Ejemplo n.º 1
0
  /**
   * Returns whether user is allowed to edit the entity if he created the entity
   *
   * @param <T> any object that extends TDPersistable
   * @param tdUser logged in user
   * @param t instance of T
   * @return
   */
  @SuppressWarnings("unchecked")
  public static <T extends TDPersistable> boolean isAccessible(Long id, T t) {
    boolean isAccessAllowed = true;
    try {
      TDUser tdUser = TDUserService.getUser();
      if (id != null && null != tdUser && tdUser.getRole() == TDUserRole.ROLE_STANDARD) {
        try {
          T returnValT = (T) Datastore.get(KeyFactory.createKey(t.getClass().getSimpleName(), id));
          if (returnValT != null) {
            if (returnValT.getCreator().getId() != Long.valueOf(tdUser.getKey().getId())) {
              isAccessAllowed = false;
            }
          }
        } catch (JDOObjectNotFoundException jdoe) {
          isAccessAllowed = false;
        } catch (Exception e) {
          isAccessAllowed = false;
        }
      }
      return isAccessAllowed;

    } catch (UserNotLoggedInException e) {
      return false;
    } catch (UserNotFoundException e) {
      return false;
    }
  }
Ejemplo n.º 2
0
  /**
   * Handles both a POST and a GET <br>
   * Note: This is required as the POST will come from a Mobile User, where as the GET will occur on
   * redirect from Google Auth
   *
   * @param req - the request
   * @param resp - the response
   * @throws ServletException
   * @throws IOException
   */
  private void doLogic(HttpServletRequest req, HttpServletResponse resp)
      throws ServletException, IOException {

    // Get Writer
    final PrintWriter pw = resp.getWriter();

    try {

      // Get redirection url
      final String redirect = req.getParameter(APIConstants.REDIRECT);

      Logger.getLogger(TAG).info("Final Redirection is: " + redirect);

      // If login was successful (or user is already logged in)
      if (TDUserService.isGoogleUser(req)) {
        Logger.getLogger(TAG).info("User logged in, redirecting to: " + redirect);

        try {

          TDUser user = null;

          try {
            // Get the user
            user = TDUserService.getUser(req.getSession());
          } catch (Exception e) {

            Logger.getLogger(TAG).info(e.getMessage() + " means no user.");
          }

          if (null == user) {
            Logger.getLogger(TAG).info("No user exists, creating a new user");
            final User gUser = UserServiceFactory.getUserService().getCurrentUser();
            final String nickname =
                (null != gUser.getNickname()
                        && !gUser.getNickname().isEmpty()
                        && gUser.getNickname().indexOf("@") >= 0
                    ? (gUser.getNickname().substring(0, gUser.getNickname().indexOf("@")))
                    : gUser.getEmail());
            user = new TDUser(gUser, nickname, gUser.getEmail());
            Datastore.put(user);
          } else {
            Logger.getLogger(TAG).info("User " + user.getKey() + " found.");
          }

          Logger.getLogger(TAG).info("User's API Key is: " + user.getApiKey());

          // Redirect to given url with the TDUser Id
          resp.sendRedirect(
              redirect
                  + (redirect.contains("?") ? "&" : "?")
                  + UserConstants.TDUSER_ID
                  + "="
                  + user.getKey().getId()
                  + "&"
                  + UserConstants.API_KEY
                  + "="
                  + URLEncoder.encode(user.getApiKey(), "UTF-8"));
        } catch (Exception e) {
          Logger.getLogger(TAG).error(e.getMessage(), e);
          // Ensure some kind of redirect
          resp.sendRedirect(redirect);
        }
      } else {
        // Create a url
        final String url = TDUserService.getGoogleLoginURL("/api/googleAuth?redirect=" + redirect);
        Logger.getLogger(TAG).info("User not logged in. Sending to Google Auth, URL: " + url);

        // Redirect to that url
        resp.sendRedirect(url);
      }
    } catch (Exception e) {
      e.printStackTrace();
      Logger.getLogger(TAG).error(e.getMessage());
      // Notify of error
      pw.write(APIUtils.generateJSONFailureMessage(e));
    } finally {
      pw.flush();
      pw.close();
    }
  }