View Javadoc
1   /*
2    * Copyright 2010 James Pether Sörling
3    *
4    * Licensed under the Apache License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    *
8    *   http://www.apache.org/licenses/LICENSE-2.0
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   *
16   *	$Id$
17   *  $HeadURL$
18  */
19  package com.hack23.cia.service.impl.action.application;
20  
21  import java.util.ArrayList;
22  import java.util.Collection;
23  
24  import org.slf4j.Logger;
25  import org.slf4j.LoggerFactory;
26  import org.springframework.beans.factory.annotation.Autowired;
27  import org.springframework.security.access.annotation.Secured;
28  import org.springframework.security.authentication.AnonymousAuthenticationToken;
29  import org.springframework.security.core.authority.SimpleGrantedAuthority;
30  import org.springframework.security.core.context.SecurityContextHolder;
31  import org.springframework.stereotype.Service;
32  import org.springframework.transaction.annotation.Propagation;
33  import org.springframework.transaction.annotation.Transactional;
34  
35  import com.hack23.cia.model.internal.application.system.impl.ApplicationEventGroup;
36  import com.hack23.cia.model.internal.application.system.impl.ApplicationOperationType;
37  import com.hack23.cia.model.internal.application.user.impl.UserAccount;
38  import com.hack23.cia.service.api.action.application.CreateApplicationEventRequest;
39  import com.hack23.cia.service.api.action.application.CreateApplicationEventResponse;
40  import com.hack23.cia.service.api.action.application.LogoutRequest;
41  import com.hack23.cia.service.api.action.application.LogoutResponse;
42  import com.hack23.cia.service.api.action.common.ServiceResponse.ServiceResult;
43  import com.hack23.cia.service.impl.action.common.AbstractBusinessServiceImpl;
44  import com.hack23.cia.service.impl.action.common.BusinessService;
45  
46  /**
47   * The Class LogoutService.
48   */
49  @Service
50  @Transactional(propagation = Propagation.REQUIRED)
51  public final class LogoutService extends AbstractBusinessServiceImpl<LogoutRequest, LogoutResponse>
52  		implements BusinessService<LogoutRequest, LogoutResponse> {
53  
54  	/** The Constant LOGGER. */
55  	private static final Logger LOGGER = LoggerFactory
56  			.getLogger(LogoutService.class);
57  
58  	/** The create application event service. */
59  	@Autowired
60  	private BusinessService<CreateApplicationEventRequest, CreateApplicationEventResponse> createApplicationEventService;
61  
62  
63  
64  	/**
65  	 * Instantiates a new logout service.
66  	 */
67  	public LogoutService() {
68  		super(LogoutRequest.class);
69  	}
70  
71  	@Secured({ "ROLE_USER", "ROLE_ADMIN" })
72  	@Override
73  	public LogoutResponse processService(final LogoutRequest serviceRequest) {
74  
75  		final CreateApplicationEventRequest eventRequest = new CreateApplicationEventRequest();
76  		eventRequest.setEventGroup(ApplicationEventGroup.USER);
77  		eventRequest.setApplicationOperation(ApplicationOperationType.AUTHENTICATION);
78  		eventRequest.setActionName(LogoutRequest.class.getSimpleName());
79  		eventRequest.setSessionId(serviceRequest.getSessionId());
80  
81  		final UserAccount userAccount = getUserAccountFromSecurityContext();
82  
83  		LogoutResponse response;
84  		if (userAccount != null) {
85  			eventRequest.setElementId(userAccount.getEmail());
86  			eventRequest.setUserId(userAccount.getUserId());
87  
88  
89  			final Collection<SimpleGrantedAuthority> authorities = new ArrayList<>();
90  			authorities.add(new SimpleGrantedAuthority("ROLE_ANONYMOUS"));
91  			final AnonymousAuthenticationToken anonymousAuthenticationToken = new AnonymousAuthenticationToken(
92  					serviceRequest.getSessionId(), "ROLE_ANONYMOUS", authorities);
93  			SecurityContextHolder.getContext().setAuthentication(anonymousAuthenticationToken);
94  
95  			response=new LogoutResponse(ServiceResult.SUCCESS);
96  		} else {
97  			response= new LogoutResponse(ServiceResult.FAILURE);
98  		}
99  
100 		eventRequest.setApplicationMessage(response.getResult().toString());
101 
102 		createApplicationEventService.processService(eventRequest);
103 		LOGGER.info("Event: {}",eventRequest);
104 		return response;
105 	}
106 
107 }