Mercurial > hg > LGDataverses

package de.mpiwg.gazetteer.servlet;

import static edu.harvard.iq.dataverse.util.JsfHelper.JH;

import java.io.IOException;
import java.util.ArrayList;
import java.util.LinkedList;
import java.util.List;
import java.util.Set;
import java.util.logging.Level;
import java.util.logging.Logger;

import javax.ejb.EJB;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.apache.commons.lang.StringUtils;
import org.primefaces.json.JSONArray;
import org.primefaces.json.JSONException;
import org.primefaces.json.JSONObject;

import edu.harvard.iq.dataverse.DataFile;
import edu.harvard.iq.dataverse.Dataverse;
import edu.harvard.iq.dataverse.DataverseRoleServiceBean;
import edu.harvard.iq.dataverse.DvObject;
import edu.harvard.iq.dataverse.DvObjectServiceBean;
import edu.harvard.iq.dataverse.RoleAssigneeServiceBean;
import edu.harvard.iq.dataverse.RoleAssignment;
import edu.harvard.iq.dataverse.ManagePermissionsPage.RoleAssignmentRow;
import edu.harvard.iq.dataverse.authorization.AuthenticationRequest;
import edu.harvard.iq.dataverse.authorization.CredentialsAuthenticationProvider;
import edu.harvard.iq.dataverse.authorization.Permission;
import edu.harvard.iq.dataverse.authorization.RoleAssignee;
import edu.harvard.iq.dataverse.authorization.RoleAssigneeDisplayInfo;
import edu.harvard.iq.dataverse.authorization.exceptions.AuthenticationFailedException;
import edu.harvard.iq.dataverse.authorization.users.AuthenticatedUser;


public class GetRoleAssignments extends AbstractMonographServlet{


	private static final Logger logger = Logger.getLogger(GetRoleAssignments.class.getName());

	@EJB
    DvObjectServiceBean dvObjectService;
	@EJB
    DataverseRoleServiceBean roleService;
	@EJB
    RoleAssigneeServiceBean roleAssigneeService;

	public List<JSONObject> getRoleAssignments (String datasetId) {

		List<JSONObject> raList = new ArrayList<JSONObject>();

		DvObject dvObject = dvObjectService.findDvObject(Long.parseLong(datasetId));

	    if (dvObject != null && dvObject.getId() != null) {
	        Set<RoleAssignment> ras = roleService.rolesAssignments(dvObject);

	        for (RoleAssignment roleAssignment : ras) {

	            RoleAssignee roleAssignee = roleAssigneeService.getRoleAssignee(roleAssignment.getAssigneeIdentifier());
	            if (roleAssignee != null) {

	            	try {
	                	JSONObject aroleAssignment = new JSONObject();
						aroleAssignment.put("roleAssignment", roleAssignment);
						raList.add(aroleAssignment);


					} catch (JSONException e) {

						e.printStackTrace();
					}

	            } else {
	               logger.info("Could not find role assignee based on role assignment id " + roleAssignment.getId());
	            }

	        }
	    }

	    return raList;
	}


	public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
		// Set response content type
		response.setContentType("application/json");
		JSONObject jsonResponse = new JSONObject();

		String user = request.getParameter("user");
		String password = request.getParameter("password");
		String datasetId = request.getParameter("datasetId");

		if(StringUtils.isNotEmpty(user) && StringUtils.isNotEmpty(password)){

			// authenticate checking. TODO use GetUser.java or something like that to do the authenticate checking.
			AuthenticationRequest authReq = new AuthenticationRequest();
	        authReq.putCredential("Username", user);
	        authReq.putCredential("Password", password);
	        try {
		        String credentialsAuthProviderId = "builtin";
		        this.authUser = authSvc.authenticate(credentialsAuthProviderId, authReq);
		        System.out.println("User authenticated: " + authUser.getIdentifier());
		    } catch (AuthenticationFailedException ex) {
		       ex.printStackTrace();
		       return;
		    }
	        if(authUser == null){
				try {
					jsonResponse.put("state", "error");
					jsonResponse.put("error", "User " + user + " no found.");
				} catch (JSONException e) {

					e.printStackTrace();
				}
			} else {
		        // get roleAssignments
				try {
					jsonResponse.put("state", "ok");

					List<JSONObject> raJson = getRoleAssignments(datasetId);
					// raJson contains all roleAssignments in the dataset
					// find the roleAssignment for the user
					JSONArray assignments = new JSONArray();


					for (int i = 0; i < raJson.size(); i++) {

						RoleAssignment aUser = (RoleAssignment) raJson.get(i).get("roleAssignment");

						JSONObject assignment = new JSONObject();
						assignment.put("identifier", aUser.getAssigneeIdentifier());
						assignment.put("roleName", aUser.getRole().getName());

						assignments.put(assignment);

					}

					jsonResponse.put("roleAssignments", assignments);

				} catch (JSONException e) {

					e.printStackTrace();
				}
			}

		} else {
			try {
				jsonResponse.put("state", "error");
				jsonResponse.put("error", "Request error. Parameters 'user' and 'password' are mandatory");
			} catch (Exception e) {
				e.printStackTrace();
			}
		}

		// ======================


		java.io.PrintWriter out = response.getWriter();
		out.print(jsonResponse);
		out.flush();


	}
}
author	Zoe Hong <zhong@mpiwg-berlin.mpg.de>
date	Wed, 30 Sep 2015 13:43:54 +0200
parents
children