1 | /* |
---|
2 | * Copyright (C) 2013 DASISH |
---|
3 | * |
---|
4 | * This program is free software; you can redistribute it and/or |
---|
5 | * modify it under the terms of the GNU General Public License |
---|
6 | * as published by the Free Software Foundation; either version 2 |
---|
7 | * of the License, or (at your option) any later version. |
---|
8 | * |
---|
9 | * This program is distributed in the hope that it will be useful, |
---|
10 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
---|
11 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
---|
12 | * GNU General Public License for more details. |
---|
13 | * |
---|
14 | * You should have received a copy of the GNU General Public License |
---|
15 | * along with this program; if not, write to the Free Software |
---|
16 | * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. |
---|
17 | */ |
---|
18 | package eu.dasish.annotation.backend.rest; |
---|
19 | |
---|
20 | import eu.dasish.annotation.backend.Helpers; |
---|
21 | import eu.dasish.annotation.backend.NotInDataBaseException; |
---|
22 | import eu.dasish.annotation.backend.PrincipalExists; |
---|
23 | import eu.dasish.annotation.backend.dao.DBDispatcher; |
---|
24 | import eu.dasish.annotation.schema.Principal; |
---|
25 | import java.io.IOException; |
---|
26 | import javax.servlet.ServletContext; |
---|
27 | import javax.servlet.http.HttpServletRequest; |
---|
28 | import javax.servlet.http.HttpServletResponse; |
---|
29 | import javax.ws.rs.core.Context; |
---|
30 | import javax.ws.rs.ext.Providers; |
---|
31 | import org.slf4j.Logger; |
---|
32 | import org.slf4j.LoggerFactory; |
---|
33 | import org.springframework.beans.factory.annotation.Autowired; |
---|
34 | |
---|
35 | /** |
---|
36 | * This class is a super-class of any [SpecificPart]Resource of this REST package and contains the methods |
---|
37 | * and field common for each of them. |
---|
38 | * @author olhsha |
---|
39 | */ |
---|
40 | public class ResourceResource<T> { |
---|
41 | |
---|
42 | @Autowired |
---|
43 | protected DBDispatcher dbDispatcher; |
---|
44 | @Context |
---|
45 | protected HttpServletRequest httpServletRequest; |
---|
46 | @Context |
---|
47 | protected HttpServletResponse httpServletResponse; |
---|
48 | @Context |
---|
49 | protected Providers providers; |
---|
50 | @Context |
---|
51 | protected ServletContext context; |
---|
52 | protected Logger loggerServer = LoggerFactory.getLogger(HttpServletResponse.class); |
---|
53 | protected String admin = "admin"; |
---|
54 | protected String anonym = "anonymous"; |
---|
55 | protected String defaultAccess = "read"; |
---|
56 | protected String[] admissibleAccess = {"read", "write", "owner"}; |
---|
57 | |
---|
58 | /** |
---|
59 | * |
---|
60 | * @return the internal database id of the logged in principal if the authentication went well, |
---|
61 | * otherwise sends a corresponding error message. |
---|
62 | * @throws IOException if sending the error fails. |
---|
63 | */ |
---|
64 | public Number getPrincipalID() throws IOException { |
---|
65 | |
---|
66 | dbDispatcher.setResourcesPaths(this.getRelativeServiceURI()); |
---|
67 | String remotePrincipal = httpServletRequest.getRemoteUser(); |
---|
68 | if (remotePrincipal != null) { |
---|
69 | if (!remotePrincipal.equals(anonym)) { |
---|
70 | try { |
---|
71 | return dbDispatcher.getPrincipalInternalIDFromRemoteID(remotePrincipal); |
---|
72 | } catch (NotInDataBaseException e) { |
---|
73 | loggerServer.info(e.toString()); |
---|
74 | loggerServer.info("The record for the user with the id " + remotePrincipal + " will be generated now automatically."); |
---|
75 | try { |
---|
76 | try { |
---|
77 | Principal newPrincipal = Helpers.createPrincipalElement(remotePrincipal, remotePrincipal); |
---|
78 | return dbDispatcher.addPrincipal(newPrincipal, remotePrincipal); |
---|
79 | } catch (PrincipalExists e2) { |
---|
80 | loggerServer.info(e2.toString()); |
---|
81 | httpServletResponse.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, e2.toString()); |
---|
82 | return null; |
---|
83 | } |
---|
84 | } catch (NotInDataBaseException e1) { |
---|
85 | loggerServer.info(e1.toString()); |
---|
86 | httpServletResponse.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, e1.toString()); |
---|
87 | return null; |
---|
88 | } |
---|
89 | } |
---|
90 | } else { |
---|
91 | loggerServer.info("Shibboleth fall-back. Logged in as 'anonymous' with no rights."); |
---|
92 | httpServletResponse.sendError(HttpServletResponse.SC_UNAUTHORIZED, " Shibboleth fall-back. Logged in as 'anonymous' with no rights."); |
---|
93 | return null; |
---|
94 | } |
---|
95 | } else { |
---|
96 | loggerServer.info("Null principal"); |
---|
97 | httpServletResponse.sendError(HttpServletResponse.SC_UNAUTHORIZED, " Null principal"); |
---|
98 | return null; |
---|
99 | } |
---|
100 | } |
---|
101 | |
---|
102 | |
---|
103 | |
---|
104 | protected void ADMIN_RIGHTS_EXPECTED() throws IOException { |
---|
105 | loggerServer.debug("The request can be performed only by the principal with the admin rights."); |
---|
106 | } |
---|
107 | |
---|
108 | protected void INVALID_ACCESS_MODE(String accessMode) throws IOException { |
---|
109 | loggerServer.debug(accessMode + " is an invalid access value, which must be either owner, or read, or write."); |
---|
110 | } |
---|
111 | |
---|
112 | protected String getRelativeServiceURI(){ |
---|
113 | return httpServletRequest.getContextPath()+httpServletRequest.getServletPath(); |
---|
114 | } |
---|
115 | } |
---|