Package org.codelibs.fess.helper
Class RoleQueryHelper
java.lang.Object
org.codelibs.fess.helper.RoleQueryHelper
This class returns a list of a role from a request parameter,
a request header and a cookie. The format of the default value
is "[\d]+\nrole1,role2,role3", which you can encrypt.
-
Field Summary
FieldsModifier and TypeFieldDescriptionprotected org.codelibs.core.crypto.CachedCipherThe cached cipher for encryption and decryption.protected StringThe key for the cookie that stores role information.A map of cookie names to role names.A list of default roles.protected booleanWhether the cookie value is encrypted.protected booleanWhether the header value is encrypted.protected booleanWhether the parameter value is encrypted.protected StringThe key for the request header that contains role information.protected longThe maximum age of the role information in seconds.protected StringThe key for the request parameter that contains role information.protected StringThe separator for roles in the role string.protected static final StringThe key for user roles in the request attribute.protected StringThe separator for values in the role string. -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionvoidaddCookieNameMapping(String cookieName, String roleName) Adds a cookie name mapping.protected voidaddRoleFromCookieMapping(Set<String> roleNameList, jakarta.servlet.http.Cookie cookie) Adds a role from the cookie mapping.build(SearchRequestParams.SearchRequestType searchRequestType) Builds a set of roles from the request.protected voidbuildByCookieNameMapping(jakarta.servlet.http.HttpServletRequest request, Set<String> roleSet) Builds roles from the cookie name mapping.protected org.dbflute.optional.OptionalThing<org.codelibs.fess.mylasta.action.FessUserBean> findUserBean(org.lastaflute.web.servlet.request.RequestManager requestManager) Resolves the logged-in user bean for the current request.protected longGets the current time in milliseconds.voidinit()Initializes the RoleQueryHelper.protected voidparseRoleSet(String value, boolean encrypted, Set<String> roleSet) Parses the role set from a string.protected booleanprocessAccessToken(jakarta.servlet.http.HttpServletRequest request, Set<String> roleSet, boolean isApiRequest) Processes the access token.protected voidprocessCookie(jakarta.servlet.http.HttpServletRequest request, Set<String> roleSet) Processes the cookie.protected voidprocessHeader(jakarta.servlet.http.HttpServletRequest request, Set<String> roleSet) Processes the request header.protected voidprocessParameter(jakarta.servlet.http.HttpServletRequest request, Set<String> roleSet) Processes the request parameter.voidsetCipher(org.codelibs.core.crypto.CachedCipher cipher) Sets the cached cipher.voidsetCookieKey(String cookieKey) Sets the cookie key.voidsetEncryptedCookieValue(boolean encryptedCookieValue) Sets whether the cookie value is encrypted.voidsetEncryptedHeaderValue(boolean encryptedHeaderValue) Sets whether the header value is encrypted.voidsetEncryptedParameterValue(boolean encryptedParameterValue) Sets whether the parameter value is encrypted.voidsetHeaderKey(String headerKey) Sets the header key.voidsetMaxAge(long maxAge) Sets the maximum age of the role information in seconds.voidsetParameterKey(String parameterKey) Sets the parameter key.voidsetRoleSeparator(String roleSeparator) Sets the role separator.voidsetValueSeparator(String valueSeparator) Sets the value separator.
-
Field Details
-
USER_ROLES
The key for user roles in the request attribute.- See Also:
-
cipher
protected org.codelibs.core.crypto.CachedCipher cipherThe cached cipher for encryption and decryption. -
valueSeparator
The separator for values in the role string. -
roleSeparator
The separator for roles in the role string. -
parameterKey
The key for the request parameter that contains role information. -
encryptedParameterValue
protected boolean encryptedParameterValueWhether the parameter value is encrypted. -
headerKey
The key for the request header that contains role information. -
encryptedHeaderValue
protected boolean encryptedHeaderValueWhether the header value is encrypted. -
cookieKey
The key for the cookie that stores role information. -
encryptedCookieValue
protected boolean encryptedCookieValueWhether the cookie value is encrypted. -
maxAge
protected long maxAgeThe maximum age of the role information in seconds. -
cookieNameMap
A map of cookie names to role names. -
defaultRoleList
A list of default roles.
-
-
Constructor Details
-
RoleQueryHelper
public RoleQueryHelper()Constructor.
-
-
Method Details
-
init
@PostConstruct public void init()Initializes the RoleQueryHelper. -
build
Builds a set of roles from the request.- Parameters:
searchRequestType- The type of the search request.- Returns:
- A set of roles.
-
processAccessToken
protected boolean processAccessToken(jakarta.servlet.http.HttpServletRequest request, Set<String> roleSet, boolean isApiRequest) Processes the access token.- Parameters:
request- The HTTP request.roleSet- The set of roles.isApiRequest- Whether the request is an API request.- Returns:
- true if the access token is processed, false otherwise.
-
findUserBean
protected org.dbflute.optional.OptionalThing<org.codelibs.fess.mylasta.action.FessUserBean> findUserBean(org.lastaflute.web.servlet.request.RequestManager requestManager) Resolves the logged-in user bean for the current request. Exposed as a protected seam so unit tests can substitute an empty result without driving the shared LastaFlute container to resolveFessLoginAssist(and its OpenSearch-backedUserBhv), which is unavailable in the unit test environment.- Parameters:
requestManager- The request manager.- Returns:
- the optional user bean, empty when no user is logged in.
-
processParameter
protected void processParameter(jakarta.servlet.http.HttpServletRequest request, Set<String> roleSet) Processes the request parameter.- Parameters:
request- The HTTP request.roleSet- The set of roles.
-
processHeader
Processes the request header.- Parameters:
request- The HTTP request.roleSet- The set of roles.
-
processCookie
Processes the cookie.- Parameters:
request- The HTTP request.roleSet- The set of roles.
-
buildByCookieNameMapping
protected void buildByCookieNameMapping(jakarta.servlet.http.HttpServletRequest request, Set<String> roleSet) Builds roles from the cookie name mapping.- Parameters:
request- The HTTP request.roleSet- The set of roles.
-
addRoleFromCookieMapping
protected void addRoleFromCookieMapping(Set<String> roleNameList, jakarta.servlet.http.Cookie cookie) Adds a role from the cookie mapping.- Parameters:
roleNameList- The list of role names.cookie- The cookie.
-
parseRoleSet
Parses the role set from a string.- Parameters:
value- The string to parse.encrypted- Whether the string is encrypted.roleSet- The set of roles.
-
getCurrentTime
protected long getCurrentTime()Gets the current time in milliseconds.- Returns:
- The current time in milliseconds.
-
addCookieNameMapping
Adds a cookie name mapping.- Parameters:
cookieName- The name of the cookie.roleName- The name of the role.
-
setCipher
public void setCipher(org.codelibs.core.crypto.CachedCipher cipher) Sets the cached cipher.- Parameters:
cipher- The cached cipher.
-
setValueSeparator
Sets the value separator.- Parameters:
valueSeparator- The value separator.
-
setRoleSeparator
Sets the role separator.- Parameters:
roleSeparator- The role separator.
-
setParameterKey
Sets the parameter key.- Parameters:
parameterKey- The parameter key.
-
setEncryptedParameterValue
public void setEncryptedParameterValue(boolean encryptedParameterValue) Sets whether the parameter value is encrypted.- Parameters:
encryptedParameterValue- Whether the parameter value is encrypted.
-
setHeaderKey
Sets the header key.- Parameters:
headerKey- The header key.
-
setEncryptedHeaderValue
public void setEncryptedHeaderValue(boolean encryptedHeaderValue) Sets whether the header value is encrypted.- Parameters:
encryptedHeaderValue- Whether the header value is encrypted.
-
setCookieKey
Sets the cookie key.- Parameters:
cookieKey- The cookie key.
-
setEncryptedCookieValue
public void setEncryptedCookieValue(boolean encryptedCookieValue) Sets whether the cookie value is encrypted.- Parameters:
encryptedCookieValue- Whether the cookie value is encrypted.
-
setMaxAge
public void setMaxAge(long maxAge) Sets the maximum age of the role information in seconds.- Parameters:
maxAge- The maximum age of the role information in seconds.
-