2 * Copyright 2008, 2009 Electronic Business Systems Ltd.
4 * This file is part of GSS.
6 * GSS is free software: you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation, either version 3 of the License, or
9 * (at your option) any later version.
11 * GSS is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
16 * You should have received a copy of the GNU General Public License
17 * along with GSS. If not, see <http://www.gnu.org/licenses/>.
19 package gr.ebs.gss.server.rest;
21 import static gr.ebs.gss.server.configuration.GSSConfigurationFactory.getConfiguration;
22 import gr.ebs.gss.client.exceptions.InsufficientPermissionsException;
23 import gr.ebs.gss.client.exceptions.ObjectNotFoundException;
24 import gr.ebs.gss.client.exceptions.RpcException;
25 import gr.ebs.gss.server.Login;
26 import gr.ebs.gss.server.domain.User;
27 import gr.ebs.gss.server.domain.dto.StatsDTO;
29 import java.io.IOException;
31 import javax.servlet.http.Cookie;
32 import javax.servlet.http.HttpServletRequest;
33 import javax.servlet.http.HttpServletResponse;
35 import org.apache.commons.logging.Log;
36 import org.apache.commons.logging.LogFactory;
37 import org.json.JSONException;
38 import org.json.JSONObject;
42 * A class that handles operations on the user's root namespace.
46 public class UserHandler extends RequestHandler {
49 * The reset WebDAV password parameter name.
51 protected static final String RESET_WEBDAV_PARAMETER = "resetWebDAV";
56 private static Log logger = LogFactory.getLog(UserHandler.class);
59 * Serve the root namespace for the user.
61 * @param req The servlet request we are processing
62 * @param resp The servlet response we are processing
63 * @throws IOException if an input/output error occurs
65 void serveUser(HttpServletRequest req, HttpServletResponse resp) throws IOException {
66 String parentUrl = getContextPath(req, false);
68 User user = getUser(req);
69 User owner = getOwner(req);
70 if (!owner.equals(user)) {
71 resp.sendError(HttpServletResponse.SC_METHOD_NOT_ALLOWED);
75 JSONObject json = new JSONObject();
77 StatsDTO stats = getService().getUserStatistics(owner.getId());
78 JSONObject statistics = new JSONObject();
79 statistics.put("totalFiles", stats.getFileCount()).put("totalBytes", stats.getFileSize()).
80 put("bytesRemaining", stats.getQuotaLeftSize());
81 json.put("name", owner.getName()).put("firstname", owner.getFirstname()).
82 put("lastname", owner.getLastname()).put("username", owner.getUsername()).
83 put("creationDate", owner.getAuditInfo().getCreationDate().getTime()).
84 put("modificationDate", owner.getAuditInfo().getModificationDate().getTime()).
85 put("email", owner.getEmail()).put("fileroot", parentUrl + PATH_FILES).
86 put("groups", parentUrl + PATH_GROUPS).put("trash", parentUrl + PATH_TRASH).
87 put("shared", parentUrl + PATH_SHARED).put("others", parentUrl + PATH_OTHERS).
88 put("quota", statistics).put("tags", parentUrl + PATH_TAGS);
89 String announcement = getConfiguration().getString("announcement");
90 if(announcement != null && !announcement.isEmpty())
91 json.put("announcement", announcement);
92 } catch (JSONException e) {
94 resp.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
96 } catch (ObjectNotFoundException e) {
97 resp.sendError(HttpServletResponse.SC_NOT_FOUND, e.getMessage());
99 } catch (RpcException e) {
101 resp.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
105 sendJson(req, resp, json.toString());
110 * Handle POST requests in the users namespace.
112 * @param req The servlet request we are processing
113 * @param resp The servlet response we are processing
114 * @throws IOException if an input/output error occurs
116 void postUser(HttpServletRequest req, HttpServletResponse resp) throws IOException {
118 User user = getUser(req);
119 User owner = getOwner(req);
120 if (!owner.equals(user))
121 throw new InsufficientPermissionsException("User " + user.getUsername()
122 + " does not have permission to modify "
123 + owner.getUsername());
124 boolean hasResetWebDAVParam = req.getParameterMap().containsKey(RESET_WEBDAV_PARAMETER);
125 if (hasResetWebDAVParam) {
126 String newPassword = getService().resetWebDAVPassword(user.getId());
127 // Set the cookie again to send new value
128 Cookie cookie = new Cookie(Login.WEBDAV_COOKIE, newPassword);
129 cookie.setMaxAge(-1);
130 String domain = req.getRemoteHost();
131 String path = req.getContextPath();
132 cookie.setDomain(domain);
133 cookie.setPath(path);
134 resp.addCookie(cookie);
136 // Workaround for IE's broken caching behavior.
137 resp.setHeader("Expires", "-1");
138 } catch (ObjectNotFoundException e) {
139 resp.sendError(HttpServletResponse.SC_NOT_FOUND, e.getMessage());
140 } catch (RpcException e) {
142 resp.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
143 } catch (InsufficientPermissionsException e) {
144 resp.sendError(HttpServletResponse.SC_METHOD_NOT_ALLOWED, e.getMessage());