Source code

001/**
002 * Copyright 2005-2018 The Kuali Foundation
003 *
004 * Licensed under the Educational Community License, Version 2.0 (the "License");
005 * you may not use this file except in compliance with the License.
006 * You may obtain a copy of the License at
007 *
008 * http://www.opensource.org/licenses/ecl2.php
009 *
010 * Unless required by applicable law or agreed to in writing, software
011 * distributed under the License is distributed on an "AS IS" BASIS,
012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
013 * See the License for the specific language governing permissions and
014 * limitations under the License.
015 */
016package org.kuali.rice.krad.web.listener;
017
018import java.util.List;
019
020import javax.servlet.http.HttpSessionEvent;
021import javax.servlet.http.HttpSessionListener;
022
023import org.apache.commons.lang.StringUtils;
024import org.kuali.rice.kim.api.identity.Person;
025import org.kuali.rice.krad.UserSession;
026import org.kuali.rice.krad.document.authorization.PessimisticLock;
027import org.kuali.rice.krad.service.KRADServiceLocatorWeb;
028import org.kuali.rice.krad.util.GlobalVariables;
029
030/**
031 * Used to handle session timeouts where {@link PessimisticLock} objects should
032 * be removed from a document
033 *
034 * @author Kuali Rice Team (rice.collab@kuali.org)
035 */
036public class KualiHttpSessionListener implements HttpSessionListener {
037
038    /**
039     * HttpSession hook for additional setup method when sessions are created
040     *
041     * @param se - the HttpSessionEvent containing the session
042     * @see javax.servlet.http.HttpSessionListener#sessionCreated(javax.servlet.http.HttpSessionEvent)
043     */
044    @Override
045    public void sessionCreated(HttpSessionEvent se) {
046        // no operation required at this time
047    }
048
049    /**
050     * HttpSession hook for additional cleanup when sessions are destroyed
051     *
052     * @param se - the HttpSessionEvent containing the session
053     * @see javax.servlet.http.HttpSessionListener#sessionDestroyed(javax.servlet.http.HttpSessionEvent)
054     */
055    @Override
056    public void sessionDestroyed(HttpSessionEvent se) {
057        releaseLocks();
058    }
059
060    /**
061     * Remove any locks that the user has for this session
062     */
063    private void releaseLocks() {
064        if ( GlobalVariables.getUserSession() != null ) {
065            String sessionId = GlobalVariables.getUserSession().getKualiSessionId();
066            Person user = GlobalVariables.getUserSession().getPerson();
067            if ( StringUtils.isNotBlank(sessionId) && user != null ) {
068                List<PessimisticLock> locks = KRADServiceLocatorWeb.getPessimisticLockService().getPessimisticLocksForSession(
069                        sessionId);
070
071                KRADServiceLocatorWeb.getPessimisticLockService().releaseAllLocksForUser(locks, user);
072            }
073        }
074    }
075
076}
077