Examples with ActivityMapper org.mifos.security.util.ActivityMapper used on opensource projects

Search in sources :

Example 1 with ActivityMapper

use of org.mifos.security.util.ActivityMapper in project head by mifos.

the class MifosRequestProcessor method checkProcessRoles.

protected boolean checkProcessRoles(HttpServletRequest request, HttpServletResponse response, ActionMapping mapping) {
    boolean returnValue = true;
    if (request.getSession() != null && request.getSession().getAttribute("UserContext") != null) {
        HttpSession session = request.getSession();
        ActivityMapper activityMapper = ActivityMapper.getInstance();
        String path = mapping.getPath();
        String method = request.getParameter("method");
        String key = path + "-" + method;
        Short activityId = null;
        if (null != method && (method.equals("cancel") || method.equals("validate") || method.equals("searchPrev") || method.equals("searchNext"))) {
            return true;
        }
        String activityKey = null;
        if (isReportRequest(request)) {
            String reportId = request.getParameter("reportId");
            activityKey = key + "-" + reportId;
            activityId = activityMapper.getActivityId(activityKey);
        } else {
            activityId = activityMapper.getActivityId(key);
            request.setAttribute(Globals.ERROR_KEY, null);
        }
        if (null == activityId) {
            activityKey = path + "-" + request.getParameter("viewPath");
            activityId = activityMapper.getActivityId(activityKey);
        }
        // Check for fine-grained permissions
        if (null == activityId) {
            activityKey = key + "-" + session.getAttribute(SecurityConstants.SECURITY_PARAM);
            activityId = activityMapper.getActivityId(activityKey);
        }
        if (null == activityId) {
            return false;
        } else if (activityId.shortValue() == 0) {
            return true;
        }
        returnValue = ApplicationContextProvider.getBean(LegacyRolesPermissionsDao.class).isActivityAllowed((UserContext) session.getAttribute("UserContext"), setActivityContextFromRequest(request, activityId));
    }
    return returnValue;
}
Also used : HttpSession(javax.servlet.http.HttpSession) UserContext(org.mifos.security.util.UserContext) ActivityMapper(org.mifos.security.util.ActivityMapper)

Aggregations

HttpSession (javax.servlet.http.HttpSession)1 ActivityMapper (org.mifos.security.util.ActivityMapper)1 UserContext (org.mifos.security.util.UserContext)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial