public void doPost(HttpServletRequest request, HttpServletResponse response)
throws IOException, ServletException {
DBBind oBnd = null;
JDCConnection oCon = null;
short iAuth;
boolean bAllowed;
String sDbb = request.getParameter("profile");
String sUsr = request.getParameter("user");
String sPwd = request.getParameter("password");
String sCmd = request.getParameter("command");
String sCls = request.getParameter("class");
String sTbl = request.getParameter("table");
String sFld = request.getParameter("fields");
String sWhr = request.getParameter("where");
String sMax = request.getParameter("maxrows");
String sSkp = request.getParameter("skip");
String sCol = request.getParameter("coldelim");
String sRow = request.getParameter("rowdelim");
if (DebugFile.trace) {
DebugFile.writeln("Begin HttpDataObjsServlet.doPost()");
DebugFile.incIdent();
}
if (null==sDbb) {
sDbb = "hipergate";
}
if (null==sUsr) {
if (DebugFile.trace) DebugFile.decIdent();
response.sendError(HttpServletResponse.SC_BAD_REQUEST, "Parameter user is requiered");
return;
}
if (null==sPwd) {
if (DebugFile.trace) DebugFile.decIdent();
response.sendError(HttpServletResponse.SC_BAD_REQUEST, "Parameter password is requiered");
return;
}
if (null==sCmd) {
if (DebugFile.trace) DebugFile.decIdent();
response.sendError(HttpServletResponse.SC_BAD_REQUEST, "Parameter command is requiered");
return;
} else if (sCmd.equalsIgnoreCase("query")) {
if (null==sFld) {
if (DebugFile.trace) DebugFile.decIdent();
response.sendError(HttpServletResponse.SC_BAD_REQUEST, "Parameter fields is requiered");
return;
} else if (hasSqlSignature(sFld)) {
if (DebugFile.trace) DebugFile.decIdent();
response.sendError(HttpServletResponse.SC_BAD_REQUEST, "Parameter fields has an invalid syntax");
return;
}
}
if (null==sTbl) {
if (DebugFile.trace) DebugFile.decIdent();
response.sendError(HttpServletResponse.SC_BAD_REQUEST, "Parameter table is requiered");
return;
} else if (hasSqlSignature(sTbl)) {
if (DebugFile.trace) DebugFile.decIdent();
response.sendError(HttpServletResponse.SC_BAD_REQUEST, "Parameter table has an invalid syntax");
return;
}
Properties oEnv = Environment.getProfile(sDbb);
if (null==oEnv) {
if (DebugFile.trace) DebugFile.decIdent();
response.sendError(HttpServletResponse.SC_SERVICE_UNAVAILABLE, "Databind " + sDbb + " is not available");
return;
}
if (!sCmd.equalsIgnoreCase("ping") && !sCmd.equalsIgnoreCase("query") && !sCmd.equalsIgnoreCase("update") && !sCmd.equalsIgnoreCase("nextval")) {
if (DebugFile.trace) DebugFile.decIdent();
response.sendError(HttpServletResponse.SC_METHOD_NOT_ALLOWED, "Command " + sCmd + " not recognized");
return;
}
if (sCmd.equalsIgnoreCase("ping")) {
response.setContentType("text/plain");
response.getOutputStream().print("HttpDataObjsServlet ping OK");
if (DebugFile.trace) {
DebugFile.decIdent();
DebugFile.writeln("End HttpDataObjsServlet.doPost()");
}
return;
}
if (oBindings.containsKey(sDbb)) {
oBnd = (DBBind) oBindings.get(sDbb);
} else {
oBnd = new DBBind(sDbb);
oBindings.put(sDbb, oBnd);
}
if (sCmd.equalsIgnoreCase("query")) {
int iMax;
if (null==sMax)
iMax = 500;
else
iMax = Integer.parseInt(sMax);
int iSkp;
if (null==sSkp)
iSkp = 0;
else
iSkp = Integer.parseInt(sSkp);
DBSubset oDbs = new DBSubset (sTbl, sFld, sWhr, iMax);
if (null!=sRow) oDbs.setRowDelimiter(sRow);
if (null!=sCol) oDbs.setColumnDelimiter(sCol);
oDbs.setMaxRows(iMax);
try {
oCon = oBnd.getConnection("HttpDataObjsServlet");
if (null==oCon) {
if (DebugFile.trace) DebugFile.decIdent();
throw new ServletException("ERROR Unable to get database connection from pool "+sDbb);
}
if (oBnd.exists(oCon, DB.k_users, "U")) {
if (Gadgets.checkEMail(sUsr)) {
sUsr = ACLUser.getIdFromEmail(oCon, sUsr);
if (null==sUsr)
iAuth = ACL.USER_NOT_FOUND;
else
iAuth = ACL.autenticate(oCon, sUsr, sPwd, ACL.PWD_CLEAR_TEXT);
} else {
iAuth = ACL.autenticate(oCon, sUsr, sPwd, ACL.PWD_CLEAR_TEXT);
}
} else {
iAuth = 0;
} // fi (exists k_users)
if (iAuth<0) {
response.sendError(HttpServletResponse.SC_FORBIDDEN, ACL.getErrorMessage(iAuth));
} else {
oDbs.load(oCon, iSkp);
response.setContentType("text/plain");
response.setCharacterEncoding("UTF-8");
response.getOutputStream().write(oDbs.toString().getBytes("UTF-8"));
}
oCon.close("HttpDataObjsServlet");
oCon = null;
} catch (SQLException sqle) {
if (null!=oCon) {
try { oCon.close("HttpDataObjsServlet"); } catch (Exception ignore) {}
oCon = null;
}
if (DebugFile.trace) DebugFile.decIdent();
throw new ServletException("SQLException "+sqle.getMessage());
}
}
else if (sCmd.equalsIgnoreCase("update")) {
if (DebugFile.trace) DebugFile.writeln("command is update");
Enumeration oParamNames = request.getParameterNames();
DBPersist oDbp;
Class oCls;
if (null==sCls) {
oDbp = new DBPersist(sTbl, "DBPersist");
try {
oCls = Class.forName("com.knowgate.dataobjs.DBPersist");
} catch (ClassNotFoundException neverthrown) { oCls=null; }
} else {
try {
oCls = Class.forName(sCls);
oDbp = (DBPersist) oCls.newInstance();
} catch (ClassNotFoundException nfe) {
if (DebugFile.trace) DebugFile.decIdent();
throw new ServletException("ClassNotFoundException "+nfe.getMessage()+" "+sCls);
} catch (InstantiationException ine) {
if (DebugFile.trace) DebugFile.decIdent();
throw new ServletException("InstantiationException "+ine.getMessage()+" "+sCls);
} catch (IllegalAccessException iae) {
if (DebugFile.trace) DebugFile.decIdent();
throw new ServletException("IllegalAccessException "+iae.getMessage()+" "+sCls);
} catch (ClassCastException cce) {
if (DebugFile.trace) DebugFile.decIdent();
throw new ServletException("ClassCastException "+cce.getMessage()+" "+sCls);
}
if (sCls.equals("com.knowgate.hipergate.InvoicePayment") &&
request.getParameter("gu_invoice")!=null & request.getParameter("pg_payment")!=null) {
if (request.getParameter("gu_invoice").length()>0 &&
request.getParameter("pg_payment").length()>0) {
try {
oCon = oBnd.getConnection("HttpDataObjsServlet.InvoicePayment", true);
oDbp.load(oCon, new Object[]{request.getParameter("gu_invoice"), new Integer(request.getParameter("pg_payment"))});
oCon.close("HttpDataObjsServlet.InvoicePayment");
oCon=null;
} catch (Exception xcpt) {
if (DebugFile.trace) {
DebugFile.writeln(xcpt.getClass().getName()+" "+xcpt.getMessage());
DebugFile.decIdent();
}
throw new ServletException(xcpt.getClass().getName()+" "+xcpt.getMessage(), xcpt);
}
finally {
if (oCon!=null) { try { if (!oCon.isClosed()) { oCon.close("HttpDataObjsServlet.InvoicePayment"); } } catch (Exception ignore) { } }
} // finally
} // fi (gu_invoice && pg_payment)
} // fi (sCls==InvoicePayment)
} // fi
if (DebugFile.trace) DebugFile.writeln("class "+oDbp.getClass().getName()+" instantiated");
while (oParamNames.hasMoreElements()) {
String sKey = (String) oParamNames.nextElement();
if (DebugFile.trace) DebugFile.writeln("reading parameter "+sKey);
sKey = sKey.trim();
int iSpc = sKey.indexOf(' ');
if (iSpc>0) {
String sKeyName = sKey.substring(0, iSpc);
iSpc++;
if (iSpc<sKey.length()-1) {
String sSQLType = sKey.substring(iSpc);
if (DebugFile.trace) DebugFile.writeln("sqltype is "+sSQLType);
if (sSQLType.toUpperCase().startsWith("DATE") || sSQLType.toUpperCase().startsWith("DATETIME") || sSQLType.toUpperCase().startsWith("TIMESTAMP")) {
iSpc = sSQLType.indexOf(' ');
String sDtFmt = "";
try {
if (iSpc > 0) {
sDtFmt = sSQLType.substring(++iSpc);
if (DebugFile.trace) DebugFile.writeln("date format is "+sDtFmt);
oDbp.replace(sKeyName, request.getParameter(sKey), new SimpleDateFormat(sDtFmt));
} else {
oDbp.replace(sKeyName, request.getParameter(sKey), DBColumn.getSQLType(sSQLType));
}
} catch (ParseException pe) {
if (DebugFile.trace) DebugFile.decIdent();
throw new ServletException("ERROR ParseException "+sKey+"|"+sDtFmt+"|"+request.getParameter(sKey)+" "+pe.getMessage());
} catch (IllegalArgumentException ia) {
if (DebugFile.trace) DebugFile.decIdent();
throw new ServletException("ERROR IllegalArgumentException "+sKey+"|"+sDtFmt+"|"+request.getParameter(sKey)+ia.getMessage());
}
} else {
try {
oDbp.replace(sKeyName, request.getParameter(sKey), DBColumn.getSQLType(sSQLType));
} catch (NumberFormatException nfe) {
if (DebugFile.trace) DebugFile.decIdent();
throw new ServletException("ERROR NumberFormatException "+sKey+" "+" "+request.getParameter(sKey)+" "+nfe.getMessage());
}
}
} else {
oDbp.replace(sKeyName, request.getParameter(sKey));
}
} else {
oDbp.replace(sKey, request.getParameter(sKey));
}
} // wend
try {
oCon = oBnd.getConnection("HttpDataObjsServlet");
if (null==oCon) {
if (DebugFile.trace) DebugFile.decIdent();
throw new ServletException("ERROR Unable to get database connection from pool "+sDbb);
}
if (oBnd.exists(oCon, DB.k_users, "U")) {
if (Gadgets.checkEMail(sUsr)) {
sUsr = ACLUser.getIdFromEmail(oCon, sUsr);
if (null==sUsr)
iAuth = ACL.USER_NOT_FOUND;
else
iAuth = ACL.autenticate(oCon, sUsr, sPwd, ACL.PWD_CLEAR_TEXT);
} else {
iAuth = ACL.autenticate(oCon, sUsr, sPwd, ACL.PWD_CLEAR_TEXT);
} // fi (checkEMail(sUsr))
} else {
iAuth = 0;
} // fi (exists(DBk_users))
if (iAuth<0) {
response.sendError(HttpServletResponse.SC_FORBIDDEN, ACL.getErrorMessage(iAuth));
} else {
if (oDbp.isNull(DB.gu_workarea))
bAllowed = true;
else
bAllowed = isUserAllowed(oCon, sUsr, oDbp.getString(DB.gu_workarea));
if (bAllowed) {
oCon.setAutoCommit(true);
if (null==sCls) {
oDbp.store(oCon);
} else {
if (DebugFile.trace) DebugFile.writeln(oCls.getName()+".getMethod(\"store\", new Class[]{Class.forName(\"com.knowgate.jdc.JDCConnection\")}).invoke(...)");
oCls.getMethod("store", new Class[]{Class.forName("com.knowgate.jdc.JDCConnection")}).invoke(oDbp, new Object[]{oCon});
} // fi (sCls)
response.setContentType("text/plain");
response.setCharacterEncoding("UTF-8");
response.getOutputStream().print("SUCCESS");
} else {
response.sendError(HttpServletResponse.SC_FORBIDDEN, "User does not have write permissions on target WorkArea");
} // fi (bAllowed)
}
oCon.close("HttpDataObjsServlet");
oCon = null;
} catch (InvocationTargetException ite) {
if (null!=oCon) {
try { oCon.close("HttpDataObjsServlet"); oCon = null;
} catch (Exception ignore) {}
} // fi
if (DebugFile.trace) DebugFile.decIdent();
throw new ServletException(ite.getCause().getClass().getName()+" "+ite.getCause().getMessage()+"\n"+StackTraceUtil.getStackTrace(ite));
} catch (Exception xcpt) {
if (null!=oCon) {
try { oCon.close("HttpDataObjsServlet"); oCon = null;
} catch (Exception ignore) {}
} // fi
if (DebugFile.trace) DebugFile.decIdent();
throw new ServletException(xcpt.getClass().getName()+" "+xcpt.getMessage()+"\n"+StackTraceUtil.getStackTrace(xcpt));
}
}
else if (sCmd.equalsIgnoreCase("nextval")) {
try {
oCon = oBnd.getConnection("HttpDataObjsServlet");
if (null==oCon) {
if (DebugFile.trace) DebugFile.decIdent();
throw new ServletException("ERROR Unable to get database connection from pool "+sDbb);
}
if (oBnd.exists(oCon, DB.k_users, "U")) {
if (Gadgets.checkEMail(sUsr)) {
sUsr = ACLUser.getIdFromEmail(oCon, sUsr);
if (null==sUsr)
iAuth = ACL.USER_NOT_FOUND;
else
iAuth = ACL.autenticate(oCon, sUsr, sPwd, ACL.PWD_CLEAR_TEXT);
} else {
iAuth = ACL.autenticate(oCon, sUsr, sPwd, ACL.PWD_CLEAR_TEXT);
}
} else {
iAuth = 0;
} // fi (exists k_users)
switch (iAuth) {
case ACL.ACCOUNT_CANCELLED:
response.sendError(HttpServletResponse.SC_FORBIDDEN, "Account cancelled");
break;
case ACL.ACCOUNT_DEACTIVATED:
response.sendError(HttpServletResponse.SC_FORBIDDEN, "Account deactivated");
break;
case ACL.INVALID_PASSWORD:
response.sendError(HttpServletResponse.SC_FORBIDDEN, "Invalid password");
break;
case ACL.PASSWORD_EXPIRED:
response.sendError(HttpServletResponse.SC_FORBIDDEN, "Password expired");
break;
case ACL.USER_NOT_FOUND:
response.sendError(HttpServletResponse.SC_FORBIDDEN, "User not found");
break;
default:
String sNextVal = String.valueOf(oBnd.nextVal(oCon, sTbl));
response.setContentType("text/plain");
response.setCharacterEncoding("ISO-8859-1");
response.getOutputStream().write(sNextVal.getBytes("ISO8859_1"));
} // end switch
oCon.close("HttpDataObjsServlet");
oCon = null;
} catch (SQLException sqle) {
if (null!=oCon) {
try { oCon.close("HttpDataObjsServlet"); } catch (Exception ignore) {}
oCon = null;
}
if (DebugFile.trace) DebugFile.decIdent();
throw new ServletException("SQLException "+sqle.getMessage());
}