1
19
20 package com.liferay.portlet.enterpriseadmin.action;
21
22 import com.liferay.portal.kernel.log.Log;
23 import com.liferay.portal.kernel.log.LogFactoryUtil;
24 import com.liferay.portal.kernel.servlet.SessionErrors;
25 import com.liferay.portal.kernel.util.ParamUtil;
26 import com.liferay.portal.security.auth.PrincipalException;
27 import com.liferay.portal.security.permission.PermissionChecker;
28 import com.liferay.portal.servlet.PortalSessionContext;
29 import com.liferay.portal.struts.PortletAction;
30 import com.liferay.portal.theme.ThemeDisplay;
31 import com.liferay.portal.util.WebKeys;
32
33 import javax.portlet.ActionRequest;
34 import javax.portlet.ActionResponse;
35 import javax.portlet.PortletConfig;
36 import javax.portlet.RenderRequest;
37 import javax.portlet.RenderResponse;
38
39 import javax.servlet.http.HttpSession;
40
41 import org.apache.struts.action.ActionForm;
42 import org.apache.struts.action.ActionForward;
43 import org.apache.struts.action.ActionMapping;
44
45
51 public class EditSessionAction extends PortletAction {
52
53 public void processAction(
54 ActionMapping mapping, ActionForm form, PortletConfig portletConfig,
55 ActionRequest actionRequest, ActionResponse actionResponse)
56 throws Exception {
57
58 ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
59 WebKeys.THEME_DISPLAY);
60
61 PermissionChecker permissionChecker =
62 themeDisplay.getPermissionChecker();
63
64 if (!permissionChecker.isOmniadmin()) {
65 SessionErrors.add(
66 actionRequest, PrincipalException.class.getName());
67
68 setForward(actionRequest, "portlet.enterprise_admin.error");
69
70 return;
71 }
72
73 invalidateSession(actionRequest);
74
75 sendRedirect(actionRequest, actionResponse);
76 }
77
78 public ActionForward render(
79 ActionMapping mapping, ActionForm form, PortletConfig portletConfig,
80 RenderRequest renderRequest, RenderResponse renderResponse)
81 throws Exception {
82
83 return mapping.findForward(
84 getForward(renderRequest, "portlet.enterprise_admin.edit_session"));
85 }
86
87 protected void invalidateSession(ActionRequest actionRequest)
88 throws Exception {
89
90 String sessionId = ParamUtil.getString(actionRequest, "sessionId");
91
92 HttpSession userSession = PortalSessionContext.get(sessionId);
93
94 if (userSession != null) {
95 try {
96 if (!actionRequest.getPortletSession().getId().equals(
97 sessionId)) {
98
99 userSession.invalidate();
100 }
101 }
102 catch (Exception e) {
103 _log.error(e);
104 }
105 }
106 }
107
108 private static Log _log = LogFactoryUtil.getLog(EditSessionAction.class);
109
110 }