Example usage for javax.servlet.http HttpServletResponse encodeRedirectUrl

List of usage examples for javax.servlet.http HttpServletResponse encodeRedirectUrl

Introduction

In this page you can find the example usage for javax.servlet.http HttpServletResponse encodeRedirectUrl.

Prototype

@Deprecated
public String encodeRedirectUrl(String url);

Source Link

Usage

From source file:org.etudes.mneme.tool.FreezeView.java

/**
 * {@inheritDoc}/*from  w  ww .  j ava2s .co  m*/
 */
public void get(HttpServletRequest req, HttpServletResponse res, Context context, String[] params)
        throws IOException {
    // [2]sort for /grades, [3]aid
    if (params.length != 4)
        throw new IllegalArgumentException();

    // grades sort parameter
    String gradesSortCode = params[2];
    context.put("sort_grades", gradesSortCode);

    // security
    if (!this.submissionService.allowEvaluate(toolManager.getCurrentPlacement().getContext())) {
        // redirect to error
        res.sendRedirect(res.encodeRedirectURL(Web.returnUrl(req, "/error/" + Errors.unauthorized)));
        return;
    }

    Assessment assessment = this.assessmentService.getAssessment(params[3]);
    if (assessment == null) {
        res.sendRedirect(res.encodeRedirectURL(Web.returnUrl(req, "/error/" + Errors.invalid)));
        return;
    }

    // check that we have a survey
    if (assessment.getType() != AssessmentType.survey) {
        res.sendRedirect(res.encodeRedirectURL(Web.returnUrl(req, "/error/" + Errors.invalid)));
        return;
    }

    // check that the assessment is not a formal course evaluation
    if (assessment.getFormalCourseEval()) {
        res.sendRedirect(res.encodeRedirectURL(Web.returnUrl(req, "/error/" + Errors.unauthorized)));
        return;
    }

    // check that it has NOT been frozen
    if (assessment.getFrozen()) {
        res.sendRedirect(res.encodeRedirectURL(Web.returnUrl(req, "/error/" + Errors.invalid)));
        return;
    }

    // collect all the submissions for the assessment
    List<Submission> submissions = this.submissionService.findAssessmentSubmissions(assessment,
            SubmissionService.FindAssessmentSubmissionsSort.sdate_a, Boolean.FALSE, null, null, null, null);
    AssessmentStatsView.computePercentComplete(assessment, submissions, context);

    // see if we have any in-progress
    boolean incomplete = false;
    for (Submission s : submissions) {
        // if non-phantom and incomplete, count it
        if ((!s.getIsPhantom()) && (!s.getIsComplete()) && (!s.getIsTestDrive())) {
            incomplete = true;
            break;
        }
    }
    context.put("incomplete", Boolean.valueOf(incomplete));

    context.put("assessment", assessment);

    // pick up any later special access date
    Date specialClose = null;
    for (AssessmentAccess a : assessment.getSpecialAccess().getAccess()) {
        if (a.getOverrideAcceptUntilDate()) {
            if ((specialClose == null) || a.getAcceptUntilDate().after(specialClose))
                specialClose = a.getAcceptUntilDate();
        } else if (a.getOverrideDueDate()) {
            if ((specialClose == null) || a.getDueDate().after(specialClose))
                specialClose = a.getDueDate();
        }
    }
    if ((assessment.getDates().getSubmitUntilDate() != null) && (specialClose != null)
            && (specialClose.before(assessment.getDates().getSubmitUntilDate()))) {
        specialClose = null;
    }
    if (specialClose != null)
        context.put("specialClose", specialClose);

    // render
    uiService.render(ui, context);
}

From source file:org.muse.mneme.tool.EnterView.java

/**
 * {@inheritDoc}/*from  ww w  .  j  a v a2s.c  om*/
 */
public void get(HttpServletRequest req, HttpServletResponse res, Context context, String[] params)
        throws IOException {
    // we need a single parameter (aid)
    if (params.length != 3) {
        throw new IllegalArgumentException();
    }

    String assessmentId = params[2];

    // get the assessment
    Assessment assessment = assessmentService.getAssessment(assessmentId);
    if (assessment == null) {
        // redirect to error
        res.sendRedirect(res.encodeRedirectURL(Web.returnUrl(req, "/error/" + Errors.invalid)));
        return;
    }

    // get the submissions from the user to this assessment
    Submission submission = submissionService.getNewUserAssessmentSubmission(assessment, null);
    if (submission == null) {
        // redirect to error
        res.sendRedirect(res.encodeRedirectURL(Web.returnUrl(req, "/error/" + Errors.invalid)));
        return;
    }

    // check for closed (test drive can skip this)
    if (!submission.getIsTestDrive()) {
        if (submission.getAssessment().getDates().getIsClosed().booleanValue()) {
            // redirect to error
            res.sendRedirect(res.encodeRedirectURL(Web.returnUrl(req, "/error/" + Errors.closed)));
            return;
        }
    }

    // security check (submissions count / allowed check)
    if (!submissionService.allowSubmit(submission)) {
        // redirect to error
        res.sendRedirect(res.encodeRedirectURL(Web.returnUrl(req, "/error/" + Errors.unauthorized)));
        return;
    }

    // collect information: the selected assessment (id the request)
    context.put("assessment", submission.getAssessment());

    // for the tool navigation
    if (this.assessmentService.allowManageAssessments(toolManager.getCurrentPlacement().getContext())) {
        context.put("maintainer", Boolean.TRUE);
    }

    // render
    uiService.render(ui, context);
}

From source file:ubic.gemma.web.controller.common.auditAndSecurity.SignupController.java

@RequestMapping("/confirmRegistration.html")
public void confirmRegistration(HttpServletRequest request, HttpServletResponse response) throws Exception {
    String username = request.getParameter("username");
    String key = request.getParameter("key");

    if (StringUtils.isBlank(username) || StringUtils.isBlank(key)) {
        throw new IllegalArgumentException(
                "The confirmation url was not valid; it must contain the key and username");
    }//w  ww. j  a  v  a  2 s  .  c om

    boolean ok = userManager.validateSignupToken(username, key);

    if (ok) {
        super.saveMessage(request, "Your account is now enabled. Log in to continue");
        response.sendRedirect(response.encodeRedirectURL(request.getContextPath() + "/home.html"));
    } else {
        super.saveMessage(request, "Sorry, your registration could not be validated. Please register again.");
        response.sendRedirect(response.encodeRedirectURL(request.getContextPath() + "/signup.html"));
    }

}

From source file:com.idega.block.form.presentation.FormViewer.java

protected void handleExit(XMLEvent exitEvent, XFormsSession xFormsSession, HttpSession session,
        HttpServletRequest request, HttpServletResponse response) throws IOException {
    if (ChibaEventNames.REPLACE_ALL.equals(exitEvent.getType())) {
        response.sendRedirect(response.encodeRedirectURL(
                request.getContextPath() + "/SubmissionResponse?sessionKey=" + xFormsSession.getKey()));
    } else if (ChibaEventNames.LOAD_URI.equals(exitEvent.getType())) {
        Object showContextInfo = exitEvent.getContextInfo("show");
        if (showContextInfo != null) {
            String sessionId = xFormsSession.getKey();
            String explanation = "Killing XForm session '".concat(sessionId)
                    .concat("', because context info 'show' is: ").concat(showContextInfo.toString())
                    .concat(", expected value: 'replace'");

            ChibaUtils.getInstance().markXFormSessionFinished(sessionId, Boolean.TRUE);

            XFormsSessionManager manager = xFormsSession.getManager();
            if (manager instanceof IdegaXFormSessionManagerImpl) {
                ((IdegaXFormSessionManagerImpl) manager).deleteXFormsSession(sessionId, explanation);
            } else {
                LOGGER.warning("Using not standard XForm manager to delete XForm session: "
                        .concat(manager.toString()).concat(" ").concat(explanation));
                manager.deleteXFormsSession(sessionId);
            }/* w  ww . j a  v  a2 s.co m*/
            setSessionKey(null);

            String loadURI = (String) exitEvent.getContextInfo("uri");
            response.sendRedirect(response.encodeRedirectURL(loadURI));
        }
    }
    LOGGER.fine("Exited during XForms model init");
}

From source file:org.mikha.utils.web.HttpParamsRequest.java

/**
 * Redirects given response to given URL.
 * @param rsp response//w w w.j a va 2s.  c  o m
 * @param url URL to redirect to. If starts with '/', is considered to be
 *        context-relative.
 * @throws ServletException if failed to write redirect
 */
public void redirect(HttpServletResponse rsp, String url) throws ServletException {
    if (url.charAt(0) == '/') {
        url = getContextPath() + url;
    }
    url = rsp.encodeRedirectURL(url);
    try {
        rsp.sendRedirect(url);
    } catch (IOException ex) {
        throw new ServletException(String.format("Failed to redirect to \"%s\"", url), ex);
    }
}

From source file:org.muse.mneme.tool.ListView.java

/**
 * {@inheritDoc}/*from   w  ww.j  a v a  2  s .com*/
 */
public void get(HttpServletRequest req, HttpServletResponse res, Context context, String[] params)
        throws IOException {
    // 0 or 1 parameters
    if ((params.length != 2) && (params.length != 3)) {
        throw new IllegalArgumentException();
    }

    // optional sort parameter
    String sortCode = null;
    if (params.length == 3) {
        sortCode = params[2];
    }

    // check security
    if (!assessmentService.allowListDeliveryAssessment(toolManager.getCurrentPlacement().getContext())) {
        // redirect to error
        res.sendRedirect(res.encodeRedirectURL(Web.returnUrl(req, "/error/" + Errors.unauthorized)));
        return;
    }

    // SORT: 0|1|2|3 A|D - 2 chars, column | direction
    if ((sortCode != null) && (sortCode.length() != 2)) {
        // redirect to error
        res.sendRedirect(res.encodeRedirectURL(Web.returnUrl(req, "/error/" + Errors.invalid)));
        return;
    }

    SubmissionService.GetUserContextSubmissionsSort sort = SubmissionService.GetUserContextSubmissionsSort.title_a;
    if (sortCode != null) {
        context.put("sort_column", sortCode.charAt(0));
        context.put("sort_direction", sortCode.charAt(1));

        // 0 is title
        if ((sortCode.charAt(0) == '0') && (sortCode.charAt(1) == 'A')) {
            sort = SubmissionService.GetUserContextSubmissionsSort.title_a;
        } else if ((sortCode.charAt(0) == '0') && (sortCode.charAt(1) == 'D')) {
            sort = SubmissionService.GetUserContextSubmissionsSort.title_d;
        }

        // 1 is status
        else if ((sortCode.charAt(0) == '1') && (sortCode.charAt(1) == 'A')) {
            sort = SubmissionService.GetUserContextSubmissionsSort.status_a;
        } else if ((sortCode.charAt(0) == '1') && (sortCode.charAt(1) == 'D')) {
            sort = SubmissionService.GetUserContextSubmissionsSort.status_d;
        }

        // 2 is due date
        else if ((sortCode.charAt(0) == '2') && (sortCode.charAt(1) == 'A')) {
            sort = SubmissionService.GetUserContextSubmissionsSort.dueDate_a;
        } else if ((sortCode.charAt(0) == '2') && (sortCode.charAt(1) == 'D')) {
            sort = SubmissionService.GetUserContextSubmissionsSort.dueDate_d;
        }

        // 3 is type
        else if ((sortCode.charAt(0) == '3') && (sortCode.charAt(1) == 'A')) {
            sort = SubmissionService.GetUserContextSubmissionsSort.type_a;
        } else if ((sortCode.charAt(0) == '3') && (sortCode.charAt(1) == 'D')) {
            sort = SubmissionService.GetUserContextSubmissionsSort.type_d;
        }

        else {
            // redirect to error
            res.sendRedirect(res.encodeRedirectURL(Web.returnUrl(req, "/error/" + Errors.invalid)));
            return;
        }
    }

    // default sort: status descending
    if (sortCode == null) {
        context.put("sort_column", '1');
        context.put("sort_direction", 'D');
        sort = SubmissionService.GetUserContextSubmissionsSort.status_d;
    }

    // collect information: submissions / assessments
    // TODO: get unpublished as well for test drive
    List<Submission> submissions = this.submissionService
            .getUserContextSubmissions(toolManager.getCurrentPlacement().getContext(), null, sort);
    context.put("submissions", submissions);

    // disable the tool navigation to this view
    context.put("disableDelivery", Boolean.TRUE);

    // for the tool navigation
    if (this.assessmentService.allowManageAssessments(toolManager.getCurrentPlacement().getContext())) {
        context.put("maintainer", Boolean.TRUE);
    }

    // render
    uiService.render(ui, context);
}

From source file:org.etudes.mneme.tool.AssessmentAccessView.java

/**
 * {@inheritDoc}/*from   www . j  ava2  s .  c  o  m*/
 */
public void get(HttpServletRequest req, HttpServletResponse res, Context context, String[] params)
        throws IOException {
    // we need 3 parameters: sort, aid, access id - all else is a return url
    if (params.length < 5) {
        throw new IllegalArgumentException();
    }
    String sort = params[2];
    String assessmentId = params[3];
    String accessId = params[4];

    // get the assessment
    Assessment assessment = assessmentService.getAssessment(assessmentId);
    if (assessment == null) {
        // redirect to error
        res.sendRedirect(res.encodeRedirectURL(Web.returnUrl(req, "/error/" + Errors.invalid)));
        return;
    }

    // security check
    if (!assessmentService.allowEditAssessment(assessment)) {
        // redirect to error
        res.sendRedirect(res.encodeRedirectURL(Web.returnUrl(req, "/error/" + Errors.unauthorized)));
        return;
    }

    // if access id is actually a user id, find the access that is for this user (only)
    AssessmentAccess access = null;
    if (accessId.startsWith("USER:")) {
        String[] parts = StringUtil.splitFirst(accessId, ":");
        access = assessment.getSpecialAccess().assureUserAccess(parts[1]);

        // this may have altered the assessment - save
        try {
            this.assessmentService.saveAssessment(assessment);
        } catch (AssessmentPermissionException e) {
            // redirect to error
            res.sendRedirect(res.encodeRedirectURL(Web.returnUrl(req, "/error/" + Errors.unauthorized)));
            return;
        } catch (AssessmentPolicyException e) {
            // redirect to error
            res.sendRedirect(res.encodeRedirectURL(Web.returnUrl(req, "/error/" + Errors.policy)));
            return;
        }

        // don't let the user be changed
        context.put("fixed_user", parts[1]);
    } else {
        access = assessment.getSpecialAccess().getAccess(accessId);
    }

    if (access == null) {
        // redirect to error
        res.sendRedirect(res.encodeRedirectURL(Web.returnUrl(req, "/error/" + Errors.invalid)));
        return;
    }

    // setup the model
    context.put("assessment", assessment);
    context.put("access", access);
    context.put("sort", sort);

    // return
    String destination = null;
    if (params.length > 5) {
        destination = "/" + StringUtil.unsplit(params, 5, params.length - 5, "/");
    } else {
        destination = "/assessment_special/" + sort + "/" + assessment.getId();
    }
    context.put("return", destination);

    // render
    uiService.render(ui, context);
}

From source file:org.muse.mneme.tool.ImportAssignmentView.java

/**
 * {@inheritDoc}/*from w w w.jav  a2 s. c om*/
 */
public void post(HttpServletRequest req, HttpServletResponse res, Context context, String[] params)
        throws IOException {
    // [2] pools sort, [3] source context
    if (params.length != 4) {
        throw new IllegalArgumentException();
    }
    String poolsSort = params[2];
    String sourceContext = params[3];

    String toolContext = toolManager.getCurrentPlacement().getContext();

    // if the source is the same site as this one, we will draftSource when we import
    boolean draftSource = (sourceContext.equals(toolContext));

    if (!this.poolService.allowManagePools(toolContext)) {
        // redirect to error
        res.sendRedirect(res.encodeRedirectURL(Web.returnUrl(req, "/error/" + Errors.unauthorized)));
        return;
    }

    Values selectedPools = this.uiService.newValues();
    context.put("selectedAssignments", selectedPools);

    // read the form
    String destination = uiService.decode(req, context);

    // import the pools
    if ("IMPORT".equals(destination)) {
        for (String id : selectedPools.getValues()) {
            try {
                this.importService.importAssignment(id, toolContext, draftSource);
            } catch (AssessmentPermissionException e) {
                // redirect to error
                res.sendRedirect(res.encodeRedirectURL(Web.returnUrl(req, "/error/" + Errors.unauthorized)));
                return;
            }
        }

        destination = "/pools/" + poolsSort;
    }

    res.sendRedirect(res.encodeRedirectURL(Web.returnUrl(req, destination)));
}

From source file:org.muse.mneme.tool.ReviewView.java

/**
 * {@inheritDoc}/*www.  j  a  v  a  2  s . c o  m*/
 */
public void get(HttpServletRequest req, HttpServletResponse res, Context context, String[] params)
        throws IOException {
    // we need two parameters (sid/quesiton selector)
    if (params.length != 3) {
        throw new IllegalArgumentException();
    }

    String submissionId = params[2];

    // yes feedback, and we are in review
    context.put("review", Boolean.TRUE);
    context.put("actionTitle", messages.getString("question-header-review"));

    // collect the submission
    Submission submission = submissionService.getSubmission(submissionId);
    if (submission == null) {
        // redirect to error
        res.sendRedirect(res.encodeRedirectURL(Web.returnUrl(req, "/error/" + Errors.invalid)));
        return;
    }

    if (!submissionService.allowReviewSubmission(submission)) {
        // redirect to error
        res.sendRedirect(res.encodeRedirectURL(Web.returnUrl(req, "/error/" + Errors.unauthorized)));
        return;
    }

    context.put("submission", submission);

    // collect all the answers for review
    List<Answer> answers = submission.getAnswersOrdered();
    context.put("answers", answers);

    // in this special case, since there's no real action in the service to do this, we need to generate an event
    eventTrackingService.post(
            eventTrackingService.newEvent(MnemeService.SUBMISSION_REVIEW, submission.getReference(), false));

    // for the tool navigation
    if (this.assessmentService.allowManageAssessments(toolManager.getCurrentPlacement().getContext())) {
        context.put("maintainer", Boolean.TRUE);
    }

    // render
    uiService.render(ui, context);
}

From source file:com.epam.training.storefront.util.CSRFHandlerInterceptor.java

@Override
public boolean preHandle(final HttpServletRequest request, final HttpServletResponse response,
        final Object handler) throws Exception {
    if (shouldCheckCSRFTokenForRequest(request)) {
        // This is a POST request - need to check the CSRF token
        final String sessionToken = CSRFTokenManager.getTokenForSession(request.getSession());
        final String requestToken = CSRFTokenManager.getTokenFromRequest(request);
        if (sessionToken.equals(requestToken)) {
            return true;
        } else {//from   w  w w .  jav  a2  s .  c om
            final String redirectUrl = getRedirectUrl(request);
            request.getSession().invalidate();
            LOG.error("Bad or missing CSRF value; redirecting to " + redirectUrl);
            final String encodedRedirectUrl = response
                    .encodeRedirectURL(request.getContextPath() + redirectUrl);
            response.sendRedirect(encodedRedirectUrl);
            return false;
        }
    } else {
        // Not a POST - allow the request
        return true;
    }
}