Source Code Cross Referenced for ValidationFilter.java in  » Database-ORM » Velosurf » velosurf » validation » Java Source Code / Java DocumentationJava Source Code and Java Documentation

001:        /*
002:         * Copyright 2003 The Apache Software Foundation.
003:         *
004:         * Licensed under the Apache License, Version 2.0 (the "License");
005:         * you may not use this file except in compliance with the License.
006:         * You may obtain a copy of the License at
007:         *
008:         *     http://www.apache.org/licenses/LICENSE-2.0
009:         *
010:         * Unless required by applicable law or agreed to in writing, software
011:         * distributed under the License is distributed on an "AS IS" BASIS,
012:         * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
013:         * See the License for the specific language governing permissions and
014:         * limitations under the License.
015:         */
016:
017:        package velosurf.validation;
018:
019:        import java.io.IOException;
020:        import java.util.Map;
021:        import java.util.HashMap;
022:        import java.util.Set;
023:
024:        import javax.servlet.Filter;
025:        import javax.servlet.FilterConfig;
026:        import javax.servlet.ServletException;
027:        import javax.servlet.ServletRequest;
028:        import javax.servlet.ServletResponse;
029:        import javax.servlet.FilterChain;
030:        import javax.servlet.http.HttpServletRequest;
031:        import javax.servlet.http.HttpSession;
032:        import javax.servlet.http.HttpServletResponse;
033:
034:        import velosurf.web.VelosurfTool;
035:        import velosurf.web.l10n.Localizer;
036:        import velosurf.util.ToolFinder;
037:        import velosurf.util.Logger;
038:        import velosurf.util.UserContext; //import velosurf.util.UserContext;
039:        import velosurf.context.EntityReference;
040:        import velosurf.context.DBReference;
041:
042:        /**
043:         * <p>This class is an optional filter that will validate query data according to the <code>velosurf.entity</code> query parameter
044:         * (may be multivalued).
045:         * If data pass all validation constraints, the filter will let the request pass towards the form action. Otherwise,
046:         * it will redirect back the user to the original form (using the referer query header). In this case, the filter will
047:         * populate the session with the given values (escaped) so that they can be put back in the form.</p>
048:         *
049:         */
050:        public class ValidationFilter implements  Filter {
051:            /** filter config */
052:            private FilterConfig config;
053:
054:            /** key used to identity an entity to be validated in HTTP parameters */
055:            private static final String ENTITY_KEY = "velosurf.entity";
056:
057:            /**
058:             * initialization.
059:             * @param filterConfig filter config
060:             * @throws ServletException
061:             */
062:            public void init(FilterConfig filterConfig) throws ServletException {
063:                config = filterConfig;
064:            }
065:
066:            /**
067:             * Filtering.
068:             * @param servletRequest request
069:             * @param servletResponse response
070:             * @param filterChain filter chain
071:             * @throws IOException
072:             * @throws ServletException
073:             */
074:            public void doFilter(ServletRequest servletRequest,
075:                    ServletResponse servletResponse, FilterChain filterChain)
076:                    throws IOException, ServletException {
077:
078:                HttpServletRequest request = (HttpServletRequest) servletRequest;
079:                HttpServletResponse response = (HttpServletResponse) servletResponse;
080:                HttpSession session = null;
081:                Map<String, Object> map = null;
082:                String[] entities = null;
083:
084:                boolean filter = (request.getParameter(ENTITY_KEY) != null);
085:
086:                boolean accept = true;
087:
088:                if (filter) {
089:                    session = request.getSession(true);
090:                    /* FIXME: the next call won't work when using a non-standard Velosurf config file
091:                       defined in toolbox.xml */
092:                    DBReference db = VelosurfTool.getDefaultInstance(config
093:                            .getServletContext());
094:                    map = new HashMap();
095:                    UserContext userContext = (UserContext) session
096:                            .getAttribute(UserContext.USER_CONTEXT_KEY);
097:                    if (userContext == null) {
098:                        userContext = db.getUserContext();
099:                        Localizer localizer = ToolFinder.findSessionTool(
100:                                session, Localizer.class);
101:                        if (localizer != null) {
102:                            userContext.setLocalizer(localizer);
103:                        } else {
104:                            userContext.setLocale(request.getLocale());
105:                        }
106:                        session.setAttribute(UserContext.USER_CONTEXT_KEY,
107:                                userContext);
108:                    } else {
109:                        db.setUserContext(userContext);
110:                    }
111:
112:                    if (db != null) {
113:                        Map<String, Object> params = request.getParameterMap();
114:                        Object[] array;
115:                        for (Map.Entry<String, Object> entry : (Set<Map.Entry<String, Object>>) params
116:                                .entrySet()) {
117:                            array = (Object[]) entry.getValue();
118:                            map.put(entry.getKey(),
119:                                    array.length == 1 ? array[0] : array);
120:                        }
121:                        entities = (String[]) params.get(ENTITY_KEY);
122:                        if (entities != null) {
123:                            for (String entity : entities) {
124:                                EntityReference entityRef = (EntityReference) db
125:                                        .get(entity);
126:                                if (entityRef == null) {
127:                                    Logger.error("validation: entity '"
128:                                            + entity + "' not found!");
129:                                    response.sendError(
130:                                            HttpServletResponse.SC_BAD_REQUEST,
131:                                            "validation: entity '" + entity
132:                                                    + "' does not exist!");
133:                                    return;
134:                                } else {
135:                                    try {
136:                                        accept &= entityRef.validate(map);
137:                                    } catch (Exception e) {
138:                                        Logger
139:                                                .error("validation: validation of entity '"
140:                                                        + entity
141:                                                        + "' throwed exception:");
142:                                        Logger.log(e);
143:                                        response
144:                                                .sendError(
145:                                                        HttpServletResponse.SC_BAD_REQUEST,
146:                                                        "validation: validation of entity '"
147:                                                                + entity
148:                                                                + "' throwed exception "
149:                                                                + e
150:                                                                        .getMessage());
151:                                    }
152:                                }
153:                            }
154:                        }
155:                    } else {
156:                        Logger
157:                                .error("validation: could not get a database connexion!");
158:                        response.sendError(HttpServletResponse.SC_BAD_REQUEST,
159:                                "Velosurf tool not found in session!");
160:                        return;
161:                    }
162:                }
163:
164:                if (filter && !accept) {
165:                    Logger.trace("validation: values did not pass checking");
166:                    String referer = request.getHeader("Referer");
167:                    if (referer == null) {
168:                        response.sendError(HttpServletResponse.SC_BAD_REQUEST,
169:                                "Referer header needed!");
170:                    } else {
171:                        for (String entity : entities) {
172:                            session.setAttribute(entity, map);
173:                        }
174:                        Logger.trace("validation: redirecting request towards "
175:                                + referer);
176:                        response.sendRedirect(referer);
177:                    }
178:                } else {
179:                    if (filter/* && acept*/) {
180:                        Logger.trace("validation: values did pass checking");
181:                    }
182:                    filterChain.doFilter(servletRequest, servletResponse);
183:                }
184:            }
185:
186:            /**
187:             * Destroy the filter.
188:             */
189:            public void destroy() {
190:            }
191:        }