Search in sources :

Example 26 with ILogEventService

use of org.cerberus.crud.service.ILogEventService in project cerberus-source by cerberustesting.

the class DeleteInvariant method processRequest.

/**
 * Processes requests for both HTTP <code>GET</code> and <code>POST</code>
 * methods.
 *
 * @param request servlet request
 * @param response servlet response
 * @throws ServletException if a servlet-specific error occurs
 * @throws IOException if an I/O error occurs
 */
protected void processRequest(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException, CerberusException, JSONException {
    JSONObject jsonResponse = new JSONObject();
    Answer ans = new Answer();
    MessageEvent msg = new MessageEvent(MessageEventEnum.DATA_OPERATION_ERROR_UNEXPECTED);
    msg.setDescription(msg.getDescription().replace("%DESCRIPTION%", ""));
    ans.setResultMessage(msg);
    PolicyFactory policy = Sanitizers.FORMATTING.and(Sanitizers.LINKS);
    String charset = request.getCharacterEncoding();
    response.setContentType("application/json");
    String id = ParameterParserUtil.parseStringParamAndDecodeAndSanitize(request.getParameter("idName"), "", charset);
    String value = request.getParameter("value");
    boolean userHasPermissions = request.isUserInRole("Administrator");
    /**
     * Checking all constrains before calling the services.
     */
    if (StringUtil.isNullOrEmpty(id)) {
        msg = new MessageEvent(MessageEventEnum.DATA_OPERATION_ERROR_EXPECTED);
        msg.setDescription(msg.getDescription().replace("%ITEM%", "Invariant").replace("%OPERATION%", "Delete").replace("%REASON%", "Invariant name is missing!"));
        ans.setResultMessage(msg);
    } else if (!userHasPermissions) {
        msg = new MessageEvent(MessageEventEnum.DATA_OPERATION_ERROR_EXPECTED);
        msg.setDescription(msg.getDescription().replace("%ITEM%", "Invariant").replace("%OPERATION%", "Delete").replace("%REASON%", "You don't have the right to do that"));
        ans.setResultMessage(msg);
    } else {
        /**
         * All data seems cleans so we can call the services.
         */
        ApplicationContext appContext = WebApplicationContextUtils.getWebApplicationContext(this.getServletContext());
        IInvariantService invariantService = appContext.getBean(IInvariantService.class);
        Invariant invariantData = invariantService.convert(invariantService.readByKey(id, value));
        if (invariantService.hasPermissionsDelete(invariantData, request)) {
            ans = invariantService.delete(invariantData);
            if (ans.isCodeEquals(MessageEventEnum.DATA_OPERATION_OK.getCode())) {
                /**
                 * Object updated. Adding Log entry.
                 */
                ILogEventService logEventService = appContext.getBean(LogEventService.class);
                logEventService.createForPrivateCalls("/DeleteInvariant2", "DELETE", "Delete Invariant : ['" + id + "']", request);
            }
        } else {
            msg = new MessageEvent(MessageEventEnum.DATA_OPERATION_ERROR_EXPECTED);
            msg.setDescription(msg.getDescription().replace("%ITEM%", "Invariant").replace("%OPERATION%", "Delete").replace("%REASON%", "You don't have the right to do that."));
            ans.setResultMessage(msg);
        }
    }
    /**
     * Formating and returning the json result.
     */
    jsonResponse.put("messageType", ans.getResultMessage().getMessage().getCodeString());
    jsonResponse.put("message", ans.getResultMessage().getDescription());
    response.getWriter().print(jsonResponse.toString());
    response.getWriter().flush();
}
Also used : Answer(org.cerberus.util.answer.Answer) Invariant(org.cerberus.crud.entity.Invariant) ApplicationContext(org.springframework.context.ApplicationContext) JSONObject(org.json.JSONObject) PolicyFactory(org.owasp.html.PolicyFactory) MessageEvent(org.cerberus.engine.entity.MessageEvent) IInvariantService(org.cerberus.crud.service.IInvariantService) LogEventService(org.cerberus.crud.service.impl.LogEventService) ILogEventService(org.cerberus.crud.service.ILogEventService) ILogEventService(org.cerberus.crud.service.ILogEventService)

Example 27 with ILogEventService

use of org.cerberus.crud.service.ILogEventService in project cerberus-source by cerberustesting.

the class DeleteLabel method processRequest.

/**
 * Processes requests for both HTTP <code>GET</code> and <code>POST</code>
 * methods.
 *
 * @param request servlet request
 * @param response servlet response
 * @throws ServletException if a servlet-specific error occurs
 * @throws IOException if an I/O error occurs
 */
protected void processRequest(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException, CerberusException, JSONException {
    JSONObject jsonResponse = new JSONObject();
    Answer ans = new Answer();
    MessageEvent msg = new MessageEvent(MessageEventEnum.DATA_OPERATION_ERROR_UNEXPECTED);
    msg.setDescription(msg.getDescription().replace("%DESCRIPTION%", ""));
    ans.setResultMessage(msg);
    PolicyFactory policy = Sanitizers.FORMATTING.and(Sanitizers.LINKS);
    response.setContentType("application/json");
    // Calling Servlet Transversal Util.
    ServletUtil.servletStart(request);
    /**
     * Parsing and securing all required parameters.
     */
    Integer key = Integer.valueOf(policy.sanitize(request.getParameter("id")));
    /**
     * Checking all constrains before calling the services.
     */
    if (key == 0) {
        msg = new MessageEvent(MessageEventEnum.DATA_OPERATION_ERROR_EXPECTED);
        msg.setDescription(msg.getDescription().replace("%ITEM%", "Label").replace("%OPERATION%", "Delete").replace("%REASON%", "Label ID is missing!"));
        ans.setResultMessage(msg);
    } else {
        /**
         * All data seems cleans so we can call the services.
         */
        ApplicationContext appContext = WebApplicationContextUtils.getWebApplicationContext(this.getServletContext());
        ILabelService labelService = appContext.getBean(ILabelService.class);
        AnswerItem resp = labelService.readByKey(key);
        if (!(resp.isCodeEquals(MessageEventEnum.DATA_OPERATION_OK.getCode()) && resp.getItem() != null)) {
            /**
             * Object could not be found. We stop here and report the error.
             */
            msg = new MessageEvent(MessageEventEnum.DATA_OPERATION_ERROR_EXPECTED);
            msg.setDescription(msg.getDescription().replace("%ITEM%", "Label").replace("%OPERATION%", "Delete").replace("%REASON%", "Label does not exist."));
            ans.setResultMessage(msg);
        } else {
            /**
             * The service was able to perform the query and confirm the
             * object exist, then we can delete it.
             */
            Label labelData = (Label) resp.getItem();
            ans = labelService.delete(labelData);
            if (ans.isCodeEquals(MessageEventEnum.DATA_OPERATION_OK.getCode())) {
                /**
                 * Delete was successful. Adding Log entry.
                 */
                ILogEventService logEventService = appContext.getBean(LogEventService.class);
                logEventService.createForPrivateCalls("/DeleteLabel", "DELETE", "Delete Label : ['" + key + "']", request);
            }
        }
    }
    /**
     * Formating and returning the json result.
     */
    jsonResponse.put("messageType", ans.getResultMessage().getMessage().getCodeString());
    jsonResponse.put("message", ans.getResultMessage().getDescription());
    response.getWriter().print(jsonResponse.toString());
    response.getWriter().flush();
}
Also used : ILabelService(org.cerberus.crud.service.ILabelService) Answer(org.cerberus.util.answer.Answer) ApplicationContext(org.springframework.context.ApplicationContext) JSONObject(org.json.JSONObject) PolicyFactory(org.owasp.html.PolicyFactory) MessageEvent(org.cerberus.engine.entity.MessageEvent) Label(org.cerberus.crud.entity.Label) ILogEventService(org.cerberus.crud.service.ILogEventService) AnswerItem(org.cerberus.util.answer.AnswerItem)

Example 28 with ILogEventService

use of org.cerberus.crud.service.ILogEventService in project cerberus-source by cerberustesting.

the class UpdateTestCaseWithDependencies method processRequest.

/**
 * Processes requests for both HTTP <code>GET</code> and <code>POST</code>
 * methods.
 *
 * @param request servlet request
 * @param response servlet response
 * @throws ServletException if a servlet-specific error occurs
 * @throws IOException if an I/O error occurs
 * @throws org.cerberus.exception.CerberusException
 */
protected void processRequest(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException, CerberusException {
    ApplicationContext appContext = WebApplicationContextUtils.getWebApplicationContext(this.getServletContext());
    String initialTest = request.getParameter("informationInitialTest");
    String initialTestCase = request.getParameter("informationInitialTestCase");
    String test = request.getParameter("informationTest");
    String testCase = request.getParameter("informationTestCase");
    TestCase tc = getTestCaseFromParameter(request, appContext, test, testCase);
    boolean duplicate = false;
    ITestService tService = appContext.getBean(ITestService.class);
    ITestCaseService tcService = appContext.getBean(ITestCaseService.class);
    ITestCaseCountryService tccService = appContext.getBean(ITestCaseCountryService.class);
    ITestCaseCountryPropertiesService tccpService = appContext.getBean(ITestCaseCountryPropertiesService.class);
    ITestCaseStepService tcsService = appContext.getBean(ITestCaseStepService.class);
    ITestCaseStepActionService tcsaService = appContext.getBean(ITestCaseStepActionService.class);
    ITestCaseStepActionControlService tcsacService = appContext.getBean(ITestCaseStepActionControlService.class);
    IInvariantService invariantService = appContext.getBean(IInvariantService.class);
    IUserService userService = appContext.getBean(IUserService.class);
    IUserGroupService userGroupService = appContext.getBean(IUserGroupService.class);
    /**
     * Get User and Groups of this user
     */
    User user = userService.findUserByKey(request.getUserPrincipal().getName());
    // List<UserGroup> userGroupList = groupService.findGroupByUser(user);
    List<UserGroup> userGroupList = userGroupService.convert(userGroupService.readByUser(user.getLogin()));
    List<String> groupList = new ArrayList();
    for (UserGroup group : userGroupList) {
        groupList.add(group.getGroup());
    }
    /**
     * Verify the Test is the same than initialTest If it is the same > Do
     * nothing If it is not the same > Verify if test already exists If not
     * exist > create it If exist > do nothing
     */
    if (!tc.getTest().equals(initialTest)) {
        if (tService.findTestByKey(tc.getTest()) == null) {
            if (groupList.contains("TestAdmin")) {
                Test newTest = tService.findTestByKey(initialTest);
                newTest.setTest(tc.getTest());
                tService.convert(tService.create(newTest));
            } else {
                response.sendError(403, MessageGeneralEnum.GUI_TEST_CREATION_NOT_HAVE_RIGHT.getDescription());
                return;
            }
        }
    }
    if (!tc.getTest().equals(initialTest) || !tc.getTestCase().equals(initialTestCase)) {
        duplicate = true;
    }
    /**
     * If the testcase is a duplication, set the creator as the one which
     * duplicate the testcase and the status in the initial one.
     */
    if (duplicate) {
        tc.setUsrCreated(user.getLogin());
        // TODO: handle if the response does not turn ok
        AnswerList answer = invariantService.readByIdname("TCSTATUS");
        tc.setStatus(((List<Invariant>) answer.getDataList()).get(0).getValue());
    }
    /**
     * If not duplicate and test in Working status and user with no admin
     * right, raise an error
     */
    if (!duplicate && "WORKING".equals(tc.getStatus()) && !groupList.contains("TestAdmin")) {
        response.sendError(403, MessageGeneralEnum.GUI_TESTCASE_NON_ADMIN_SAVE_WORKING_TESTCASE.getDescription());
        return;
    }
    /**
     * Verify testcase is the same than initialTestCase If it is the same >
     * update If it is not the same, > verify if testcase already exist If
     * it already exist > Send Error If it do not already exists > Create it
     */
    if (!duplicate) {
        tcService.updateTestCase(tc);
    } else if (tcService.findTestCaseByKey(tc.getTest(), tc.getTestCase()) != null) {
        response.sendError(403, MessageGeneralEnum.GUI_TESTCASE_DUPLICATION_ALREADY_EXISTS.getDescription());
        return;
    } else {
        tcService.createTestCase(tc);
    }
    /**
     * For the list of testcase country verify it exists. If it does not
     * exists > create it If it exist, verify if it's the
     */
    List<TestCaseCountry> tccFromPage = getTestCaseCountryFromParameter(request, appContext, test, testCase);
    List<TestCaseCountry> tccFromDtb = tccService.findTestCaseCountryByTestTestCase(initialTest, initialTestCase);
    /**
     * Iterate on (TestCaseCountry From Page - TestCaseCountry From
     * Database) If TestCaseCountry in Database has same key : Update and
     * remove from the list. If TestCaseCountry in database does ot exist :
     * Insert it.
     */
    List<TestCaseCountry> tccToUpdateOrInsert = new ArrayList(tccFromPage);
    tccToUpdateOrInsert.removeAll(tccFromDtb);
    List<TestCaseCountry> tccToUpdateOrInsertToIterate = new ArrayList(tccToUpdateOrInsert);
    for (TestCaseCountry tccDifference : tccToUpdateOrInsertToIterate) {
        for (TestCaseCountry tccInDatabase : tccFromDtb) {
            if (tccDifference.hasSameKey(tccInDatabase)) {
                tccToUpdateOrInsert.remove(tccDifference);
            }
        }
    }
    tccService.insertListTestCaseCountry(tccToUpdateOrInsert);
    /**
     * Iterate on (TestCaseCountry From Database - TestCaseCountry From
     * Page). If TestCaseCountry in Page has same key : remove from the
     * list. Then delete the list of TestCaseCountry
     */
    if (!duplicate) {
        List<TestCaseCountry> tccToDelete = new ArrayList(tccFromDtb);
        tccToDelete.removeAll(tccFromPage);
        List<TestCaseCountry> tccToDeleteToIterate = new ArrayList(tccToDelete);
        for (TestCaseCountry tccDifference : tccToDeleteToIterate) {
            for (TestCaseCountry tccInPage : tccFromPage) {
                if (tccDifference.hasSameKey(tccInPage)) {
                    tccToDelete.remove(tccDifference);
                }
            }
        }
        tccService.deleteListTestCaseCountry(tccToDelete);
    }
    /**
     * For the list of testcase country verify it exists. If it does not
     * exists > create it If it exist, verify if it's the
     */
    List<TestCaseCountryProperties> tccpFromPage = getTestCaseCountryPropertiesFromParameter(request, appContext, test, testCase);
    List<TestCaseCountryProperties> tccpFromDtb = tccpService.findListOfPropertyPerTestTestCase(initialTest, initialTestCase);
    /**
     * Iterate on (TestCaseCountryProperties From Page -
     * TestCaseCountryProperties From Database) If TestCaseCountryProperties
     * in Database has same key : Update and remove from the list. If
     * TestCaseCountryProperties in database does ot exist : Insert it.
     */
    List<TestCaseCountryProperties> tccpToUpdateOrInsert = new ArrayList(tccpFromPage);
    tccpToUpdateOrInsert.removeAll(tccpFromDtb);
    List<TestCaseCountryProperties> tccpToUpdateOrInsertToIterate = new ArrayList(tccpToUpdateOrInsert);
    for (TestCaseCountryProperties tccpDifference : tccpToUpdateOrInsertToIterate) {
        for (TestCaseCountryProperties tccpInDatabase : tccpFromDtb) {
            if (tccpDifference.hasSameKey(tccpInDatabase)) {
                tccpService.updateTestCaseCountryProperties(tccpDifference);
                tccpToUpdateOrInsert.remove(tccpDifference);
            }
        }
    }
    tccpService.insertListTestCaseCountryProperties(tccpToUpdateOrInsert);
    /**
     * Iterate on (TestCaseCountryProperties From Database -
     * TestCaseCountryProperties From Page). If TestCaseCountryProperties in
     * Page has same key : remove from the list. Then delete the list of
     * TestCaseCountryProperties
     */
    if (!duplicate) {
        List<TestCaseCountryProperties> tccpToDelete = new ArrayList(tccpFromDtb);
        tccpToDelete.removeAll(tccpFromPage);
        List<TestCaseCountryProperties> tccpToDeleteToIterate = new ArrayList(tccpToDelete);
        for (TestCaseCountryProperties tccpDifference : tccpToDeleteToIterate) {
            for (TestCaseCountryProperties tccpInPage : tccpFromPage) {
                if (tccpDifference.hasSameKey(tccpInPage)) {
                    tccpToDelete.remove(tccpDifference);
                }
            }
        }
        tccpService.deleteListTestCaseCountryProperties(tccpToDelete);
    }
    /*
         * Get steps, actions and controls from page by:
         * - generating a new step, action or control number,
         * - setting the correct related step and action for action or control
         */
    List<TestCaseStep> tcsFromPage = getTestCaseStepFromParameter(request, appContext, test, testCase, duplicate);
    List<TestCaseStepAction> tcsaFromPage = new ArrayList();
    List<TestCaseStepActionControl> tcsacFromPage = new ArrayList();
    int nextStepNumber = getMaxStepNumber(tcsFromPage);
    for (TestCaseStep tcs : tcsFromPage) {
        if (tcs.getStep() == -1) {
            tcs.setStep(++nextStepNumber);
        }
        if (tcs.getTestCaseStepAction() != null) {
            int nextSequenceNumber = getMaxSequenceNumber(tcs.getTestCaseStepAction());
            for (TestCaseStepAction tcsa : tcs.getTestCaseStepAction()) {
                if (tcsa.getSequence() == -1) {
                    tcsa.setSequence(++nextSequenceNumber);
                }
                tcsa.setStep(tcs.getStep());
                if (tcsa.getTestCaseStepActionControl() != null) {
                    int nextControlNumber = getMaxControlNumber(tcsa.getTestCaseStepActionControl());
                    for (TestCaseStepActionControl tscac : tcsa.getTestCaseStepActionControl()) {
                        if (tscac.getControlSequence() == -1) {
                            tscac.setControlSequence(++nextControlNumber);
                        }
                        tscac.setStep(tcs.getStep());
                        tscac.setSequence(tcsa.getSequence());
                    }
                    tcsacFromPage.addAll(tcsa.getTestCaseStepActionControl());
                }
            }
            tcsaFromPage.addAll(tcs.getTestCaseStepAction());
        }
    }
    /*
         * Create, update or delete step, action and control according to the needs
         */
    List<TestCaseStep> tcsFromDtb = new ArrayList(tcsService.getListOfSteps(initialTest, initialTestCase));
    tcsService.compareListAndUpdateInsertDeleteElements(tcsFromPage, tcsFromDtb, duplicate);
    List<TestCaseStepAction> tcsaFromDtb = new ArrayList(tcsaService.findTestCaseStepActionbyTestTestCase(initialTest, initialTestCase));
    tcsaService.compareListAndUpdateInsertDeleteElements(tcsaFromPage, tcsaFromDtb, duplicate);
    List<TestCaseStepActionControl> tcsacFromDtb = new ArrayList(tcsacService.findControlByTestTestCase(initialTest, initialTestCase));
    tcsacService.compareListAndUpdateInsertDeleteElements(tcsacFromPage, tcsacFromDtb, duplicate);
    /**
     * Adding Log entry.
     */
    ILogEventService logEventService = appContext.getBean(LogEventService.class);
    logEventService.createForPrivateCalls("/UpdateTestCase", "UPDATE", "Update testcase : ['" + tc.getTest() + "'|'" + tc.getTestCase() + "']", request);
    String encodedTest = URLEncoder.encode(tc.getTest(), "UTF-8");
    String encodedTestCase = URLEncoder.encode(tc.getTestCase(), "UTF-8");
    response.sendRedirect(response.encodeRedirectURL("TestCase.jsp?Load=Load&Test=" + encodedTest + "&TestCase=" + encodedTestCase));
}
Also used : ITestCaseStepActionService(org.cerberus.crud.service.ITestCaseStepActionService) IFactoryTestCaseStepAction(org.cerberus.crud.factory.IFactoryTestCaseStepAction) TestCaseStepAction(org.cerberus.crud.entity.TestCaseStepAction) User(org.cerberus.crud.entity.User) TestCaseCountryProperties(org.cerberus.crud.entity.TestCaseCountryProperties) IFactoryTestCaseCountryProperties(org.cerberus.crud.factory.IFactoryTestCaseCountryProperties) ArrayList(java.util.ArrayList) IFactoryTestCaseStep(org.cerberus.crud.factory.IFactoryTestCaseStep) TestCaseStep(org.cerberus.crud.entity.TestCaseStep) IUserGroupService(org.cerberus.crud.service.IUserGroupService) ITestCaseCountryService(org.cerberus.crud.service.ITestCaseCountryService) UserGroup(org.cerberus.crud.entity.UserGroup) ApplicationContext(org.springframework.context.ApplicationContext) ITestService(org.cerberus.crud.service.ITestService) Test(org.cerberus.crud.entity.Test) ITestCaseCountryPropertiesService(org.cerberus.crud.service.ITestCaseCountryPropertiesService) ITestCaseService(org.cerberus.crud.service.ITestCaseService) TestCaseCountry(org.cerberus.crud.entity.TestCaseCountry) IFactoryTestCaseCountry(org.cerberus.crud.factory.IFactoryTestCaseCountry) ILogEventService(org.cerberus.crud.service.ILogEventService) AnswerList(org.cerberus.util.answer.AnswerList) ArrayList(java.util.ArrayList) List(java.util.List) TestCaseStepActionControl(org.cerberus.crud.entity.TestCaseStepActionControl) IFactoryTestCaseStepActionControl(org.cerberus.crud.factory.IFactoryTestCaseStepActionControl) AnswerList(org.cerberus.util.answer.AnswerList) ITestCaseStepService(org.cerberus.crud.service.ITestCaseStepService) IInvariantService(org.cerberus.crud.service.IInvariantService) ITestCaseStepActionControlService(org.cerberus.crud.service.ITestCaseStepActionControlService) TestCase(org.cerberus.crud.entity.TestCase) IFactoryTestCase(org.cerberus.crud.factory.IFactoryTestCase) IUserService(org.cerberus.crud.service.IUserService)

Example 29 with ILogEventService

use of org.cerberus.crud.service.ILogEventService in project cerberus-source by cerberustesting.

the class UpdateApplication method processRequest.

/**
 * Processes requests for both HTTP <code>GET</code> and <code>POST</code>
 * methods.
 *
 * @param request servlet request
 * @param response servlet response
 * @throws ServletException if a servlet-specific error occurs
 * @throws IOException if an I/O error occurs
 */
protected void processRequest(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException, CerberusException, JSONException {
    JSONObject jsonResponse = new JSONObject();
    ApplicationContext appContext = WebApplicationContextUtils.getWebApplicationContext(this.getServletContext());
    Answer ans = new Answer();
    MessageEvent msg = new MessageEvent(MessageEventEnum.DATA_OPERATION_ERROR_UNEXPECTED);
    msg.setDescription(msg.getDescription().replace("%DESCRIPTION%", ""));
    ans.setResultMessage(msg);
    PolicyFactory policy = Sanitizers.FORMATTING.and(Sanitizers.LINKS);
    String charset = request.getCharacterEncoding();
    ICountryEnvironmentParametersService ceaService = appContext.getBean(ICountryEnvironmentParametersService.class);
    IFactoryCountryEnvironmentParameters cedFactory = appContext.getBean(IFactoryCountryEnvironmentParameters.class);
    response.setContentType("application/json");
    // Calling Servlet Transversal Util.
    ServletUtil.servletStart(request);
    /**
     * Parsing and securing all required parameters.
     */
    // Parameter that are already controled by GUI (no need to decode) --> We SECURE them
    String system = policy.sanitize(request.getParameter("system"));
    String type = policy.sanitize(request.getParameter("type"));
    String deployType = policy.sanitize(request.getParameter("deploytype"));
    // Parameter that needs to be secured --> We SECURE+DECODE them
    String application = ParameterParserUtil.parseStringParamAndDecodeAndSanitize(request.getParameter("application"), null, charset);
    String originalApplication = ParameterParserUtil.parseStringParamAndDecodeAndSanitize(request.getParameter("originalApplication"), null, charset);
    String subSystem = ParameterParserUtil.parseStringParamAndDecodeAndSanitize(request.getParameter("subsystem"), "", charset);
    String mavenGpID = ParameterParserUtil.parseStringParamAndDecodeAndSanitize(request.getParameter("mavengroupid"), "", charset);
    String description = ParameterParserUtil.parseStringParamAndDecodeAndSanitize(request.getParameter("description"), "", charset);
    // Parameter that we cannot secure as we need the html --> We DECODE them
    String svnURL = ParameterParserUtil.parseStringParamAndDecode(request.getParameter("svnurl"), "", charset);
    String bugTrackerURL = ParameterParserUtil.parseStringParamAndDecode(request.getParameter("bugtrackerurl"), "", charset);
    String newBugURL = ParameterParserUtil.parseStringParamAndDecode(request.getParameter("bugtrackernewurl"), "", charset);
    Integer sort = 10;
    boolean sort_error = false;
    try {
        if (request.getParameter("sort") != null && !request.getParameter("sort").equals("")) {
            sort = Integer.valueOf(policy.sanitize(request.getParameter("sort")));
        }
    } catch (Exception ex) {
        sort_error = true;
    }
    // Getting list of application from JSON Call
    JSONArray objApplicationArray = new JSONArray(request.getParameter("environmentList"));
    List<CountryEnvironmentParameters> ceaList = new ArrayList();
    ceaList = getCountryEnvironmentApplicationFromParameter(request, appContext, system, application, objApplicationArray);
    // Prepare the final answer.
    MessageEvent msg1 = new MessageEvent(MessageEventEnum.GENERIC_OK);
    Answer finalAnswer = new Answer(msg1);
    /**
     * Checking all constrains before calling the services.
     */
    if (StringUtil.isNullOrEmpty(application)) {
        msg = new MessageEvent(MessageEventEnum.DATA_OPERATION_ERROR_EXPECTED);
        msg.setDescription(msg.getDescription().replace("%ITEM%", "Application").replace("%OPERATION%", "Update").replace("%REASON%", "Application ID (application) is missing."));
        ans.setResultMessage(msg);
    } else if (StringUtil.isNullOrEmpty(system)) {
        msg = new MessageEvent(MessageEventEnum.DATA_OPERATION_ERROR_EXPECTED);
        msg.setDescription(msg.getDescription().replace("%ITEM%", "Application").replace("%OPERATION%", "Update").replace("%REASON%", "System is missing!"));
        ans.setResultMessage(msg);
    } else if (sort_error) {
        msg = new MessageEvent(MessageEventEnum.DATA_OPERATION_ERROR_EXPECTED);
        msg.setDescription(msg.getDescription().replace("%ITEM%", "Application").replace("%OPERATION%", "Update").replace("%REASON%", "Could not manage to convert sort to an integer value."));
        ans.setResultMessage(msg);
    } else {
        /**
         * All data seems cleans so we can call the services.
         */
        IApplicationService applicationService = appContext.getBean(IApplicationService.class);
        AnswerItem resp = applicationService.readByKey(originalApplication);
        if (!(resp.isCodeEquals(MessageEventEnum.DATA_OPERATION_OK.getCode()) && resp.getItem() != null)) {
            /**
             * Object could not be found. We stop here and report the error.
             */
            finalAnswer = AnswerUtil.agregateAnswer(finalAnswer, (Answer) resp);
        } else {
            /**
             * The service was able to perform the query and confirm the
             * object exist, then we can update it.
             */
            Application applicationData = (Application) resp.getItem();
            applicationData.setApplication(application);
            applicationData.setSystem(system);
            applicationData.setSubsystem(subSystem);
            applicationData.setType(type);
            applicationData.setMavengroupid(mavenGpID);
            applicationData.setDeploytype(deployType);
            applicationData.setSvnurl(svnURL);
            applicationData.setBugTrackerUrl(bugTrackerURL);
            applicationData.setBugTrackerNewUrl(newBugURL);
            applicationData.setDescription(description);
            applicationData.setSort(sort);
            applicationData.setUsrModif(request.getRemoteUser());
            ans = applicationService.update(originalApplication, applicationData);
            finalAnswer = AnswerUtil.agregateAnswer(finalAnswer, (Answer) ans);
            if (ans.isCodeEquals(MessageEventEnum.DATA_OPERATION_OK.getCode())) {
                /**
                 * Update was successful. Adding Log entry.
                 */
                ILogEventService logEventService = appContext.getBean(LogEventService.class);
                logEventService.createForPrivateCalls("/UpdateApplication", "UPDATE", "Updated Application : ['" + originalApplication + "']", request);
                // Update the Database with the new list.
                ans = ceaService.compareListAndUpdateInsertDeleteElements(system, application, ceaList);
                finalAnswer = AnswerUtil.agregateAnswer(finalAnswer, (Answer) ans);
            }
        }
    }
    /**
     * Formating and returning the json result.
     */
    jsonResponse.put("messageType", finalAnswer.getResultMessage().getMessage().getCodeString());
    jsonResponse.put("message", finalAnswer.getResultMessage().getDescription());
    response.getWriter().print(jsonResponse);
    response.getWriter().flush();
}
Also used : PolicyFactory(org.owasp.html.PolicyFactory) MessageEvent(org.cerberus.engine.entity.MessageEvent) JSONArray(org.json.JSONArray) ArrayList(java.util.ArrayList) AnswerItem(org.cerberus.util.answer.AnswerItem) ServletException(javax.servlet.ServletException) JSONException(org.json.JSONException) IOException(java.io.IOException) CerberusException(org.cerberus.exception.CerberusException) ICountryEnvironmentParametersService(org.cerberus.crud.service.ICountryEnvironmentParametersService) Answer(org.cerberus.util.answer.Answer) ApplicationContext(org.springframework.context.ApplicationContext) JSONObject(org.json.JSONObject) IFactoryCountryEnvironmentParameters(org.cerberus.crud.factory.IFactoryCountryEnvironmentParameters) CountryEnvironmentParameters(org.cerberus.crud.entity.CountryEnvironmentParameters) ILogEventService(org.cerberus.crud.service.ILogEventService) IFactoryCountryEnvironmentParameters(org.cerberus.crud.factory.IFactoryCountryEnvironmentParameters) Application(org.cerberus.crud.entity.Application) IApplicationService(org.cerberus.crud.service.IApplicationService)

Example 30 with ILogEventService

use of org.cerberus.crud.service.ILogEventService in project cerberus-source by cerberustesting.

the class UpdateApplicationObject method processRequest.

/**
 * Processes requests for both HTTP <code>GET</code> and <code>POST</code>
 * methods.
 *
 * @param request servlet request
 * @param response servlet response
 * @throws ServletException if a servlet-specific error occurs
 * @throws IOException if an I/O error occurs
 */
protected void processRequest(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException, CerberusException, JSONException {
    JSONObject jsonResponse = new JSONObject();
    ApplicationContext appContext = WebApplicationContextUtils.getWebApplicationContext(this.getServletContext());
    Answer ans = new Answer();
    MessageEvent msg = new MessageEvent(MessageEventEnum.DATA_OPERATION_ERROR_UNEXPECTED);
    msg.setDescription(msg.getDescription().replace("%DESCRIPTION%", ""));
    ans.setResultMessage(msg);
    String charset = request.getCharacterEncoding();
    response.setContentType("application/json");
    // Calling Servlet Transversal Util.
    ServletUtil.servletStart(request);
    Map<String, String> fileData = new HashMap<String, String>();
    FileItem file = null;
    FileItemFactory factory = new DiskFileItemFactory();
    ServletFileUpload upload = new ServletFileUpload(factory);
    try {
        List<FileItem> fields = upload.parseRequest(request);
        Iterator<FileItem> it = fields.iterator();
        if (!it.hasNext()) {
            return;
        }
        while (it.hasNext()) {
            FileItem fileItem = it.next();
            boolean isFormField = fileItem.isFormField();
            if (isFormField) {
                fileData.put(fileItem.getFieldName(), fileItem.getString("UTF-8"));
            } else {
                file = fileItem;
            }
        }
    } catch (FileUploadException e) {
        e.printStackTrace();
    }
    /**
     * Parsing and securing all required parameters.
     */
    // Parameter that are already controled by GUI (no need to decode) --> We SECURE them
    // Parameter that needs to be secured --> We SECURE+DECODE them
    String application = ParameterParserUtil.parseStringParamAndDecode(fileData.get("application"), null, charset);
    String object = ParameterParserUtil.parseStringParamAndDecode(fileData.get("object"), null, charset);
    String value = ParameterParserUtil.parseStringParam(fileData.get("value"), null);
    String usrmodif = ParameterParserUtil.parseStringParamAndDecodeAndSanitize(request.getRemoteUser(), "", charset);
    String datemodif = new Timestamp(new java.util.Date().getTime()).toString();
    // Parameter that we cannot secure as we need the html --> We DECODE them
    // Getting list of application from JSON Call
    // Prepare the final answer.
    MessageEvent msg1 = new MessageEvent(MessageEventEnum.GENERIC_OK);
    Answer finalAnswer = new Answer(msg1);
    /**
     * Checking all constrains before calling the services.
     */
    if (StringUtil.isNullOrEmpty(application)) {
        msg = new MessageEvent(MessageEventEnum.DATA_OPERATION_ERROR_EXPECTED);
        msg.setDescription(msg.getDescription().replace("%ITEM%", "ApplicationObject").replace("%OPERATION%", "Update").replace("%REASON%", "Application name (applicationobject) is missing."));
        ans.setResultMessage(msg);
    } else if (StringUtil.isNullOrEmpty(object)) {
        msg = new MessageEvent(MessageEventEnum.DATA_OPERATION_ERROR_EXPECTED);
        msg.setDescription(msg.getDescription().replace("%ITEM%", "ApplicationObject").replace("%OPERATION%", "Update").replace("%REASON%", "Object name (applicationobject) is missing."));
        ans.setResultMessage(msg);
    } else {
        /**
         * All data seems cleans so we can call the services.
         */
        IApplicationObjectService applicationObjectService = appContext.getBean(IApplicationObjectService.class);
        AnswerItem resp = applicationObjectService.readByKey(application, object);
        if (!(resp.isCodeEquals(MessageEventEnum.DATA_OPERATION_OK.getCode()) && resp.getItem() != null)) {
            /**
             * Object could not be found. We stop here and report the error.
             */
            finalAnswer = AnswerUtil.agregateAnswer(finalAnswer, (Answer) resp);
        } else {
            /**
             * The service was able to perform the query and confirm the
             * object exist, then we can update it.
             */
            ApplicationObject applicationData = (ApplicationObject) resp.getItem();
            String fileName = applicationData.getScreenShotFileName();
            if (file != null) {
                ans = applicationObjectService.uploadFile(applicationData.getID(), file);
                if (ans.isCodeEquals(MessageEventEnum.DATA_OPERATION_OK.getCode())) {
                    fileName = file.getName();
                }
            }
            applicationData.setValue(value);
            applicationData.setScreenShotFileName(fileName);
            applicationData.setUsrModif(usrmodif);
            applicationData.setDateModif(datemodif);
            ans = applicationObjectService.update(applicationData.getApplication(), applicationData.getObject(), applicationData);
            finalAnswer = AnswerUtil.agregateAnswer(finalAnswer, (Answer) ans);
            if (ans.isCodeEquals(MessageEventEnum.DATA_OPERATION_OK.getCode())) {
                /**
                 * Update was successful. Adding Log entry.
                 */
                ILogEventService logEventService = appContext.getBean(LogEventService.class);
                logEventService.createForPrivateCalls("/UpdateApplication", "UPDATE", "Updated Application : ['" + application + "']", request);
            }
            finalAnswer = AnswerUtil.agregateAnswer(finalAnswer, (Answer) ans);
        }
    }
    /**
     * Formating and returning the json result.
     */
    jsonResponse.put("messageType", finalAnswer.getResultMessage().getMessage().getCodeString());
    jsonResponse.put("message", finalAnswer.getResultMessage().getDescription());
    response.getWriter().print(jsonResponse);
    response.getWriter().flush();
}
Also used : MessageEvent(org.cerberus.engine.entity.MessageEvent) ApplicationObject(org.cerberus.crud.entity.ApplicationObject) ILogEventService(org.cerberus.crud.service.ILogEventService) LogEventService(org.cerberus.crud.service.impl.LogEventService) IApplicationObjectService(org.cerberus.crud.service.IApplicationObjectService) DiskFileItemFactory(org.apache.commons.fileupload.disk.DiskFileItemFactory) Timestamp(java.sql.Timestamp) AnswerItem(org.cerberus.util.answer.AnswerItem) FileItemFactory(org.apache.commons.fileupload.FileItemFactory) DiskFileItemFactory(org.apache.commons.fileupload.disk.DiskFileItemFactory) Answer(org.cerberus.util.answer.Answer) FileItem(org.apache.commons.fileupload.FileItem) ApplicationContext(org.springframework.context.ApplicationContext) ServletFileUpload(org.apache.commons.fileupload.servlet.ServletFileUpload) JSONObject(org.json.JSONObject) java.util(java.util) ILogEventService(org.cerberus.crud.service.ILogEventService) FileUploadException(org.apache.commons.fileupload.FileUploadException)

Aggregations

ILogEventService (org.cerberus.crud.service.ILogEventService)93 ApplicationContext (org.springframework.context.ApplicationContext)92 JSONObject (org.json.JSONObject)80 MessageEvent (org.cerberus.engine.entity.MessageEvent)77 Answer (org.cerberus.util.answer.Answer)72 PolicyFactory (org.owasp.html.PolicyFactory)62 AnswerItem (org.cerberus.util.answer.AnswerItem)55 CerberusException (org.cerberus.exception.CerberusException)34 JSONException (org.json.JSONException)33 IOException (java.io.IOException)23 ServletException (javax.servlet.ServletException)23 ArrayList (java.util.ArrayList)18 PrintWriter (java.io.PrintWriter)16 TestCase (org.cerberus.crud.entity.TestCase)15 ITestCaseService (org.cerberus.crud.service.ITestCaseService)15 JSONArray (org.json.JSONArray)15 IParameterService (org.cerberus.crud.service.IParameterService)13 List (java.util.List)12 ITestCaseCountryService (org.cerberus.crud.service.ITestCaseCountryService)12 LogEventService (org.cerberus.crud.service.impl.LogEventService)12