-
-
Save fabian-bouche-liferay/7bbc95bf9f6c14ba497ac090d34ed793 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
package com.liferay.samples.fbo.ip.role; | |
import com.liferay.portal.kernel.audit.AuditRequestThreadLocal; | |
import com.liferay.portal.kernel.model.Role; | |
import com.liferay.portal.kernel.security.permission.contributor.RoleCollection; | |
import com.liferay.portal.kernel.security.permission.contributor.RoleContributor; | |
import com.liferay.portal.kernel.service.RoleLocalService; | |
import org.osgi.service.component.annotations.Component; | |
import org.osgi.service.component.annotations.Reference; | |
import org.slf4j.Logger; | |
import org.slf4j.LoggerFactory; | |
@Component( | |
immediate = true, | |
service = RoleContributor.class | |
) | |
public class IPBasedRoleContributor implements RoleContributor { | |
private static final String INTERNAL_USER_ROLE_NAME = "IP"; | |
@Override | |
public void contribute(RoleCollection roleCollection) { | |
long companyId = roleCollection.getCompanyId(); | |
long internalUserRoleId = | |
_getInternalUserRoleIdForCompany(companyId); | |
if (internalUserRoleId == 0) { | |
return; | |
} | |
String clientIPAddress = AuditRequestThreadLocal | |
.getAuditThreadLocal().getClientIP(); | |
boolean offsite = _isIPAddressOffsite(clientIPAddress); | |
if (offsite && roleCollection.hasRoleId(internalUserRoleId)) { | |
roleCollection.removeRoleId(internalUserRoleId); | |
} else if (!offsite && !roleCollection.hasRoleId(internalUserRoleId)) { | |
roleCollection.addRoleId(internalUserRoleId); | |
} | |
} | |
private long _getInternalUserRoleIdForCompany(final long companyId) { | |
long roleId; | |
Role role = _roleLocalService | |
.fetchRole(companyId, INTERNAL_USER_ROLE_NAME); | |
if (role == null) { | |
return 0; | |
} | |
roleId = role.getRoleId(); | |
return roleId; | |
} | |
private boolean _isIPAddressOffsite(final String ipAddress) { | |
return false; | |
} | |
@Reference | |
private RoleLocalService _roleLocalService; | |
private final static Logger LOG = LoggerFactory.getLogger(IPBasedRoleContributor.class); | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment