package cn.ksource.core.web;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import org.apache.commons.lang.StringUtils;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.ModelAndView;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;

import cn.ksource.config.SysConfigConstants;
import cn.ksource.core.Permission;
import cn.ksource.web.SysConstants;

/**
 * FreeMarker视图拦截器，页面展示之前做一些通用处理
 * @version V1.0.0
 * @author 杨凯
 * @date Dec 12, 2013 4:20:04 PM
 */
public class FreeMarkerViewInterceptor extends HandlerInterceptorAdapter {

	public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception arg3) throws Exception {

	}

	public void postHandle(HttpServletRequest request, HttpServletResponse response, Object arg2, ModelAndView view) throws Exception {
		String contextPath = request.getContextPath();
		if (view != null) {
			request.setAttribute("base", contextPath);
			request.setAttribute("common_static", contextPath);
		}
	}
  
	public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
		
		//处理Permission Annotation，实现方法级权限控制
		HandlerMethod method = (HandlerMethod)handler;
		Permission permission = method.getMethodAnnotation(Permission.class);
		
		//如果为空在表示该方法不需要进行权限验证
		if (permission == null) {
			return true;
		}
		
		//验证是否具有权限
		if (!WebUtil.hasPower(request, permission.value())) {
			response.sendRedirect(request.getContextPath()+"/business/nopermission.html");
			return false;
		}
		return true;
		
		
		//注意此处必须返回true，否则请求将停止
		//return true;
	}

}