package com.enterprise.web.filter; import java.io.IOException; import java.io.PrintWriter; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import net.sf.json.JSONObject; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.security.core.Authentication; import org.springframework.security.core.context.SecurityContext; import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.web.servlet.handler.HandlerInterceptorAdapter; import com.enterprise.domain.AjaxResult; import com.enterprise.service.MerchantCommonService; import com.enterprise.util.Result; import com.enterprise.web.security.HyipUserDetail; /** * Intercept shop decoration requests * * @author chen.kuan December 28, 2015 * */ public class ShopDecorateInterceptor extends HandlerInterceptorAdapter { private static final Logger logger = LoggerFactory.getLogger(ShopDecorateInterceptor.class); @Autowired private MerchantCommonService merchantCommonService; @Override public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception { if (logger.isDebugEnabled()) { logger.debug("pre handle,url>>{}", request.getRequestURI()); } SecurityContext context = SecurityContextHolder.getContext(); if (context == null) { // user is not logged in return true; } // Get the userId of the store to be renovated String merchantUserId = request.getParameter("_merchant_user_id_"); if (merchantUserId == null) { Authentication authentication = context.getAuthentication(); HyipUserDetail userDetail = (HyipUserDetail) authentication.getPrincipal(); merchantUserId = userDetail.getId() + ""; } boolean accept = accept(Long.valueOf(merchantUserId)); if (!accept) { writeDenied(response); return false; } return true; } private boolean accept(Long userId) { Result tagsResult = merchantCommonService.getTags(userId); String tags = (String) tagsResult.getData(); if ('1' == tags.charAt(0)) { // Enterprise merchant return true; } if ('1' == tags.charAt(1)) { return true; } return false; } private void writeDenied(HttpServletResponse response) { AjaxResult ajaxResult = AjaxResult.failed(-1); JSONObject responseJson = JSONObject.fromObject(ajaxResult); // net.sf.json.JSONObject for JSON converter in Spring MVC String content = responseJson.toString(); response.setCharacterEncoding("utf-8"); response.setContentType("application/json; charset=utf-8"); PrintWriter out = null; try { out = response.getWriter(); out.append(content); out.flush(); } catch (IOException e) { } finally { if (out != null) { out.close(); } } } }