@With({UserCredentialWrapFilter.class, ConnectToDBFilter.class})
@BodyParser.Of(BodyParser.Json.class)
public static Result changePassword() {
Logger.trace("Method Start");
Http.RequestBody body = request().body();
JsonNode bodyJson = body.asJson();
Logger.trace("changePassword bodyJson: " + bodyJson);
if (bodyJson == null)
return badRequest(
"The body payload cannot be empty. Hint: put in the request header Content-Type: application/json");
// check and validate input
if (!bodyJson.has("old")) return badRequest("The 'old' field is missing");
if (!bodyJson.has("new")) return badRequest("The 'new' field is missing");
String currentPassword = DbHelper.getCurrentHTTPPassword();
String oldPassword = (String) bodyJson.findValuesAsText("old").get(0);
String newPassword = (String) bodyJson.findValuesAsText("new").get(0);
if (!oldPassword.equals(currentPassword)) {
return badRequest("The old password does not match with the current one");
}
UserService.changePasswordCurrentUser(newPassword);
Logger.trace("Method End");
return ok();
}
@With({
AdminCredentialWrapFilter.class,
ConnectToDBFilter.class,
})
@BodyParser.Of(BodyParser.Json.class)
public static Result signUp() {
Logger.trace("Method Start");
Http.RequestBody body = request().body();
JsonNode bodyJson = body.asJson();
Logger.trace("signUp bodyJson: " + bodyJson);
if (bodyJson == null)
return badRequest(
"The body payload cannot be empty. Hint: put in the request header Content-Type: application/json");
// check and validate input
if (!bodyJson.has("username")) return badRequest("The 'username' field is missing");
if (!bodyJson.has("password")) return badRequest("The 'password' field is missing");
// extract mandatory fields
JsonNode nonAppUserAttributes = bodyJson.get(UserDao.ATTRIBUTES_VISIBLE_BY_ANONYMOUS_USER);
JsonNode privateAttributes = bodyJson.get(UserDao.ATTRIBUTES_VISIBLE_ONLY_BY_THE_USER);
JsonNode friendsAttributes = bodyJson.get(UserDao.ATTRIBUTES_VISIBLE_BY_FRIENDS_USER);
JsonNode appUsersAttributes = bodyJson.get(UserDao.ATTRIBUTES_VISIBLE_BY_REGISTERED_USER);
String username = (String) bodyJson.findValuesAsText("username").get(0);
String password = (String) bodyJson.findValuesAsText("password").get(0);
if (privateAttributes != null && privateAttributes.has("email")) {
// check if email address is valid
if (!Util.validateEmail((String) privateAttributes.findValuesAsText("email").get(0)))
return badRequest("The email address must be valid.");
}
// try to signup new user
try {
UserService.signUp(
username,
password,
nonAppUserAttributes,
privateAttributes,
friendsAttributes,
appUsersAttributes);
} catch (UserAlreadyExistsException e) {
Logger.debug("signUp", e);
return badRequest(username + " already exists");
} catch (Throwable e) {
Logger.warn("signUp", e);
if (Play.isDev()) return internalServerError(ExceptionUtils.getFullStackTrace(e));
else return internalServerError(e.getMessage());
}
Logger.trace("Method End");
return created();
}
public XMLContentProcessor(Http.RequestBody body) {
String[] parts = body.toString().split("Some\\(");
if (parts.length > 0) {
String[] parts2 = parts[1].split("\\)\\,");
if (parts2.length > 0) {
this.body = parts2[0];
}
}
}
@Override
public Map<String, String[]> getRequestParameters() {
final Http.RequestBody body = request.body();
final Map<String, String[]> formParameters;
if (body != null) {
formParameters = body.asFormUrlEncoded();
} else {
formParameters = new HashMap<>();
}
final Map<String, String[]> urlParameters = request.queryString();
final Map<String, String[]> parameters = new HashMap<>();
if (formParameters != null) {
parameters.putAll(formParameters);
}
if (urlParameters != null) {
parameters.putAll(urlParameters);
}
return parameters;
}
private static Optional<JsonNode> getValidJson(Http.RequestBody body) {
JsonNode json = body.asJson();
logger.debug("received json: {}", json);
try {
// validates json
Json.fromJson(json, Message.class);
} catch (Exception e) {
logger.warn("Invalid json ({})", e.getCause().getMessage());
return Optional.empty();
}
return Optional.of(json);
}
public F.Promise<Result> call(Http.Context ctx) throws Throwable {
try {
return delegate.call(ctx);
} catch (Exception e) {
e.printStackTrace();
StringBuilder sb = new StringBuilder();
sb.append("Error for request at " + ctx.request().uri() + "\n");
sb.append("Headers: \n");
Map<String, String[]> headers = ctx.request().headers();
for (String key : headers.keySet()) {
sb.append(" " + key + " --> ");
for (String val : headers.get(key)) {
sb.append(val + "|||");
}
sb.append("\n");
}
sb.append("Cookies: \n");
for (Http.Cookie cookie : ctx.request().cookies()) {
sb.append(" " + cookie.name() + " --> " + cookie.value() + "\n");
}
Http.RequestBody body = ctx.request().body();
Map<String, String[]> body_vals = body.asFormUrlEncoded();
if (body_vals != null) {
sb.append("Body (as form URL encoded): \n");
for (String key : body_vals.keySet()) {
sb.append(" " + key + " --> ");
for (String val : body_vals.get(key)) {
sb.append(val + "|||");
}
sb.append("\n");
}
}
Logger.error(sb.toString());
throw e;
}
}
@With({UserCredentialWrapFilter.class, ConnectToDBFilter.class})
@BodyParser.Of(BodyParser.Json.class)
public static Result changeUserName() throws UserNotFoundException {
Http.RequestBody body = request().body();
JsonNode bodyJson = body.asJson();
if (BaasBoxLogger.isTraceEnabled()) BaasBoxLogger.trace("updateuserName bodyJson: " + bodyJson);
if (bodyJson == null)
return badRequest(
"The body payload cannot be empty. Hint: put in the request header Content-Type: application/json");
if (bodyJson.get("username") == null || !bodyJson.get("username").isTextual())
return badRequest("'username' field must be a String");
String newUsername = bodyJson.get("username").asText();
try {
UserService.changeUsername(DbHelper.getCurrentHTTPUsername(), newUsername);
} catch (OpenTransactionException e) {
return internalServerError(ExceptionUtils.getMessage(e));
} catch (SqlInjectionException e) {
return badRequest("Username not valid");
}
return ok();
}
@With({UserCredentialWrapFilter.class, ConnectToDBFilter.class})
@BodyParser.Of(BodyParser.Json.class)
public static Result updateProfile() {
Logger.trace("Method Start");
Http.RequestBody body = request().body();
JsonNode bodyJson = body.asJson();
Logger.trace("updateProfile bodyJson: " + bodyJson);
if (bodyJson == null)
return badRequest(
"The body payload cannot be empty. Hint: put in the request header Content-Type: application/json");
// extract the profile fields
JsonNode nonAppUserAttributes = bodyJson.get(UserDao.ATTRIBUTES_VISIBLE_BY_ANONYMOUS_USER);
JsonNode privateAttributes = bodyJson.get(UserDao.ATTRIBUTES_VISIBLE_ONLY_BY_THE_USER);
JsonNode friendsAttributes = bodyJson.get(UserDao.ATTRIBUTES_VISIBLE_BY_FRIENDS_USER);
JsonNode appUsersAttributes = bodyJson.get(UserDao.ATTRIBUTES_VISIBLE_BY_REGISTERED_USER);
if (privateAttributes.has("email")) {
// check if email address is valid
if (!Util.validateEmail((String) privateAttributes.findValuesAsText("email").get(0)))
return badRequest("The email address must be valid.");
}
ODocument profile;
try {
profile =
UserService.updateCurrentProfile(
nonAppUserAttributes, privateAttributes, friendsAttributes, appUsersAttributes);
} catch (Throwable e) {
Logger.warn("updateProfile", e);
if (Play.isDev()) return internalServerError(ExceptionUtils.getFullStackTrace(e));
else return internalServerError(e.getMessage());
}
Logger.trace("Method End");
return ok(prepareResponseToJson(profile));
} // updateProfile
// NOTE: this controller is called via a web form by a browser to reset the user's password
// Filters to extract username/appcode/atc.. from the headers have no sense in this case
public static Result resetPasswordStep3(String base64) {
String tokenReceived = "";
String appCode = "";
String username = "";
String tokenId = "";
Map<String, String[]> bodyForm = null;
try {
// loads the received token and extracts data by the hashcode in the url
tokenReceived = new String(Base64.decodeBase64(base64.getBytes()));
Logger.debug("resetPasswordStep3 - sRandom: " + tokenReceived);
// token format should be APP_Code%%%%Username%%%%ResetTokenId
String[] tokens = tokenReceived.split("%%%%");
if (tokens.length != 3) return badRequest("The reset password code is invalid.");
appCode = tokens[0];
username = tokens[1];
tokenId = tokens[2];
String adminUser =
BBConfiguration.configuration.getString(IBBConfigurationKeys.ADMIN_USERNAME);
String adminPassword =
BBConfiguration.configuration.getString(IBBConfigurationKeys.ADMIN_PASSWORD);
try {
DbHelper.open(appCode, adminUser, adminPassword);
} catch (InvalidAppCodeException e1) {
throw new Exception("The code to reset the password seems to be invalid");
}
if (!UserService.exists(username)) throw new Exception("User not found!");
boolean isTokenValid = ResetPwdDao.getInstance().verifyTokenStep2(base64, username);
if (!isTokenValid)
throw new Exception(
"Reset Code not found or expired! Please repeat the reset password procedure");
Http.RequestBody body = request().body();
bodyForm = body.asFormUrlEncoded();
if (bodyForm == null)
throw new Exception(
"Error getting submitted data. Please repeat the reset password procedure");
} catch (Exception e) {
ST pageTemplate =
new ST(PasswordRecovery.PAGE_HTML_FEEDBACK_TEMPLATE.getValueAsString(), '$', '$');
pageTemplate.add("user_name", username);
pageTemplate.add("error", e.getMessage());
pageTemplate.add(
"application_name",
com.baasbox.configuration.Application.APPLICATION_NAME.getValueAsString());
DbHelper.getConnection().close();
return badRequest(Html.apply(pageTemplate.render()));
}
// check and validate input
String errorString = "";
if (bodyForm.get("password").length != 1) errorString = "The 'new password' field is missing";
if (bodyForm.get("repeat-password").length != 1)
errorString = "The 'repeat password' field is missing";
String password = (String) bodyForm.get("password")[0];
String repeatPassword = (String) bodyForm.get("repeat-password")[0];
if (!password.equals(repeatPassword)) {
errorString =
"The new \"password\" field and the \"repeat password\" field must be the same.";
}
if (!errorString.isEmpty()) {
ST pageTemplate = new ST(PasswordRecovery.PAGE_HTML_TEMPLATE.getValueAsString(), '$', '$');
pageTemplate.add(
"form_template",
"<form action='/user/password/reset/"
+ base64
+ "' method='POST' id='reset_pwd_form'>"
+ "<label for='password'>New password</label>"
+ "<input type='password' id='password' name='password' />"
+ "<label for='repeat-password'>Repeat the new password</label>"
+ "<input type='password' id='repeat-password' name='repeat-password' />"
+ "<button type='submit' id='reset_pwd_submit'>Reset the password</button>"
+ "</form>");
pageTemplate.add("user_name", username);
pageTemplate.add("link", "/user/password/reset/" + base64);
pageTemplate.add("password", "password");
pageTemplate.add("repeat_password", "repeat-password");
pageTemplate.add(
"application_name",
com.baasbox.configuration.Application.APPLICATION_NAME.getValueAsString());
pageTemplate.add("error", errorString);
DbHelper.getConnection().close();
return badRequest(Html.apply(pageTemplate.render()));
}
try {
UserService.resetUserPasswordFinalStep(username, password);
} catch (Throwable e) {
Logger.warn("changeUserPassword", e);
DbHelper.getConnection().close();
if (Play.isDev()) return internalServerError(ExceptionUtils.getFullStackTrace(e));
else return internalServerError(e.getMessage());
}
Logger.trace("Method End");
String ok_message = "Password changed";
ST pageTemplate =
new ST(PasswordRecovery.PAGE_HTML_FEEDBACK_TEMPLATE.getValueAsString(), '$', '$');
pageTemplate.add("user_name", username);
pageTemplate.add("message", ok_message);
pageTemplate.add(
"application_name",
com.baasbox.configuration.Application.APPLICATION_NAME.getValueAsString());
DbHelper.getConnection().close();
return ok(Html.apply(pageTemplate.render()));
}
public static Result postGenerate(String handler_json) {
String oper = "";
RequestBody body = request().body();
if (body == null) {
return ok(completeAnnotation.render("Error processing form: form appears to be empty."));
}
String textBody = body.asText();
Properties p = new Properties();
try {
p.load(new StringReader(textBody));
} catch (Exception e) {
e.printStackTrace();
return ok(completeAnnotation.render("Error processing form: form appears to be empty."));
}
System.out.println("Selection: " + p.getProperty("submitButton"));
if (p.getProperty("submitButton") != null) oper = p.getProperty("submitButton");
if (oper.equals(OPER_FINISH)) {
return ok(completeAnnotation.render("Annotation operation finished."));
}
NameSpaces ns = NameSpaces.getInstance();
String preamble = FRAG_START_PREAMBLE;
preamble += ns.printNameSpaceList();
preamble += "\n";
/*
* Insert KB
*/
preamble += FRAG_KB_PART1;
preamble += Play.application().configuration().getString("hadatac.console.kb");
preamble += FRAG_KB_PART2;
try {
handler_json = URLDecoder.decode(handler_json, "UTF-8");
} catch (Exception e) {
e.printStackTrace();
}
System.out.println(handler_json);
ObjectMapper mapper = new ObjectMapper();
CSVAnnotationHandler handler = null;
try {
handler = mapper.readValue(handler_json, CSVAnnotationHandler.class);
/*
* Insert Data Set
*/
preamble += "<" + DataFactory.getNextURI(DataFactory.DATASET_ABBREV) + ">";
preamble += FRAG_DATASET;
preamble += handler.getDataCollectionUri() + ">; ";
int i = 0;
int timeStampIndex = -1;
ArrayList<Integer> mt = new ArrayList<Integer>();
for (String str : handler.getFields()) {
// System.out.println(str);
// System.out.println("get " + i + "-characteristic: [" + p.getProperty(i +
// "-characteristic") + "]");
// System.out.println("get " + i + "-unit: [" + p.getProperty(i + "-unit") + "]");
if ((p.getProperty(i + "-characteristic") != null)
&& (!p.getProperty(i + "-characteristic").equals(""))
&& (p.getProperty(i + "-unit") != null)
&& (!p.getProperty(i + "-unit").equals(""))) {
if (p.getProperty(i + "-unit").equals(FRAG_IN_DATE_TIME)) {
timeStampIndex = i;
} else {
mt.add(i);
}
}
i++;
}
preamble += FRAG_HAS_MEASUREMENT_TYPE;
int aux = 0;
for (Integer mt_count : mt) {
preamble += FRAG_MT + aux++ + "> ";
}
preamble += ".\n\n";
/*
* Insert measurement types
*/
aux = 0;
for (Integer mt_count : mt) {
preamble += FRAG_MT + aux;
preamble += FRAG_MEASUREMENT_TYPE_PART1;
if (timeStampIndex != -1) {
preamble += FRAG_IN_DATE_TIME;
preamble += FRAG_IN_DATE_TIME_SUFFIX;
}
preamble += FRAG_MEASUREMENT_TYPE_PART2;
preamble += mt_count;
preamble += FRAG_MEASUREMENT_TYPE_PART3;
preamble += "<" + p.getProperty(mt_count + "-characteristic") + ">";
preamble += FRAG_MEASUREMENT_TYPE_PART4;
preamble += "<" + p.getProperty(mt_count + "-unit") + ">";
preamble += " .\n";
}
if (timeStampIndex != -1) {
preamble += "\n";
preamble += FRAG_IN_DATE_TIME_STATEMENT + " " + timeStampIndex + " . \n";
}
if (textBody == null) {
badRequest("Expecting text/plain request body");
}
} catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
return ok(completeAnnotation.render("Error processing form. Please restart form."));
}
preamble += FRAG_END_PREAMBLE;
if (oper.equals(OPER_PREAMBLE)) {
return ok(preamble).as("text/turtle");
}
if (oper.equals(OPER_CCSV)) {
File newFile = new File(handler.getDatasetName());
try {
preamble += FileUtils.readFileToString(newFile, "UTF-8");
} catch (IOException e) {
// TODO Auto-generated catch block
e.printStackTrace();
return ok(completeAnnotation.render("Error reading cached CSV file. Please restart form."));
}
return ok(preamble).as("text/turtle");
}
if (oper.equals(OPER_UPLOAD)) {}
return ok(completeAnnotation.render("Error processing form: unspecified download operation."));
}
@With({AdminCredentialWrapFilter.class, ConnectToDBFilter.class})
@BodyParser.Of(BodyParser.Json.class)
public static Result signUp() throws JsonProcessingException, IOException {
if (BaasBoxLogger.isTraceEnabled()) BaasBoxLogger.trace("Method Start");
Http.RequestBody body = request().body();
JsonNode bodyJson = body.asJson();
if (BaasBoxLogger.isTraceEnabled()) BaasBoxLogger.trace("signUp bodyJson: " + bodyJson);
if (bodyJson == null)
return badRequest(
"The body payload cannot be empty. Hint: put in the request header Content-Type: application/json");
// check and validate input
if (!bodyJson.has("username")) return badRequest("The 'username' field is missing");
if (!bodyJson.has("password")) return badRequest("The 'password' field is missing");
// extract mandatory fields
JsonNode nonAppUserAttributes = bodyJson.get(UserDao.ATTRIBUTES_VISIBLE_BY_ANONYMOUS_USER);
JsonNode privateAttributes = bodyJson.get(UserDao.ATTRIBUTES_VISIBLE_ONLY_BY_THE_USER);
JsonNode friendsAttributes = bodyJson.get(UserDao.ATTRIBUTES_VISIBLE_BY_FRIENDS_USER);
JsonNode appUsersAttributes = bodyJson.get(UserDao.ATTRIBUTES_VISIBLE_BY_REGISTERED_USER);
String username = (String) bodyJson.findValuesAsText("username").get(0);
String password = (String) bodyJson.findValuesAsText("password").get(0);
String appcode = (String) ctx().args.get("appcode");
if (privateAttributes != null && privateAttributes.has("email")) {
// check if email address is valid
if (!Util.validateEmail((String) privateAttributes.findValuesAsText("email").get(0)))
return badRequest("The email address must be valid.");
}
if (StringUtils.isEmpty(password)) return status(422, "The password field cannot be empty");
// try to signup new user
ODocument profile = null;
try {
UserService.signUp(
username,
password,
null,
nonAppUserAttributes,
privateAttributes,
friendsAttributes,
appUsersAttributes,
false);
// due to issue 412, we have to reload the profile
profile = UserService.getUserProfilebyUsername(username);
} catch (InvalidJsonException e) {
if (BaasBoxLogger.isDebugEnabled()) BaasBoxLogger.debug("signUp", e);
return badRequest("One or more profile sections is not a valid JSON object");
} catch (UserAlreadyExistsException e) {
if (BaasBoxLogger.isDebugEnabled()) BaasBoxLogger.debug("signUp", e);
// Return a generic error message if the username is already in use.
return badRequest("Error signing up");
} catch (EmailAlreadyUsedException e) {
// Return a generic error message if the email is already in use.
if (BaasBoxLogger.isDebugEnabled()) BaasBoxLogger.debug("signUp", e);
return badRequest("Error signing up");
} catch (Throwable e) {
BaasBoxLogger.warn("signUp", e);
if (Play.isDev()) return internalServerError(ExceptionUtils.getFullStackTrace(e));
else return internalServerError(ExceptionUtils.getMessage(e));
}
if (BaasBoxLogger.isTraceEnabled()) BaasBoxLogger.trace("Method End");
ImmutableMap<SessionKeys, ? extends Object> sessionObject =
SessionTokenProvider.getSessionTokenProvider().setSession(appcode, username, password);
response()
.setHeader(SessionKeys.TOKEN.toString(), (String) sessionObject.get(SessionKeys.TOKEN));
String result = prepareResponseToJson(profile);
ObjectMapper mapper = new ObjectMapper();
result =
result.substring(0, result.lastIndexOf("}"))
+ ",\""
+ SessionKeys.TOKEN.toString()
+ "\":\""
+ (String) sessionObject.get(SessionKeys.TOKEN)
+ "\"}";
JsonNode jn = mapper.readTree(result);
return created(jn);
}