001    /*
002     * Copyright 2007 the original author or authors.
003     *
004     * Licensed under the Apache License, Version 2.0 (the "License");
005     * you may not use this file except in compliance with the License.
006     * You may obtain a copy of the License at
007     *
008     *      http://www.apache.org/licenses/LICENSE-2.0
009     *
010     * Unless required by applicable law or agreed to in writing, software
011     * distributed under the License is distributed on an "AS IS" BASIS,
012     * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
013     * See the License for the specific language governing permissions and
014     * limitations under the License.
015     */
016    package org.codehaus.groovy.grails.plugins.springsecurity;
017    
018    import org.aopalliance.intercept.MethodInvocation;
019    import org.springframework.security.intercept.InterceptorStatusToken;
020    import org.springframework.security.intercept.method.aopalliance.MethodSecurityInterceptor;
021    
022    /**
023     * MethodSecurityInterceptor without throws Exceptions if Method Access is
024     * denied returns null
025     * 
026     * @author T.Yamamoto
027     */
028    public class QuietMethodSecurityInterceptor extends MethodSecurityInterceptor {
029    
030            private boolean throwException;
031            private Exception lastException;
032    
033            /**
034             * {@inheritDoc}
035             * @see org.springframework.security.intercept.method.aopalliance.MethodSecurityInterceptor#invoke(
036             *      org.aopalliance.intercept.MethodInvocation)
037             */
038            @Override
039            public Object invoke(final MethodInvocation mi) throws Throwable {
040                    Object result = null;
041                    InterceptorStatusToken token = null;
042                    try {
043                            token = super.beforeInvocation(mi);
044                    }
045                    catch (Exception e) {
046                            lastException = e;
047                            if (throwException) {
048                                    throw e;
049                            }
050                            logger.error(e.getMessage());
051                            return null;
052                    }
053    
054                    try {
055                            result = mi.proceed();
056                    }
057                    catch (Exception e) {
058                            lastException = e;
059                            if (throwException) {
060                                    throw e;
061                            }
062                            logger.error(e.getMessage());
063                            return null;
064                    }
065    
066                    try {
067                            result = super.afterInvocation(token, result);
068                    }
069                    catch (Exception e) {
070                            lastException = e;
071                            if (throwException) {
072                                    throw e;
073                            }
074                            logger.error(e.getMessage());
075                            return null;
076                    }
077    
078                    return result;
079            }
080    
081            /**
082             * For testing.
083             * @return  the most recent exception, if any.
084             */
085            /*package*/ Exception getLastException() {
086                    return lastException;
087            }
088    
089            /**
090             * Dependency injection for throw exception flag.
091             * @param throwException  if <code>true</code> throw exceptions, otherwise just log
092             */
093            public void setThrowException(final boolean throwException) {
094                    this.throwException = throwException;
095            }
096    }