Package com.wesabe.grendel.resources

Source Code of com.wesabe.grendel.resources.DocumentResource

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
package com.wesabe.grendel.resources;

import java.security.SecureRandom;

import javax.ws.rs.Consumes;
import javax.ws.rs.DELETE;
import javax.ws.rs.GET;
import javax.ws.rs.PUT;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
import javax.ws.rs.WebApplicationException;
import javax.ws.rs.core.CacheControl;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.EntityTag;
import javax.ws.rs.core.HttpHeaders;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Request;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.Response.ResponseBuilder;
import javax.ws.rs.core.Response.Status;

import org.joda.time.DateTime;
import org.joda.time.DateTimeZone;

import com.google.inject.Inject;
import com.google.inject.Provider;
import com.wesabe.grendel.auth.Credentials;
import com.wesabe.grendel.auth.Session;
import com.wesabe.grendel.entities.Document;
import com.wesabe.grendel.entities.dao.DocumentDAO;
import com.wesabe.grendel.entities.dao.UserDAO;
import com.wesabe.grendel.openpgp.CryptographicException;
import com.wideplay.warp.persist.Transactional;

/**
* A class which exposes {@link Document} as a resource.
*
* @author coda
*/
@Path("/users/{user_id}/documents/{name}")
@Consumes(MediaType.WILDCARD)
@Produces(MediaType.WILDCARD)
public class DocumentResource {
  private static final CacheControl CACHE_SETTINGS;
  static {
    CACHE_SETTINGS = new CacheControl();
    CACHE_SETTINGS.setNoCache(true);
    CACHE_SETTINGS.setNoStore(true);
    CACHE_SETTINGS.setPrivate(true);
  }
 
  private final Provider<SecureRandom> randomProvider;
  private final UserDAO userDAO;
  private final DocumentDAO documentDAO;
 
  @Inject
  public DocumentResource(Provider<SecureRandom> randomProvider, UserDAO userDAO,
    DocumentDAO documentDAO) {
    this.randomProvider = randomProvider;
    this.userDAO = userDAO;
    this.documentDAO = documentDAO;
  }
 
  /**
   * Responds to a {@link GET} request by decrypting the {@link Document} body
   * and returning it.
   * <p>
   * <strong>N.B.:</strong> Requires Basic authentication.
   * @throws CryptographicException
   */
  @GET
  public Response show(@Context Request request, @Context Credentials credentials,
    @PathParam("user_id") String userId, @PathParam("name") String name) throws CryptographicException {
   
    final Session session = credentials.buildSession(userDAO, userId);
   
    final Document doc = documentDAO.findByOwnerAndName(session.getUser(), name);
   
    if (doc == null) {
      throw new WebApplicationException(Status.NOT_FOUND);
    }
   
    checkPreconditions(request, doc);
   
    final byte[] body = doc.decryptBody(session.getKeySet());
    return Response.ok()
        .entity(body)
        .type(doc.getContentType())
        .cacheControl(CACHE_SETTINGS)
        .lastModified(doc.getModifiedAt().toDate())
        .tag(doc.getEtag())
        .build();
  }
 
  /**
   * Responds to a {@link DELETE} request by deleting the {@link Document}.
   * <p>
   * <strong>N.B.:</strong> Requires Basic authentication.
   */
  @DELETE
  @Transactional
  public Response delete(@Context Request request, @Context Credentials credentials,
    @PathParam("user_id") String userId, @PathParam("name") String name) {
   
    final Session session = credentials.buildSession(userDAO, userId);
    final Document doc = documentDAO.findByOwnerAndName(session.getUser(), name);
    if (doc == null) {
      throw new WebApplicationException(Status.NOT_FOUND);
    }
   
    checkPreconditions(request, doc);
   
    documentDAO.delete(doc);
    return Response.noContent().build();
  }
 
  /**
   * Responds to a {@link PUT} request by replacing the specified
   * {@link Document} with the request entity.
   * <p>
   * <strong>N.B.:</strong> Requires Basic authentication.
   * @throws CryptographicException
   */
  @PUT
  @Transactional
  public Response store(@Context Request request, @Context HttpHeaders headers,
    @Context Credentials credentials, @PathParam("user_id") String userId,
    @PathParam("name") String name, byte[] body) throws CryptographicException {
   
    final Session session = credentials.buildSession(userDAO, userId);
    Document doc = documentDAO.findByOwnerAndName(session.getUser(), name);
    if (doc == null) {
      doc = documentDAO.newDocument(session.getUser(), name, headers.getMediaType());
    } else {
      checkPreconditions(request, doc);
    }
   
    doc.setModifiedAt(new DateTime(DateTimeZone.UTC));
    doc.encryptAndSetBody(
      session.getKeySet(),
      randomProvider.get(),
      body
    );
   
    documentDAO.saveOrUpdate(doc);
     
    return Response
        .noContent()
        .tag(doc.getEtag())
        .build();
  }
 
  /**
   * If the request has {@code If-Modified-Since} or {@code If-None-Match}
   * headers, and the resource has a matching {@link Document#getModifiedAt()}
   * or {@link Document#getEtag()}, returns a {@code 304 Unmodified},
   * indicating the client has the most recent version of the resource.
   *
   * If the request has a {@code If-Unmodified-Since} or {@code If-Match}
   * headers, and the resource has a more recent
   * {@link Document#getModifiedAt()} or {@link Document#getEtag()}, returns
   * a {@code 412 Precondition Failed}, indicating the client should re-read
   * the resource before overwriting it.
   */
  private void checkPreconditions(Request request, Document document) {
    final EntityTag eTag = new EntityTag(document.getEtag());
    final ResponseBuilder response = request.evaluatePreconditions(document.getModifiedAt().toDate(), eTag);
    if (response != null) {
      throw new WebApplicationException(response.build());
    }
  }
 
}
TOP

Related Classes of com.wesabe.grendel.resources.DocumentResource

  • com.wesabe.grendel.auth.Session
  • com.wesabe.grendel.entities.Document
  • com.wesabe.grendel.resources.tests.DocumentResourceTest$Context
  • org.joda.time.DateTime
  • javax.ws.rs.core.Response.ResponseBuilder
  • javax.ws.rs.core.EntityTag
  • javax.ws.rs.WebApplicationException
    • TOP
    Copyright © 2018 www.massapi.com. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.