Search in sources :

Example 1 with IFactoryInvariant

use of org.cerberus.crud.factory.IFactoryInvariant in project cerberus-source by cerberustesting.

the class CreateInvariant method processRequest.

/**
 * Processes requests for both HTTP <code>GET</code> and <code>POST</code>
 * methods.
 *
 * @param request servlet request
 * @param response servlet response
 * @throws ServletException if a servlet-specific error occurs
 * @throws IOException if an I/O error occurs
 */
protected void processRequest(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException, CerberusException, JSONException {
    JSONObject jsonResponse = new JSONObject();
    Answer ans = new Answer();
    MessageEvent msg = new MessageEvent(MessageEventEnum.DATA_OPERATION_ERROR_UNEXPECTED);
    msg.setDescription(msg.getDescription().replace("%DESCRIPTION%", ""));
    ans.setResultMessage(msg);
    PolicyFactory policy = Sanitizers.FORMATTING.and(Sanitizers.LINKS);
    String charset = request.getCharacterEncoding();
    String id = ParameterParserUtil.parseStringParamAndDecodeAndSanitize(request.getParameter("idName"), "", charset);
    String value = request.getParameter("value");
    String description = ParameterParserUtil.parseStringParamAndDecodeAndSanitize(request.getParameter("description"), "", charset);
    String veryShortDescField = ParameterParserUtil.parseStringParamAndDecodeAndSanitize(request.getParameter("veryShortDesc"), "", charset);
    String gp1 = ParameterParserUtil.parseStringParamAndDecodeAndSanitize(request.getParameter("gp1"), "", charset);
    String gp2 = ParameterParserUtil.parseStringParamAndDecodeAndSanitize(request.getParameter("gp2"), "", charset);
    String gp3 = ParameterParserUtil.parseStringParamAndDecodeAndSanitize(request.getParameter("gp3"), "", charset);
    String gp4 = ParameterParserUtil.parseStringParamAndDecodeAndSanitize(request.getParameter("gp4"), "", charset);
    String gp5 = ParameterParserUtil.parseStringParamAndDecodeAndSanitize(request.getParameter("gp5"), "", charset);
    String gp6 = ParameterParserUtil.parseStringParamAndDecodeAndSanitize(request.getParameter("gp6"), "", charset);
    String gp7 = ParameterParserUtil.parseStringParamAndDecodeAndSanitize(request.getParameter("gp7"), "", charset);
    String gp8 = ParameterParserUtil.parseStringParamAndDecodeAndSanitize(request.getParameter("gp8"), "", charset);
    String gp9 = ParameterParserUtil.parseStringParamAndDecodeAndSanitize(request.getParameter("gp9"), "", charset);
    Integer sort = 10;
    boolean sort_error = false;
    try {
        if (request.getParameter("Sort") != null && !request.getParameter("Sort").equals("")) {
            sort = Integer.valueOf(policy.sanitize(request.getParameter("Sort")));
        }
    } catch (Exception ex) {
        sort_error = true;
    }
    /**
     * Checking all constrains before calling the services.
     */
    if (StringUtil.isNullOrEmpty(id)) {
        msg = new MessageEvent(MessageEventEnum.DATA_OPERATION_ERROR_EXPECTED);
        msg.setDescription(msg.getDescription().replace("%ITEM%", "Invariant").replace("%OPERATION%", "Create").replace("%REASON%", "Invariant name is missing!"));
        ans.setResultMessage(msg);
    } else if (sort_error) {
        msg = new MessageEvent(MessageEventEnum.DATA_OPERATION_ERROR_EXPECTED);
        msg.setDescription(msg.getDescription().replace("%ITEM%", "Invariant").replace("%OPERATION%", "Create").replace("%REASON%", "Could not manage to convert sort to an integer value!"));
        ans.setResultMessage(msg);
    } else {
        /**
         * All data seems cleans so we can call the services.
         */
        ApplicationContext appContext = WebApplicationContextUtils.getWebApplicationContext(this.getServletContext());
        IInvariantService invariantService = appContext.getBean(IInvariantService.class);
        IFactoryInvariant factoryInvariant = appContext.getBean(IFactoryInvariant.class);
        Invariant invariantData = factoryInvariant.create(id, value, sort, description, veryShortDescField, gp1, gp2, gp3, gp4, gp5, gp6, gp7, gp8, gp9);
        if (invariantService.hasPermissionsCreate(invariantData, request)) {
            ans = invariantService.create(invariantData);
            if (ans.isCodeEquals(MessageEventEnum.DATA_OPERATION_OK.getCode())) {
                /**
                 * Object updated. Adding Log entry.
                 */
                ILogEventService logEventService = appContext.getBean(LogEventService.class);
                logEventService.createForPrivateCalls("/CreateInvariant2", "CREATE", "Create Invariant : ['" + id + "']", request);
            }
        } else {
            msg = new MessageEvent(MessageEventEnum.DATA_OPERATION_ERROR_EXPECTED);
            msg.setDescription(msg.getDescription().replace("%ITEM%", "Invariant").replace("%OPERATION%", "Create").replace("%REASON%", "You are not allowed to do that or invariant is not public."));
            ans.setResultMessage(msg);
        }
    }
    /**
     * Formating and returning the json result.
     */
    jsonResponse.put("messageType", ans.getResultMessage().getMessage().getCodeString());
    jsonResponse.put("message", ans.getResultMessage().getDescription());
    response.getWriter().print(jsonResponse);
    response.getWriter().flush();
}
Also used : Invariant(org.cerberus.crud.entity.Invariant) IFactoryInvariant(org.cerberus.crud.factory.IFactoryInvariant) PolicyFactory(org.owasp.html.PolicyFactory) MessageEvent(org.cerberus.engine.entity.MessageEvent) IInvariantService(org.cerberus.crud.service.IInvariantService) LogEventService(org.cerberus.crud.service.impl.LogEventService) ILogEventService(org.cerberus.crud.service.ILogEventService) ServletException(javax.servlet.ServletException) IOException(java.io.IOException) CerberusException(org.cerberus.exception.CerberusException) JSONException(org.json.JSONException) IFactoryInvariant(org.cerberus.crud.factory.IFactoryInvariant) Answer(org.cerberus.util.answer.Answer) ApplicationContext(org.springframework.context.ApplicationContext) JSONObject(org.json.JSONObject) ILogEventService(org.cerberus.crud.service.ILogEventService)

Aggregations

IOException (java.io.IOException)1 ServletException (javax.servlet.ServletException)1 Invariant (org.cerberus.crud.entity.Invariant)1 IFactoryInvariant (org.cerberus.crud.factory.IFactoryInvariant)1 IInvariantService (org.cerberus.crud.service.IInvariantService)1 ILogEventService (org.cerberus.crud.service.ILogEventService)1 LogEventService (org.cerberus.crud.service.impl.LogEventService)1 MessageEvent (org.cerberus.engine.entity.MessageEvent)1 CerberusException (org.cerberus.exception.CerberusException)1 Answer (org.cerberus.util.answer.Answer)1 JSONException (org.json.JSONException)1 JSONObject (org.json.JSONObject)1 PolicyFactory (org.owasp.html.PolicyFactory)1 ApplicationContext (org.springframework.context.ApplicationContext)1