TPEN28/src/java/UpdateLine.java at cfa0379cfa06d0bfdf2d3375903fbc3fc92ba5b6 · CenterForDigitalHumanities/TPEN28 · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
import java.io.IOException;
import java.io.PrintWriter;
import java.sql.SQLException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import textdisplay.Project;
import textdisplay.Transcription;
import user.Group;

import static java.lang.Integer.parseInt;
import static java.util.logging.Level.SEVERE;
import static java.util.logging.Logger.getLogger;
import static javax.servlet.http.HttpServletResponse.SC_BAD_REQUEST;
import static javax.servlet.http.HttpServletResponse.SC_FORBIDDEN;
import static javax.servlet.http.HttpServletResponse.SC_INTERNAL_SERVER_ERROR;
import static org.owasp.esapi.ESAPI.encoder;

/**
 *
 * @author jdeerin1
 */
public class UpdateLine extends HttpServlet {

    /**
     * Processes requests for both HTTP <code>GET</code> and <code>POST</code> methods.
     * @param request servlet request
     * @param response servlet response
     * @throws ServletException if a servlet-specific error occurs
     * @throws IOException if an I/O error occurs
     */
    protected void processRequest(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        response.setContentType("text/html;charset=UTF-8");
        try (PrintWriter out = response.getWriter()) {
            HttpSession session = request.getSession();
            if (session.getAttribute("UID") == null) {
                response.sendError(SC_FORBIDDEN, "User not logged in.");
                return;
            }
            if (request.getParameter("text") == null) {
                getLogger(UpdateLine.class.getName()).log(SEVERE, "'text' was not provided.");
                response.sendError(SC_BAD_REQUEST, "'text' parameter is missing.");
                return;
            }
            if (request.getParameter("projectID") == null) {
                getLogger(UpdateLine.class.getName()).log(SEVERE, "'projectID' was not provided.");
                response.sendError(SC_BAD_REQUEST, "'projectID' parameter is missing.");
                return;
            }

            String text = request.getParameter("text");
            String comment = "";
            int projectID = parseInt(request.getParameter("projectID"));
            int uid = parseInt(session.getAttribute("UID").toString());
            String line = request.getParameter("line");

            try {
                Project thisProject = new Project(projectID);
                if (request.getParameter("comment") != null) {
                    if (line == null) {
                        if (!new Group(thisProject.getGroupID()).isMember(uid)) {
                            response.sendError(SC_FORBIDDEN, "User is not a member of the project group.");
                            return;
                        }
                        thisProject.setLinebreakText(text);
                        out.print(encoder().decodeForHTML(thisProject.getLinebreakText()));
                    } else {
                        if (!new Group(thisProject.getGroupID()).isMember(uid)) {
                            response.sendError(SC_FORBIDDEN, "User is not a member of the project group.");
                            return;
                        }
                        Transcription t = new Transcription(line);
                        t.archive(); //create an archived version before making changes
                        t.setText(text);
                        t.setComment(comment);
                        t.setCreator(uid);
                        out.print(encoder().decodeForHTML(t.getText()));
                    }
                }
            } catch (SQLException e) {
                System.out.println("UpdateLine SQL failure");
                getLogger(UpdateLine.class.getName()).log(SEVERE, null, e);
                response.sendError(SC_INTERNAL_SERVER_ERROR);
            }
        } catch (Exception e) {
            System.out.println("UpdateLine generic failure");
            getLogger(UpdateLine.class.getName()).log(SEVERE, null, e);
            response.sendError(SC_INTERNAL_SERVER_ERROR);
        }
    }

    // <editor-fold defaultstate="collapsed" desc="HttpServlet methods. Click on the + sign on the left to edit the code.">
    /**
     * Handles the HTTP <code>GET</code> method.
     * @param request servlet request
     * @param response servlet response
     * @throws ServletException if a servlet-specific error occurs
     * @throws IOException if an I/O error occurs
     */
    @Override
    protected void doGet(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        processRequest(request, response);
    }

    /**
     * Handles the HTTP <code>POST</code> method.
     * @param request servlet request
     * @param response servlet response
     * @throws ServletException if an I/O error occurs
     */
    @Override
    protected void doPost(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        processRequest(request, response);
    }

    /**
     * Returns a short description of the servlet.
     * @return a String containing servlet description
     */
    @Override
    public String getServletInfo() {
        return "Short description";
    }// </editor-fold>
}