1
22
23 package com.liferay.portal.servlet;
24
25 import com.liferay.portal.NoSuchUserException;
26 import com.liferay.portal.PortalException;
27 import com.liferay.portal.SystemException;
28 import com.liferay.portal.kernel.log.Log;
29 import com.liferay.portal.kernel.log.LogFactoryUtil;
30 import com.liferay.portal.kernel.util.GetterUtil;
31 import com.liferay.portal.kernel.util.MethodInvoker;
32 import com.liferay.portal.kernel.util.MethodWrapper;
33 import com.liferay.portal.kernel.util.ObjectValuePair;
34 import com.liferay.portal.kernel.util.Validator;
35 import com.liferay.portal.model.User;
36 import com.liferay.portal.security.auth.CompanyThreadLocal;
37 import com.liferay.portal.security.auth.HttpPrincipal;
38 import com.liferay.portal.security.auth.PrincipalThreadLocal;
39 import com.liferay.portal.security.permission.PermissionChecker;
40 import com.liferay.portal.security.permission.PermissionCheckerFactoryUtil;
41 import com.liferay.portal.security.permission.PermissionThreadLocal;
42 import com.liferay.portal.service.UserLocalServiceUtil;
43 import com.liferay.portal.util.PortalInstances;
44
45 import java.io.IOException;
46 import java.io.ObjectInputStream;
47 import java.io.ObjectOutputStream;
48
49 import java.lang.reflect.InvocationTargetException;
50
51 import javax.servlet.http.HttpServlet;
52 import javax.servlet.http.HttpServletRequest;
53 import javax.servlet.http.HttpServletResponse;
54
55
62 public class TunnelServlet extends HttpServlet {
63
64 public void doPost(HttpServletRequest request, HttpServletResponse response)
65 throws IOException {
66
67 ObjectInputStream ois = new ObjectInputStream(
68 request.getInputStream());
69
70 Object returnObj = null;
71
72 try {
73 ObjectValuePair<HttpPrincipal, MethodWrapper> ovp =
74 (ObjectValuePair<HttpPrincipal, MethodWrapper>)
75 ois.readObject();
76
77 HttpPrincipal httpPrincipal = ovp.getKey();
78 MethodWrapper methodWrapper = ovp.getValue();
79
80 long companyId = PortalInstances.getCompanyId(request);
81
82 CompanyThreadLocal.setCompanyId(companyId);
83
84 if (Validator.isNotNull(httpPrincipal.getLogin())) {
85 User user = null;
86
87 try {
88 user = UserLocalServiceUtil.getUserByEmailAddress(
89 companyId, httpPrincipal.getLogin());
90 }
91 catch (NoSuchUserException nsue) {
92 }
93
94 if (user == null) {
95 try {
96 user = UserLocalServiceUtil.getUserByScreenName(
97 companyId, httpPrincipal.getLogin());
98 }
99 catch (NoSuchUserException nsue) {
100 }
101 }
102
103 if (user == null) {
104 try {
105 user = UserLocalServiceUtil.getUserById(
106 GetterUtil.getLong(httpPrincipal.getLogin()));
107 }
108 catch (NoSuchUserException nsue) {
109 }
110 }
111
112 if (user != null) {
113 PrincipalThreadLocal.setName(user.getUserId());
114
115 PermissionChecker permissionChecker =
116 PermissionCheckerFactoryUtil.create(user, true);
117
118 PermissionThreadLocal.setPermissionChecker(
119 permissionChecker);
120 }
121 }
122
123 if (returnObj == null) {
124 returnObj = MethodInvoker.invoke(methodWrapper);
125 }
126 }
127 catch (InvocationTargetException ite) {
128 returnObj = ite.getCause();
129
130 if (!(returnObj instanceof PortalException)) {
131 ite.printStackTrace();
132
133 returnObj = new SystemException();
134 }
135 }
136 catch (Exception e) {
137 _log.error(e, e);
138 }
139
140 if (returnObj != null) {
141 ObjectOutputStream oos = new ObjectOutputStream(
142 response.getOutputStream());
143
144 oos.writeObject(returnObj);
145
146 oos.flush();
147 oos.close();
148 }
149 }
150
151 private static Log _log = LogFactoryUtil.getLog(TunnelServlet.class);
152
153 }