001: /**
002: * Copyright (c) 2000-2008 Liferay, Inc. All rights reserved.
003: *
004: * Permission is hereby granted, free of charge, to any person obtaining a copy
005: * of this software and associated documentation files (the "Software"), to deal
006: * in the Software without restriction, including without limitation the rights
007: * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
008: * copies of the Software, and to permit persons to whom the Software is
009: * furnished to do so, subject to the following conditions:
010: *
011: * The above copyright notice and this permission notice shall be included in
012: * all copies or substantial portions of the Software.
013: *
014: * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
015: * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
016: * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
017: * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
018: * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
019: * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
020: * SOFTWARE.
021: */package com.liferay.portlet.enterpriseadmin.action;
022:
023: import com.liferay.portal.kernel.security.permission.PermissionChecker;
024: import com.liferay.portal.kernel.util.ParamUtil;
025: import com.liferay.portal.security.auth.PrincipalException;
026: import com.liferay.portal.servlet.PortalSessionContext;
027: import com.liferay.portal.struts.PortletAction;
028: import com.liferay.portal.theme.ThemeDisplay;
029: import com.liferay.portal.util.WebKeys;
030: import com.liferay.util.servlet.SessionErrors;
031:
032: import javax.portlet.ActionRequest;
033: import javax.portlet.ActionResponse;
034: import javax.portlet.PortletConfig;
035: import javax.portlet.RenderRequest;
036: import javax.portlet.RenderResponse;
037:
038: import javax.servlet.http.HttpSession;
039:
040: import org.apache.commons.logging.Log;
041: import org.apache.commons.logging.LogFactory;
042: import org.apache.struts.action.ActionForm;
043: import org.apache.struts.action.ActionForward;
044: import org.apache.struts.action.ActionMapping;
045:
046: /**
047: * <a href="EditSessionAction.java.html"><b><i>View Source</i></b></a>
048: *
049: * @author Brian Wing Shun Chan
050: *
051: */
052: public class EditSessionAction extends PortletAction {
053:
054: public void processAction(ActionMapping mapping, ActionForm form,
055: PortletConfig config, ActionRequest req, ActionResponse res)
056: throws Exception {
057:
058: ThemeDisplay themeDisplay = (ThemeDisplay) req
059: .getAttribute(WebKeys.THEME_DISPLAY);
060:
061: PermissionChecker permissionChecker = themeDisplay
062: .getPermissionChecker();
063:
064: if (!permissionChecker.isOmniadmin()) {
065: SessionErrors.add(req, PrincipalException.class.getName());
066:
067: setForward(req, "portlet.enterprise_admin.error");
068:
069: return;
070: }
071:
072: invalidateSession(req);
073:
074: sendRedirect(req, res);
075: }
076:
077: public ActionForward render(ActionMapping mapping, ActionForm form,
078: PortletConfig config, RenderRequest req, RenderResponse res)
079: throws Exception {
080:
081: return mapping.findForward(getForward(req,
082: "portlet.enterprise_admin.edit_session"));
083: }
084:
085: protected void invalidateSession(ActionRequest req)
086: throws Exception {
087: String sessionId = ParamUtil.getString(req, "sessionId");
088:
089: HttpSession userSession = PortalSessionContext.get(sessionId);
090:
091: if (userSession != null) {
092: try {
093: if (!req.getPortletSession().getId().equals(sessionId)) {
094: userSession.invalidate();
095: }
096: } catch (Exception e) {
097: _log.error(e);
098: }
099: }
100: }
101:
102: private static Log _log = LogFactory
103: .getLog(EditSessionAction.class);
104:
105: }
|