/**
* Returns whether user is allowed to edit the entity if he created the entity
*
* @param <T> any object that extends TDPersistable
* @param tdUser logged in user
* @param t instance of T
* @return
*/
@SuppressWarnings("unchecked")
public static <T extends TDPersistable> boolean isAccessible(Long id, T t) {
boolean isAccessAllowed = true;
try {
TDUser tdUser = TDUserService.getUser();
if (id != null && null != tdUser && tdUser.getRole() == TDUserRole.ROLE_STANDARD) {
try {
T returnValT = (T) Datastore.get(KeyFactory.createKey(t.getClass().getSimpleName(), id));
if (returnValT != null) {
if (returnValT.getCreator().getId() != Long.valueOf(tdUser.getKey().getId())) {
isAccessAllowed = false;
}
}
} catch (JDOObjectNotFoundException jdoe) {
isAccessAllowed = false;
} catch (Exception e) {
isAccessAllowed = false;
}
}
return isAccessAllowed;
} catch (UserNotLoggedInException e) {
return false;
} catch (UserNotFoundException e) {
return false;
}
}
/**
* Handles both a POST and a GET <br>
* Note: This is required as the POST will come from a Mobile User, where as the GET will occur on
* redirect from Google Auth
*
* @param req - the request
* @param resp - the response
* @throws ServletException
* @throws IOException
*/
private void doLogic(HttpServletRequest req, HttpServletResponse resp)
throws ServletException, IOException {
// Get Writer
final PrintWriter pw = resp.getWriter();
try {
// Get redirection url
final String redirect = req.getParameter(APIConstants.REDIRECT);
Logger.getLogger(TAG).info("Final Redirection is: " + redirect);
// If login was successful (or user is already logged in)
if (TDUserService.isGoogleUser(req)) {
Logger.getLogger(TAG).info("User logged in, redirecting to: " + redirect);
try {
TDUser user = null;
try {
// Get the user
user = TDUserService.getUser(req.getSession());
} catch (Exception e) {
Logger.getLogger(TAG).info(e.getMessage() + " means no user.");
}
if (null == user) {
Logger.getLogger(TAG).info("No user exists, creating a new user");
final User gUser = UserServiceFactory.getUserService().getCurrentUser();
final String nickname =
(null != gUser.getNickname()
&& !gUser.getNickname().isEmpty()
&& gUser.getNickname().indexOf("@") >= 0
? (gUser.getNickname().substring(0, gUser.getNickname().indexOf("@")))
: gUser.getEmail());
user = new TDUser(gUser, nickname, gUser.getEmail());
Datastore.put(user);
} else {
Logger.getLogger(TAG).info("User " + user.getKey() + " found.");
}
Logger.getLogger(TAG).info("User's API Key is: " + user.getApiKey());
// Redirect to given url with the TDUser Id
resp.sendRedirect(
redirect
+ (redirect.contains("?") ? "&" : "?")
+ UserConstants.TDUSER_ID
+ "="
+ user.getKey().getId()
+ "&"
+ UserConstants.API_KEY
+ "="
+ URLEncoder.encode(user.getApiKey(), "UTF-8"));
} catch (Exception e) {
Logger.getLogger(TAG).error(e.getMessage(), e);
// Ensure some kind of redirect
resp.sendRedirect(redirect);
}
} else {
// Create a url
final String url = TDUserService.getGoogleLoginURL("/api/googleAuth?redirect=" + redirect);
Logger.getLogger(TAG).info("User not logged in. Sending to Google Auth, URL: " + url);
// Redirect to that url
resp.sendRedirect(url);
}
} catch (Exception e) {
e.printStackTrace();
Logger.getLogger(TAG).error(e.getMessage());
// Notify of error
pw.write(APIUtils.generateJSONFailureMessage(e));
} finally {
pw.flush();
pw.close();
}
}
