[58] | 1 | /* Copyright 2006-2009 the original author or authors. |
---|
| 2 | * |
---|
| 3 | * Licensed under the Apache License, Version 2.0 (the "License"); |
---|
| 4 | * you may not use this file except in compliance with the License. |
---|
| 5 | * You may obtain a copy of the License at |
---|
| 6 | * |
---|
| 7 | * http://www.apache.org/licenses/LICENSE-2.0 |
---|
| 8 | * |
---|
| 9 | * Unless required by applicable law or agreed to in writing, software |
---|
| 10 | * distributed under the License is distributed on an "AS IS" BASIS, |
---|
| 11 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
---|
| 12 | * See the License for the specific language governing permissions and |
---|
| 13 | * limitations under the License. |
---|
| 14 | */ |
---|
| 15 | package org.codehaus.groovy.grails.plugins.springsecurity; |
---|
| 16 | |
---|
| 17 | import org.aopalliance.intercept.MethodInvocation; |
---|
| 18 | import org.springframework.security.intercept.InterceptorStatusToken; |
---|
| 19 | import org.springframework.security.intercept.method.aopalliance.MethodSecurityInterceptor; |
---|
| 20 | |
---|
| 21 | /** |
---|
| 22 | * {@link MethodSecurityInterceptor} that doesn't throw exceptions if Method Access is |
---|
| 23 | * denied, returns <code>null</code> instead. |
---|
| 24 | * |
---|
| 25 | * @author T.Yamamoto |
---|
| 26 | */ |
---|
| 27 | public class QuietMethodSecurityInterceptor extends MethodSecurityInterceptor { |
---|
| 28 | |
---|
| 29 | private boolean throwException; |
---|
| 30 | private Exception lastException; |
---|
| 31 | |
---|
| 32 | /** |
---|
| 33 | * {@inheritDoc} |
---|
| 34 | * @see org.springframework.security.intercept.method.aopalliance.MethodSecurityInterceptor#invoke( |
---|
| 35 | * org.aopalliance.intercept.MethodInvocation) |
---|
| 36 | */ |
---|
| 37 | @Override |
---|
| 38 | public Object invoke(final MethodInvocation mi) throws Throwable { |
---|
| 39 | Object result = null; |
---|
| 40 | InterceptorStatusToken token = null; |
---|
| 41 | try { |
---|
| 42 | token = super.beforeInvocation(mi); |
---|
| 43 | } |
---|
| 44 | catch (Exception e) { |
---|
| 45 | lastException = e; |
---|
| 46 | if (throwException) { |
---|
| 47 | throw e; |
---|
| 48 | } |
---|
| 49 | logger.error(e.getMessage()); |
---|
| 50 | return null; |
---|
| 51 | } |
---|
| 52 | |
---|
| 53 | try { |
---|
| 54 | result = mi.proceed(); |
---|
| 55 | } |
---|
| 56 | catch (Exception e) { |
---|
| 57 | lastException = e; |
---|
| 58 | if (throwException) { |
---|
| 59 | throw e; |
---|
| 60 | } |
---|
| 61 | logger.error(e.getMessage()); |
---|
| 62 | return null; |
---|
| 63 | } |
---|
| 64 | |
---|
| 65 | try { |
---|
| 66 | result = super.afterInvocation(token, result); |
---|
| 67 | } |
---|
| 68 | catch (Exception e) { |
---|
| 69 | lastException = e; |
---|
| 70 | if (throwException) { |
---|
| 71 | throw e; |
---|
| 72 | } |
---|
| 73 | logger.error(e.getMessage()); |
---|
| 74 | return null; |
---|
| 75 | } |
---|
| 76 | |
---|
| 77 | return result; |
---|
| 78 | } |
---|
| 79 | |
---|
| 80 | /** |
---|
| 81 | * For testing. |
---|
| 82 | * @return the most recent exception, if any. |
---|
| 83 | */ |
---|
| 84 | /*package*/ Exception getLastException() { |
---|
| 85 | return lastException; |
---|
| 86 | } |
---|
| 87 | |
---|
| 88 | /** |
---|
| 89 | * Dependency injection for throw exception flag. |
---|
| 90 | * @param throwException if <code>true</code> throw exceptions, otherwise just log |
---|
| 91 | */ |
---|
| 92 | public void setThrowException(final boolean throwException) { |
---|
| 93 | this.throwException = throwException; |
---|
| 94 | } |
---|
| 95 | } |
---|