Class SecurityEmailCheckBeforeControllerHandler
java.lang.Object
de.hybris.platform.yacceleratorstorefront.interceptors.beforecontroller.SecurityEmailCheckBeforeControllerHandler
- All Implemented Interfaces:
BeforeControllerHandler
public class SecurityEmailCheckBeforeControllerHandler
extends Object
implements BeforeControllerHandler
The SecurityEmailCheckBeforeControllerHandler class exists to make sure that email pages are only viewable in a CMS
context, and not by a regular user.
-
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionbooleanbeforeController(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, org.springframework.web.method.HandlerMethod handler) Check if the page being requested is an Email page, and if so, only aloow it if there is a valid preview model.protected booleanisPreviewDataModelValid(javax.servlet.http.HttpServletRequest httpRequest) Delegate toCMSPageContextServiceto see if the request contains valid preview data.
-
Constructor Details
-
SecurityEmailCheckBeforeControllerHandler
public SecurityEmailCheckBeforeControllerHandler()
-
-
Method Details
-
beforeController
public boolean beforeController(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, org.springframework.web.method.HandlerMethod handler) throws IOException Check if the page being requested is an Email page, and if so, only aloow it if there is a valid preview model. This way we can ensure that public, or normal users will never be able to render email pages. If someone tries to access an email page without a preview, simply redirect to the default page.- Specified by:
beforeControllerin interfaceBeforeControllerHandler- Parameters:
request- current HTTP requestresponse- current HTTP response- Returns:
- False if the requested mapge is an email page, and there is no valid preview data.
- Throws:
IOException
-
isPreviewDataModelValid
protected boolean isPreviewDataModelValid(javax.servlet.http.HttpServletRequest httpRequest) Delegate toCMSPageContextServiceto see if the request contains valid preview data.- Parameters:
httpRequest- An http request- Returns:
- True if the request contains valid cms preview data
-