UserServlet xref

View Javadoc

1   package org.restafarian.id.servlets;
2   
3   import java.io.IOException;
4   import java.io.PrintWriter;
5   import java.sql.Connection;
6   import java.sql.ResultSet;
7   import java.sql.SQLException;
8   import java.sql.Statement;
9   import java.util.Hashtable;
10  
11  import javax.naming.Context;
12  import javax.naming.InitialContext;
13  import javax.servlet.ServletException;
14  import javax.servlet.http.HttpServletRequest;
15  import javax.servlet.http.HttpServletResponse;
16  import javax.sql.DataSource;
17  
18  import org.restafarian.core.beans.Person;
19  import org.restafarian.core.security.AuthenticatedUserManager;
20  import org.restafarian.core.servlets.RestServletBase;
21  import org.restafarian.core.utils.BetwixtTool;
22  
23  /***
24   * <p>This servlet handles users.</p>
25   */
26  public class UserServlet extends RestServletBase {
27  	private static final long serialVersionUID = 1;
28  	private DataSource dataSource = getDataSource();
29  
30  	/***
31  	 * <p>The Servlet "doGet()" method.</p>
32  	 *
33  	 * @param req the <code>HttpServletRequest</code> object
34  	 * @param res the <code>HttpServletResponse</code> object
35  	 * @throws ServletException
36  	 * @throws IOException
37  	 */
38  	public void doGet(HttpServletRequest req, HttpServletResponse res) throws ServletException, IOException {
39  		String id = getIdFromUrl(req, "/user/");
40  
41  		// log request, if enabled
42  		if (log.isDebugEnabled()) {
43  			String message = "Processing GET request; id=" + id;
44  			if (req.getQueryString() != null && req.getQueryString().length() > 0) {
45  				message += "; query string=" + req.getQueryString();
46  			}
47  			log.debug(message);
48  		}
49  
50  		if (id != null && id.length() > 0) {
51  			// send requested user
52  			sendUser(id, req, res);
53  		} else {
54  			// send query results
55  			sendError(req, res, 404, "The requested resource was not found on this server. If you entered the URL manually please check your spelling and try again.");
56  		}
57  	}
58  
59  	/***
60  	 * <p>The Servlet "doPost()" method.</p>
61  	 * 
62  	 * @param req the <code>HttpServletRequest</code> object
63  	 * @param res the <code>HttpServletResponse</code> object
64  	 * @throws ServletException
65  	 * @throws IOException
66  	 */
67  	public void doPost(HttpServletRequest req, HttpServletResponse res) throws ServletException, IOException {
68  		sendError(req, res, 405, "Method Not Allowed. Use the \"GET\" method for this URL");
69  	}
70  
71  	/***
72  	 * <p>The Servlet "doPut()" method.</p>
73  	 *
74  	 * @param req the <code>HttpServletRequest</code> object
75  	 * @param res the <code>HttpServletResponse</code> object
76  	 * @throws ServletException
77  	 * @throws IOException
78  	 */
79  	public void doPut(HttpServletRequest req, HttpServletResponse res) throws ServletException, IOException {
80  		sendError(req, res, 405, "Method Not Allowed. Use the \"GET\" method for this URL");
81  	}
82  
83  	/***
84  	 * <p>The Servlet "doDelete()" method.</p>
85  	 *
86  	 * @param req the <code>HttpServletRequest</code> object
87  	 * @param res the <code>HttpServletResponse</code> object
88  	 * @throws ServletException
89  	 * @throws IOException
90  	 */
91  	public void doDelete(HttpServletRequest req, HttpServletResponse res) throws ServletException, IOException {
92  		sendError(req, res, 405, "Method Not Allowed. Use the \"GET\" method for this URL");
93  	}
94  
95  	/***
96  	 * <p>Handles a get request for a single user.</p>
97  	 *
98  	 * @param id the id of the requested user
99  	 * @param req the <code>HttpServletRequest</code> object
100 	 * @param res the <code>HttpServletResponse</code> object
101 	 */
102 	private void sendUser(String id, HttpServletRequest req, HttpServletResponse res) throws IOException {
103 		Person user = getUser(id, req);
104 
105 		if (user != null) {
106 			PrintWriter pw = res.getWriter();
107 			if (pw != null && !pw.equals("")) {
108 				pw.print(BetwixtTool.toXml(user, "/id/xsl/user.xsl"));
109 			} else {
110 				sendError(req, res, 500, "There was a technical error while attempting to access this resource. Details of this error have been logged on the server.");
111 			}
112 		} else {
113 			sendError(req, res, 404, "The requested resource was not found on this server. If you entered the URL manually please check your spelling and try again.");
114 		}
115 	}
116 
117 	/***
118 	 * <p>Returns the requested user.</p>
119 	 *
120 	 * @param userId the id of the requested user
121 	 * @return the requested user
122 	 */
123 	private Person getUser(String userId, HttpServletRequest req) {
124 		Person user = null;
125 		
126 		if ("current".equalsIgnoreCase(userId)) {
127 			user = AuthenticatedUserManager.getAuthenticatedUser(req);
128 		} else {
129 			user = fetchUser(userId);
130 		}
131 
132 		return user;
133 	}
134 
135 	/***
136 	 * <p>Fetches the user from the database.</p>
137 	 *
138 	 * @param userId the id of the requested user
139 	 * @return the requested user
140 	 */
141 	private Person fetchUser(String userId) {
142 		Person user = null;
143 
144 		Connection conn = null;
145 		Statement stmt = null;
146 		ResultSet rs = null;
147 		try {
148 			conn = dataSource.getConnection();
149 			conn.setAutoCommit(false);
150 			stmt = conn.createStatement();
151 			String qs = "select * from user where id = '" + userId + "'";
152 			rs = stmt.executeQuery(qs);
153 			if (rs.next()) {
154 				user = new Person();
155 				user.setId(userId);
156 				user.setName(rs.getString("name"));
157 				user.setUri(rs.getString("uri"));
158 				user.setEmail(rs.getString("email"));
159 			}
160 		} catch (SQLException e) {
161 			log.error("SQL error: " + e.toString() + "; " +  e.getMessage(), e);
162 		} finally {
163 			if (rs != null) {
164 				try {
165 					rs.close();
166 				} catch (SQLException sqle) {
167 					log.error("SQL error: " + sqle.toString() + "; " +  sqle.getMessage(), sqle);
168 				}
169 				rs = null;
170 			}
171 			if (stmt != null) {
172 				try {
173 					stmt.close();
174 				} catch (SQLException sqle) {
175 					log.error("SQL error: " + sqle.toString() + "; " +  sqle.getMessage(), sqle);
176 				}
177 				stmt = null;
178 			}
179 			if (conn != null) {
180 				try {
181 					conn.commit();
182 					conn.close();
183 				} catch (SQLException sqle) {
184 					log.error("SQL error: " + sqle.toString() + "; " +  sqle.getMessage(), sqle);
185 				}
186 				conn = null;
187 			}
188 		}
189 
190 		return user;
191 	}
192 
193 	/***
194 	 * <p>Returns the DataSource.</p>
195 	 */
196 	private DataSource getDataSource() {
197 		DataSource ds = null;
198 
199 		String dataSourceName = "java:comp/env/jdbc/user";
200 		Hashtable parms = new Hashtable();
201 		try {
202 			Context ctx = new InitialContext(parms);
203 			ds = (DataSource) ctx.lookup(dataSourceName);
204 		} catch (Throwable t) {
205 			log.error("Exception obtaining DataSource (\"" + dataSourceName + "\"): " + t.toString(), t);
206 		}
207 
208 		return ds;
209 	}
210 }