| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237 |
- package com.lemon.lifecenter.common;
- import java.io.IOException;
- import java.io.PrintWriter;
- import javax.servlet.http.HttpServletRequest;
- import javax.servlet.http.HttpServletResponse;
- import org.slf4j.Logger;
- import org.slf4j.LoggerFactory;
- import org.springframework.beans.factory.annotation.Autowired;
- import org.springframework.stereotype.Component;
- import org.springframework.web.servlet.ModelAndView;
- import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
- import com.lemon.lifecenter.dto.RoleDTO;
- import com.lemon.lifecenter.service.RoleService;
- @Component
- public class LifeCenterInterCeptor extends HandlerInterceptorAdapter {
- @Autowired
- private LifeCenterConfigVO config;
-
- @Autowired
- private RoleService roleService;
-
- private final Logger logger = LoggerFactory.getLogger(this.getClass());
- @Override
- public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws IOException {
- logger.info( "--------------------- InterCeptor Start --------------------- " );
- String url = request.getRequestURI().toString();
- String port = String.valueOf(request.getServerPort());
-
- Object session = request.getSession().getAttribute( "sesId" );
- Object groupIdx = request.getSession().getAttribute( "sesGroupIdx" );
- Object sesMId = request.getSession().getAttribute( "sesMId" );
- Object sesPasswordChange = request.getSession().getAttribute( "sesPasswordChange" );
- Object sesAcceptCheck = request.getSession().getAttribute( "sesAcceptCheck" );
-
-
- logger.info( "|------------------------------------------------------------------|" );
- logger.info( "| URL : " + url + " | IP : " + LifeCenterFunction.getRemoteAddr(request) + " | Port : " + port );
- logger.info( "|------------------------------------------------------------------|" );
-
- logger.info( " sesMobileId : " + sesMId + " sesWebId : " + session + " groupIdx : " + groupIdx );
-
- if ( url.contains( "/error" ) || url.contains( "/nonface/wait" ) || url.contains( "/mobile/call" ) ||
- url.contains( "/store" ) || url.contains( "/favicon.ico" ) || url.contains( "/mobile/getAppVersion" ) ||
- url.contains("/lifeCenter/api") ) {
- return true;
- }
-
- if( url.contains( "/mobile" ) ) {
- if( !url.equals( "/mobile/login" ) && !url.equals( "/mobile/check" ) ) {
- if( sesMId == null ) {
- response.sendRedirect( "/mobile/login" );
- return false;
- } else {
- logger.info( "IP : " + LifeCenterFunction.getRemoteAddr( request ) + " ID : " + sesMId.toString() + " URL : " + url + " Port : " + port );
-
- Object sesMAcceptCheck = request.getSession().getAttribute( "sesMAcceptCheck" );
-
- // System.err.println( "sesMAcceptCheck : " + sesMAcceptCheck );
-
- if( sesMAcceptCheck != null && sesMAcceptCheck.equals( "Y" ) ) {
- if( !url.equals( "/mobile/accept/list" ) ) {
- logger.info( "약관 동의 페이지로 이동" );
-
- if( !url.equals( "/mobile/accept/insert" ) && !url.equals( "/mobile/login/logout" ) ) {
- LifeCenterFunction.scriptMessage( response, "location.href='/mobile/accept/list';" );
- return false;
- }
- } else {
- // LifeCenterFunction.scriptMessage( response, "alertBox({ txt: '약관 동의 후 서비스 이용이 가능합니다.', callBack : function(){ } });" );
- }
- } else {
- if( url.equals( "/mobile/accept/list" ) ) {
- response.sendRedirect( "/mobile/menu" );
- }
- }
- }
-
- } else if( url.equals( "/mobile/login" ) ) {
- if( sesMId != null ) {
- response.sendRedirect( "/mobile/menu" );
- return false;
- }
- }
-
- } else {
-
- if( !url.equals( "/login/staff" ) && !url.equals( "/login/admin" ) && !url.equals( "/login/check" ) ) {
- if( session == null ) {
- response.sendRedirect( "/login/staff" );
- return false;
- } else {
- logger.info( "IP : " + LifeCenterFunction.getRemoteAddr( request ) + " ID : " + session.toString() + " URL : " + url + " Port : " + port );
-
- /*
- * 현재경로에대해 권한 체크
- */
- RoleDTO roleDTO = new RoleDTO();
- roleDTO.setMenuPath( url );
- int roleCount = roleService.selectNowPathRoleCheckTotal( roleDTO );
-
- if( roleCount > 0 ) {
- Object sesGroupIdx = request.getSession().getAttribute( "sesGroupIdx" );
- roleDTO.setGroupIdx( Integer.valueOf( sesGroupIdx.toString() ) );
- roleDTO = roleService.selectNowPathRoleCheckData( roleDTO );
-
- String menuType = roleDTO.getMenuType();
- boolean roleFlag = true;
-
- if( menuType.equals( "C" ) ) {
- if( roleDTO.getCreateYn().equals( "N" ) ) {
- roleFlag = false;
- }
- } else if( menuType.equals( "R" ) ) {
- if( roleDTO.getReadYn().equals( "N" ) ) {
- roleFlag = false;
- }
- } else if( menuType.equals( "U" ) ) {
- if( roleDTO.getUpdateYn().equals( "N" ) ) {
- roleFlag = false;
- }
- } else if( menuType.equals( "" ) ) {
- if( roleDTO.getDeleteYn().equals( "N" ) ) {
- roleFlag = false;
- }
- }
-
- if( roleFlag == false ) {
- logger.error( "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!" );
- logger.error( "현재 경로에 대한 권한이 없습니다 . IP : " + LifeCenterFunction.getRemoteAddr( request ) + " ID : " + session.toString() + " URL : " + url + " Port : " + port );
- logger.error( "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!" );
-
- // System.err.println( "XMLHttpRequest".equals( request.getHeader( "x-requested-with" ) ) );
-
- // Ajax 요청인지 확인
- if( "XMLHttpRequest".equals( request.getHeader( "x-requested-with" ) ) == true ) {
- response.sendError( 999 );
- } else {
- response.sendError( 403 );
- }
-
- return false;
- }
- }
-
-
- /*
- * 약관 동의 체크, 비밀번호 초기화 체크
- */
- if( sesAcceptCheck != null && sesAcceptCheck.equals( "Y" ) ) {
- if( !url.equals( "/accept/list" ) ) {
- logger.info( "약관 동의 페이지로 이동" );
-
- if( !url.equals( "/accept/insert" ) && !url.equals( "/login/logout" ) ) {
- LifeCenterFunction.scriptMessage( response, "location.href='/accept/list';" );
- return false;
- }
- } else {
- // LifeCenterFunction.scriptMessage( response, "alertBox({ txt: '약관 동의 후 서비스 이용이 가능합니다.', callBack : function(){ } });" );
- }
- } else {
-
- if( url.equals( "/accept/list" ) ) {
- response.sendRedirect( "/" );
- }
-
- if( sesPasswordChange != null ) {
- if( sesPasswordChange.equals( "REQUIRED" ) ) {
-
- if( !url.equals( "/staff/myinfo" ) ) {
- logger.info( "비밀번호 변경 필요 -> 비밀번호 변경 페이지로 이동" );
-
- if( !url.equals( "/common/passwordCheck" ) && !url.equals( "/staff/myinfo/update" ) && !url.equals( "/login/logout" ) ) {
- LifeCenterFunction.scriptMessage( response, "location.href='/staff/myinfo';" );
- return false;
- }
- } else {
- LifeCenterFunction.scriptMessage( response, "alertBox({ txt: '비밀번호 보안 규정 변경으로 인하여 의무적으로 비밀번호 1회 변경 진행 후 서비스 이용이 가능합니다.', callBack : function(){ } });" );
- }
-
- } else if( sesPasswordChange.equals( "RESET" ) ) {
-
- if( !url.equals( "/staff/myinfo" ) ) {
- logger.info( "초기화 비밀번호로 로그인 -> 비밀번호 변경 페이지로 이동" );
-
- if( !url.equals( "/common/passwordCheck" ) && !url.equals( "/staff/myinfo/update" ) && !url.equals( "/login/logout" ) ) {
- LifeCenterFunction.scriptMessage( response, "location.href='/staff/myinfo';" );
- return false;
- }
- } else {
- LifeCenterFunction.scriptMessage( response, "alertBox({ txt: '초기화 비밀번호로 로그인시 비밀번호 변경 후 서비스 이용이 가능합니다.', callBack : function(){ } });" );
- }
-
- }
- }
-
- }
-
- }
-
- } else if( url.equals( "/login/staff" ) || url.equals( "/login/admin" ) ) {
- if( session != null ) {
-
- if( groupIdx.equals( "1" ) ) {
- response.sendRedirect( "/center/list" );
- } else {
- response.sendRedirect( "/patient/list" );
- }
-
- return false;
- }
-
- }
- }
-
- return true;
- }
- @Override
- public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler,
- ModelAndView modelAndView) {
- //logger.info("Method Executed Time : postHandle");
- }
- @Override
- public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler,
- Exception ex) {
- //logger.info("Method Completed Time : afterCompletion");
- logger.info( "--------------------- InterCeptor afterCompletion ---------------------" );
- }
- }
|
