Search in sources :

Example 1 with AccessResult

use of org.webpieces.router.api.routebldr.AccessResult in project webpieces by deanhiller.

the class EScopedRouter method isFailSecurityCheck.

private boolean isFailSecurityCheck(AbstractRouter router, RequestContext ctx, ProxyStreamHandle handler) {
    if (!(router instanceof FContentRouter)) {
        // we only do CORS for content requests(json/xml/etc)
        send403Response(handler, "Only content routes allow CORS requests. Router not supported=" + router.getClass());
        return true;
    }
    FContentRouter contentRouter = (FContentRouter) router;
    ProcessCors corsProcessor = contentRouter.getCorsProcessor();
    if (corsProcessor == null) {
        send403Response(handler, "This method and path did not support CORS");
        return true;
    }
    AccessResult accessResult = corsProcessor.isAccessAllowed(ctx);
    if (!accessResult.isAllowed()) {
        send403Response(handler, accessResult.getReasonForDenial());
        return true;
    }
    return false;
}
Also used : ProcessCors(org.webpieces.router.api.routebldr.ProcessCors) AccessResult(org.webpieces.router.api.routebldr.AccessResult)

Aggregations

AccessResult (org.webpieces.router.api.routebldr.AccessResult)1 ProcessCors (org.webpieces.router.api.routebldr.ProcessCors)1