|
|
@@ -9,16 +9,17 @@ import javax.naming.AuthenticationException;
|
|
|
import javax.servlet.http.HttpServletRequest;
|
|
|
import javax.ws.rs.Consumes;
|
|
|
import javax.ws.rs.GET;
|
|
|
-import javax.ws.rs.PUT;
|
|
|
+import javax.ws.rs.POST;
|
|
|
import javax.ws.rs.Path;
|
|
|
+import javax.ws.rs.Produces;
|
|
|
import javax.ws.rs.core.Context;
|
|
|
-import javax.ws.rs.core.HttpHeaders;
|
|
|
import javax.ws.rs.core.MediaType;
|
|
|
import javax.ws.rs.core.Response;
|
|
|
|
|
|
import org.mortbay.jetty.HttpStatus;
|
|
|
|
|
|
import cz.hsrs.db.util.UserUtil;
|
|
|
+import cz.hsrs.rest.beans.ExceptionBean;
|
|
|
import cz.hsrs.rest.beans.UserBean;
|
|
|
import cz.hsrs.rest.util.AuthUtil;
|
|
|
import cz.hsrs.rest.util.UserRestUtil;
|
|
|
@@ -31,75 +32,100 @@ import net.sf.json.JSONObject;
|
|
|
*/
|
|
|
@Path("/user")
|
|
|
public class UserRest {
|
|
|
-
|
|
|
- /**
|
|
|
- * Empty constructor
|
|
|
- */
|
|
|
- public UserRest() {
|
|
|
- }
|
|
|
-
|
|
|
- /**
|
|
|
- *
|
|
|
- * @param req
|
|
|
- * @return
|
|
|
- */
|
|
|
- @GET
|
|
|
- public Response getUser(@Context HttpServletRequest req) {
|
|
|
+
|
|
|
+ /**
|
|
|
+ * Empty constructor
|
|
|
+ */
|
|
|
+ public UserRest() {
|
|
|
+ }
|
|
|
+
|
|
|
+ /**
|
|
|
+ * Method for getting user details
|
|
|
+ * URL: /rest/user
|
|
|
+ * @param req
|
|
|
+ * @return
|
|
|
+ */
|
|
|
+ @GET
|
|
|
+ @Produces(MediaType.APPLICATION_JSON)
|
|
|
+ public Response getUser(@Context HttpServletRequest req) {
|
|
|
try {
|
|
|
- LoginUser loggedUser = AuthUtil.getAuthenticatedLoginUser(req);
|
|
|
- UserBean userDetails = UserRestUtil.getUser(loggedUser.getUserName());
|
|
|
- return Response.ok().entity(userDetails)
|
|
|
- .header(HttpHeaders.CONTENT_TYPE, MediaType.APPLICATION_JSON)
|
|
|
- .build();
|
|
|
+ LoginUser loggedUser = AuthUtil.getAuthenticatedLoginUser(req);
|
|
|
+ UserBean userDetails = UserRestUtil.getUser(loggedUser.getUserName());
|
|
|
+ return Response.ok().entity(userDetails)
|
|
|
+ .build();
|
|
|
} catch (AuthenticationException e1) {
|
|
|
- return Response.status(HttpStatus.ORDINAL_401_Unauthorized)
|
|
|
- .header(HttpHeaders.CONTENT_TYPE, MediaType.TEXT_PLAIN)
|
|
|
- .entity("Authentication failure for request "+ req.getQueryString())
|
|
|
- .build();
|
|
|
+ return Response.status(HttpStatus.ORDINAL_401_Unauthorized)
|
|
|
+ .entity(new ExceptionBean(e1.getClass().getName(), "Authentication failure for request!"))
|
|
|
+ .build();
|
|
|
} catch (SQLException e) {
|
|
|
- return Response.status(HttpStatus.ORDINAL_500_Internal_Server_Error)
|
|
|
- .header(HttpHeaders.CONTENT_TYPE, MediaType.TEXT_PLAIN)
|
|
|
- .entity(e.getLocalizedMessage())
|
|
|
- .build();
|
|
|
- }
|
|
|
- }
|
|
|
-
|
|
|
- /**
|
|
|
- *
|
|
|
- * @param userJSON
|
|
|
- * @param req
|
|
|
- * @return
|
|
|
- */
|
|
|
- @PUT
|
|
|
- @Consumes(MediaType.APPLICATION_JSON)
|
|
|
- public Response insertUser(JSONObject userJSON, @Context HttpServletRequest req) {
|
|
|
- try {
|
|
|
- LoginUser loggedUser = AuthUtil.getAuthenticatedLoginUser(req);
|
|
|
- if(loggedUser.getRightsID() == 0) {
|
|
|
- UserUtil.insertUser(userJSON.getString("userName"),
|
|
|
- userJSON.getString("userPass"),
|
|
|
- userJSON.getString("userRealName"),
|
|
|
- userJSON.getInt("groupId"),
|
|
|
- userJSON.getInt("rightsId"));
|
|
|
- return Response.ok()
|
|
|
- .build();
|
|
|
- }
|
|
|
- else {
|
|
|
- return Response.status(HttpStatus.ORDINAL_403_Forbidden)
|
|
|
- .header(HttpHeaders.CONTENT_TYPE, MediaType.TEXT_PLAIN)
|
|
|
- .entity("Not enough rights for inserting!")
|
|
|
- .build();
|
|
|
- }
|
|
|
+ return Response.status(HttpStatus.ORDINAL_500_Internal_Server_Error)
|
|
|
+ .entity(new ExceptionBean(e.getClass().getName(), e.getLocalizedMessage()))
|
|
|
+ .build();
|
|
|
+ }
|
|
|
+ }
|
|
|
+
|
|
|
+ /**
|
|
|
+ * Method for inserting user
|
|
|
+ * URL: /rest/user
|
|
|
+ * @param userJSON
|
|
|
+ * @param req
|
|
|
+ * @return
|
|
|
+ */
|
|
|
+ @POST
|
|
|
+ @Consumes(MediaType.APPLICATION_JSON)
|
|
|
+ @Produces(MediaType.APPLICATION_JSON)
|
|
|
+ public Response insertUser(JSONObject userJSON, @Context HttpServletRequest req) {
|
|
|
+ try {
|
|
|
+ LoginUser loggedUser = AuthUtil.getAuthenticatedLoginUser(req);
|
|
|
+ if(loggedUser.getRightsID() == 0) {
|
|
|
+ UserUtil.insertUser(userJSON.getString("userName"),
|
|
|
+ userJSON.getString("userPass"),
|
|
|
+ userJSON.getString("userRealName"),
|
|
|
+ userJSON.getInt("groupId"),
|
|
|
+ userJSON.getInt("rightsId"));
|
|
|
+ return Response.ok()
|
|
|
+ .build();
|
|
|
+ }
|
|
|
+ else {
|
|
|
+ return Response.status(HttpStatus.ORDINAL_403_Forbidden)
|
|
|
+ .entity(new ExceptionBean("AuthenticationException", "Not enough rights!"))
|
|
|
+ .build();
|
|
|
+ }
|
|
|
} catch (AuthenticationException e1) {
|
|
|
- return Response.status(HttpStatus.ORDINAL_401_Unauthorized)
|
|
|
- .header(HttpHeaders.CONTENT_TYPE, MediaType.TEXT_PLAIN)
|
|
|
- .entity("Authentication failure for request!")
|
|
|
- .build();
|
|
|
+ return Response.status(HttpStatus.ORDINAL_401_Unauthorized)
|
|
|
+ .entity(new ExceptionBean(e1.getClass().getName(), "Authentication failure for request!"))
|
|
|
+ .build();
|
|
|
+ } catch (SQLException e) {
|
|
|
+ return Response.status(HttpStatus.ORDINAL_500_Internal_Server_Error)
|
|
|
+ .entity(new ExceptionBean(e.getClass().getName(), e.getLocalizedMessage()))
|
|
|
+ .build();
|
|
|
+ }
|
|
|
+ }
|
|
|
+
|
|
|
+ /**
|
|
|
+ *
|
|
|
+ * URL: /rest/user/rights
|
|
|
+ * @param req
|
|
|
+ * @return
|
|
|
+ */
|
|
|
+ @Path("/rights")
|
|
|
+ @GET
|
|
|
+ @Produces(MediaType.APPLICATION_JSON)
|
|
|
+ public Response getRights(@Context HttpServletRequest req) {
|
|
|
+ try {
|
|
|
+
|
|
|
+ AuthUtil.getAuthenticatedLoginUser(req);
|
|
|
+
|
|
|
+ return Response.ok(UserRestUtil.getAllRights())
|
|
|
+ .build();
|
|
|
+ } catch (AuthenticationException e) {
|
|
|
+ return Response.status(HttpStatus.ORDINAL_401_Unauthorized)
|
|
|
+ .entity(new ExceptionBean(e.getClass().getName(), "Authentication failure for request!"))
|
|
|
+ .build();
|
|
|
} catch (SQLException e) {
|
|
|
- return Response.status(HttpStatus.ORDINAL_500_Internal_Server_Error)
|
|
|
- .header(HttpHeaders.CONTENT_TYPE, MediaType.TEXT_PLAIN)
|
|
|
- .entity(e.getLocalizedMessage())
|
|
|
- .build();
|
|
|
- }
|
|
|
+ return Response.status(HttpStatus.ORDINAL_500_Internal_Server_Error)
|
|
|
+ .entity(new ExceptionBean(e.getClass().getName(), e.getLocalizedMessage()))
|
|
|
+ .build();
|
|
|
+ }
|
|
|
}
|
|
|
}
|
Michal Kepka