Skip to content

Instantly share code, notes, and snippets.

@wildone

wildone/BlockAllButFelixFilter.java

Forked from saml/BlockAllButFelixFilter.java
Last active August 29, 2015 14:24
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save wildone/c8b52bc9c3f5c70bb502 to your computer and use it in GitHub Desktop.
Save wildone/c8b52bc9c3f5c70bb502 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
BlockAllButFelixFilter.java
import java.io.IOException;
import java.util.Arrays;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import org.apache.felix.scr.annotations.Activate;
import org.apache.felix.scr.annotations.Component;
import org.apache.felix.scr.annotations.Property;
import org.apache.felix.scr.annotations.sling.SlingFilter;
import org.apache.felix.scr.annotations.sling.SlingFilterScope;
import org.apache.sling.api.SlingHttpServletRequest;
import org.apache.sling.api.SlingHttpServletResponse;
import org.apache.sling.commons.osgi.OsgiUtil;
import com.day.cq.security.Group;
import com.day.cq.security.User;
@SlingFilter(scope = SlingFilterScope.REQUEST, order = Integer.MAX_VALUE, generateComponent = false)
@Component(metatype = true, immediate = false, enabled = false)
public class BlockAllButFelixFilter implements Filter {
@Override
public void init(FilterConfig filterConfig) throws ServletException {
}
private static final String[] DEFAULT_SUPER_GROUPS = new String[] {"administrators", "developers"};
@Property(value = {}, cardinality = 1000)
private static final String PROP_SUPER_GROUPS = "groups";
private List<String> groups = null;
@SuppressWarnings("unused")
@Activate
private void activate(Map<String,Object> config) {
groups = Arrays.asList(OsgiUtil.toStringArray(config.get(PROP_SUPER_GROUPS), DEFAULT_SUPER_GROUPS));
}
private static boolean isUserMemberOf(User user, List<String> groups) {
final Iterator<Group> groupsUserBelogTo = user.memberOf();
while (groupsUserBelogTo.hasNext()) {
if (groups.indexOf(groupsUserBelogTo.next().getID()) >= 0) {
return true;
}
}
return false;
}
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
// if (request instanceof HttpServletRequest && response instanceof HttpServletResponse) {
// final HttpServletRequest httpRequest = (HttpServletRequest) request;
// final HttpServletResponse httpResponse = (HttpServletResponse) response;
//
// if (!"admin".equals(httpRequest.getUserPrincipal().getName()) && !httpRequest.getPathInfo().startsWith("/system/console/")) {
// httpResponse.sendError(503, "deployment on going...");
// return;
//
// }
// }
if (request instanceof SlingHttpServletRequest && response instanceof SlingHttpServletResponse) {
final SlingHttpServletRequest slingRequest = (SlingHttpServletRequest) request;
final SlingHttpServletResponse slingResponse = (SlingHttpServletResponse) response;
final User user = slingRequest.getResourceResolver().adaptTo(User.class);
if (!slingRequest.getPathInfo().startsWith("/system/console/") && !isUserMemberOf(user, groups)) {
slingResponse.sendError(503, "deployment on going. visit later...");
return ;
}
}
chain.doFilter(request, response);
}
@Override
public void destroy() {
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment