001    /**
002     * Copyright (c) 2000-2010 Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portlet.enterpriseadmin.action;
016    
017    import com.liferay.portal.kernel.log.Log;
018    import com.liferay.portal.kernel.log.LogFactoryUtil;
019    import com.liferay.portal.kernel.servlet.SessionErrors;
020    import com.liferay.portal.kernel.util.ParamUtil;
021    import com.liferay.portal.security.auth.PrincipalException;
022    import com.liferay.portal.security.permission.PermissionChecker;
023    import com.liferay.portal.servlet.PortalSessionContext;
024    import com.liferay.portal.struts.PortletAction;
025    import com.liferay.portal.theme.ThemeDisplay;
026    import com.liferay.portal.util.WebKeys;
027    
028    import javax.portlet.ActionRequest;
029    import javax.portlet.ActionResponse;
030    import javax.portlet.PortletConfig;
031    import javax.portlet.RenderRequest;
032    import javax.portlet.RenderResponse;
033    
034    import javax.servlet.http.HttpSession;
035    
036    import org.apache.struts.action.ActionForm;
037    import org.apache.struts.action.ActionForward;
038    import org.apache.struts.action.ActionMapping;
039    
040    /**
041     * @author Brian Wing Shun Chan
042     */
043    public class EditSessionAction extends PortletAction {
044    
045            public void processAction(
046                            ActionMapping mapping, ActionForm form, PortletConfig portletConfig,
047                            ActionRequest actionRequest, ActionResponse actionResponse)
048                    throws Exception {
049    
050                    ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
051                            WebKeys.THEME_DISPLAY);
052    
053                    PermissionChecker permissionChecker =
054                            themeDisplay.getPermissionChecker();
055    
056                    if (!permissionChecker.isOmniadmin()) {
057                            SessionErrors.add(
058                                    actionRequest, PrincipalException.class.getName());
059    
060                            setForward(actionRequest, "portlet.enterprise_admin.error");
061    
062                            return;
063                    }
064    
065                    invalidateSession(actionRequest);
066    
067                    sendRedirect(actionRequest, actionResponse);
068            }
069    
070            public ActionForward render(
071                            ActionMapping mapping, ActionForm form, PortletConfig portletConfig,
072                            RenderRequest renderRequest, RenderResponse renderResponse)
073                    throws Exception {
074    
075                    return mapping.findForward(
076                            getForward(renderRequest, "portlet.enterprise_admin.edit_session"));
077            }
078    
079            protected void invalidateSession(ActionRequest actionRequest)
080                    throws Exception {
081    
082                    String sessionId = ParamUtil.getString(actionRequest, "sessionId");
083    
084                    HttpSession userSession = PortalSessionContext.get(sessionId);
085    
086                    if (userSession != null) {
087                            try {
088                                    if (!actionRequest.getPortletSession().getId().equals(
089                                                    sessionId)) {
090    
091                                            userSession.invalidate();
092                                    }
093                            }
094                            catch (Exception e) {
095                                    _log.error(e);
096                            }
097                    }
098            }
099    
100            private static Log _log = LogFactoryUtil.getLog(EditSessionAction.class);
101    
102    }