-
-
Save wildone/c8b52bc9c3f5c70bb502 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import java.io.IOException; | |
| import java.util.Arrays; | |
| import java.util.Iterator; | |
| import java.util.List; | |
| import java.util.Map; | |
| import javax.servlet.Filter; | |
| import javax.servlet.FilterChain; | |
| import javax.servlet.FilterConfig; | |
| import javax.servlet.ServletException; | |
| import javax.servlet.ServletRequest; | |
| import javax.servlet.ServletResponse; | |
| import org.apache.felix.scr.annotations.Activate; | |
| import org.apache.felix.scr.annotations.Component; | |
| import org.apache.felix.scr.annotations.Property; | |
| import org.apache.felix.scr.annotations.sling.SlingFilter; | |
| import org.apache.felix.scr.annotations.sling.SlingFilterScope; | |
| import org.apache.sling.api.SlingHttpServletRequest; | |
| import org.apache.sling.api.SlingHttpServletResponse; | |
| import org.apache.sling.commons.osgi.OsgiUtil; | |
| import com.day.cq.security.Group; | |
| import com.day.cq.security.User; | |
| @SlingFilter(scope = SlingFilterScope.REQUEST, order = Integer.MAX_VALUE, generateComponent = false) | |
| @Component(metatype = true, immediate = false, enabled = false) | |
| public class BlockAllButFelixFilter implements Filter { | |
| @Override | |
| public void init(FilterConfig filterConfig) throws ServletException { | |
| } | |
| private static final String[] DEFAULT_SUPER_GROUPS = new String[] {"administrators", "developers"}; | |
| @Property(value = {}, cardinality = 1000) | |
| private static final String PROP_SUPER_GROUPS = "groups"; | |
| private List<String> groups = null; | |
| @SuppressWarnings("unused") | |
| @Activate | |
| private void activate(Map<String,Object> config) { | |
| groups = Arrays.asList(OsgiUtil.toStringArray(config.get(PROP_SUPER_GROUPS), DEFAULT_SUPER_GROUPS)); | |
| } | |
| private static boolean isUserMemberOf(User user, List<String> groups) { | |
| final Iterator<Group> groupsUserBelogTo = user.memberOf(); | |
| while (groupsUserBelogTo.hasNext()) { | |
| if (groups.indexOf(groupsUserBelogTo.next().getID()) >= 0) { | |
| return true; | |
| } | |
| } | |
| return false; | |
| } | |
| @Override | |
| public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { | |
| // if (request instanceof HttpServletRequest && response instanceof HttpServletResponse) { | |
| // final HttpServletRequest httpRequest = (HttpServletRequest) request; | |
| // final HttpServletResponse httpResponse = (HttpServletResponse) response; | |
| // | |
| // if (!"admin".equals(httpRequest.getUserPrincipal().getName()) && !httpRequest.getPathInfo().startsWith("/system/console/")) { | |
| // httpResponse.sendError(503, "deployment on going..."); | |
| // return; | |
| // | |
| // } | |
| // } | |
| if (request instanceof SlingHttpServletRequest && response instanceof SlingHttpServletResponse) { | |
| final SlingHttpServletRequest slingRequest = (SlingHttpServletRequest) request; | |
| final SlingHttpServletResponse slingResponse = (SlingHttpServletResponse) response; | |
| final User user = slingRequest.getResourceResolver().adaptTo(User.class); | |
| if (!slingRequest.getPathInfo().startsWith("/system/console/") && !isUserMemberOf(user, groups)) { | |
| slingResponse.sendError(503, "deployment on going. visit later..."); | |
| return ; | |
| } | |
| } | |
| chain.doFilter(request, response); | |
| } | |
| @Override | |
| public void destroy() { | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment