package org.exoplatform.poll.service.ws;
import java.net.URI;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Date;
import java.util.HashSet;
import java.util.List;
import java.util.Set;
import javax.ws.rs.GET;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
import javax.ws.rs.core.CacheControl;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.Response.Status;
import javax.ws.rs.core.SecurityContext;
import javax.ws.rs.core.UriInfo;
import javax.ws.rs.ext.RuntimeDelegate;
import org.apache.commons.lang.StringUtils;
import org.exoplatform.container.ExoContainerContext;
import org.exoplatform.poll.service.Poll;
import org.exoplatform.poll.service.PollNodeTypes;
import org.exoplatform.poll.service.PollService;
import org.exoplatform.poll.service.PollSummary;
import org.exoplatform.poll.service.Utils;
import org.exoplatform.portal.config.UserACL;
import org.exoplatform.services.log.ExoLogger;
import org.exoplatform.services.log.Log;
import org.exoplatform.services.organization.Group;
import org.exoplatform.services.organization.Membership;
import org.exoplatform.services.organization.OrganizationService;
import org.exoplatform.services.rest.impl.RuntimeDelegateImpl;
import org.exoplatform.services.rest.resource.ResourceContainer;
import org.exoplatform.services.security.ConversationState;
import org.exoplatform.services.security.IdentityConstants;
/**
* Handles REST request to process Poll.
*
* @anchor PollWebservice
*
*/
@Path("ks/poll")
public class PollWebservice implements ResourceContainer {
private static final Log log = ExoLogger.getLogger(PollWebservice.class);
final public static String APP_TYPE = "poll".intern();
private OrganizationService organizationService = null;
public PollWebservice() {
getOrganizationService();
}
private static final CacheControl cc;
static {
RuntimeDelegate.setInstance(new RuntimeDelegateImpl());
cc = new CacheControl();
cc.setNoCache(true);
cc.setNoStore(true);
}
/**
* Views a poll by its Id.
*
* @param pollId The poll Id to view.
* @param sc The security context which gets the information of the current user.
* @param uriInfo The URI information which gets the information of the current user.
*
* @anchor PollWebservice.viewPoll
*
* @return The response is JSON data.
*
* @throws Exception
*
* @LevelAPI Platform
*/
@GET
@Path("/viewpoll/{resourceid}")
@Produces(MediaType.APPLICATION_JSON)
public Response viewPoll(@PathParam("resourceid") String pollId,
@Context SecurityContext sc,
@Context UriInfo uriInfo) throws Exception {
PollService pollService = (PollService) ExoContainerContext.getCurrentContainer().getComponentInstanceOfType(PollService.class);
String username = getUserId(sc, uriInfo);
if (!Utils.isEmpty(pollId)) {
try {
Poll poll = pollService.getPoll(pollId);
if (poll != null) {
// poll.setIsAdmin(String.valueOf(hasGroupAdminOfGatein()));
poll.setIsAdmin("true");
String group = poll.getParentPath();
boolean hasPerminsion = false;
if (group.indexOf(PollNodeTypes.APPLICATION_DATA) > 0 && poll.getIsAdmin().equals("false")) {
group = group.substring(group.indexOf(PollNodeTypes.GROUPS + "/") + PollNodeTypes.GROUPS.length(), group.indexOf("/" + PollNodeTypes.APPLICATION_DATA));
for (String group_ : getGroupsOfUser(username)) {
if (group_.indexOf(group) >= 0) {
hasPerminsion = true;
break;
}
}
} else if (group.indexOf(PollNodeTypes.POLLS) < 0) {
hasPerminsion = pollService.hasPermissionInForum(group + "/" + poll.getId(), getAllGroupAndMembershipOfUser(username));
} else {
hasPerminsion = true;
}
if (!hasPerminsion) {
poll = new Poll();
poll.setId("DoNotPermission");
return Response.ok(poll, MediaType.APPLICATION_JSON).cacheControl(cc).build();
}
poll.setVotes();
poll.setInfoVote();
poll.setShowVote(isGuestPermission(poll, username));
return Response.ok(poll, MediaType.APPLICATION_JSON).cacheControl(cc).build();
}
} catch (Exception e) {
log.error("Can not get poll by id: " + pollId, e);
}
}
PollSummary pollSummary = new PollSummary();
pollSummary = pollService.getPollSummary(getAllGroupAndMembershipOfUser(username));
pollSummary.setIsAdmin("true");
return Response.ok(pollSummary, MediaType.APPLICATION_JSON).cacheControl(cc).build();
}
/**
* Votes for a poll by its Id.
*
* @param pollId The poll Id to vote.
* @param indexVote The vote indexes selected by the current user.
* @param sc The security context which gets the information of the current user.
* @param uriInfo The URI information which gets the information of the current user.
*
* @anchor PollWebservice.votePoll
*
* @return The response is JSON data.
*
* @throws Exception
*
* @LevelAPI Platform
*/
@GET
@Path("/votepoll/{pollId}/{indexVote}")
@Produces(MediaType.APPLICATION_JSON)
public Response votePoll(@PathParam("pollId") String pollId,
@PathParam("indexVote") String indexVote,
@Context SecurityContext sc,
@Context UriInfo uriInfo) throws Exception {
if (!Utils.isEmpty(pollId) && !Utils.isEmpty(indexVote)) {
try {
PollService pollService = (PollService) ExoContainerContext.getCurrentContainer().getComponentInstanceOfType(PollService.class);
Poll poll = pollService.getPoll(pollId.trim());
String username = getUserId(sc, uriInfo);
if (poll != null && !IdentityConstants.ANONIM.equals(username) &&
validateIndexVote(indexVote, poll.getOption().length)) {
poll = Utils.calculateVote(poll, username, indexVote);
pollService.savePoll(poll, false, true);
poll.setVotes();
poll.setInfoVote();
poll.setShowVote(isGuestPermission(poll, username));
poll.setIsAdmin(String.valueOf(hasGroupAdminOfGatein(username)));
return Response.ok(poll, MediaType.APPLICATION_JSON).cacheControl(cc).build();
}
} catch (Exception e) {
log.debug("Failed to vote poll.", e);
}
return Response.ok("You do not have permission to vote this poll; or some options have been removed from the poll.", MediaType.TEXT_PLAIN).cacheControl(cc).build();
}
return Response.status(Status.INTERNAL_SERVER_ERROR).build();
}
private OrganizationService getOrganizationService() {
if (organizationService == null) {
organizationService = (OrganizationService) ExoContainerContext.getCurrentContainer()
.getComponentInstance(OrganizationService.class);
}
return organizationService;
}
private String getUserId(SecurityContext sc, UriInfo uriInfo) {
ConversationState state = ConversationState.getCurrent();
if(state != null) {
return state.getIdentity().getUserId();
}
if (sc != null && sc.getUserPrincipal() != null) {
return sc.getUserPrincipal().getName();
} else if (uriInfo != null) {
return getViewerId(uriInfo);
}
return StringUtils.EMPTY;
}
private String getViewerId(UriInfo uriInfo) {
URI uri = uriInfo.getRequestUri();
String requestString = uri.getQuery();
if (requestString == null) return null;
String[] queryParts = requestString.split("&");
for (String queryPart : queryParts) {
if (queryPart.startsWith("opensocial_viewer_id")) {
return queryPart.substring(queryPart.indexOf("=") + 1, queryPart.length());
}
}
return null;
}
private boolean validateIndexVote(String indexVote, int max) {
String[] ivArr = indexVote.split(Utils.COLON);
for (int i = 1; i < ivArr.length; i++) {
try {
int t = Integer.parseInt(ivArr[i]);
if (t >= max) {
return false;
}
} catch (Exception e) {
return false;
}
}
return true;
}
private boolean isGuestPermission(Poll poll_, String username) throws Exception {
if (poll_.getIsClosed())
return true;
if (poll_.getTimeOut() > 0) {
Date today = Utils.getGreenwichMeanTime().getTime();
if ((today.getTime() - poll_.getCreatedDate().getTime()) >= poll_.getTimeOut() * 86400000)
return true;
}
if (Utils.isEmpty(username) || IdentityConstants.ANONIM.equals(username))
return true;
String[] userVotes = poll_.getUserVote();
for (String string : userVotes) {
string = string.substring(0, string.indexOf(":"));
if (string.equalsIgnoreCase(username))
return true;
}
return false;
}
private boolean hasGroupAdminOfGatein(String username) {
try {
UserACL userACL = (UserACL) ExoContainerContext.getCurrentContainer().getComponentInstanceOfType(UserACL.class);
List<String> list = new ArrayList<String>();
list.add(username);
list.addAll(getGroupsOfUser(username));
for (String str : list) {
if (str.equals(userACL.getSuperUser()) || str.equals(userACL.getAdminGroups()))
return true;
}
} catch (Exception e) {
log.debug("Failed to check has group admin of gatein." + e.getCause());
}
return false;
}
@SuppressWarnings("unchecked")
private List<String> getAllGroupAndMembershipOfUser(String username) {
List<String> listOfUser = new ArrayList<String>();
try {
listOfUser.add(username);// himself
Set<String> list = new HashSet<String>();
Collection<Membership> memberships = organizationService.getMembershipHandler().findMembershipsByUser(username);
for (Membership membership : memberships) {
listOfUser.add(membership.getGroupId()); // its groups
listOfUser.add(membership.getMembershipType() + ":" + membership.getGroupId()); // its memberships
}
listOfUser.addAll(list);
} catch (Exception e) {
log.warn("Failed to get all info of user.");
}
return listOfUser;
}
private List<String> getGroupsOfUser(String username) {
try {
List<String> grIds = new ArrayList<String>();
ConversationState state = ConversationState.getCurrent();
if(state != null && username.equals(state.getIdentity().getUserId())) {
Set<String> groupsSet = state.getIdentity().getGroups();
grIds.addAll(groupsSet);
} else {
for (Object gr : getOrganizationService().getGroupHandler().findGroupsOfUser(username)) {
grIds.add(((Group) gr).getId());
}
}
return grIds;
} catch (Exception e) {
log.warn("Failed to get groupId of user.");
return new ArrayList<String>();
}
}
}