Example 26 with InsufficientAccessException
use of com.pratilipi.common.exception.InsufficientAccessException in project pratilipi by Pratilipi.
the class AccessTokenFilter method dispatchResponse.
// Ref: GenericApi.dispatchApiResponse
private void dispatchResponse(HttpServletResponse response, Throwable ex) throws IOException {
response.setCharacterEncoding("UTF-8");
PrintWriter writer = response.getWriter();
if (ex instanceof InvalidArgumentException)
response.setStatus(HttpServletResponse.SC_BAD_REQUEST);
else if (ex instanceof InsufficientAccessException)
response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
else if (ex instanceof UnexpectedServerException)
response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
else
response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
writer.println(ex.getMessage());
writer.close();
}
Also used :
InvalidArgumentException(com.pratilipi.common.exception.InvalidArgumentException)
UnexpectedServerException(com.pratilipi.common.exception.UnexpectedServerException)
InsufficientAccessException(com.pratilipi.common.exception.InsufficientAccessException)
PrintWriter(java.io.PrintWriter)
Example 27 with InsufficientAccessException
use of com.pratilipi.common.exception.InsufficientAccessException in project pratilipi by Pratilipi.
the class UserDataUtil method sendEmailVerificationMail.
public static void sendEmailVerificationMail(String emailId, Language language) throws InvalidArgumentException, InsufficientAccessException, UnexpectedServerException {
Long userId = AccessTokenFilter.getAccessToken().getUserId();
if (userId.equals(0L))
throw new InsufficientAccessException();
DataAccessor dataAccessor = DataAccessorFactory.getDataAccessor();
User user = dataAccessor.getUserByEmail(emailId.trim().toLowerCase());
if (user == null || !user.getId().equals(userId))
throw new InvalidArgumentException(GenericRequest.ERR_EMAIL_NOT_REGISTERED);
_sendEmailVerificationMail(user, language);
}
Also used :
User(com.pratilipi.data.type.User)
InvalidArgumentException(com.pratilipi.common.exception.InvalidArgumentException)
DataAccessor(com.pratilipi.data.DataAccessor)
InsufficientAccessException(com.pratilipi.common.exception.InsufficientAccessException)
Example 28 with InsufficientAccessException
use of com.pratilipi.common.exception.InsufficientAccessException in project pratilipi by Pratilipi.
the class UserPratilipiDataUtil method saveUserPratilipiReview.
public static UserPratilipiData saveUserPratilipiReview(Long userId, Long pratilipiId, Integer rating, String review, UserReviewState reviewState) throws InsufficientAccessException, UnexpectedServerException {
DataAccessor dataAccessor = DataAccessorFactory.getDataAccessor();
UserPratilipi userPratilipi = dataAccessor.getUserPratilipi(userId, pratilipiId);
if (userPratilipi == null) {
userPratilipi = dataAccessor.newUserPratilipi();
userPratilipi.setUserId(userId);
userPratilipi.setPratilipiId(pratilipiId);
}
if (!hasAccessToUpdateUserPratilipiData(userPratilipi, AccessType.USER_PRATILIPI_REVIEW))
throw new InsufficientAccessException();
AuditLog auditLog = dataAccessor.newAuditLog(AccessTokenFilter.getAccessToken(), AccessType.USER_PRATILIPI_REVIEW, userPratilipi);
if (rating != null && !rating.equals(userPratilipi.getRating()) && !(rating == 0 && userPratilipi.getRating() == null)) {
userPratilipi.setRating(rating);
userPratilipi.setRatingDate(new Date());
}
if (review != null) {
userPratilipi.setReviewTitle(null);
userPratilipi.setReview(review);
if (userPratilipi.getReviewState() != UserReviewState.PUBLISHED) {
// NOTE: As review comment and likes are counted only if they
// were created after review date, do NOT update reviewDate if
// review is already published.
userPratilipi.setReviewState(UserReviewState.PUBLISHED);
userPratilipi.setReviewDate(new Date());
}
}
// review is already published.
if (reviewState != null && reviewState != userPratilipi.getReviewState()) {
userPratilipi.setReviewState(reviewState);
userPratilipi.setReviewDate(new Date());
}
userPratilipi = dataAccessor.createOrUpdateUserPratilipi(userPratilipi, auditLog);
return createUserPratilipiData(userPratilipi);
}
Also used :
UserPratilipi(com.pratilipi.data.type.UserPratilipi)
DataAccessor(com.pratilipi.data.DataAccessor)
InsufficientAccessException(com.pratilipi.common.exception.InsufficientAccessException)
AuditLog(com.pratilipi.data.type.AuditLog)
Date(java.util.Date)
Example 29 with InsufficientAccessException
use of com.pratilipi.common.exception.InsufficientAccessException in project pratilipi by Pratilipi.
the class AccessTokenFilter method doFilter.
@Override
public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain) throws IOException, ServletException {
DataAccessor dataAccessor = DataAccessorFactory.getDataAccessor();
HttpServletRequest request = (HttpServletRequest) req;
HttpServletResponse response = (HttpServletResponse) resp;
String requestUri = request.getRequestURI();
String userAgent = request.getHeader("user-agent");
String accessTokenId = request.getParameter(RequestParameter.ACCESS_TOKEN.getName());
accessTokenId = accessTokenId == null ? null : accessTokenId.trim();
AccessToken accessToken;
if (requestUri.equals("/remote_api") || (userAgent != null && userAgent.equals("Amazon CloudFront"))) {
accessToken = null;
} else if (autoGenerate) {
// Used by gamma, default & api modules.
String accessTokenCookie = getCookieValue(RequestCookie.ACCESS_TOKEN.getName(), request);
if ((accessTokenId == null || accessTokenId.isEmpty()) && (accessTokenCookie == null || accessTokenCookie.isEmpty())) {
accessToken = AccessTokenDataUtil.newUserAccessToken(request);
} else {
accessToken = accessTokenId != null && !accessTokenId.isEmpty() ? dataAccessor.getAccessToken(accessTokenId) : dataAccessor.getAccessToken(accessTokenCookie);
if (accessToken == null || accessToken.isExpired()) {
accessToken = AccessTokenDataUtil.newUserAccessToken(request);
} else if (accessToken.getExpiry().getTime() < new Date().getTime() + AccessTokenDataUtil.MIN_EXPIRY_MILLIS) {
accessToken.setExpiry(new Date(new Date().getTime() + AccessTokenDataUtil.MAX_EXPIRY_MILLIS));
accessToken = dataAccessor.createOrUpdateAccessToken(accessToken);
}
}
if (!accessToken.getId().equals(accessTokenCookie)) {
accessTokenId = accessToken.getId();
setCookieValue(RequestCookie.ACCESS_TOKEN.getName(), accessTokenId, 30, response);
}
} else if (isWorker) {
// Used by worker module.
accessTokenId = dataAccessor.getAppProperty(AppProperty.WORKER_ACCESS_TOKEN_ID).getValue();
accessToken = dataAccessor.getAccessToken(accessTokenId);
} else if (requestUri.equals("/user/accesstoken")) {
// Used by gamma-android & android module.
accessToken = AccessTokenDataUtil.newUserAccessToken(request);
dispatchResponse(response, new UserAccessTokenApi.Response(accessToken.getId(), accessToken.getExpiry()));
return;
} else {
// TODO: Consider only header. Ignore accessToken from request param.
if (accessTokenId == null || accessTokenId.isEmpty()) {
accessTokenId = request.getHeader(RequestHeader.ACCESS_TOKEN.getName());
accessTokenId = accessTokenId == null ? null : accessTokenId.trim();
}
if (accessTokenId == null || accessTokenId.isEmpty()) {
dispatchResponse(response, new InvalidArgumentException("Access Token is missing."));
return;
} else if ((accessToken = dataAccessor.getAccessToken(accessTokenId)) == null) {
dispatchResponse(response, new InvalidArgumentException("Access Token is invalid."));
return;
} else if (accessToken.isExpired()) {
dispatchResponse(response, new InsufficientAccessException("Access Token is expired."));
return;
} else if (accessToken.getExpiry().getTime() < new Date().getTime() + AccessTokenDataUtil.MIN_EXPIRY_MILLIS) {
accessToken.setExpiry(new Date(new Date().getTime() + AccessTokenDataUtil.MAX_EXPIRY_MILLIS));
accessToken = dataAccessor.createOrUpdateAccessToken(accessToken);
}
}
threadLocalAccessToken.set(accessToken);
chain.doFilter(request, response);
threadLocalAccessToken.remove();
}
Also used :
HttpServletRequest(javax.servlet.http.HttpServletRequest)
HttpServletResponse(javax.servlet.http.HttpServletResponse)
ServletResponse(javax.servlet.ServletResponse)
InvalidArgumentException(com.pratilipi.common.exception.InvalidArgumentException)
DataAccessor(com.pratilipi.data.DataAccessor)
AccessToken(com.pratilipi.data.type.AccessToken)
HttpServletResponse(javax.servlet.http.HttpServletResponse)
InsufficientAccessException(com.pratilipi.common.exception.InsufficientAccessException)
Date(java.util.Date)
Example 30 with InsufficientAccessException
use of com.pratilipi.common.exception.InsufficientAccessException in project pratilipi by Pratilipi.
the class UserDataUtil method saveUserData.
public static UserData saveUserData(UserData userData) throws InvalidArgumentException, InsufficientAccessException {
_validateUserDataForSave(userData);
boolean isNew = userData.getId() == null;
DataAccessor dataAccessor = DataAccessorFactory.getDataAccessor();
User user = isNew ? dataAccessor.newUser() : dataAccessor.getUser(userData.getId());
if (isNew && !hasAccessToAddUserData(userData))
throw new InsufficientAccessException();
if (!isNew && !hasAccessToUpdateUserData(user, userData))
throw new InsufficientAccessException();
AuditLog auditLog = dataAccessor.newAuditLog(AccessTokenFilter.getAccessToken(), isNew ? AccessType.USER_ADD : AccessType.USER_UPDATE, user);
if (userData.hasEmail() && !userData.getEmail().equals(user.getEmail())) {
user.setEmail(userData.getEmail());
if (user.getState() == UserState.ACTIVE)
user.setState(UserState.REGISTERED);
user.setVerificationToken(null);
}
if (userData.hasPhone())
user.setPhone(userData.getPhone());
if (userData.hasLanguage())
user.setLanguage(userData.getLanguage());
if (isNew) {
// Assuming only AEEs have USER_ADD access.
user.setState(UserState.REFERRAL);
user.setCampaign(UserCampaign.AEE_TEAM);
user.setReferrer(AccessTokenFilter.getAccessToken().getUserId().toString());
user.setSignUpDate(new Date());
user.setSignUpSource(getUserSignUpSource(false, false));
}
user.setLastUpdated(new Date());
user = dataAccessor.createOrUpdateUser(user, auditLog);
if (isNew) {
String firstName = userData.getFirstName();
String lastName = userData.getLastName();
userData = createUserData(user, null);
userData.setFirstName(firstName);
userData.setLastName(lastName);
} else {
userData = createUserData(user);
}
return userData;
}
Also used :
User(com.pratilipi.data.type.User)
DataAccessor(com.pratilipi.data.DataAccessor)
InsufficientAccessException(com.pratilipi.common.exception.InsufficientAccessException)
AuditLog(com.pratilipi.data.type.AuditLog)
Date(java.util.Date)
Aggregations
InsufficientAccessException (com.pratilipi.common.exception.InsufficientAccessException)48
DataAccessor (com.pratilipi.data.DataAccessor)37
Date (java.util.Date)21
AuditLog (com.pratilipi.data.type.AuditLog)19
UserPratilipi (com.pratilipi.data.type.UserPratilipi)18
Pratilipi (com.pratilipi.data.type.Pratilipi)14
InvalidArgumentException (com.pratilipi.common.exception.InvalidArgumentException)11
BlobAccessor (com.pratilipi.data.BlobAccessor)7
DocAccessor (com.pratilipi.data.DocAccessor)7
PratilipiContentDoc (com.pratilipi.data.type.PratilipiContentDoc)7
JsonObject (com.google.gson.JsonObject)5
GenericResponse (com.pratilipi.api.shared.GenericResponse)5
UnexpectedServerException (com.pratilipi.common.exception.UnexpectedServerException)5
AccessToken (com.pratilipi.data.type.AccessToken)5
Author (com.pratilipi.data.type.Author)5
Gson (com.google.gson.Gson)4
UserData (com.pratilipi.data.client.UserData)4
Chapter (com.pratilipi.data.type.PratilipiContentDoc.Chapter)4
User (com.pratilipi.data.type.User)4
HashMap (java.util.HashMap)4
