View Javadoc
1   /**
2    * This file Copyright (c) 2003-2015 Magnolia International
3    * Ltd.  (http://www.magnolia-cms.com). All rights reserved.
4    *
5    *
6    * This file is dual-licensed under both the Magnolia
7    * Network Agreement and the GNU General Public License.
8    * You may elect to use one or the other of these licenses.
9    *
10   * This file is distributed in the hope that it will be
11   * useful, but AS-IS and WITHOUT ANY WARRANTY; without even the
12   * implied warranty of MERCHANTABILITY or FITNESS FOR A
13   * PARTICULAR PURPOSE, TITLE, or NONINFRINGEMENT.
14   * Redistribution, except as permitted by whichever of the GPL
15   * or MNA you select, is prohibited.
16   *
17   * 1. For the GPL license (GPL), you can redistribute and/or
18   * modify this file under the terms of the GNU General
19   * Public License, Version 3, as published by the Free Software
20   * Foundation.  You should have received a copy of the GNU
21   * General Public License, Version 3 along with this program;
22   * if not, write to the Free Software Foundation, Inc., 51
23   * Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
24   *
25   * 2. For the Magnolia Network Agreement (MNA), this file
26   * and the accompanying materials are made available under the
27   * terms of the MNA which accompanies this distribution, and
28   * is available at http://www.magnolia-cms.com/mna.html
29   *
30   * Any modifications to this file must keep this entire header
31   * intact.
32   *
33   */
34  package info.magnolia.cms.security;
35  
36  import java.util.Date;
37  
38  import javax.servlet.http.HttpServletRequest;
39  import javax.servlet.http.HttpSession;
40  
41  import org.slf4j.Logger;
42  import org.slf4j.LoggerFactory;
43  import info.magnolia.context.MgnlContext;
44  
45  
46  /**
47   * Used to lock a session or the system. Currently checked in the {@link URISecurityFilter}. Should
48   * only be used with care.
49   *
50   * @deprecated since 5.3.6 - no longer used, will be removed without replacement.
51   */
52  @Deprecated
53  public final class Lock {
54  
55      private static Logger log = LoggerFactory.getLogger(Lock.class);
56  
57      /**
58       * Session lock attribute.
59       */
60      private static final String SESSION_LOCK = "mgnlSessionLock";
61  
62      /**
63       * System wide lock.
64       */
65      private static boolean isSystemLocked;
66  
67      /**
68       * System wide lock creation time.
69       */
70      private static Date lockSetDate;
71  
72      /**
73       * Utility class, don't instantiate.
74       */
75      private Lock() {
76          // unused
77      }
78  
79      /**
80       * Set session based lock.
81       */
82      public static void setSessionLock(HttpServletRequest request) {
83          log.info("Session lock enabled for user ( {} ) on {}", MgnlContext.getUser().getName(), new Date());
84          // @todo IMPORTANT remove use of http session
85          HttpSession httpsession = request.getSession(true);
86          httpsession.setAttribute(SESSION_LOCK, (new Date()).toString());
87      }
88  
89      /**
90       * Returns true if this session is locked.
91       *
92       * @return a boolean
93       */
94      public static boolean isSessionLocked(HttpServletRequest request) {
95          // @todo IMPORTANT remove use of http session
96          if (request.getSession(true).getAttribute(Lock.SESSION_LOCK) != null) {
97              return true;
98          }
99          return false;
100     }
101 
102     /**
103      * Reset session lock.
104      */
105     public static void resetSessionLock(HttpServletRequest request) {
106         if (!Lock.isSessionLocked(request)) {
107             log.debug("No Lock found to reset");
108         }
109         else {
110             log.debug("Resetting session lock");
111             Lock.isSystemLocked = false;
112         }
113         // @todo IMPORTANT remove use of http session
114         HttpSession httpsession = request.getSession(true);
115         httpsession.removeAttribute(Lock.SESSION_LOCK);
116     }
117 
118     /**
119      * Set system wide lock.
120      */
121     public static void setSystemLock() {
122         if (Lock.isSystemLocked()) {
123             log.debug("System lock exist, created on {}", Lock.lockSetDate);
124         }
125         else {
126             Lock.isSystemLocked = true;
127             Lock.lockSetDate = new Date();
128             log.debug("New System lock created on {}", Lock.lockSetDate);
129         }
130     }
131 
132     /**
133      * Reset system wide lock.
134      */
135     public static void resetSystemLock() {
136         if (!Lock.isSystemLocked()) {
137             log.debug("No Lock found to reset");
138         }
139         else {
140             log.debug("Resetting system lock created on {}", Lock.lockSetDate);
141             Lock.isSystemLocked = false;
142         }
143     }
144 
145     /**
146      * Return true if system is locked.
147      * @return a boolean
148      */
149     public static boolean isSystemLocked() {
150         return Lock.isSystemLocked;
151     }
152 }