From 6e813ed472960b18d66e02742afc17e99773b6ee Mon Sep 17 00:00:00 2001 From: Gabriele Incoronato Date: Wed, 27 Nov 2024 17:28:05 +0100 Subject: [PATCH] Servlet filter per accedere al pannello di controllo con p_p_id 158 --- .../build.gabri.properties | 9 ++ .../hooks/portos-filter-hook/.classpath | 22 +++++ .../hooks/portos-filter-hook/.project | 36 +++++++ .../hooks/portos-filter-hook/build.xml | 6 ++ .../docroot/META-INF/MANIFEST.MF | 3 + .../docroot/WEB-INF/liferay-hook.xml | 15 +++ .../WEB-INF/liferay-plugin-package.properties | 13 +++ .../portos/filter/PortosAccesFilter.java | 99 +++++++++++++++++++ .../docroot/WEB-INF/web.xml | 3 + 9 files changed, 206 insertions(+) create mode 100644 liferay-plugins-sdk-6.2/build.gabri.properties create mode 100644 liferay-plugins-sdk-6.2/hooks/portos-filter-hook/.classpath create mode 100644 liferay-plugins-sdk-6.2/hooks/portos-filter-hook/.project create mode 100644 liferay-plugins-sdk-6.2/hooks/portos-filter-hook/build.xml create mode 100644 liferay-plugins-sdk-6.2/hooks/portos-filter-hook/docroot/META-INF/MANIFEST.MF create mode 100644 liferay-plugins-sdk-6.2/hooks/portos-filter-hook/docroot/WEB-INF/liferay-hook.xml create mode 100644 liferay-plugins-sdk-6.2/hooks/portos-filter-hook/docroot/WEB-INF/liferay-plugin-package.properties create mode 100644 liferay-plugins-sdk-6.2/hooks/portos-filter-hook/docroot/WEB-INF/src/it/tref/liferay/portos/filter/PortosAccesFilter.java create mode 100644 liferay-plugins-sdk-6.2/hooks/portos-filter-hook/docroot/WEB-INF/web.xml diff --git a/liferay-plugins-sdk-6.2/build.gabri.properties b/liferay-plugins-sdk-6.2/build.gabri.properties new file mode 100644 index 00000000..18953abf --- /dev/null +++ b/liferay-plugins-sdk-6.2/build.gabri.properties @@ -0,0 +1,9 @@ +# Managed by Liferay IDE (remove this comment to prevent future updates) + +#Managed by Liferay IDE (remove this comment to prevent future updates) +app.server.tomcat.lib.global.dir = C:\\servers\\paesagistica\\liferay-portal-6.2-ce-ga6-patched6.2.5\\tomcat-7.0.62\\lib\\ext +app.server.tomcat.deploy.dir = C:\\servers\\paesagistica\\liferay-portal-6.2-ce-ga6-patched6.2.5\\tomcat-7.0.62\\webapps +app.server.parent.dir = C:\\servers\\paesagistica\\liferay-portal-6.2-ce-ga6-patched6.2.5 +app.server.tomcat.dir = C:\\servers\\paesagistica\\liferay-portal-6.2-ce-ga6-patched6.2.5\\tomcat-7.0.62 +app.server.type = tomcat +app.server.tomcat.portal.dir = C:\\servers\\paesagistica\\liferay-portal-6.2-ce-ga6-patched6.2.5\\tomcat-7.0.62\\webapps\\ROOT diff --git a/liferay-plugins-sdk-6.2/hooks/portos-filter-hook/.classpath b/liferay-plugins-sdk-6.2/hooks/portos-filter-hook/.classpath new file mode 100644 index 00000000..242f6c2c --- /dev/null +++ b/liferay-plugins-sdk-6.2/hooks/portos-filter-hook/.classpath @@ -0,0 +1,22 @@ + + + + + + + + + + + + + + + + + + + + + + diff --git a/liferay-plugins-sdk-6.2/hooks/portos-filter-hook/.project b/liferay-plugins-sdk-6.2/hooks/portos-filter-hook/.project new file mode 100644 index 00000000..69038d92 --- /dev/null +++ b/liferay-plugins-sdk-6.2/hooks/portos-filter-hook/.project @@ -0,0 +1,36 @@ + + + portos-filter-hook + + + + + + org.eclipse.wst.jsdt.core.javascriptValidator + + + + + org.eclipse.jdt.core.javabuilder + + + + + org.eclipse.wst.common.project.facet.core.builder + + + + + org.eclipse.wst.validation.validationbuilder + + + + + + org.eclipse.jem.workbench.JavaEMFNature + org.eclipse.wst.common.modulecore.ModuleCoreNature + org.eclipse.wst.common.project.facet.core.nature + org.eclipse.jdt.core.javanature + org.eclipse.wst.jsdt.core.jsNature + + diff --git a/liferay-plugins-sdk-6.2/hooks/portos-filter-hook/build.xml b/liferay-plugins-sdk-6.2/hooks/portos-filter-hook/build.xml new file mode 100644 index 00000000..9716a290 --- /dev/null +++ b/liferay-plugins-sdk-6.2/hooks/portos-filter-hook/build.xml @@ -0,0 +1,6 @@ + + + + + + \ No newline at end of file diff --git a/liferay-plugins-sdk-6.2/hooks/portos-filter-hook/docroot/META-INF/MANIFEST.MF b/liferay-plugins-sdk-6.2/hooks/portos-filter-hook/docroot/META-INF/MANIFEST.MF new file mode 100644 index 00000000..254272e1 --- /dev/null +++ b/liferay-plugins-sdk-6.2/hooks/portos-filter-hook/docroot/META-INF/MANIFEST.MF @@ -0,0 +1,3 @@ +Manifest-Version: 1.0 +Class-Path: + diff --git a/liferay-plugins-sdk-6.2/hooks/portos-filter-hook/docroot/WEB-INF/liferay-hook.xml b/liferay-plugins-sdk-6.2/hooks/portos-filter-hook/docroot/WEB-INF/liferay-hook.xml new file mode 100644 index 00000000..f17b6b02 --- /dev/null +++ b/liferay-plugins-sdk-6.2/hooks/portos-filter-hook/docroot/WEB-INF/liferay-hook.xml @@ -0,0 +1,15 @@ + + + + + + Sample Filter + it.tref.liferay.portos.filter.PortosAccesFilter + + + Sample Filter + /group/control_panel/* + REQUEST + FORWARD + + \ No newline at end of file diff --git a/liferay-plugins-sdk-6.2/hooks/portos-filter-hook/docroot/WEB-INF/liferay-plugin-package.properties b/liferay-plugins-sdk-6.2/hooks/portos-filter-hook/docroot/WEB-INF/liferay-plugin-package.properties new file mode 100644 index 00000000..ef060a35 --- /dev/null +++ b/liferay-plugins-sdk-6.2/hooks/portos-filter-hook/docroot/WEB-INF/liferay-plugin-package.properties @@ -0,0 +1,13 @@ +name=Portos Filter +module-group-id=liferay +module-incremental-version=1 +module-version=6.2.0.5 +tags= +short-description= +long-description= +change-log= +page-url=http://www.liferay.com +author=Liferay, Inc. +licenses=LGPL +liferay-versions=6.2+ +liferay-version=6.2.0+ diff --git a/liferay-plugins-sdk-6.2/hooks/portos-filter-hook/docroot/WEB-INF/src/it/tref/liferay/portos/filter/PortosAccesFilter.java b/liferay-plugins-sdk-6.2/hooks/portos-filter-hook/docroot/WEB-INF/src/it/tref/liferay/portos/filter/PortosAccesFilter.java new file mode 100644 index 00000000..e00797c6 --- /dev/null +++ b/liferay-plugins-sdk-6.2/hooks/portos-filter-hook/docroot/WEB-INF/src/it/tref/liferay/portos/filter/PortosAccesFilter.java @@ -0,0 +1,99 @@ +package it.tref.liferay.portos.filter; + +import com.liferay.portal.kernel.log.Log; +import com.liferay.portal.kernel.log.LogFactoryUtil; +import com.liferay.portal.kernel.util.StringUtil; +import com.liferay.portal.kernel.util.WebKeys; +import com.liferay.portal.model.Company; +import com.liferay.portal.model.Role; +import com.liferay.portal.model.User; +import com.liferay.portal.service.RoleLocalServiceUtil; +import com.liferay.portal.util.PortalUtil; + +import java.io.IOException; +import java.util.List; + +import javax.servlet.Filter; +import javax.servlet.FilterChain; +import javax.servlet.FilterConfig; +import javax.servlet.ServletException; +import javax.servlet.ServletRequest; +import javax.servlet.ServletResponse; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +public class PortosAccesFilter implements Filter { + final static Log _log = LogFactoryUtil.getLog(PortosAccesFilter.class.getName()); + + @Override + public void destroy() { + _log.debug("Called destroy()"); + } + + @Override + public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, + FilterChain filterChain) throws IOException, ServletException { + HttpServletRequest httpReq = (HttpServletRequest) servletRequest; + _log.debug("httpReq.getRequestURI()=" + httpReq.getRequestURI()); + _log.debug("httpReq.getRequestURL()=" + httpReq.getRequestURL()); + + String uri = (String) servletRequest.getAttribute(WebKeys.INVOKER_FILTER_URI); + + _log.debug("Called SampleFilter.doFilter(" + servletRequest + ", " + servletResponse + ", " + filterChain + + ") for URI " + uri); + HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest; + boolean permesso = false; + boolean permessoRuoli = false; + try { + User user = PortalUtil.getUser(httpServletRequest); + + if (user != null) { + List userRoles = RoleLocalServiceUtil.getUserRoles(user.getUserId()); + for (int i = 0; i < userRoles.size(); i++) { + if("Admin publication".equals((userRoles.get(i)).getName())){ + permessoRuoli=true; + } + } + } + if ((user == null || (user.isDefaultUser() && !permessoRuoli))) { + HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse; + httpServletResponse.setStatus(403); + _log.debug("Guest non permesso"); + return; + } + if(httpServletRequest.getParameterMap().containsKey("p_p_id")&& + !httpServletRequest.getParameterMap().get("p_p_id")[0].isEmpty()&& + ("158".equals( httpServletRequest.getParameterMap().get("p_p_id")[0]))){ + + if (user != null && PortalUtil.isCompanyAdmin(user) || permessoRuoli) { + permesso = true; + _log.debug("Admin passa il controllo :" + user.getFullName()); + } + + + if (!permesso) { + HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse; + //RequestLogUtil.createOrUpdateLog(httpReq); + httpServletResponse.setStatus(403); + } else { + filterChain.doFilter(servletRequest, servletResponse); + } + }else { + filterChain.doFilter(servletRequest, servletResponse); + } + } catch (Exception e) { + _log.error(e, e); + HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse; + if (httpServletResponse.getStatus() != 403) { + filterChain.doFilter(servletRequest, servletResponse); + } + } + } + + @Override + public void init(FilterConfig filterConfig) { + _log.debug("Called FIXPermissionFilter.init()"); + + } + +} diff --git a/liferay-plugins-sdk-6.2/hooks/portos-filter-hook/docroot/WEB-INF/web.xml b/liferay-plugins-sdk-6.2/hooks/portos-filter-hook/docroot/WEB-INF/web.xml new file mode 100644 index 00000000..1aa8cdb8 --- /dev/null +++ b/liferay-plugins-sdk-6.2/hooks/portos-filter-hook/docroot/WEB-INF/web.xml @@ -0,0 +1,3 @@ + + + \ No newline at end of file