List of usage examples for javax.servlet.http HttpServletResponse encodeRedirectUrl
@Deprecated
public String encodeRedirectUrl(String url);
From source file:org.etudes.mneme.tool.FreezeView.java
/** * {@inheritDoc}/*from w ww . j ava2s .co m*/ */ public void get(HttpServletRequest req, HttpServletResponse res, Context context, String[] params) throws IOException { // [2]sort for /grades, [3]aid if (params.length != 4) throw new IllegalArgumentException(); // grades sort parameter String gradesSortCode = params[2]; context.put("sort_grades", gradesSortCode); // security if (!this.submissionService.allowEvaluate(toolManager.getCurrentPlacement().getContext())) { // redirect to error res.sendRedirect(res.encodeRedirectURL(Web.returnUrl(req, "/error/" + Errors.unauthorized))); return; } Assessment assessment = this.assessmentService.getAssessment(params[3]); if (assessment == null) { res.sendRedirect(res.encodeRedirectURL(Web.returnUrl(req, "/error/" + Errors.invalid))); return; } // check that we have a survey if (assessment.getType() != AssessmentType.survey) { res.sendRedirect(res.encodeRedirectURL(Web.returnUrl(req, "/error/" + Errors.invalid))); return; } // check that the assessment is not a formal course evaluation if (assessment.getFormalCourseEval()) { res.sendRedirect(res.encodeRedirectURL(Web.returnUrl(req, "/error/" + Errors.unauthorized))); return; } // check that it has NOT been frozen if (assessment.getFrozen()) { res.sendRedirect(res.encodeRedirectURL(Web.returnUrl(req, "/error/" + Errors.invalid))); return; } // collect all the submissions for the assessment List<Submission> submissions = this.submissionService.findAssessmentSubmissions(assessment, SubmissionService.FindAssessmentSubmissionsSort.sdate_a, Boolean.FALSE, null, null, null, null); AssessmentStatsView.computePercentComplete(assessment, submissions, context); // see if we have any in-progress boolean incomplete = false; for (Submission s : submissions) { // if non-phantom and incomplete, count it if ((!s.getIsPhantom()) && (!s.getIsComplete()) && (!s.getIsTestDrive())) { incomplete = true; break; } } context.put("incomplete", Boolean.valueOf(incomplete)); context.put("assessment", assessment); // pick up any later special access date Date specialClose = null; for (AssessmentAccess a : assessment.getSpecialAccess().getAccess()) { if (a.getOverrideAcceptUntilDate()) { if ((specialClose == null) || a.getAcceptUntilDate().after(specialClose)) specialClose = a.getAcceptUntilDate(); } else if (a.getOverrideDueDate()) { if ((specialClose == null) || a.getDueDate().after(specialClose)) specialClose = a.getDueDate(); } } if ((assessment.getDates().getSubmitUntilDate() != null) && (specialClose != null) && (specialClose.before(assessment.getDates().getSubmitUntilDate()))) { specialClose = null; } if (specialClose != null) context.put("specialClose", specialClose); // render uiService.render(ui, context); }
From source file:org.muse.mneme.tool.EnterView.java
/** * {@inheritDoc}/*from ww w . j a v a2s.c om*/ */ public void get(HttpServletRequest req, HttpServletResponse res, Context context, String[] params) throws IOException { // we need a single parameter (aid) if (params.length != 3) { throw new IllegalArgumentException(); } String assessmentId = params[2]; // get the assessment Assessment assessment = assessmentService.getAssessment(assessmentId); if (assessment == null) { // redirect to error res.sendRedirect(res.encodeRedirectURL(Web.returnUrl(req, "/error/" + Errors.invalid))); return; } // get the submissions from the user to this assessment Submission submission = submissionService.getNewUserAssessmentSubmission(assessment, null); if (submission == null) { // redirect to error res.sendRedirect(res.encodeRedirectURL(Web.returnUrl(req, "/error/" + Errors.invalid))); return; } // check for closed (test drive can skip this) if (!submission.getIsTestDrive()) { if (submission.getAssessment().getDates().getIsClosed().booleanValue()) { // redirect to error res.sendRedirect(res.encodeRedirectURL(Web.returnUrl(req, "/error/" + Errors.closed))); return; } } // security check (submissions count / allowed check) if (!submissionService.allowSubmit(submission)) { // redirect to error res.sendRedirect(res.encodeRedirectURL(Web.returnUrl(req, "/error/" + Errors.unauthorized))); return; } // collect information: the selected assessment (id the request) context.put("assessment", submission.getAssessment()); // for the tool navigation if (this.assessmentService.allowManageAssessments(toolManager.getCurrentPlacement().getContext())) { context.put("maintainer", Boolean.TRUE); } // render uiService.render(ui, context); }
From source file:ubic.gemma.web.controller.common.auditAndSecurity.SignupController.java
@RequestMapping("/confirmRegistration.html") public void confirmRegistration(HttpServletRequest request, HttpServletResponse response) throws Exception { String username = request.getParameter("username"); String key = request.getParameter("key"); if (StringUtils.isBlank(username) || StringUtils.isBlank(key)) { throw new IllegalArgumentException( "The confirmation url was not valid; it must contain the key and username"); }//w ww. j a v a 2 s . c om boolean ok = userManager.validateSignupToken(username, key); if (ok) { super.saveMessage(request, "Your account is now enabled. Log in to continue"); response.sendRedirect(response.encodeRedirectURL(request.getContextPath() + "/home.html")); } else { super.saveMessage(request, "Sorry, your registration could not be validated. Please register again."); response.sendRedirect(response.encodeRedirectURL(request.getContextPath() + "/signup.html")); } }
From source file:com.idega.block.form.presentation.FormViewer.java
protected void handleExit(XMLEvent exitEvent, XFormsSession xFormsSession, HttpSession session, HttpServletRequest request, HttpServletResponse response) throws IOException { if (ChibaEventNames.REPLACE_ALL.equals(exitEvent.getType())) { response.sendRedirect(response.encodeRedirectURL( request.getContextPath() + "/SubmissionResponse?sessionKey=" + xFormsSession.getKey())); } else if (ChibaEventNames.LOAD_URI.equals(exitEvent.getType())) { Object showContextInfo = exitEvent.getContextInfo("show"); if (showContextInfo != null) { String sessionId = xFormsSession.getKey(); String explanation = "Killing XForm session '".concat(sessionId) .concat("', because context info 'show' is: ").concat(showContextInfo.toString()) .concat(", expected value: 'replace'"); ChibaUtils.getInstance().markXFormSessionFinished(sessionId, Boolean.TRUE); XFormsSessionManager manager = xFormsSession.getManager(); if (manager instanceof IdegaXFormSessionManagerImpl) { ((IdegaXFormSessionManagerImpl) manager).deleteXFormsSession(sessionId, explanation); } else { LOGGER.warning("Using not standard XForm manager to delete XForm session: " .concat(manager.toString()).concat(" ").concat(explanation)); manager.deleteXFormsSession(sessionId); }/* w ww . j a v a2 s.co m*/ setSessionKey(null); String loadURI = (String) exitEvent.getContextInfo("uri"); response.sendRedirect(response.encodeRedirectURL(loadURI)); } } LOGGER.fine("Exited during XForms model init"); }
From source file:org.mikha.utils.web.HttpParamsRequest.java
/** * Redirects given response to given URL. * @param rsp response//w w w.j a va 2s. c o m * @param url URL to redirect to. If starts with '/', is considered to be * context-relative. * @throws ServletException if failed to write redirect */ public void redirect(HttpServletResponse rsp, String url) throws ServletException { if (url.charAt(0) == '/') { url = getContextPath() + url; } url = rsp.encodeRedirectURL(url); try { rsp.sendRedirect(url); } catch (IOException ex) { throw new ServletException(String.format("Failed to redirect to \"%s\"", url), ex); } }
From source file:org.muse.mneme.tool.ListView.java
/** * {@inheritDoc}/*from w ww.j a v a 2 s .com*/ */ public void get(HttpServletRequest req, HttpServletResponse res, Context context, String[] params) throws IOException { // 0 or 1 parameters if ((params.length != 2) && (params.length != 3)) { throw new IllegalArgumentException(); } // optional sort parameter String sortCode = null; if (params.length == 3) { sortCode = params[2]; } // check security if (!assessmentService.allowListDeliveryAssessment(toolManager.getCurrentPlacement().getContext())) { // redirect to error res.sendRedirect(res.encodeRedirectURL(Web.returnUrl(req, "/error/" + Errors.unauthorized))); return; } // SORT: 0|1|2|3 A|D - 2 chars, column | direction if ((sortCode != null) && (sortCode.length() != 2)) { // redirect to error res.sendRedirect(res.encodeRedirectURL(Web.returnUrl(req, "/error/" + Errors.invalid))); return; } SubmissionService.GetUserContextSubmissionsSort sort = SubmissionService.GetUserContextSubmissionsSort.title_a; if (sortCode != null) { context.put("sort_column", sortCode.charAt(0)); context.put("sort_direction", sortCode.charAt(1)); // 0 is title if ((sortCode.charAt(0) == '0') && (sortCode.charAt(1) == 'A')) { sort = SubmissionService.GetUserContextSubmissionsSort.title_a; } else if ((sortCode.charAt(0) == '0') && (sortCode.charAt(1) == 'D')) { sort = SubmissionService.GetUserContextSubmissionsSort.title_d; } // 1 is status else if ((sortCode.charAt(0) == '1') && (sortCode.charAt(1) == 'A')) { sort = SubmissionService.GetUserContextSubmissionsSort.status_a; } else if ((sortCode.charAt(0) == '1') && (sortCode.charAt(1) == 'D')) { sort = SubmissionService.GetUserContextSubmissionsSort.status_d; } // 2 is due date else if ((sortCode.charAt(0) == '2') && (sortCode.charAt(1) == 'A')) { sort = SubmissionService.GetUserContextSubmissionsSort.dueDate_a; } else if ((sortCode.charAt(0) == '2') && (sortCode.charAt(1) == 'D')) { sort = SubmissionService.GetUserContextSubmissionsSort.dueDate_d; } // 3 is type else if ((sortCode.charAt(0) == '3') && (sortCode.charAt(1) == 'A')) { sort = SubmissionService.GetUserContextSubmissionsSort.type_a; } else if ((sortCode.charAt(0) == '3') && (sortCode.charAt(1) == 'D')) { sort = SubmissionService.GetUserContextSubmissionsSort.type_d; } else { // redirect to error res.sendRedirect(res.encodeRedirectURL(Web.returnUrl(req, "/error/" + Errors.invalid))); return; } } // default sort: status descending if (sortCode == null) { context.put("sort_column", '1'); context.put("sort_direction", 'D'); sort = SubmissionService.GetUserContextSubmissionsSort.status_d; } // collect information: submissions / assessments // TODO: get unpublished as well for test drive List<Submission> submissions = this.submissionService .getUserContextSubmissions(toolManager.getCurrentPlacement().getContext(), null, sort); context.put("submissions", submissions); // disable the tool navigation to this view context.put("disableDelivery", Boolean.TRUE); // for the tool navigation if (this.assessmentService.allowManageAssessments(toolManager.getCurrentPlacement().getContext())) { context.put("maintainer", Boolean.TRUE); } // render uiService.render(ui, context); }
From source file:org.etudes.mneme.tool.AssessmentAccessView.java
/** * {@inheritDoc}/*from www . j ava2 s . c o m*/ */ public void get(HttpServletRequest req, HttpServletResponse res, Context context, String[] params) throws IOException { // we need 3 parameters: sort, aid, access id - all else is a return url if (params.length < 5) { throw new IllegalArgumentException(); } String sort = params[2]; String assessmentId = params[3]; String accessId = params[4]; // get the assessment Assessment assessment = assessmentService.getAssessment(assessmentId); if (assessment == null) { // redirect to error res.sendRedirect(res.encodeRedirectURL(Web.returnUrl(req, "/error/" + Errors.invalid))); return; } // security check if (!assessmentService.allowEditAssessment(assessment)) { // redirect to error res.sendRedirect(res.encodeRedirectURL(Web.returnUrl(req, "/error/" + Errors.unauthorized))); return; } // if access id is actually a user id, find the access that is for this user (only) AssessmentAccess access = null; if (accessId.startsWith("USER:")) { String[] parts = StringUtil.splitFirst(accessId, ":"); access = assessment.getSpecialAccess().assureUserAccess(parts[1]); // this may have altered the assessment - save try { this.assessmentService.saveAssessment(assessment); } catch (AssessmentPermissionException e) { // redirect to error res.sendRedirect(res.encodeRedirectURL(Web.returnUrl(req, "/error/" + Errors.unauthorized))); return; } catch (AssessmentPolicyException e) { // redirect to error res.sendRedirect(res.encodeRedirectURL(Web.returnUrl(req, "/error/" + Errors.policy))); return; } // don't let the user be changed context.put("fixed_user", parts[1]); } else { access = assessment.getSpecialAccess().getAccess(accessId); } if (access == null) { // redirect to error res.sendRedirect(res.encodeRedirectURL(Web.returnUrl(req, "/error/" + Errors.invalid))); return; } // setup the model context.put("assessment", assessment); context.put("access", access); context.put("sort", sort); // return String destination = null; if (params.length > 5) { destination = "/" + StringUtil.unsplit(params, 5, params.length - 5, "/"); } else { destination = "/assessment_special/" + sort + "/" + assessment.getId(); } context.put("return", destination); // render uiService.render(ui, context); }
From source file:org.muse.mneme.tool.ImportAssignmentView.java
/** * {@inheritDoc}/*from w w w.jav a2 s. c om*/ */ public void post(HttpServletRequest req, HttpServletResponse res, Context context, String[] params) throws IOException { // [2] pools sort, [3] source context if (params.length != 4) { throw new IllegalArgumentException(); } String poolsSort = params[2]; String sourceContext = params[3]; String toolContext = toolManager.getCurrentPlacement().getContext(); // if the source is the same site as this one, we will draftSource when we import boolean draftSource = (sourceContext.equals(toolContext)); if (!this.poolService.allowManagePools(toolContext)) { // redirect to error res.sendRedirect(res.encodeRedirectURL(Web.returnUrl(req, "/error/" + Errors.unauthorized))); return; } Values selectedPools = this.uiService.newValues(); context.put("selectedAssignments", selectedPools); // read the form String destination = uiService.decode(req, context); // import the pools if ("IMPORT".equals(destination)) { for (String id : selectedPools.getValues()) { try { this.importService.importAssignment(id, toolContext, draftSource); } catch (AssessmentPermissionException e) { // redirect to error res.sendRedirect(res.encodeRedirectURL(Web.returnUrl(req, "/error/" + Errors.unauthorized))); return; } } destination = "/pools/" + poolsSort; } res.sendRedirect(res.encodeRedirectURL(Web.returnUrl(req, destination))); }
From source file:org.muse.mneme.tool.ReviewView.java
/** * {@inheritDoc}/*www. j a v a 2 s . c o m*/ */ public void get(HttpServletRequest req, HttpServletResponse res, Context context, String[] params) throws IOException { // we need two parameters (sid/quesiton selector) if (params.length != 3) { throw new IllegalArgumentException(); } String submissionId = params[2]; // yes feedback, and we are in review context.put("review", Boolean.TRUE); context.put("actionTitle", messages.getString("question-header-review")); // collect the submission Submission submission = submissionService.getSubmission(submissionId); if (submission == null) { // redirect to error res.sendRedirect(res.encodeRedirectURL(Web.returnUrl(req, "/error/" + Errors.invalid))); return; } if (!submissionService.allowReviewSubmission(submission)) { // redirect to error res.sendRedirect(res.encodeRedirectURL(Web.returnUrl(req, "/error/" + Errors.unauthorized))); return; } context.put("submission", submission); // collect all the answers for review List<Answer> answers = submission.getAnswersOrdered(); context.put("answers", answers); // in this special case, since there's no real action in the service to do this, we need to generate an event eventTrackingService.post( eventTrackingService.newEvent(MnemeService.SUBMISSION_REVIEW, submission.getReference(), false)); // for the tool navigation if (this.assessmentService.allowManageAssessments(toolManager.getCurrentPlacement().getContext())) { context.put("maintainer", Boolean.TRUE); } // render uiService.render(ui, context); }
From source file:com.epam.training.storefront.util.CSRFHandlerInterceptor.java
@Override public boolean preHandle(final HttpServletRequest request, final HttpServletResponse response, final Object handler) throws Exception { if (shouldCheckCSRFTokenForRequest(request)) { // This is a POST request - need to check the CSRF token final String sessionToken = CSRFTokenManager.getTokenForSession(request.getSession()); final String requestToken = CSRFTokenManager.getTokenFromRequest(request); if (sessionToken.equals(requestToken)) { return true; } else {//from w w w . jav a2 s . c om final String redirectUrl = getRedirectUrl(request); request.getSession().invalidate(); LOG.error("Bad or missing CSRF value; redirecting to " + redirectUrl); final String encodedRedirectUrl = response .encodeRedirectURL(request.getContextPath() + redirectUrl); response.sendRedirect(encodedRedirectUrl); return false; } } else { // Not a POST - allow the request return true; } }