summaryrefslogtreecommitdiffstats
path: root/src/main/java/org
diff options
context:
space:
mode:
Diffstat (limited to 'src/main/java/org')
-rw-r--r--src/main/java/org/openslx/imagemaster/db/DbUser.java29
-rw-r--r--src/main/java/org/openslx/imagemaster/server/ApiServer.java21
-rw-r--r--src/main/java/org/openslx/imagemaster/session/SessionManager.java20
-rw-r--r--src/main/java/org/openslx/imagemaster/thrift/server/ImageServerHandler.java4
4 files changed, 49 insertions, 25 deletions
diff --git a/src/main/java/org/openslx/imagemaster/db/DbUser.java b/src/main/java/org/openslx/imagemaster/db/DbUser.java
index 6d9fe0a..46c5130 100644
--- a/src/main/java/org/openslx/imagemaster/db/DbUser.java
+++ b/src/main/java/org/openslx/imagemaster/db/DbUser.java
@@ -1,7 +1,10 @@
package org.openslx.imagemaster.db;
+import java.util.List;
+
import org.apache.log4j.Logger;
import org.openslx.imagemaster.session.User;
+import org.openslx.imagemaster.thrift.iface.UserInfo;
import org.openslx.imagemaster.util.Sha512Crypt;
/**
@@ -79,22 +82,18 @@ public class DbUser extends User
return false;
}
- /*
- public static int getUserIdByName( String username )
+ public static List<UserInfo> findUser( String organizationId, String searchTerm )
{
- DbUser user = forLogin( username );
- if ( user == null )
- return 0;
- return user.userId;
- }
-
- public static String getUserNameById( int id )
- {
- DbUser user = forLogin( id );
- if ( user == null )
- return null;
- return user.username;
+ final String str = "%" + searchTerm + "%"; // TODO: Better handling, escape LIKE chars, or even make this use REGEXP
+ if ( organizationId == null )
+ return MySQL.findAll( UserInfo.class, "SELECT login, firstname, lastname, email, organizationid"
+ + " FROM user"
+ + " WHERE login LIKE ? OR firstname LIKE ? OR lastname LIKE ? OR email LIKE ?"
+ + " LIMIT 100", str, str, str );
+ return MySQL.findAll( UserInfo.class, "SELECT login, firstname, lastname, email, organizationid"
+ + " FROM user"
+ + " WHERE organizationid = ? AND (login LIKE ? OR firstname LIKE ? OR lastname LIKE ? OR email LIKE ?)"
+ + " LIMIT 100", organizationId, str, str, str );
}
- */
}
diff --git a/src/main/java/org/openslx/imagemaster/server/ApiServer.java b/src/main/java/org/openslx/imagemaster/server/ApiServer.java
index aaad0db..1323ec6 100644
--- a/src/main/java/org/openslx/imagemaster/server/ApiServer.java
+++ b/src/main/java/org/openslx/imagemaster/server/ApiServer.java
@@ -1,10 +1,12 @@
package org.openslx.imagemaster.server;
import java.nio.ByteBuffer;
+import java.util.ArrayList;
import java.util.List;
import org.openslx.imagemaster.db.DbImage;
import org.openslx.imagemaster.db.DbSatellite;
+import org.openslx.imagemaster.db.DbUser;
import org.openslx.imagemaster.serverconnection.ImageProcessor;
import org.openslx.imagemaster.serversession.ServerAuthenticator;
import org.openslx.imagemaster.serversession.ServerSession;
@@ -76,7 +78,7 @@ public class ApiServer
public static UserInfo getUserFromToken( String token )
throws InvalidTokenException
{
- final Session session = SessionManager.getSession( token );
+ final Session session = SessionManager.getSessionFromToken( token );
if ( session == null )
throw new InvalidTokenException();
return new UserInfo( session.getLogin(), session.getFirstName(),
@@ -164,14 +166,19 @@ public class ApiServer
public static boolean publishUser( String serverSessionId, UserInfo user )
{
- // TODO Auto-generated method stub
+ // TODO
return false;
}
- public static List<UserInfo> findUser( String sessionId, String organizationId, String searchTerm )
+ public static List<UserInfo> findUser( String sessionId, String organizationId, String searchTerm ) throws AuthorizationException
{
- // TODO Auto-generated method stub
- return null;
+ // Needs to be a logged in user
+ if ( SessionManager.getSessionFromSessionId( sessionId ) == null )
+ throw new AuthorizationException( AuthorizationError.NOT_AUTHENTICATED, "Session ID not valid" );
+ // Search string needs to be at least 2 characters (FIXME: quick and dirty ignoring LIKE chars)
+ if ( searchTerm == null || searchTerm.length() < 2 || searchTerm.replaceAll( "[%_]", "" ).length() < 2 )
+ return new ArrayList<>( 0 );
+ return DbUser.findUser( organizationId, searchTerm );
}
public static List<OrganizationData> getOrganizations()
@@ -179,8 +186,10 @@ public class ApiServer
return DbSatellite.asOrganizationDataList();
}
- public static List<ImageData> getPublicImages( String sessionId, int page )
+ public static List<ImageData> getPublicImages( String sessionId, int page ) throws AuthorizationException
{
+ if ( SessionManager.getSessionFromSessionId( sessionId ) == null )
+ throw new AuthorizationException( AuthorizationError.NOT_AUTHENTICATED, "Session ID not valid" );
return DbImage.asImageDataList( page * 100, ( page + 1 ) * 100 );
}
}
diff --git a/src/main/java/org/openslx/imagemaster/session/SessionManager.java b/src/main/java/org/openslx/imagemaster/session/SessionManager.java
index 295b53e..e468278 100644
--- a/src/main/java/org/openslx/imagemaster/session/SessionManager.java
+++ b/src/main/java/org/openslx/imagemaster/session/SessionManager.java
@@ -28,12 +28,15 @@ public class SessionManager
synchronized ( sessions ) {
sessions.put( authToken, session );
+ sessions.put( sessionId, session );
}
return new SessionData( sessionId, authToken, session.getSatelliteAddress() );
}
- public static Session getSession( String token )
+ public static Session getSessionFromToken( String token )
{
+ if ( token == null || token.length() != 64 )
+ return null;
final Session session;
synchronized ( sessions ) {
session = sessions.get( token );
@@ -60,7 +63,6 @@ public class SessionManager
while ( it.hasNext() ) {
final Session s = it.next();
if ( s.timedOut() ) {
- log.debug( "Removing old session of " + s.getLogin() );
it.remove();
}
}
@@ -71,4 +73,18 @@ public class SessionManager
gcThread.start();
}
+ public static Object getSessionFromSessionId( String sessionId )
+ {
+ if ( sessionId == null || sessionId.length() != 32 )
+ return null;
+ final Session session;
+ synchronized ( sessions ) {
+ session = sessions.get( sessionId );
+ }
+ if ( session == null || session.timedOut() ) {
+ return null;
+ }
+ return session;
+ }
+
}
diff --git a/src/main/java/org/openslx/imagemaster/thrift/server/ImageServerHandler.java b/src/main/java/org/openslx/imagemaster/thrift/server/ImageServerHandler.java
index 3b9ffc1..3b8ebec 100644
--- a/src/main/java/org/openslx/imagemaster/thrift/server/ImageServerHandler.java
+++ b/src/main/java/org/openslx/imagemaster/thrift/server/ImageServerHandler.java
@@ -81,7 +81,7 @@ public class ImageServerHandler implements ImageServer.Iface
}
@Override
- public List<UserInfo> findUser( String sessionId, String organizationId, String searchTerm )
+ public List<UserInfo> findUser( String sessionId, String organizationId, String searchTerm ) throws AuthorizationException
{
return ApiServer.findUser( sessionId, organizationId, searchTerm );
}
@@ -93,7 +93,7 @@ public class ImageServerHandler implements ImageServer.Iface
}
@Override
- public List<ImageData> getPublicImages( String sessionId, int page )
+ public List<ImageData> getPublicImages( String sessionId, int page ) throws AuthorizationException
{
return ApiServer.getPublicImages( sessionId, page );
}
generated by cgit v1.2.3-55-g7522 (git 2.39.0) at 2024-05-13 23:16:58 +0200