1   /**
2    * Copyright (c) 2000-2010 Liferay, Inc. All rights reserved.
3    *
4    * This library is free software; you can redistribute it and/or modify it under
5    * the terms of the GNU Lesser General Public License as published by the Free
6    * Software Foundation; either version 2.1 of the License, or (at your option)
7    * any later version.
8    *
9    * This library is distributed in the hope that it will be useful, but WITHOUT
10   * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
11   * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
12   * details.
13   */
14  
15  package com.liferay.portal.struts;
16  
17  import com.liferay.portal.LayoutPermissionException;
18  import com.liferay.portal.PortletActiveException;
19  import com.liferay.portal.RequiredRoleException;
20  import com.liferay.portal.UserActiveException;
21  import com.liferay.portal.kernel.exception.SystemException;
22  import com.liferay.portal.kernel.log.Log;
23  import com.liferay.portal.kernel.log.LogFactoryUtil;
24  import com.liferay.portal.kernel.portlet.FriendlyURLMapper;
25  import com.liferay.portal.kernel.servlet.HttpMethods;
26  import com.liferay.portal.kernel.servlet.SessionErrors;
27  import com.liferay.portal.kernel.util.GetterUtil;
28  import com.liferay.portal.kernel.util.HttpUtil;
29  import com.liferay.portal.kernel.util.JavaConstants;
30  import com.liferay.portal.kernel.util.ParamUtil;
31  import com.liferay.portal.kernel.util.PropsKeys;
32  import com.liferay.portal.kernel.util.StringBundler;
33  import com.liferay.portal.kernel.util.StringPool;
34  import com.liferay.portal.kernel.util.Validator;
35  import com.liferay.portal.liveusers.LiveUsers;
36  import com.liferay.portal.model.Layout;
37  import com.liferay.portal.model.LayoutConstants;
38  import com.liferay.portal.model.Portlet;
39  import com.liferay.portal.model.PortletPreferencesIds;
40  import com.liferay.portal.model.User;
41  import com.liferay.portal.model.UserTracker;
42  import com.liferay.portal.model.UserTrackerPath;
43  import com.liferay.portal.security.auth.PrincipalException;
44  import com.liferay.portal.security.permission.ActionKeys;
45  import com.liferay.portal.security.permission.PermissionChecker;
46  import com.liferay.portal.service.LayoutLocalServiceUtil;
47  import com.liferay.portal.service.PortletLocalServiceUtil;
48  import com.liferay.portal.service.PortletPreferencesLocalServiceUtil;
49  import com.liferay.portal.service.permission.PortletPermissionUtil;
50  import com.liferay.portal.service.persistence.UserTrackerPathUtil;
51  import com.liferay.portal.theme.ThemeDisplay;
52  import com.liferay.portal.util.PortalUtil;
53  import com.liferay.portal.util.PrefsPropsUtil;
54  import com.liferay.portal.util.PropsUtil;
55  import com.liferay.portal.util.PropsValues;
56  import com.liferay.portal.util.WebKeys;
57  import com.liferay.portlet.InvokerPortlet;
58  import com.liferay.portlet.PortletConfigFactory;
59  import com.liferay.portlet.PortletInstanceFactoryUtil;
60  import com.liferay.portlet.PortletPreferencesFactoryUtil;
61  import com.liferay.portlet.PortletURLImpl;
62  import com.liferay.portlet.RenderRequestFactory;
63  import com.liferay.portlet.RenderRequestImpl;
64  import com.liferay.portlet.RenderResponseFactory;
65  import com.liferay.portlet.RenderResponseImpl;
66  
67  import java.io.IOException;
68  
69  import java.util.Date;
70  import java.util.HashSet;
71  import java.util.Iterator;
72  import java.util.Map.Entry;
73  import java.util.Map;
74  import java.util.Set;
75  
76  import javax.portlet.PortletConfig;
77  import javax.portlet.PortletContext;
78  import javax.portlet.PortletMode;
79  import javax.portlet.PortletPreferences;
80  import javax.portlet.PortletRequest;
81  import javax.portlet.WindowState;
82  
83  import javax.servlet.ServletContext;
84  import javax.servlet.ServletException;
85  import javax.servlet.http.HttpServletRequest;
86  import javax.servlet.http.HttpServletResponse;
87  import javax.servlet.http.HttpSession;
88  import javax.servlet.jsp.PageContext;
89  
90  import org.apache.struts.action.ActionMapping;
91  import org.apache.struts.config.ForwardConfig;
92  import org.apache.struts.tiles.TilesRequestProcessor;
93  
94  /**
95   * <a href="PortalRequestProcessor.java.html"><b><i>View Source</i></b></a>
96   *
97   * @author Brian Wing Shun Chan
98   * @author Jorge Ferrer
99   */
100 public class PortalRequestProcessor extends TilesRequestProcessor {
101 
102     public PortalRequestProcessor() {
103 
104         // auth.forward.last.path.
105 
106         _lastPaths = new HashSet<String>();
107 
108         _lastPaths.add(_PATH_PORTAL_LAYOUT);
109 
110         addPaths(_lastPaths, PropsKeys.AUTH_FORWARD_LAST_PATHS);
111 
112         // auth.public.path.
113 
114         _publicPaths = new HashSet<String>();
115 
116         _publicPaths.add(_PATH_C);
117         _publicPaths.add(_PATH_PORTAL_FLASH);
118         _publicPaths.add(_PATH_PORTAL_J_LOGIN);
119         _publicPaths.add(_PATH_PORTAL_LAYOUT);
120         _publicPaths.add(_PATH_PORTAL_LOGIN);
121         _publicPaths.add(_PATH_PORTAL_RENDER_PORTLET);
122         _publicPaths.add(_PATH_PORTAL_TCK);
123 
124         addPaths(_publicPaths, PropsKeys.AUTH_PUBLIC_PATHS);
125 
126         _trackerIgnorePaths = new HashSet<String>();
127 
128         addPaths(_trackerIgnorePaths, PropsKeys.SESSION_TRACKER_IGNORE_PATHS);
129     }
130 
131     public void process(
132             HttpServletRequest request, HttpServletResponse response)
133         throws IOException, ServletException {
134 
135         String path = super.processPath(request, response);
136 
137         ActionMapping mapping = (ActionMapping)moduleConfig.findActionConfig(
138             path);
139 
140         if (mapping == null) {
141             String lastPath = getLastPath(request);
142 
143             if (_log.isDebugEnabled()) {
144                 _log.debug("Last path " + lastPath);
145             }
146 
147             response.sendRedirect(lastPath);
148 
149             return;
150         }
151 
152         super.process(request, response);
153 
154         try {
155             if (isPortletPath(path)) {
156                 cleanUp(request);
157             }
158         }
159         catch (Exception e) {
160             _log.error(e, e);
161         }
162     }
163 
164     protected void addPaths(Set<String> paths, String propsKey) {
165         String[] pathsArray = PropsUtil.getArray(propsKey);
166 
167         for (String path : pathsArray) {
168             paths.add(path);
169         }
170     }
171 
172     protected void callParentDoForward(
173             String uri, HttpServletRequest request,
174             HttpServletResponse response)
175         throws IOException, ServletException {
176 
177         super.doForward(uri, request, response);
178     }
179 
180     protected HttpServletRequest callParentProcessMultipart(
181         HttpServletRequest request) {
182 
183         return super.processMultipart(request);
184     }
185 
186     protected String callParentProcessPath(
187             HttpServletRequest request, HttpServletResponse response)
188         throws IOException {
189 
190         return super.processPath(request, response);
191     }
192 
193     protected boolean callParentProcessRoles(
194             HttpServletRequest request, HttpServletResponse response,
195             ActionMapping mapping)
196         throws IOException, ServletException {
197 
198         return super.processRoles(request, response, mapping);
199     }
200 
201     protected void cleanUp(HttpServletRequest request) throws Exception {
202 
203         // Clean up portlet objects that may have been created by defineObjects
204         // for portlets that are called directly from a Struts path
205 
206         RenderRequestImpl renderRequestImpl =
207             (RenderRequestImpl)request.getAttribute(
208                 JavaConstants.JAVAX_PORTLET_REQUEST);
209 
210         if (renderRequestImpl != null) {
211             renderRequestImpl.cleanUp();
212         }
213     }
214 
215     protected void defineObjects(
216             HttpServletRequest request, HttpServletResponse response,
217             Portlet portlet)
218         throws Exception {
219 
220         String portletId = portlet.getPortletId();
221 
222         ServletContext servletContext = (ServletContext)request.getAttribute(
223             WebKeys.CTX);
224 
225         InvokerPortlet invokerPortlet = PortletInstanceFactoryUtil.create(
226             portlet, servletContext);
227 
228         PortletPreferencesIds portletPreferencesIds =
229             PortletPreferencesFactoryUtil.getPortletPreferencesIds(
230                 request, portletId);
231 
232         PortletPreferences portletPreferences =
233             PortletPreferencesLocalServiceUtil.getPreferences(
234                 portletPreferencesIds);
235 
236         PortletConfig portletConfig = PortletConfigFactory.create(
237             portlet, servletContext);
238         PortletContext portletContext = portletConfig.getPortletContext();
239 
240         RenderRequestImpl renderRequestImpl = RenderRequestFactory.create(
241             request, portlet, invokerPortlet, portletContext,
242             WindowState.MAXIMIZED, PortletMode.VIEW, portletPreferences);
243 
244         RenderResponseImpl renderResponseImpl = RenderResponseFactory.create(
245             renderRequestImpl, response, portletId, portlet.getCompanyId());
246 
247         renderRequestImpl.defineObjects(portletConfig, renderResponseImpl);
248 
249         request.setAttribute(WebKeys.PORTLET_STRUTS_EXECUTE, Boolean.TRUE);
250     }
251 
252     protected void doForward(
253             String uri, HttpServletRequest request,
254             HttpServletResponse response)
255         throws ServletException {
256 
257         StrutsUtil.forward(uri, getServletContext(), request, response);
258     }
259 
260     protected void doInclude(
261             String uri, HttpServletRequest request,
262             HttpServletResponse response)
263         throws ServletException {
264 
265         StrutsUtil.include(uri, getServletContext(), request, response);
266     }
267 
268     protected String getFriendlyTrackerPath(
269             String path, ThemeDisplay themeDisplay, HttpServletRequest request)
270         throws Exception {
271 
272         if (!path.equals(_PATH_PORTAL_LAYOUT)) {
273             return null;
274         }
275 
276         long plid = ParamUtil.getLong(request, "p_l_id");
277 
278         if (plid == 0) {
279             return null;
280         }
281 
282         Layout layout = LayoutLocalServiceUtil.getLayout(plid);
283 
284         String layoutFriendlyURL = PortalUtil.getLayoutFriendlyURL(
285             layout, themeDisplay);
286 
287         String portletId = ParamUtil.getString(request, "p_p_id");
288 
289         if (Validator.isNull(portletId)) {
290             return layoutFriendlyURL;
291         }
292 
293         long companyId = PortalUtil.getCompanyId(request);
294 
295         Portlet portlet = PortletLocalServiceUtil.getPortletById(
296             companyId, portletId);
297 
298         if (portlet == null) {
299             String strutsPath = path.substring(
300                 1, path.lastIndexOf(StringPool.SLASH));
301 
302             portlet = PortletLocalServiceUtil.getPortletByStrutsPath(
303                 companyId, strutsPath);
304         }
305 
306         if ((portlet == null) || !portlet.isActive()) {
307             return layoutFriendlyURL.concat(StringPool.QUESTION).concat(
308                 request.getQueryString());
309         }
310 
311         String namespace = PortalUtil.getPortletNamespace(portletId);
312 
313         FriendlyURLMapper friendlyURLMapper =
314             portlet.getFriendlyURLMapperInstance();
315 
316         if (friendlyURLMapper == null) {
317             return layoutFriendlyURL.concat(StringPool.QUESTION).concat(
318                 request.getQueryString());
319         }
320 
321         PortletURLImpl portletURL = new PortletURLImpl(
322             request, portletId, plid, PortletRequest.RENDER_PHASE);
323 
324         Iterator<Map.Entry<String, String[]>> itr =
325             request.getParameterMap().entrySet().iterator();
326 
327         while (itr.hasNext()) {
328             Entry<String, String[]> entry = itr.next();
329 
330             String key = entry.getKey();
331 
332             if (key.startsWith(namespace)) {
333                 key = key.substring(namespace.length());
334 
335                 portletURL.setParameter(key, entry.getValue());
336             }
337         }
338 
339         String portletFriendlyURL = friendlyURLMapper.buildPath(portletURL);
340 
341         if (portletFriendlyURL != null) {
342             return layoutFriendlyURL.concat(portletFriendlyURL);
343         }
344         else {
345             return layoutFriendlyURL.concat(StringPool.QUESTION).concat(
346                 request.getQueryString());
347         }
348     }
349 
350     protected String getLastPath(HttpServletRequest request) {
351         HttpSession session = request.getSession();
352 
353         ThemeDisplay themeDisplay = (ThemeDisplay)request.getAttribute(
354             WebKeys.THEME_DISPLAY);
355 
356         Boolean httpsInitial = (Boolean)session.getAttribute(
357             WebKeys.HTTPS_INITIAL);
358 
359         String portalURL = null;
360 
361         if ((PropsValues.COMPANY_SECURITY_AUTH_REQUIRES_HTTPS) &&
362             (httpsInitial != null) && (!httpsInitial.booleanValue())) {
363 
364             portalURL = PortalUtil.getPortalURL(request, false);
365         }
366         else {
367             portalURL = PortalUtil.getPortalURL(request);
368         }
369 
370         StringBundler sb = new StringBundler();
371 
372         sb.append(portalURL);
373         sb.append(themeDisplay.getPathMain());
374         sb.append(_PATH_PORTAL_LAYOUT);
375 
376         if (!PropsValues.AUTH_FORWARD_BY_LAST_PATH) {
377             if (request.getRemoteUser() != null) {
378 
379                 // If we do not forward by last path and the user is logged in,
380                 // forward to the user's default layout to prevent a lagging
381                 // loop
382 
383                 sb.append(StringPool.QUESTION);
384                 sb.append("p_l_id");
385                 sb.append(StringPool.EQUAL);
386                 sb.append(LayoutConstants.DEFAULT_PLID);
387             }
388 
389             return sb.toString();
390         }
391 
392         LastPath lastPath = (LastPath)session.getAttribute(WebKeys.LAST_PATH);
393 
394         if (lastPath == null) {
395             return sb.toString();
396         }
397 
398         Map<String, String[]> parameterMap = lastPath.getParameterMap();
399 
400         // Only test for existing mappings for last paths that were set when the
401         // user accessed a layout directly instead of through its friendly URL
402 
403         if (lastPath.getContextPath().equals(themeDisplay.getPathMain())) {
404             ActionMapping mapping =
405                 (ActionMapping)moduleConfig.findActionConfig(
406                     lastPath.getPath());
407 
408             if ((mapping == null) || (parameterMap == null)) {
409                 return sb.toString();
410             }
411         }
412 
413         StringBundler lastPathSB = new StringBundler(4);
414 
415         lastPathSB.append(portalURL);
416         lastPathSB.append(lastPath.getContextPath());
417         lastPathSB.append(lastPath.getPath());
418         lastPathSB.append(HttpUtil.parameterMapToString(parameterMap));
419 
420         return lastPathSB.toString();
421     }
422 
423     protected boolean isPortletPath(String path) {
424         if ((path != null) &&
425             (!path.equals(_PATH_C)) &&
426             (!path.startsWith(_PATH_COMMON)) &&
427             (path.indexOf(_PATH_J_SECURITY_CHECK) == -1) &&
428             (!path.startsWith(_PATH_PORTAL))) {
429 
430             return true;
431         }
432         else {
433             return false;
434         }
435     }
436 
437     protected boolean isPublicPath(String path) {
438         if ((path != null) &&
439             (_publicPaths.contains(path)) ||
440             (path.startsWith(_PATH_COMMON))) {
441 
442             return true;
443         }
444         else {
445             return false;
446         }
447     }
448 
449     protected ActionMapping processMapping(
450             HttpServletRequest request, HttpServletResponse response,
451             String path)
452         throws IOException {
453 
454         if (path == null) {
455             return null;
456         }
457 
458         ActionMapping mapping = super.processMapping(request, response, path);
459 
460         if (mapping == null) {
461             String msg = getInternal().getMessage("processInvalid");
462 
463             _log.error("User ID " + request.getRemoteUser());
464             _log.error("Current URL " + PortalUtil.getCurrentURL(request));
465             _log.error("Referer " + request.getHeader("Referer"));
466             _log.error("Remote address " + request.getRemoteAddr());
467 
468             _log.error(msg + " " + path);
469         }
470 
471         return mapping;
472     }
473 
474     protected HttpServletRequest processMultipart(HttpServletRequest request) {
475 
476         // Disable Struts from automatically wrapping a multipart request
477 
478         return request;
479     }
480 
481     protected String processPath(
482             HttpServletRequest request, HttpServletResponse response)
483         throws IOException {
484 
485         String path = GetterUtil.getString(
486             super.processPath(request, response));
487 
488         HttpSession session = request.getSession();
489 
490         ThemeDisplay themeDisplay = (ThemeDisplay)request.getAttribute(
491             WebKeys.THEME_DISPLAY);
492 
493         // Current users
494 
495         UserTracker userTracker = LiveUsers.getUserTracker(
496             themeDisplay.getCompanyId(), session.getId());
497 
498         if ((userTracker != null) && (!path.equals(_PATH_C)) &&
499             (path.indexOf(_PATH_J_SECURITY_CHECK) == -1) &&
500             (path.indexOf(_PATH_PORTAL_PROTECTED) == -1) &&
501             (!_trackerIgnorePaths.contains(path))) {
502 
503             String fullPath = path;
504 
505             try {
506                 if (PropsValues.SESSION_TRACKER_FRIENDLY_PATHS_ENABLED) {
507                     fullPath = getFriendlyTrackerPath(
508                         path, themeDisplay, request);
509                 }
510             }
511             catch (Exception e) {
512                 _log.error(e, e);
513             }
514 
515             if (fullPath == null) {
516                 fullPath = path.concat(StringPool.QUESTION).concat(
517                     request.getQueryString());
518             }
519 
520             UserTrackerPath userTrackerPath = UserTrackerPathUtil.create(0);
521 
522             userTrackerPath.setUserTrackerId(userTracker.getUserTrackerId());
523             userTrackerPath.setPath(fullPath);
524             userTrackerPath.setPathDate(new Date());
525 
526             userTracker.addPath(userTrackerPath);
527         }
528 
529         String remoteUser = request.getRemoteUser();
530 
531         User user = null;
532 
533         try {
534             user = PortalUtil.getUser(request);
535         }
536         catch (Exception e) {
537         }
538 
539         // Last path
540 
541         if (_lastPaths.contains(path) && !_trackerIgnorePaths.contains(path)) {
542             boolean saveLastPath = ParamUtil.getBoolean(
543                 request, "saveLastPath", true);
544 
545             if (themeDisplay.isLifecycleResource() ||
546                 themeDisplay.isStateExclusive() ||
547                 themeDisplay.isStatePopUp() ||
548                 !request.getMethod().equalsIgnoreCase(HttpMethods.GET)) {
549 
550                 saveLastPath = false;
551             }
552 
553             // Save last path
554 
555             if (saveLastPath) {
556 
557                 // Was a last path set by another servlet that dispatched to
558                 // the MainServlet? If so, use that last path instead.
559 
560                 LastPath lastPath = (LastPath)request.getAttribute(
561                     WebKeys.LAST_PATH);
562 
563                 if (lastPath == null) {
564                     lastPath = new LastPath(
565                         themeDisplay.getPathMain(), path,
566                         request.getParameterMap());
567                 }
568 
569                 session.setAttribute(WebKeys.LAST_PATH, lastPath);
570             }
571         }
572 
573         // Authenticated users can always log out
574 
575         if (((remoteUser != null) || (user != null)) &&
576             (path.equals(_PATH_PORTAL_LOGOUT))) {
577 
578             return path;
579         }
580 
581         // Authenticated users can always extend or confirm their session
582 
583         if (((remoteUser != null) || (user != null)) &&
584             (path.equals(_PATH_PORTAL_EXPIRE_SESSION) ||
585              path.equals(_PATH_PORTAL_EXTEND_SESSION))) {
586 
587             return path;
588         }
589 
590         // Authenticated users can always agree to terms of use
591 
592         if (((remoteUser != null) || (user != null)) &&
593             (path.equals(_PATH_PORTAL_UPDATE_TERMS_OF_USE))) {
594 
595             return path;
596         }
597 
598         // Authenticated users must still exist in the system
599 
600         if ((remoteUser != null) && (user == null)) {
601             return _PATH_PORTAL_LOGOUT;
602         }
603 
604         // Authenticated users must be active
605 
606         if ((user != null) && !user.isActive()) {
607             SessionErrors.add(request, UserActiveException.class.getName());
608 
609             return _PATH_PORTAL_ERROR;
610         }
611 
612         if (!path.equals(_PATH_PORTAL_JSON_SERVICE) &&
613             !path.equals(_PATH_PORTAL_RENDER_PORTLET) &&
614             !ParamUtil.getBoolean(request, "wsrp")) {
615 
616             // Authenticated users should agree to Terms of Use
617 
618             if ((user != null) && !user.isAgreedToTermsOfUse()) {
619                 boolean termsOfUseRequired = false;
620 
621                 try {
622                     termsOfUseRequired = PrefsPropsUtil.getBoolean(
623                         user.getCompanyId(), PropsKeys.TERMS_OF_USE_REQUIRED);
624                 }
625                 catch (SystemException se) {
626                     termsOfUseRequired = PropsValues.TERMS_OF_USE_REQUIRED;
627                 }
628 
629                 if (termsOfUseRequired) {
630                     return _PATH_PORTAL_TERMS_OF_USE;
631                 }
632             }
633 
634             // Authenticated users must have a current password
635 
636             if ((user != null) && user.isPasswordReset()) {
637                 return _PATH_PORTAL_UPDATE_PASSWORD;
638             }
639 
640             // Authenticated users must have an email address
641 
642             if ((user != null) &&
643                 Validator.isNull(user.getDisplayEmailAddress())) {
644 
645                 return _PATH_PORTAL_UPDATE_EMAIL_ADDRESS;
646             }
647 
648             // Authenticated users should have a reminder query
649 
650             if ((user != null) &&
651                 (Validator.isNull(user.getReminderQueryQuestion()) ||
652                  Validator.isNull(user.getReminderQueryAnswer()))) {
653 
654                 if (PropsValues.USERS_REMINDER_QUERIES_ENABLED) {
655                     return _PATH_PORTAL_UPDATE_REMINDER_QUERY;
656                 }
657             }
658         }
659 
660         // Users must sign in
661 
662         if (!isPublicPath(path)) {
663             if (user == null) {
664                 SessionErrors.add(request, PrincipalException.class.getName());
665 
666                 return _PATH_PORTAL_LOGIN;
667             }
668         }
669 
670         ActionMapping mapping =
671             (ActionMapping)moduleConfig.findActionConfig(path);
672 
673         path = mapping.getPath();
674 
675         // Authenticated users must have at least one role
676 
677         if (user != null) {
678             try {
679 
680                 // FIX ME
681 
682                 if (false) {
683                     SessionErrors.add(
684                         request, RequiredRoleException.class.getName());
685 
686                     return _PATH_PORTAL_ERROR;
687                 }
688             }
689             catch (Exception e) {
690                 e.printStackTrace();
691             }
692         }
693 
694         // Define the portlet objects
695 
696         if (isPortletPath(path)) {
697             try {
698                 Portlet portlet = null;
699 
700                 long companyId = PortalUtil.getCompanyId(request);
701                 String portletId = ParamUtil.getString(request, "p_p_id");
702 
703                 if (Validator.isNotNull(portletId)) {
704                     portlet = PortletLocalServiceUtil.getPortletById(
705                         companyId, portletId);
706                 }
707 
708                 if (portlet == null) {
709                     String strutsPath = path.substring(
710                         1, path.lastIndexOf(StringPool.SLASH));
711 
712                     portlet = PortletLocalServiceUtil.getPortletByStrutsPath(
713                         companyId, strutsPath);
714                 }
715 
716                 if ((portlet != null) && portlet.isActive()) {
717                     defineObjects(request, response, portlet);
718                 }
719             }
720             catch (Exception e) {
721                 request.setAttribute(PageContext.EXCEPTION, e);
722 
723                 path = _PATH_COMMON_ERROR;
724             }
725         }
726 
727         // Authenticated users must have access to at least one layout
728 
729         if (SessionErrors.contains(
730                 request, LayoutPermissionException.class.getName())) {
731 
732             return _PATH_PORTAL_ERROR;
733         }
734 
735         return path;
736     }
737 
738     protected boolean processRoles(
739             HttpServletRequest request, HttpServletResponse response,
740             ActionMapping mapping)
741         throws IOException, ServletException {
742 
743         String path = mapping.getPath();
744 
745         if (isPublicPath(path)) {
746             return true;
747         }
748 
749         boolean authorized = true;
750 
751         User user = null;
752 
753         try {
754             user = PortalUtil.getUser(request);
755         }
756         catch (Exception e) {
757         }
758 
759         if ((user != null) && isPortletPath(path)) {
760             try {
761 
762                 // Authenticated users can always log out
763 
764                 if (path.equals(_PATH_PORTAL_LOGOUT)) {
765                     return true;
766                 }
767 
768                 Portlet portlet = null;
769 
770                 String portletId = ParamUtil.getString(request, "p_p_id");
771 
772                 if (Validator.isNotNull(portletId)) {
773                     portlet = PortletLocalServiceUtil.getPortletById(
774                         user.getCompanyId(), portletId);
775                 }
776 
777                 String strutsPath = path.substring(
778                     1, path.lastIndexOf(StringPool.SLASH));
779 
780                 if (portlet != null) {
781                     if (!strutsPath.equals(portlet.getStrutsPath())) {
782                         throw new PrincipalException();
783                     }
784                 }
785                 else {
786                     portlet = PortletLocalServiceUtil.getPortletByStrutsPath(
787                         user.getCompanyId(), strutsPath);
788                 }
789 
790                 if ((portlet != null) && portlet.isActive()) {
791                     ThemeDisplay themeDisplay =
792                         (ThemeDisplay)request.getAttribute(
793                             WebKeys.THEME_DISPLAY);
794 
795                     Layout layout = themeDisplay.getLayout();
796                     PermissionChecker permissionChecker =
797                         themeDisplay.getPermissionChecker();
798 
799                     if (!PortletPermissionUtil.contains(
800                             permissionChecker, layout.getPlid(), portlet,
801                             ActionKeys.VIEW)) {
802 
803                         throw new PrincipalException();
804                     }
805                 }
806                 else if (portlet != null && !portlet.isActive()) {
807                     SessionErrors.add(
808                         request, PortletActiveException.class.getName());
809 
810                     authorized = false;
811                 }
812             }
813             catch (Exception e) {
814                 SessionErrors.add(request, PrincipalException.class.getName());
815 
816                 authorized = false;
817             }
818         }
819 
820         if (!authorized) {
821             ForwardConfig forwardConfig =
822                 mapping.findForward(_PATH_PORTAL_ERROR);
823 
824             processForwardConfig(request, response, forwardConfig);
825 
826             return false;
827         }
828         else {
829             return true;
830         }
831     }
832 
833     private static String _PATH_C = "/c";
834 
835     private static String _PATH_COMMON = "/common";
836 
837     private static String _PATH_COMMON_ERROR = "/common/error";
838 
839     private static String _PATH_J_SECURITY_CHECK = "/j_security_check";
840 
841     private static String _PATH_PORTAL = "/portal";
842 
843     private static String _PATH_PORTAL_ERROR = "/portal/error";
844 
845     private static String _PATH_PORTAL_EXPIRE_SESSION =
846         "/portal/expire_session";
847 
848     private static String _PATH_PORTAL_EXTEND_SESSION =
849         "/portal/extend_session";
850 
851     private static String _PATH_PORTAL_FLASH = "/portal/flash";
852 
853     private static String _PATH_PORTAL_J_LOGIN = "/portal/j_login";
854 
855     private static String _PATH_PORTAL_JSON_SERVICE = "/portal/json_service";
856 
857     private static String _PATH_PORTAL_LAYOUT = "/portal/layout";
858 
859     private static String _PATH_PORTAL_LOGIN = "/portal/login";
860 
861     private static String _PATH_PORTAL_LOGOUT = "/portal/logout";
862 
863     private static String _PATH_PORTAL_PROTECTED = "/portal/protected";
864 
865     private static String _PATH_PORTAL_RENDER_PORTLET =
866         "/portal/render_portlet";
867 
868     private static String _PATH_PORTAL_TCK = "/portal/tck";
869 
870     private static String _PATH_PORTAL_TERMS_OF_USE = "/portal/terms_of_use";
871 
872     private static String _PATH_PORTAL_UPDATE_EMAIL_ADDRESS =
873         "/portal/update_email_address";
874 
875     private static String _PATH_PORTAL_UPDATE_PASSWORD =
876         "/portal/update_password";
877 
878     private static String _PATH_PORTAL_UPDATE_REMINDER_QUERY =
879         "/portal/update_reminder_query";
880 
881     private static String _PATH_PORTAL_UPDATE_TERMS_OF_USE =
882         "/portal/update_terms_of_use";
883 
884     private static Log _log = LogFactoryUtil.getLog(
885         PortalRequestProcessor.class);
886 
887     private Set<String> _lastPaths;
888     private Set<String> _publicPaths;
889     private Set<String> _trackerIgnorePaths;
890 
891 }