001    /**
002     * Copyright (c) 2000-2013 Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portlet.monitoring.action;
016    
017    import com.liferay.portal.kernel.log.Log;
018    import com.liferay.portal.kernel.log.LogFactoryUtil;
019    import com.liferay.portal.kernel.servlet.PortalSessionContext;
020    import com.liferay.portal.kernel.servlet.SessionErrors;
021    import com.liferay.portal.kernel.util.ParamUtil;
022    import com.liferay.portal.security.auth.PrincipalException;
023    import com.liferay.portal.security.permission.PermissionChecker;
024    import com.liferay.portal.struts.PortletAction;
025    import com.liferay.portal.theme.ThemeDisplay;
026    import com.liferay.portal.util.WebKeys;
027    
028    import javax.portlet.ActionRequest;
029    import javax.portlet.ActionResponse;
030    import javax.portlet.PortletConfig;
031    import javax.portlet.RenderRequest;
032    import javax.portlet.RenderResponse;
033    
034    import javax.servlet.http.HttpSession;
035    
036    import org.apache.struts.action.ActionForm;
037    import org.apache.struts.action.ActionForward;
038    import org.apache.struts.action.ActionMapping;
039    
040    /**
041     * @author Brian Wing Shun Chan
042     */
043    public class EditSessionAction extends PortletAction {
044    
045            @Override
046            public void processAction(
047                            ActionMapping actionMapping, ActionForm actionForm,
048                            PortletConfig portletConfig, ActionRequest actionRequest,
049                            ActionResponse actionResponse)
050                    throws Exception {
051    
052                    ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
053                            WebKeys.THEME_DISPLAY);
054    
055                    PermissionChecker permissionChecker =
056                            themeDisplay.getPermissionChecker();
057    
058                    if (!permissionChecker.isCompanyAdmin()) {
059                            SessionErrors.add(
060                                    actionRequest, PrincipalException.class.getName());
061    
062                            setForward(actionRequest, "portlet.monitoring.error");
063    
064                            return;
065                    }
066    
067                    invalidateSession(actionRequest);
068    
069                    sendRedirect(actionRequest, actionResponse);
070            }
071    
072            @Override
073            public ActionForward render(
074                            ActionMapping actionMapping, ActionForm actionForm,
075                            PortletConfig portletConfig, RenderRequest renderRequest,
076                            RenderResponse renderResponse)
077                    throws Exception {
078    
079                    return actionMapping.findForward(
080                            getForward(renderRequest, "portlet.monitoring.edit_session"));
081            }
082    
083            protected void invalidateSession(ActionRequest actionRequest)
084                    throws Exception {
085    
086                    String sessionId = ParamUtil.getString(actionRequest, "sessionId");
087    
088                    HttpSession userSession = PortalSessionContext.get(sessionId);
089    
090                    if (userSession != null) {
091                            try {
092                                    if (!actionRequest.getPortletSession().getId().equals(
093                                                    sessionId)) {
094    
095                                            userSession.invalidate();
096                                    }
097                            }
098                            catch (Exception e) {
099                                    _log.error(e);
100                            }
101                    }
102            }
103    
104            private static Log _log = LogFactoryUtil.getLog(EditSessionAction.class);
105    
106    }