Package com.wesabe.grendel.resources

Source Code of com.wesabe.grendel.resources.LinkResource

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
package com.wesabe.grendel.resources;

import java.security.SecureRandom;

import javax.ws.rs.DELETE;
import javax.ws.rs.PUT;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.WebApplicationException;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.Response.Status;

import com.google.inject.Inject;
import com.google.inject.Provider;
import com.wesabe.grendel.auth.Credentials;
import com.wesabe.grendel.auth.Session;
import com.wesabe.grendel.entities.Document;
import com.wesabe.grendel.entities.User;
import com.wesabe.grendel.entities.dao.DocumentDAO;
import com.wesabe.grendel.entities.dao.UserDAO;
import com.wesabe.grendel.openpgp.CryptographicException;
import com.wesabe.grendel.openpgp.UnlockedKeySet;
import com.wideplay.warp.persist.Transactional;

@Path("/users/{user_id}/documents/{name}/links/{reader_id}")
public class LinkResource {
  private final UserDAO userDAO;
  private final DocumentDAO documentDAO;
  private final Provider<SecureRandom> randomProvider;
 
  @Inject
  public LinkResource(UserDAO userDAO, DocumentDAO documentDAO, Provider<SecureRandom> randomProvider) {
    this.userDAO = userDAO;
    this.documentDAO = documentDAO;
    this.randomProvider = randomProvider;
  }
 
  @PUT
  @Transactional
  public Response createLink(@Context Credentials credentials,
    @PathParam("user_id") String userId, @PathParam("name") String name,
    @PathParam("reader_id") String readerId) {
   
    final Session session = credentials.buildSession(userDAO, userId);
    final User reader = findUser(readerId);
    final Document doc = findDocument(session.getUser(), name);
   
    doc.linkUser(reader);
    reEncrypt(doc, session.getKeySet());
   
    documentDAO.saveOrUpdate(doc);
   
    return Response.noContent().build();
  }
 
  @DELETE
  @Transactional
  public Response deleteLink(@Context Credentials credentials,
    @PathParam("user_id") String userId, @PathParam("name") String name,
    @PathParam("reader_id") String readerId) {
   
    final Session session = credentials.buildSession(userDAO, userId);
    final User reader = findUser(readerId);
    final Document doc = findDocument(session.getUser(), name);
   
    doc.unlinkUser(reader);
    reEncrypt(doc, session.getKeySet());
   
    documentDAO.saveOrUpdate(doc);
   
    return Response.noContent().build();
  }

  private void reEncrypt(Document doc, UnlockedKeySet ownerKeySet) {
    try {
      final byte[] body = doc.decryptBody(ownerKeySet);
      doc.encryptAndSetBody(
        ownerKeySet,
        randomProvider.get(),
        body
      );
    } catch (CryptographicException e) {
      throw new RuntimeException(e);
    }
  }

  private Document findDocument(User owner, String name) {
    final Document doc = documentDAO.findByOwnerAndName(owner, name);
    if (doc == null) {
      throw new WebApplicationException(Status.NOT_FOUND);
    }
    return doc;
  }

  private User findUser(String id) {
    final User reader = userDAO.findById(id);
    if (reader == null) {
      throw new WebApplicationException(Status.NOT_FOUND);
    }
    return reader;
  }
}
TOP

Related Classes of com.wesabe.grendel.resources.LinkResource

  • com.wesabe.grendel.auth.Session
  • com.wesabe.grendel.entities.Document
  • com.wesabe.grendel.entities.User
  • com.wesabe.grendel.resources.tests.LinkResourceTest$Context
  • javax.ws.rs.WebApplicationException
    • TOP
    Copyright © 2018 www.massapi.com. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.