Author: taylor
Date: Mon May 25 18:33:15 2015
New Revision: 1681627
URL: http://svn.apache.org/r1681627
Log:
JS2-1320: completing chart portlets, improving chart data apis, psml cleanup,
securing chart pages
Modified:
portals/jetspeed-2/portal/trunk/components/jetspeed-cm/src/main/java/org/apache/jetspeed/cache/impl/JetspeedCacheMonitorImpl.java
portals/jetspeed-2/portal/trunk/components/jetspeed-portal/src/main/java/org/apache/jetspeed/services/rest/AbstractRestService.java
portals/jetspeed-2/portal/trunk/components/jetspeed-portal/src/main/java/org/apache/jetspeed/services/rest/ProfilerManagementService.java
portals/jetspeed-2/portal/trunk/components/jetspeed-portal/src/main/java/org/apache/jetspeed/services/rest/StatisticsManagementService.java
portals/jetspeed-2/portal/trunk/components/jetspeed-portal/src/main/java/org/apache/jetspeed/services/rest/UserManagerService.java
Modified:
portals/jetspeed-2/portal/trunk/components/jetspeed-cm/src/main/java/org/apache/jetspeed/cache/impl/JetspeedCacheMonitorImpl.java
URL:
http://svn.apache.org/viewvc/portals/jetspeed-2/portal/trunk/components/jetspeed-cm/src/main/java/org/apache/jetspeed/cache/impl/JetspeedCacheMonitorImpl.java?rev=1681627&r1=1681626&r2=1681627&view=diff
==============================================================================
---
portals/jetspeed-2/portal/trunk/components/jetspeed-cm/src/main/java/org/apache/jetspeed/cache/impl/JetspeedCacheMonitorImpl.java
(original)
+++
portals/jetspeed-2/portal/trunk/components/jetspeed-cm/src/main/java/org/apache/jetspeed/cache/impl/JetspeedCacheMonitorImpl.java
Mon May 25 18:33:15 2015
@@ -16,6 +16,12 @@
*/
package org.apache.jetspeed.cache.impl;
+import net.sf.ehcache.Cache;
+import net.sf.ehcache.CacheManager;
+import net.sf.ehcache.Statistics;
+import org.apache.jetspeed.cache.CacheMonitorState;
+import org.apache.jetspeed.cache.JetspeedCacheMonitor;
+
import java.io.Serializable;
import java.util.Collections;
import java.util.HashMap;
@@ -23,13 +29,6 @@ import java.util.LinkedList;
import java.util.List;
import java.util.Map;
-import net.sf.ehcache.Cache;
-import net.sf.ehcache.CacheManager;
-import net.sf.ehcache.Statistics;
-
-import org.apache.jetspeed.cache.CacheMonitorState;
-import org.apache.jetspeed.cache.JetspeedCacheMonitor;
-
public class JetspeedCacheMonitorImpl implements JetspeedCacheMonitor
{
private CacheManager cacheManager;
Modified:
portals/jetspeed-2/portal/trunk/components/jetspeed-portal/src/main/java/org/apache/jetspeed/services/rest/AbstractRestService.java
URL:
http://svn.apache.org/viewvc/portals/jetspeed-2/portal/trunk/components/jetspeed-portal/src/main/java/org/apache/jetspeed/services/rest/AbstractRestService.java?rev=1681627&r1=1681626&r2=1681627&view=diff
==============================================================================
---
portals/jetspeed-2/portal/trunk/components/jetspeed-portal/src/main/java/org/apache/jetspeed/services/rest/AbstractRestService.java
(original)
+++
portals/jetspeed-2/portal/trunk/components/jetspeed-portal/src/main/java/org/apache/jetspeed/services/rest/AbstractRestService.java
Mon May 25 18:33:15 2015
@@ -16,12 +16,13 @@
*/
package org.apache.jetspeed.services.rest;
-import org.apache.jetspeed.exception.JetspeedException;
import org.apache.jetspeed.layout.PortletActionSecurityBehavior;
import org.apache.jetspeed.request.RequestContext;
+import org.apache.jetspeed.services.beans.UpdateResultBean;
import javax.servlet.http.HttpServletRequest;
import javax.ws.rs.WebApplicationException;
+import javax.ws.rs.core.Response;
/**
* Created by dtaylor on 5/2/15.
@@ -39,7 +40,10 @@ public class AbstractRestService {
RequestContext requestContext = (RequestContext)
servletRequest.getAttribute(RequestContext.REQUEST_PORTALENV);
if (securityBehavior != null &&
!securityBehavior.checkAccess(requestContext, action))
{
- throw new WebApplicationException(new
JetspeedException("Insufficient privilege to access this REST service."));
+ throw new WebApplicationException(
+ Response.status(Response.Status.UNAUTHORIZED).entity(
+ new
UpdateResultBean(Response.Status.UNAUTHORIZED.getStatusCode(),
+ "Insufficient privilege to access this
REST service")).build());
}
}
Modified:
portals/jetspeed-2/portal/trunk/components/jetspeed-portal/src/main/java/org/apache/jetspeed/services/rest/ProfilerManagementService.java
URL:
http://svn.apache.org/viewvc/portals/jetspeed-2/portal/trunk/components/jetspeed-portal/src/main/java/org/apache/jetspeed/services/rest/ProfilerManagementService.java?rev=1681627&r1=1681626&r2=1681627&view=diff
==============================================================================
---
portals/jetspeed-2/portal/trunk/components/jetspeed-portal/src/main/java/org/apache/jetspeed/services/rest/ProfilerManagementService.java
(original)
+++
portals/jetspeed-2/portal/trunk/components/jetspeed-portal/src/main/java/org/apache/jetspeed/services/rest/ProfilerManagementService.java
Mon May 25 18:33:15 2015
@@ -95,11 +95,13 @@ public class ProfilerManagementService e
checkPrivilege(servletRequest, JetspeedActions.VIEW);
if (StringUtils.isBlank(profileId)) {
- throw new WebApplicationException(new
IllegalArgumentException("Profile id not specified"));
+ throw new
WebApplicationException(Response.status(Response.Status.BAD_REQUEST).entity(
+ new
UpdateResultBean(Response.Status.BAD_REQUEST.getStatusCode(), "Profile id not
specified")).build());
}
ProfilingRule rule = profiler.getRule(profileId);
if (rule == null) {
- throw new WebApplicationException(new
IllegalArgumentException("Profile id not found with the specified id: " +
profileId));
+ throw new
WebApplicationException(Response.status(Response.Status.BAD_REQUEST).entity(
+ new
UpdateResultBean(Response.Status.BAD_REQUEST.getStatusCode(), "Profile id not
found with the specified id: " + profileId)).build());
}
ProfileEditBean editBean = new ProfileEditBean(rule.getId(),
rule.getTitle(), rule.getClassname());
for (RuleCriterion criterion : rule.getRuleCriteria()) {
@@ -123,14 +125,16 @@ public class ProfilerManagementService e
dtoProfile = writeMapper.readValue(json, ProfileEditBean.class);
}
catch (Exception e) {
- e.printStackTrace();
- throw new WebApplicationException(new
IllegalArgumentException("Bad input on profile data"));
+ throw new
WebApplicationException(Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(
+ new
UpdateResultBean(Response.Status.INTERNAL_SERVER_ERROR.getStatusCode(), "Bad
input on profile data")).build());
}
if (StringUtils.isBlank(dtoProfile.getId())) {
- throw new WebApplicationException(new
IllegalArgumentException("Profile id not specified"));
+ throw new
WebApplicationException(Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(
+ new
UpdateResultBean(Response.Status.INTERNAL_SERVER_ERROR.getStatusCode(),
"Profile id not specified")).build());
}
if (StringUtils.isBlank(dtoProfile.getConcreteClass())) {
- throw new WebApplicationException(new
IllegalArgumentException("Concrete Class not specified"));
+ throw new
WebApplicationException(Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(
+ new
UpdateResultBean(Response.Status.INTERNAL_SERVER_ERROR.getStatusCode(),
"Concrete Class not specified")).build());
}
try {
boolean isAdd = false;
@@ -188,11 +192,13 @@ public class ProfilerManagementService e
}
profiler.storeProfilingRule(rule);
- return new UpdateResultBean(200, "OK");
+ return new UpdateResultBean(Response.Status.OK.getStatusCode(),
"OK");
}
catch (Exception e) {
- log.error("failed to update profile for " + dtoProfile.getId(), e);
- return new UpdateResultBean(500, e.getMessage());
+ String message = "failed to update profile for " +
dtoProfile.getId();
+ log.error(message, e);
+ throw new
WebApplicationException(Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(
+ new
UpdateResultBean(Response.Status.INTERNAL_SERVER_ERROR.getStatusCode(),
message)).build());
}
}
@@ -207,7 +213,8 @@ public class ProfilerManagementService e
checkPrivilege(servletRequest, JetspeedActions.VIEW);
if (profileIds == null || profileIds.size() == 0) {
- throw new WebApplicationException(new
IllegalArgumentException("Profile ids to delete not specified"));
+ throw new
WebApplicationException(Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(
+ new
UpdateResultBean(Response.Status.INTERNAL_SERVER_ERROR.getStatusCode(),
"Profile ids to delete not specified")).build());
}
try {
@@ -218,11 +225,12 @@ public class ProfilerManagementService e
profiler.deleteProfilingRule(rule);
}
}
- return new UpdateResultBean(200, "OK");
+ return new UpdateResultBean(Response.Status.OK.getStatusCode(),
"OK");
} catch (Exception e) {
String message = String.format("Error converting profiler ids
[%s]", profileIds);
log.debug(message);
- throw new
WebApplicationException(Response.status(Response.Status.BAD_REQUEST).entity(message).build());
+ throw new
WebApplicationException(Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(
+ new
UpdateResultBean(Response.Status.INTERNAL_SERVER_ERROR.getStatusCode(),
message)).build());
}
}
Modified:
portals/jetspeed-2/portal/trunk/components/jetspeed-portal/src/main/java/org/apache/jetspeed/services/rest/StatisticsManagementService.java
URL:
http://svn.apache.org/viewvc/portals/jetspeed-2/portal/trunk/components/jetspeed-portal/src/main/java/org/apache/jetspeed/services/rest/StatisticsManagementService.java?rev=1681627&r1=1681626&r2=1681627&view=diff
==============================================================================
---
portals/jetspeed-2/portal/trunk/components/jetspeed-portal/src/main/java/org/apache/jetspeed/services/rest/StatisticsManagementService.java
(original)
+++
portals/jetspeed-2/portal/trunk/components/jetspeed-portal/src/main/java/org/apache/jetspeed/services/rest/StatisticsManagementService.java
Mon May 25 18:33:15 2015
@@ -20,6 +20,7 @@ import org.apache.jetspeed.JetspeedActio
import org.apache.jetspeed.cache.CacheMonitorState;
import org.apache.jetspeed.cache.JetspeedCacheMonitor;
import org.apache.jetspeed.layout.PortletActionSecurityBehavior;
+import org.apache.jetspeed.services.beans.UpdateResultBean;
import org.apache.jetspeed.statistics.AggregateStatistics;
import org.apache.jetspeed.statistics.InvalidCriteriaException;
import org.apache.jetspeed.statistics.PortalStatistics;
@@ -28,10 +29,12 @@ import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
import javax.ws.rs.GET;
import javax.ws.rs.Path;
import javax.ws.rs.WebApplicationException;
import javax.ws.rs.core.Context;
+import javax.ws.rs.core.Response;
import javax.ws.rs.core.UriInfo;
import java.util.HashMap;
import java.util.List;
@@ -45,6 +48,7 @@ import java.util.Map;
@Path("/statistics/")
public class StatisticsManagementService extends AbstractRestService {
+ protected static final String COULD_NOT_PROCESS_REQUEST_FOR_STATISTICS =
"Could not process request for statistics";
private static Logger log =
LoggerFactory.getLogger(StatisticsManagementService.class);
private PortalStatistics statistics;
@@ -67,8 +71,9 @@ public class StatisticsManagementService
*/
@GET
@Path("/memory")
- public Map<String,Map<String,Long>> memoryInfo(@Context HttpServletRequest
servletRequest, @Context UriInfo uriInfo) {
-
+ public Map<String,Map<String,Long>> memoryInfo(@Context HttpServletRequest
servletRequest,
+ @Context final
HttpServletResponse response,
+ @Context UriInfo uriInfo) {
checkPrivilege(servletRequest, JetspeedActions.VIEW);
Runtime runtime = Runtime.getRuntime();
@@ -114,7 +119,10 @@ public class StatisticsManagementService
}
}
catch (InvalidCriteriaException e) {
- throw new WebApplicationException(new
IllegalArgumentException("Statistics query criteria invalid"));
+
+ throw new
WebApplicationException(Response.status(Response.Status.BAD_REQUEST).entity(
+ new
UpdateResultBean(Response.Status.BAD_REQUEST.getStatusCode(),
+
COULD_NOT_PROCESS_REQUEST_FOR_STATISTICS)).build());
}
Map<String,Map<String,Long>> result = new HashMap<>();
@@ -155,20 +163,12 @@ public class StatisticsManagementService
}
}
catch (InvalidCriteriaException e) {
- throw new WebApplicationException(new
IllegalArgumentException("Statistics query criteria invalid"));
+ throw new
WebApplicationException(Response.status(Response.Status.BAD_REQUEST).entity(
+ new
UpdateResultBean(Response.Status.BAD_REQUEST.getStatusCode(),
+
COULD_NOT_PROCESS_REQUEST_FOR_STATISTICS)).build());
}
-
-// Map<String,Long> users = new HashMap<>();
-// users.put("Admin", (long)19);
-// users.put("Mary", (long)9);
-// users.put("Ron", (long)5);
-// users.put("David", (long)12);
-// users.put("John", (long) 10);
-// users.put("Luke", (long) 1);
-
Map<String,Map<String,Long>> result = new HashMap<>();
result.put("users", users);
-
return result;
}
Modified:
portals/jetspeed-2/portal/trunk/components/jetspeed-portal/src/main/java/org/apache/jetspeed/services/rest/UserManagerService.java
URL:
http://svn.apache.org/viewvc/portals/jetspeed-2/portal/trunk/components/jetspeed-portal/src/main/java/org/apache/jetspeed/services/rest/UserManagerService.java?rev=1681627&r1=1681626&r2=1681627&view=diff
==============================================================================
---
portals/jetspeed-2/portal/trunk/components/jetspeed-portal/src/main/java/org/apache/jetspeed/services/rest/UserManagerService.java
(original)
+++
portals/jetspeed-2/portal/trunk/components/jetspeed-portal/src/main/java/org/apache/jetspeed/services/rest/UserManagerService.java
Mon May 25 18:33:15 2015
@@ -19,6 +19,7 @@ package org.apache.jetspeed.services.res
import org.apache.jetspeed.Jetspeed;
import org.apache.jetspeed.JetspeedActions;
import org.apache.jetspeed.administration.PortalConfigurationConstants;
+import org.apache.jetspeed.exception.JetspeedException;
import org.apache.jetspeed.layout.PortletActionSecurityBehavior;
import org.apache.jetspeed.om.folder.Folder;
import org.apache.jetspeed.page.PageManager;
@@ -27,6 +28,7 @@ import org.apache.jetspeed.profiler.Prof
import org.apache.jetspeed.profiler.Profiler;
import org.apache.jetspeed.profiler.rules.PrincipalRule;
import org.apache.jetspeed.profiler.rules.ProfilingRule;
+import org.apache.jetspeed.request.RequestContext;
import org.apache.jetspeed.security.Group;
import org.apache.jetspeed.security.GroupManager;
import org.apache.jetspeed.security.JetspeedPrincipalQueryContext;
@@ -557,4 +559,13 @@ public class UserManagerService extends
return templates;
}
+ protected void checkPrivilege(HttpServletRequest servletRequest, String
action)
+ {
+ RequestContext requestContext = (RequestContext)
servletRequest.getAttribute(RequestContext.REQUEST_PORTALENV);
+
+ if (securityBehavior != null &&
!securityBehavior.checkAccess(requestContext, action))
+ {
+ throw new WebApplicationException(new
JetspeedException("Insufficient privilege to access this REST service."));
+ }
+ }
}
---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscr...@portals.apache.org
For additional commands, e-mail: jetspeed-dev-h...@portals.apache.org
