/*
* Copyright 2009-2012 by KNURT Systeme (http://www.knurt.de)
*
* Licensed under the Creative Commons License Attribution-NonCommercial-ShareAlike 3.0 Unported;
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://creativecommons.org/licenses/by-nc-sa/3.0/
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package de.knurt.fam.template.controller;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.jcouchdb.db.Response;
import org.json.JSONArray;
import org.json.JSONException;
import org.json.JSONObject;
import org.springframework.stereotype.Controller;
import org.springframework.web.servlet.ModelAndView;
import de.knurt.fam.connector.RedirectTarget;
import de.knurt.fam.core.aspects.security.auth.SessionAuth;
import de.knurt.fam.core.model.persist.User;
import de.knurt.fam.core.model.persist.document.SoaActivationDocument;
import de.knurt.fam.core.model.persist.document.SoaDocument;
import de.knurt.fam.core.persistence.dao.FamDaoProxy;
import de.knurt.fam.core.persistence.dao.couchdb.CouchDBDao4Soa;
import de.knurt.fam.core.util.mvc.RedirectResolver;
import de.knurt.fam.template.util.TermsOfUseResolver;
import de.knurt.heinzelmann.util.query.QueryString;
import de.knurt.heinzelmann.util.query.QueryStringFactory;
/**
* control the edit soa page
*
* @author Daniel Oltmanns
* @since 1.20 (08/13/2010)
*/
@Controller
class EditSoaController {
// XXX cut me into pieces!
public ModelAndView handleRequest(HttpServletRequest rq, HttpServletResponse rs) {
ModelAndView result = null;
User user = SessionAuth.user(rq);
if (rq.getMethod().equals("POST") && user != null && user.isAdmin()) {
if (this.isValidRequestFromNewAgreement(rq)) {
SoaDocument document = this.insertDoc(rq);
QueryString qs = QueryStringFactory.get("jsonvar", this.getJsonVarOnNewAgreementSucc(document));
result = RedirectResolver.redirect(RedirectTarget.EDIT_SOA, qs);
} else if (this.isValidRequestFromNewAgreementActivation(rq)) {
boolean insertSucc = true;
SoaActivationDocument newSoaActivationDocument = null;
// XXX this is all dao stuff!!!!
Response response = null;
try {
// ↓ get map of foreign keys given and put in real documents
JSONObject jo = new JSONObject(rq.getParameter("body"));
JSONArray oldArray = jo.getJSONArray("soaActivePages");
JSONArray newArray = new JSONArray();
int i = 0;
boolean getAllSoasSucceeded = true;
while (i < oldArray.length()) {
JSONObject mappedSoaActivationPageDocument = oldArray.getJSONObject(i);
JSONObject realSoaActivationPageDocument = new JSONObject();
// ↘ java_link 201008191220
realSoaActivationPageDocument.put("forcePrinting", mappedSoaActivationPageDocument.get("forcePrinting"));
JSONObject soaDoc = FamDaoProxy.soaDao().getRealSoaActivationPageDocument(mappedSoaActivationPageDocument.get("soaId").toString());
if(soaDoc == null) {
getAllSoasSucceeded = false;
break;
} else {
realSoaActivationPageDocument.put("soaDoc", soaDoc);
newArray.put(realSoaActivationPageDocument);
}
i++;
}
if (getAllSoasSucceeded) {
jo.put("soaActivePages", newArray);
// put in new json string
response = FamDaoProxy.soaDao().put(jo);
}
} catch (JSONException e) {
insertSucc = false;
}
// execute consequences (like deleting accepted soas)
if (response == null) {
insertSucc = false;
} else {
Object objectid = response.getContentAsMap().get("id");
if (objectid == null || objectid.toString().trim().isEmpty()) {
insertSucc = false;
} else {
newSoaActivationDocument = CouchDBDao4Soa.getInstance().getSoaActivationDocument(objectid.toString());
if (newSoaActivationDocument == null) {
insertSucc = false;
} else {
TermsOfUseResolver tour = new TermsOfUseResolver(user);
tour.discardAcceptanceForUsers(newSoaActivationDocument);
tour.deactivateAgreementsFor(newSoaActivationDocument);
}
}
}
if (insertSucc) {
QueryString qs = QueryStringFactory.get("jsonvar", this.getJsonVarOnNewAgreementActivationSucc(rq, newSoaActivationDocument));
result = RedirectResolver.redirect(RedirectTarget.EDIT_SOA, qs);
} else {
QueryString qs = QueryStringFactory.get("jsonvar", this.getJsonVarOnNewAgreementActivationFail(rq));
result = RedirectResolver.redirect(RedirectTarget.EDIT_SOA, qs);
}
} else {
// ↖ invalid request
QueryString qs = QueryStringFactory.get("jsonvar", this.getJsonVarOnInsertingFailOrUrlHacking(rq));
result = RedirectResolver.redirect(RedirectTarget.EDIT_SOA, qs);
}
}
return result;
}
private String getJsonVarOnNewAgreementActivationSucc(HttpServletRequest rq, SoaActivationDocument sad) {
JSONObject jo = new JSONObject();
try {
jo.put("succ", true);
jo.put("doc_id", sad.getId());
jo.put("animate_row", "page_" + sad.getId());
jo.put("select", 3);
jo.put("show_message", "New agreements have been activated"); // INTLANG
} catch (JSONException e) {
e.printStackTrace();
}
return "var FamStatus = " + jo.toString() + ";";
}
/**
* this may happen when the validation of couchdb document fails.
*
* @param rq
* @param response
* @return
*/
private String getJsonVarOnNewAgreementActivationFail(HttpServletRequest rq) {
JSONObject jo = new JSONObject();
try {
jo.put("succ", false);
jo.put("sentfromform", "jactivationform");
jo.put("doc_id", "null");
jo.put("show_message", INSERTION_FAILED + "bad request [intern code: 201008181402]");
} catch (JSONException e) {
e.printStackTrace();
}
return "var FamStatus = " + jo.toString() + ";";
}
private String getJsonVarOnInsertingFailOrUrlHacking(HttpServletRequest rq) {
JSONObject jo = new JSONObject();
try {
if (rq.getParameter("sentfromform").equals("jnewform")) {
jo.put("succ", false);
jo.put("sentfromform", "jnewform");
jo.put("doc_id", "null");
jo.put("select", 1);
String message = INSERTION_FAILED;
if (rq.getParameter("title") == null || rq.getParameter("title").trim().isEmpty()) {
message += "Please give the agreement a title."; // INTLANG
}
if (rq.getParameter("content") == null || rq.getParameter("content").trim().isEmpty()) {
message += "<br />Agreement has no content."; // INTLANG
}
jo.put("show_message", message);
} else if (rq.getParameter("sentfromform").equals("jactivationform")) {
jo.put("succ", false);
jo.put("sentfromform", "jactivationform");
jo.put("doc_id", "null");
jo.put("show_message", INSERTION_FAILED + "unknown error [intern code: 201008181400 - missed body]");
jo.put("select", 1);
} else { // hacked sentfromform
jo.put("succ", false);
jo.put("sentfromform", "unknown");
jo.put("select", 1);
jo.put("doc_id", "null");
jo.put("show_message", INSERTION_FAILED + "invalid request [201008181359]");
}
} catch (JSONException e) {
e.printStackTrace();
}
return "var FamStatus = " + jo.toString() + ";";
}
private String getJsonVarOnNewAgreementSucc(SoaDocument document) {
JSONObject jo = new JSONObject();
try {
if (document == null) {
// ↖ insert doc failed
// ↓ let javascript know failing
jo.put("succ", false);
jo.put("sentfromform", "jnewform");
jo.put("select", 1);
jo.put("doc_id", "null");
jo.put("show_message", INSERTION_FAILED + "Document has just been modified"); // INTLANG
} else {
// ↖ insert doc succeeded
// ↓ let javascript know succeeding
jo.put("succ", true);
jo.put("sentfromform", "jnewform");
jo.put("doc_id", document.getId());
jo.put("animate_row", "edit_soa_overview_" + document.getId());
jo.put("show_message", "Document has been inserted"); // INTLANG
}
} catch (JSONException e) {
e.printStackTrace();
}
return "var FamStatus = " + jo.toString() + ";";
}
private static final String INSERTION_FAILED = "Insertion failed! Reason: ";
private SoaDocument insertDoc(HttpServletRequest rq) {
SoaDocument document = new SoaDocument();
document.setContent(rq.getParameter("content").trim());
document.setTitle(rq.getParameter("title"));
if (document.insertOrUpdate()) {
return document;
} else {
return null;
}
}
private boolean isValidRequestFromNewAgreement(HttpServletRequest rq) {
boolean result = true;
if (rq.getParameter("title") == null || rq.getParameter("content") == null || rq.getParameter("title").trim().isEmpty() || rq.getParameter("content").trim().isEmpty()) {
result = false;
}
if (rq.getParameter("sentfromform") == null || !rq.getParameter("sentfromform").equals("jnewform")) {
result = false;
}
return result;
}
private boolean isValidRequestFromNewAgreementActivation(HttpServletRequest rq) {
boolean result = true;
if (rq.getParameter("body") == null || rq.getParameter("body").trim().isEmpty()) {
result = false;
}
if (rq.getParameter("sentfromform") == null || !rq.getParameter("sentfromform").equals("jactivationform")) {
result = false;
}
return result;
}
}