Example 86 with AnswerItem
use of org.cerberus.util.answer.AnswerItem in project cerberus-source by cerberustesting.
the class ReadUser method findUserList.
// </editor-fold>
private AnswerItem findUserList(ApplicationContext appContext, HttpServletRequest request, HttpServletResponse response) throws JSONException {
AnswerItem item = new AnswerItem();
JSONObject jsonResponse = new JSONObject();
userService = appContext.getBean(UserService.class);
int startPosition = Integer.valueOf(ParameterParserUtil.parseStringParam(request.getParameter("iDisplayStart"), "0"));
int length = Integer.valueOf(ParameterParserUtil.parseStringParam(request.getParameter("iDisplayLength"), "0"));
/*int sEcho = Integer.valueOf(request.getParameter("sEcho"));*/
String searchParameter = ParameterParserUtil.parseStringParam(request.getParameter("sSearch"), "");
int columnToSortParameter = Integer.parseInt(ParameterParserUtil.parseStringParam(request.getParameter("iSortCol_0"), "1"));
String sColumns = ParameterParserUtil.parseStringParam(request.getParameter("sColumns"), "userID,login,name");
String[] columnToSort = sColumns.split(",");
String columnName = columnToSort[columnToSortParameter];
String sort = ParameterParserUtil.parseStringParam(request.getParameter("sSortDir_0"), "asc");
List<String> individualLike = new ArrayList(Arrays.asList(ParameterParserUtil.parseStringParam(request.getParameter("sLike"), "").split(",")));
Map<String, List<String>> individualSearch = new HashMap<>();
for (int a = 0; a < columnToSort.length; a++) {
if (null != request.getParameter("sSearch_" + a) && !request.getParameter("sSearch_" + a).isEmpty()) {
List<String> search = new ArrayList(Arrays.asList(request.getParameter("sSearch_" + a).split(",")));
if (individualLike.contains(columnToSort[a])) {
individualSearch.put(columnToSort[a] + ":like", search);
} else {
individualSearch.put(columnToSort[a], search);
}
}
}
AnswerList resp = userService.readByCriteria(startPosition, length, columnName, sort, searchParameter, individualSearch);
JSONArray jsonArray = new JSONArray();
boolean userHasPermissions = request.isUserInRole("IntegratorRO");
if (resp.isCodeEquals(MessageEventEnum.DATA_OPERATION_OK.getCode())) {
// the service was able to perform the query, then we should get all values
for (User user : (List<User>) resp.getDataList()) {
JSONObject res = convertUserToJSONObject(user);
if (request.getParameter("systems") != null) {
IUserSystemService userSystemService = appContext.getBean(IUserSystemService.class);
AnswerList a = userSystemService.readByUser(user.getLogin());
if (a.isCodeEquals(MessageEventEnum.DATA_OPERATION_OK.getCode()) && a.getDataList() != null) {
JSONArray JSONsystems = new JSONArray();
List<UserSystem> systems = a.getDataList();
for (UserSystem u : systems) {
JSONsystems.put(convertUserSystemToJSONObject(u));
}
res.put("systems", JSONsystems);
}
}
if (request.getParameter("groups") != null) {
IUserGroupService userGroupService = appContext.getBean(UserGroupService.class);
AnswerList a = userGroupService.readByUser(user.getLogin());
if (a.isCodeEquals(MessageEventEnum.DATA_OPERATION_OK.getCode()) && a.getDataList() != null) {
JSONArray JSONgroups = new JSONArray();
List<UserGroup> groups = a.getDataList();
for (UserGroup u : groups) {
JSONgroups.put(convertUserGroupToJSONObject(u));
}
res.put("groups", JSONgroups);
}
}
jsonArray.put(res);
}
}
jsonResponse.put("hasPermissions", userHasPermissions);
jsonResponse.put("contentTable", jsonArray);
jsonResponse.put("iTotalRecords", resp.getTotalRows());
jsonResponse.put("iTotalDisplayRecords", resp.getTotalRows());
item.setItem(jsonResponse);
item.setResultMessage(resp.getResultMessage());
return item;
}
Also used :
AnswerList(org.cerberus.util.answer.AnswerList)
User(org.cerberus.crud.entity.User)
UserSystem(org.cerberus.crud.entity.UserSystem)
IUserService(org.cerberus.crud.service.IUserService)
UserService(org.cerberus.crud.service.impl.UserService)
JSONArray(org.json.JSONArray)
AnswerItem(org.cerberus.util.answer.AnswerItem)
IUserGroupService(org.cerberus.crud.service.IUserGroupService)
UserGroup(org.cerberus.crud.entity.UserGroup)
JSONObject(org.json.JSONObject)
AnswerList(org.cerberus.util.answer.AnswerList)
IUserSystemService(org.cerberus.crud.service.IUserSystemService)
Example 87 with AnswerItem
use of org.cerberus.util.answer.AnswerItem in project cerberus-source by cerberustesting.
the class DeleteLabel method processRequest.
/**
* Processes requests for both HTTP <code>GET</code> and <code>POST</code>
* methods.
*
* @param request servlet request
* @param response servlet response
* @throws ServletException if a servlet-specific error occurs
* @throws IOException if an I/O error occurs
*/
protected void processRequest(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException, CerberusException, JSONException {
JSONObject jsonResponse = new JSONObject();
Answer ans = new Answer();
MessageEvent msg = new MessageEvent(MessageEventEnum.DATA_OPERATION_ERROR_UNEXPECTED);
msg.setDescription(msg.getDescription().replace("%DESCRIPTION%", ""));
ans.setResultMessage(msg);
PolicyFactory policy = Sanitizers.FORMATTING.and(Sanitizers.LINKS);
response.setContentType("application/json");
// Calling Servlet Transversal Util.
ServletUtil.servletStart(request);
/**
* Parsing and securing all required parameters.
*/
Integer key = Integer.valueOf(policy.sanitize(request.getParameter("id")));
/**
* Checking all constrains before calling the services.
*/
if (key == 0) {
msg = new MessageEvent(MessageEventEnum.DATA_OPERATION_ERROR_EXPECTED);
msg.setDescription(msg.getDescription().replace("%ITEM%", "Label").replace("%OPERATION%", "Delete").replace("%REASON%", "Label ID is missing!"));
ans.setResultMessage(msg);
} else {
/**
* All data seems cleans so we can call the services.
*/
ApplicationContext appContext = WebApplicationContextUtils.getWebApplicationContext(this.getServletContext());
ILabelService labelService = appContext.getBean(ILabelService.class);
AnswerItem resp = labelService.readByKey(key);
if (!(resp.isCodeEquals(MessageEventEnum.DATA_OPERATION_OK.getCode()) && resp.getItem() != null)) {
/**
* Object could not be found. We stop here and report the error.
*/
msg = new MessageEvent(MessageEventEnum.DATA_OPERATION_ERROR_EXPECTED);
msg.setDescription(msg.getDescription().replace("%ITEM%", "Label").replace("%OPERATION%", "Delete").replace("%REASON%", "Label does not exist."));
ans.setResultMessage(msg);
} else {
/**
* The service was able to perform the query and confirm the
* object exist, then we can delete it.
*/
Label labelData = (Label) resp.getItem();
ans = labelService.delete(labelData);
if (ans.isCodeEquals(MessageEventEnum.DATA_OPERATION_OK.getCode())) {
/**
* Delete was successful. Adding Log entry.
*/
ILogEventService logEventService = appContext.getBean(LogEventService.class);
logEventService.createForPrivateCalls("/DeleteLabel", "DELETE", "Delete Label : ['" + key + "']", request);
}
}
}
/**
* Formating and returning the json result.
*/
jsonResponse.put("messageType", ans.getResultMessage().getMessage().getCodeString());
jsonResponse.put("message", ans.getResultMessage().getDescription());
response.getWriter().print(jsonResponse.toString());
response.getWriter().flush();
}
Also used :
ILabelService(org.cerberus.crud.service.ILabelService)
Answer(org.cerberus.util.answer.Answer)
ApplicationContext(org.springframework.context.ApplicationContext)
JSONObject(org.json.JSONObject)
PolicyFactory(org.owasp.html.PolicyFactory)
MessageEvent(org.cerberus.engine.entity.MessageEvent)
Label(org.cerberus.crud.entity.Label)
ILogEventService(org.cerberus.crud.service.ILogEventService)
AnswerItem(org.cerberus.util.answer.AnswerItem)
Example 88 with AnswerItem
use of org.cerberus.util.answer.AnswerItem in project cerberus-source by cerberustesting.
the class ReadInvariant method processRequest.
/**
* Processes requests for both HTTP <code>GET</code> and <code>POST</code>
* methods.
*
* @param request servlet request
* @param response servlet response
* @throws ServletException if a servlet-specific error occurs
* @throws IOException if an I/O error occurs
*/
protected void processRequest(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
String echo = request.getParameter("sEcho");
ApplicationContext appContext = WebApplicationContextUtils.getWebApplicationContext(this.getServletContext());
PolicyFactory policy = Sanitizers.FORMATTING.and(Sanitizers.LINKS);
invariantService = appContext.getBean(InvariantService.class);
String charset = request.getCharacterEncoding();
response.setContentType("application/json");
response.setCharacterEncoding("utf8");
// type=public or private? //TODO?
try {
AnswerItem answer;
JSONObject jsonResponse = new JSONObject();
String access = request.getParameter("access");
if (request.getParameter("idName") == null && access != null) {
if (!Strings.isNullOrEmpty(request.getParameter("columnName"))) {
answer = findDistinctValuesOfColumn(appContext, request, request.getParameter("columnName"), access);
jsonResponse = (JSONObject) answer.getItem();
} else {
answer = findInvariantList(appContext, access, request, response);
jsonResponse = (JSONObject) answer.getItem();
}
} else if (request.getParameter("value") == null) {
// loads the list of invariants
String idName = policy.sanitize(request.getParameter("idName"));
answer = findInvariantListByIdName(appContext, access, idName);
jsonResponse = (JSONObject) answer.getItem();
} else {
String idName = request.getParameter("idName");
String value = request.getParameter("value");
try {
answer = findInvariantListBykey(appContext, idName, value);
JSONObject inv = new JSONObject();
inv = convertInvariantToJSONObject((Invariant) answer.getItem());
inv.put("hasPermissionsUpdate", invariantService.hasPermissionsUpdate((Invariant) answer.getItem(), request));
jsonResponse.put("contentTable", inv);
} catch (CerberusException e) {
answer = new AnswerItem();
MessageEvent msg = new MessageEvent(MessageEventEnum.ACTION_FAILED);
answer.setResultMessage(msg);
}
}
jsonResponse.put("messageType", answer.getResultMessage().getMessage().getCodeString());
jsonResponse.put("message", answer.getResultMessage().getDescription());
// TODO:FN check if this makes sense
jsonResponse.put("sEcho", echo);
response.getWriter().print(jsonResponse.toString());
} catch (JSONException e) {
LOG.warn(e);
// returns a default error message with the json format that is able to be parsed by the client-side
response.getWriter().print(AnswerUtil.createGenericErrorAnswer());
}
}
Also used :
ApplicationContext(org.springframework.context.ApplicationContext)
CerberusException(org.cerberus.exception.CerberusException)
PolicyFactory(org.owasp.html.PolicyFactory)
JSONObject(org.json.JSONObject)
MessageEvent(org.cerberus.engine.entity.MessageEvent)
JSONException(org.json.JSONException)
InvariantService(org.cerberus.crud.service.impl.InvariantService)
IInvariantService(org.cerberus.crud.service.IInvariantService)
AnswerItem(org.cerberus.util.answer.AnswerItem)
Example 89 with AnswerItem
use of org.cerberus.util.answer.AnswerItem in project cerberus-source by cerberustesting.
the class ReadInvariant method findInvariantListBykey.
private AnswerItem findInvariantListBykey(ApplicationContext appContext, String idName, String value) throws JSONException, CerberusException {
AnswerItem answer = new AnswerItem();
// finds the list of invariants by idname
invariantService = appContext.getBean(InvariantService.class);
answer.setItem(invariantService.convert(invariantService.readByKey(idName, value)));
MessageEvent msg = new MessageEvent(MessageEventEnum.DATA_OPERATION_OK);
msg.setDescription(msg.getDescription().replace("%ITEM%", "Invariant").replace("%OPERATION%", "SELECT"));
answer.setResultMessage(msg);
return answer;
}
Also used :
MessageEvent(org.cerberus.engine.entity.MessageEvent)
InvariantService(org.cerberus.crud.service.impl.InvariantService)
IInvariantService(org.cerberus.crud.service.IInvariantService)
AnswerItem(org.cerberus.util.answer.AnswerItem)
Example 90 with AnswerItem
use of org.cerberus.util.answer.AnswerItem in project cerberus-source by cerberustesting.
the class ReadInvariant method findDistinctValuesOfColumn.
private AnswerItem findDistinctValuesOfColumn(ApplicationContext appContext, HttpServletRequest request, String columnName, String access) throws JSONException {
AnswerItem answer = new AnswerItem();
JSONObject object = new JSONObject();
invariantService = appContext.getBean(IInvariantService.class);
String searchParameter = ParameterParserUtil.parseStringParam(request.getParameter("sSearch"), "");
String sColumns = ParameterParserUtil.parseStringParam(request.getParameter("sColumns"), "idname,value,sort,description,VeryShortDesc, gp1,gp2,gp3");
String[] columnToSort = sColumns.split(",");
String column = ParameterParserUtil.parseStringParam(request.getParameter("columnName"), "");
String sort = ParameterParserUtil.parseStringParam(request.getParameter("sSortDir_0"), "asc");
List<String> individualLike = new ArrayList(Arrays.asList(ParameterParserUtil.parseStringParam(request.getParameter("sLike"), "").split(",")));
Map<String, List<String>> individualSearch = new HashMap<>();
for (int a = 0; a < columnToSort.length; a++) {
if (null != request.getParameter("sSearch_" + a) && !request.getParameter("sSearch_" + a).isEmpty()) {
List<String> search = new ArrayList(Arrays.asList(request.getParameter("sSearch_" + a).split(",")));
if (individualLike.contains(columnToSort[a])) {
individualSearch.put(columnToSort[a] + ":like", search);
} else {
individualSearch.put(columnToSort[a], search);
}
}
}
AnswerList applicationList;
if ("PUBLIC".equals(access)) {
applicationList = invariantService.readDistinctValuesByPublicByCriteria(columnName, sort, searchParameter, individualSearch, column);
} else {
applicationList = invariantService.readDistinctValuesByPrivateByCriteria(columnName, sort, searchParameter, individualSearch, column);
}
object.put("distinctValues", applicationList.getDataList());
answer.setItem(object);
answer.setResultMessage(applicationList.getResultMessage());
return answer;
}
Also used :
AnswerList(org.cerberus.util.answer.AnswerList)
JSONObject(org.json.JSONObject)
IInvariantService(org.cerberus.crud.service.IInvariantService)
AnswerList(org.cerberus.util.answer.AnswerList)
AnswerItem(org.cerberus.util.answer.AnswerItem)
Aggregations
AnswerItem (org.cerberus.util.answer.AnswerItem)322
MessageEvent (org.cerberus.engine.entity.MessageEvent)212
JSONObject (org.json.JSONObject)206
ApplicationContext (org.springframework.context.ApplicationContext)98
AnswerList (org.cerberus.util.answer.AnswerList)90
ArrayList (java.util.ArrayList)78
JSONArray (org.json.JSONArray)74
PolicyFactory (org.owasp.html.PolicyFactory)74
List (java.util.List)72
JSONException (org.json.JSONException)69
HashMap (java.util.HashMap)60
ILogEventService (org.cerberus.crud.service.ILogEventService)58
SQLException (java.sql.SQLException)57
Connection (java.sql.Connection)55
PreparedStatement (java.sql.PreparedStatement)53
Answer (org.cerberus.util.answer.Answer)53
ResultSet (java.sql.ResultSet)52
CerberusException (org.cerberus.exception.CerberusException)44
IOException (java.io.IOException)34
ServletException (javax.servlet.ServletException)24
