Skip to content

Commit

Permalink
unregistered runners endpoint
Browse files Browse the repository at this point in the history
  • Loading branch information
@cschneider4711
cschneider4711 committed Jun 16, 2023
1 parent d1532a2 commit 65f44a9
Show file tree
Hide file tree
Showing 5 changed files with 91 additions and 3 deletions.
12 changes: 12 additions & 0 deletions pom.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -78,6 +78,18 @@
<artifactId>batik-transcoder</artifactId>
<version>1.6</version>
</dependency>
<!--
<dependency>
<groupId>batik</groupId>
<artifactId>batik-rasterizer</artifactId>
<version>1.6</version>
</dependency>
<dependency>
<groupId>xml-apis</groupId>
<artifactId>xml-apis</artifactId>
<version>1.4.01</version>
</dependency>
-->
<dependency>
<groupId>org.owasp.encoder</groupId>
<artifactId>encoder</artifactId>
Expand Down
18 changes: 18 additions & 0 deletions src/main/java/demo/action/EditRunnerPhotoAction.java
View file
Original file line number Diff line number Diff line change
@@ -1,11 +1,16 @@
package demo.action;

import java.sql.Connection;
import java.sql.SQLException;

import javax.naming.NamingException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import demo.dao.DAOUtils;
import demo.dao.RunnerDAO;
import demo.form.RunnerForm;
import demo.pojo.Runner;
import org.apache.struts.action.Action;
import org.apache.struts.action.ActionForm;
import org.apache.struts.action.ActionForward;
Expand All @@ -18,7 +23,20 @@ public class EditRunnerPhotoAction extends Action {
@Override
public ActionForward execute(ActionMapping mapping, ActionForm form,
HttpServletRequest request, HttpServletResponse response) throws SQLException, NamingException {
String runnerUsername = request.getUserPrincipal().getName();

final Runner runner;

Connection connection = null;
try {
connection = DAOUtils.getConnection();
RunnerDAO runnerDAO = new RunnerDAO(connection);
runner = runnerDAO.loadRunnerByName(runnerUsername);
} finally {
if (connection != null) connection.close();
}

request.setAttribute("runner", runner);
return mapping.findForward(FORWARD_editRunnerPhoto);
}

Expand Down
8 changes: 8 additions & 0 deletions src/main/java/demo/dao/RunnerDAO.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -212,4 +212,12 @@ public List<Runner> getRunnersNotRegisteredOnAnyDiscipline() throws SQLException
return runners;
}

public boolean removeRunnerPhoto(String runnerId) throws SQLException {
String sql = "UPDATE runner SET photo_name = 'default.png' WHERE id = ?";
try (PreparedStatement statement = connection.prepareStatement(sql)) {
statement.setString(1, runnerId);
int rowsAffected = statement.executeUpdate();
return rowsAffected > 0;
}
}
}
30 changes: 27 additions & 3 deletions src/main/java/demo/service/MarathonService.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -159,8 +159,7 @@ public void write(OutputStream output) throws IOException, WebApplicationExcepti
@GET
@Path("/unregistered") // --> /marathon/rest/runners/unregistered
public Response getUnregisteredRunners(@Context HttpServletRequest request) throws Exception {
String sessionCookie = getSessionCookie(request);
if (!isValidSession(request, sessionCookie, true)) {
if (!isValidSession(request, true)) {
return Response.status(Response.Status.UNAUTHORIZED).build();
}

Expand All @@ -177,6 +176,30 @@ public Response getUnregisteredRunners(@Context HttpServletRequest request) thro
return Response.status(200).entity(runners).type(MediaType.APPLICATION_JSON).build();
}

@DELETE
@Path("/{runnerId}/photo")
public Response deleteRunnerPhoto(@Context HttpServletRequest request, @PathParam("runnerId") String runnerId) throws Exception {
if (!isValidSession(request, true)) {
return Response.status(Response.Status.UNAUTHORIZED).build();
}

Connection connection = null;
try {
connection = DAOUtils.getConnection();
RunnerDAO runnerDAO = new RunnerDAO(connection);

boolean success = runnerDAO.removeRunnerPhoto(runnerId);
if (success) {
return Response.status(Response.Status.NO_CONTENT).build(); // 204 No Content response if the photo was deleted
} else {
return Response.status(Response.Status.NOT_FOUND).build(); // 404 Not Found if there was no photo to delete
}

} finally {
if (connection != null) connection.close();
}
}

private String getSessionCookie(HttpServletRequest request) {
// Authenticate user using session cookie
String sessionCookie = null;
Expand All @@ -191,10 +214,11 @@ private String getSessionCookie(HttpServletRequest request) {
return sessionCookie;
}

private boolean isValidSession(HttpServletRequest request, String jsessionId, boolean loggedIn) {
private boolean isValidSession(HttpServletRequest request, boolean loggedIn) {
if (request == null) {
return false;
}
String jsessionId = getSessionCookie(request);
HttpSession session = request.getSession(false);
boolean ok = session != null && jsessionId.equals(session.getId());
if (ok && loggedIn) {
Expand Down
26 changes: 26 additions & 0 deletions src/main/webapp/WEB-INF/pages/editRunnerPhoto.jsp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -70,6 +70,32 @@
</div>
</div>
</div>

<input type="button" onclick="removePhoto('${runner.id}')" value="Remove Photo">

<script>
function removePhoto(id) {
var xhr = new XMLHttpRequest();
xhr.open("DELETE", "/marathon/rest/runners/" + id + "/photo", true);
xhr.onload = function () {
if (xhr.status == 204) {
console.log('Photo removed successfully.');
alert('Photo removed successfully.');
} else if (xhr.status == 404) {
console.log('No photo found to delete.');
alert('No photo found to delete.');
} else {
console.log('An error occurred: ' + xhr.status);
alert('An error occurred: ' + xhr.status);
}
};
xhr.onerror = function () {
console.log('Request failed.');
alert('Request failed.');
};
xhr.send();
}
</script>



Expand Down

0 comments on commit 65f44a9

Please sign in to comment.