X-Git-Url: https://git.pterodactylus.net/?p=Sone.git;a=blobdiff_plain;f=src%2Fmain%2Fjava%2Fnet%2Fpterodactylus%2Fsone%2Fweb%2Fajax%2FJsonPage.java;h=c6b77387c4840650beea159a243a1127a5ad9207;hp=6b5d614d6ca3027cb635757b25d5fdf9c3014437;hb=a47643aed43d118ca68044f95451bb5374cdb332;hpb=896463c592837b09794fa9368accf105c0bb05be

diff --git a/src/main/java/net/pterodactylus/sone/web/ajax/JsonPage.java b/src/main/java/net/pterodactylus/sone/web/ajax/JsonPage.java
index 6b5d614..c6b7738 100644
--- a/src/main/java/net/pterodactylus/sone/web/ajax/JsonPage.java
+++ b/src/main/java/net/pterodactylus/sone/web/ajax/JsonPage.java
@@ -1,5 +1,5 @@
 /*
- * Sone - JsonPage.java - Copyright Â© 2010 David Roden
+ * Sone - JsonPage.java - Copyright Â© 2010â2012 David Roden
  *
  * This program is free software: you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
@@ -17,10 +17,19 @@
 
 package net.pterodactylus.sone.web.ajax;
 
+import java.io.IOException;
+import java.net.URI;
+
+import net.pterodactylus.sone.data.Sone;
 import net.pterodactylus.sone.web.WebInterface;
-import net.pterodactylus.sone.web.page.Page;
+import net.pterodactylus.sone.web.page.FreenetPage;
+import net.pterodactylus.sone.web.page.FreenetRequest;
 import net.pterodactylus.util.json.JsonObject;
 import net.pterodactylus.util.json.JsonUtils;
+import net.pterodactylus.util.web.Page;
+import net.pterodactylus.util.web.Response;
+import freenet.clients.http.SessionManager.Session;
+import freenet.clients.http.ToadletContext;
 
 /**
  * A JSON page is a specialized {@link Page} that will always return a JSON
@@ -28,7 +37,7 @@ import net.pterodactylus.util.json.JsonUtils;
  *
  * @author <a href="mailto:bombe@pterodactylus.net">David âBombeâ Roden</a>
  */
-public abstract class JsonPage implements Page {
+public abstract class JsonPage implements FreenetPage {
 
 	/** The path of the page. */
 	private final String path;
@@ -50,6 +59,66 @@ public abstract class JsonPage implements Page {
 	}
 
 	//
+	// ACCESSORS
+	//
+
+	/**
+	 * Returns the current session, creating a new session if there is no
+	 * current session.
+	 *
+	 * @param toadletContenxt
+	 *            The toadlet context
+	 * @return The current session, or {@code null} if there is no current
+	 *         session
+	 */
+	protected Session getCurrentSession(ToadletContext toadletContenxt) {
+		return webInterface.getCurrentSession(toadletContenxt);
+	}
+
+	/**
+	 * Returns the current session, creating a new session if there is no
+	 * current session and {@code create} is {@code true}.
+	 *
+	 * @param toadletContenxt
+	 *            The toadlet context
+	 * @param create
+	 *            {@code true} to create a new session if there is no current
+	 *            session, {@code false} otherwise
+	 * @return The current session, or {@code null} if there is no current
+	 *         session
+	 */
+	protected Session getCurrentSession(ToadletContext toadletContenxt, boolean create) {
+		return webInterface.getCurrentSession(toadletContenxt, create);
+	}
+
+	/**
+	 * Returns the currently logged in Sone.
+	 *
+	 * @param toadletContext
+	 *            The toadlet context
+	 * @return The currently logged in Sone, or {@code null} if no Sone is
+	 *         currently logged in
+	 */
+	protected Sone getCurrentSone(ToadletContext toadletContext) {
+		return webInterface.getCurrentSone(toadletContext);
+	}
+
+	/**
+	 * Returns the currently logged in Sone.
+	 *
+	 * @param toadletContext
+	 *            The toadlet context
+	 * @param create
+	 *            {@code true} to create a new session if no session exists,
+	 *            {@code false} to not create a new session
+	 * @return The currently logged in Sone, or {@code null} if no Sone is
+	 *         currently logged in
+	 */
+	protected Sone getCurrentSone(ToadletContext toadletContext, boolean create) {
+		return webInterface.getCurrentSone(toadletContext, create);
+	}
+
+	//
 	// METHODS FOR SUBCLASSES TO OVERRIDE
 	//
 
@@ -61,7 +130,7 @@ public abstract class JsonPage implements Page {
 	 *            The request to handle
 	 * @return The created JSON object
 	 */
-	protected abstract JsonObject createJsonObject(Request request);
+	protected abstract JsonObject createJsonObject(FreenetRequest request);
 
 	/**
 	 * Returns whether this command needs the form password for authentication
@@ -74,6 +143,40 @@ public abstract class JsonPage implements Page {
 		return true;
 	}
 
+	/**
+	 * Returns whether this page requires the user to be logged in.
+	 *
+	 * @return {@code true} if the user needs to be logged in to use this page,
+	 *         {@code false} otherwise
+	 */
+	protected boolean requiresLogin() {
+		return true;
+	}
+
+	//
+	// PROTECTED METHODS
+	//
+
+	/**
+	 * Creates a success reply.
+	 *
+	 * @return A reply signaling success
+	 */
+	protected JsonObject createSuccessJsonObject() {
+		return new JsonObject().put("success", true);
+	}
+
+	/**
+	 * Creates an error reply.
+	 *
+	 * @param error
+	 *            The error that has occured
+	 * @return The JSON object, signalling failure and the error code
+	 */
+	protected JsonObject createErrorJsonObject(String error) {
+		return new JsonObject().put("success", false).put("error", error);
+	}
+
 	//
 	// PAGE METHODS
 	//
@@ -90,15 +193,39 @@ public abstract class JsonPage implements Page {
 	 * {@inheritDoc}
 	 */
 	@Override
-	public Response handleRequest(Request request) {
+	public boolean isPrefixPage() {
+		return false;
+	}
+
+	/**
+	 * {@inheritDoc}
+	 */
+	@Override
+	public Response handleRequest(FreenetRequest request, Response response) throws IOException {
+		if (webInterface.getCore().getPreferences().isRequireFullAccess() && !request.getToadletContext().isAllowedFullAccess()) {
+			return response.setStatusCode(403).setStatusText("Forbidden").setContentType("application/json").write(JsonUtils.format(new JsonObject().put("success", false).put("error", "auth-required")));
+		}
 		if (needsFormPassword()) {
 			String formPassword = request.getHttpRequest().getParam("formPassword");
-			if (!webInterface.formPassword().equals(formPassword)) {
-				return new Response(401, "Not authorized", "application/json", JsonUtils.format(new JsonObject().put("success", false)));
+			if (!webInterface.getFormPassword().equals(formPassword)) {
+				return response.setStatusCode(403).setStatusText("Forbidden").setContentType("application/json").write(JsonUtils.format(new JsonObject().put("success", false).put("error", "auth-required")));
+			}
+		}
+		if (requiresLogin()) {
+			if (getCurrentSone(request.getToadletContext(), false) == null) {
+				return response.setStatusCode(403).setStatusText("Forbidden").setContentType("application/json").write(JsonUtils.format(new JsonObject().put("success", false).put("error", "auth-required")));
 			}
 		}
 		JsonObject jsonObject = createJsonObject(request);
-		return new Response(200, "OK", "application/json", JsonUtils.format(jsonObject));
+		return response.setStatusCode(200).setStatusText("OK").setContentType("application/json").write(JsonUtils.format(jsonObject));
+	}
+
+	/**
+	 * {@inheritDoc}
+	 */
+	@Override
+	public boolean isLinkExcepted(URI link) {
+		return false;
 	}
 
 }
