/**
   * Deletes a meeting from the database
   *
   * <p>- Requires a cookie for the session user - Requires a meetingId request parameter for the
   * HTTP GET
   *
   * @param req The HTTP Request
   * @param res The HTTP Response
   */
  public void deletemeetingAction(HttpServletRequest req, HttpServletResponse res) {
    // Ensure there is a cookie for the session user
    if (AccountController.redirectIfNoCookie(req, res)) return;

    if (req.getMethod() == HttpMethod.Get) {

      // Get the meeting
      int meetingId = Integer.parseInt(req.getParameter("meetingId"));
      MeetingManager meetingMan = new MeetingManager();
      Meeting meeting = meetingMan.get(meetingId);
      meetingMan.deleteMeeting(meetingId);

      // Update the User Session to remove meeting
      HttpSession session = req.getSession();
      Session userSession = (Session) session.getAttribute("userSession");
      List<Meeting> adminMeetings = userSession.getUser().getMeetings();

      for (int i = 0; i < adminMeetings.size(); i++) {
        Meeting m = adminMeetings.get(i);
        if (m.getId() == meeting.getId()) {
          adminMeetings.remove(i);
          break;
        }
      }

      redirectToLocal(req, res, "/home/dashboard");
      return;

    } else if (req.getMethod() == HttpMethod.Post) {
      httpNotFound(req, res);
    }
  }
  /**
   * Creates a Discussion Post
   *
   * <p>- Requires a cookie for the session user - Requires a comment and threadId request parameter
   * for the POST
   *
   * @param req The HTTP Request
   * @param res The HTTP Response
   */
  public void createPostAction(HttpServletRequest req, HttpServletResponse res) {
    // Ensure there is a cookie for the session user
    if (AccountController.redirectIfNoCookie(req, res)) return;

    Map<String, Object> viewData = new HashMap<>();

    if (req.getMethod() == HttpMethod.Post) {
      DiscussionManager dm = new DiscussionManager();

      HttpSession session = req.getSession();
      Session userSession = (Session) session.getAttribute("userSession");

      // Create the discussion post
      DiscussionPost post = new DiscussionPost();
      post.setUserId(userSession.getUserId());
      post.setMessage(req.getParameter("comment"));
      post.setThreadId(Integer.parseInt(req.getParameter("threadId")));

      dm.createPost(post);

      redirectToLocal(req, res, "/group/discussion/?threadId=" + req.getParameter("threadId"));
    } else {
      httpNotFound(req, res);
    }
  }
  /**
   * Constructor.
   *
   * @param rq request
   * @param rs response
   * @throws IOException I/O exception
   */
  public HTTPContext(final HttpServletRequest rq, final HttpServletResponse rs) throws IOException {

    req = rq;
    res = rs;
    final String m = rq.getMethod();
    method = HTTPMethod.get(m);

    final StringBuilder uri = new StringBuilder(req.getRequestURL());
    final String qs = req.getQueryString();
    if (qs != null) uri.append('?').append(qs);
    log(false, m, uri);

    // set UTF8 as default encoding (can be overwritten)
    res.setCharacterEncoding(UTF8);

    segments = toSegments(req.getPathInfo());
    path = join(0);

    user = System.getProperty(DBUSER);
    pass = System.getProperty(DBPASS);

    // set session-specific credentials
    final String auth = req.getHeader(AUTHORIZATION);
    if (auth != null) {
      final String[] values = auth.split(" ");
      if (values[0].equals(BASIC)) {
        final String[] cred = Base64.decode(values[1]).split(":", 2);
        if (cred.length != 2) throw new LoginException(NOPASSWD);
        user = cred[0];
        pass = cred[1];
      } else {
        throw new LoginException(WHICHAUTH, values[0]);
      }
    }
  }
  /**
   * Displays a Discussion Thread page
   *
   * <p>- Requires a cookie for the session user - Requires a threadId request parameter for the
   * HTTP GET
   *
   * @param req The HTTP Request
   * @param res The HTTP Response
   */
  public void discussionAction(HttpServletRequest req, HttpServletResponse res) {
    // Ensure there is a cookie for the session user
    if (AccountController.redirectIfNoCookie(req, res)) return;

    Map<String, Object> viewData = new HashMap<>();

    if (req.getMethod() == HttpMethod.Get) {

      // Get the thread
      GroupManager gm = new GroupManager();
      int threadId = Integer.parseInt(req.getParameter("threadId"));
      DiscussionManager discussionManager = new DiscussionManager();
      DiscussionThread thread = discussionManager.getThread(threadId);
      thread.setGroup(gm.get(thread.getGroupId()));
      thread.setPosts(discussionManager.getPosts(threadId));

      // get documents for the thread
      DocumentManager docMan = new DocumentManager();
      viewData.put("documents", docMan.getDocumentsForThread(threadId));

      viewData.put("thread", thread);
      viewData.put("title", "Discussion: " + thread.getThreadName());
      view(req, res, "/views/group/DiscussionThread.jsp", viewData);
    } else {
      httpNotFound(req, res);
    }
  }
 public void doGet(HttpServletRequest request, HttpServletResponse response)
     throws ServletException, IOException {
   response.setContentType("text/html");
   PrintWriter out = response.getWriter();
   String title = "Showing Request Headers";
   StringBuilder sb = new StringBuilder();
   sb.append("<html>\n<head>\n");
   sb.append("<title>" + title + "</title>\n");
   sb.append("</head>\n");
   sb.append("<body bgcolor='#FDF5E6'>\n");
   sb.append("<h1 align='center'>" + title + "</h1>\n");
   sb.append("<b> Request Method: </b>" + request.getMethod() + "<br>\n");
   sb.append("<b> Request URI: </b>" + request.getRequestURI() + "<br>\n");
   sb.append("<b> Request Protocol: </b>" + request.getProtocol() + "<br>\n");
   sb.append("<table border=1 align='center'>\n");
   sb.append("<tr bgcolor='#FFAD00'>\n");
   sb.append("<th> Header Name </th><th> Header Value </th></tr>\n");
   Enumeration headerNames = request.getHeaderNames();
   while (headerNames.hasMoreElements()) {
     String headerName = (String) headerNames.nextElement();
     sb.append("<tr><td>" + headerName + "</td>");
     sb.append("<td>" + request.getHeader(headerName) + "</td></tr>\n");
   }
   sb.append("</table>\n");
   sb.append("</body></html>");
   out.println(sb.toString());
   out.close();
 }
 private void serve(
     HttpServletRequest req, HttpServletResponse resp, IHostedSite site, URI[] mappedURIs)
     throws ServletException, IOException {
   for (int i = 0; i < mappedURIs.length; i++) {
     URI uri = mappedURIs[i];
     // Bypass a 404 if any workspace or remote paths remain to be checked.
     boolean failEarlyOn404 = i + 1 < mappedURIs.length;
     if (uri.getScheme() == null) {
       if ("GET".equals(req.getMethod())) { // $NON-NLS-1$
         if (serveOrionFile(req, resp, site, new Path(uri.getPath()), failEarlyOn404)) return;
       } else {
         String message = "Only GET method is supported for workspace paths";
         handleException(
             resp,
             new ServerStatus(
                 IStatus.ERROR,
                 HttpServletResponse.SC_METHOD_NOT_ALLOWED,
                 NLS.bind(message, mappedURIs),
                 null));
       }
     } else {
       if (proxyRemotePath(
           req, new LocationHeaderServletResponseWrapper(req, resp, site), uri, failEarlyOn404))
         return;
     }
   }
 }
  @Test
  public void receiveAnOrder() throws Exception {
    when(request.getMethod()).thenReturn("POST");
    when(request.getRequestURI()).thenReturn("/orders");
    when(request.getParameter("order_code")).thenReturn("1234");
    when(request.getParameter("article_code")).thenReturn("ABCD");
    when(request.getParameter("address")).thenReturn("Some Place");

    ordersController.service();

    assertEquals(1, orders.size());
    assertEquals(new Order("1234", "ABCD", "Some Place"), orders.get(0));
  }
  @Test
  @Ignore
  public void showAllNonShippedOrders() throws Exception {
    orders.add(new Order("a", "b", "c"));
    orders.add(new Order("d", "e", "f"));

    when(request.getMethod()).thenReturn("GET");
    when(request.getRequestURI()).thenReturn("/orders");

    ordersController.service();

    verify(ordersView).show(orders);
  }
  @Test
  @Ignore
  public void shippedOrdersAreNotShown() throws Exception {
    Order shipped = new Order("X");
    Order notShipped = new Order("Y");
    orders.addAll(asList(shipped, notShipped));
    shipped.ship();

    when(request.getMethod()).thenReturn("GET");
    when(request.getRequestURI()).thenReturn("/orders");

    ordersController.service();

    verify(ordersView).show(asList(notShipped));
  }
  @Test
  @Ignore
  public void theControllerWillShipAnOrder() throws Exception {
    Order order = new Order("5555", "_", "_");
    orders.add(order);

    when(request.getMethod()).thenReturn("POST");
    when(request.getRequestURI()).thenReturn("/orders/shipped");
    when(request.getParameter("order_code")).thenReturn("5555");

    ordersController.service();

    assertEquals("controller should set shipped", true, order.isShipped());
    verify(ordersView).refresh();
  }
Example #11
0
  protected void doCommon(HttpServletRequest httpRequest, HttpServletResponse httpResponse) {
    try {
      if (log.isDebugEnabled()) log.debug(HttpUtils.fmtRequest(httpRequest));

      // getRequestURL is the exact string used by the caller in the request.
      // Internally, it's the "request URI" that names the service

      // String requestURL = httpRequest.getRequestURL().toString() ;
      String uri = httpRequest.getRequestURI();

      if (uri.length() > urlLimit) {
        httpResponse.setStatus(HttpServletResponse.SC_REQUEST_URI_TOO_LONG);
        return;
      }

      String serviceURI = chooseServiceURI(uri, httpRequest);
      serviceURI = Service.canonical(serviceURI);

      String sender = httpRequest.getRemoteAddr();
      log.info("[" + sender + "] Service URI = <" + serviceURI + ">");

      // MIME-Type
      String contentType = httpRequest.getContentType();

      //            if ( Joseki.contentSPARQLUpdate.equals(contentType) ||
      //                Joseki.contentSPARQLUpdate_X.equals(contentType) )
      //            {}

      Request request = setupRequest(serviceURI, httpRequest);
      request.setParam(Joseki.VERB, httpRequest.getMethod());

      Response response = new ResponseHttp(request, httpRequest, httpResponse);
      Dispatcher.dispatch(serviceURI, request, response);
    } catch (Exception ex) {
      try {
        log.warn("Internal server error", ex);
        //                httpResponse.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR) ;
        //                httpResponse.flushBuffer() ;
        //                httpResponse.getWriter().close() ;
        httpResponse.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
      } catch (Exception e) {
      }
    }
  }
  /**
   * Removes User from the Group
   *
   * <p>- Requires a cookie for the session user - Requires a groupId request parameter for the HTTP
   * GET
   *
   * @param req The HTTP Request
   * @param res The HTTP Response
   */
  public void leaveAction(HttpServletRequest req, HttpServletResponse res) {
    if (AccountController.redirectIfNoCookie(req, res)) return;

    if (req.getMethod() == HttpMethod.Get) {
      int groupId = Integer.parseInt(req.getParameter("groupId"));

      HttpSession session = req.getSession();
      Session userSession = (Session) session.getAttribute("userSession");
      int userId = userSession.getUser().getId();

      GroupManager groupMan = new GroupManager();
      groupMan.removeMapping(groupId, userId);
      // reload groups into the user
      userSession.getUser().setGroups(groupMan.getAllGroups(userId));

      redirectToLocal(req, res, "/home/dashboard");
      return;

    } else {
      httpNotFound(req, res);
    }
  }
Example #13
0
  /**
   * Constructor.
   *
   * @param rq request
   * @param rs response
   * @param servlet calling servlet instance
   * @throws IOException I/O exception
   */
  public HTTPContext(
      final HttpServletRequest rq, final HttpServletResponse rs, final BaseXServlet servlet)
      throws IOException {

    req = rq;
    res = rs;
    params = new HTTPParams(this);

    method = rq.getMethod();

    final StringBuilder uri = new StringBuilder(req.getRequestURL());
    final String qs = req.getQueryString();
    if (qs != null) uri.append('?').append(qs);
    log('[' + method + "] " + uri, null);

    // set UTF8 as default encoding (can be overwritten)
    res.setCharacterEncoding(UTF8);
    segments = decode(toSegments(req.getPathInfo()));

    // adopt servlet-specific credentials or use global ones
    final GlobalOptions mprop = context().globalopts;
    user = servlet.user != null ? servlet.user : mprop.get(GlobalOptions.USER);
    pass = servlet.pass != null ? servlet.pass : mprop.get(GlobalOptions.PASSWORD);

    // overwrite credentials with session-specific data
    final String auth = req.getHeader(AUTHORIZATION);
    if (auth != null) {
      final String[] values = auth.split(" ");
      if (values[0].equals(BASIC)) {
        final String[] cred = org.basex.util.Base64.decode(values[1]).split(":", 2);
        if (cred.length != 2) throw new LoginException(NOPASSWD);
        user = cred[0];
        pass = cred[1];
      } else {
        throw new LoginException(WHICHAUTH, values[0]);
      }
    }
  }
Example #14
0
  /**
   * Show details about the request
   *
   * @param servlet used to get teh servlet context, may be null
   * @param req the request
   * @return string showing the details of the request.
   */
  public static String showRequestDetail(HttpServlet servlet, HttpServletRequest req) {
    StringBuilder sbuff = new StringBuilder();

    sbuff.append("Request Info\n");
    sbuff.append(" req.getServerName(): ").append(req.getServerName()).append("\n");
    sbuff.append(" req.getServerPort(): ").append(req.getServerPort()).append("\n");
    sbuff.append(" req.getContextPath:").append(req.getContextPath()).append("\n");
    sbuff.append(" req.getServletPath:").append(req.getServletPath()).append("\n");
    sbuff.append(" req.getPathInfo:").append(req.getPathInfo()).append("\n");
    sbuff.append(" req.getQueryString:").append(req.getQueryString()).append("\n");
    sbuff
        .append(" getQueryStringDecoded:")
        .append(EscapeStrings.urlDecode(req.getQueryString()))
        .append("\n");
    /*try {
      sbuff.append(" getQueryStringDecoded:").append(URLDecoder.decode(req.getQueryString(), "UTF-8")).append("\n");
    } catch (UnsupportedEncodingException e1) {
      e1.printStackTrace();
    }*/
    sbuff.append(" req.getRequestURI:").append(req.getRequestURI()).append("\n");
    sbuff.append(" getRequestBase:").append(getRequestBase(req)).append("\n");
    sbuff.append(" getRequestServer:").append(getRequestServer(req)).append("\n");
    sbuff.append(" getRequest:").append(getRequest(req)).append("\n");
    sbuff.append("\n");

    sbuff.append(" req.getPathTranslated:").append(req.getPathTranslated()).append("\n");
    String path = req.getPathTranslated();
    if ((path != null) && (servlet != null)) {
      ServletContext context = servlet.getServletContext();
      sbuff.append(" getMimeType:").append(context.getMimeType(path)).append("\n");
    }
    sbuff.append("\n");
    sbuff.append(" req.getScheme:").append(req.getScheme()).append("\n");
    sbuff.append(" req.getProtocol:").append(req.getProtocol()).append("\n");
    sbuff.append(" req.getMethod:").append(req.getMethod()).append("\n");
    sbuff.append("\n");
    sbuff.append(" req.getContentType:").append(req.getContentType()).append("\n");
    sbuff.append(" req.getContentLength:").append(req.getContentLength()).append("\n");

    sbuff.append(" req.getRemoteAddr():").append(req.getRemoteAddr());
    try {
      sbuff
          .append(" getRemoteHost():")
          .append(java.net.InetAddress.getByName(req.getRemoteHost()).getHostName())
          .append("\n");
    } catch (java.net.UnknownHostException e) {
      sbuff.append(" getRemoteHost():").append(e.getMessage()).append("\n");
    }
    sbuff.append(" getRemoteUser():").append(req.getRemoteUser()).append("\n");

    sbuff.append("\n");
    sbuff.append("Request Parameters:\n");
    Enumeration params = req.getParameterNames();
    while (params.hasMoreElements()) {
      String name = (String) params.nextElement();
      String values[] = req.getParameterValues(name);
      if (values != null) {
        for (int i = 0; i < values.length; i++) {
          sbuff
              .append("  ")
              .append(name)
              .append("  (")
              .append(i)
              .append("): ")
              .append(values[i])
              .append("\n");
        }
      }
    }
    sbuff.append("\n");

    sbuff.append("Request Headers:\n");
    Enumeration names = req.getHeaderNames();
    while (names.hasMoreElements()) {
      String name = (String) names.nextElement();
      Enumeration values = req.getHeaders(name); // support multiple values
      if (values != null) {
        while (values.hasMoreElements()) {
          String value = (String) values.nextElement();
          sbuff.append("  ").append(name).append(": ").append(value).append("\n");
        }
      }
    }
    sbuff.append(" ------------------\n");

    return sbuff.toString();
  }
  public void doGet(HttpServletRequest request, HttpServletResponse response)
      throws IOException, ServletException {
    response.setContentType("text/html");

    PrintWriter out = response.getWriter();
    out.println("<html>");
    out.println("<body>");
    out.println("<head>");

    String title = rb.getString("requestinfo.title");
    out.println("<title>" + title + "</title>");
    out.println("</head>");
    out.println("<body bgcolor=\"white\">");

    // img stuff not req'd for source code html showing
    // all links relative!

    // XXX
    // making these absolute till we work out the
    // addition of a PathInfo issue

    out.println("<a href=\"../reqinfo.html\">");
    out.println(
        "<img src=\"../images/code.gif\" height=24 "
            + "width=24 align=right border=0 alt=\"view code\"></a>");
    out.println("<a href=\"../index.html\">");
    out.println(
        "<img src=\"../images/return.gif\" height=24 "
            + "width=24 align=right border=0 alt=\"return\"></a>");

    out.println("<h3>" + title + "</h3>");
    out.println("<table border=0><tr><td>");
    out.println(rb.getString("requestinfo.label.method"));
    out.println("</td><td>");
    out.println(request.getMethod());
    out.println("</td></tr><tr><td>");
    out.println(rb.getString("requestinfo.label.requesturi"));
    out.println("</td><td>");
    out.println(HTMLFilter.filter(request.getRequestURI()));
    out.println("</td></tr><tr><td>");
    out.println(rb.getString("requestinfo.label.protocol"));
    out.println("</td><td>");
    out.println(request.getProtocol());
    out.println("</td></tr><tr><td>");
    out.println(rb.getString("requestinfo.label.pathinfo"));
    out.println("</td><td>");
    out.println(HTMLFilter.filter(request.getPathInfo()));
    out.println("</td></tr><tr><td>");
    out.println(rb.getString("requestinfo.label.remoteaddr"));

    String cipherSuite = (String) request.getAttribute("javax.servlet.request.cipher_suite");
    out.println("</td><td>");
    out.println(request.getRemoteAddr());
    out.println("</table>");

    if (cipherSuite != null) {
      out.println("</td></tr><tr><td>");
      out.println("SSLCipherSuite:");
      out.println("</td>");
      out.println("<td>");
      out.println(request.getAttribute("javax.servlet.request.cipher_suite"));
      out.println("</td>");
    }
  }
  /**
   * Displays a given Meeting page for a HTTP Get, or creates a new Meeting for a HTTP Post
   *
   * <p>- Requires a cookie for the session user - Requires a meetingId request parameter for a GET
   * - Requires description, createdByUserId, datepicker, meetingTime, groupId request parameters
   * for a POST
   *
   * @param req The HTTP Request
   * @param res The HTTP Response
   */
  public void meetingAction(HttpServletRequest req, HttpServletResponse res) {
    // Ensure there is a cookie for the session user
    if (AccountController.redirectIfNoCookie(req, res)) return;

    Map<String, Object> viewData = new HashMap<String, Object>();
    viewData.put("title", "Meeting");

    // Initialise Manager connections
    MeetingManager meetingMan = new MeetingManager();
    GroupManager groupMan = new GroupManager();

    if (req.getMethod() == HttpMethod.Get) {
      // Get request parameter
      int meetingId = Integer.parseInt(req.getParameter("meetingId"));
      Meeting meeting = meetingMan.get(meetingId);

      if (meeting != null) {

        List<User> meetingUsers = groupMan.getGroupUsers(meeting.getGroupId());
        viewData.put("meetingUsers", meetingUsers);
        viewData.put("meeting", meeting);
        view(req, res, "/views/group/Meeting.jsp", viewData);

      } else {
        httpNotFound(req, res);
      }
    } else if (req.getMethod() == HttpMethod.Post) {

      // Get details from request
      String description = req.getParameter("description");
      int createdByUserId = Integer.parseInt(req.getParameter("createdByUserId"));
      Date dateCreated = new Date();

      String meetingDate = req.getParameter("datepicker");
      String meetingTime = req.getParameter("meetingTime");

      // Parse meeting date time details
      DateFormat format = new SimpleDateFormat("MM/dd/yyyy HH:mm");
      Date dateDue = new Date();
      try {
        dateDue = format.parse(meetingDate + " " + meetingTime);
      } catch (ParseException e) {
        // Unable to parse date. This shouldn't happen since we are
        // performing javascript validation.
      }

      int groupId = Integer.parseInt(req.getParameter("groupId"));

      // Create a Meeting
      Meeting meeting = new Meeting();
      meeting.setDescription(description);
      meeting.setCreatedByUserId(createdByUserId);
      meeting.setDateCreated(dateCreated);
      meeting.setDateDue(dateDue);
      meeting.setGroupId(groupId);

      meetingMan.createMeeting(meeting);
      int meetingId = meetingMan.getIdFor(meeting);
      meeting.setId(meetingId);

      UserManager userMan = new UserManager();
      User createdByUser = userMan.get(createdByUserId);

      // Create a notification for all users in group
      NotificationManager notificationMan = new NotificationManager();
      List<User> users = groupMan.getGroupUsers(groupId);

      for (User u : users) {
        Notification notification =
            new Notification(
                u.getId(),
                u,
                groupId,
                null,
                "Meeting " + description + " was created by " + createdByUser.getFullName(),
                "/group/meeting?meetingId=" + meetingId);
        notificationMan.createNotification(notification);
      }

      // Update the User Session to show new meeting
      HttpSession session = req.getSession();
      Session userSession = (Session) session.getAttribute("userSession");
      User admin = userSession.getUser();
      admin.getMeetings().add(meeting);

      // Show meeting page
      viewData.put("meetingUsers", users);
      viewData.put("meeting", meeting);
      view(req, res, "/views/group/Meeting.jsp", viewData);
    }
  }
  /**
   * Displays the Create Discussion page for a HTTP Get, or creates a Discussion Thread for a HTTP
   * Post
   *
   * <p>- Requires a cookie for the session user - Requires a groupId request parameter for a GET -
   * Requires a groupId and threadName request parameter for a POST - Requires a document request
   * part for a POST
   *
   * @param req The HTTP Request
   * @param res The HTTP Response
   */
  public void createDiscussionAction(HttpServletRequest req, HttpServletResponse res) {
    // Ensure there is a cookie for the session user
    if (AccountController.redirectIfNoCookie(req, res)) return;

    Map<String, Object> viewData = new HashMap<>();

    if (req.getMethod() == HttpMethod.Get) {
      viewData.put("title", "Create Discussion");
      viewData.put("groupId", req.getParameter("groupId"));

      view(req, res, "/views/group/CreateDiscussion.jsp", viewData);
      return;
    } else if (req.getMethod() == HttpMethod.Post) {
      // save discussion
      GroupManager groupMan = new GroupManager();
      DiscussionThread thread = new DiscussionThread();
      int groupId = Integer.parseInt(req.getParameter("groupId"));
      thread.setGroupId(groupId);
      thread.setGroup(groupMan.get(groupId));
      thread.setThreadName(req.getParameter("threadName"));

      DiscussionManager dm = new DiscussionManager();
      dm.createDiscussion(thread);

      try {
        Part documentPart = req.getPart("document");

        // if we have a document to upload
        if (documentPart.getSize() > 0) {
          String uuid = DocumentController.saveDocument(this.getServletContext(), documentPart);
          Document doc = new Document();
          doc.setDocumentName(getFileName(documentPart));
          doc.setDocumentPath(uuid);
          doc.setVersionNumber(1);
          doc.setThreadId(thread.getId());
          doc.setGroupId(thread.getGroupId());

          DocumentManager docMan = new DocumentManager();
          docMan.createDocument(doc);

          // Get uploading User
          HttpSession session = req.getSession();
          Session userSession = (Session) session.getAttribute("userSession");
          User uploader = userSession.getUser();

          // Create a notification to all in the group
          NotificationManager notificationMan = new NotificationManager();
          groupMan = new GroupManager();
          List<User> groupUsers = groupMan.getGroupUsers(groupId);

          for (User u : groupUsers) {
            Notification notification =
                new Notification(
                    u.getId(),
                    u,
                    groupId,
                    null,
                    "User " + uploader.getFullName() + " has uploaded a document",
                    "/document/document?documentId=" + doc.getId());

            notificationMan.createNotification(notification);
          }
        }
      } catch (Exception e) {
        logger.log(Level.SEVERE, "Document save error", e);
      }

      redirectToLocal(req, res, "/group/discussion/?threadId=" + thread.getId());
      return;
    }
    httpNotFound(req, res);
  }
Example #18
0
    public Writer getErrorReport(
        Writer to, final HttpServletRequest request, CharTransformer escape) throws IOException {
      final Writer logMsg = new StringWriter();
      final Writer tee = new org.mmbase.util.ChainedWriter(to, logMsg);
      Writer msg = tee;

      LinkedList<Throwable> stack = getStack();
      String ticket = new Date().toString();

      Map<String, String> props;
      try {
        props = org.mmbase.util.ApplicationContextReader.getProperties("mmbase_errorpage");
      } catch (javax.naming.NamingException ne) {
        props = Collections.emptyMap();
        log.info(ne);
      }

      if (request != null) {
        {
          msg.append("Headers\n----------\n");
          // request properties
          for (Object name : Collections.list(request.getHeaderNames())) {
            msg.append(
                escape.transform(
                    name + ": " + escape.transform(request.getHeader((String) name)) + "\n"));
          }
        }
        {
          msg.append("\nAttributes\n----------\n");
          Pattern p = requestIgnore;
          if (p == null && props.get("request_ignore") != null) {
            p = Pattern.compile(props.get("request_ignore"));
          }
          for (Object name : Collections.list(request.getAttributeNames())) {
            if (p == null || !p.matcher((String) name).matches()) {
              msg.append(
                  escape.transform(name + ": " + request.getAttribute((String) name) + "\n"));
            }
          }
        }
        if (Boolean.TRUE.equals(showSession)
            || (showSession == null && !"false".equals(props.get("show_session")))) {
          HttpSession ses = request.getSession(false);
          if (ses != null) {
            msg.append("\nSession\n----------\n");
            Pattern p = sessionIgnore;
            if (p == null && props.get("session_ignore") != null) {
              p = Pattern.compile(props.get("session_ignore"));
            }
            for (Object name : Collections.list(ses.getAttributeNames())) {
              if (p == null || !p.matcher((String) name).matches()) {
                msg.append(escape.transform(name + ": " + ses.getAttribute((String) name) + "\n"));
              }
            }
          }
        }
      }
      msg.append("\n");
      msg.append("Misc. properties\n----------\n");

      if (request != null) {
        msg.append("method: ").append(escape.transform(request.getMethod())).append("\n");
        msg.append("querystring: ").append(escape.transform(request.getQueryString())).append("\n");
        msg.append("requesturl: ")
            .append(escape.transform(request.getRequestURL().toString()))
            .append("\n");
      }
      if (Boolean.TRUE.equals(showMMBaseVersion)
          || (showMMBaseVersion == null && !"false".equals(props.get("show_mmbase_version")))) {
        msg.append("mmbase version: ").append(org.mmbase.Version.get()).append("\n");
      }
      msg.append("status: ").append("").append(String.valueOf(status)).append("\n\n");

      if (request != null) {
        msg.append("Parameters\n----------\n");
        // request parameters
        Enumeration en = request.getParameterNames();
        while (en.hasMoreElements()) {
          String name = (String) en.nextElement();
          msg.append(name)
              .append(": ")
              .append(escape.transform(request.getParameter(name)))
              .append("\n");
        }
      }
      msg.append("\nException ")
          .append(ticket)
          .append("\n----------\n\n")
          .append(
              exception != null
                  ? (escape.transform(exception.getClass().getName()))
                  : "NO EXCEPTION")
          .append(": ");

      int wroteCauses = 0;
      while (!stack.isEmpty()) {

        Throwable t = stack.removeFirst();
        // add stack stacktraces
        if (t != null) {
          if (stack.isEmpty()) { // write last message always
            msg = tee;
          }
          String message = t.getMessage();
          if (msg != tee) {
            to.append("\n=== skipped(see log)  : ")
                .append(escape.transform(t.getClass().getName()))
                .append(": ")
                .append(message)
                .append("\n");
          }

          msg.append("\n\n").append(escape.transform(t.getClass().getName() + ": " + message));
          StackTraceElement[] stackTrace = t.getStackTrace();
          for (StackTraceElement e : stackTrace) {
            msg.append("\n        at ").append(escape.transform(e.toString()));
          }
          if (!stack.isEmpty()) {
            msg.append("\n-------caused:\n");
          }
          wroteCauses++;
          if (wroteCauses >= MAX_CAUSES) {
            msg = logMsg;
          }
        }
      }
      // write errors to  log
      if (status == 500) {
        try {
          if (props.get("to") != null && props.get("to").length() > 0) {
            javax.naming.Context initCtx = new javax.naming.InitialContext();
            javax.naming.Context envCtx = (javax.naming.Context) initCtx.lookup("java:comp/env");
            Object mailSession = envCtx.lookup("mail/Session");
            Class sessionClass = Class.forName("javax.mail.Session");
            Class recipientTypeClass = Class.forName("javax.mail.Message$RecipientType");
            Class messageClass = Class.forName("javax.mail.internet.MimeMessage");
            Object mail = messageClass.getConstructor(sessionClass).newInstance(mailSession);
            messageClass
                .getMethod("addRecipients", recipientTypeClass, String.class)
                .invoke(mail, recipientTypeClass.getDeclaredField("TO").get(null), props.get("to"));
            messageClass.getMethod("setSubject", String.class).invoke(mail, ticket);
            mail.getClass().getMethod("setText", String.class).invoke(mail, logMsg.toString());
            Class.forName("javax.mail.Transport")
                .getMethod("send", Class.forName("javax.mail.Message"))
                .invoke(null, mail);
            tee.append("\nmailed to (").append(String.valueOf(props)).append(")");
          }

        } catch (Exception nnfe) {
          tee.append("\nnot mailed (").append(String.valueOf(nnfe)).append(")");
          if (log.isDebugEnabled()) {
            log.debug(nnfe.getMessage(), nnfe);
          }
        }
        log.error("TICKET " + ticket + ":\n" + logMsg);
      }
      return to;
    }
  /**
   * Displays a given Research Group page for a HTTP Get, or creates a new Group for a HTTP Post
   *
   * <p>- Requires a cookie for the session user - Requires a groupId request parameter for a GET -
   * Requires a groupName, description, createdByUserId request parameters for a POST
   *
   * @param req The HTTP Request
   * @param res The HTTP Response
   */
  public void researchgroupAction(HttpServletRequest req, HttpServletResponse res) {
    // Ensure there is a cookie for the session user
    if (AccountController.redirectIfNoCookie(req, res)) return;

    Map<String, Object> viewData = new HashMap<String, Object>();
    viewData.put("title", "Research Group");

    if (req.getMethod() == HttpMethod.Get) {
      // Load group data into Map
      GroupManager gm = new GroupManager();
      int groupId = Integer.parseInt(req.getParameter("groupId"));
      Group group = gm.get(groupId);

      if (group != null) {
        // Load Group into map
        viewData.put("group", group);

        // Load group members into Map
        List<String> groupMembers = gm.getGroupMembers(groupId);
        viewData.put("groupMembers", groupMembers);

        // Load meetings into map
        MeetingManager meetMan = new MeetingManager();
        List<Meeting> groupMeetings = meetMan.getGroupMeetings(groupId);
        viewData.put("groupMeetings", groupMeetings);

        // Load Document Data into Map
        DocumentManager docMan = new DocumentManager();
        List<Document> groupDocuments = docMan.getGroupDocuments(groupId);
        viewData.put("groupDocuments", groupDocuments);

        // Load discussion threads
        DiscussionManager dm = new DiscussionManager();
        viewData.put("groupDiscussions", dm.getThreads(groupId));

        // Check if the user is a member
        boolean isMember = false;
        HttpSession session = req.getSession();
        Session userSession = (Session) session.getAttribute("userSession");
        User user = userSession.getUser();

        for (Group g : gm.getAllGroups(user.getId())) {
          if (g.getId() == group.getId()) {
            isMember = true;
            break;
          }
        }

        viewData.put("notMember", !isMember);

        // View group page.
        view(req, res, "/views/group/ResearchGroup.jsp", viewData);

      } else {
        httpNotFound(req, res);
      }

    } else if (req.getMethod() == HttpMethod.Post) {
      // Create Group

      // Get data from parameters
      String groupName = req.getParameter("groupName");
      String description = req.getParameter("description");
      int adminId = Integer.parseInt(req.getParameter("createdByUserId"));

      // Create the Group
      GroupManager groupMan = new GroupManager();
      Group group = new Group();
      group.setGroupName(groupName);
      group.setDescription(description);
      group.setCoordinatorId(adminId);
      // Create the mapping
      groupMan.createGroup(group);
      int groupId = groupMan.getIdFor(group);
      groupMan.createMapping(groupId, adminId);

      group.setId(groupId);

      // Update the User Session to show new group
      HttpSession session = req.getSession();
      Session userSession = (Session) session.getAttribute("userSession");
      User admin = userSession.getUser();
      admin.getGroups().add(group);

      // Show the Group Page
      viewData.put("groupName", group.getGroupName());
      List<String> groupMembers = groupMan.getGroupMembers(groupId);
      viewData.put("groupMembers", groupMembers);

      view(req, res, "/views/group/ResearchGroup.jsp", viewData);
    }
  }
Example #20
0
  protected void doPost(HttpServletRequest req, HttpServletResponse res)
      throws ServletException, IOException {
    try {
      // A good request looks like /mljam/contextid/verb?name=varname
      // The extra path info includes the context id and verb
      String extra = req.getPathInfo(); // "/contextid/verb"
      if (extra == null || extra.equals("")) {
        throw new ClientProblemException(
            "Request requires a context id and verb in its extra path info");
      }
      String[] parts = extra.split("/"); // { "", "contextid", "verb" }
      if (parts.length < 2) {
        throw new ClientProblemException(
            "Request requires a context id and verb in its extra path info");
      } else if (parts.length < 3) {
        throw new ClientProblemException("Request requires a verb in its extra path info");
      }

      String contextId = parts[1];
      String verb = parts[2];
      String method = req.getMethod();

      if (method.equalsIgnoreCase("get")) {

        // We have three GET verbs: get, get-stdout, get-stderr.
        // These are all idempotent, while the POST verbs aren't.  The get
        // verb accept a "name" query string parameter.  The get verb returns
        // either XQuery to evaluate (indicated by x-marklogic/xquery content type)
        // or a raw binary (indicated by an application/binary-encoded content type).

        if (verb.equalsIgnoreCase("get")) {
          String name = req.getParameter("name");
          if (name == null || name.equals("")) {
            throw new ClientProblemException("The get verb requires a name parameter");
          }
          Interpreter i = getInterpreter(contextId);
          Object o = i.get(name);
          if (o instanceof byte[]) {
            sendBinaryResponse(res, (byte[]) o);
          } else if (o instanceof String) {
            sendStringResponse(res, (String) o);
          } else {
            sendXQueryResponse(res, o);
          }
        } else if (verb.equalsIgnoreCase("get-stdout")) {
          Interpreter i = getInterpreter(contextId);
          i.getOut().flush();
          CircularByteArrayOutputStream circ = (CircularByteArrayOutputStream) i.get("mljamout");
          if (circ != null) {
            sendStringResponse(res, circ.toString());
            circ.reset();
          } else {
            throw new ServerProblemException("Could not fetch mljamout from interpreter context");
          }
        } else if (verb.equalsIgnoreCase("get-stderr")) {
          Interpreter i = getInterpreter(contextId);
          i.getErr().flush();
          CircularByteArrayOutputStream circ = (CircularByteArrayOutputStream) i.get("mljamerr");
          if (circ != null) {
            sendStringResponse(res, circ.toString());
            circ.reset();
          } else {
            throw new ServerProblemException("Could not fetch mljamerr from interpreter context");
          }
        } else {
          throw new ClientProblemException("Unrecognized GET verb: " + verb);
        }
      } else if (method.equalsIgnoreCase("post")) {
        // We have six POST verbs: eval, unset, end, source, set-string, and set-binary.
        // These are POST verbs because they aren't idempotent.
        // The set-string, set-binary, unset, and source verbs accept a "name"
        // query string parameter.  The set-string and set-binary verbs accept
        // a value in their post body.  The eval verb accepts code in its post body.

        if (verb.equalsIgnoreCase("set-string")) {
          String name = req.getParameter("name");
          if (name == null || name.equals("")) {
            throw new ClientProblemException("The set-string verb requires a name parameter");
          }
          String body = getBody(req); // a value of "" is legit
          Interpreter i = getInterpreter(contextId);
          i.unset(name);
          i.set(name, body);
          sendNoResponse(res);
        } else if (verb.equalsIgnoreCase("set-binary")) {
          String name = req.getParameter("name");
          if (name == null || name.equals("")) {
            throw new ClientProblemException("The set-binary verb requires a name parameter");
          }
          String body = getBody(req); // a value of "" is legit
          byte[] bodyBytes = hexDecode(body); // later could do this streaming for speed
          Interpreter i = getInterpreter(contextId);
          i.unset(name);
          i.set(name, bodyBytes);
          sendNoResponse(res);
        } else if (verb.equalsIgnoreCase("eval")) {
          String body = getBody(req);
          if (body == null || body.equals("")) {
            throw new ClientProblemException(
                "The eval verb requires a post body containing code to eval");
          }
          Interpreter i = getInterpreter(contextId);
          i.eval(body);
          sendNoResponse(res);
        } else if (verb.equalsIgnoreCase("eval-get")) {
          String body = getBody(req);
          if (body == null || body.equals("")) {
            throw new ClientProblemException(
                "The eval-get verb requires a post body containing code to eval");
          }
          Interpreter i = getInterpreter(contextId);
          Object o = i.eval(body);
          if (o instanceof byte[]) {
            sendBinaryResponse(res, (byte[]) o);
          } else if (o instanceof String) {
            sendStringResponse(res, (String) o);
          } else {
            sendXQueryResponse(res, o);
          }
        } else if (verb.equalsIgnoreCase("unset")) {
          String name = req.getParameter("name");
          if (name == null || name.equals("")) {
            throw new ClientProblemException("The unset verb requires a name parameter");
          }
          Interpreter i = getInterpreter(contextId);
          i.unset(name);
          sendNoResponse(res);
        } else if (verb.equalsIgnoreCase("end")) {
          endInterpreter(contextId);
          sendNoResponse(res);
        } else if (verb.equalsIgnoreCase("source")) {
          String name = req.getParameter("name");
          if (name == null || name.equals("")) {
            throw new ClientProblemException("The source verb requires a name parameter");
          }
          Interpreter i = getInterpreter(contextId);
          i.source(name);
          sendNoResponse(res);
        } else {
          throw new ClientProblemException("Unrecognized POST verb: " + verb);
        }
      }
    } catch (TargetError e) {
      Throwable target = e.getTarget();
      Log.log(e);
      Log.log("Target: " + target);
      sendServerProblemResponse(
          res,
          target.getClass().getName()
              + ": "
              + target.getMessage()
              + " when executing Java code: "
              + e.getErrorText()); // include full trace?
    } catch (EvalError e) {
      Log.log(e);
      sendServerProblemResponse(
          res, e.getClass().getName() + ": " + e.getMessage()); // include full trace?
    } catch (ClientProblemException e) {
      Log.log(e);
      sendClientProblemResponse(res, e.getMessage());
    } catch (ServerProblemException e) {
      Log.log(e);
      sendServerProblemResponse(res, e.getMessage());
    }
  }
 public boolean isProtectedPageAndMethod(HttpServletRequest request) {
   return isProtectedPageAndMethod(request.getRequestURI(), request.getMethod());
 }
Example #22
0
  /**
   * Write a file to the response stream. Handles Range requests.
   *
   * @param req request
   * @param res response
   * @param file must exists and not be a directory
   * @param contentType must not be null
   * @throws IOException or error
   */
  public static void returnFile(
      HttpServletRequest req, HttpServletResponse res, File file, String contentType)
      throws IOException {
    res.setContentType(contentType);

    // see if its a Range Request
    boolean isRangeRequest = false;
    long startPos = 0, endPos = Long.MAX_VALUE;
    String rangeRequest = req.getHeader("Range");
    if (rangeRequest != null) { // bytes=12-34 or bytes=12-
      int pos = rangeRequest.indexOf("=");
      if (pos > 0) {
        int pos2 = rangeRequest.indexOf("-");
        if (pos2 > 0) {
          String startString = rangeRequest.substring(pos + 1, pos2);
          String endString = rangeRequest.substring(pos2 + 1);
          startPos = Long.parseLong(startString);
          if (endString.length() > 0) endPos = Long.parseLong(endString) + 1;
          isRangeRequest = true;
        }
      }
    }

    // set content length
    long fileSize = file.length();
    long contentLength = fileSize;
    if (isRangeRequest) {
      endPos = Math.min(endPos, fileSize);
      contentLength = endPos - startPos;
    }

    if (contentLength > Integer.MAX_VALUE)
      res.addHeader(
          "Content-Length", Long.toString(contentLength)); // allow content length > MAX_INT
    else res.setContentLength((int) contentLength); // note HEAD only allows this

    String filename = file.getPath();
    boolean debugRequest = Debug.isSet("returnFile");
    if (debugRequest)
      log.debug(
          "returnFile(): filename = "
              + filename
              + " contentType = "
              + contentType
              + " contentLength = "
              + contentLength);

    // indicate we allow Range Requests
    res.addHeader("Accept-Ranges", "bytes");

    if (req.getMethod().equals("HEAD")) {
      log.info(
          "returnFile(): "
              + UsageLog.closingMessageForRequestContext(HttpServletResponse.SC_OK, 0));
      return;
    }

    try {

      if (isRangeRequest) {
        // set before content is sent
        res.addHeader("Content-Range", "bytes " + startPos + "-" + (endPos - 1) + "/" + fileSize);
        res.setStatus(HttpServletResponse.SC_PARTIAL_CONTENT);

        FileCacheRaf.Raf craf = null;
        try {
          craf = fileCacheRaf.acquire(filename);
          IO.copyRafB(
              craf.getRaf(), startPos, contentLength, res.getOutputStream(), new byte[60000]);
          log.info(
              "returnFile(): "
                  + UsageLog.closingMessageForRequestContext(
                      HttpServletResponse.SC_PARTIAL_CONTENT, contentLength));
          return;
        } finally {
          if (craf != null) fileCacheRaf.release(craf);
        }
      }

      // Return the file
      ServletOutputStream out = res.getOutputStream();
      IO.copyFileB(file, out, 60000);
      res.flushBuffer();
      out.close();
      if (debugRequest) log.debug("returnFile(): returnFile ok = " + filename);
      log.info(
          "returnFile(): "
              + UsageLog.closingMessageForRequestContext(HttpServletResponse.SC_OK, contentLength));
    }

    // @todo Split up this exception handling: those from file access vs those from dealing with
    // response
    //       File access: catch and res.sendError()
    //       response: don't catch (let bubble up out of doGet() etc)
    catch (FileNotFoundException e) {
      log.error("returnFile(): FileNotFoundException= " + filename);
      log.info(
          "returnFile(): "
              + UsageLog.closingMessageForRequestContext(HttpServletResponse.SC_NOT_FOUND, 0));
      if (!res.isCommitted()) res.sendError(HttpServletResponse.SC_NOT_FOUND);
    } catch (java.net.SocketException e) {
      log.info("returnFile(): SocketException sending file: " + filename + " " + e.getMessage());
      log.info("returnFile(): " + UsageLog.closingMessageForRequestContext(STATUS_CLIENT_ABORT, 0));
    } catch (IOException e) {
      String eName =
          e.getClass().getName(); // dont want compile time dependency on ClientAbortException
      if (eName.equals("org.apache.catalina.connector.ClientAbortException")) {
        log.info(
            "returnFile(): ClientAbortException while sending file: "
                + filename
                + " "
                + e.getMessage());
        log.info(
            "returnFile(): " + UsageLog.closingMessageForRequestContext(STATUS_CLIENT_ABORT, 0));
        return;
      }

      log.error("returnFile(): IOException (" + e.getClass().getName() + ") sending file ", e);
      log.error(
          "returnFile(): "
              + UsageLog.closingMessageForRequestContext(HttpServletResponse.SC_NOT_FOUND, 0));
      if (!res.isCommitted())
        res.sendError(HttpServletResponse.SC_NOT_FOUND, "Problem sending file: " + e.getMessage());
    }
  }
Example #23
0
 /**
  * Constructor.
  *
  * @param r HTTP servlet request
  */
 BXServletRequest(final HttpServletRequest r) {
   req = r;
   method = Method.valueOf(r.getMethod());
   url = r.getRequestURL().toString(); // MiltonUtils.stripContext(r);
   REQUEST.set(r);
 }