2 * Copyright 2008, 2009 Electronic Business Systems Ltd.
4 * This file is part of GSS.
6 * GSS is free software: you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation, either version 3 of the License, or
9 * (at your option) any later version.
11 * GSS is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
16 * You should have received a copy of the GNU General Public License
17 * along with GSS. If not, see <http://www.gnu.org/licenses/>.
19 package gr.ebs.gss.server.rest;
21 import static gr.ebs.gss.server.configuration.GSSConfigurationFactory.getConfiguration;
22 import gr.ebs.gss.client.exceptions.InsufficientPermissionsException;
23 import gr.ebs.gss.client.exceptions.ObjectNotFoundException;
24 import gr.ebs.gss.client.exceptions.RpcException;
25 import gr.ebs.gss.server.Login;
26 import gr.ebs.gss.server.domain.User;
27 import gr.ebs.gss.server.domain.UserLogin;
28 import gr.ebs.gss.server.domain.dto.StatsDTO;
29 import gr.ebs.gss.server.ejb.TransactionHelper;
31 import java.io.IOException;
32 import java.util.Date;
33 import java.util.List;
34 import java.util.concurrent.Callable;
36 import javax.servlet.http.Cookie;
37 import javax.servlet.http.HttpServletRequest;
38 import javax.servlet.http.HttpServletResponse;
40 import org.apache.commons.logging.Log;
41 import org.apache.commons.logging.LogFactory;
42 import org.json.JSONException;
43 import org.json.JSONObject;
47 * A class that handles operations on the user's root namespace.
51 public class UserHandler extends RequestHandler {
54 * The reset WebDAV password parameter name.
56 protected static final String RESET_WEBDAV_PARAMETER = "resetWebDAV";
61 private static Log logger = LogFactory.getLog(UserHandler.class);
64 * Serve the root namespace for the user.
66 * @param req The servlet request we are processing
67 * @param resp The servlet response we are processing
68 * @throws IOException if an input/output error occurs
70 void serveUser(HttpServletRequest req, HttpServletResponse resp) throws IOException {
71 String parentUrl = getContextPath(req, false);
73 User user = getUser(req);
74 User owner = getOwner(req);
75 if (!owner.equals(user)) {
76 resp.sendError(HttpServletResponse.SC_METHOD_NOT_ALLOWED);
80 JSONObject json = new JSONObject();
82 StatsDTO stats = getService().getUserStatistics(owner.getId());
83 JSONObject statistics = new JSONObject();
84 statistics.put("totalFiles", stats.getFileCount()).put("totalBytes", stats.getFileSize()).
85 put("bytesRemaining", stats.getQuotaLeftSize());
86 json.put("name", owner.getName()).put("firstname", owner.getFirstname()).
87 put("lastname", owner.getLastname()).put("username", owner.getUsername()).
88 put("creationDate", owner.getAuditInfo().getCreationDate().getTime()).
89 put("modificationDate", owner.getAuditInfo().getModificationDate().getTime()).
90 put("email", owner.getEmail()).put("fileroot", parentUrl + PATH_FILES).
91 put("groups", parentUrl + PATH_GROUPS).put("trash", parentUrl + PATH_TRASH).
92 put("shared", parentUrl + PATH_SHARED).put("others", parentUrl + PATH_OTHERS).
93 put("quota", statistics).put("tags", parentUrl + PATH_TAGS);
94 String announcement = getConfiguration().getString("announcement");
95 if (announcement != null && !announcement.isEmpty())
96 json.put("announcement", announcement);
97 List<UserLogin> userLogins = getService().getLastUserLogins(owner.getId());
98 UserLogin currentLogin = userLogins.get(0);
99 Date currentLoginDate = currentLogin.getLoginDate();
100 UserLogin lastLogin = userLogins.get(1);
101 Date lastLoginDate = lastLogin.getLoginDate();
102 json.put("lastLogin", lastLoginDate.getTime())
103 .put("currentLogin", currentLoginDate.getTime());
104 } catch (JSONException e) {
106 resp.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
108 } catch (ObjectNotFoundException e) {
109 resp.sendError(HttpServletResponse.SC_NOT_FOUND, e.getMessage());
111 } catch (RpcException e) {
113 resp.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
117 sendJson(req, resp, json.toString());
122 * Handle POST requests in the users namespace.
124 * @param req The servlet request we are processing
125 * @param resp The servlet response we are processing
126 * @throws IOException if an input/output error occurs
128 void postUser(HttpServletRequest req, HttpServletResponse resp) throws IOException {
130 final User user = getUser(req);
131 User owner = getOwner(req);
132 if (!owner.equals(user))
133 throw new InsufficientPermissionsException("User " + user.getUsername()
134 + " does not have permission to modify "
135 + owner.getUsername());
136 boolean hasResetWebDAVParam = req.getParameterMap().containsKey(RESET_WEBDAV_PARAMETER);
137 if (hasResetWebDAVParam) {
138 String newPassword = new TransactionHelper<String>().tryExecute(new Callable<String>() {
140 public String call() throws Exception {
141 return getService().resetWebDAVPassword(user.getId());
145 // Set the cookie again to send new value
146 Cookie cookie = new Cookie(Login.WEBDAV_COOKIE, newPassword);
147 cookie.setMaxAge(-1);
148 String domain = req.getRemoteHost();
149 String path = req.getContextPath();
150 cookie.setDomain(domain);
151 cookie.setPath(path);
152 resp.addCookie(cookie);
154 // Workaround for IE's broken caching behavior.
155 resp.setHeader("Expires", "-1");
156 } catch (ObjectNotFoundException e) {
157 resp.sendError(HttpServletResponse.SC_NOT_FOUND, e.getMessage());
158 } catch (RpcException e) {
160 resp.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
161 } catch (InsufficientPermissionsException e) {
162 resp.sendError(HttpServletResponse.SC_METHOD_NOT_ALLOWED, e.getMessage());
163 } catch (Exception e) {
165 resp.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);