Beispiel #1
0
  @Override
  public void commit() throws Exception {
    RequestContext ctx = getContext();
    final User user = UserStore.getInstance().open(ctx.getUserID());

    if (isParameter("send")) {
      Random r = new Random();
      String code = "";
      while (code.length() < CODE_LEN) {
        code += String.valueOf(r.nextInt(10));
      }
      user.setPhoneVerificationCode(code + ":" + getParameterString("fullnumber"));
      UserStore.getInstance().save(user);

      // Initiate call to phone number with verification code
      new Thread() {
        @Override
        public void run() {
          try {
            //						if (Setup.isDebug())
            {
              Debug.logln("Verification code: " + user.getPhoneVerificationCode());
            }
            //						else
            {
              VoiceServer.startOutboundCall(
                  user.getID(), getParameterString("fullnumber"), COMMAND, null);
            }
          } catch (Exception e) {
          }
        }
      }.start();
    } else if (isParameter("verify")) {
      // Verified!
      user.setPhone(getParameterString("fullnumber"));
      user.setPhoneVerificationCode(null);
      UserStore.getInstance().save(user);

      // Support guided setup
      progressGuidedSetup();

      // Go back to the contact info page
      throw new AfterCommitRedirectException();
    } else if (isParameter("clear")) {
      user.setPhone(null);
      user.setPhoneVerificationCode(null);
      UserStore.getInstance().save(user);

      // Support guided setup
      progressGuidedSetup();

      // Go back to the contact info page
      throw new AfterCommitRedirectException();
    }
  }
Beispiel #2
0
  @Override
  public void validate() throws Exception {
    RequestContext ctx = getContext();
    User user = UserStore.getInstance().load(ctx.getUserID());

    if (isParameter("enter")) {
      validateParameterPhone("number");
      //			String phone = validateParameterPhone("number");
      //			if (phone.equals(user.getPhone()))
      //			{
      //				throw new WebFormException("number", getString("profile:Phone.NoChange"));
      //			}
    }

    if (isParameter("verify")) {
      String code =
          validateParameterString("code", CODE_LEN, CODE_LEN)
              + ":"
              + getParameterString("fullnumber");
      if (code.equals(user.getPhoneVerificationCode()) == false) {
        // Wrong code
        throw new WebFormException("code", getString("profile:Phone.IncorrectCode"));
      }
    }
  }
Beispiel #3
0
  @Override
  public void commit() throws Exception {
    Set<UUID> userIDs = new HashSet<UUID>();

    // Users
    Integer userCount = getParameterInteger("users");
    for (int i = 0; i < userCount; i++) {
      Pair<String, String> kvp = getParameterTypeAhead("user_" + i);
      if (kvp != null && !Util.isEmpty(kvp.getKey())) {
        User u = UserStore.getInstance().loadByLoginName(kvp.getKey());
        if (u != null) {
          userIDs.add(u.getID());
        }
      }
    }

    // Groups
    Integer groupCount = getParameterInteger("groups");
    for (int i = 0; i < groupCount; i++) {
      Pair<String, String> kvp = getParameterTypeAhead("group_" + i);
      if (kvp != null && !Util.isEmpty(kvp.getKey())) {
        UserGroup lg = UserGroupStore.getInstance().loadByName(kvp.getKey());
        if (lg != null) {
          userIDs.addAll(UserUserGroupLinkStore.getInstance().getUsersForGroup(lg.getID()));
        }
      }
    }

    // Content
    String subject = getParameterString("subject");
    String body = getParameterString("body");
    Map<String, String> notifParams =
        new ParameterMap(AdHocNotif.PARAM_SUBJECT, subject).plus(AdHocNotif.PARAM_BODY, body);

    // Send
    Server fed = ServerStore.getInstance().loadFederation();
    Date date = getParameterDate("date");

    this.messageCount = new HashMap<String, Integer>();
    for (String channel : Channel.getPush()) {
      if (isParameter(channel) == true && fed.isChannelEnabled(channel) == true) {
        for (UUID userID : userIDs) {
          Notifier.send(channel, date, userID, null, AdHocNotif.COMMAND, notifParams);

          // !$! Consider delayed schedule

          Integer count = this.messageCount.get(channel);
          if (count == null) {
            this.messageCount.put(channel, 1);
          } else {
            this.messageCount.put(channel, (1 + count));
          }
        }
      }
    }
  }
Beispiel #4
0
  @Override
  public void renderVoiceXML() throws Exception {
    User user = UserStore.getInstance().open(getContext().getUserID());

    String code = user.getPhoneVerificationCode();
    int p = code.indexOf(":");
    if (p >= 0) {
      code = code.substring(0, p);
    }

    String msg =
        Util.htmlEncode(
            getString("profile:Phone.VerifyMessage", Setup.getAppTitle(getLocale()), "$digits$"));
    StringBuilder digits = new StringBuilder();
    for (int i = 0; i < code.length(); i++) {
      digits.append("<break time=\"200ms\"/>");
      digits.append(code.charAt(i));
    }
    msg = Util.strReplace(msg, "$digits$", digits.toString());

    write("<?xml version=\"1.0\" encoding=\"UTF-8\"?>");
    write("<vxml version=\"2.1\" xml:lang=\"");
    writeEncode(getLocale().getLanguage());
    if (!Util.isEmpty(getLocale().getCountry())) {
      write("-");
      writeEncode(getLocale().getCountry());
    }
    write("\">");
    write("<form>");

    write("<block>");
    for (int i = 0; i < 10; i++) {
      write("<prompt bargein=\"false\">");
      write(msg);
      write("</prompt>");
      write("<break time=\"2s\"/>");
    }
    write("</block>");

    write("</form>");
    write("</vxml>");
  }
Beispiel #5
0
  private void renderEnterPhone() throws Exception {
    RequestContext ctx = getContext();
    User user = UserStore.getInstance().load(ctx.getUserID());
    Server fed = ServerStore.getInstance().loadFederation();

    writeFormOpen();

    TwoColFormControl twoCol = new TwoColFormControl(this);

    twoCol.writeTextRow(getString("profile:Phone.EnterHelp"));
    twoCol.writeSpaceRow();

    twoCol.writeRow(getString("profile:Phone.Number"));
    new PhoneInputControl(twoCol, "number")
        .limitCountries(fed.getVoiceCountries())
        .setInitialValue(user.getPhone())
        .render();

    twoCol.render();

    write("<br>");
    writeButton("enter", getString("controls:Button.Next"));
    write(" ");
    if (ctx.getCommand(1).equals(UrlGenerator.COMMAND_SETUP)) {
      new ButtonInputControl(this, "clear")
          .setSubdued(true)
          .setValue(getString("profile:Phone.Skip"))
          .render();
    } else if (!Util.isEmpty(user.getPhone())) {
      new ButtonInputControl(this, "clear")
          .setStrong(true)
          .setValue(getString("profile:Phone.Clear"))
          .render();
    }

    writeFormClose();
  }
Beispiel #6
0
  @Override
  public void validate() throws Exception {
    int countAddressees = 0;

    // Users
    Integer userCount = getParameterInteger("users");
    for (int i = 0; i < userCount; i++) {
      Pair<String, String> kvp = getParameterTypeAhead("user_" + i);
      if (kvp != null && !Util.isEmpty(kvp.getKey())) {
        User u = UserStore.getInstance().loadByLoginName(kvp.getKey());
        if (u == null) {
          throw new WebFormException(
              "user_" + i, getString("admin:AdHocMessage.InvalidLoginName", kvp.getValue()));
        }
        countAddressees++;
      }
    }

    // Groups
    Integer groupCount = getParameterInteger("groups");
    for (int i = 0; i < groupCount; i++) {
      Pair<String, String> kvp = getParameterTypeAhead("group_" + i);
      if (kvp != null && !Util.isEmpty(kvp.getKey())) {
        UserGroup lg = UserGroupStore.getInstance().loadByName(kvp.getKey());
        if (lg == null) {
          throw new WebFormException(
              "group_" + i, getString("admin:AdHocMessage.InvalidGroupName", kvp.getValue()));
        }
        countAddressees++;
      }
    }

    // Check number of recipients
    if (countAddressees == 0) {
      throw new WebFormException(
          new String[] {"groups", "users"}, getString("admin:AdHocMessage.NoRecipients"));
    }

    // Channels
    int countChannels = 0;
    for (String channel : Channel.getAll()) {
      if (isParameter(channel)) {
        countChannels++;
      }
    }
    if (countChannels == 0) {
      throw new WebFormException(Channel.getAll(), getString("common:Errors.MissingField"));
    }

    // Subject and body
    boolean mandateSubject = isParameter(Channel.EMAIL);
    validateParameterString("subject", mandateSubject ? 1 : 0, 128);

    String html = getParameterRichEdit("body");
    if (Util.isEmptyHTML(html)) {
      throw new WebFormException("body", getString("common:Errors.MissingField"));
    }

    // Date
    validateParameterDate("date");
  }
Beispiel #7
0
  /**
   * Executes the <code>WebPage</code> corresponding to the <code>RequestContext</code>.
   *
   * @param ctx
   */
  public static void execute(WebPage page, RequestContext ctx) throws Exception {
    // Attach the request context to this thread
    RequestContext prevCtx = RequestContext.setCurrent(ctx);

    try {
      // Check authorization
      if (page.isAuthorized() == false) {
        throw new UnauthorizedException();
      }

      // Redirect from HTTP to HTTPS and vice versa, as needed
      // But do not redirect POST requests from HTTPS to HTTP since they cause infinite redirection
      // loop
      boolean ssl = page.isSecureSocket() && Setup.isSSL();
      if (ssl != ctx.isSecureSocket()
          && Channel.isSupportsSecureSocket(ctx.getChannel())
          && (ctx.getMethod().equalsIgnoreCase("GET") || ssl == true)) {
        throw new SecureSocketException();
      }

      // Update last activity date of user once every 1/4 session
      Date now = new Date();
      User user = UserStore.getInstance().load(ctx.getUserID());
      if (user != null
          && (ctx.getMethod().equalsIgnoreCase("POST") || Channel.isPush(ctx.getChannel()) == false)
          && (user.getLastActive() == null
              || user.getLastActive().getTime() + Setup.getSessionLength() / 4L < now.getTime())) {
        user = (User) user.clone();
        user.setLastActive(now);
        UserStore.getInstance().save(user);
      }

      page.init();

      if (ctx.getMethod().equalsIgnoreCase("POST")) {
        // Counter XSS attacks by checking that form data includes the session ID
        String sessionParam = ctx.getParameter(RequestContext.PARAM_SESSION);
        boolean sessionParamMatch =
            sessionParam != null && sessionParam.equals(ctx.getSessionID().toString());
        if (page.isProtectXSS() && ctx.getSessionID() != null && !sessionParamMatch) {
          throw new BadRequestException();
        }

        // Validate and commit the form
        if (page.isActionable()) {
          try {
            page.validate();

            // Actions
            if (!Util.isEmpty(ctx.getParameter(RequestContext.PARAM_ACTION))) {
              // Log the event
              LogEntryStore.log(new ActionLogEntry());
            }

            page.setCommitted(true);
            page.commit(); // May throw RedirectException, PageNotFoundException, etc.
          } catch (WebFormException webFormExc) {
            page.setFormException(webFormExc);
          }
        } else {
          // Page does not support POST
          throw new PageNotFoundException();
        }
      }
      page.render();
    } finally {
      // Restore the request context for this thread
      RequestContext.setCurrent(prevCtx);
    }
  }