diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/org/traccar/api/BaseResource.java | 44 | ||||
-rw-r--r-- | src/org/traccar/api/ResponseBuilder.java | 129 | ||||
-rw-r--r-- | src/org/traccar/api/SecurityRequestFilter.java | 11 | ||||
-rw-r--r-- | src/org/traccar/api/resource/DeviceResource.java | 8 | ||||
-rw-r--r-- | src/org/traccar/api/resource/UserResource.java | 8 |
5 files changed, 44 insertions, 156 deletions
diff --git a/src/org/traccar/api/BaseResource.java b/src/org/traccar/api/BaseResource.java index 6051fdb61..9b0c2cf79 100644 --- a/src/org/traccar/api/BaseResource.java +++ b/src/org/traccar/api/BaseResource.java @@ -17,6 +17,8 @@ package org.traccar.api; import java.sql.SQLException; import java.util.Collection; +import java.util.HashMap; +import java.util.Map; import javax.ws.rs.WebApplicationException; import javax.ws.rs.core.Response; import javax.ws.rs.core.SecurityContext; @@ -24,38 +26,47 @@ import org.traccar.Context; import org.traccar.helper.Clazz; import org.traccar.model.User; -public class BaseResource<T, I> { +public class BaseResource<T> { + + private static final String ERROR_KEY = "error"; private final Class<T> clazz = Clazz.getGenericArgumentType(getClass()); @javax.ws.rs.core.Context private SecurityContext securityContext; + private static Map<String, String> getError(Exception e) { + Map<String, String> error = new HashMap<>(); + error.put(ERROR_KEY, e.getMessage()); + return error; + } + public Collection<T> getEntities() { Collection<T> collection; try { collection = Context.getDataManager().get(clazz); } catch (SQLException e) { - throw new WebApplicationException(ResponseBuilder.badRequest(e)); + throw new WebApplicationException( + Response.status(Response.Status.BAD_REQUEST).entity(getError(e)).build()); } if (collection == null || collection.isEmpty()) { - throw new WebApplicationException(ResponseBuilder.notFound()); + throw new WebApplicationException(Response.status(Response.Status.NOT_FOUND).build()); } else { return collection; } } - public T getEntity(I id) { + public T getEntity(long id) { validateSecurityContext(User.ROLE_USER, id); T entity = Clazz.newInstance(clazz); try { Clazz.setId(entity, id); entity = Context.getDataManager().get(entity); } catch (Exception e) { - throw new WebApplicationException(ResponseBuilder.badRequest(e)); + throw new WebApplicationException(Response.status(Response.Status.BAD_REQUEST).entity(getError(e)).build()); } if (entity == null) { - throw new WebApplicationException(ResponseBuilder.notFound()); + throw new WebApplicationException(Response.status(Response.Status.NOT_FOUND).build()); } else { return entity; } @@ -64,37 +75,38 @@ public class BaseResource<T, I> { public Response postEntity(T entity) { try { Context.getDataManager().add(entity); - return ResponseBuilder.ok(entity); + return Response.status(Response.Status.OK).entity(entity).build(); } catch (Exception e) { - return ResponseBuilder.badRequest(e); + return Response.status(Response.Status.BAD_REQUEST).entity(getError(e)).build(); } } - public Response putEntity(I id, T entity) { + public Response putEntity(long id, T entity) { try { Clazz.setId(entity, id); Context.getDataManager().update(entity); - return ResponseBuilder.ok(entity); + return Response.status(Response.Status.OK).entity(entity).build(); } catch (Exception e) { - return ResponseBuilder.badRequest(e); + return Response.status(Response.Status.BAD_REQUEST).entity(getError(e)).build(); } } - public Response deleteEntity(I id) { + public Response deleteEntity(long id) { try { T entity = Clazz.newInstance(clazz); Clazz.setId(entity, id); Context.getDataManager().remove(entity); - return ResponseBuilder.deleted(); + return Response.status(Response.Status.NO_CONTENT).build(); } catch (Exception e) { - return ResponseBuilder.badRequest(e); + return Response.status(Response.Status.BAD_REQUEST).entity(getError(e)).build(); } } - private void validateSecurityContext(String role, I id) { + private void validateSecurityContext(String role, long id) { UserPrincipal userPrincipal = (UserPrincipal) securityContext.getUserPrincipal(); if (!securityContext.isUserInRole(role) && !userPrincipal.getId().equals(id)) { - throw new WebApplicationException(ResponseBuilder.forbidden()); + throw new WebApplicationException(Response.status(Response.Status.FORBIDDEN).build()); } } + } diff --git a/src/org/traccar/api/ResponseBuilder.java b/src/org/traccar/api/ResponseBuilder.java deleted file mode 100644 index 195cb1923..000000000 --- a/src/org/traccar/api/ResponseBuilder.java +++ /dev/null @@ -1,129 +0,0 @@ -/* - * Copyright 2015 Anton Tananaev (anton.tananaev@gmail.com) - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.traccar.api; - -import java.io.Serializable; -import java.net.URI; -import java.net.URISyntaxException; -import java.util.Collection; -import java.util.HashMap; -import java.util.Map; -import java.util.logging.Logger; -import javax.ws.rs.core.Response; - -public final class ResponseBuilder implements Serializable { - - private static final long serialVersionUID = -2348334499023022836L; - - private static final String WWW_AUTHENTICATE = "WWW-Authenticate"; - private static final String BASIC_REALM = "Basic realm=\"api\""; - private static final String ERROR = "error"; - - private ResponseBuilder() { - } - - public static Response ok() { - return Response.status(Response.Status.OK).build(); - } - - public static <T> Response ok(T entity) { - return Response.status(Response.Status.OK).entity(entity).build(); - } - - public static <T> Response ok(Collection<T> entities) { - return Response.ok(entities).build(); - } - - public static Response created() { - return Response.status(Response.Status.CREATED).build(); - } - - public static <T> Response created(T entity) { - return Response.status(Response.Status.CREATED).entity(entity).build(); - } - - public static Response accepted() { - return Response.status(Response.Status.ACCEPTED).build(); - } - - public static <T> Response accepted(T entity) { - return Response.status(Response.Status.ACCEPTED).entity(entity).build(); - } - - public static Response deleted() { - return Response.status(Response.Status.NO_CONTENT).build(); - } - - public static Response notModified() { - return Response.status(Response.Status.NOT_MODIFIED).build(); - } - - public static Response badRequest() { - return Response.status(Response.Status.BAD_REQUEST).build(); - } - - public static Response badRequest(Exception e) { - return Response.status(Response.Status.BAD_REQUEST).entity(getError(e)).build(); - } - - public static Response unauthorized() { - return Response.status(Response.Status.UNAUTHORIZED).header(WWW_AUTHENTICATE, BASIC_REALM).build(); - } - - public static Response forbidden() { - return Response.status(Response.Status.FORBIDDEN).entity(getError(Response.Status.FORBIDDEN.name())).build(); - } - - public static Response notFound() { - return Response.status(Response.Status.NOT_FOUND).build(); - } - - public static Response timeout() { - return Response.status(Response.Status.REQUEST_TIMEOUT).build(); - } - - public static Response conflict() { - return Response.status(Response.Status.CONFLICT).build(); - } - - public static Response conflict(Exception e) { - return Response.status(Response.Status.CONFLICT).entity(getError(e)).build(); - } - - public static Response notImplemented() { - return Response.status(Response.Status.NOT_IMPLEMENTED).build(); - } - - public static Response redirect(String uri) { - try { - return Response.seeOther(new URI(uri)).build(); - } catch (URISyntaxException e) { - Logger.getAnonymousLogger().warning(e.getMessage()); - return null; - } - } - - private static Map<String, String> getError(Exception e) { - return getError(e.getMessage()); - } - - private static Map<String, String> getError(String message) { - Map<String, String> error = new HashMap<>(); - error.put(ERROR, message); - return error; - } - -} diff --git a/src/org/traccar/api/SecurityRequestFilter.java b/src/org/traccar/api/SecurityRequestFilter.java index 8dbd2bbb0..e9d285f9b 100644 --- a/src/org/traccar/api/SecurityRequestFilter.java +++ b/src/org/traccar/api/SecurityRequestFilter.java @@ -25,9 +25,13 @@ import javax.annotation.security.RolesAllowed; import javax.ws.rs.container.ContainerRequestContext; import javax.ws.rs.container.ContainerRequestFilter; import javax.ws.rs.container.ResourceInfo; +import javax.ws.rs.core.Response; public class SecurityRequestFilter implements ContainerRequestFilter { + private static final String WWW_AUTHENTICATE = "WWW-Authenticate"; + private static final String BASIC_REALM = "Basic realm=\"api\""; + @javax.ws.rs.core.Context private ResourceInfo resourceInfo; @@ -40,7 +44,7 @@ public class SecurityRequestFilter implements ContainerRequestFilter { } if (method.isAnnotationPresent(DenyAll.class)) { - requestContext.abortWith(ResponseBuilder.forbidden()); + requestContext.abortWith(Response.status(Response.Status.FORBIDDEN).build()); return; } @@ -49,7 +53,8 @@ public class SecurityRequestFilter implements ContainerRequestFilter { || userPrincipal.getName() == null || userPrincipal.getPassword() == null || !isAuthenticatedUser(userPrincipal)) { - requestContext.abortWith(ResponseBuilder.unauthorized()); + requestContext.abortWith( + Response.status(Response.Status.UNAUTHORIZED).header(WWW_AUTHENTICATE, BASIC_REALM).build()); return; } @@ -57,7 +62,7 @@ public class SecurityRequestFilter implements ContainerRequestFilter { RolesAllowed rolesAnnotation = method.getAnnotation(RolesAllowed.class); Set<String> roles = new HashSet<>(Arrays.asList(rolesAnnotation.value())); if (!isAuthorizedUser(userPrincipal, roles)) { - requestContext.abortWith(ResponseBuilder.forbidden()); + requestContext.abortWith(Response.status(Response.Status.FORBIDDEN).build()); return; } } diff --git a/src/org/traccar/api/resource/DeviceResource.java b/src/org/traccar/api/resource/DeviceResource.java index 98f1d1cca..50589171d 100644 --- a/src/org/traccar/api/resource/DeviceResource.java +++ b/src/org/traccar/api/resource/DeviceResource.java @@ -34,7 +34,7 @@ import org.traccar.model.User; @Path("devices") @Produces(MediaType.APPLICATION_JSON) @Consumes(MediaType.APPLICATION_JSON) -public class DeviceResource extends BaseResource<Device, Long> { +public class DeviceResource extends BaseResource<Device> { @GET @RolesAllowed(User.ROLE_ADMIN) @@ -47,7 +47,7 @@ public class DeviceResource extends BaseResource<Device, Long> { @Path("{id}") @RolesAllowed(User.ROLE_USER) @Override - public Device getEntity(@PathParam("id") Long id) { + public Device getEntity(@PathParam("id") long id) { return super.getEntity(id); } @@ -62,7 +62,7 @@ public class DeviceResource extends BaseResource<Device, Long> { @Path("{id}") @RolesAllowed(User.ROLE_USER) @Override - public Response putEntity(@PathParam("id") Long id, Device entity) { + public Response putEntity(@PathParam("id") long id, Device entity) { return super.putEntity(id, entity); } @@ -70,7 +70,7 @@ public class DeviceResource extends BaseResource<Device, Long> { @Path("{id}") @RolesAllowed(User.ROLE_USER) @Override - public Response deleteEntity(@PathParam("id") Long id) { + public Response deleteEntity(@PathParam("id") long id) { return super.deleteEntity(id); } diff --git a/src/org/traccar/api/resource/UserResource.java b/src/org/traccar/api/resource/UserResource.java index d2964c983..8e17787c2 100644 --- a/src/org/traccar/api/resource/UserResource.java +++ b/src/org/traccar/api/resource/UserResource.java @@ -33,7 +33,7 @@ import org.traccar.model.User; @Path("users") @Produces(MediaType.APPLICATION_JSON) @Consumes(MediaType.APPLICATION_JSON) -public class UserResource extends BaseResource<User, Long> { +public class UserResource extends BaseResource<User> { @GET @RolesAllowed(User.ROLE_ADMIN) @@ -46,7 +46,7 @@ public class UserResource extends BaseResource<User, Long> { @Path("{id}") @RolesAllowed(User.ROLE_USER) @Override - public User getEntity(@PathParam("id") Long id) { + public User getEntity(@PathParam("id") long id) { return super.getEntity(id); } @@ -61,7 +61,7 @@ public class UserResource extends BaseResource<User, Long> { @Path("{id}") @RolesAllowed(User.ROLE_USER) @Override - public Response putEntity(@PathParam("id") Long id, User entity) { + public Response putEntity(@PathParam("id") long id, User entity) { return super.putEntity(id, entity); } @@ -69,7 +69,7 @@ public class UserResource extends BaseResource<User, Long> { @Path("{id}") @RolesAllowed(User.ROLE_USER) @Override - public Response deleteEntity(@PathParam("id") Long id) { + public Response deleteEntity(@PathParam("id") long id) { return super.deleteEntity(id); } |