1
22
23 package com.liferay.portlet.enterpriseadmin.action;
24
25 import com.liferay.portal.kernel.security.permission.PermissionChecker;
26 import com.liferay.portal.kernel.util.ParamUtil;
27 import com.liferay.portal.security.auth.PrincipalException;
28 import com.liferay.portal.servlet.PortalSessionContext;
29 import com.liferay.portal.struts.PortletAction;
30 import com.liferay.portal.theme.ThemeDisplay;
31 import com.liferay.portal.util.WebKeys;
32 import com.liferay.util.servlet.SessionErrors;
33
34 import javax.portlet.ActionRequest;
35 import javax.portlet.ActionResponse;
36 import javax.portlet.PortletConfig;
37 import javax.portlet.RenderRequest;
38 import javax.portlet.RenderResponse;
39
40 import javax.servlet.http.HttpSession;
41
42 import org.apache.commons.logging.Log;
43 import org.apache.commons.logging.LogFactory;
44 import org.apache.struts.action.ActionForm;
45 import org.apache.struts.action.ActionForward;
46 import org.apache.struts.action.ActionMapping;
47
48
54 public class EditSessionAction extends PortletAction {
55
56 public void processAction(
57 ActionMapping mapping, ActionForm form, PortletConfig config,
58 ActionRequest req, ActionResponse res)
59 throws Exception {
60
61 ThemeDisplay themeDisplay =
62 (ThemeDisplay)req.getAttribute(WebKeys.THEME_DISPLAY);
63
64 PermissionChecker permissionChecker =
65 themeDisplay.getPermissionChecker();
66
67 if (!permissionChecker.isOmniadmin()) {
68 SessionErrors.add(req, PrincipalException.class.getName());
69
70 setForward(req, "portlet.enterprise_admin.error");
71
72 return;
73 }
74
75 invalidateSession(req);
76
77 sendRedirect(req, res);
78 }
79
80 public ActionForward render(
81 ActionMapping mapping, ActionForm form, PortletConfig config,
82 RenderRequest req, RenderResponse res)
83 throws Exception {
84
85 return mapping.findForward(
86 getForward(req, "portlet.enterprise_admin.edit_session"));
87 }
88
89 protected void invalidateSession(ActionRequest req) throws Exception {
90 String sessionId = ParamUtil.getString(req, "sessionId");
91
92 HttpSession userSession = PortalSessionContext.get(sessionId);
93
94 if (userSession != null) {
95 try {
96 if (!req.getPortletSession().getId().equals(sessionId)) {
97 userSession.invalidate();
98 }
99 }
100 catch (Exception e) {
101 _log.error(e);
102 }
103 }
104 }
105
106 private static Log _log = LogFactory.getLog(EditSessionAction.class);
107
108 }