use of com.google.api.server.spi.response.UnauthorizedException in project cryptonomica by Cryptonomica.
the class OnlineVerificationAPI method getOnlineVerificationByFingerprint.
/* --- Get online verification info by OpenPGP Public Key fingerprint : */
@ApiMethod(name = "getOnlineVerificationByFingerprint", path = "getOnlineVerificationByFingerprint", httpMethod = ApiMethod.HttpMethod.GET)
@SuppressWarnings("unused")
public OnlineVerificationView getOnlineVerificationByFingerprint(final HttpServletRequest httpServletRequest, final User googleUser, @Named("fingerprint") final String fingerprint) throws // see: https://cloud.google.com/appengine/docs/java/endpoints/exceptions
UnauthorizedException, BadRequestException, NotFoundException {
/* --- Check input: */
if (fingerprint == null || fingerprint.equals("") || fingerprint.length() != 40) {
throw new BadRequestException("fingerprint is missing or invalid");
}
PGPPublicKeyData pgpPublicKeyData = ofy().load().type(PGPPublicKeyData.class).filter("fingerprintStr", fingerprint).first().now();
if (pgpPublicKeyData == null) {
throw new NotFoundException("Key with fingerprint " + fingerprint + " not found");
}
/* --- Check authorization: */
// only allowed users can get verification data:
// << registered user
CryptonomicaUser requester = UserTools.ensureCryptonomicaRegisteredUser(googleUser);
LOG.warning(GSON.toJson(requester));
// >>>>>>>>>>>>>>>>>> New OnlineVerifications are created here !!!
// (user first have to request verification to make changes to it)
OnlineVerification onlineVerification = ofy().load().key(Key.create(OnlineVerification.class, fingerprint)).now();
if (onlineVerification == null) {
if (requester.getUserId().equalsIgnoreCase(pgpPublicKeyData.getCryptonomicaUserId())) {
onlineVerification = new OnlineVerification(pgpPublicKeyData);
ofy().save().entity(onlineVerification).now();
} else {
throw new NotFoundException("Online verification data for fingerprint " + fingerprint + " not found");
}
}
if (requester.getUserId().equalsIgnoreCase(pgpPublicKeyData.getCryptonomicaUserId()) || (requester.getCryptonomicaOfficer() != null && requester.getCryptonomicaOfficer()) || // || (requester.getNotary() != null && requester.getNotary()) // TODO: should all notaries have access?
(onlineVerification.getAllowedUsers().contains(requester.getUserId()))) {
LOG.warning("user " + requester.getUserId() + "is allowed to get online verification data for key " + fingerprint);
} else {
throw new UnauthorizedException("you are not allowed to get online verification data for key " + fingerprint);
}
LOG.warning(GSON.toJson(onlineVerification));
ArrayList<VerificationDocument> verificationDocumentArrayList = new ArrayList<>();
int verificationDocumentsListSize = ofy().load().type(VerificationDocument.class).filter("fingerprint", fingerprint).filter("hidden", false).list().size();
LOG.warning("verificationDocumentsListSize: " + verificationDocumentsListSize);
if (verificationDocumentsListSize > 0) {
List<VerificationDocument> verificationDocumentList = ofy().load().type(VerificationDocument.class).filter("fingerprint", fingerprint).filter("hidden", false).list();
verificationDocumentArrayList.addAll(verificationDocumentList);
LOG.warning(GSON.toJson(verificationDocumentArrayList));
}
OnlineVerificationView onlineVerificationView = new OnlineVerificationView(onlineVerification, verificationDocumentArrayList);
LOG.warning("onlineVerificationView:");
LOG.warning(onlineVerificationView.toString());
return onlineVerificationView;
}
use of com.google.api.server.spi.response.UnauthorizedException in project cryptonomica by Cryptonomica.
the class UserTools method ensureCryptonomicaOfficer.
// end of ensureCryptonomicaRegisteredUser method
/* --- Check if user is an IACC officer: */
public static CryptonomicaUser ensureCryptonomicaOfficer(final User googleUser) throws UnauthorizedException {
//
CryptonomicaUser cryptonomicaUser = ensureCryptonomicaRegisteredUser(googleUser);
LOG.warning("cryptonomicaUser.getCryptonomicaOfficer(): " + cryptonomicaUser.getCryptonomicaOfficer());
if (cryptonomicaUser.getCryptonomicaOfficer() == null || !cryptonomicaUser.getCryptonomicaOfficer()) {
throw new UnauthorizedException("You are not a Cryptonomica officer");
}
return cryptonomicaUser;
}
use of com.google.api.server.spi.response.UnauthorizedException in project iosched by google.
the class ReservationsEndpoint method reset.
/**
* Reset reservations in datastore to match those in RTDB. Reservations in RTDB are used
* as the source of truth, corresponding reservations in datastore are updated to match
* those in RTDB. Reservations in RTDB that do not exist in datastore are added to datastore.
* Reservations that exist in datastore and do not exist in RTDB are updated in datastore
* with status DELETED.
*
* Use of this endpoint should be followed by a user data sync.
*
* @param user User making request (injected by Endpoints)
*/
@ApiMethod(name = "reset", path = "reset")
public void reset(User user) throws UnauthorizedException {
if (user == null) {
throw new UnauthorizedException("Invalid credentials");
}
// Add Sync Reservations worker to queue.
Queue queue = QueueFactory.getQueue("SyncReservationsQueue");
TaskOptions taskOptions = TaskOptions.Builder.withUrl("/queue/syncres").method(Method.GET);
queue.add(taskOptions);
}
use of com.google.api.server.spi.response.UnauthorizedException in project iosched by google.
the class CmsUpdateEndpoint method getDataFromCms.
/**
* Retrieve session data from CMS and make it ready for processing.
*
* @param user User making the request (injected by Endpoints)
* @throws UnauthorizedException
* @throws IOException
*/
@ApiMethod(name = "getDataFromCms", path = "topics")
public void getDataFromCms(User user) throws UnauthorizedException, IOException {
if (user == null || !isAllowed(user)) {
throw new UnauthorizedException("Invalid credentials");
}
// everything ok, let's update
StringBuilder summary = new StringBuilder();
JsonObject contents = new JsonObject();
JsonDataSources sources = new VendorDynamicInput().fetchAllDataSources();
for (String entity : sources) {
JsonArray array = new JsonArray();
JsonDataSource source = sources.getSource(entity);
for (JsonObject obj : source) {
array.add(obj);
}
summary.append(entity).append(": ").append(source.size()).append("\n");
contents.add(entity, array);
}
// Fetch new images and set up serving URLs.
new ImageUpdater().run(sources);
// Write file to cloud storage
CloudFileManager fileManager = new CloudFileManager();
fileManager.createOrUpdate("__raw_session_data.json", contents, true);
}
use of com.google.api.server.spi.response.UnauthorizedException in project iosched by google.
the class FcmRegistrationEndpoint method unregister.
/**
* Remove a registration of a user's device. When a user signs out of a client they should
* unregister. This will prevent messages from being sent to the wrong user if multiple users
* are using the same device.
*
* @param deviceId FCM token representing the device.
* @return Result containing a message about the un-registration.
* @throws BadRequestException Thrown when there is no device ID in the request.
*/
@ApiMethod(path = "unregister", httpMethod = HttpMethod.POST)
public void unregister(User user, @Named(PARAMETER_DEVICE_ID) String deviceId) throws BadRequestException, UnauthorizedException, com.google.api.server.spi.response.NotFoundException, ForbiddenException {
// Check to see if deviceId.
if (Strings.isNullOrEmpty(deviceId)) {
// Drop request.
throw new BadRequestException("Invalid request: Request must contain " + PARAMETER_DEVICE_ID);
}
// Check that user making requests is non null.
if (user == null) {
throw new UnauthorizedException("Invalid credentials");
}
try {
Device device = ofy().load().type(Device.class).id(deviceId).safe();
// Check that the user trying to unregister the token is the same one that registered it.
if (!device.getUserId().equals(user.getId())) {
throw new ForbiddenException("Not authorized to unregister token");
}
DeviceStore.unregister(deviceId);
} catch (NotFoundException e) {
throw new com.google.api.server.spi.response.NotFoundException("Device ID: " + deviceId + " not found");
}
}
Aggregations