Example 51 with HttpSession
use of javax.servlet.http.HttpSession in project head by mifos.
the class MifosRequestProcessor method checkProcessRoles.
protected boolean checkProcessRoles(HttpServletRequest request, HttpServletResponse response, ActionMapping mapping) {
boolean returnValue = true;
if (request.getSession() != null && request.getSession().getAttribute("UserContext") != null) {
HttpSession session = request.getSession();
ActivityMapper activityMapper = ActivityMapper.getInstance();
String path = mapping.getPath();
String method = request.getParameter("method");
String key = path + "-" + method;
Short activityId = null;
if (null != method && (method.equals("cancel") || method.equals("validate") || method.equals("searchPrev") || method.equals("searchNext"))) {
return true;
}
String activityKey = null;
if (isReportRequest(request)) {
String reportId = request.getParameter("reportId");
activityKey = key + "-" + reportId;
activityId = activityMapper.getActivityId(activityKey);
} else {
activityId = activityMapper.getActivityId(key);
request.setAttribute(Globals.ERROR_KEY, null);
}
if (null == activityId) {
activityKey = path + "-" + request.getParameter("viewPath");
activityId = activityMapper.getActivityId(activityKey);
}
// Check for fine-grained permissions
if (null == activityId) {
activityKey = key + "-" + session.getAttribute(SecurityConstants.SECURITY_PARAM);
activityId = activityMapper.getActivityId(activityKey);
}
if (null == activityId) {
return false;
} else if (activityId.shortValue() == 0) {
return true;
}
returnValue = ApplicationContextProvider.getBean(LegacyRolesPermissionsDao.class).isActivityAllowed((UserContext) session.getAttribute("UserContext"), setActivityContextFromRequest(request, activityId));
}
return returnValue;
}
Also used :
HttpSession(javax.servlet.http.HttpSession)
UserContext(org.mifos.security.util.UserContext)
ActivityMapper(org.mifos.security.util.ActivityMapper)
Example 52 with HttpSession
use of javax.servlet.http.HttpSession in project head by mifos.
the class MifosRequestProcessor method setActivityContextFromRequest.
private ActivityContext setActivityContextFromRequest(HttpServletRequest request, Short activityId) {
HttpSession session = request.getSession();
ActivityContext activityContext = (ActivityContext) session.getAttribute("ActivityContext");
if (activityContext != null) {
// get the values from the request
String recordOfficeId = request.getParameter("recordOfficeId");
String recordLoanOfficerId = request.getParameter("recordLoanOfficerId");
short recordOffId = -1;
short recordLoOffId = -1;
try {
/*
* The null case is if one or both parameters was omitted.
* What's the difference between supplying these as parameters
* versus the UserContext, versus just using what is in the
* ActivityContext?
*/
if (recordOfficeId != null) {
recordOffId = Short.valueOf(recordOfficeId).shortValue();
}
if (recordLoanOfficerId != null) {
recordLoOffId = Short.valueOf(recordLoanOfficerId).shortValue();
}
} catch (NumberFormatException e) {
throw new RuntimeException(e);
}
if (recordOffId > 0 && recordLoOffId > 0) {
activityContext.setRecordOfficeId(recordOffId);
activityContext.setRecordLoanOfficer(recordLoOffId);
} else if (recordOffId == 0 && recordLoOffId == 0) {
if (session.getAttribute("UserContext") != null) {
UserContext uc = (UserContext) session.getAttribute("UserContext");
activityContext.setRecordOfficeId(uc.getBranchId());
activityContext.setRecordLoanOfficer(uc.getId());
}
}
activityContext.setActivityId(activityId);
return activityContext;
} else {
// TODO: Can this happen? Why? Is null right?
return null;
}
}
Also used :
ActivityContext(org.mifos.security.util.ActivityContext)
HttpSession(javax.servlet.http.HttpSession)
UserContext(org.mifos.security.util.UserContext)
Example 53 with HttpSession
use of javax.servlet.http.HttpSession in project head by mifos.
the class SessionUtils method setAttribute.
/**
* Save a single Serializable object into the HttpSession via a FlowManager.
*/
public static void setAttribute(String key, Serializable value, HttpServletRequest request) throws PageExpiredException {
logger.debug("An attribute being set in the session with key being " + key);
String currentFlowKey = (String) request.getAttribute(Constants.CURRENTFLOWKEY);
HttpSession session = request.getSession();
FlowManager flowManager = (FlowManager) session.getAttribute(Constants.FLOWMANAGER);
flowManager.addObjectToFlow(currentFlowKey, key, value);
}
Also used :
HttpSession(javax.servlet.http.HttpSession)
Example 54 with HttpSession
use of javax.servlet.http.HttpSession in project head by mifos.
the class SessionUtils method removeAttribute.
public static void removeAttribute(String key, HttpServletRequest request) throws PageExpiredException {
logger.debug("Clean up in session utils has been called");
String currentFlowKey = (String) request.getAttribute(Constants.CURRENTFLOWKEY);
HttpSession session = request.getSession();
FlowManager flowManager = (FlowManager) session.getAttribute(Constants.FLOWMANAGER);
flowManager.removeFromFlow(currentFlowKey, key);
logger.debug("The attribute being removed from session is" + key);
}
Also used :
HttpSession(javax.servlet.http.HttpSession)
Example 55 with HttpSession
use of javax.servlet.http.HttpSession in project head by mifos.
the class SessionUtils method setQueryResultAttribute.
/**
* This method is a placeholder which documents where objects implmenting
* the QueryResult interface are saved into the httpsession. QueryResults
* objects are not Serializable so they should not be saved into an
* httpsession in their current form. They either need to be modified so
* that they are Serializable or the mechanism to pass query results to the
* presentation tier needs to be refactored.
*/
public static void setQueryResultAttribute(String key, QueryResult value, HttpServletRequest request) throws PageExpiredException {
logger.debug("An attribute being set in the session with key being " + key);
String currentFlowKey = (String) request.getAttribute(Constants.CURRENTFLOWKEY);
HttpSession session = request.getSession();
FlowManager flowManager = (FlowManager) session.getAttribute(Constants.FLOWMANAGER);
flowManager.addQueryResultToFlow(currentFlowKey, key, value);
}
Also used :
HttpSession(javax.servlet.http.HttpSession)
Aggregations
HttpSession (javax.servlet.http.HttpSession)730
HttpServletRequest (javax.servlet.http.HttpServletRequest)151
Test (org.junit.Test)110
IOException (java.io.IOException)80
HttpServletResponse (javax.servlet.http.HttpServletResponse)80
ServletException (javax.servlet.ServletException)75
ArrayList (java.util.ArrayList)65
RequestDispatcher (javax.servlet.RequestDispatcher)59
HashMap (java.util.HashMap)48
Map (java.util.Map)44
Locale (java.util.Locale)39
Properties (java.util.Properties)39
PrintWriter (java.io.PrintWriter)38
Cookie (javax.servlet.http.Cookie)27
List (java.util.List)24
SQLException (java.sql.SQLException)23
WebUser (org.compiere.util.WebUser)23
FlakyTest (org.apache.geode.test.junit.categories.FlakyTest)20
IntegrationTest (org.apache.geode.test.junit.categories.IntegrationTest)20
ModelAndView (org.springframework.web.servlet.ModelAndView)20
