Changing Spring MVC Model Parameters (#629)

* Expression-Based Access Control PermitAll, hasRole, hasAnyRole etc. I modified classes regards to Security * Added test cases for Spring Security Expressions * Handler Interceptor - logging example * Test for logger interceptor * Removed conflicted part * UserInterceptor (adding user information to model)
2016-08-22 22:33:53 -07:00 · 2016-08-22 22:33:53 -07:00 · dca46bcee3
commit dca46bcee3
parent dec6d5f74e
3 changed files with 146 additions and 4 deletions
--- a/spring-security-rest-full/src/main/java/org/baeldung/spring/WebConfig.java
+++ b/spring-security-rest-full/src/main/java/org/baeldung/spring/WebConfig.java
@ -1,6 +1,7 @@
 package org.baeldung.spring;
 import org.baeldung.web.interceptor.LoggerInterceptor;
 import org.baeldung.web.interceptor.UserInterceptor;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.ComponentScan;
 import org.springframework.context.annotation.Configuration;
@ -37,8 +38,9 @@ public class WebConfig extends WebMvcConfigurerAdapter {
        registry.addViewController("/homepage.html");
    }
-    @Override
+	@Override
-    public void addInterceptors(final InterceptorRegistry registry) {
+	public void addInterceptors(final InterceptorRegistry registry) {
-        registry.addInterceptor(new LoggerInterceptor());
+		registry.addInterceptor(new LoggerInterceptor());
-    }
+		registry.addInterceptor(new UserInterceptor());
 	}
 }
--- a/spring-security-rest-full/src/main/java/org/baeldung/web/interceptor/UserInterceptor.java
+++ b/spring-security-rest-full/src/main/java/org/baeldung/web/interceptor/UserInterceptor.java
@ -0,0 +1,87 @@
 package org.baeldung.web.interceptor;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import javax.servlet.http.HttpSession;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.web.servlet.ModelAndView;
 import org.springframework.web.servlet.SmartView;
 import org.springframework.web.servlet.View;
 import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
 public class UserInterceptor extends HandlerInterceptorAdapter {
 	private static Logger log = LoggerFactory.getLogger(UserInterceptor.class);
    /**
     * Executed before actual handler is executed
     **/
 	@Override
 	public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object object) throws Exception {
 		if (isUserLogged()) {
 			addToModelUserDetails(request.getSession());
 		}
 		return true;
 	}
 	/**
     * Executed before after handler is executed. If view is a redirect view, we don't need to execute postHandle
     **/
 	@Override
 	public void postHandle(HttpServletRequest request, HttpServletResponse response, Object object, ModelAndView model)
 			throws Exception {
 		if (model != null && !isRedirectView(model)) {
 			if (isUserLogged()) {
 				addToModelUserDetails(model);
 			}
 		}
 	}
 	/**
 	 * Used before model is generated, based on session
 	 * @param session
 	 */
 	private void addToModelUserDetails(HttpSession session) {
 		log.info("================= addToModelUserDetails ============================");
 		String loggedUsername = SecurityContextHolder.getContext().getAuthentication().getName();
 		session.setAttribute("username", loggedUsername);
 		log.info("user(" + loggedUsername + ") session : " + session);
 		log.info("================= addToModelUserDetails ============================");
 	}
 	/**
 	 * Used when model is available
 	 * @param model
 	 */
 	private void addToModelUserDetails(ModelAndView model) {
 		log.info("================= addToModelUserDetails ============================");
 		String loggedUsername = SecurityContextHolder.getContext().getAuthentication().getName();
 		model.addObject("loggedUsername", loggedUsername);
 		log.trace("session : " + model.getModel());
 		log.info("================= addToModelUserDetails ============================");
 	}
 	public static boolean isRedirectView(ModelAndView mv) {
 		String viewName = mv.getViewName();
 		if (viewName.startsWith("redirect:/")) {
 			return true;
 		}
 		View view = mv.getView();
 		return (view != null && view instanceof SmartView && ((SmartView) view).isRedirectView());
 	}
 	public static boolean isUserLogged() {
 		try {
 			return !SecurityContextHolder.getContext().getAuthentication().getName().equals("anonymousUser");
 		} catch (Exception e) {
 			return false;
 		}
 	}
 }
--- a/spring-security-rest-full/src/test/java/org/baeldung/web/interceptor/UserInterceptorTest.java
+++ b/spring-security-rest-full/src/test/java/org/baeldung/web/interceptor/UserInterceptorTest.java
@ -0,0 +1,53 @@
 package org.baeldung.web.interceptor;
 import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
 import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
 import org.baeldung.spring.PersistenceConfig;
 import org.baeldung.spring.SecurityWithoutCsrfConfig;
 import org.baeldung.spring.WebConfig;
 import org.junit.Before;
 import org.junit.Test;
 import org.junit.runner.RunWith;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.mock.web.MockHttpSession;
 import org.springframework.security.test.context.support.WithMockUser;
 import org.springframework.test.context.ContextConfiguration;
 import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
 import org.springframework.test.context.web.WebAppConfiguration;
 import org.springframework.test.web.servlet.MockMvc;
 import org.springframework.test.web.servlet.setup.MockMvcBuilders;
 import org.springframework.transaction.annotation.Transactional;
 import org.springframework.web.context.WebApplicationContext;
@RunWith(SpringJUnit4ClassRunner.class)
@WebAppConfiguration
@Transactional
@ContextConfiguration(classes = { SecurityWithoutCsrfConfig.class, PersistenceConfig.class, WebConfig.class })
@WithMockUser(username="admin",roles={"USER","ADMIN"})
 public class UserInterceptorTest {
 	@Autowired
 	WebApplicationContext wac;
 	@Autowired
 	MockHttpSession session;
 	private MockMvc mockMvc;
 	@Before
 	public void setup() {
 		mockMvc = MockMvcBuilders.webAppContextSetup(wac).build();
 	}
 	/**
 	 * After execution of HTTP GET logs from interceptor will be displayed in
 	 * the console
 	 *
 	 * @throws Exception
 	 */
 	@Test
 	public void testInterceptors() throws Exception {
 		mockMvc.perform(get("/auth/admin")).andExpect(status().is2xxSuccessful());
 	}
 }