1 | package edu.ucsb.cs156.gauchoride.interceptors; | |
2 | ||
3 | import javax.servlet.http.HttpServletRequest; | |
4 | import javax.servlet.http.HttpServletResponse; | |
5 | ||
6 | import org.springframework.beans.factory.annotation.Autowired; | |
7 | import org.springframework.stereotype.Component; | |
8 | import org.springframework.web.servlet.HandlerInterceptor; | |
9 | import org.springframework.web.servlet.ModelAndView; | |
10 | ||
11 | import edu.ucsb.cs156.gauchoride.repositories.UserRepository; | |
12 | import lombok.extern.slf4j.Slf4j; | |
13 | ||
14 | import org.springframework.security.core.authority.SimpleGrantedAuthority; | |
15 | import org.springframework.beans.factory.annotation.Autowired; | |
16 | import org.springframework.beans.factory.annotation.Value; | |
17 | import org.springframework.security.core.Authentication; | |
18 | import org.springframework.security.core.GrantedAuthority; | |
19 | import org.springframework.security.core.context.SecurityContext; | |
20 | import org.springframework.security.core.context.SecurityContextHolder; | |
21 | import org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken; | |
22 | import org.springframework.security.oauth2.core.user.OAuth2User; | |
23 | ||
24 | import java.util.Optional; | |
25 | import java.util.HashSet; | |
26 | import java.util.Set; | |
27 | import java.util.Collection; | |
28 | import java.util.stream.Collectors; | |
29 | import edu.ucsb.cs156.gauchoride.entities.User; | |
30 | ||
31 | @Slf4j | |
32 | @Component | |
33 | public class RoleInterceptor implements HandlerInterceptor { | |
34 | ||
35 | @Autowired | |
36 | UserRepository userRepository; | |
37 | ||
38 | @Override | |
39 | public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) { | |
40 | Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); | |
41 | ||
42 |
1
1. preHandle : negated conditional → KILLED |
if (authentication.getClass() == OAuth2AuthenticationToken.class) { |
43 | OAuth2User principal = ((OAuth2AuthenticationToken) authentication).getPrincipal(); | |
44 | String email = principal.getAttribute("email"); | |
45 | Optional<User> optionalUser = userRepository.findByEmail(email); | |
46 |
1
1. preHandle : negated conditional → KILLED |
if (optionalUser.isPresent()) { |
47 | User user = optionalUser.get(); | |
48 | Collection<? extends GrantedAuthority> authorities = authentication.getAuthorities(); | |
49 | Set<GrantedAuthority> revisedAuthorities = authorities.stream().filter( | |
50 |
2
1. lambda$preHandle$0 : negated conditional → KILLED 2. lambda$preHandle$0 : replaced boolean return with true for edu/ucsb/cs156/gauchoride/interceptors/RoleInterceptor::lambda$preHandle$0 → KILLED |
grantedAuth -> !grantedAuth.getAuthority().equals("ROLE_ADMIN") |
51 |
1
1. lambda$preHandle$0 : negated conditional → KILLED |
&& !grantedAuth.getAuthority().equals("ROLE_DRIVER")) |
52 | .collect(Collectors.toSet()); | |
53 |
1
1. preHandle : negated conditional → KILLED |
if (user.getAdmin()) { |
54 | revisedAuthorities.add(new SimpleGrantedAuthority("ROLE_ADMIN")); | |
55 | } | |
56 |
1
1. preHandle : negated conditional → KILLED |
if (user.getDriver()) { |
57 | revisedAuthorities.add(new SimpleGrantedAuthority("ROLE_DRIVER")); | |
58 | } | |
59 | Authentication newAuth = new OAuth2AuthenticationToken(principal, revisedAuthorities, | |
60 | (((OAuth2AuthenticationToken) authentication).getAuthorizedClientRegistrationId())); | |
61 |
1
1. preHandle : removed call to org/springframework/security/core/context/SecurityContext::setAuthentication → KILLED |
SecurityContextHolder.getContext().setAuthentication(newAuth); |
62 | } | |
63 | } | |
64 |
1
1. preHandle : replaced boolean return with false for edu/ucsb/cs156/gauchoride/interceptors/RoleInterceptor::preHandle → KILLED |
return true; |
65 | } | |
66 | } | |
Mutations | ||
42 |
1.1 |
|
46 |
1.1 |
|
50 |
1.1 2.2 |
|
51 |
1.1 |
|
53 |
1.1 |
|
56 |
1.1 |
|
61 |
1.1 |
|
64 |
1.1 |