예제 #1
0
 public ArrayList<UserRolesBean> getUserRolesByUserId(UserBean userBean) {
   ArrayList<UserRolesBean> arrUserRolesBean = new ArrayList<UserRolesBean>();
   if (userBean != null && !Utility.isNullOrEmpty(userBean.getUserId())) {
     AccessUserRolesData accessUserRolesData = new AccessUserRolesData();
     arrUserRolesBean = accessUserRolesData.getUserRolesByUser(userBean);
   }
   return arrUserRolesBean;
 }
  protected void doPost(HttpServletRequest request, HttpServletResponse response)
      throws ServletException, IOException {
    RespObjectProc responseObject = new RespObjectProc();
    JSONObject jsonResponseObj = new JSONObject();
    ArrayList<Text> arrOkText = new ArrayList<Text>();
    ArrayList<Text> arrErrorText = new ArrayList<Text>();
    RespConstants.Status responseStatus = RespConstants.Status.ERROR;
    try {
      if (!DataSecurityChecker.isInsecureInputResponse(request)) {
        UserBean loggedInUserBean =
            (UserBean) request.getSession().getAttribute(Constants.USER_LOGGED_IN_BEAN);

        if (loggedInUserBean != null && !Utility.isNullOrEmpty(loggedInUserBean.getUserId())) {
          String sUserId = ParseUtil.checkNull(loggedInUserBean.getUserId());
          String sEventId = ParseUtil.checkNull(request.getParameter("event_id"));
          String sPageType = ParseUtil.checkNull(request.getParameter("page_type"));
          if (!Utility.isNullOrEmpty(sEventId) && !Utility.isNullOrEmpty(sPageType)) {
            EventWebsiteRequestBean eventWebsiteRequestBean = new EventWebsiteRequestBean();
            eventWebsiteRequestBean.setEventId(sEventId);

            AccessEventWebsite accessEventWebsite = new AccessEventWebsite();
            EventWebsiteBean eventWebsiteBean =
                accessEventWebsite.getEventWebsite(eventWebsiteRequestBean);
            if (eventWebsiteBean != null
                && !Utility.isNullOrEmpty(eventWebsiteBean.getEventWebsiteId())) {

              EventWebsitePageBean eventWebsitePageBeanReg = new EventWebsitePageBean();
              eventWebsitePageBeanReg.setEventWebsiteId(eventWebsiteBean.getEventWebsiteId());
              eventWebsitePageBeanReg.setWebsiteThemeId(eventWebsiteBean.getWebsiteThemeId());
              eventWebsitePageBeanReg.setType(sPageType);

              AccessEventWebsitePage accessEventWebsitePage = new AccessEventWebsitePage();
              EventWebsitePageBean eventWebsitePageBean =
                  accessEventWebsitePage.getEventWebsitePageByType(eventWebsitePageBeanReg);

              if (eventWebsitePageBean != null
                  && !Utility.isNullOrEmpty(eventWebsitePageBean.getEventWebsitePageId())) {
                EventWebsitePageFeature eventWebsitePageFeature = new EventWebsitePageFeature();
                ArrayList<EventWebsitePageFeatureBean> arrMultipleFeatureBean =
                    eventWebsitePageFeature.getMultipleFeatures(
                        eventWebsitePageBean.getEventWebsitePageId());

                JSONObject jsonEventWebsitePageFeatures = new JSONObject();
                if (arrMultipleFeatureBean != null && !arrMultipleFeatureBean.isEmpty()) {
                  for (EventWebsitePageFeatureBean eventWebsitePageFeatureBean :
                      arrMultipleFeatureBean) {
                    jsonEventWebsitePageFeatures.put(
                        eventWebsitePageFeatureBean.getFeatureName(),
                        eventWebsitePageFeatureBean.getValue());
                  }
                }
                jsonResponseObj.put("event_website_page_feature", jsonEventWebsitePageFeatures);
                jsonResponseObj.put("event_website_page", eventWebsitePageBean.toJson());
                jsonResponseObj.put("page_type", sPageType);
                jsonResponseObj.put("image_host", Utility.getImageUploadHost());
                jsonResponseObj.put("bucket", Utility.getS3Bucket());

                EventRequestBean eventRequestBean = new EventRequestBean();
                eventRequestBean.setEventId(sEventId);

                FeatureBean featureBean = new FeatureBean();
                featureBean.setEventId(sEventId);
                featureBean.setFeatureType(FeatureType.image_location);

                Feature feature = new Feature();
                featureBean = feature.getFeature(featureBean);
                if (featureBean != null && !Utility.isNullOrEmpty(featureBean.getFeatureId())) {
                  jsonResponseObj.put("image_folder_location", featureBean.getValue());
                }

                Text okText = new OkText("Website Themes loaded", "status_mssg");
                arrOkText.add(okText);
                responseStatus = RespConstants.Status.OK;
              } else {
                Text errorText =
                    new ErrorText(
                        "Please select a theme for this website. We were unable to load the colors and fonts.",
                        "err_mssg");
                arrErrorText.add(errorText);

                responseStatus = RespConstants.Status.ERROR;
              }

            } else {
              Text errorText =
                  new ErrorText(
                      "Please select a theme for this website. We were unable to load page information.",
                      "err_mssg");
              arrErrorText.add(errorText);

              responseStatus = RespConstants.Status.ERROR;
            }

          } else {
            Text errorText =
                new ErrorText(
                    "Oops!! We were unable to process your request at this time. Please try again later.(loadWebPageRecords - 003)",
                    "err_mssg");
            arrErrorText.add(errorText);

            responseStatus = RespConstants.Status.ERROR;
          }
        } else {
          appLogging.info(
              "Invalid request in Proc Page (loggedInUserBean)"
                  + ParseUtil.checkNullObject(loggedInUserBean));
          Text errorText =
              new ErrorText(
                  "Oops!! We were unable to process your request at this time. Please try again later.(loadWebPageRecords - 002)",
                  "err_mssg");
          arrErrorText.add(errorText);

          responseStatus = RespConstants.Status.ERROR;
        }

      } else {
        appLogging.info(
            "Insecure Parameters used in this Proc Page "
                + Utility.dumpRequestParameters(request).toString()
                + " --> "
                + this.getClass().getName());
        Text errorText =
            new ErrorText(
                "Please use valid parameters. We have identified insecure parameters in your form.",
                "account_num");
        arrErrorText.add(errorText);
        responseStatus = RespConstants.Status.ERROR;
      }
    } catch (Exception e) {
      appLogging.info(
          "An exception occurred in the Proc Page " + ExceptionHandler.getStackTrace(e));
      Text errorText =
          new ErrorText(
              "Oops!! We were unable to process your request at this time. Please try again later.(loadWebPageRecords - 001)",
              "err_mssg");
      arrErrorText.add(errorText);

      responseStatus = RespConstants.Status.ERROR;
    }

    responseObject.setErrorMessages(arrErrorText);
    responseObject.setOkMessages(arrOkText);
    responseObject.setResponseStatus(responseStatus);
    responseObject.setJsonResponseObj(jsonResponseObj);

    response.setContentType("application/json");
    response.setCharacterEncoding("UTF-8");
    response.getWriter().write(responseObject.getJson().toString());
  }
  public void doPost(HttpServletRequest request, HttpServletResponse response)
      throws ServletException, IOException {
    RespObjectProc responseObject = new RespObjectProc();
    JSONObject jsonResponseObj = new JSONObject();
    ArrayList<Text> arrOkText = new ArrayList<Text>();
    ArrayList<Text> arrErrorText = new ArrayList<Text>();
    RespConstants.Status responseStatus = RespConstants.Status.ERROR;

    try {

      if (!DataSecurityChecker.isInsecureInputResponse(request)) {
        UserBean loggedInUserBean =
            (UserBean) request.getSession().getAttribute(Constants.USER_LOGGED_IN_BEAN);

        if (loggedInUserBean != null && !Utility.isNullOrEmpty(loggedInUserBean.getUserId())) {

          String sUploadId = ParseUtil.checkNull(request.getParameter("upload_id"));
          if (!Utility.isNullOrEmpty(sUploadId)) {

            AccessUsers accessUser = new AccessUsers();
            ParentTypeBean parentTypeBean = accessUser.getParentTypeBeanFromUser(loggedInUserBean);
            if (parentTypeBean != null && parentTypeBean.isUserAVendor()) {
              UploadRequestBean uploadRequestBean = new UploadRequestBean();
              uploadRequestBean.setUploadId(sUploadId);

              UploadFile uploadFile = new UploadFile();
              UploadResponseBean uploadResponseBean =
                  uploadFile.getUploadFileInfo(uploadRequestBean);

              if (uploadResponseBean != null) {
                UploadBean uploadBean = uploadResponseBean.getUploadBean();

                SharedFilesRequestBean sharedFilesRequestBean = new SharedFilesRequestBean();
                sharedFilesRequestBean.setUploadId(sUploadId);

                AccessSharedFiles accessSharedFiles = new AccessSharedFiles();
                SharedFilesBean sharedFilesBean =
                    accessSharedFiles.getSharedFilesFromUploadId(sharedFilesRequestBean);
                if (sharedFilesBean != null) {

                  sharedFilesRequestBean.setSharedFileId(sharedFilesBean.getSharedFilesId());

                  Folder folder = new Folder();
                  boolean isFileDeleted =
                      folder.deleteS3File(uploadBean.getFilename(), uploadBean.getPath());

                  BuildSharedFiles buildSharedFiles = new BuildSharedFiles();
                  buildSharedFiles.deleteSharedFiles(sharedFilesRequestBean);

                  jsonResponseObj.put("is_deleted", true);
                  jsonResponseObj.put("deleted_upload_id", sUploadId);

                  Text okText = new OkText("The file was deleted successfully", "status_mssg");
                  arrOkText.add(okText);
                  responseStatus = RespConstants.Status.OK;
                }

              } else {
                Text errorText =
                    new ErrorText("The file you are trying to delete does not exist.", "err_mssg");
                arrErrorText.add(errorText);

                responseStatus = RespConstants.Status.ERROR;
              }
            } else {
              Text errorText =
                  new ErrorText(
                      "You are not allowed to perform this action. Please contact your support representative.",
                      "err_mssg");
              arrErrorText.add(errorText);

              responseStatus = RespConstants.Status.ERROR;
            }

          } else {
            Text errorText =
                new ErrorText(
                    "We were unable to delete the file. Please select a valid file", "err_mssg");
            arrErrorText.add(errorText);

            responseStatus = RespConstants.Status.ERROR;
          }

        } else {
          appLogging.info(
              "Invalid request in Proc Page (loggedInUserBean)"
                  + ParseUtil.checkNullObject(loggedInUserBean));
          Text errorText =
              new ErrorText(
                  "Oops!! We were unable to process your request at this time. Please try again later.(loadFileGroup - 002)",
                  "err_mssg");
          arrErrorText.add(errorText);

          responseStatus = RespConstants.Status.ERROR;
        }

      } else {
        appLogging.info(
            "Insecure Parameters used in this Proc Page "
                + Utility.dumpRequestParameters(request).toString()
                + " --> "
                + this.getClass().getName());
        Text errorText =
            new ErrorText(
                "Please use valid parameters. We have identified insecure parameters in your form.",
                "account_num");
        arrErrorText.add(errorText);
        responseStatus = RespConstants.Status.ERROR;
      }

    } catch (Exception e) {
      appLogging.info(
          "An exception occurred in the Proc Page " + ExceptionHandler.getStackTrace(e));
      Text errorText =
          new ErrorText(
              "Oops!! We were unable to process your request at this time. Please try again later.(loadFileGroup - 001)",
              "err_mssg");
      arrErrorText.add(errorText);

      responseStatus = RespConstants.Status.ERROR;
    }

    responseObject.setErrorMessages(arrErrorText);
    responseObject.setOkMessages(arrOkText);
    responseObject.setResponseStatus(responseStatus);
    responseObject.setJsonResponseObj(jsonResponseObj);

    response.setContentType("application/json");
    response.setCharacterEncoding("UTF-8");
    response.getWriter().write(responseObject.getJson().toString());
  }
예제 #4
0
  public void doPost(HttpServletRequest request, HttpServletResponse response)
      throws ServletException, IOException {
    RespObjectProc responseObject = new RespObjectProc();
    JSONObject jsonResponseObj = new JSONObject();
    ArrayList<Text> arrOkText = new ArrayList<Text>();
    ArrayList<Text> arrErrorText = new ArrayList<Text>();
    RespConstants.Status responseStatus = RespConstants.Status.ERROR;
    try {
      if (!DataSecurityChecker.isInsecureInputResponse(request)) {
        String sEmailAddress = ParseUtil.checkNull(request.getParameter("resetEmail"));
        String sPassword = ParseUtil.checkNull(request.getParameter("resetPassword"));
        String sConfirmPassword = ParseUtil.checkNull(request.getParameter("resetConfirmPassword"));
        String sSecureTokenId = ParseUtil.checkNull(request.getParameter("lotophagi"));
        Validator instance = ESAPI.validator();
        if (Utility.isNullOrEmpty(sSecureTokenId)) {
          appLogging.info("Invalid Link Used " + ParseUtil.checkNull(sSecureTokenId));
          Text errorText =
              new ErrorText(
                  "An invalid link was used. The link was sent to your email.", "err_mssg");
          arrErrorText.add(errorText);

          responseStatus = RespConstants.Status.ERROR;
        } else if (!instance.isValidInput("resetEmail", sEmailAddress, "Email", 250, false)
            || Utility.isNullOrEmpty(sPassword)
            || Utility.isNullOrEmpty(sConfirmPassword)) {
          appLogging.info(
              "Invalid Email Address or password used "
                  + ParseUtil.checkNull(sEmailAddress)
                  + " "
                  + ParseUtil.checkNull(sPassword)
                  + " "
                  + ParseUtil.checkNull(sConfirmPassword));
          Text errorText = new ErrorText("Please fill in all required fields ", "err_mssg");
          arrErrorText.add(errorText);

          responseStatus = RespConstants.Status.ERROR;
        } else if (!sPassword.equalsIgnoreCase(sConfirmPassword)) {
          appLogging.info(
              "Password do not match"
                  + ParseUtil.checkNull(sPassword)
                  + " "
                  + ParseUtil.checkNull(sConfirmPassword));
          Text errorText = new ErrorText("Passwords do not match", "err_mssg");
          arrErrorText.add(errorText);

          responseStatus = RespConstants.Status.ERROR;
        } else {
          UserRequestBean userRequestBean = new UserRequestBean();
          userRequestBean.setEmail(sEmailAddress);

          AccessUsers accessUsers = new AccessUsers();
          UserBean userBean = accessUsers.getUserByEmail(userRequestBean);
          if (userBean != null && !Utility.isNullOrEmpty(userBean.getUserId())) {
            ForgotPassword forgotPassword = new ForgotPassword(sEmailAddress);
            ForgotPasswordBean forgotPasswordBean =
                forgotPassword.getForgotPasswordBean(sSecureTokenId, userBean.getUserId());

            if (forgotPasswordBean != null
                && forgotPasswordBean.isUsable()
                && (DateSupport.getEpochMillis() - forgotPasswordBean.getCreateDate())
                    < Constants.HOURS24_IN_MILLISEC) {
              PasswordRequestBean passwordRequestBean = new PasswordRequestBean();
              passwordRequestBean.setPassword(sPassword);
              passwordRequestBean.setUserId(userBean.getUserId());
              passwordRequestBean.setPasswordStatus(Constants.PASSWORD_STATUS.ACTIVE);

              ManageUserPassword manageUserPassword = new ManageUserPassword();
              Integer iNumOfRows = manageUserPassword.updatePassword(passwordRequestBean);
              if (iNumOfRows > 0) {
                Text okText =
                    new OkText(
                        "Password was reset. Please login with the new password.", "err_mssg");
                arrOkText.add(okText);
                responseStatus = RespConstants.Status.OK;

                ForgotPasswordData forgotpasswordData = new ForgotPasswordData();
                forgotpasswordData.deactivateForgotPassword(
                    forgotPasswordBean); // deactivating the old request for forgot password
              } else {
                appLogging.info(
                    "Password cannot be reset " + ParseUtil.checkNullObject(forgotPasswordBean));
                Text errorText =
                    new ErrorText(
                        "Oops! You are trying to use an expired link. Please click \'Forgot Password\' and get a new link",
                        "err_mssg");
                arrErrorText.add(errorText);

                responseStatus = RespConstants.Status.ERROR;
              }
            } else {
              appLogging.info(
                  "Password cannot be reset " + ParseUtil.checkNullObject(forgotPasswordBean));
              Text errorText =
                  new ErrorText(
                      "Oops! You are trying to use an expired link. Please click \'Forgot Password\' and get a new link",
                      "err_mssg");
              arrErrorText.add(errorText);

              responseStatus = RespConstants.Status.ERROR;
            }
          }
        }

      } else {
        appLogging.info(
            "Insecure Parameters used in this Proc Page "
                + Utility.dumpRequestParameters(request).toString()
                + " --> "
                + this.getClass().getName());
        Text errorText =
            new ErrorText(
                "Please use valid parameters. We have identified insecure parameters in your form.",
                "account_num");
        arrErrorText.add(errorText);
        responseStatus = RespConstants.Status.ERROR;
      }
    } catch (Exception e) {
      appLogging.info(
          "An exception occurred in the Proc Page " + ExceptionHandler.getStackTrace(e));
      Text errorText =
          new ErrorText(
              "Oops!! We were unable to process your request at this time. Please try again later.(001)",
              "err_mssg");
      arrErrorText.add(errorText);

      responseStatus = RespConstants.Status.ERROR;
    }

    responseObject.setErrorMessages(arrErrorText);
    responseObject.setOkMessages(arrOkText);
    responseObject.setResponseStatus(responseStatus);
    responseObject.setJsonResponseObj(jsonResponseObj);

    response.setContentType("application/json");
    response.setCharacterEncoding("UTF-8");
    response.getWriter().write(responseObject.getJson().toString());
  }