String pinHash = FileSystemUtils.getArgFromFile(request,"hash");
LOGGER.debug("user id: " + userId);
LOGGER.debug("hash of pin: " + pinHash);
//Confronto tra hash del pin ed hash del pin salvato nel database
DBConnection connection=new DBConnection();
String sql = "SELECT subjectid, name, surname, hashpwd from usertable where subjectid = '%s'";
sql = String.format(sql, userId);
ResultSet rset;
boolean pinOk = false;
try {
rset = connection.getConnection().createStatement().executeQuery(sql);
//User found
if (rset.next()){
LOGGER.debug("OK, user found, now check if pin and hash pin are the same..");
if(rset.getString("hashpwd").equals(pinHash)){
LOGGER.debug("YES, they're the same!!");
pinOk = true;
}else{
LOGGER.debug("No, they aren't.");
LOGGER.debug("Hash pin in db: " + rset.getString("hashpwd"));
LOGGER.debug("Hash pin from client: " + pinHash);
}
}
} catch (SQLException e) {
LOGGER.error("SQL Exception while retriving pin hash of user: " + e.getMessage());
}
//Search if there is any .response in user folder
File userRoot = new File(ServerConfiguration.getWebDAVrootPath() + "/" + userId);
String[] files = userRoot.list();
for (int i = 0; i < files.length; i++) {
if (".response".equals(files[i])) {
LOGGER.debug("---Delete request into user root path");
new File(ServerConfiguration.getWebDAVrootPath() + "/" + userId + "/.response").delete();
}
}
//Send confirm or retry
if(pinOk){
response = ServerUpdatePermissionsManager.sendUpdatePermissions(request.getParent(), userId);
//response = ServerUpdatePermissionsManager.sendUpdatePermissionsResponseForOwneredFiles(request.getParent(), userId);
}else{
response = OverEncryptResponse.generateResponse(ServerPrimitives.OE_ERROR, request.getParent(), "PIN Check failed. Unmount WebDAV volume and try again");
SessionManager.removeFromSession(userId);
}
connection.closeConnection();
return response;
}