use of org.owasp.html.PolicyFactory in project cerberus-source by cerberustesting.
the class ReadCountryEnvironmentParameters method processRequest.
/**
* Processes requests for both HTTP <code>GET</code> and <code>POST</code>
* methods.
*
* @param request servlet request
* @param response servlet response
* @throws ServletException if a servlet-specific error occurs
* @throws IOException if an I/O error occurs
* @throws org.cerberus.exception.CerberusException
*/
protected void processRequest(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException, CerberusException {
String echo = request.getParameter("sEcho");
ApplicationContext appContext = WebApplicationContextUtils.getWebApplicationContext(this.getServletContext());
PolicyFactory policy = Sanitizers.FORMATTING.and(Sanitizers.LINKS);
response.setContentType("application/json");
response.setCharacterEncoding("utf8");
// Calling Servlet Transversal Util.
ServletUtil.servletStart(request);
// Default message to unexpected error.
MessageEvent msg = new MessageEvent(MessageEventEnum.DATA_OPERATION_ERROR_UNEXPECTED);
msg.setDescription(msg.getDescription().replace("%DESCRIPTION%", ""));
/**
* Parsing and securing all required parameters.
*/
String system = policy.sanitize(request.getParameter("system"));
String country = policy.sanitize(request.getParameter("country"));
String environment = policy.sanitize(request.getParameter("environment"));
String application = policy.sanitize(request.getParameter("application"));
// Global boolean on the servlet that define if the user has permition to edit and delete object.
boolean userHasPermissions = request.isUserInRole("IntegratorRO");
// Init Answer with potencial error from Parsing parameter.
AnswerItem answer = new AnswerItem(msg);
try {
JSONObject jsonResponse = new JSONObject();
if (1 == 1) {
answer = findCountryEnvironmentParametersList(request.getParameter("system"), request.getParameter("country"), request.getParameter("environment"), request.getParameter("application"), appContext, userHasPermissions, request);
jsonResponse = (JSONObject) answer.getItem();
}
jsonResponse.put("messageType", answer.getResultMessage().getMessage().getCodeString());
jsonResponse.put("message", answer.getResultMessage().getDescription());
jsonResponse.put("sEcho", echo);
response.getWriter().print(jsonResponse.toString());
} catch (JSONException e) {
LOG.warn(e);
// returns a default error message with the json format that is able to be parsed by the client-side
response.setContentType("application/json");
response.getWriter().print(AnswerUtil.createGenericErrorAnswer());
}
}
use of org.owasp.html.PolicyFactory in project cerberus-source by cerberustesting.
the class DeleteBuildRevisionParameters method processRequest.
/**
* Processes requests for both HTTP <code>GET</code> and <code>POST</code>
* methods.
*
* @param request servlet request
* @param response servlet response
* @throws ServletException if a servlet-specific error occurs
* @throws IOException if an I/O error occurs
*/
protected void processRequest(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException, CerberusException, JSONException {
JSONObject jsonResponse = new JSONObject();
ApplicationContext appContext = WebApplicationContextUtils.getWebApplicationContext(this.getServletContext());
ILogEventService logEventService = appContext.getBean(LogEventService.class);
Answer ans = new Answer();
MessageEvent msg = new MessageEvent(MessageEventEnum.DATA_OPERATION_ERROR_UNEXPECTED);
msg.setDescription(msg.getDescription().replace("%DESCRIPTION%", ""));
ans.setResultMessage(msg);
PolicyFactory policy = Sanitizers.FORMATTING.and(Sanitizers.LINKS);
response.setContentType("application/json");
// Calling Servlet Transversal Util.
ServletUtil.servletStart(request);
Integer brpid = 0;
String[] myId = request.getParameterValues("id");
StringBuilder output_message = new StringBuilder();
MessageEvent final_msg = new MessageEvent(MessageEventEnum.DATA_OPERATION_ERROR_UNEXPECTED);
int massErrorCounter = 0;
for (String myId1 : myId) {
/**
* Parsing and securing all required parameters.
*/
brpid = 0;
boolean brpid_error = true;
try {
if (myId1 != null && !myId1.equals("")) {
brpid = Integer.valueOf(policy.sanitize(myId1));
brpid_error = false;
}
} catch (Exception ex) {
brpid_error = true;
}
/**
* Checking all constrains before calling the services.
*/
if (brpid_error) {
msg = new MessageEvent(MessageEventEnum.DATA_OPERATION_ERROR_EXPECTED);
msg.setDescription(msg.getDescription().replace("%ITEM%", OBJECT_NAME).replace("%OPERATION%", "Delete").replace("%REASON%", "BuildRevisionParameters ID (id) : Could not manage to convert id to an integer value or id is missing."));
ans.setResultMessage(msg);
massErrorCounter++;
output_message.append("<br>id : ").append(myId1).append(" - ").append(msg.getDescription());
} else {
/**
* All data seems cleans so we can call the services.
*/
IBuildRevisionParametersService brpService = appContext.getBean(IBuildRevisionParametersService.class);
AnswerItem resp = brpService.readByKeyTech(brpid);
if (!(resp.isCodeEquals(MessageEventEnum.DATA_OPERATION_OK.getCode()) && resp.getItem() != null)) {
/**
* Object could not be found. We stop here and report the
* error.
*/
msg = new MessageEvent(MessageEventEnum.DATA_OPERATION_ERROR_EXPECTED);
msg.setDescription(msg.getDescription().replace("%ITEM%", OBJECT_NAME).replace("%OPERATION%", "Delete").replace("%REASON%", "BuildRevisionParameter does not exist."));
ans.setResultMessage(msg);
massErrorCounter++;
output_message.append("<br>id : ").append(myId1).append(" - ").append(msg.getDescription());
} else {
/**
* The service was able to perform the query and confirm the
* object exist, then we can delete it.
*/
BuildRevisionParameters brpData = (BuildRevisionParameters) resp.getItem();
ans = brpService.delete(brpData);
if (ans.isCodeEquals(MessageEventEnum.DATA_OPERATION_OK.getCode())) {
/**
* Delete was successful. Adding Log entry.
*/
logEventService.createForPrivateCalls("/DeleteBuildRevisionParameters", "DELETE", "Delete BuildRevisionParameters : ['" + brpid + "'|'" + brpData.getRelease() + "']", request);
} else {
massErrorCounter++;
output_message.append("<br>id : ").append(myId1).append(" - ").append(ans.getResultMessage().getDescription());
}
}
}
}
if (myId.length > 1) {
if (massErrorCounter == myId.length) {
// All updates are in ERROR.
msg = new MessageEvent(MessageEventEnum.DATA_OPERATION_ERROR_EXPECTED);
msg.setDescription(msg.getDescription().replace("%ITEM%", OBJECT_NAME).replace("%OPERATION%", "Mass Update").replace("%REASON%", massErrorCounter + " objects(s) out of " + myId.length + " failed to update due to an issue.<br>") + output_message.toString());
ans.setResultMessage(msg);
} else if (massErrorCounter > 0) {
// At least 1 update in error
msg = new MessageEvent(MessageEventEnum.DATA_OPERATION_WARNING);
msg.setDescription(msg.getDescription().replace("%ITEM%", OBJECT_NAME).replace("%OPERATION%", "Mass Update").replace("%REASON%", massErrorCounter + " objects(s) out of " + myId.length + " failed to update due to an issue.<br>") + output_message.toString());
ans.setResultMessage(msg);
} else {
// No error detected.
msg = new MessageEvent(MessageEventEnum.DATA_OPERATION_OK);
msg.setDescription(msg.getDescription().replace("%ITEM%", OBJECT_NAME).replace("%OPERATION%", "Mass Update") + "\n\nAll " + myId.length + " object(s) updated successfuly.");
ans.setResultMessage(msg);
}
logEventService.createForPrivateCalls("/DeleteBuildRevisionParameters", "MASSUPDATE", msg.getDescription(), request);
}
/**
* Formating and returning the json result.
*/
jsonResponse.put("messageType", ans.getResultMessage().getMessage().getCodeString());
jsonResponse.put("message", ans.getResultMessage().getDescription());
response.getWriter().print(jsonResponse.toString());
response.getWriter().flush();
}
use of org.owasp.html.PolicyFactory in project cerberus-source by cerberustesting.
the class ReadBuildRevisionParameters method processRequest.
/**
* Processes requests for both HTTP <code>GET</code> and <code>POST</code>
* methods.
*
* @param request servlet request
* @param response servlet response
* @throws ServletException if a servlet-specific error occurs
* @throws IOException if an I/O error occurs
* @throws org.cerberus.exception.CerberusException
*/
protected void processRequest(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException, CerberusException {
String echo = request.getParameter("sEcho");
ApplicationContext appContext = WebApplicationContextUtils.getWebApplicationContext(this.getServletContext());
PolicyFactory policy = Sanitizers.FORMATTING.and(Sanitizers.LINKS);
response.setContentType("application/json");
response.setCharacterEncoding("utf8");
// Calling Servlet Transversal Util.
ServletUtil.servletStart(request);
// Default message to unexpected error.
MessageEvent msg = new MessageEvent(MessageEventEnum.DATA_OPERATION_ERROR_UNEXPECTED);
msg.setDescription(msg.getDescription().replace("%DESCRIPTION%", ""));
/**
* Parsing and securing all required parameters.
*/
Integer brpid = 0;
boolean brpid_error = true;
try {
if (request.getParameter("id") != null && !request.getParameter("id").equals("")) {
brpid = Integer.valueOf(policy.sanitize(request.getParameter("id")));
brpid_error = false;
}
} catch (Exception ex) {
msg = new MessageEvent(MessageEventEnum.DATA_OPERATION_ERROR_EXPECTED);
msg.setDescription(msg.getDescription().replace("%ITEM%", OBJECT_NAME));
msg.setDescription(msg.getDescription().replace("%OPERATION%", "Read"));
msg.setDescription(msg.getDescription().replace("%REASON%", "id must be an integer value."));
brpid_error = true;
}
String columnName = ParameterParserUtil.parseStringParam(request.getParameter("columnName"), "");
// Global boolean on the servlet that define if the user has permition to edit and delete object.
boolean userHasPermissions = request.isUserInRole("Integrator");
// Init Answer with potencial error from Parsing parameter.
AnswerItem answer = new AnswerItem(msg);
try {
JSONObject jsonResponse = new JSONObject();
if ((request.getParameter("id") != null) && !(brpid_error)) {
// ID parameter is specified so we return the unique record of object.
answer = findBuildRevisionParametersByKey(brpid, appContext, userHasPermissions);
jsonResponse = (JSONObject) answer.getItem();
} else if ((request.getParameter("system") != null) && (request.getParameter("getlast") != null)) {
// getlast parameter trigger the last release from the system..
answer = findlastBuildRevisionParametersBySystem(request.getParameter("system"), appContext, userHasPermissions);
jsonResponse = (JSONObject) answer.getItem();
} else if ((request.getParameter("system") != null) && (request.getParameter("build") != null) && (request.getParameter("revision") != null) && (request.getParameter("getSVNRelease") != null)) {
// getSVNRelease parameter trigger the list of SVN Release inside he build per Application.
answer = findSVNBuildRevisionParametersBySystem(request.getParameter("system"), request.getParameter("country"), request.getParameter("environment"), request.getParameter("build"), request.getParameter("revision"), request.getParameter("lastbuild"), request.getParameter("lastrevision"), appContext, userHasPermissions);
jsonResponse = (JSONObject) answer.getItem();
} else if ((request.getParameter("system") != null) && (request.getParameter("build") != null) && (request.getParameter("revision") != null) && (request.getParameter("getNonSVNRelease") != null)) {
// getNonSVNRelease parameter trigger the list of Manual Release with corresponding links.
answer = findManualBuildRevisionParametersBySystem(request.getParameter("system"), request.getParameter("build"), request.getParameter("revision"), request.getParameter("lastbuild"), request.getParameter("lastrevision"), appContext, userHasPermissions);
jsonResponse = (JSONObject) answer.getItem();
} else if ((request.getParameter("system") != null) && !Strings.isNullOrEmpty(columnName)) {
answer = findDistinctValuesOfColumn(request.getParameter("system"), appContext, request, columnName);
jsonResponse = (JSONObject) answer.getItem();
} else {
// Default behaviour, we return the list of objects.
answer = findBuildRevisionParametersList(request.getParameter("system"), request.getParameter("build"), request.getParameter("revision"), request.getParameter("application"), appContext, userHasPermissions, request);
jsonResponse = (JSONObject) answer.getItem();
}
jsonResponse.put("messageType", answer.getResultMessage().getMessage().getCodeString());
jsonResponse.put("message", answer.getResultMessage().getDescription());
jsonResponse.put("sEcho", echo);
response.getWriter().print(jsonResponse.toString());
} catch (JSONException e) {
LOG.warn(e);
// returns a default error message with the json format that is able to be parsed by the client-side
response.getWriter().print(AnswerUtil.createGenericErrorAnswer());
}
}
use of org.owasp.html.PolicyFactory in project cerberus-source by cerberustesting.
the class UpdateBuildRevisionParameters method processRequest.
/**
* Processes requests for both HTTP <code>GET</code> and <code>POST</code>
* methods.
*
* @param request servlet request
* @param response servlet response
* @throws ServletException if a servlet-specific error occurs
* @throws IOException if an I/O error occurs
*/
protected void processRequest(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException, CerberusException, JSONException {
JSONObject jsonResponse = new JSONObject();
ApplicationContext appContext = WebApplicationContextUtils.getWebApplicationContext(this.getServletContext());
ILogEventService logEventService = appContext.getBean(LogEventService.class);
Answer ans = new Answer();
MessageEvent msg = new MessageEvent(MessageEventEnum.DATA_OPERATION_ERROR_UNEXPECTED);
msg.setDescription(msg.getDescription().replace("%DESCRIPTION%", ""));
ans.setResultMessage(msg);
PolicyFactory policy = Sanitizers.FORMATTING.and(Sanitizers.LINKS);
String charset = request.getCharacterEncoding();
response.setContentType("application/json");
// Calling Servlet Transversal Util.
ServletUtil.servletStart(request);
/**
* Parsing and securing all required parameters.
*/
// Parameter that are already controled by GUI (no need to decode) --> We SECURE them
// Parameter that needs to be secured --> We SECURE+DECODE them
String build = ParameterParserUtil.parseStringParamAndDecodeAndSanitize(request.getParameter("build"), "", charset);
String revision = ParameterParserUtil.parseStringParamAndDecodeAndSanitize(request.getParameter("revision"), "", charset);
String release = ParameterParserUtil.parseStringParamAndDecodeAndSanitize(request.getParameter("release"), "", charset);
// Parameter that we cannot secure as we need the html --> We DECODE them
Integer brpid = 0;
String[] myId = request.getParameterValues("id");
StringBuilder output_message = new StringBuilder();
int massErrorCounter = 0;
for (String myId1 : myId) {
brpid = 0;
boolean brpid_error = true;
try {
if (myId1 != null && !myId1.equals("")) {
brpid = Integer.valueOf(policy.sanitize(myId1));
brpid_error = false;
}
} catch (Exception ex) {
brpid_error = true;
}
/**
* Checking all constrains before calling the services.
*/
if (brpid_error) {
msg = new MessageEvent(MessageEventEnum.DATA_OPERATION_ERROR_EXPECTED);
msg.setDescription(msg.getDescription().replace("%ITEM%", OBJECT_NAME).replace("%OPERATION%", "Update").replace("%REASON%", "Could not manage to convert id to an integer value or id is missing."));
ans.setResultMessage(msg);
massErrorCounter++;
output_message.append("<br>id : ").append(myId1).append(" - ").append(msg.getDescription());
} else {
/**
* All data seems cleans so we can call the services.
*/
IBuildRevisionParametersService brpService = appContext.getBean(IBuildRevisionParametersService.class);
AnswerItem resp = brpService.readByKeyTech(brpid);
if (!(resp.isCodeEquals(MessageEventEnum.DATA_OPERATION_OK.getCode()) && resp.getItem() != null)) {
/**
* Object could not be found. We stop here and report the
* error.
*/
msg = new MessageEvent(MessageEventEnum.DATA_OPERATION_ERROR_EXPECTED);
msg.setDescription(msg.getDescription().replace("%ITEM%", OBJECT_NAME).replace("%OPERATION%", "Update").replace("%REASON%", "BuildRevisionParameters does not exist."));
ans.setResultMessage(msg);
massErrorCounter++;
output_message.append("<br>id : ").append(myId1).append(" - ").append(msg.getDescription());
} else {
/**
* The service was able to perform the query and confirm the
* object exist, then we can update it.
*/
BuildRevisionParameters brpData = (BuildRevisionParameters) resp.getItem();
/**
* Before updating, we check that the old entry can be
* modified. If old entry point to a build/revision that
* already been deployed, we cannot update it.
*/
if (brpService.check_buildRevisionAlreadyUsed(brpData.getApplication(), brpData.getBuild(), brpData.getRevision())) {
msg = new MessageEvent(MessageEventEnum.DATA_OPERATION_ERROR_EXPECTED);
msg.setDescription(msg.getDescription().replace("%ITEM%", OBJECT_NAME).replace("%OPERATION%", "Update").replace("%REASON%", "Could not update this release as its original build " + brpData.getBuild() + " revision " + brpData.getRevision() + " has already been deployed in an environment."));
ans.setResultMessage(msg);
massErrorCounter++;
output_message.append("<br>id : ").append(myId1).append(" - ").append(msg.getDescription());
} else {
brpData.setBuild(ParameterParserUtil.parseStringParamAndDecodeAndSanitize(request.getParameter("build"), brpData.getBuild(), charset));
brpData.setRevision(ParameterParserUtil.parseStringParamAndDecodeAndSanitize(request.getParameter("revision"), brpData.getRevision(), charset));
brpData.setRelease(ParameterParserUtil.parseStringParamAndDecodeAndSanitize(request.getParameter("release"), brpData.getRelease(), charset));
brpData.setApplication(ParameterParserUtil.parseStringParamAndDecodeAndSanitize(request.getParameter("application"), brpData.getApplication(), charset));
brpData.setProject(ParameterParserUtil.parseStringParamAndDecodeAndSanitize(request.getParameter("project"), brpData.getProject(), charset));
brpData.setTicketIdFixed(ParameterParserUtil.parseStringParamAndDecodeAndSanitize(request.getParameter("ticketidfixed"), brpData.getTicketIdFixed(), charset));
brpData.setBugIdFixed(ParameterParserUtil.parseStringParamAndDecodeAndSanitize(request.getParameter("bugidfixed"), brpData.getBugIdFixed(), charset));
brpData.setLink(ParameterParserUtil.parseStringParamAndDecodeAndSanitize(request.getParameter("link"), brpData.getLink(), charset));
brpData.setReleaseOwner(ParameterParserUtil.parseStringParamAndDecodeAndSanitize(request.getParameter("releaseowner"), brpData.getReleaseOwner(), charset));
brpData.setSubject(ParameterParserUtil.parseStringParamAndDecodeAndSanitize(request.getParameter("subject"), brpData.getSubject(), charset));
brpData.setJenkinsBuildId(ParameterParserUtil.parseStringParamAndDecodeAndSanitize(request.getParameter("jenkinsbuildid"), brpData.getJenkinsBuildId(), charset));
brpData.setMavenGroupId(ParameterParserUtil.parseStringParamAndDecodeAndSanitize(request.getParameter("mavengroupid"), brpData.getMavenGroupId(), charset));
brpData.setMavenArtifactId(ParameterParserUtil.parseStringParamAndDecodeAndSanitize(request.getParameter("mavenartifactid"), brpData.getMavenArtifactId(), charset));
brpData.setMavenVersion(ParameterParserUtil.parseStringParamAndDecodeAndSanitize(request.getParameter("mavenversion"), brpData.getMavenVersion(), charset));
brpData.setRepositoryUrl(ParameterParserUtil.parseStringParamAndDecodeAndSanitize(request.getParameter("repositoryurl"), brpData.getRepositoryUrl(), charset));
ans = brpService.update(brpData);
if (ans.isCodeEquals(MessageEventEnum.DATA_OPERATION_OK.getCode())) {
/**
* Update was successful. Adding Log entry.
*/
logEventService.createForPrivateCalls("/UpdateBuildRevisionParameters", "UPDATE", "Updated BuildRevisionParameters : ['" + brpid + "'|'" + build + "'|'" + revision + "'|'" + release + "']", request);
} else {
massErrorCounter++;
output_message.append("<br>id : ").append(myId1).append(" - ").append(ans.getResultMessage().getDescription());
}
}
}
}
}
if (myId.length > 1) {
if (massErrorCounter == myId.length) {
// All updates are in ERROR.
msg = new MessageEvent(MessageEventEnum.DATA_OPERATION_ERROR_EXPECTED);
msg.setDescription(msg.getDescription().replace("%ITEM%", OBJECT_NAME).replace("%OPERATION%", "Mass Update").replace("%REASON%", massErrorCounter + " objects(s) out of " + myId.length + " failed to update due to an issue.<br>") + output_message.toString());
ans.setResultMessage(msg);
} else if (massErrorCounter > 0) {
// At least 1 update in error
msg = new MessageEvent(MessageEventEnum.DATA_OPERATION_WARNING);
msg.setDescription(msg.getDescription().replace("%ITEM%", OBJECT_NAME).replace("%OPERATION%", "Mass Update").replace("%REASON%", massErrorCounter + " objects(s) out of " + myId.length + " failed to update due to an issue.<br>") + output_message.toString());
ans.setResultMessage(msg);
} else {
// No error detected.
msg = new MessageEvent(MessageEventEnum.DATA_OPERATION_OK);
msg.setDescription(msg.getDescription().replace("%ITEM%", OBJECT_NAME).replace("%OPERATION%", "Mass Update") + "\n\nAll " + myId.length + " object(s) updated successfuly.");
ans.setResultMessage(msg);
}
logEventService.createForPrivateCalls("/UpdateBuildRevisionParameters", "MASSUPDATE", msg.getDescription(), request);
}
/**
* Formating and returning the json result.
*/
jsonResponse.put("messageType", ans.getResultMessage().getMessage().getCodeString());
jsonResponse.put("message", ans.getResultMessage().getDescription());
response.getWriter().print(jsonResponse);
response.getWriter().flush();
}
use of org.owasp.html.PolicyFactory in project cerberus-source by cerberustesting.
the class CreateApplication method processRequest.
/**
* Processes requests for both HTTP <code>GET</code> and <code>POST</code>
* methods.
*
* @param request servlet request
* @param response servlet response
* @throws ServletException if a servlet-specific error occurs
* @throws IOException if an I/O error occurs
* @throws org.cerberus.exception.CerberusException
* @throws org.json.JSONException
*/
protected void processRequest(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException, CerberusException, JSONException {
JSONObject jsonResponse = new JSONObject();
Answer ans = new Answer();
MessageEvent msg = new MessageEvent(MessageEventEnum.DATA_OPERATION_ERROR_UNEXPECTED);
msg.setDescription(msg.getDescription().replace("%DESCRIPTION%", ""));
ans.setResultMessage(msg);
PolicyFactory policy = Sanitizers.FORMATTING.and(Sanitizers.LINKS);
String charset = request.getCharacterEncoding();
response.setContentType("application/json");
// Calling Servlet Transversal Util.
ServletUtil.servletStart(request);
/**
* Parsing and securing all required parameters.
*/
// Parameter that are already controled by GUI (no need to decode) --> We SECURE them
String system = policy.sanitize(request.getParameter("system"));
String type = policy.sanitize(request.getParameter("type"));
String deployType = ParameterParserUtil.parseStringParamAndDecodeAndSanitize(request.getParameter("deploytype"), "", charset);
// Parameter that needs to be secured --> We SECURE+DECODE them
String application = ParameterParserUtil.parseStringParamAndDecodeAndSanitize(request.getParameter("application"), null, charset);
String subSystem = ParameterParserUtil.parseStringParamAndDecodeAndSanitize(request.getParameter("subsystem"), "", charset);
String mavenGpID = ParameterParserUtil.parseStringParamAndDecodeAndSanitize(request.getParameter("mavengroupid"), "", charset);
String description = ParameterParserUtil.parseStringParamAndDecodeAndSanitize(request.getParameter("description"), "", charset);
// Parameter that we cannot secure as we need the html --> We DECODE them
String svnURL = ParameterParserUtil.parseStringParamAndDecode(request.getParameter("svnurl"), "", charset);
String bugTrackerURL = ParameterParserUtil.parseStringParamAndDecode(request.getParameter("bugtrackerurl"), "", charset);
String newBugURL = ParameterParserUtil.parseStringParamAndDecode(request.getParameter("bugtrackernewurl"), "", charset);
Integer sort = 10;
boolean sort_error = false;
try {
if (request.getParameter("sort") != null && !request.getParameter("sort").equals("")) {
sort = Integer.valueOf(policy.sanitize(request.getParameter("sort")));
}
} catch (Exception ex) {
sort_error = true;
}
/**
* Checking all constrains before calling the services.
*/
if (StringUtil.isNullOrEmpty(application)) {
msg = new MessageEvent(MessageEventEnum.DATA_OPERATION_ERROR_EXPECTED);
msg.setDescription(msg.getDescription().replace("%ITEM%", "Application").replace("%OPERATION%", "Create").replace("%REASON%", "Application name is missing!"));
ans.setResultMessage(msg);
} else if (StringUtil.isNullOrEmpty(system)) {
msg = new MessageEvent(MessageEventEnum.DATA_OPERATION_ERROR_EXPECTED);
msg.setDescription(msg.getDescription().replace("%ITEM%", "Application").replace("%OPERATION%", "Create").replace("%REASON%", "System is missing!"));
ans.setResultMessage(msg);
} else if (sort_error) {
msg = new MessageEvent(MessageEventEnum.DATA_OPERATION_ERROR_EXPECTED);
msg.setDescription(msg.getDescription().replace("%ITEM%", "Application").replace("%OPERATION%", "Create").replace("%REASON%", "Could not manage to convert sort to an integer value!"));
ans.setResultMessage(msg);
} else {
/**
* All data seems cleans so we can call the services.
*/
ApplicationContext appContext = WebApplicationContextUtils.getWebApplicationContext(this.getServletContext());
IApplicationService applicationService = appContext.getBean(IApplicationService.class);
IFactoryApplication factoryApplication = appContext.getBean(IFactoryApplication.class);
Application applicationData = factoryApplication.create(application, description, sort, type, system, subSystem, svnURL, deployType, mavenGpID, bugTrackerURL, newBugURL, request.getRemoteUser(), null, null, null);
ans = applicationService.create(applicationData);
if (ans.isCodeEquals(MessageEventEnum.DATA_OPERATION_OK.getCode())) {
/**
* Object created. Adding Log entry.
*/
ILogEventService logEventService = appContext.getBean(LogEventService.class);
logEventService.createForPrivateCalls("/CreateApplication", "CREATE", "Create Application : ['" + application + "']", request);
}
}
/**
* Formating and returning the json result.
*/
jsonResponse.put("messageType", ans.getResultMessage().getMessage().getCodeString());
jsonResponse.put("message", ans.getResultMessage().getDescription());
response.getWriter().print(jsonResponse);
response.getWriter().flush();
}
Aggregations