001
014
015 package com.liferay.portal.kernel.bean;
016
017 import com.liferay.portal.kernel.util.HtmlUtil;
018
019 import java.io.Serializable;
020
021 import java.lang.reflect.InvocationHandler;
022 import java.lang.reflect.InvocationTargetException;
023 import java.lang.reflect.Method;
024
025
040 public class AutoEscapeBeanHandler implements InvocationHandler, Serializable {
041
042 public AutoEscapeBeanHandler(Object bean) {
043 _bean = (Serializable)bean;
044 }
045
046 public Object getBean() {
047 return _bean;
048 }
049
050 @Override
051 public Object invoke(Object proxy, Method method, Object[] arguments)
052 throws Throwable {
053
054 String methodName = method.getName();
055
056 if (methodName.startsWith("set")) {
057 throw new IllegalAccessException(
058 "Setter methods cannot be called on an escaped bean");
059 }
060
061 if (methodName.endsWith("isEscapedModel")) {
062 return true;
063 }
064 else if (methodName.endsWith("toEscapedModel")) {
065 return proxy;
066 }
067
068 Object result = null;
069
070 try {
071 result = method.invoke(_bean, arguments);
072 }
073 catch (InvocationTargetException ite) {
074 throw ite.getTargetException();
075 }
076
077 if (method.getAnnotation(AutoEscape.class) != null) {
078 result = HtmlUtil.escape((String)result);
079 }
080
081 return result;
082 }
083
084 private Serializable _bean;
085
086 }