not in set of excempt methods: " + controller.getMethodToCallsToNotCheckAuthorization());
                 }
                 
                 controller.checkAuthorization(form, methodToCall);
             } else {
                 if (LOG.isDebugEnabled()) {
                     LOG.debug("'" + methodToCall + "' is exempt from auth checks.");
                 }
             }
         }
 
         // check if demonstration encryption is enabled
         if (LOG.isEnabledFor(Level.WARN)) {
                 // TODO: need someway to determine if demo encryption is running
 //            if (OUTPUT_ENCRYPTION_WARNING == null) {
 //                OUTPUT_ENCRYPTION_WARNING = Boolean.valueOf(CoreFrameworkServiceLocator.getParameterService().getParameterValueAsBoolean(KNSConstants.KNS_NAMESPACE, KNSConstants.DetailTypes.ALL_DETAIL_TYPE, KNSConstants.SystemGroupParameterNames.CHECK_ENCRYPTION_SERVICE_OVERRIDE_IND) && CoreApiServiceLocator.getEncryptionService() instanceof Demonstration);
 //            }
 //            if (OUTPUT_ENCRYPTION_WARNING.booleanValue()) {
 //                LOG.warn("WARNING: This implementation of Kuali uses the demonstration encryption framework.");
 //            }
         }
     }
 
     /**
      * @see org.springframework.web.servlet.HandlerInterceptor#preHandle(javax.servlet.http.HttpServletRequest,
      *      javax.servlet.http.HttpServletResponse, java.lang.Object)
      */
     @Override
     public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
 
         final UserSession session = WebUtils.getUserSessionFromRequest(request);
 
         if (session == null) {
             throw new IllegalStateException("the user session has not been established");
         }
 
         GlobalVariables.setUserSession(session);
         GlobalVariables.clear();
 
         return true;
     }
 
 }

1		/*
2		* Copyright 2007 The Kuali Foundation
3		*
4		* Licensed under the Educational Community License, Version 1.0 (the "License");
5		* you may not use this file except in compliance with the License.
6		* You may obtain a copy of the License at
7		*
8		* http://www.opensource.org/licenses/ecl1.php
9		*
10		* Unless required by applicable law or agreed to in writing, software
11		* distributed under the License is distributed on an "AS IS" BASIS,
12		* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13		* See the License for the specific language governing permissions and
14		* limitations under the License.
15		*/
16		package org.kuali.rice.kns.web.spring;
17
18		import javax.servlet.http.HttpServletRequest;
19		import javax.servlet.http.HttpServletResponse;
20
21		import org.apache.log4j.Level;
22		import org.apache.log4j.Logger;
23		import org.kuali.rice.core.api.services.CoreApiServiceLocator;
24		import org.kuali.rice.core.framework.services.CoreFrameworkServiceLocator;
25		import org.kuali.rice.kns.UserSession;
26		import org.kuali.rice.kns.uif.UifConstants;
27		import org.kuali.rice.kns.util.GlobalVariables;
28		import org.kuali.rice.kns.util.KNSConstants;
29		import org.kuali.rice.kns.util.WebUtils;
30		import org.kuali.rice.kns.web.spring.controller.UifControllerBase;
31		import org.kuali.rice.kns.web.spring.form.UifFormBase;
32		import org.springframework.web.servlet.HandlerInterceptor;
33		import org.springframework.web.servlet.ModelAndView;
34
35		/**
36		* This is a description of what this class does - swgibson don't forget to fill this in.
37		*
38		* @author Kuali Rice Team (rice.collab@kuali.org)
39		*
40		*/
41	0	public class UifControllerHandlerInterceptor implements HandlerInterceptor {
42
43	0	private static final Logger LOG = Logger.getLogger(UifControllerHandlerInterceptor.class);
44
45	0	private static Boolean OUTPUT_ENCRYPTION_WARNING = null;
46
47		@Override
48		public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {
49
50		// do nothing
51	0	}
52
53		@Override
54		public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception {
55
56	0	if(handler instanceof UifControllerBase) {
57	0	UifControllerBase controller = (UifControllerBase)handler;
58	0	UifFormBase form = null;
59
60	0	Object model = modelAndView.getModelMap().get(UifConstants.DEFAULT_MODEL_NAME);
61	0	if(model instanceof UifFormBase) {
62	0	form = (UifFormBase)model;
63		}
64
65		// store form in session
66	0	form.setPreviousView(null);
67	0	request.getSession().setAttribute(form.getFormKey(), model);
68
69		// currently methodToCall must be a regularly parseable request parameter, so just get from request
70	0	String methodToCall = request.getParameter(KNSConstants.DISPATCH_REQUEST_PARAMETER);
71
72		// make sure the user can do what they're trying to according to the module that owns the functionality
73		// this is done post handle to be able to access the form and whatever processing
74		// was done (this was the same pre-krad)
75	0	if (!controller.getMethodToCallsToNotCheckAuthorization().contains(methodToCall)) {
76	0	if (LOG.isDebugEnabled()) {
77	0	LOG.debug("'" + methodToCall + "' not in set of excempt methods: " + controller.getMethodToCallsToNotCheckAuthorization());
78		}
79
80	0	controller.checkAuthorization(form, methodToCall);
81		} else {
82	0	if (LOG.isDebugEnabled()) {
83	0	LOG.debug("'" + methodToCall + "' is exempt from auth checks.");
84		}
85		}
86		}
87
88		// check if demonstration encryption is enabled
89	0	if (LOG.isEnabledFor(Level.WARN)) {
90		// TODO: need someway to determine if demo encryption is running
91		// if (OUTPUT_ENCRYPTION_WARNING == null) {
92		// OUTPUT_ENCRYPTION_WARNING = Boolean.valueOf(CoreFrameworkServiceLocator.getParameterService().getParameterValueAsBoolean(KNSConstants.KNS_NAMESPACE, KNSConstants.DetailTypes.ALL_DETAIL_TYPE, KNSConstants.SystemGroupParameterNames.CHECK_ENCRYPTION_SERVICE_OVERRIDE_IND) && CoreApiServiceLocator.getEncryptionService() instanceof Demonstration);
93		// }
94		// if (OUTPUT_ENCRYPTION_WARNING.booleanValue()) {
95		// LOG.warn("WARNING: This implementation of Kuali uses the demonstration encryption framework.");
96		// }
97		}
98	0	}
99
100		/**
101		* @see org.springframework.web.servlet.HandlerInterceptor#preHandle(javax.servlet.http.HttpServletRequest,
102		* javax.servlet.http.HttpServletResponse, java.lang.Object)
103		*/
104		@Override
105		public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
106
107	0	final UserSession session = WebUtils.getUserSessionFromRequest(request);
108
109	0	if (session == null) {
110	0	throw new IllegalStateException("the user session has not been established");
111		}
112
113	0	GlobalVariables.setUserSession(session);
114	0	GlobalVariables.clear();
115
116	0	return true;
117		}
118
119		}