From 09f0f86d50933ea11eb3315e5728718e23d37dcf Mon Sep 17 00:00:00 2001
From: rsanchez <rsanchez@curisit.net>
Date: Wed, 28 Jan 2015 11:34:27 +0000
Subject: [PATCH] #2283 fix - Changed EntityManager injection to @Context
---
securis/src/main/java/net/curisit/securis/ioc/RequestsInterceptor.java | 63 ++++++++++++++++++++++++++++---
1 files changed, 56 insertions(+), 7 deletions(-)
diff --git a/securis/src/main/java/net/curisit/securis/security/SecurityInterceptor.java b/securis/src/main/java/net/curisit/securis/ioc/RequestsInterceptor.java
similarity index 64%
rename from securis/src/main/java/net/curisit/securis/security/SecurityInterceptor.java
rename to securis/src/main/java/net/curisit/securis/ioc/RequestsInterceptor.java
index 3c02ac0..29e2278 100644
--- a/securis/src/main/java/net/curisit/securis/security/SecurityInterceptor.java
+++ b/securis/src/main/java/net/curisit/securis/ioc/RequestsInterceptor.java
@@ -1,4 +1,4 @@
-package net.curisit.securis.security;
+package net.curisit.securis.ioc;
import java.io.IOException;
import java.lang.reflect.Method;
@@ -12,12 +12,17 @@
import javax.ws.rs.Priorities;
import javax.ws.rs.WebApplicationException;
import javax.ws.rs.container.ContainerRequestContext;
+import javax.ws.rs.container.ContainerRequestFilter;
+import javax.ws.rs.container.ContainerResponseContext;
+import javax.ws.rs.container.ContainerResponseFilter;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.Response.Status;
import javax.ws.rs.ext.Provider;
import net.curisit.securis.db.User;
+import net.curisit.securis.security.BasicSecurityContext;
+import net.curisit.securis.security.Securable;
import net.curisit.securis.utils.CacheTTL;
import net.curisit.securis.utils.TokenHelper;
@@ -32,8 +37,8 @@
@Provider
@Priority(Priorities.AUTHENTICATION)
-public class SecurityInterceptor implements javax.ws.rs.container.ContainerRequestFilter {
- private static final Logger LOG = LogManager.getLogger(SecurityInterceptor.class);
+public class RequestsInterceptor implements ContainerRequestFilter, ContainerResponseFilter {
+ private static final Logger LOG = LogManager.getLogger(RequestsInterceptor.class);
@Context
private HttpServletRequest servletRequest;
@@ -48,23 +53,43 @@
private Dispatcher dispatcher;
@Inject
- private EntityManager em;
+ private EntityManagerProvider emProvider;
public void filter(ContainerRequestContext containerRequestContext) throws IOException {
+ EntityManager em = emProvider.getEntityManager();
+ ResteasyProviderFactory.pushContext(EntityManager.class, em);
ResourceMethodInvoker methodInvoker = (ResourceMethodInvoker) containerRequestContext
.getProperty("org.jboss.resteasy.core.ResourceMethodInvoker");
Method method = methodInvoker.getMethod();
+ LOG.info("Stored in context, em: {}, {}?", em, method.toGenericString());
+
+ boolean next = checkSecurableMethods(containerRequestContext, method);
+ if (next) {
+ prepareTransaction(containerRequestContext, method);
+ }
+ }
+
+ private void prepareTransaction(ContainerRequestContext containerRequestContext, Method method) {
+ EntityManager em = ResteasyProviderFactory.getContextData(EntityManager.class);
+
+ if (method.isAnnotationPresent(EnsureTransaction.class)) {
+ LOG.info("WE need transaction!!!");
+ em.getTransaction().begin();
+ }
+ }
+
+ private boolean checkSecurableMethods(ContainerRequestContext containerRequestContext, Method method) {
if (!method.isAnnotationPresent(Securable.class)) {
- return;
+ return true;
}
String token = servletRequest.getHeader(TokenHelper.TOKEN_HEADER_PĂ€RAM);
if (token == null || !tokenHelper.isTokenValid(token)) {
LOG.info("Access denied to '{}', Token not valid.", servletRequest.getPathInfo());
containerRequestContext.abortWith(Response.status(Status.UNAUTHORIZED).build());
+ return false;
} else {
- Securable sec = method.getAnnotation(Securable.class);
// If roles == 0 we only need to validate the token
String username = tokenHelper.extractUserFromToken(token);
@@ -76,15 +101,18 @@
containerRequestContext.setSecurityContext(scw);
// Next line provide injection in resource methods
ResteasyProviderFactory.pushContext(BasicSecurityContext.class, scw);
- ResteasyProviderFactory.pushContext(EntityManager.class, em);
LOG.debug("Added custom SecurityContext for user {}, orgs: {}", username, orgs);
}
+ return true;
+
}
private Set<Integer> getUserOrganizations(String username) {
@SuppressWarnings("unchecked")
Set<Integer> userOrgs = cache.get("orgs_" + username, Set.class);
if (userOrgs == null) {
+ EntityManager em = ResteasyProviderFactory.getContextData(EntityManager.class);
+
// Theorically this shouldn't be never null, but just in case...
User user = em.find(User.class, username);
if (user != null) {
@@ -103,6 +131,8 @@
}
Integer userRoles = cache.get("roles_" + username, Integer.class);
if (userRoles == null) {
+ EntityManager em = ResteasyProviderFactory.getContextData(EntityManager.class);
+
User user = em.find(User.class, username);
if (user != null) {
userRoles = 0;
@@ -123,4 +153,23 @@
return null;
}
+ @Override
+ public void filter(ContainerRequestContext requestContext, ContainerResponseContext responseContext) throws IOException {
+ EntityManager em = ResteasyProviderFactory.getContextData(EntityManager.class);
+
+ if (em != null && em.getTransaction().isActive()) {
+ LOG.info("There is transaction go ahead...");
+ if (responseContext.getStatus() == Status.OK.getStatusCode()) {
+ em.getTransaction().commit();
+ LOG.info("COMMIT");
+ } else {
+ em.getTransaction().rollback();
+ LOG.info("ROLLBACK");
+ }
+ } else {
+ LOG.info("There is NO transaction");
+
+ }
+ }
+
}
--
Gitblit v1.3.2