1
14
15 package com.liferay.portal.kernel.bean;
16
17 import com.liferay.portal.kernel.annotation.AutoEscape;
18 import com.liferay.portal.kernel.util.HtmlUtil;
19
20 import java.lang.reflect.InvocationHandler;
21 import java.lang.reflect.InvocationTargetException;
22 import java.lang.reflect.Method;
23
24
29 public class AutoEscapeBeanHandler implements InvocationHandler {
30
31 public AutoEscapeBeanHandler(Object bean) {
32 _bean = bean;
33 }
34
35 public Object getBean() {
36 return _bean;
37 }
38
39 public Object invoke(Object proxy, Method method, Object[] args)
40 throws Throwable {
41
42 String methodName = method.getName();
43
44 if (methodName.startsWith("set")) {
45 throw new IllegalAccessException(
46 "Setter methods cannot be called on an escaped bean");
47 }
48
49 if (methodName.endsWith("isEscapedModel")) {
50 return true;
51 }
52
53 Object result = null;
54
55 try {
56 result = method.invoke(_bean, args);
57 }
58 catch(InvocationTargetException ite) {
59 throw ite.getTargetException();
60 }
61
62 if (method.getAnnotation(AutoEscape.class) != null) {
63 result = HtmlUtil.escape((String)result);
64 }
65
66 return result;
67 }
68
69 private Object _bean;
70
71 }