1
22
23 package com.liferay.portlet.enterpriseadmin.action;
24
25 import com.liferay.portal.kernel.log.Log;
26 import com.liferay.portal.kernel.log.LogFactoryUtil;
27 import com.liferay.portal.kernel.servlet.SessionErrors;
28 import com.liferay.portal.kernel.util.ParamUtil;
29 import com.liferay.portal.security.auth.PrincipalException;
30 import com.liferay.portal.security.permission.PermissionChecker;
31 import com.liferay.portal.servlet.PortalSessionContext;
32 import com.liferay.portal.struts.PortletAction;
33 import com.liferay.portal.theme.ThemeDisplay;
34 import com.liferay.portal.util.WebKeys;
35
36 import javax.portlet.ActionRequest;
37 import javax.portlet.ActionResponse;
38 import javax.portlet.PortletConfig;
39 import javax.portlet.RenderRequest;
40 import javax.portlet.RenderResponse;
41
42 import javax.servlet.http.HttpSession;
43
44 import org.apache.struts.action.ActionForm;
45 import org.apache.struts.action.ActionForward;
46 import org.apache.struts.action.ActionMapping;
47
48
54 public class EditSessionAction extends PortletAction {
55
56 public void processAction(
57 ActionMapping mapping, ActionForm form, PortletConfig portletConfig,
58 ActionRequest actionRequest, ActionResponse actionResponse)
59 throws Exception {
60
61 ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
62 WebKeys.THEME_DISPLAY);
63
64 PermissionChecker permissionChecker =
65 themeDisplay.getPermissionChecker();
66
67 if (!permissionChecker.isOmniadmin()) {
68 SessionErrors.add(
69 actionRequest, PrincipalException.class.getName());
70
71 setForward(actionRequest, "portlet.enterprise_admin.error");
72
73 return;
74 }
75
76 invalidateSession(actionRequest);
77
78 sendRedirect(actionRequest, actionResponse);
79 }
80
81 public ActionForward render(
82 ActionMapping mapping, ActionForm form, PortletConfig portletConfig,
83 RenderRequest renderRequest, RenderResponse renderResponse)
84 throws Exception {
85
86 return mapping.findForward(
87 getForward(renderRequest, "portlet.enterprise_admin.edit_session"));
88 }
89
90 protected void invalidateSession(ActionRequest actionRequest)
91 throws Exception {
92
93 String sessionId = ParamUtil.getString(actionRequest, "sessionId");
94
95 HttpSession userSession = PortalSessionContext.get(sessionId);
96
97 if (userSession != null) {
98 try {
99 if (!actionRequest.getPortletSession().getId().equals(
100 sessionId)) {
101
102 userSession.invalidate();
103 }
104 }
105 catch (Exception e) {
106 _log.error(e);
107 }
108 }
109 }
110
111 private static Log _log = LogFactoryUtil.getLog(EditSessionAction.class);
112
113 }