Example 6 with ApplicationObject
use of org.cerberus.crud.entity.ApplicationObject in project cerberus-source by cerberustesting.
the class UpdateApplicationObject method processRequest.
/**
* Processes requests for both HTTP <code>GET</code> and <code>POST</code>
* methods.
*
* @param request servlet request
* @param response servlet response
* @throws ServletException if a servlet-specific error occurs
* @throws IOException if an I/O error occurs
*/
protected void processRequest(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException, CerberusException, JSONException {
JSONObject jsonResponse = new JSONObject();
ApplicationContext appContext = WebApplicationContextUtils.getWebApplicationContext(this.getServletContext());
Answer ans = new Answer();
MessageEvent msg = new MessageEvent(MessageEventEnum.DATA_OPERATION_ERROR_UNEXPECTED);
msg.setDescription(msg.getDescription().replace("%DESCRIPTION%", ""));
ans.setResultMessage(msg);
String charset = request.getCharacterEncoding();
response.setContentType("application/json");
// Calling Servlet Transversal Util.
ServletUtil.servletStart(request);
Map<String, String> fileData = new HashMap<String, String>();
FileItem file = null;
FileItemFactory factory = new DiskFileItemFactory();
ServletFileUpload upload = new ServletFileUpload(factory);
try {
List<FileItem> fields = upload.parseRequest(request);
Iterator<FileItem> it = fields.iterator();
if (!it.hasNext()) {
return;
}
while (it.hasNext()) {
FileItem fileItem = it.next();
boolean isFormField = fileItem.isFormField();
if (isFormField) {
fileData.put(fileItem.getFieldName(), fileItem.getString("UTF-8"));
} else {
file = fileItem;
}
}
} catch (FileUploadException e) {
e.printStackTrace();
}
/**
* Parsing and securing all required parameters.
*/
// Parameter that are already controled by GUI (no need to decode) --> We SECURE them
// Parameter that needs to be secured --> We SECURE+DECODE them
String application = ParameterParserUtil.parseStringParamAndDecode(fileData.get("application"), null, charset);
String object = ParameterParserUtil.parseStringParamAndDecode(fileData.get("object"), null, charset);
String value = ParameterParserUtil.parseStringParam(fileData.get("value"), null);
String usrmodif = ParameterParserUtil.parseStringParamAndDecodeAndSanitize(request.getRemoteUser(), "", charset);
String datemodif = new Timestamp(new java.util.Date().getTime()).toString();
// Parameter that we cannot secure as we need the html --> We DECODE them
// Getting list of application from JSON Call
// Prepare the final answer.
MessageEvent msg1 = new MessageEvent(MessageEventEnum.GENERIC_OK);
Answer finalAnswer = new Answer(msg1);
/**
* Checking all constrains before calling the services.
*/
if (StringUtil.isNullOrEmpty(application)) {
msg = new MessageEvent(MessageEventEnum.DATA_OPERATION_ERROR_EXPECTED);
msg.setDescription(msg.getDescription().replace("%ITEM%", "ApplicationObject").replace("%OPERATION%", "Update").replace("%REASON%", "Application name (applicationobject) is missing."));
ans.setResultMessage(msg);
} else if (StringUtil.isNullOrEmpty(object)) {
msg = new MessageEvent(MessageEventEnum.DATA_OPERATION_ERROR_EXPECTED);
msg.setDescription(msg.getDescription().replace("%ITEM%", "ApplicationObject").replace("%OPERATION%", "Update").replace("%REASON%", "Object name (applicationobject) is missing."));
ans.setResultMessage(msg);
} else {
/**
* All data seems cleans so we can call the services.
*/
IApplicationObjectService applicationObjectService = appContext.getBean(IApplicationObjectService.class);
AnswerItem resp = applicationObjectService.readByKey(application, object);
if (!(resp.isCodeEquals(MessageEventEnum.DATA_OPERATION_OK.getCode()) && resp.getItem() != null)) {
/**
* Object could not be found. We stop here and report the error.
*/
finalAnswer = AnswerUtil.agregateAnswer(finalAnswer, (Answer) resp);
} else {
/**
* The service was able to perform the query and confirm the
* object exist, then we can update it.
*/
ApplicationObject applicationData = (ApplicationObject) resp.getItem();
String fileName = applicationData.getScreenShotFileName();
if (file != null) {
ans = applicationObjectService.uploadFile(applicationData.getID(), file);
if (ans.isCodeEquals(MessageEventEnum.DATA_OPERATION_OK.getCode())) {
fileName = file.getName();
}
}
applicationData.setValue(value);
applicationData.setScreenShotFileName(fileName);
applicationData.setUsrModif(usrmodif);
applicationData.setDateModif(datemodif);
ans = applicationObjectService.update(applicationData.getApplication(), applicationData.getObject(), applicationData);
finalAnswer = AnswerUtil.agregateAnswer(finalAnswer, (Answer) ans);
if (ans.isCodeEquals(MessageEventEnum.DATA_OPERATION_OK.getCode())) {
/**
* Update was successful. Adding Log entry.
*/
ILogEventService logEventService = appContext.getBean(LogEventService.class);
logEventService.createForPrivateCalls("/UpdateApplication", "UPDATE", "Updated Application : ['" + application + "']", request);
}
finalAnswer = AnswerUtil.agregateAnswer(finalAnswer, (Answer) ans);
}
}
/**
* Formating and returning the json result.
*/
jsonResponse.put("messageType", finalAnswer.getResultMessage().getMessage().getCodeString());
jsonResponse.put("message", finalAnswer.getResultMessage().getDescription());
response.getWriter().print(jsonResponse);
response.getWriter().flush();
}
Also used :
MessageEvent(org.cerberus.engine.entity.MessageEvent)
ApplicationObject(org.cerberus.crud.entity.ApplicationObject)
ILogEventService(org.cerberus.crud.service.ILogEventService)
LogEventService(org.cerberus.crud.service.impl.LogEventService)
IApplicationObjectService(org.cerberus.crud.service.IApplicationObjectService)
DiskFileItemFactory(org.apache.commons.fileupload.disk.DiskFileItemFactory)
Timestamp(java.sql.Timestamp)
AnswerItem(org.cerberus.util.answer.AnswerItem)
FileItemFactory(org.apache.commons.fileupload.FileItemFactory)
DiskFileItemFactory(org.apache.commons.fileupload.disk.DiskFileItemFactory)
Answer(org.cerberus.util.answer.Answer)
FileItem(org.apache.commons.fileupload.FileItem)
ApplicationContext(org.springframework.context.ApplicationContext)
ServletFileUpload(org.apache.commons.fileupload.servlet.ServletFileUpload)
JSONObject(org.json.JSONObject)
java.util(java.util)
ILogEventService(org.cerberus.crud.service.ILogEventService)
FileUploadException(org.apache.commons.fileupload.FileUploadException)
Example 7 with ApplicationObject
use of org.cerberus.crud.entity.ApplicationObject in project cerberus-source by cerberustesting.
the class ReadApplicationObject method findApplicationObject.
private AnswerItem findApplicationObject(int id, ApplicationContext appContext, boolean userHasPermissions, HttpServletRequest request) throws JSONException {
AnswerItem item = new AnswerItem();
JSONObject object = new JSONObject();
applicationObjectService = appContext.getBean(IApplicationObjectService.class);
AnswerItem resp = applicationObjectService.readByKeyTech(id);
JSONObject jsonObject = new JSONObject();
if (resp.isCodeEquals(MessageEventEnum.DATA_OPERATION_OK.getCode())) {
// the service was able to perform the query, then we should get all values
jsonObject = convertApplicationObjectToJSONObject((ApplicationObject) resp.getItem());
}
object.put("hasPermissions", userHasPermissions);
object.put("contentTable", jsonObject);
item.setItem(object);
item.setResultMessage(resp.getResultMessage());
return item;
}
Also used :
JSONObject(org.json.JSONObject)
ApplicationObject(org.cerberus.crud.entity.ApplicationObject)
IApplicationObjectService(org.cerberus.crud.service.IApplicationObjectService)
AnswerItem(org.cerberus.util.answer.AnswerItem)
Example 8 with ApplicationObject
use of org.cerberus.crud.entity.ApplicationObject in project cerberus-source by cerberustesting.
the class DeleteApplicationObject method processRequest.
/**
* Processes requests for both HTTP <code>GET</code> and <code>POST</code>
* methods.
*
* @param request servlet request
* @param response servlet response
* @throws ServletException if a servlet-specific error occurs
* @throws IOException if an I/O error occurs
*/
protected void processRequest(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException, CerberusException, JSONException {
JSONObject jsonResponse = new JSONObject();
Answer ans = new Answer();
MessageEvent msg = new MessageEvent(MessageEventEnum.DATA_OPERATION_ERROR_UNEXPECTED);
msg.setDescription(msg.getDescription().replace("%DESCRIPTION%", ""));
ans.setResultMessage(msg);
PolicyFactory policy = Sanitizers.FORMATTING.and(Sanitizers.LINKS);
response.setContentType("application/json");
// Calling Servlet Transversal Util.
ServletUtil.servletStart(request);
/**
* Parsing and securing all required parameters.
*/
String application = policy.sanitize(request.getParameter("application"));
String object = policy.sanitize(request.getParameter("object"));
/**
* Checking all constrains before calling the services.
*/
if (StringUtil.isNullOrEmpty(application)) {
msg = new MessageEvent(MessageEventEnum.DATA_OPERATION_ERROR_EXPECTED);
msg.setDescription(msg.getDescription().replace("%ITEM%", "ApplicationObject").replace("%OPERATION%", "Delete").replace("%REASON%", "Application name is missing!"));
ans.setResultMessage(msg);
} else if (StringUtil.isNullOrEmpty(object)) {
msg = new MessageEvent(MessageEventEnum.DATA_OPERATION_ERROR_EXPECTED);
msg.setDescription(msg.getDescription().replace("%ITEM%", "ApplicationObject").replace("%OPERATION%", "Delete").replace("%REASON%", "Object name is missing!"));
ans.setResultMessage(msg);
} else {
/**
* All data seems cleans so we can call the services.
*/
ApplicationContext appContext = WebApplicationContextUtils.getWebApplicationContext(this.getServletContext());
IApplicationObjectService applicationObjectService = appContext.getBean(IApplicationObjectService.class);
AnswerItem resp = applicationObjectService.readByKey(application, object);
if (!(resp.isCodeEquals(MessageEventEnum.DATA_OPERATION_OK.getCode()) && resp.getItem() != null)) {
/**
* Object could not be found. We stop here and report the error.
*/
msg = new MessageEvent(MessageEventEnum.DATA_OPERATION_ERROR_EXPECTED);
msg.setDescription(msg.getDescription().replace("%ITEM%", "ApplicationObject").replace("%OPERATION%", "Delete").replace("%REASON%", "Application Object does not exist."));
ans.setResultMessage(msg);
} else {
/**
* The service was able to perform the query and confirm the
* object exist, then we can delete it.
*/
ApplicationObject applicationData = (ApplicationObject) resp.getItem();
ans = applicationObjectService.delete(applicationData);
if (ans.isCodeEquals(MessageEventEnum.DATA_OPERATION_OK.getCode())) {
/**
* Delete was successful. Adding Log entry.
*/
ILogEventService logEventService = appContext.getBean(LogEventService.class);
logEventService.createForPrivateCalls("/DeleteApplication", "DELETE", "Delete Application Object: ['" + application + "','" + object + "']", request);
}
}
}
/**
* Formating and returning the json result.
*/
jsonResponse.put("messageType", ans.getResultMessage().getMessage().getCodeString());
jsonResponse.put("message", ans.getResultMessage().getDescription());
response.getWriter().print(jsonResponse.toString());
response.getWriter().flush();
}
Also used :
Answer(org.cerberus.util.answer.Answer)
ApplicationContext(org.springframework.context.ApplicationContext)
JSONObject(org.json.JSONObject)
PolicyFactory(org.owasp.html.PolicyFactory)
MessageEvent(org.cerberus.engine.entity.MessageEvent)
ApplicationObject(org.cerberus.crud.entity.ApplicationObject)
ILogEventService(org.cerberus.crud.service.ILogEventService)
LogEventService(org.cerberus.crud.service.impl.LogEventService)
IApplicationObjectService(org.cerberus.crud.service.IApplicationObjectService)
ILogEventService(org.cerberus.crud.service.ILogEventService)
AnswerItem(org.cerberus.util.answer.AnswerItem)
Example 9 with ApplicationObject
use of org.cerberus.crud.entity.ApplicationObject in project cerberus-source by cerberustesting.
the class ReadApplicationObject method findApplicationObjectList.
// </editor-fold>
private AnswerItem findApplicationObjectList(String application, ApplicationContext appContext, boolean userHasPermissions, HttpServletRequest request) throws JSONException {
AnswerItem item = new AnswerItem();
JSONObject object = new JSONObject();
applicationObjectService = appContext.getBean(IApplicationObjectService.class);
int startPosition = Integer.valueOf(ParameterParserUtil.parseStringParam(request.getParameter("iDisplayStart"), "0"));
int length = Integer.valueOf(ParameterParserUtil.parseStringParam(request.getParameter("iDisplayLength"), "0"));
/*int sEcho = Integer.valueOf(request.getParameter("sEcho"));*/
String searchParameter = ParameterParserUtil.parseStringParam(request.getParameter("sSearch"), "");
int columnToSortParameter = Integer.parseInt(ParameterParserUtil.parseStringParam(request.getParameter("iSortCol_0"), "2"));
String sColumns = ParameterParserUtil.parseStringParam(request.getParameter("sColumns"), "Application,Object");
String[] columnToSort = sColumns.split(",");
String columnName = columnToSort[columnToSortParameter];
String sort = ParameterParserUtil.parseStringParam(request.getParameter("sSortDir_0"), "asc");
List<String> individualLike = new ArrayList(Arrays.asList(ParameterParserUtil.parseStringParam(request.getParameter("sLike"), "").split(",")));
Map<String, List<String>> individualSearch = new HashMap<>();
for (int a = 0; a < columnToSort.length; a++) {
if (null != request.getParameter("sSearch_" + a) && !request.getParameter("sSearch_" + a).isEmpty()) {
List<String> search = new ArrayList(Arrays.asList(request.getParameter("sSearch_" + a).split(",")));
if (individualLike.contains(columnToSort[a])) {
individualSearch.put(columnToSort[a] + ":like", search);
} else {
individualSearch.put(columnToSort[a], search);
}
}
}
AnswerList resp = applicationObjectService.readByApplicationByCriteria(application, startPosition, length, columnName, sort, searchParameter, individualSearch);
JSONArray jsonArray = new JSONArray();
if (resp.isCodeEquals(MessageEventEnum.DATA_OPERATION_OK.getCode())) {
// the service was able to perform the query, then we should get all values
for (ApplicationObject applicationObject : (List<ApplicationObject>) resp.getDataList()) {
jsonArray.put(convertApplicationObjectToJSONObject(applicationObject));
}
}
object.put("hasPermissions", userHasPermissions);
object.put("contentTable", jsonArray);
object.put("iTotalRecords", resp.getTotalRows());
object.put("iTotalDisplayRecords", resp.getTotalRows());
item.setItem(object);
item.setResultMessage(resp.getResultMessage());
return item;
}
Also used :
AnswerList(org.cerberus.util.answer.AnswerList)
ApplicationObject(org.cerberus.crud.entity.ApplicationObject)
JSONArray(org.json.JSONArray)
IApplicationObjectService(org.cerberus.crud.service.IApplicationObjectService)
AnswerItem(org.cerberus.util.answer.AnswerItem)
JSONObject(org.json.JSONObject)
AnswerList(org.cerberus.util.answer.AnswerList)
Example 10 with ApplicationObject
use of org.cerberus.crud.entity.ApplicationObject in project cerberus-source by cerberustesting.
the class ReadApplicationObject method findApplicationObjectList.
private AnswerItem findApplicationObjectList(String application, ApplicationContext appContext, boolean userHasPermissions) throws JSONException {
AnswerItem item = new AnswerItem();
JSONObject object = new JSONObject();
applicationObjectService = appContext.getBean(IApplicationObjectService.class);
AnswerList resp = applicationObjectService.readByApplication(application);
JSONArray jsonArray = new JSONArray();
if (resp.isCodeEquals(MessageEventEnum.DATA_OPERATION_OK.getCode())) {
// the service was able to perform the query, then we should get all values
for (ApplicationObject applicationObject : (List<ApplicationObject>) resp.getDataList()) {
jsonArray.put(convertApplicationObjectToJSONObject(applicationObject));
}
}
object.put("hasPermissions", userHasPermissions);
object.put("contentTable", jsonArray);
object.put("iTotalRecords", resp.getTotalRows());
object.put("iTotalDisplayRecords", resp.getTotalRows());
item.setItem(object);
item.setResultMessage(resp.getResultMessage());
return item;
}
Also used :
AnswerList(org.cerberus.util.answer.AnswerList)
JSONObject(org.json.JSONObject)
ApplicationObject(org.cerberus.crud.entity.ApplicationObject)
JSONArray(org.json.JSONArray)
IApplicationObjectService(org.cerberus.crud.service.IApplicationObjectService)
AnswerList(org.cerberus.util.answer.AnswerList)
AnswerItem(org.cerberus.util.answer.AnswerItem)
Aggregations
ApplicationObject (org.cerberus.crud.entity.ApplicationObject)16
AnswerItem (org.cerberus.util.answer.AnswerItem)11
IFactoryApplicationObject (org.cerberus.crud.factory.IFactoryApplicationObject)9
MessageEvent (org.cerberus.engine.entity.MessageEvent)9
IApplicationObjectService (org.cerberus.crud.service.IApplicationObjectService)7
JSONObject (org.json.JSONObject)7
Connection (java.sql.Connection)5
PreparedStatement (java.sql.PreparedStatement)5
ResultSet (java.sql.ResultSet)5
SQLException (java.sql.SQLException)5
AnswerList (org.cerberus.util.answer.AnswerList)5
IOException (java.io.IOException)4
ArrayList (java.util.ArrayList)3
ILogEventService (org.cerberus.crud.service.ILogEventService)3
LogEventService (org.cerberus.crud.service.impl.LogEventService)3
Answer (org.cerberus.util.answer.Answer)3
ApplicationContext (org.springframework.context.ApplicationContext)3
Timestamp (java.sql.Timestamp)2
List (java.util.List)2
Map (java.util.Map)2
