Context Navigation

← Previous Changeset
Next Changeset →

Changeset 4529

Timestamp:

02/17/14 17:19:07 (10 years ago)

Author:

olhsha

Message:

refactoring verbose server output.

Location:

DASISH/t5.6/backend/annotator-backend/trunk/annotator-backend/src

Files:

: 1 added
: 8 edited

main/java/eu/dasish/annotation/backend/dao/DBIntegrityService.java (modified) (1 diff)
main/java/eu/dasish/annotation/backend/dao/NotebookDao.java (modified) (1 diff)
main/java/eu/dasish/annotation/backend/dao/impl/DBIntegrityServiceImlp.java (modified) (1 diff)
main/java/eu/dasish/annotation/backend/dao/impl/JdbcNotebookDao.java (modified) (3 diffs)
main/java/eu/dasish/annotation/backend/rest/AnnotationResource.java (modified) (16 diffs)
main/java/eu/dasish/annotation/backend/rest/NotebookResource.java (modified) (5 diffs)
main/java/eu/dasish/annotation/backend/rest/VerboseOutput.java (added)
test/java/eu/dasish/annotation/backend/dao/impl/DBIntegrityServiceTest.java (modified) (1 diff)
test/java/eu/dasish/annotation/backend/rest/AnnotationResourceTest.java (modified) (2 diffs)

Legend:

: Unmodified
: Added
: Removed

DASISH/t5.6/backend/annotator-backend/trunk/annotator-backend/src/main/java/eu/dasish/annotation/backend/dao/DBIntegrityService.java

r4523	r4529
245	245	public NotebookInfoList getNotebooks(Number prinipalID, String permission);
246	246
	247	boolean hasAccess(Number notebookID, Number principalID, Permission permission);
	248
247	249	public ReferenceList getNotebooksOwnedBy(Number principalID);
248	250

DASISH/t5.6/backend/annotator-backend/trunk/annotator-backend/src/main/java/eu/dasish/annotation/backend/dao/NotebookDao.java

r4495	r4529
43	43
44	44	Number getOwner(Number notebookID);
	45
	46
45	47
46	48	List<Number> getNotebookIDs(Number principalID, Permission acessMode);

DASISH/t5.6/backend/annotator-backend/trunk/annotator-backend/src/main/java/eu/dasish/annotation/backend/dao/impl/DBIntegrityServiceImlp.java

-                      r4523
+                      r4529
     @Override
+    public boolean hasAccess(Number notebookID, Number principalID, Permission permission){
+        List<Number> notebookIDs = notebookDao.getNotebookIDs(principalID, permission);
+        if (notebookIDs == null) {
+            return false;
+        }
+        return notebookIDs.contains(notebookID);
+    }
+    @Override
     public ReferenceList getNotebooksOwnedBy(Number principalID) {
         ReferenceList result = new ReferenceList();

DASISH/t5.6/backend/annotator-backend/trunk/annotator-backend/src/main/java/eu/dasish/annotation/backend/dao/impl/JdbcNotebookDao.java

-                      r4506
+                      r4529
 import java.sql.ResultSet;
 import java.sql.SQLException;
-import java.util.GregorianCalendar;
 import java.util.HashMap;
 import java.util.List;
 …
 import javax.sql.DataSource;
 import org.springframework.jdbc.core.RowMapper;
-import javax.xml.datatype.DatatypeConfigurationException;
-import javax.xml.datatype.DatatypeFactory;
-import javax.xml.datatype.XMLGregorianCalendar;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 …
+        }
+    }
     @Override

DASISH/t5.6/backend/annotator-backend/trunk/annotator-backend/src/main/java/eu/dasish/annotation/backend/rest/AnnotationResource.java

-                      r4491
+                      r4529
     @Context
     private ServletContext context;
-    private final Logger logger = LoggerFactory.getLogger(AnnotationResource.class);
     public static final Logger loggerServer = LoggerFactory.getLogger(HttpServletResponse.class);
+    private final VerboseOutput verboseOutput = new VerboseOutput(httpServletResponse, loggerServer);
     final private String admin = "admin";
 …
     @Transactional(readOnly = true)
     public JAXBElement<Annotation> getAnnotation(@PathParam("annotationid") String externalIdentifier) throws IOException {
+        URI baseURI = uriInfo.getBaseUri();
+        String baseURIstr = baseURI.toString();
+        dbIntegrityService.setServiceURI(baseURIstr);
+        dbIntegrityService.setServiceURI(uriInfo.getBaseUri().toString());
         try {
             final Number annotationID = dbIntegrityService.getAnnotationInternalIdentifier(UUID.fromString(externalIdentifier));
 …
                     if (dbIntegrityService.canRead(userID, annotationID)) {
                         final Annotation annotation = dbIntegrityService.getAnnotation(annotationID);
+                        JAXBElement<Annotation> rootElement = new ObjectFactory().createAnnotation(annotation);
+                        return rootElement;
+                    } else {
+                        loggerServer.debug(httpServletResponse.SC_FORBIDDEN + ": The logged-in user cannot read the annotation.");
+                        httpServletResponse.sendError(HttpServletResponse.SC_FORBIDDEN, "The logged-in user cannot read the annotation.");
+                        return null;
+                    }
+                } else {
+                    loggerServer.debug(httpServletResponse.SC_NOT_FOUND + ": the logged-in user is not found in the database");
+                    httpServletResponse.sendError(HttpServletResponse.SC_NOT_FOUND, "The logged-in user is not found in the database");
+                    return null;
+                }
+            } else {
+                loggerServer.debug(HttpServletResponse.SC_NOT_FOUND + ": The annotation with the given id " + externalIdentifier + " is not found in the database");
+                httpServletResponse.sendError(HttpServletResponse.SC_NOT_FOUND, "The annotation with the given id " + externalIdentifier + " is not found in the database");
+                return null;
+            }
+        } catch (IllegalArgumentException e) {
+            loggerServer.debug(HttpServletResponse.SC_BAD_REQUEST + ": Illegal argument UUID " + externalIdentifier);
+            httpServletResponse.sendError(HttpServletResponse.SC_BAD_REQUEST, "Illegal argument UUID " + externalIdentifier);
+            return null;
+        }
+                        return new ObjectFactory().createAnnotation(annotation);
+                    } else {
+                        verboseOutput.sendFailureMessage(VerboseOutput.FORBIDDEN_ANNOTATION_READING(externalIdentifier), HttpServletResponse.SC_FORBIDDEN);
+                    }
+                } else {
+                    verboseOutput.sendFailureMessage(VerboseOutput.REMOTE_PRINCIPAL_NOT_FOUND, httpServletResponse.SC_NOT_FOUND);
+                }
+            } else {
+                verboseOutput.sendFailureMessage(VerboseOutput.ANNOTATION_NOT_FOUND(externalIdentifier), HttpServletResponse.SC_NOT_FOUND);
+            }
+        } catch (IllegalArgumentException e) {
+            verboseOutput.sendFailureMessage(VerboseOutput.ILLEGAL_UUID(externalIdentifier), HttpServletResponse.SC_BAD_REQUEST);
+        }
+        return new ObjectFactory().createAnnotation(new Annotation());
+    }
 …
     public JAXBElement<ReferenceList> getAnnotationTargets(@PathParam("annotationid") String externalIdentifier) throws IOException {
         dbIntegrityService.setServiceURI(uriInfo.getBaseUri().toString());
         try {
             final Number annotationID = dbIntegrityService.getAnnotationInternalIdentifier(UUID.fromString(externalIdentifier));
 …
                     if (dbIntegrityService.canRead(userID, annotationID)) {
                         final ReferenceList TargetList = dbIntegrityService.getAnnotationTargets(annotationID);
-                        logger.info("getAnnotationTargets method: OK");
                         return new ObjectFactory().createTargetList(TargetList);
                     } else {
+                        loggerServer.debug(httpServletResponse.SC_FORBIDDEN + ": The logged-in user cannot read the annotation.");
+                        httpServletResponse.sendError(HttpServletResponse.SC_FORBIDDEN, "The logged-in user cannot read the annotation.");
+                        return null;
+                    }
+                } else {
+                    loggerServer.debug(httpServletResponse.SC_NOT_FOUND + ": the logged-in user is not found in the database");
+                    httpServletResponse.sendError(HttpServletResponse.SC_NOT_FOUND, "The logged-in user is not found in the database");
+                    return null;
+                }
+            } else {
+                loggerServer.debug(HttpServletResponse.SC_NOT_FOUND + ": The annotation with the given id " + externalIdentifier + " is not found in the database");
+                httpServletResponse.sendError(HttpServletResponse.SC_NOT_FOUND, "The annotation with the given id " + externalIdentifier + " is not found in the database");
+                return null;
+            }
+        } catch (IllegalArgumentException e) {
+            loggerServer.debug(HttpServletResponse.SC_BAD_REQUEST + ": Illegal argument UUID " + externalIdentifier);
+            httpServletResponse.sendError(HttpServletResponse.SC_BAD_REQUEST, "Illegal argument UUID " + externalIdentifier);
+            return null;
+        }
+                        verboseOutput.sendFailureMessage(VerboseOutput.FORBIDDEN_ANNOTATION_READING(externalIdentifier), HttpServletResponse.SC_FORBIDDEN);
+                    }
+                } else {
+                    verboseOutput.sendFailureMessage(VerboseOutput.REMOTE_PRINCIPAL_NOT_FOUND, httpServletResponse.SC_NOT_FOUND);
+                }
+            } else {
+                verboseOutput.sendFailureMessage(VerboseOutput.ANNOTATION_NOT_FOUND(externalIdentifier), HttpServletResponse.SC_NOT_FOUND);
+            }
+        } catch (IllegalArgumentException e) {
+            verboseOutput.sendFailureMessage(VerboseOutput.ILLEGAL_UUID(externalIdentifier), HttpServletResponse.SC_BAD_REQUEST);
+        }
+        return new ObjectFactory().createTargetList(new ReferenceList());
+    }
 // TODO Unit test
 …
             try {
                 UUID ownerExternalUUID = (ownerExternalId != null) ? UUID.fromString(ownerExternalId) : null;
                 final AnnotationInfoList annotationInfoList = dbIntegrityService.getFilteredAnnotationInfos(ownerExternalUUID, link, text, userID, access, namespace, after, before);
                 return new ObjectFactory().createAnnotationInfoList(annotationInfoList);
             } catch (IllegalArgumentException e) {
+                loggerServer.debug(HttpServletResponse.SC_BAD_REQUEST + ": Illegal argument UUID " + ownerExternalId);
+                httpServletResponse.sendError(HttpServletResponse.SC_BAD_REQUEST, "Illegal argument UUID " + ownerExternalId);
+                return null;
+                verboseOutput.sendFailureMessage(VerboseOutput.ILLEGAL_UUID(ownerExternalId), HttpServletResponse.SC_BAD_REQUEST);
+            }
         } else {
+            loggerServer.debug(httpServletResponse.SC_NOT_FOUND + ": the logged-in user is not found in the database");
+            httpServletResponse.sendError(HttpServletResponse.SC_NOT_FOUND, "The logged-in user is not found in the database");
+            return null;
+        }
+            verboseOutput.sendFailureMessage(VerboseOutput.REMOTE_PRINCIPAL_NOT_FOUND, httpServletResponse.SC_NOT_FOUND);
+        }
+        return new ObjectFactory().createAnnotationInfoList(new AnnotationInfoList());
+    }
 …
                     if (dbIntegrityService.canRead(userID, annotationID)) {
                         final UserWithPermissionList permissionList = dbIntegrityService.getPermissionsForAnnotation(annotationID);
-                        logger.debug("getAnnotationPermissions method: OK");
                         return new ObjectFactory().createPermissionList(permissionList);
                     } else {
+                        loggerServer.debug(httpServletResponse.SC_FORBIDDEN + ": The logged-in user cannot read the annotation.");
+                        httpServletResponse.sendError(HttpServletResponse.SC_FORBIDDEN, "The logged-in user cannot read the annotation.");
+                        return null;
+                    }
+                } else {
+                    loggerServer.debug(HttpServletResponse.SC_NOT_FOUND + ": The annotation with the given id " + externalIdentifier + " is not found in the database");
+                    httpServletResponse.sendError(HttpServletResponse.SC_NOT_FOUND, "The annotation with the given id " + externalIdentifier + " is not found in the database");
+                    return null;
+                }
+            } else {
+                loggerServer.debug(httpServletResponse.SC_NOT_FOUND + ": the logged-in user is not found in the database");
+                httpServletResponse.sendError(HttpServletResponse.SC_NOT_FOUND, "The logged-in user is not found in the database");
+                return null;
+            }
+        } catch (IllegalArgumentException e) {
+            loggerServer.debug(HttpServletResponse.SC_BAD_REQUEST + ": Illegal argument UUID " + externalIdentifier);
+            httpServletResponse.sendError(HttpServletResponse.SC_BAD_REQUEST, "Illegal argument UUID " + externalIdentifier);
+            return null;
+        }
+                        verboseOutput.sendFailureMessage(VerboseOutput.FORBIDDEN_ANNOTATION_READING(externalIdentifier), HttpServletResponse.SC_FORBIDDEN);
+                    }
+                } else {
+                    verboseOutput.sendFailureMessage(VerboseOutput.ANNOTATION_NOT_FOUND(externalIdentifier), HttpServletResponse.SC_NOT_FOUND);
+                }
+            } else {
+                verboseOutput.sendFailureMessage(VerboseOutput.REMOTE_PRINCIPAL_NOT_FOUND, httpServletResponse.SC_NOT_FOUND);
+            }
+        } catch (IllegalArgumentException e) {
+            verboseOutput.sendFailureMessage(VerboseOutput.ILLEGAL_UUID(externalIdentifier), HttpServletResponse.SC_BAD_REQUEST);
+        }
+        return new ObjectFactory().createUserWithPermissionList(new UserWithPermissionList());
+    }
 ///////////////////////////////////////////////////////
 …
                         int[] resultDelete = dbIntegrityService.deleteAnnotation(annotationID);
                         String result = Integer.toString(resultDelete[0]);
-                        logger.info("deleteAnnotation method: OK");
                         return result + " annotation(s) deleted.";
                     } else {
+                        loggerServer.debug(httpServletResponse.SC_FORBIDDEN + ": The logged-in user cannot delete the annotation. Only the owner can delete the annotation.");
+                        httpServletResponse.sendError(HttpServletResponse.SC_FORBIDDEN, "The logged-in user cannot delete the annotation. Only the owner can delete the annotation.");
+                        return null;
+                    }
+                } else {
+                    loggerServer.debug(HttpServletResponse.SC_NOT_FOUND + ": The annotation with the given id " + externalIdentifier + " is not found in the database");
+                    httpServletResponse.sendError(HttpServletResponse.SC_NOT_FOUND, "The annotation with the given id  " + externalIdentifier + " is not found in the database.");
+                    return null;
+                }
+            } else {
+                loggerServer.debug(httpServletResponse.SC_NOT_FOUND + ": the logged-in user is not found in the database.");
+                httpServletResponse.sendError(HttpServletResponse.SC_NOT_FOUND, "The logged-in user is not found in the database.");
+                return null;
+            }
+        } catch (IllegalArgumentException e) {
+            loggerServer.debug(HttpServletResponse.SC_BAD_REQUEST + ": Illegal argument UUID " + externalIdentifier);
+            httpServletResponse.sendError(HttpServletResponse.SC_BAD_REQUEST, "Illegal argument UUID " + externalIdentifier);
+            return null;
+        }
+                        verboseOutput.sendFailureMessage(VerboseOutput.FORBIDDEN_ANNOTATION_WRITING(externalIdentifier) + " Only a principal with 'owner' access can delete the annotation.", HttpServletResponse.SC_FORBIDDEN);
+                    }
+                } else {
+                    verboseOutput.sendFailureMessage(VerboseOutput.ANNOTATION_NOT_FOUND(externalIdentifier), HttpServletResponse.SC_NOT_FOUND);
+                }
+            } else {
+                verboseOutput.sendFailureMessage(VerboseOutput.REMOTE_PRINCIPAL_NOT_FOUND, httpServletResponse.SC_NOT_FOUND);
+            }
+        } catch (IllegalArgumentException e) {
+            verboseOutput.sendFailureMessage(VerboseOutput.ILLEGAL_UUID(externalIdentifier), HttpServletResponse.SC_BAD_REQUEST);
+        }
+        return "Due to the failure no annotation is deleted.";
+    }
 …
             return new ObjectFactory().createResponseBody(makeAnnotationResponseEnvelope(annotationID));
         } else {
             loggerServer.debug(httpServletResponse.SC_NOT_FOUND + ": the logged-in user is not found in the database");
+            httpServletResponse.sendError(HttpServletResponse.SC_NOT_FOUND, "The logged-in user is not found in the database.");
             return null;
+        }
+            verboseOutput.sendFailureMessage(VerboseOutput.REMOTE_PRINCIPAL_NOT_FOUND, httpServletResponse.SC_NOT_FOUND);
+        }
+        return new ObjectFactory().createResponseBody(new ResponseBody());
+    }
 ///////////////////////////////////////////////////////
 …
         if (!(path + "annotations/" + externalIdentifier).equals(annotationURI)) {
+            loggerServer.debug(httpServletResponse.SC_CONFLICT + "Wrong request: the annotation identifier   " + externalIdentifier + " and the annotation ID from the request body do not match. Correct the request and resend.");
+            httpServletResponse.sendError(HttpServletResponse.SC_CONFLICT, "Wrong request: the annotation identifier   " + externalIdentifier + " and the annotation ID from the request body do not match. Correct the request and resend.");
+            return null;
+            verboseOutput.sendFailureMessage("Wrong request: the annotation identifier   " + externalIdentifier + " and the annotation ID from the request body do not match. Correct the request and resend.", HttpServletResponse.SC_CONFLICT);
+            return new ObjectFactory().createResponseBody(new ResponseBody());
+        }
 …
                         int updatedRows = dbIntegrityService.updateAnnotation(annotation);
                         return new ObjectFactory().createResponseBody(makeAnnotationResponseEnvelope(annotationID));
+                    } else {
+                        loggerServer.debug(httpServletResponse.SC_UNAUTHORIZED + "Only the owner can update the annotation fully (incl. permissions). Only writer can update the annotation's body.");
+                        httpServletResponse.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Only the owner can update the annotation fully (incl. permissions). Only writer can update the annotation's body.");
+                        return null;
+                    }
+                } else {
+                    loggerServer.debug(httpServletResponse.SC_NOT_FOUND + ": the logged-in user is not found in the database");
+                    httpServletResponse.sendError(HttpServletResponse.SC_NOT_FOUND, "The logged-in user is not found in the database.");
+                    return null;
+                }
+            } else {
+                loggerServer.debug(HttpServletResponse.SC_NOT_FOUND + ": The annotation with the given id " + externalIdentifier + " is not found in the database");
+                httpServletResponse.sendError(HttpServletResponse.SC_NOT_FOUND, "The annotation with the given id   " + externalIdentifier + " is not found in the database.");
+                return null;
+            }
+        } catch (IllegalArgumentException e) {
+            loggerServer.debug(HttpServletResponse.SC_BAD_REQUEST + ": Illegal argument UUID " + externalIdentifier);
+            httpServletResponse.sendError(HttpServletResponse.SC_BAD_REQUEST, "Illegal argument UUID " + externalIdentifier);
+            return null;
+        }
+                    } else {
+                        verboseOutput.sendFailureMessage(VerboseOutput.FORBIDDEN_PERMISSION_CHANGING(externalIdentifier) + " Permission changing is the part of the full update of the annotation.", HttpServletResponse.SC_FORBIDDEN);
+                    }
+                } else {
+                    verboseOutput.sendFailureMessage(VerboseOutput.REMOTE_PRINCIPAL_NOT_FOUND, httpServletResponse.SC_NOT_FOUND);
+                }
+            } else {
+                verboseOutput.sendFailureMessage(VerboseOutput.ANNOTATION_NOT_FOUND(externalIdentifier), HttpServletResponse.SC_NOT_FOUND);
+            }
+        } catch (IllegalArgumentException e) {
+            verboseOutput.sendFailureMessage(VerboseOutput.ILLEGAL_UUID(externalIdentifier), HttpServletResponse.SC_BAD_REQUEST);
+        }
+        return new ObjectFactory().createResponseBody(new ResponseBody());
+    }
 …
                         return new ObjectFactory().createResponseBody(makeAnnotationResponseEnvelope(annotationID));
                     } else {
+                        loggerServer.debug(httpServletResponse.SC_UNAUTHORIZED + "The logged-in user cannot change the body of this annotation because (s)he is  not its 'writer'.");
+                        httpServletResponse.sendError(HttpServletResponse.SC_UNAUTHORIZED, "The logged-in user cannot change the body of this annotation because (s)he is  not its 'writer'.");
+                        return null;
+                    }
+                } else {
+                    loggerServer.debug(HttpServletResponse.SC_NOT_FOUND + ": The annotation with the given id " + externalIdentifier + " is not found in the database");
+                    httpServletResponse.sendError(HttpServletResponse.SC_NOT_FOUND, "The annotation with the given id   " + externalIdentifier + " is not found in the database.");
+                    return null;
+                }
+            } else {
+                loggerServer.debug(httpServletResponse.SC_NOT_FOUND + ": the logged-in user is not found in the database");
+                httpServletResponse.sendError(HttpServletResponse.SC_NOT_FOUND, "The logged-in user is not found in the database.");
+                return null;
+            }
+        } catch (IllegalArgumentException e) {
+            loggerServer.debug(HttpServletResponse.SC_BAD_REQUEST + ": Illegal argument UUID " + externalIdentifier);
+            httpServletResponse.sendError(HttpServletResponse.SC_BAD_REQUEST, "Illegal argument UUID " + externalIdentifier);
+            return null;
+        }
+                        verboseOutput.sendFailureMessage(VerboseOutput.FORBIDDEN_ANNOTATION_WRITING(externalIdentifier), HttpServletResponse.SC_FORBIDDEN);
+                    }
+                } else {
+                    verboseOutput.sendFailureMessage(VerboseOutput.ANNOTATION_NOT_FOUND(externalIdentifier), HttpServletResponse.SC_NOT_FOUND);
+                }
+            } else {
+                verboseOutput.sendFailureMessage(VerboseOutput.REMOTE_PRINCIPAL_NOT_FOUND, httpServletResponse.SC_NOT_FOUND);
+            }
+        } catch (IllegalArgumentException e) {
+            verboseOutput.sendFailureMessage(VerboseOutput.ILLEGAL_UUID(externalIdentifier), HttpServletResponse.SC_BAD_REQUEST);
+        }
+        return new ObjectFactory().createResponseBody(new ResponseBody());
+    }
 …
                                         ? dbIntegrityService.updateAnnotationPrincipalPermission(annotationID, userID, permission)
                                         : dbIntegrityService.addAnnotationPrincipalPermission(annotationID, userID, permission);
-                                logger.info("updatePermission method: OK");
                                 return result + " rows are updated/added";
                             } else {
+                                loggerServer.debug(httpServletResponse.SC_UNAUTHORIZED + "The logged-in user cannot change the body of this annotation because (s)he is  not its 'writer'.");
+                                httpServletResponse.sendError(HttpServletResponse.SC_UNAUTHORIZED, "The logged-in user cannot change the rights on this annotation because (s)he is  not its owner.");
+                                return null;
+                                verboseOutput.sendFailureMessage(VerboseOutput.FORBIDDEN_PERMISSION_CHANGING(annotationExternalId), HttpServletResponse.SC_FORBIDDEN);
+                            }
                         } else {
+                            loggerServer.debug(HttpServletResponse.SC_NOT_FOUND + ": The annotation with the given id " + annotationExternalId + " is not found in the database");
+                            httpServletResponse.sendError(HttpServletResponse.SC_NOT_FOUND, "The annotation with the given id  " + annotationExternalId + "  is not found in the database.");
+                            return null;
+                            verboseOutput.sendFailureMessage(VerboseOutput.ANNOTATION_NOT_FOUND(annotationExternalId), HttpServletResponse.SC_NOT_FOUND);
+                        }
                     } catch (IllegalArgumentException e) {
+                        loggerServer.debug(HttpServletResponse.SC_BAD_REQUEST + ": Illegal argument UUID " + annotationExternalId);
+                        httpServletResponse.sendError(HttpServletResponse.SC_BAD_REQUEST, "Illegal argument UUID " + annotationExternalId);
+                        return null;
+                    }
+                } else {
+                    loggerServer.debug(HttpServletResponse.SC_NOT_FOUND + ": The user with the given id   " + userExternalId + " is not found in the database");
+                    httpServletResponse.sendError(HttpServletResponse.SC_NOT_FOUND, "The user with the given id   " + userExternalId + " is not found in the database.");
+                    return null;
+                        verboseOutput.sendFailureMessage(VerboseOutput.ILLEGAL_UUID(annotationExternalId), HttpServletResponse.SC_BAD_REQUEST);
+                    }
+                } else {
+                    verboseOutput.sendFailureMessage(VerboseOutput.PRINCIPAL_NOT_FOUND(userExternalId), HttpServletResponse.SC_NOT_FOUND);
+                }
             } catch (IllegalArgumentException e) {
+                loggerServer.debug(HttpServletResponse.SC_BAD_REQUEST + ": Illegal argument UUID " + userExternalId);
+                httpServletResponse.sendError(HttpServletResponse.SC_BAD_REQUEST, "Illegal argument UUID " + userExternalId);
+                return null;
+                verboseOutput.sendFailureMessage(VerboseOutput.ILLEGAL_UUID(userExternalId), HttpServletResponse.SC_BAD_REQUEST);
+            }
         } else {
             loggerServer.debug(httpServletResponse.SC_NOT_FOUND + ": the logged-in user is not found in the database");
+            httpServletResponse.sendError(HttpServletResponse.SC_NOT_FOUND, "The logged-in user is not found in the database.");
             return null;
+        }
+            verboseOutput.sendFailureMessage(VerboseOutput.REMOTE_PRINCIPAL_NOT_FOUND, httpServletResponse.SC_NOT_FOUND);
+        }
+        return "Due to the failure no permissionis updated.";
+    }
 …
                         return new ObjectFactory().createResponseBody(makePermissionResponseEnvelope(annotationID));
                     } else {
+                        loggerServer.debug(httpServletResponse.SC_UNAUTHORIZED + "The logged-in user cannot change the access rights on this annotation because (s)he is  not its owner.");
+                        httpServletResponse.sendError(HttpServletResponse.SC_UNAUTHORIZED, "The logged-in user cannot change the access rights on this annotation because (s)he is  not its owner.");
+                        return null;
+                    }
+                } else {
+                    loggerServer.debug(HttpServletResponse.SC_NOT_FOUND + ": The annotation with the given id " + annotationExternalId + " is not found in the database");
+                    httpServletResponse.sendError(HttpServletResponse.SC_NOT_FOUND, "The annotation with the given id  " + annotationExternalId + "  is not found in the database.");
+                    return null;
+                }
+            } else {
+                loggerServer.debug(httpServletResponse.SC_NOT_FOUND + ": the logged-in user is not found in the database");
+                httpServletResponse.sendError(HttpServletResponse.SC_NOT_FOUND, "The logged-in user is not found in the database.");
+                return null;
+            }
+        } catch (IllegalArgumentException e) {
+            loggerServer.debug(HttpServletResponse.SC_BAD_REQUEST + ": Illegal argument UUID " + annotationExternalId);
+            httpServletResponse.sendError(HttpServletResponse.SC_BAD_REQUEST, "Illegal argument UUID " + annotationExternalId);
+            return null;
+                        verboseOutput.sendFailureMessage(VerboseOutput.FORBIDDEN_PERMISSION_CHANGING(annotationExternalId), HttpServletResponse.SC_FORBIDDEN);
+                    }
+                } else {
+                    verboseOutput.sendFailureMessage(VerboseOutput.ANNOTATION_NOT_FOUND(annotationExternalId), HttpServletResponse.SC_NOT_FOUND);
+                }
+            } else {
+                verboseOutput.sendFailureMessage(VerboseOutput.REMOTE_PRINCIPAL_NOT_FOUND, httpServletResponse.SC_NOT_FOUND);
+            }
+            return new ObjectFactory().createResponseBody(new ResponseBody());
+        } catch (IllegalArgumentException e) {
+            verboseOutput.sendFailureMessage(VerboseOutput.ILLEGAL_UUID(annotationExternalId), HttpServletResponse.SC_BAD_REQUEST);
+            return new ObjectFactory().createResponseBody(new ResponseBody());
+        }
+    }
 …
                         } else {
+                            loggerServer.debug(httpServletResponse.SC_NOT_FOUND + ": the user external identifier " + userId + " is not found the the databse.");
+                            httpServletResponse.sendError(HttpServletResponse.SC_UNAUTHORIZED, "The user external identifier " + userId + " is not found the the databse.");
+                            verboseOutput.sendFailureMessage(VerboseOutput.PRINCIPAL_NOT_FOUND(userId), HttpServletResponse.SC_NOT_FOUND);
+                        }
                     } else {
+                        loggerServer.debug(httpServletResponse.SC_UNAUTHORIZED + "The logged-in user cannot change the access rights on this annotation because (s)he is  not its owner.");
+                        httpServletResponse.sendError(HttpServletResponse.SC_UNAUTHORIZED, "The logged-in user cannot change the access rights on this annotation because (s)he is  not its owner.");
+                    }
+                } else {
+                    loggerServer.debug(HttpServletResponse.SC_NOT_FOUND + ": The annotation with the given id " + annotationId + " is not found in the database");
+                    httpServletResponse.sendError(HttpServletResponse.SC_NOT_FOUND, "The annotation with the given id  " + annotationId + "  is not found in the database.");
+                }
+            } else {
+                loggerServer.debug(httpServletResponse.SC_NOT_FOUND + ": the logged-in user is not found in the database");
+                httpServletResponse.sendError(HttpServletResponse.SC_NOT_FOUND, "The logged-in user is not found in the database.");
+            }
+        } catch (IllegalArgumentException e) {
+            loggerServer.debug(HttpServletResponse.SC_BAD_REQUEST + ": Illegal argument UUID " + annotationId);
+            httpServletResponse.sendError(HttpServletResponse.SC_BAD_REQUEST, "Illegal argument UUID " + annotationId);
+                        verboseOutput.sendFailureMessage(VerboseOutput.FORBIDDEN_PERMISSION_CHANGING(annotationId), HttpServletResponse.SC_FORBIDDEN);
+                    }
+                } else {
+                    verboseOutput.sendFailureMessage(VerboseOutput.ANNOTATION_NOT_FOUND(annotationId), HttpServletResponse.SC_NOT_FOUND);
+                }
+            } else {
+                verboseOutput.sendFailureMessage(VerboseOutput.REMOTE_PRINCIPAL_NOT_FOUND, httpServletResponse.SC_NOT_FOUND);
+            }
+        } catch (IllegalArgumentException e) {
+            verboseOutput.sendFailureMessage(VerboseOutput.ILLEGAL_UUID(annotationId), HttpServletResponse.SC_BAD_REQUEST);
+        }
         return (deletedRows + " is deleted.");
 …
+        }
+    }
+}

DASISH/t5.6/backend/annotator-backend/trunk/annotator-backend/src/main/java/eu/dasish/annotation/backend/rest/NotebookResource.java

-                      r4523
+                      r4529
 import eu.dasish.annotation.schema.NotebookInfoList;
 import eu.dasish.annotation.schema.ObjectFactory;
+import eu.dasish.annotation.schema.Permission;
 import eu.dasish.annotation.schema.ReferenceList;
 import java.io.IOException;
 …
     @Context
     protected Providers providers;
-    private final Logger logger = LoggerFactory.getLogger(AnnotationResource.class);
     private final Logger loggerServer = LoggerFactory.getLogger(HttpServletResponse.class);
+    private final VerboseOutput verboseOutput = new VerboseOutput(httpServletResponse, loggerServer);
     public NotebookResource() {
+    }
+    // changed w.r.t.the spec, query parameter persmission is added
     @GET
     @Produces(MediaType.APPLICATION_XML)
 …
     @Transactional(readOnly = true)
     public JAXBElement<NotebookInfoList> getNotebookInfos(@QueryParam("permission") String permissionMode) throws IOException {
+        URI baseURI = uriInfo.getBaseUri();
+        String baseURIstr = baseURI.toString();
+        dbIntegrityService.setServiceURI(baseURIstr);
+        String remoteUser = httpServletRequest.getRemoteUser();
+        final Number userID = dbIntegrityService.getUserInternalIDFromRemoteID(remoteUser);
+        if (userID != null) {
+        dbIntegrityService.setServiceURI(uriInfo.getBaseUri().toString());
+        String remoteUser = httpServletRequest.getRemoteUser();
+        final Number principalID = dbIntegrityService.getUserInternalIDFromRemoteID(remoteUser);
+        if (principalID != null) {
             if (permissionMode.equalsIgnoreCase("reader") || permissionMode.equalsIgnoreCase("writer") || permissionMode.equalsIgnoreCase("owner")) {
                 NotebookInfoList notebookInfos = dbIntegrityService.getNotebooks(userID, permissionMode);
+                NotebookInfoList notebookInfos = dbIntegrityService.getNotebooks(principalID, permissionMode);
                 return new ObjectFactory().createNotebookInfoList(notebookInfos);
             } else {
+                loggerServer.debug(httpServletResponse.SC_BAD_REQUEST + ": '" + permissionMode + "' is an invalid permission value, which must be either owner, or reader, or writer.");
+                httpServletResponse.sendError(httpServletResponse.SC_BAD_REQUEST, permissionMode + "' is an invalid permission value, which must be either owner, or reader, or writer.");
+                return null;
+            }
+        } else {
+            loggerServer.debug(httpServletResponse.SC_NOT_FOUND + ": the logged-in user is not found in the database");
+            httpServletResponse.sendError(HttpServletResponse.SC_NOT_FOUND, "The logged-in user is not found in the database");
+            return null;
+        }
+                verboseOutput.sendFailureMessage(VerboseOutput.INVALID_PERMISSION_MODE(permissionMode), httpServletResponse.SC_BAD_REQUEST);
+            }
+        } else {
+            verboseOutput.sendFailureMessage(VerboseOutput.REMOTE_PRINCIPAL_NOT_FOUND, httpServletResponse.SC_NOT_FOUND);
+        }
+        return (new ObjectFactory()).createNotebookInfoList(new NotebookInfoList());
+    }
 …
     public JAXBElement<ReferenceList> getOwnedNotebooks() throws IOException {
+        URI baseURI = uriInfo.getBaseUri();
+        String baseURIstr = baseURI.toString();
+        dbIntegrityService.setServiceURI(baseURIstr);
+        dbIntegrityService.setServiceURI(uriInfo.getBaseUri().toString());
         String remoteUser = httpServletRequest.getRemoteUser();
 …
             return new ObjectFactory().createReferenceList(references);
         } else {
+            loggerServer.debug(httpServletResponse.SC_NOT_FOUND + ": the logged-in user is not found in the database");
+            httpServletResponse.sendError(HttpServletResponse.SC_NOT_FOUND, "The logged-in user is not found in the database");
+            return null;
+        }
+    }
+    @GET
+    @Produces(MediaType.APPLICATION_XML)
+    @Path("{notebookid: " + BackendConstants.regExpIdentifier + "}/targets")
+    @Transactional(readOnly = true)
+    public JAXBElement<Notebook> getNotebook(@PathParam("notebookid") String externalIdentifier) throws IOException {
+        URI baseURI = uriInfo.getBaseUri();
+        String baseURIstr = baseURI.toString();
+        dbIntegrityService.setServiceURI(baseURIstr);
+        String remoteUser = httpServletRequest.getRemoteUser();
+        final Number userID = dbIntegrityService.getUserInternalIDFromRemoteID(remoteUser);
+        if (userID != null) {
+            verboseOutput.sendFailureMessage(VerboseOutput.REMOTE_PRINCIPAL_NOT_FOUND, httpServletResponse.SC_NOT_FOUND);
+        }
+        return new ObjectFactory().createReferenceList(new ReferenceList());
+    }
+    @GET
+    @Produces(MediaType.APPLICATION_XML)
+    @Path("{notebookid: " + BackendConstants.regExpIdentifier + "}/{permission}")
+    @Transactional(readOnly = true)
+    public JAXBElement<ReferenceList> getPrincipals(@PathParam("notebookid") String externalIdentifier, @PathParam("permission") String permissionMode) throws IOException {
+        dbIntegrityService.setServiceURI(uriInfo.getBaseUri().toString());
+        String remoteUser = httpServletRequest.getRemoteUser();
+        final Number principalID = dbIntegrityService.getUserInternalIDFromRemoteID(remoteUser);
+        if (principalID != null) {
             Number notebookID = dbIntegrityService.getNotebookInternalIdentifier(UUID.fromString(externalIdentifier));
             if (notebookID != null) {
+                Notebook notebook = dbIntegrityService.getNotebook(notebookID);
+                return new ObjectFactory().createNotebook(notebook);
+            } else {
+                loggerServer.debug(HttpServletResponse.SC_NOT_FOUND + ": The notebook with the given id " + externalIdentifier + " is not found in the database");
+                httpServletResponse.sendError(HttpServletResponse.SC_NOT_FOUND, "The notebook with the given id " + externalIdentifier + " is not found in the database");
+                return null;
+            }
+        } else {
+            loggerServer.debug(httpServletResponse.SC_NOT_FOUND + ": the logged-in user is not found in the database");
+            httpServletResponse.sendError(HttpServletResponse.SC_NOT_FOUND, "The logged-in user is not found in the database");
+            return null;
+        }
+                if (dbIntegrityService.hasAccess(notebookID, principalID, Permission.fromValue("reader"))) {
+                    ReferenceList principals = dbIntegrityService.getPrincipals(notebookID, permissionMode);
+                    return new ObjectFactory().createReferenceList(principals);
+                } else {
+                    verboseOutput.sendFailureMessage(VerboseOutput.FORBIDDEN_NOTEBOOK_READING(externalIdentifier), HttpServletResponse.SC_FORBIDDEN);
+                }
+            } else {
+                verboseOutput.sendFailureMessage(VerboseOutput.NOTEBOOK_NOT_FOUND(externalIdentifier), HttpServletResponse.SC_NOT_FOUND);
+            }
+        } else {
+            verboseOutput.sendFailureMessage(VerboseOutput.REMOTE_PRINCIPAL_NOT_FOUND, HttpServletResponse.SC_NOT_FOUND);
+        }
+        return new ObjectFactory().createReferenceList(new ReferenceList());
+    }
+    // Notebook and NotebookInfo (metadata) schemata may be changed
+    // 1) we do not have information "private notebook" directly in the xml, but we have readers and writers in the schema
+    //so if both are empty then we see that it is private for the owner
+    // or shall we change the scheme? for notebooks
+    // 2) d we need to include the reference list of annotations in teh metadata of the notebook
+    @GET
+    @Produces(MediaType.APPLICATION_XML)
+    @Path("{notebookid: " + BackendConstants.regExpIdentifier + "}/metadata")
+    @Transactional(readOnly = true)
+    public JAXBElement<Notebook> getNotebook(@PathParam("notebookid") String externalIdentifier) throws IOException {
+        dbIntegrityService.setServiceURI(uriInfo.getBaseUri().toString());
+        String remoteUser = httpServletRequest.getRemoteUser();
+        final Number principalID = dbIntegrityService.getUserInternalIDFromRemoteID(remoteUser);
+        if (principalID != null) {
+            Number notebookID = dbIntegrityService.getNotebookInternalIdentifier(UUID.fromString(externalIdentifier));
+            if (notebookID != null) {
+                if (dbIntegrityService.hasAccess(notebookID, principalID, Permission.fromValue("reader"))) {
+                    Notebook notebook = dbIntegrityService.getNotebook(notebookID);
+                    return new ObjectFactory().createNotebook(notebook);
+                } else {
+                    verboseOutput.sendFailureMessage(VerboseOutput.FORBIDDEN_NOTEBOOK_READING(externalIdentifier), HttpServletResponse.SC_FORBIDDEN);
+                }
+            } else {
+                verboseOutput.sendFailureMessage(VerboseOutput.NOTEBOOK_NOT_FOUND(externalIdentifier), HttpServletResponse.SC_NOT_FOUND);
+            }
+        } else {
+            verboseOutput.sendFailureMessage(VerboseOutput.REMOTE_PRINCIPAL_NOT_FOUND, HttpServletResponse.SC_NOT_FOUND);
+        }
+        return new ObjectFactory().createNotebook(new Notebook());
+    }
+    @GET
+    @Produces(MediaType.APPLICATION_XML)
+    @Path("{notebookid: " + BackendConstants.regExpIdentifier + "}")
+    @Transactional(readOnly = true)
+    public JAXBElement<ReferenceList> getNotebookAnnotations(@PathParam("notebookid") String externalIdentifier,
+            @QueryParam("maximumAnnotations") int maximumAnnotations,
+            @QueryParam("startAnnotation") int startAnnotations,
+            @QueryParam("orderBy") String orderBy,
+            @QueryParam("descending") boolean desc) throws IOException {
+        dbIntegrityService.setServiceURI(uriInfo.getBaseUri().toString());
+        String remoteUser = httpServletRequest.getRemoteUser();
+        final Number principalID = dbIntegrityService.getUserInternalIDFromRemoteID(remoteUser);
+        if (principalID != null) {
+            Number notebookID = dbIntegrityService.getNotebookInternalIdentifier(UUID.fromString(externalIdentifier));
+            if (notebookID != null) {
+                if (dbIntegrityService.hasAccess(notebookID, principalID, Permission.fromValue("reader"))) {
+                    ReferenceList annotations = dbIntegrityService.getAnnotationsForNotebook(notebookID, startAnnotations, maximumAnnotations, orderBy, desc);
+                    return new ObjectFactory().createReferenceList(annotations);
+                } else {
+                    verboseOutput.sendFailureMessage(VerboseOutput.FORBIDDEN_NOTEBOOK_READING(externalIdentifier), HttpServletResponse.SC_FORBIDDEN);
+                }
+            } else {
+                verboseOutput.sendFailureMessage(VerboseOutput.NOTEBOOK_NOT_FOUND(externalIdentifier), HttpServletResponse.SC_NOT_FOUND);
+            }
+        } else {
+            verboseOutput.sendFailureMessage(VerboseOutput.REMOTE_PRINCIPAL_NOT_FOUND, HttpServletResponse.SC_NOT_FOUND);
+        }
+        return new ObjectFactory().createReferenceList(new ReferenceList());
+    }
+}

DASISH/t5.6/backend/annotator-backend/trunk/annotator-backend/src/test/java/eu/dasish/annotation/backend/dao/impl/DBIntegrityServiceTest.java

-                      r4523
+                      r4529
         assertEquals(TestBackendConstants._TEST_SERVLET_URI_notebooks + "00000000-0000-0000-0000-000000000014", result.getRef().get(1));
+    }
+ /*      public boolean hasAccess(Number notebookID, Number principalID, Permission permission){
+        List<Number> notebookIDs = notebookDao.getNotebookIDs(principalID, permission);
+        if (notebookIDs == null) {
+            return false;
+        }
+        return notebookIDs.contains(notebookID);
+    } */
+    @Test
+    public void testHasAccess() {
+        final Permission writer = Permission.fromValue("writer");
+        final List<Number> mockNotebookIDwriter = new ArrayList<Number>();
+        mockNotebookIDwriter.add(1);
+        mockNotebookIDwriter.add(4);
+        mockeryDao.checking(new Expectations() {
+            {
+                oneOf(notebookDao).getNotebookIDs(2, writer);
+                will(returnValue(mockNotebookIDwriter));
+                oneOf(notebookDao).getNotebookIDs(2, writer);
+                will(returnValue(mockNotebookIDwriter));
+            }
+        });
+        assertTrue(dbIntegrityService.hasAccess(4, 2, writer));
+        assertFalse(dbIntegrityService.hasAccess(5, 2, writer));
+    }
     /*
      public ReferenceList getPrincipals(Number notebookID, String permission) {

DASISH/t5.6/backend/annotator-backend/trunk/annotator-backend/src/test/java/eu/dasish/annotation/backend/rest/AnnotationResourceTest.java

-                      r4491
+                      r4529
     private Mockery mockeryRest;
     @Autowired
-    private MockObjectsFactoryRest mockObjectFactory;
-    @Autowired
     private DBIntegrityService mockDbIntegrityService;
     @Autowired
 …
         mockRequest = new MockHttpServletRequest();
         mockRequest.setRemoteUser("olhsha@mpi.nl");
+    }

Note: See TracChangeset for help on using the changeset viewer.

Download in other formats: