org.openxdata.server.servlet.DataImportServlet.java Source code

Java tutorial

Introduction

Here is the source code for org.openxdata.server.servlet.DataImportServlet.java

Source

/*
 *  Licensed to the OpenXdata Foundation (OXDF) under one or more
 *  contributor license agreements.  See the NOTICE file distributed with
 *  this work for additional information regarding copyright ownership.
 *  The OXDF licenses this file to You under the Apache License, Version 2.0
 *  (the "License"); you may not use this file except in compliance with the License. 
 *  You may obtain a copy of the License at
 *
 *    http://www.apache.org/licenses/LICENSE-2.0
 *
 *  Unless required by applicable law or agreed to in writing, 
 *  software distributed under the License is distributed on an "AS IS" BASIS,
 *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 *  See the License for the specific language governing permissions and limitations under the License.
 *
 *  Copyright 2010 http://www.openxdata.org.
 */
package org.openxdata.server.servlet;

import java.io.IOException;

import javax.servlet.ServletContext;
import javax.servlet.ServletException;
import javax.servlet.ServletOutputStream;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.apache.commons.codec.binary.Base64;
import org.apache.log4j.Logger;
import org.openxdata.server.admin.model.User;
import org.openxdata.server.admin.model.exception.UserNotFoundException;
import org.openxdata.server.security.OpenXDataUserDetails;
import org.openxdata.server.security.OpenXdataUserDetailsService;
import org.openxdata.server.security.util.OpenXDataSecurityUtil;
import org.openxdata.server.service.AuthenticationService;
import org.openxdata.server.service.FormDownloadService;
import org.openxdata.server.service.UserService;
import org.springframework.security.userdetails.UserDetailsService;
import org.springframework.web.context.WebApplicationContext;
import org.springframework.web.context.support.WebApplicationContextUtils;

/**
 * Servlet that handles the import of data (data upload)
 * 
 * @author dagmar@cell-life.org.za
 */
public class DataImportServlet extends HttpServlet {

    private UserService userService;

    private UserDetailsService userDetailsService;

    private FormDownloadService formDownloadService;

    private AuthenticationService authenticationService;

    private Logger log = Logger.getLogger(this.getClass());

    private static final long serialVersionUID = 5669577564787538190L;

    @Override
    public void init() throws ServletException {

        ServletContext sctx = this.getServletContext();
        WebApplicationContext ctx = WebApplicationContextUtils.getRequiredWebApplicationContext(sctx);

        // Manual Injection
        userService = (UserService) ctx.getBean("userService");
        userDetailsService = (UserDetailsService) ctx.getBean("userDetailsService");
        formDownloadService = (FormDownloadService) ctx.getBean("formDownloadService");
        authenticationService = (AuthenticationService) ctx.getBean("authenticationService");
    }

    @Override
    protected void doGet(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        ServletOutputStream out = response.getOutputStream();
        try {
            // authenticate user
            User user = getUser(request.getHeader("Authorization"));
            if (user != null) {
                log.info("authenticated user:");
                // check msisdn
                String msisdn = request.getParameter("msisdn");
                if (msisdn != null && !msisdn.equals("")) {
                    // if an msisdn is sent, then we retrieve the user with that phone number
                    authenticateUserBasedOnMsisd(msisdn);
                }

                // can be empty or null, then the default is used. this parameter is a key in the settings table indicating the classname of the serializer to use
                String serializer = request.getParameter("serializer");

                // input stream
                // first byte contains number of forms (x)
                // followed by x number of UTF strings (use writeUTF method in DataOutput)
                formDownloadService.submitForms(request.getInputStream(), out, serializer);

            } else {
                response.setHeader("WWW-Authenticate", "BASIC realm=\"openxdata\"");
                response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
            }
        } catch (UserNotFoundException userNotFound) {
            out.println("Invalid msisdn");
            response.sendError(HttpServletResponse.SC_BAD_REQUEST);
            return;
        } catch (Exception e) {
            log.error("Could not import data", e);
            out.println(e.getMessage());
            response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
        } finally {
            out.close();
        }
    }

    @Override
    protected void doPost(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        doGet(request, response);
    }

    protected User authenticateUserBasedOnMsisd(String msisdn) throws UserNotFoundException {
        User msisdnUser = userService.findUserByPhoneNo(msisdn);
        OpenXDataUserDetails userDetails = (OpenXDataUserDetails) userDetailsService
                .loadUserByUsername(msisdnUser.getName());
        OpenXDataSecurityUtil.setSecurityContext(userDetails);
        log.info("msisdn " + msisdn + " is user " + msisdnUser.getName());

        return msisdnUser;
    }

    protected User getUser(String auth) throws IOException {
        User user = null;

        if (auth != null) {
            // Get encoded user and password, comes after "BASIC "
            String userpassEncoded = auth.substring(6);

            // Decode it, using any base 64 decoder
            // NOTE: can't use MD5 here because unless the same salt is used to hash the password, there is no way a match can be done
            String userpassDecoded = new String(Base64.decodeBase64(userpassEncoded.getBytes()));

            // split the username and password
            String[] userpass = userpassDecoded.split(":");

            // authentication
            user = authenticationService.authenticate(userpass[0], userpass[1]);
        }

        // user will be null if authentication failed
        return user;
    }

    void setAuthenticationService(AuthenticationService authenticationService) {
        this.authenticationService = authenticationService;
    }

    void setUserService(UserService userService) {
        this.userService = userService;
    }

    void setUserDetailsService(OpenXdataUserDetailsService userDetailsService) {
        this.userDetailsService = userDetailsService;
    }
}