public Representation get()
{
StringBuffer errorString = new StringBuffer("Query error");
String data = null;
MediaType mediaType = MediaType.APPLICATION_JSON; // (or RSS, or XML)
ResponsePojo rp = null;
String cookieLookup = null;
try {
// First off, check the cookie is valid:
boolean bNotRss = !_requestDetails.output.format.equalsIgnoreCase("rss");
// maybe don't need cookie for RSS?
// Do a quick bit of further error checking here too:
if (bNotRss) {
if (!_requestDetails.output.format.equalsIgnoreCase("xml") &&
!_requestDetails.output.format.equalsIgnoreCase("kml") &&
!_requestDetails.output.format.equalsIgnoreCase("json"))
{
rp = new ResponsePojo();
rp.setResponse(new ResponseObject("Output Format", false, "Unsupported output.format"));
data = rp.toApi();
return new StringRepresentation(data, mediaType);
}
}
// Perform cookie lookup (for RSS may allow us to skip other auth logic)
cookieLookup = RESTTools.cookieLookup(_cookie);
if (!bNotRss) { // RSS case
ObjectId userId = null;
//Set the commids to whatever is given in the query to
_communityIdStrList = "";
for ( ObjectId comm : _requestDetails.communityIds )
{
_communityIdStrList += "," + comm.toString();
}
_communityIdStrList = _communityIdStrList.substring(1);
// Authentication:
if (null == cookieLookup)
{ // (else don't need to both)
Map<String, String> queryOptions = this.getQuery().getValuesMap();
String sKey = queryOptions.get("key");
String sKeyCmp = null;
if (null != sKey) { // Key allowed to be 1 or 2 things: hash of query or password...
sKeyCmp = PasswordEncryption.encrypt(this._queryJson); //encrypt
}
if ((null == sKeyCmp) || !sKeyCmp.equals(sKey)) {
// User/password also allowed, TBD this will require SSL
String user = queryOptions.get("user");
String password = queryOptions.get("password");
AuthenticationPojo authuser = null;
if ((null != user) && (null != password)) {
authuser = PasswordEncryption.validateUser(user,password, false);
}
if ( authuser == null )
{
// Don't have either authentication or key, bomb out...
rp = new ResponsePojo();
rp.setResponse(new ResponseObject("Cookie Lookup", false, "Cookie session expired or never existed, please login first or use valid key or user/pass"));
data = rp.toApi();
mediaType = MediaType.APPLICATION_JSON;
return new StringRepresentation(data, mediaType);
}
userId = authuser.getProfileId();
cookieLookup = userId.toString();
}
//no other auth was used, try using the commid
if ( null == cookieLookup )
{
userId = _requestDetails.communityIds.get(0);
cookieLookup = userId.toString();
}
// Check user still exists, leave quietly if not
try {
BasicDBObject personQuery = new BasicDBObject("_id", userId);
if (null == DbManager.getSocial().getPerson().findOne(personQuery)) {
cookieLookup = null;
}
}
catch (Exception e) { // unknown error, bail
cookieLookup = null;
}
}
// end authentication for RSS
// Also, since we're RSS, there's a bunch of output params that we know we don't need:
// (output and output.docs are guaranteed to exist)
_requestDetails.output.aggregation = null;
_requestDetails.output.docs.ents = false;
_requestDetails.output.docs.events = false;
_requestDetails.output.docs.facts = false;
_requestDetails.output.docs.summaries = false;
_requestDetails.output.docs.eventsTimeline = false;
_requestDetails.output.docs.metadata = false;
//set cookielookup to first commid
}
// Fail out otherwise perform query
if (cookieLookup == null) // wrong password, or rss-user doesn't exist
{
rp = new ResponsePojo();
rp.setResponse(new ResponseObject("Cookie Lookup", false, "Cookie session expired or never existed, please login first"));
data = rp.toApi();
}
else
{
//check communities are valid before using
if ( SocialUtils.validateCommunityIds(cookieLookup, _communityIdStrList) )
rp = _queryController.doQuery(cookieLookup, _requestDetails, _communityIdStrList, errorString);
else {
errorString.append(": Community Ids are not valid for this user");
RESTTools.logRequest(this);
}
if (null == rp) { // Error handling including RSS
rp = new ResponsePojo();
rp.setResponse(new ResponseObject("Query Format", false, errorString.toString()));
data = rp.toApi();
}
else { // Valid response, output handle all output formats
// Output type
// JSON
//if (null != _requestDetails.output || _requestDetails.output.format.equalsIgnoreCase("json")) {
// Modified based on logic (never able to get to xml or rss based on above logic)
if (null == _requestDetails.output.format || _requestDetails.output.format.equalsIgnoreCase("json")) {
data = rp.toApi();
}
else if (_requestDetails.output.format.equalsIgnoreCase("xml")) { // XML
mediaType = MediaType.APPLICATION_XML;
// Output type
// Xml
XmlOutput xml = new XmlOutput();
data = xml.getFeeds(rp);
}
else if(_requestDetails.output.format.equalsIgnoreCase("kml")) {
mediaType = MediaType.APPLICATION_XML;
// Output type
// Kml
KmlOutput kml = new KmlOutput();
data = kml.getDocs(rp);
}
else if (_requestDetails.output.format.equalsIgnoreCase("rss")) { // RSS
mediaType = MediaType.APPLICATION_XML;
RssOutput rss = new RssOutput();
// print out the rss since we know that the response is not null
data = rss.getDocs(rp);
}
else { // Not pleasant after all this just to return an error :(
rp = new ResponsePojo();
rp.setResponse(new ResponseObject("Output Format", false, "Unsupported output.format"));
data = rp.toApi();
}
}
}//TESTED
}
catch (Exception e) {
// (LOGS TO CATALINA.OUT IF THE LOG MESSAGES AREN'T NECESSARY)
e.printStackTrace();
errorString.append(" userid=").append(cookieLookup).append(" groups=").append(_communityIdStrList);
errorString.append( " error='").append(e.getMessage()).append("' stack=");
Globals.populateStackTrace(errorString, e);
if (null != e.getCause()) {
errorString.append("[CAUSE=").append(e.getCause().getMessage()).append("]");
Globals.populateStackTrace(errorString, e.getCause());
}
String error = errorString.toString();
_logger.error(error);
//getResponse().setStatus(Status.SERVER_ERROR_INTERNAL);
rp = new ResponsePojo();
rp.setResponse(new ResponseObject("Query", false, error));
data = rp.toApi();
}//TESTED
// One last check to ensure data has value (ugly ugly ugly)
if (data == null ) {
rp = new ResponsePojo();
rp.setResponse(new ResponseObject("Query", false, errorString.toString()));
data = rp.toApi();
}
return new StringRepresentation(data, mediaType);
}