Examples with UIRequest org.collectionspace.csp.api.ui.UIRequest used on opensource projects

Example 1 with UIRequest

use of org.collectionspace.csp.api.ui.UIRequest in project application by collectionspace.

the class UISpec method run.

@Override
public void run(Object in, String[] tail) throws UIException {
    Request q = (Request) in;
    ctl = new CacheTermList(q.getCache());
    JSONObject out = uispec(q.getStorage());
    UIRequest uir = q.getUIRequest();
    uir.sendJSONResponse(out);
    int cacheMaxAgeSeconds = spec.getAdminData().getUiSpecSchemaCacheAge();
    if (cacheMaxAgeSeconds > 0) {
        uir.setCacheMaxAgeSeconds(cacheMaxAgeSeconds);
    }
}

Example 2 with UIRequest

use of org.collectionspace.csp.api.ui.UIRequest in project application by collectionspace.

the class StructuredDateParser method run.

@Override
public void run(Object in, String[] tail) throws UIException {
    UIRequest request = ((Request) in).getUIRequest();
    String displayDate = request.getRequestArgument("displayDate");
    JSONObject output = new JSONObject();
    StructuredDateInternal structuredDate = null;
    StructuredDateFormatException formatException = null;
    try {
        structuredDate = StructuredDateInternal.parse(displayDate);
    } catch (StructuredDateFormatException e) {
        formatException = e;
    }
    try {
        if (formatException != null) {
            // The convention in app layer error responses appears to be to
            // send a boolean isError, and an array of error messages.
            output.put("isError", true);
            output.put("messages", new String[] { "Unrecognized date format", formatException.getMessage() });
        }
        if (structuredDate != null) {
            String tenantDomain = request.getTenant();
            output.put("structuredDate", structuredDateToJSON(tenantDomain, structuredDate));
        }
    } catch (JSONException e) {
        throw new UIException("Error building JSON", e);
    }
    request.sendJSONResponse(output);
}

Example 3 with UIRequest

use of org.collectionspace.csp.api.ui.UIRequest in project application by collectionspace.

the class WebLogin method login.

private void login(Request in) throws UIException {
    // Temporary hack for Mars
    UIRequest request = in.getUIRequest();
    String username = request.getRequestArgument(USERID_PARAM);
    String password = request.getRequestArgument(PASSWORD_PARAM);
    String tenantId = tenantid;
    if (username == null) {
        JSONObject data = new JSONObject();
        if (request.isJSON()) {
            data = request.getJSONBody();
        } else {
            data = request.getPostBody();
        }
        // Stop defaulting to GET request when UI layer stops doing login via GET
        if (data.has("userid")) {
            try {
                username = data.getString("userid");
                password = data.getString("password");
                if (data.has("tenant")) {
                    tenantId = data.getString("tenant");
                }
            } catch (JSONException e) {
                username = request.getRequestArgument(USERID_PARAM);
                password = request.getRequestArgument(PASSWORD_PARAM);
            }
        }
    }
    UISession uiSession = request.getSession();
    uiSession.setValue(UISession.USERID, username);
    uiSession.setValue(UISession.PASSWORD, password);
    uiSession.setValue(UISession.TENANT, tenantId);
    in.reset();
    String logingErrMsg = loginAttempt(in.getStorage(), tenantId);
    if (logingErrMsg == null) {
        try {
        /*
				 * If enabled, this code would attempt to initialize/reload the default authorities and term lists.  It would attempt to
				 * do this with the credentials just used to successfully login.  If the credentials did not suffice to perform the init/reload
				 * then the user would be redirected to an error page rather than the default post-login landing page.
				 * 
				 * This may be a safer (better?) approach then the current one.  The current approach uses the tenant admin credentials stored
				 * in the Application layer's config.  Since keeping these credentials in the config is a security vulnerability, we may need
				 * stop using them and rely on this apporach for init/reloading the default authorities and term lists.
				 * 
				WebReset webReset = new WebReset(false, false);
				webReset.configure(ui, spec);
				webReset.run(in, new String[0], false);
				*/
        } catch (Throwable t) {
            log.error(t.getMessage());
            throw t;
        }
        request.setRedirectPath(login_dest.split("/"));
    } else {
        log.error(String.format("Login attempt to tenant '%s' with username '%s' failed.", tenantId, username));
        // REM - 2/7/2013: If we got here that means we failed to authenticate with the Services (or another "storage" container), so I would think we should kill any existing session and not just null out the username and password fields.
        uiSession.setValue(UISession.USERID, "");
        uiSession.setValue(UISession.PASSWORD, "");
        uiSession.setValue(UISession.TENANT, "");
        request.setRedirectPath(login_failed_dest.split("/"));
        request.setRedirectArgument("result", logingErrMsg);
    }
}

Example 4 with UIRequest

use of org.collectionspace.csp.api.ui.UIRequest in project application by collectionspace.

the class WebLoginStatus method testlogin.

public void testlogin(Request in) throws UIException {
    UIRequest request = in.getUIRequest();
    try {
        Storage storage = in.getStorage();
        JSONObject output = new JSONObject();
        UISession uiSession = request.getSession();
        if (uiSession != null && uiSession.getValue(UISession.USERID) != null) {
            if (uiSession.getValue(UISession.USERID).equals("")) {
                output.put("login", false);
            } else {
                JSONObject perms = null;
                // See if there is a cache of the permissions for this user and tenant.
                String userId = (String) uiSession.getValue(UISession.USERID);
                String tenantId = (String) uiSession.getValue(UISession.TENANT);
                perms = findPermsInCache(userId, tenantId);
                boolean fFoundInCache;
                if (perms != null) {
                    fFoundInCache = true;
                } else {
                    fFoundInCache = false;
                    perms = getPermissions(storage);
                }
                if (perms.has("permissions")) {
                    // Will only slow down edge case of user with no roles.
                    if (!fFoundInCache) {
                        addPermsToCache(userId, tenantId, perms);
                    }
                    output.put("permissions", perms.getJSONObject("permissions"));
                    output.put("csid", perms.getString("csid"));
                    output.put("screenName", perms.getString("screenName"));
                    output.put("userId", perms.getString("userId"));
                    output.put("login", true);
                    int maxInterval = 0;
                    UIRequest uir = in.getUIRequest();
                    if (uir != null) {
                        HttpSession httpSession = request.getHttpSession();
                        if (httpSession != null) {
                            maxInterval = httpSession.getMaxInactiveInterval();
                        }
                    }
                    // Need to consider the shorter of session timeout and cookie expiry.
                    // cookie life is in minutes, so convert to seconds.
                    int cookieLife = 60 * spec.getAdminData().getCookieLife();
                    if (maxInterval == 0 || maxInterval >= cookieLife) {
                        maxInterval = cookieLife;
                    }
                    output.put("maxInactive", maxInterval);
                } else {
                    output.put("login", false);
                    output.put("message", "no roles associated with this user");
                }
            }
        } else {
            output.put("login", false);
        }
        request.sendJSONResponse(output);
    } catch (JSONException x) {
        throw new UIException("Failed to parse json: " + x.getMessage(), x);
    } catch (ExistException x) {
        // failed login test
        throw new UIException("Existence exception: ", x);
    } catch (UnimplementedException x) {
        throw new UIException("Unimplemented exception: ", x);
    } catch (UnderlyingStorageException x) {
        UIException uiexception = new UIException(x.getMessage(), x.getStatus(), x.getUrl(), x);
        request.sendJSONResponse(uiexception.getJSON());
    }
}

Example 5 with UIRequest

use of org.collectionspace.csp.api.ui.UIRequest in project application by collectionspace.

the class WebLogout method logout.

public void logout(Request in) throws UIException {
    UIRequest request = in.getUIRequest();
    request.getSession().setValue(UISession.USERID, "");
    request.getSession().setValue(UISession.PASSWORD, "");
    in.reset();
    request.setRedirectPath(front_page.split("/"));
}