source: trunk/grails-app/conf/BaseFilters.groovy @ 3

/**
 * Base Filters
 * @Author Jeroen Wesbeek
 * @Since 20091026
 * @see main.gsp
 * @see http://grails.org/Filters
 * @Description
 *
 * These filters contain generic logic for -every- page request.
 *
 * Revision information:
 * $Rev: 776 $
 * $Author: duh $
 * $Date: 2010-08-05 12:15:26 +0200 (Thu, 05 Aug 2010) $
 */
import grails.converters.*
import org.codehaus.groovy.grails.commons.ConfigurationHolder

import nl.tno.metagenomics.auth.User;
 
class BaseFilters {
        def gscfService
        def synchronizationService
        
        // define filters
        def filters = {
                
                userCheck(controller:'*', action:'*') {
                        before = {
                                if( actionName == "notifyStudyChange" && controllerName == "rest" ) {
                                        return true;
                                }
                                
                                if( !ConfigurationHolder.config.gscf.baseURL ) {
                                        throw new Exception( "No GSCF instance specified. Please check configuration." )
                                        return false
                                }
                                
                                // enable to inject a session from the outside...
                                if (params.sessionToken){
                                        log.info("Setting SessionToken from params.sessionToken to ${params.sessionToken}")
                                        session.sessionToken = params.sessionToken
                                        
                                        log.info("Redirecting to GSCF to login for session from params.sessionToken")
                                        redirect( url: gscfService.urlAuthRemote(params, session.sessionToken) )
                                        return false
                                }
                                
                                // If a user is already logged in, let him continue
                                if( session.user && session.user != null ) {
                                        return true;
                                }
                                
                                // on all pages of the Metagenomics module a user should be present in the session
                                if (session.sessionToken) {
                                        log.info("SessionToken found, ask GSCF for User information")

                                        // try to identify the user with the sessionToken, since the user has logged in before                                                                  
                                        try {
                                                def user = [:]
                                                
                                                // First check if the user is authenticated. If he isn't, he should provide credentials at GSCF
                                                def authentication = JSON.parse("${ConfigurationHolder.config.gscf.baseURL}/rest/isUser?consumer=${ConfigurationHolder.config.metagenomics.consumerID}&token=${session.sessionToken}".toURL().text)
                                                
                                                if( !authentication.authenticated ) {
                                                        log.info "Not authenticated: " + authentication.authenticated
                                                        redirect( url: gscfService.urlAuthRemote(params, session.sessionToken) )
                                                        return false
                                                }
                                                
                                                // Now find the user data
                                                JSON.parse("${ConfigurationHolder.config.gscf.baseURL}/rest/getUser?consumer=${ConfigurationHolder.config.metagenomics.consumerID}&token=${session.sessionToken}".toURL().text).each { userProperty ->
                                                        user["${userProperty.key}"] = "${userProperty.value}"
                                                }
                                                
                                                // Locate user in database or create a new user
                                                session.user = User.findByIdentifierAndUsername(user.id, user.username)
                                                if (!session.user){ // when not found, create a new user
                                                        session.user = new User(identifier: user.id, username: user.username).save(flush: true)
                                                }                                                       
                                                
                                        } catch(Exception e) {
                                                log.error("Unable to fetch user from GSCF", e)
                                                throw new Exception( "GSCF instance at " + ConfigurationHolder.config.gscf.baseURL + " could not be reached. Please check configuration.", e )
                                        }
                                } else {
                                        session.sessionToken = "${UUID.randomUUID()}"
                                        log.info("SessionToken created, redirectiong to GSCF to let the user login! (SessionToken: ${session.sessionToken}")

                                        redirect( url: gscfService.urlAuthRemote(params, session.sessionToken) )
                                        return false
                                }
                        }
                }
                
                fullSynchronization(controller:'*', action:'*') {
                        before = {
                                // Never perform full synchronization on rest call when the synchronize controller is used
                                if( controllerName == "rest" || controllerName == "synchronize" ) {
                                        return true;
                                }

                                // Never perform synchronization on a POST request
                                if( request.method == "POST" )
                                        return true;
                                        
                                if( synchronizationService.timeForFullSynchronization() ) {
                                        redirect( url: synchronizationService.urlForFullSynchronization( params ) );
                                        return false
                                }
                                
                                return true

                        }
                }
                
                defineStyle(controller: '*', action: '*') {
                        // before every execution
                        before = {
                                // set the default style in the session
                                if (!session.style) {
                                        session.style = 'metagenomics'
                                }

                                // set session lifetime to 1 week
                                session.setMaxInactiveInterval(604800)
                        }
                }
        }

}