use of com.sanction.thunder.dao.DatabaseException in project thunder by RohanNagar.
the class UserResource method updateUser.
/**
* Updates a PilotUser in the database.
*
* @param key The basic authentication key necessary to access the resource.
* @param password The password of the user to update. This should be the current password
* before any updates are made. Used to verify the ability to edit the user.
* @param existingEmail The existing email for the user. This can be {@code null} if the email
* will stay the same. It must be present if the email is to be changed.
* @param user The PilotUser object with updated properties.
* @return The pilotUser that was updated in the database.
*/
@PUT
public Response updateUser(@Auth Key key, @HeaderParam("password") String password, @QueryParam("email") String existingEmail, PilotUser user) {
updateRequests.mark();
if (user == null) {
LOG.warn("Attempted to update a null user.");
return Response.status(Response.Status.BAD_REQUEST).entity("Cannot put a null user.").build();
}
if (user.getEmail() == null) {
LOG.warn("Attempted to update user without an email object.");
return Response.status(Response.Status.BAD_REQUEST).entity("Cannot post a user without an email address.").build();
}
// Get the current email address for the user
String email = existingEmail != null ? existingEmail : user.getEmail().getAddress();
LOG.info("Attempting to update existing user with email address {}.", email);
if (!isValidEmail(user.getEmail().getAddress())) {
LOG.error("The new email address is invalid: {}", user.getEmail());
return Response.status(Response.Status.BAD_REQUEST).entity("Invalid email address format. Please try again.").build();
}
if (password == null || password.isEmpty()) {
LOG.warn("Attempted to update user {} without a password.", email);
return Response.status(Response.Status.BAD_REQUEST).entity("Incorrect or missing header credentials.").build();
}
PilotUser foundUser;
try {
foundUser = usersDao.findByEmail(email);
} catch (DatabaseException e) {
LOG.error("Error retrieving user {} in database. Caused by: {}", email, e.getErrorKind());
return e.getErrorKind().buildResponse(email);
}
// Check that the password is correct for the user to update
if (!foundUser.getPassword().equals(password)) {
LOG.error("The password for user {} was incorrect.", email);
return Response.status(Response.Status.UNAUTHORIZED).entity("Unable to validate user with provided credentials.").build();
}
PilotUser result;
try {
result = usersDao.update(existingEmail, user);
} catch (DatabaseException e) {
LOG.error("Error updating user {} in database. Caused by: {}", email, e.getErrorKind());
return e.getErrorKind().buildResponse(email);
}
LOG.info("Successfully updated user {}.", email);
return Response.ok(result).build();
}
use of com.sanction.thunder.dao.DatabaseException in project thunder by RohanNagar.
the class UserResource method getUser.
/**
* Retrieves a PilotUser from the database.
*
* @param key The basic authentication key necessary to access the resource.
* @param password The password of the user to fetch. Used to verify authentication.
* @param email The email of the user to retrieve.
* @return The pilotUser that was found in the database.
*/
@GET
public Response getUser(@Auth Key key, @HeaderParam("password") String password, @QueryParam("email") String email) {
getRequests.mark();
if (email == null || email.isEmpty()) {
LOG.warn("Attempted to get a null user.");
return Response.status(Response.Status.BAD_REQUEST).entity("Incorrect or missing email query parameter.").build();
}
if (password == null || password.isEmpty()) {
LOG.warn("Attempted to get user {} without a password", email);
return Response.status(Response.Status.BAD_REQUEST).entity("Incorrect or missing header credentials.").build();
}
LOG.info("Attempting to get user {}.", email);
PilotUser user;
try {
user = usersDao.findByEmail(email);
} catch (DatabaseException e) {
LOG.error("Error retrieving user {} in database. Caused by: {}", email, e.getErrorKind());
return e.getErrorKind().buildResponse(email);
}
// Check that the password is correct for the user that was requested
if (!user.getPassword().equals(password)) {
LOG.error("The password for user {} was incorrect.", email);
return Response.status(Response.Status.UNAUTHORIZED).entity("Unable to validate user with provided credentials.").build();
}
LOG.info("Successfully retrieved user {}.", email);
return Response.ok(user).build();
}
use of com.sanction.thunder.dao.DatabaseException in project thunder by RohanNagar.
the class VerificationResource method createVerificationEmail.
/**
* Validates a user account by sending an email with a unique token.
*
* @param key The basic authentication key necessary to access the resource.
* @param email The email to send a unique token to.
* @return A response status and message.
*/
@POST
public Response createVerificationEmail(@Auth Key key, @QueryParam("email") String email, @HeaderParam("password") String password) {
verifyUserRequests.mark();
if (email == null || email.isEmpty()) {
LOG.warn("Attempted user verification without an email.");
return Response.status(Response.Status.BAD_REQUEST).entity("Incorrect or missing email query parameter.").build();
}
if (password == null || password.isEmpty()) {
LOG.warn("Attempted to verify user {} without a password.", email);
return Response.status(Response.Status.BAD_REQUEST).entity("Incorrect or missing header credentials.").build();
}
LOG.info("Attempting to send verification email to user {}", email);
// Get the existing PilotUser
PilotUser user;
try {
user = usersDao.findByEmail(email);
} catch (DatabaseException e) {
LOG.error("Error retrieving user {} in database. Caused by: {}", email, e.getErrorKind());
return e.getErrorKind().buildResponse(email);
}
// Generate the unique verification token
String token = generateVerificationToken();
// Update the user's verification token
PilotUser updatedUser = new PilotUser(new Email(user.getEmail().getAddress(), false, token), user.getPassword(), user.getFacebookAccessToken(), user.getTwitterAccessToken(), user.getTwitterAccessSecret());
PilotUser result;
try {
result = usersDao.update(user.getEmail().getAddress(), updatedUser);
} catch (DatabaseException e) {
LOG.error("Error posting user {} to the database. Caused by {}", user.getEmail(), e.getErrorKind());
return e.getErrorKind().buildResponse(user.getEmail().getAddress());
}
// Send the token URL to the users email
boolean emailResult = emailService.sendEmail(result.getEmail(), "Account Verification", new StringJoiner("\n").add("<h1> Welcome to Pilot! </h1>").add("<p> Click the below link to verify your account. </p>").add(String.format("<a href=\"http://thunder.sanctionco.com/verify" + "?email=%s&token=%s&response_type=html\">Click here to verify your account!</a>", result.getEmail().getAddress(), token)).toString(), new StringJoiner("\n").add("Visit the below address to verify your account.").add(String.format("http://thunder.sanctionco.com/verify?email=%s&token=%s&response_type=html", result.getEmail().getAddress(), token)).toString());
if (!emailResult) {
LOG.error("Error sending email to address {}", result.getEmail().getAddress());
return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity("An error occurred while attempting to send an email.").build();
}
LOG.info("Successfully sent verification email to user {}.", email);
return Response.ok(result).build();
}
use of com.sanction.thunder.dao.DatabaseException in project thunder by RohanNagar.
the class VerificationResource method verifyEmail.
/**
* Verifies the provided email, setting it as valid in the database.
*
* @param email The email to verify in the database.
* @param token The verification token associated with the user.
* @param responseType The type of object to respond with. Either JSON or HTML.
* @return A response status and message.
*/
@GET
public Response verifyEmail(@QueryParam("email") String email, @QueryParam("token") String token, @QueryParam("response_type") @DefaultValue("json") ResponseType responseType) {
verifyEmailRequests.mark();
if (email == null || email.isEmpty()) {
LOG.warn("Attempted email verification without an email.");
return Response.status(Response.Status.BAD_REQUEST).entity("Incorrect or missing email query parameter.").build();
}
if (token == null || token.isEmpty()) {
LOG.warn("Attempted email verification without a token");
return Response.status(Response.Status.BAD_REQUEST).entity("Incorrect or missing verification token query parameter.").build();
}
LOG.info("Attempting to verify email {}", email);
PilotUser user;
try {
user = usersDao.findByEmail(email);
} catch (DatabaseException e) {
LOG.error("Error retrieving email {} in database. Caused by: {}", email, e.getErrorKind());
return e.getErrorKind().buildResponse(email);
}
String verificationToken = user.getEmail().getVerificationToken();
if (verificationToken == null || verificationToken.isEmpty()) {
LOG.warn("Tried to read null or empty verification token");
return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity("Bad value found for user verification token.").build();
}
if (!token.equals(verificationToken)) {
LOG.warn("User provided verification token does not match database verification token.");
return Response.status(Response.Status.BAD_REQUEST).entity("Incorrect verification token.").build();
}
// Create the verified pilot user
PilotUser updatedUser = new PilotUser(new Email(user.getEmail().getAddress(), true, user.getEmail().getVerificationToken()), user.getPassword(), user.getFacebookAccessToken(), user.getTwitterAccessToken(), user.getFacebookAccessToken());
try {
usersDao.update(user.getEmail().getAddress(), updatedUser);
} catch (DatabaseException e) {
LOG.error("Error verifying email {} in database. Caused by: {}", email, e.getErrorKind());
return e.getErrorKind().buildResponse(email);
}
LOG.info("Successfully verified email {}.", email);
if (responseType.equals(ResponseType.JSON)) {
LOG.info("Returning JSON in the response.");
return Response.ok(updatedUser).build();
}
LOG.info("Redirecting to /verify/success in order to return HTML.");
URI uri = UriBuilder.fromUri("/verify/success").build();
return Response.seeOther(uri).build();
}
use of com.sanction.thunder.dao.DatabaseException in project thunder by RohanNagar.
the class UserResourceTest method testUpdateUserNotFound.
@Test
public void testUpdateUserNotFound() {
when(usersDao.findByEmail(email.getAddress())).thenReturn(user);
when(usersDao.update(null, updatedUser)).thenThrow(new DatabaseException(DatabaseError.USER_NOT_FOUND));
Response response = resource.updateUser(key, "password", null, updatedUser);
assertEquals(Response.Status.NOT_FOUND, response.getStatusInfo());
}
Aggregations