/*
* Copyright (c) 2010-2017, b3log.org & hacpai.com
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.b3log.solo.processor.console;
import org.b3log.latke.Keys;
import org.b3log.latke.Latkes;
import org.b3log.latke.ioc.inject.Inject;
import org.b3log.latke.logging.Level;
import org.b3log.latke.logging.Logger;
import org.b3log.latke.model.Role;
import org.b3log.latke.model.User;
import org.b3log.latke.service.LangPropsService;
import org.b3log.latke.service.ServiceException;
import org.b3log.latke.servlet.HTTPRequestContext;
import org.b3log.latke.servlet.HTTPRequestMethod;
import org.b3log.latke.servlet.annotation.RequestProcessing;
import org.b3log.latke.servlet.annotation.RequestProcessor;
import org.b3log.latke.servlet.renderer.JSONRenderer;
import org.b3log.latke.util.Requests;
import org.b3log.solo.model.Option;
import org.b3log.solo.service.PreferenceQueryService;
import org.b3log.solo.service.UserMgmtService;
import org.b3log.solo.service.UserQueryService;
import org.b3log.solo.util.QueryResults;
import org.json.JSONObject;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
/**
* User console request processing.
*
* @author <a href="http://88250.b3log.org">Liang Ding</a>
* @author <a href="mailto:385321165@qq.com">DASHU</a>
* @version 1.2.0.5, Mar 31, 2017
* @since 0.4.0
*/
@RequestProcessor
public class UserConsole {
/**
* Logger.
*/
private static final Logger LOGGER = Logger.getLogger(UserConsole.class.getName());
/**
* User query service.
*/
@Inject
private UserQueryService userQueryService;
/**
* User management service.
*/
@Inject
private UserMgmtService userMgmtService;
/**
* Preference query service.
*/
@Inject
private PreferenceQueryService preferenceQueryService;
/**
* Language service.
*/
@Inject
private LangPropsService langPropsService;
/**
* Updates a user by the specified request.
* <p>
* Renders the response with a json object, for example,
* <pre>
* {
* "sc": boolean,
* "msg": ""
* }
* </pre>
* </p>
*
* @param request the specified http servlet request, for example,
* "oId": "",
* "userName": "",
* "userEmail": "",
* "userPassword": "", // Unhashed
* "userRole": "", // optional
* "userURL": "", // optional
* "userAvatar": "" // optional
* @param context the specified http request context
* @param response the specified http servlet response
* @throws Exception exception
*/
@RequestProcessing(value = "/console/user/", method = HTTPRequestMethod.PUT)
public void updateUser(final HttpServletRequest request, final HttpServletResponse response, final HTTPRequestContext context)
throws Exception {
if (!userQueryService.isAdminLoggedIn(request)) {
response.sendError(HttpServletResponse.SC_FORBIDDEN);
return;
}
final JSONRenderer renderer = new JSONRenderer();
context.setRenderer(renderer);
final JSONObject ret = new JSONObject();
try {
final JSONObject requestJSONObject = Requests.parseRequestJSONObject(request, response);
userMgmtService.updateUser(requestJSONObject);
ret.put(Keys.STATUS_CODE, true);
ret.put(Keys.MSG, langPropsService.get("updateSuccLabel"));
renderer.setJSONObject(ret);
} catch (final ServiceException e) {
LOGGER.log(Level.ERROR, e.getMessage(), e);
final JSONObject jsonObject = QueryResults.defaultResult();
renderer.setJSONObject(jsonObject);
jsonObject.put(Keys.MSG, e.getMessage());
}
}
/**
* Adds a user with the specified request.
* <p>
* Renders the response with a json object, for example,
* <pre>
* {
* "sc": boolean,
* "oId": "", // Generated user id
* "msg": ""
* }
* </pre>
* </p>
*
* @param request the specified http servlet request, for example,
* "userName": "",
* "userEmail": "",
* "userPassword": "",
* "userURL": "", // optional, uses 'servePath' instead if not specified
* "userRole": "", // optional, uses {@value org.b3log.latke.model.Role#DEFAULT_ROLE} instead if not specified
* "userAvatar": "" // optional
* @param response the specified http servlet response
* @param context the specified http request context
* @throws Exception exception
*/
@RequestProcessing(value = "/console/user/", method = HTTPRequestMethod.POST)
public void addUser(final HttpServletRequest request, final HttpServletResponse response, final HTTPRequestContext context)
throws Exception {
final JSONRenderer renderer = new JSONRenderer();
context.setRenderer(renderer);
final JSONObject ret = new JSONObject();
renderer.setJSONObject(ret);
try {
final JSONObject requestJSONObject = Requests.parseRequestJSONObject(request, response);
if (userQueryService.isAdminLoggedIn(request)) { // if the administrator register a new user, treats the new user as a normal user
// (defaultRole) who could post article
requestJSONObject.put(User.USER_ROLE, Role.DEFAULT_ROLE);
} else {
final JSONObject preference = preferenceQueryService.getPreference();
if (!preference.optBoolean(Option.ID_C_ALLOW_REGISTER)) {
ret.put(Keys.STATUS_CODE, false);
ret.put(Keys.MSG, langPropsService.get("notAllowRegisterLabel"));
return;
}
// if a normal user or a visitor register a new user, treates the new user as a visitor
// (visitorRole) who couldn't post article
requestJSONObject.put(User.USER_ROLE, Role.VISITOR_ROLE);
}
final String userId = userMgmtService.addUser(requestJSONObject);
ret.put(Keys.OBJECT_ID, userId);
ret.put(Keys.MSG, langPropsService.get("addSuccLabel"));
ret.put(Keys.STATUS_CODE, true);
} catch (final ServiceException e) {
LOGGER.log(Level.ERROR, e.getMessage(), e);
final JSONObject jsonObject = QueryResults.defaultResult();
renderer.setJSONObject(jsonObject);
jsonObject.put(Keys.MSG, e.getMessage());
}
}
/**
* Removes a user by the specified request.
* <p>
* Renders the response with a json object, for example,
* <pre>
* {
* "sc": boolean,
* "msg": ""
* }
* </pre>
* </p>
*
* @param request the specified http servlet request
* @param response the specified http servlet response
* @param context the specified http request context
* @throws Exception exception
*/
@RequestProcessing(value = "/console/user/*", method = HTTPRequestMethod.DELETE)
public void removeUser(final HttpServletRequest request, final HttpServletResponse response, final HTTPRequestContext context)
throws Exception {
if (!userQueryService.isAdminLoggedIn(request)) {
response.sendError(HttpServletResponse.SC_FORBIDDEN);
return;
}
final JSONRenderer renderer = new JSONRenderer();
context.setRenderer(renderer);
final JSONObject jsonObject = new JSONObject();
renderer.setJSONObject(jsonObject);
try {
final String userId = request.getRequestURI().substring((Latkes.getContextPath() + "/console/user/").length());
userMgmtService.removeUser(userId);
jsonObject.put(Keys.STATUS_CODE, true);
jsonObject.put(Keys.MSG, langPropsService.get("removeSuccLabel"));
} catch (final ServiceException e) {
LOGGER.log(Level.ERROR, e.getMessage(), e);
jsonObject.put(Keys.STATUS_CODE, false);
jsonObject.put(Keys.MSG, langPropsService.get("removeFailLabel"));
}
}
/**
* Gets users by the specified request json object.
* <p>
* The request URI contains the pagination arguments. For example, the request URI is /console/users/1/10/20, means
* the current page is 1, the page size is 10, and the window size is 20.
* </p>
* <p>
* Renders the response with a json object, for example,
* <pre>
* {
* "pagination": {
* "paginationPageCount": 100,
* "paginationPageNums": [1, 2, 3, 4, 5]
* },
* "users": [{
* "oId": "",
* "userName": "",
* "userEmail": "",
* "userPassword": "",
* "roleName": ""
* }, ....]
* "sc": true
* }
* </pre>
* </p>
*
* @param request the specified http servlet request
* @param response the specified http servlet response
* @param context the specified http request context
* @throws Exception exception
*/
@RequestProcessing(value = "/console/users/*/*/*"/* Requests.PAGINATION_PATH_PATTERN */, method = HTTPRequestMethod.GET)
public void getUsers(final HttpServletRequest request, final HttpServletResponse response, final HTTPRequestContext context)
throws Exception {
final JSONRenderer renderer = new JSONRenderer();
context.setRenderer(renderer);
if (!userQueryService.isAdminLoggedIn(request)) {
response.sendError(HttpServletResponse.SC_FORBIDDEN);
return;
}
try {
final String requestURI = request.getRequestURI();
final String path = requestURI.substring((Latkes.getContextPath() + "/console/users/").length());
final JSONObject requestJSONObject = Requests.buildPaginationRequest(path);
final JSONObject result = userQueryService.getUsers(requestJSONObject);
result.put(Keys.STATUS_CODE, true);
renderer.setJSONObject(result);
} catch (final ServiceException e) {
LOGGER.log(Level.ERROR, e.getMessage(), e);
final JSONObject jsonObject = QueryResults.defaultResult();
renderer.setJSONObject(jsonObject);
jsonObject.put(Keys.MSG, langPropsService.get("getFailLabel"));
}
}
/**
* Gets a user by the specified request.
* <p>
* Renders the response with a json object, for example,
* <pre>
* {
* "sc": boolean,
* "user": {
* "oId": "",
* "userName": "",
* "userEmail": "",
* "userPassword": "",
* "userAvatar": ""
* }
* }
* </pre>
* </p>
*
* @param request the specified http servlet request
* @param response the specified http servlet response
* @param context the specified http request context
* @throws Exception exception
*/
@RequestProcessing(value = "/console/user/*", method = HTTPRequestMethod.GET)
public void getUser(final HttpServletRequest request, final HttpServletResponse response, final HTTPRequestContext context)
throws Exception {
if (!userQueryService.isAdminLoggedIn(request)) {
response.sendError(HttpServletResponse.SC_FORBIDDEN);
return;
}
final JSONRenderer renderer = new JSONRenderer();
context.setRenderer(renderer);
try {
final String requestURI = request.getRequestURI();
final String userId = requestURI.substring((Latkes.getContextPath() + "/console/user/").length());
final JSONObject result = userQueryService.getUser(userId);
if (null == result) {
renderer.setJSONObject(QueryResults.defaultResult());
return;
}
renderer.setJSONObject(result);
result.put(Keys.STATUS_CODE, true);
} catch (final ServiceException e) {
LOGGER.log(Level.ERROR, e.getMessage(), e);
final JSONObject jsonObject = QueryResults.defaultResult();
renderer.setJSONObject(jsonObject);
jsonObject.put(Keys.MSG, langPropsService.get("getFailLabel"));
}
}
/**
* Change a user role.
* <p>
* Renders the response with a json object, for example,
* <pre>
* {
* "sc": boolean,
* "msg": ""
* }
* </pre>
* </p>
*
* @param request the specified http servlet request
* @param response the specified http servlet response
* @param context the specified http request context
* @throws Exception exception
*/
@RequestProcessing(value = "/console/changeRole/*", method = HTTPRequestMethod.GET)
public void changeUserRole(final HttpServletRequest request, final HttpServletResponse response, final HTTPRequestContext context)
throws Exception {
if (!userQueryService.isAdminLoggedIn(request)) {
response.sendError(HttpServletResponse.SC_FORBIDDEN);
return;
}
final JSONRenderer renderer = new JSONRenderer();
context.setRenderer(renderer);
final JSONObject jsonObject = new JSONObject();
renderer.setJSONObject(jsonObject);
try {
final String userId = request.getRequestURI().substring((Latkes.getContextPath() + "/console/changeRole/").length());
userMgmtService.changeRole(userId);
jsonObject.put(Keys.STATUS_CODE, true);
jsonObject.put(Keys.MSG, langPropsService.get("updateSuccLabel"));
} catch (final ServiceException e) {
LOGGER.log(Level.ERROR, e.getMessage(), e);
jsonObject.put(Keys.STATUS_CODE, false);
jsonObject.put(Keys.MSG, langPropsService.get("removeFailLabel"));
}
}
}