X-Git-Url: https://git.pterodactylus.net/?p=Sone.git;a=blobdiff_plain;f=src%2Fmain%2Fjava%2Fnet%2Fpterodactylus%2Fsone%2Fweb%2Fajax%2FJsonPage.java;h=289b5a401912481f1ac69304384aaf28bc3f39c4;hp=b9bdc77deb89ac3ec7181d13f50e8ad61741e2af;hb=7b55e0be6a3283e43a9bbab98f82aebdd948eb33;hpb=341d8308a20e234dbec084be1b370367fa63ff94

diff --git a/src/main/java/net/pterodactylus/sone/web/ajax/JsonPage.java b/src/main/java/net/pterodactylus/sone/web/ajax/JsonPage.java
index b9bdc77..289b5a4 100644
--- a/src/main/java/net/pterodactylus/sone/web/ajax/JsonPage.java
+++ b/src/main/java/net/pterodactylus/sone/web/ajax/JsonPage.java
@@ -1,5 +1,5 @@
 /*
- * Sone - JsonPage.java - Copyright © 2010 David Roden
+ * Sone - JsonPage.java - Copyright © 2010–2016 David Roden
  *
  * This program is free software: you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
@@ -17,13 +17,25 @@
 
 package net.pterodactylus.sone.web.ajax;
 
-import java.util.UUID;
+import static java.util.logging.Logger.getLogger;
+
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
+import java.io.OutputStreamWriter;
+import java.io.PrintWriter;
+import java.net.URI;
+import java.util.logging.Level;
+import java.util.logging.Logger;
 
 import net.pterodactylus.sone.data.Sone;
 import net.pterodactylus.sone.web.WebInterface;
-import net.pterodactylus.sone.web.page.Page;
-import net.pterodactylus.util.json.JsonObject;
-import net.pterodactylus.util.json.JsonUtils;
+import net.pterodactylus.sone.web.page.FreenetPage;
+import net.pterodactylus.sone.web.page.FreenetRequest;
+import net.pterodactylus.util.io.Closer;
+import net.pterodactylus.util.web.Page;
+import net.pterodactylus.util.web.Response;
+
+import com.fasterxml.jackson.databind.ObjectMapper;
 import freenet.clients.http.SessionManager.Session;
 import freenet.clients.http.ToadletContext;
 
@@ -33,7 +45,13 @@ import freenet.clients.http.ToadletContext;
  *
  * @author <a href="mailto:bombe@pterodactylus.net">David ‘Bombe’ Roden</a>
  */
-public abstract class JsonPage implements Page {
+public abstract class JsonPage implements FreenetPage {
+
+	/** The logger. */
+	private static final Logger logger = getLogger(JsonPage.class.getName());
+
+	/** The JSON serializer. */
+	private static final ObjectMapper objectMapper = new ObjectMapper();
 
 	/** The path of the page. */
 	private final String path;
@@ -68,7 +86,7 @@ public abstract class JsonPage implements Page {
 	 *         session
 	 */
 	protected Session getCurrentSession(ToadletContext toadletContenxt) {
-		return getCurrentSession(toadletContenxt, true);
+		return webInterface.getCurrentSession(toadletContenxt);
 	}
 
 	/**
@@ -84,15 +102,7 @@ public abstract class JsonPage implements Page {
 	 *         session
 	 */
 	protected Session getCurrentSession(ToadletContext toadletContenxt, boolean create) {
-		try {
-			Session session = webInterface.getSessionManager().useSession(toadletContenxt);
-			if (create && (session == null)) {
-				session = webInterface.getSessionManager().createSession(UUID.randomUUID().toString(), toadletContenxt);
-			}
-			return session;
-		} catch (freenet.clients.http.RedirectException re1) {
-			return null;
-		}
+		return webInterface.getCurrentSession(toadletContenxt, create);
 	}
 
 	/**
@@ -104,15 +114,22 @@ public abstract class JsonPage implements Page {
 	 *         currently logged in
 	 */
 	protected Sone getCurrentSone(ToadletContext toadletContext) {
-		Session session = getCurrentSession(toadletContext);
-		if (session == null) {
-			return null;
-		}
-		String soneId = (String) session.getAttribute("Sone.CurrentSone");
-		if (soneId == null) {
-			return null;
-		}
-		return webInterface.getCore().getLocalSone(soneId, false);
+		return webInterface.getCurrentSone(toadletContext);
+	}
+
+	/**
+	 * Returns the currently logged in Sone.
+	 *
+	 * @param toadletContext
+	 *            The toadlet context
+	 * @param create
+	 *            {@code true} to create a new session if no session exists,
+	 *            {@code false} to not create a new session
+	 * @return The currently logged in Sone, or {@code null} if no Sone is
+	 *         currently logged in
+	 */
+	protected Sone getCurrentSone(ToadletContext toadletContext, boolean create) {
+		return webInterface.getCurrentSone(toadletContext, create);
 	}
 
 	//
@@ -127,7 +144,7 @@ public abstract class JsonPage implements Page {
 	 *            The request to handle
 	 * @return The created JSON object
 	 */
-	protected abstract JsonObject createJsonObject(Request request);
+	protected abstract JsonReturnObject createJsonObject(FreenetRequest request);
 
 	/**
 	 * Returns whether this command needs the form password for authentication
@@ -136,10 +153,22 @@ public abstract class JsonPage implements Page {
 	 * @return {@code true} if the form password (given as “formPassword”) is
 	 *         required, {@code false} otherwise
 	 */
+	@SuppressWarnings("static-method")
 	protected boolean needsFormPassword() {
 		return true;
 	}
 
+	/**
+	 * Returns whether this page requires the user to be logged in.
+	 *
+	 * @return {@code true} if the user needs to be logged in to use this page,
+	 *         {@code false} otherwise
+	 */
+	@SuppressWarnings("static-method")
+	protected boolean requiresLogin() {
+		return true;
+	}
+
 	//
 	// PROTECTED METHODS
 	//
@@ -149,8 +178,8 @@ public abstract class JsonPage implements Page {
 	 *
 	 * @return A reply signaling success
 	 */
-	protected JsonObject createSuccessJsonObject() {
-		return new JsonObject().put("success", true);
+	protected static JsonReturnObject createSuccessJsonObject() {
+		return new JsonReturnObject(true);
 	}
 
 	/**
@@ -160,8 +189,8 @@ public abstract class JsonPage implements Page {
 	 *            The error that has occured
 	 * @return The JSON object, signalling failure and the error code
 	 */
-	protected JsonObject createErrorJsonObject(String error) {
-		return new JsonObject().put("success", false).put("error", error);
+	protected static JsonReturnObject createErrorJsonObject(String error) {
+		return new JsonErrorReturnObject(error);
 	}
 
 	//
@@ -180,15 +209,76 @@ public abstract class JsonPage implements Page {
 	 * {@inheritDoc}
 	 */
 	@Override
-	public Response handleRequest(Request request) {
+	public boolean isPrefixPage() {
+		return false;
+	}
+
+	/**
+	 * {@inheritDoc}
+	 */
+	@Override
+	public Response handleRequest(FreenetRequest request, Response response) throws IOException {
+		if (webInterface.getCore().getPreferences().isRequireFullAccess() && !request.getToadletContext().isAllowedFullAccess()) {
+			return response.setStatusCode(403).setStatusText("Forbidden").setContentType("application/json").write(objectMapper.writeValueAsString(new JsonErrorReturnObject("auth-required")));
+		}
 		if (needsFormPassword()) {
 			String formPassword = request.getHttpRequest().getParam("formPassword");
 			if (!webInterface.getFormPassword().equals(formPassword)) {
-				return new Response(401, "Not authorized", "application/json", JsonUtils.format(new JsonObject().put("success", false).put("error", "auth-required")));
+				return response.setStatusCode(403).setStatusText("Forbidden").setContentType("application/json").write(objectMapper.writeValueAsString(new JsonErrorReturnObject("auth-required")));
 			}
 		}
-		JsonObject jsonObject = createJsonObject(request);
-		return new Response(200, "OK", "application/json", JsonUtils.format(jsonObject));
+		if (requiresLogin()) {
+			if (getCurrentSone(request.getToadletContext(), false) == null) {
+				return response.setStatusCode(403).setStatusText("Forbidden").setContentType("application/json").write(objectMapper.writeValueAsString(new JsonErrorReturnObject("auth-required")));
+			}
+		}
+		try {
+			JsonReturnObject jsonObject = createJsonObject(request);
+			return response.setStatusCode(200).setStatusText("OK").setContentType("application/json").write(objectMapper.writeValueAsString(jsonObject));
+		} catch (Exception e1) {
+			logger.log(Level.WARNING, "Error executing JSON page!", e1);
+			return response.setStatusCode(500).setStatusText(e1.getMessage()).setContentType("text/plain").write(dumpStackTrace(e1));
+		}
+	}
+
+	/**
+	 * {@inheritDoc}
+	 */
+	@Override
+	public boolean isLinkExcepted(URI link) {
+		return false;
+	}
+
+	//
+	// PRIVATE METHODS
+	//
+
+	/**
+	 * Returns a byte array containing the stack trace of the given throwable.
+	 *
+	 * @param t
+	 *            The throwable whose stack trace to dump into an array
+	 * @return The array with the stack trace, or an empty array if the stack
+	 *         trace could not be dumped
+	 */
+	private static byte[] dumpStackTrace(Throwable t) {
+		ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
+		OutputStreamWriter writer = null;
+		PrintWriter printWriter = null;
+		try {
+			writer = new OutputStreamWriter(byteArrayOutputStream, "uTF-8");
+			printWriter = new PrintWriter(writer);
+			t.printStackTrace(printWriter);
+			byteArrayOutputStream.flush();
+			return byteArrayOutputStream.toByteArray();
+		} catch (IOException ioe1) {
+			/* quite not possible. */
+			return new byte[0];
+		} finally {
+			Closer.close(printWriter);
+			Closer.close(writer);
+			Closer.close(byteArrayOutputStream);
+		}
 	}
 
 }