Exemplo n.º 1
0
 @Override
 public String getPathInfo() {
   try {
     return urlDecode(request.params().get("param0"));
   } catch (URISyntaxException e) {
     return request.params().get("param0");
   }
 }
 private void isUserOrAdmin(
     HttpServerRequest request, UserInfos user, final Handler<Boolean> handler) {
   final String userId = request.params().get("userId");
   if (user.getUserId().equals(userId)) {
     handler.handle(true);
     return;
   }
   final UserInfos.Function adminLocal = getFunction(user, handler);
   if (adminLocal == null) return;
   String query =
       "MATCH (s:Structure)<-[:DEPENDS]-(:ProfileGroup)<-[:IN]-(u:User {id : {userId}}) "
           + "WHERE s.id IN {structures} "
           + "RETURN count(*) > 0 as exists ";
   JsonObject params =
       new JsonObject()
           .putArray("structures", new JsonArray(adminLocal.getScope().toArray()))
           .putString("userId", userId);
   Neo4j.getInstance()
       .execute(
           query,
           params,
           new Handler<Message<JsonObject>>() {
             @Override
             public void handle(Message<JsonObject> message) {
               JsonArray res = message.body().getArray("result");
               handler.handle(
                   "ok".equals(message.body().getString("status"))
                       && res != null
                       && res.size() == 1
                       && res.<JsonObject>get(0).getBoolean("exists", false));
             }
           });
 }
 private void authorizeOwner(
     HttpServerRequest request, UserInfos user, String serviceMethod, Handler<Boolean> handler) {
   String id = request.params().get("id");
   if (id != null && !id.trim().isEmpty()) {
     String query = "{ \"_id\": \"" + id + "\", \"owner\": \"" + user.getUserId() + "\" }";
     executeCountQuery(
         request, DocumentDao.DOCUMENTS_COLLECTION, new JsonObject(query), 1, handler);
   } else {
     handler.handle(false);
   }
 }
  private void authorizeCommentOwner(
      HttpServerRequest request,
      UserInfos user,
      String serviceMethod,
      final Handler<Boolean> handler) {
    final String id = request.params().get("id");
    final String commentId = request.params().get("commentId");
    JsonObject query =
        new JsonObject(
            "{ \"_id\": \""
                + id
                + "\", \"comments.id\": \""
                + commentId
                + "\", \"comments.author\": \""
                + user.getUserId()
                + "\"  }");

    if (commentId != null && !commentId.trim().isEmpty()) {
      executeCountQuery(request, DocumentDao.DOCUMENTS_COLLECTION, query, 1, handler);
    } else {
      handler.handle(false);
    }
  }
Exemplo n.º 5
0
 @Post("/function/:profile")
 @SecuredAction("profile.create.function")
 public void createFunction(final HttpServerRequest request) {
   final String profile = request.params().get("profile");
   bodyToJson(
       request,
       pathPrefix + "createFunction",
       new Handler<JsonObject>() {
         @Override
         public void handle(JsonObject event) {
           profileService.createFunction(
               profile, event, notEmptyResponseHandler(request, 201, 409));
         }
       });
 }
  private void authorizeRevisionOwner(
      HttpServerRequest request,
      UserInfos user,
      String serviceMethod,
      final Handler<Boolean> handler) {
    final String revisionId = request.params().get("revisionId");
    JsonObject query =
        new JsonObject(
            "{ \"_id\": \"" + revisionId + "\", \"userId\": \"" + user.getUserId() + "\" }");

    if (revisionId != null && !revisionId.trim().isEmpty()) {
      executeCountQuery(request, Workspace.REVISIONS_COLLECTION, query, 1, handler);
    } else {
      handler.handle(false);
    }
  }
 private void authorizeGetDocument(
     HttpServerRequest request, UserInfos user, String serviceMethod, Handler<Boolean> handler) {
   String id = request.params().get("id");
   if (id != null && !id.trim().isEmpty()) {
     String query =
         "{ \"_id\": \""
             + id
             + "\", \"$or\" : [{ \"owner\": \""
             + user.getUserId()
             + "\"}, { \"protected\" : true}, { \"public\" : true}, {\"shared\" : { \"$elemMatch\" : "
             + orSharedElementMatch(user, serviceMethod)
             + "}}]}";
     executeCountQuery(
         request, DocumentDao.DOCUMENTS_COLLECTION, new JsonObject(query), 1, handler);
   } else {
     handler.handle(false);
   }
 }
 private void authorizeDocuments(
     HttpServerRequest request, UserInfos user, String serviceMethod, Handler<Boolean> handler) {
   String ids = request.params().get("ids");
   if (ids != null && !ids.trim().isEmpty()) {
     JsonArray idsArray = new JsonArray(ids.split(","));
     String query =
         "{ \"_id\": { \"$in\" : "
             + idsArray.encode()
             + "}, "
             + "\"$or\" : [{ \"owner\": \""
             + user.getUserId()
             + "\"}, {\"shared\" : { \"$elemMatch\" : "
             + orSharedElementMatch(user, serviceMethod)
             + "}}]}";
     executeCountQuery(
         request,
         DocumentDao.DOCUMENTS_COLLECTION,
         new JsonObject(query),
         idsArray.size(),
         handler);
   } else {
     handler.handle(false);
   }
 }
Exemplo n.º 9
0
  private void handleDbMongo(final HttpServerRequest req) {
    int queriesParam = 1;
    try {
      queriesParam = Integer.parseInt(req.params().get("queries"));
    } catch (NumberFormatException e) {
      // do nothing
    }

    final MongoHandler dbh = new MongoHandler(req, queriesParam);
    final Random random = ThreadLocalRandom.current();

    for (int i = 0; i < queriesParam; i++) {
      vertx
          .eventBus()
          .send(
              "hello.persistor",
              new JsonObject()
                  .putString("action", "findone")
                  .putString("collection", "world")
                  .putObject(
                      "matcher", new JsonObject().putNumber("id", (random.nextInt(10000) + 1))),
              dbh);
    }
  }
Exemplo n.º 10
0
 private void isAdmin(HttpServerRequest request, UserInfos user, Handler<Boolean> handler) {
   UserInfos.Function adminLocal = getFunction(user, handler);
   if (adminLocal == null) return;
   String structureId = request.params().get("structureId");
   handler.handle(adminLocal.getScope().contains(structureId));
 }
Exemplo n.º 11
0
 @Delete("/functiongroup/:groupId")
 @SecuredAction("profile.delete.function.group")
 public void deleteFunctionGroup(final HttpServerRequest request) {
   final String groupId = request.params().get("groupId");
   profileService.deleteFunctionGroup(groupId, defaultResponseHandler(request, 204));
 }
Exemplo n.º 12
0
 @Delete("/function/:function")
 @SecuredAction("profile.delete.function")
 public void deleteFunction(final HttpServerRequest request) {
   final String function = request.params().get("function");
   profileService.deleteFunction(function, defaultResponseHandler(request, 204));
 }