123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295 |
- package com.lemon.lifecenter.common;
- import java.io.IOException;
- import java.lang.reflect.Method;
- import javax.servlet.http.HttpServletRequest;
- import javax.servlet.http.HttpServletResponse;
- import org.slf4j.Logger;
- import org.slf4j.LoggerFactory;
- import org.springframework.beans.factory.annotation.Autowired;
- import org.springframework.stereotype.Component;
- import org.springframework.web.method.HandlerMethod;
- import org.springframework.web.servlet.ModelAndView;
- import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
- import com.lemon.lifecenter.dto.RoleDTO;
- import com.lemon.lifecenter.service.RoleService;
- @Component
- public class LifeCenterInterCeptor extends HandlerInterceptorAdapter {
- @Autowired
- private LifeCenterConfigVO config;
-
- @Autowired
- private RoleService roleService;
-
- private final Logger logger = LoggerFactory.getLogger(this.getClass());
- @Override
- public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws IOException {
- logger.info( "--------------------- InterCeptor Start --------------------- " );
- String url = request.getRequestURI().toString();
- String port = String.valueOf(request.getServerPort());
-
- Object session = request.getSession().getAttribute( "sesId" );
- Object groupIdx = request.getSession().getAttribute( "sesGroupIdx" );
- Object sesMId = request.getSession().getAttribute( "sesMId" );
- Object sesPasswordChange = request.getSession().getAttribute( "sesPasswordChange" );
- Object sesAcceptCheck = request.getSession().getAttribute( "sesAcceptCheck" );
- Object sesPermissions = request.getSession().getAttribute( "sesPermissions" );
-
-
- logger.info( "|------------------------------------------------------------------|" );
- logger.info( "| URL : " + url + " | IP : " + LifeCenterFunction.getRemoteAddr(request) + " | Port : " + port );
- logger.info( "|------------------------------------------------------------------|" );
- logger.info( "redirectUrl -- > " + request.getParameter("redirectUrl") );
-
- logger.info( " sesMobileId : " + sesMId + " sesWebId : " + session + " groupIdx : " + groupIdx );
-
- if ( url.contains( "/error" ) || url.contains( "/nonface/wait" ) || url.contains( "/mobile/call" ) ||
- url.contains( "/store" ) || url.contains( "/favicon.ico" ) || url.contains( "/mobile/getAppVersion" ) ||
- url.contains("/lifeCenter/api") || url.contains( "/accept/public" ) ) {
- return true;
- }
-
- if( url.contains( "/mobile" ) ) {
- if (url.contains("/mobile/helper")) {
- return true;
- }
- if( !url.equals( "/mobile/login" ) && !url.equals( "/mobile/check" ) && !url.equals("/mobile/logout") ) {
- if( sesMId == null ) {
- if (request.getParameter("redirectUrl") == null) {
- response.sendRedirect( "/mobile/login" );
- } else {
- response.sendRedirect( "/mobile/login?redirectUrl=" + request.getParameter("redirectUrl") );
- }
- return false;
- } else {
- logger.info( "IP : " + LifeCenterFunction.getRemoteAddr( request ) + " ID : " + sesMId.toString() + " URL : " + url + " Port : " + port );
- /*
- * 서비스 메뉴별 페이지 뷰
- * 웹 / 앱 트래킹 분석 부분 주석 처리
- */
- /*
-
- String patientIdx = LifeCenterSessionController.getSession(request, "sesMpIdx");
- String referer = request.getHeader("Referer");
-
- RoleDTO roleDTO = new RoleDTO();
- roleDTO.setMenuPath( url );
- int menuTotal = roleService.selectMobileMenuCount( roleDTO );
- if( menuTotal > 0 ) {
- roleDTO = roleService.selectMobileMenuData( roleDTO );
- roleDTO.setPatientIdx( Integer.valueOf( patientIdx.toString() ) );
- if (url.equals("/mobile/health/insert")) {
- String type = referer.substring(referer.length() - 1, referer.length());
- roleDTO.setEtc(type);
- }
- roleService.insertMobileMenuAccessLog( roleDTO );
- }
- */
- Object sesMAcceptCheck = request.getSession().getAttribute( "sesMAcceptCheck" );
-
- // System.err.println( "sesMAcceptCheck : " + sesMAcceptCheck );
-
- if( sesMAcceptCheck != null && sesMAcceptCheck.equals( "Y" ) ) {
- if( !url.equals( "/mobile/accept/list" ) && !url.equals( "/mobile/insertDeviceInfo" ) ) {
- logger.info( "약관 동의 페이지로 이동" );
-
- if( !url.equals( "/mobile/accept/insert" ) && !url.equals( "/mobile/login/logout" ) ) {
- LifeCenterFunction.scriptMessage( response, "location.href='/mobile/accept/list';" );
- return false;
- }
- } else {
- // LifeCenterFunction.scriptMessage( response, "alertBox({ txt: '약관 동의 후 서비스 이용이 가능합니다.', callBack : function(){ } });" );
- }
- } else {
- if( url.equals( "/mobile/accept/list" ) ) {
- response.sendRedirect( "/mobile/menu" );
- }
- }
- }
-
- } else if( url.equals( "/mobile/login" ) ) {
- if( sesMId != null ) {
- response.sendRedirect( "/mobile/menu" );
- return false;
- }
- }
-
- } else {
-
- if( !url.equals( "/login/staff" ) && !url.equals( "/login/hcms" ) && !url.equals( "/login/check" ) ) {
- if( session == null ) {
- response.sendRedirect( "/login/staff" );
- return false;
- } else {
- logger.info( "IP : " + LifeCenterFunction.getRemoteAddr( request ) + " ID : " + session.toString() + " URL : " + url + " Port : " + port );
-
- /*
- * 현재경로에대해 권한 체크
- */
- RoleDTO roleDTO = new RoleDTO();
- roleDTO.setMenuPath( url );
- int roleCount = roleService.selectNowPathRoleCheckTotal( roleDTO );
-
- if( roleCount > 0 ) {
- Object sesGroupIdx = request.getSession().getAttribute( "sesGroupIdx" );
- roleDTO.setGroupIdx( Integer.valueOf( sesGroupIdx.toString() ) );
- roleDTO = roleService.selectNowPathRoleCheckData( roleDTO );
-
- String menuType = roleDTO.getMenuType();
- boolean roleFlag = true;
-
- if( menuType.equals( "C" ) ) {
- if( roleDTO.getCreateYn().equals( "N" ) ) {
- roleFlag = false;
- }
- } else if( menuType.equals( "R" ) ) {
- if( roleDTO.getReadYn().equals( "N" ) ) {
- roleFlag = false;
- }
- } else if( menuType.equals( "U" ) ) {
- if( roleDTO.getUpdateYn().equals( "N" ) ) {
- roleFlag = false;
- }
- } else if( menuType.equals( "" ) ) {
- if( roleDTO.getDeleteYn().equals( "N" ) ) {
- roleFlag = false;
- }
- }
-
- /*
- * 메뉴접근이력 insert 성공/실패 유무도 같이
- */
-
- if( !url.equals( "/history/list" ) ) {
- roleDTO.setMenuPath( url );
- roleDTO.setId( session.toString() );
- roleDTO.setIp( LifeCenterFunction.getRemoteAddr( request ) );
- roleDTO.setSuccessYn( roleFlag == true ? "Y" : "N" );
- roleService.insertMenuAccessLog( roleDTO );
- // if (url.equals("/patient/info") || url.equals("/staff/info") || url.equals("/clinic/state") || url.equals("/clinic/api/state") || url.equals("/clinic/info")) {
- // roleDTO.setMenuPath( url );
- // roleDTO.setId( session.toString() );
- // roleDTO.setIp( LifeCenterFunction.getRemoteAddr( request ) );
- // roleDTO.setSuccessYn( roleFlag == true ? "Y" : "N" );
- // roleService.insertMenuAccessLog( roleDTO );
- // }
- }
-
-
-
- if( roleFlag == false ) {
- logger.error( "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!" );
- logger.error( "현재 경로에 대한 권한이 없습니다 . IP : " + LifeCenterFunction.getRemoteAddr( request ) + " ID : " + session.toString() + " URL : " + url + " Port : " + port );
- logger.error( "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!" );
-
- // System.err.println( "XMLHttpRequest".equals( request.getHeader( "x-requested-with" ) ) );
-
- // Ajax 요청인지 확인
- if( "XMLHttpRequest".equals( request.getHeader( "x-requested-with" ) ) == true ) {
- response.sendError( 999 );
- } else {
- response.sendError( 403 );
- }
-
- return false;
- }
- }
-
-
- /*
- * 약관 동의 체크, 비밀번호 초기화 체크
- */
- if( sesAcceptCheck != null && sesAcceptCheck.equals( "Y" ) ) {
- if( !url.equals( "/accept/list" ) ) {
- logger.info( "약관 동의 페이지로 이동" );
-
- if( !url.equals( "/accept/insert" ) && !url.equals( "/login/logout" ) ) {
- LifeCenterFunction.scriptMessage( response, "location.href='/accept/list';" );
- return false;
- }
- } else {
- // LifeCenterFunction.scriptMessage( response, "alertBox({ txt: '약관 동의 후 서비스 이용이 가능합니다.', callBack : function(){ } });" );
- }
- } else {
-
- if( url.equals( "/accept/list" ) ) {
- response.sendRedirect( "/" );
- }
-
- if( sesPasswordChange != null ) {
- if( sesPasswordChange.equals( "REQUIRED" ) ) {
-
- if( !url.equals( "/staff/myinfo" ) ) {
- logger.info( "비밀번호 변경 필요 -> 비밀번호 변경 페이지로 이동" );
-
- if( !url.equals( "/common/passwordCheck" ) && !url.equals( "/staff/myinfo/update" ) && !url.equals( "/login/logout" ) ) {
- LifeCenterFunction.scriptMessage( response, "location.href='/staff/myinfo';" );
- return false;
- }
- } else {
- LifeCenterFunction.scriptMessage( response, "alertBox({ txt: '비밀번호 보안 규정 변경으로 인하여 의무적으로 비밀번호 1회 변경 진행 후 서비스 이용이 가능합니다.', callBack : function(){ } });" );
- }
-
- } else if( sesPasswordChange.equals( "RESET" ) ) {
-
- if( !url.equals( "/staff/myinfo" ) ) {
- logger.info( "초기화 비밀번호로 로그인 -> 비밀번호 변경 페이지로 이동" );
-
- if( !url.equals( "/common/passwordCheck" ) && !url.equals( "/staff/myinfo/update" ) && !url.equals( "/login/logout" ) ) {
- LifeCenterFunction.scriptMessage( response, "location.href='/staff/myinfo';" );
- return false;
- }
- } else {
- LifeCenterFunction.scriptMessage( response, "alertBox({ txt: '초기화 비밀번호로 로그인시 비밀번호 변경 후 서비스 이용이 가능합니다.', callBack : function(){ } });" );
- }
-
- }
- }
-
- }
-
- }
-
- } else if( url.equals( "/login/staff" ) || url.equals( "/login/hcms" ) ) {
- if( session != null ) {
-
- if( sesPermissions.equals( "SYSTEM" ) ) {
- response.sendRedirect( "/center/list" );
- } else {
- response.sendRedirect( "/patient/list" );
- }
-
- return false;
- }
-
- }
- }
-
- return true;
- }
- @Override
- public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler,
- ModelAndView modelAndView) {
- //logger.info("Method Executed Time : postHandle");
- }
- @Override
- public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler,
- Exception ex) {
- //logger.info("Method Completed Time : afterCompletion");
- logger.info( "--------------------- InterCeptor afterCompletion ---------------------" );
- }
- }
|