1 | package edu.ucsb.cs156.happiercows.interceptors; | |
2 | ||
3 | import javax.servlet.http.HttpServletRequest; | |
4 | import javax.servlet.http.HttpServletResponse; | |
5 | ||
6 | import org.springframework.beans.factory.annotation.Autowired; | |
7 | import org.springframework.stereotype.Component; | |
8 | import org.springframework.web.servlet.HandlerInterceptor; | |
9 | ||
10 | import edu.ucsb.cs156.happiercows.repositories.UserRepository; | |
11 | import org.springframework.security.core.authority.SimpleGrantedAuthority; | |
12 | import org.springframework.security.core.Authentication; | |
13 | import org.springframework.security.core.GrantedAuthority; | |
14 | import org.springframework.security.core.context.SecurityContext; | |
15 | import org.springframework.security.core.context.SecurityContextHolder; | |
16 | import org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken; | |
17 | import org.springframework.security.oauth2.core.user.OAuth2User; | |
18 | ||
19 | import java.util.Optional; | |
20 | import java.util.HashSet; | |
21 | import java.util.Set; | |
22 | import java.util.Collection; | |
23 | import edu.ucsb.cs156.happiercows.entities.User; | |
24 | ||
25 | ||
26 | ||
27 | @Component | |
28 | public class RoleUserInterceptor implements HandlerInterceptor { | |
29 | ||
30 | @Autowired | |
31 | UserRepository userRepository; | |
32 | ||
33 | @Override | |
34 | public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception { | |
35 | // Update user's security context on server each time the user makes HTTP request to the backend | |
36 | // If user has admin status in database we will keep ROLE_ADMIN in security context | |
37 | // Otherwise interceptor will remove ROLE_ADMIN before the incoming request is processed by backend API | |
38 | SecurityContext securityContext = SecurityContextHolder.getContext(); | |
39 | Authentication authentication = securityContext.getAuthentication(); | |
40 | ||
41 |
1
1. preHandle : negated conditional → KILLED |
if (authentication instanceof OAuth2AuthenticationToken ) { |
42 | OAuth2User oAuthUser = ((OAuth2AuthenticationToken) authentication).getPrincipal(); | |
43 | String email = oAuthUser.getAttribute("email"); | |
44 | Optional<User> optionalUser = userRepository.findByEmail(email); | |
45 |
1
1. preHandle : negated conditional → KILLED |
if (optionalUser.isPresent()){ |
46 | User user = optionalUser.get(); | |
47 | ||
48 |
1
1. preHandle : negated conditional → KILLED |
if(user.isSuspended()) { |
49 |
1
1. preHandle : removed call to javax/servlet/http/HttpServletResponse::sendError → KILLED |
response.sendError(HttpServletResponse.SC_FORBIDDEN, "Your account has been suspended. Contact an administrator to restore your account"); |
50 |
1
1. preHandle : removed call to org/springframework/security/core/context/SecurityContextHolder::clearContext → KILLED |
SecurityContextHolder.clearContext(); |
51 |
1
1. preHandle : replaced boolean return with true for edu/ucsb/cs156/happiercows/interceptors/RoleUserInterceptor::preHandle → KILLED |
return false; |
52 | } | |
53 | ||
54 | Set<GrantedAuthority> newAuthorities = new HashSet<>(); | |
55 | Collection<? extends GrantedAuthority> currentAuthorities = authentication.getAuthorities(); | |
56 | currentAuthorities.stream() | |
57 |
2
1. lambda$preHandle$0 : negated conditional → KILLED 2. lambda$preHandle$0 : replaced boolean return with true for edu/ucsb/cs156/happiercows/interceptors/RoleUserInterceptor::lambda$preHandle$0 → KILLED |
.filter(authority -> !authority.getAuthority().equals("ROLE_ADMIN")) |
58 |
1
1. preHandle : removed call to java/util/stream/Stream::forEach → KILLED |
.forEach(authority -> { |
59 | newAuthorities.add(authority); | |
60 | }); | |
61 | ||
62 |
1
1. preHandle : negated conditional → KILLED |
if (user.isAdmin()){ |
63 | newAuthorities.add(new SimpleGrantedAuthority("ROLE_ADMIN")); | |
64 | } | |
65 | | |
66 | Authentication newAuth = new OAuth2AuthenticationToken(oAuthUser, newAuthorities,(((OAuth2AuthenticationToken)authentication).getAuthorizedClientRegistrationId())); | |
67 |
1
1. preHandle : removed call to org/springframework/security/core/context/SecurityContext::setAuthentication → KILLED |
SecurityContextHolder.getContext().setAuthentication(newAuth); |
68 | } | |
69 | } | |
70 | ||
71 |
1
1. preHandle : replaced boolean return with false for edu/ucsb/cs156/happiercows/interceptors/RoleUserInterceptor::preHandle → KILLED |
return true; |
72 | } | |
73 | | |
74 | } | |
Mutations | ||
41 |
1.1 |
|
45 |
1.1 |
|
48 |
1.1 |
|
49 |
1.1 |
|
50 |
1.1 |
|
51 |
1.1 |
|
57 |
1.1 2.2 |
|
58 |
1.1 |
|
62 |
1.1 |
|
67 |
1.1 |
|
71 |
1.1 |