001    /**
002     * Copyright (c) 2000-2012 Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portlet.monitoring.action;
016    
017    import com.liferay.portal.kernel.log.Log;
018    import com.liferay.portal.kernel.log.LogFactoryUtil;
019    import com.liferay.portal.kernel.servlet.PortalSessionContext;
020    import com.liferay.portal.kernel.servlet.SessionErrors;
021    import com.liferay.portal.kernel.util.ParamUtil;
022    import com.liferay.portal.security.auth.PrincipalException;
023    import com.liferay.portal.security.permission.PermissionChecker;
024    import com.liferay.portal.struts.PortletAction;
025    import com.liferay.portal.theme.ThemeDisplay;
026    import com.liferay.portal.util.WebKeys;
027    
028    import javax.portlet.ActionRequest;
029    import javax.portlet.ActionResponse;
030    import javax.portlet.PortletConfig;
031    import javax.portlet.RenderRequest;
032    import javax.portlet.RenderResponse;
033    
034    import javax.servlet.http.HttpSession;
035    
036    import org.apache.struts.action.ActionForm;
037    import org.apache.struts.action.ActionForward;
038    import org.apache.struts.action.ActionMapping;
039    
040    /**
041     * @author Brian Wing Shun Chan
042     */
043    public class EditSessionAction extends PortletAction {
044    
045            @Override
046            public void processAction(
047                            ActionMapping mapping, ActionForm form, PortletConfig portletConfig,
048                            ActionRequest actionRequest, ActionResponse actionResponse)
049                    throws Exception {
050    
051                    ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
052                            WebKeys.THEME_DISPLAY);
053    
054                    PermissionChecker permissionChecker =
055                            themeDisplay.getPermissionChecker();
056    
057                    if (!permissionChecker.isOmniadmin()) {
058                            SessionErrors.add(
059                                    actionRequest, PrincipalException.class.getName());
060    
061                            setForward(actionRequest, "portlet.monitoring.error");
062    
063                            return;
064                    }
065    
066                    invalidateSession(actionRequest);
067    
068                    sendRedirect(actionRequest, actionResponse);
069            }
070    
071            @Override
072            public ActionForward render(
073                            ActionMapping mapping, ActionForm form, PortletConfig portletConfig,
074                            RenderRequest renderRequest, RenderResponse renderResponse)
075                    throws Exception {
076    
077                    return mapping.findForward(
078                            getForward(renderRequest, "portlet.monitoring.edit_session"));
079            }
080    
081            protected void invalidateSession(ActionRequest actionRequest)
082                    throws Exception {
083    
084                    String sessionId = ParamUtil.getString(actionRequest, "sessionId");
085    
086                    HttpSession userSession = PortalSessionContext.get(sessionId);
087    
088                    if (userSession != null) {
089                            try {
090                                    if (!actionRequest.getPortletSession().getId().equals(
091                                                    sessionId)) {
092    
093                                            userSession.invalidate();
094                                    }
095                            }
096                            catch (Exception e) {
097                                    _log.error(e);
098                            }
099                    }
100            }
101    
102            private static Log _log = LogFactoryUtil.getLog(EditSessionAction.class);
103    
104    }