public JSONObject deleteQuestion(JSONRPC2Request req, HttpServletRequest request)
throws JSONRPC2Error, Exception {
// create json object for the result
JSONObject jsonDeleteQuestion = new JSONObject();
// get question id
Map<String, Object> params = req.getNamedParams();
NamedParamsRetriever np = new NamedParamsRetriever(params);
Map<String, Object> qParams = np.getMap("question");
NamedParamsRetriever questionNp = new NamedParamsRetriever(qParams);
int questionId = questionNp.getInt("id");
int qOwnwerId = questionNp.getInt("ownerId");
User u = getCurrentUser(request);
// check for user privilleges
if (u.getId() == qOwnwerId) {
// remove question from database
QuestionController.deleteQuestion(questionId);
// send result
return jsonDeleteQuestion;
} else {
System.out.println("current user id: " + u.getId());
System.out.println("question owner id: " + qOwnwerId);
throw new Exception("no privileges");
}
}
public JSONObject updateQuestion(JSONRPC2Request req, HttpServletRequest request)
throws JSONRPC2Error, Exception {
JSONObject jsonUpdateQuestion = new JSONObject();
// get question
Map<String, Object> params = req.getNamedParams();
NamedParamsRetriever np = new NamedParamsRetriever(params);
Map<String, Object> qParams = np.getMap("question");
NamedParamsRetriever questionNp = new NamedParamsRetriever(qParams);
int questionId = questionNp.getInt("id");
String questionBody = questionNp.getString("body");
String questionAnswer = questionNp.getString("answer");
int qOwnerId = questionNp.getInt("ownerId");
User u = getCurrentUser(request);
// check if this is the owner of the question
if (u.getId() == qOwnerId) {
// update question in database
Question qUpdated =
QuestionController.updateQuestion(questionId, questionBody, questionAnswer);
// return result
jsonUpdateQuestion.put("question", qUpdated.toJSONObject());
return jsonUpdateQuestion;
} else {
throw new Exception("no privileges");
}
}
public JSONObject deleteTest(JSONRPC2Request req, HttpServletRequest request)
throws JSONRPC2Error, Exception {
// create json object for the result
JSONObject jsonDeleteTest = new JSONObject();
// get question id
Map<String, Object> params = req.getNamedParams();
NamedParamsRetriever np = new NamedParamsRetriever(params);
Map<String, Object> tParams = np.getMap("test");
NamedParamsRetriever testNp = new NamedParamsRetriever(tParams);
int testId = testNp.getInt("id");
int tOwnerId = testNp.getInt("ownerId");
User u = getCurrentUser(request);
// check for privileges
if (u.getId() == tOwnerId) {
// remove question from database
TestController.deleteTest(testId);
// send result
return jsonDeleteTest;
} else {
throw new Exception("no privileges");
}
}
public JSONObject addQuestion(JSONRPC2Request req, HttpServletRequest request)
throws JSONRPC2Error {
// json object for the result
JSONObject jsonAddQuestion = new JSONObject();
// get question
System.out.println(req.toString());
Map<String, Object> params = req.getNamedParams();
NamedParamsRetriever np = new NamedParamsRetriever(params);
Map<String, Object> qParams = np.getMap("question");
NamedParamsRetriever questionNp = new NamedParamsRetriever(qParams);
String body = questionNp.getString("body");
String answer = questionNp.getString("answer");
// get user
User u = getCurrentUser(request);
int userID = (int) u.getId();
System.out.println("current user id" + userID);
// return ID of Question if added successfully
Question q = QuestionController.addQuestion(body, answer, userID);
jsonAddQuestion.put("question", q.toJSONObject());
return jsonAddQuestion;
}
public JSONObject updateTest(JSONRPC2Request req, HttpServletRequest request)
throws JSONRPC2Error, Exception {
JSONObject jsonUpdateTest = new JSONObject();
// get question
Map<String, Object> params = req.getNamedParams();
NamedParamsRetriever np = new NamedParamsRetriever(params);
Map<String, Object> tParams = np.getMap("test");
NamedParamsRetriever testNp = new NamedParamsRetriever(tParams);
int testId = testNp.getInt("id");
String testName = testNp.getString("name");
int tOwnerId = testNp.getInt("ownerId");
User u = getCurrentUser(request);
// check for privileges
if (u.getId() == tOwnerId) {
// update question in database
Test testUpdated = TestController.updateTest(testId, testName);
// return result
jsonUpdateTest.put("updatedTest", testUpdated.toJSONObject());
return jsonUpdateTest;
} else {
throw new Exception("no privileges");
}
}
public JSONObject removeTestQuestion(JSONRPC2Request req, HttpServletRequest request)
throws Exception, SQLException {
JSONObject jsonResult = new JSONObject();
// set retrievers
Map<String, Object> params = req.getNamedParams();
NamedParamsRetriever np = new NamedParamsRetriever(params);
Map<String, Object> tParams = np.getMap("test");
NamedParamsRetriever testNp = new NamedParamsRetriever(tParams);
Map<String, Object> qParams = np.getMap("question");
NamedParamsRetriever questNp = new NamedParamsRetriever(qParams);
MySQLDAO dao = new MySQLDAO();
Test t = dao.loadTest(testNp.getInt(("id")));
dao = new MySQLDAO();
Question q = dao.loadQuestion(questNp.getInt("id"));
User u = getCurrentUser(request);
if (u.getId() == t.getOwnerId()) {
dao = new MySQLDAO();
t = dao.deleteTestQuestion(t, q);
} else {
throw new Exception("no privileges : you do not own this test");
}
JSONObject jsonTest = t.toJSONObject();
JSONObject jsonQuestion = q.toJSONObject();
jsonResult.put("test", jsonTest);
jsonResult.put("question", jsonQuestion);
return jsonResult;
}
public JSONObject addTestQuestion(JSONRPC2Request req, HttpServletRequest request)
throws Exception, SQLException {
JSONObject jsonResult = new JSONObject();
// set retrievers
Map<String, Object> params = req.getNamedParams();
NamedParamsRetriever np = new NamedParamsRetriever(params);
Map<String, Object> tParams = np.getMap("test");
NamedParamsRetriever testNp = new NamedParamsRetriever(tParams);
Map<String, Object> qParams = np.getMap("question");
NamedParamsRetriever questNp = new NamedParamsRetriever(qParams);
int tid = testNp.getInt(("id"));
int qid = questNp.getInt(("id"));
// load test and question
MySQLDAO dao = new MySQLDAO();
Test t = dao.loadTest(tid);
dao = new MySQLDAO();
Question q = dao.loadQuestion(qid);
// load current user
User u = getCurrentUser(request);
if (u.getId() == t.getOwnerId()) {
// check for duplicates
boolean duplicate = false;
for (Question quest : t.getQuestions()) {
if (quest.getId() == qid) {
duplicate = true;
}
}
if (!duplicate) {
dao = new MySQLDAO();
t = dao.saveTestQuestion(t, q);
}
} else {
throw new Exception("no privileges : you do not own this test!");
}
// set result
JSONObject jsonTest = t.toJSONObject();
JSONObject jsonQuestion = q.toJSONObject();
jsonResult.put("test", jsonTest);
jsonResult.put("question", jsonQuestion);
return jsonResult;
}
public JSONObject loginUser(
HttpServletRequest request, HttpServletResponse response, JSONRPC2Request jsonReq)
throws Exception {
// define new json for the result
JSONObject jsonLogin = new JSONObject();
// get user info
Map<String, Object> params = jsonReq.getNamedParams();
NamedParamsRetriever np = new NamedParamsRetriever(params);
String password = PassEncript.PassHash(np.getString("password"));
System.out.println("input pass " + password);
String email = np.getString("email");
// establish connection
MySQLDAO dao = new MySQLDAO();
// get user by email
User u = new User();
u = dao.loadUser(email);
if (!(u.getEmail().equals(email))) {
throw new Exception("incorrect email");
} else {
// check if password is correct
if (u.getPassword().equals(password)) {
// create sesssion and cookies
HttpSession session = request.getSession();
session.setAttribute("pass", TimeEncrpyt.TimeHash());
System.out.println("session pass: "******"pass").toString());
session.setAttribute("user", email);
System.out.println("session user: "******"user").toString());
session.setMaxInactiveInterval(30 * 60);
Cookie pass = new Cookie("pass", TimeEncrpyt.TimeHash());
System.out.println("cookie pass: "******"user", u.toJSONObject());
return jsonLogin;
} else {
throw new Exception("password missmatch");
}
}
}
public JSONObject addTest(JSONRPC2Request req, HttpServletRequest request) throws JSONRPC2Error {
// json object for the result
JSONObject jsonAddTest = new JSONObject();
// get test
Map<String, Object> params = req.getNamedParams();
NamedParamsRetriever np = new NamedParamsRetriever(params);
Map<String, Object> tParams = np.getMap("test");
NamedParamsRetriever testNp = new NamedParamsRetriever(tParams);
String name = testNp.getString("name");
// get user
User u = getCurrentUser(request);
int userID = (int) u.getId();
// return test if added successfully
Test t = TestController.addTest(name, userID);
System.out.println("add test: " + t.toJSONObject().toString());
jsonAddTest.put("test", t.toJSONObject());
return jsonAddTest;
}
public JSONObject logoutUser(HttpServletRequest request) {
// get session time stamp
HttpSession session = request.getSession();
String sessionPass = (String) session.getAttribute("pass");
// get cookies
Cookie[] cookies = request.getCookies();
// search cookies for match and delete cookie if found
if (cookies != null) {
for (Cookie cookie : cookies) {
if (cookie.getValue().equals(sessionPass)) {
cookie.setMaxAge(0);
}
}
}
// invalidate session
request.getSession().invalidate();
// send result
User u = getCurrentUser(request);
JSONObject jsonLogout = new JSONObject();
jsonLogout.put("user", u.toJSONObject());
return jsonLogout;
}
public JSONObject registerUser(JSONRPC2Request request, JSONRPC2Response response)
throws Exception {
@SuppressWarnings("unused")
JSONRPC2ParamsType paramsType = request.getParamsType();
Map<String, Object> params = request.getNamedParams();
NamedParamsRetriever np = new NamedParamsRetriever(params);
JSONObject jsonRegistration = new JSONObject();
// create new user
User u = new User();
// set params
u.setName(np.getString("name"));
u.setEmail(np.getString("email"));
u.setPassword(PassEncript.PassHash(np.getString("password")));
// add user
MySQLDAO dao = new MySQLDAO();
dao.insertUser(u);
jsonRegistration.put("user", u.toJSONObject());
return jsonRegistration;
}