1   /**
2    * Copyright (c) 2000-2010 Liferay, Inc. All rights reserved.
3    *
4    * This library is free software; you can redistribute it and/or modify it under
5    * the terms of the GNU Lesser General Public License as published by the Free
6    * Software Foundation; either version 2.1 of the License, or (at your option)
7    * any later version.
8    *
9    * This library is distributed in the hope that it will be useful, but WITHOUT
10   * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
11   * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
12   * details.
13   */
14  
15  package com.liferay.portlet.enterpriseadmin.action;
16  
17  import com.liferay.portal.kernel.log.Log;
18  import com.liferay.portal.kernel.log.LogFactoryUtil;
19  import com.liferay.portal.kernel.servlet.SessionErrors;
20  import com.liferay.portal.kernel.util.ParamUtil;
21  import com.liferay.portal.security.auth.PrincipalException;
22  import com.liferay.portal.security.permission.PermissionChecker;
23  import com.liferay.portal.servlet.PortalSessionContext;
24  import com.liferay.portal.struts.PortletAction;
25  import com.liferay.portal.theme.ThemeDisplay;
26  import com.liferay.portal.util.WebKeys;
27  
28  import javax.portlet.ActionRequest;
29  import javax.portlet.ActionResponse;
30  import javax.portlet.PortletConfig;
31  import javax.portlet.RenderRequest;
32  import javax.portlet.RenderResponse;
33  
34  import javax.servlet.http.HttpSession;
35  
36  import org.apache.struts.action.ActionForm;
37  import org.apache.struts.action.ActionForward;
38  import org.apache.struts.action.ActionMapping;
39  
40  /**
41   * <a href="EditSessionAction.java.html"><b><i>View Source</i></b></a>
42   *
43   * @author Brian Wing Shun Chan
44   */
45  public class EditSessionAction extends PortletAction {
46  
47      public void processAction(
48              ActionMapping mapping, ActionForm form, PortletConfig portletConfig,
49              ActionRequest actionRequest, ActionResponse actionResponse)
50          throws Exception {
51  
52          ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
53              WebKeys.THEME_DISPLAY);
54  
55          PermissionChecker permissionChecker =
56              themeDisplay.getPermissionChecker();
57  
58          if (!permissionChecker.isOmniadmin()) {
59              SessionErrors.add(
60                  actionRequest, PrincipalException.class.getName());
61  
62              setForward(actionRequest, "portlet.enterprise_admin.error");
63  
64              return;
65          }
66  
67          invalidateSession(actionRequest);
68  
69          sendRedirect(actionRequest, actionResponse);
70      }
71  
72      public ActionForward render(
73              ActionMapping mapping, ActionForm form, PortletConfig portletConfig,
74              RenderRequest renderRequest, RenderResponse renderResponse)
75          throws Exception {
76  
77          return mapping.findForward(
78              getForward(renderRequest, "portlet.enterprise_admin.edit_session"));
79      }
80  
81      protected void invalidateSession(ActionRequest actionRequest)
82          throws Exception {
83  
84          String sessionId = ParamUtil.getString(actionRequest, "sessionId");
85  
86          HttpSession userSession = PortalSessionContext.get(sessionId);
87  
88          if (userSession != null) {
89              try {
90                  if (!actionRequest.getPortletSession().getId().equals(
91                          sessionId)) {
92  
93                      userSession.invalidate();
94                  }
95              }
96              catch (Exception e) {
97                  _log.error(e);
98              }
99          }
100     }
101 
102     private static Log _log = LogFactoryUtil.getLog(EditSessionAction.class);
103 
104 }