rushilwiz/astute
1
0
Fork 0
mirror of https://github.com/dyiop/astute.git synced 2025-04-05 13:00:16 -04:00
Code Issues Actions Packages Projects Releases Wiki Activity

Session login and logout fixes

Browse Source
This commit is contained in:
Gopi Katwala 2019-06-07 21:31:04 -04:00
parent e13a64736f
commit ef1cbd56ef
12 changed files with 156 additions and 60 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
AstuteSystem/sql/astute.sql
View File

@ -12,12 +12,13 @@
/*!40101 SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='NO_AUTO_VALUE_ON_ZERO' */;
-- Dumping structure for table astute.change_order
-- Dumping database structure for astute
DROP DATABASE IF EXISTS `astute`;
CREATE DATABASE IF NOT EXISTS `astute` /*!40100 DEFAULT CHARACTER SET utf8 */;
USE `astute`;
CREATE USER 'astute_user'@'localhost' IDENTIFIED BY 'password';
-- Dumping structure for table astute.change_order
CREATE TABLE IF NOT EXISTS `change_order` (
`PO_num` varchar(20) NOT NULL,
`change_order_num` int(20) NOT NULL,
@ -124,15 +125,15 @@ INSERT INTO `customer` (`customer_id`, `customer_name`, `bill_to_dept`, `add1`,
/*!40000 ALTER TABLE `customer` ENABLE KEYS */;
-- Dumping structure for table astute.customer_contact
CREATE TABLE IF NOT EXISTS `customer_contact` (
CREATE TABLE `customer_contact` (
`customer_id` varchar(20) NOT NULL,
`contact_id` int(11) NOT NULL,
`name` varchar(100) NOT NULL,
`title` varchar(50) NOT NULL,
`work_phone` int(10) DEFAULT NULL,
`work_phone` varchar(16) DEFAULT NULL,
`work_phone_ext` int(10) DEFAULT NULL,
`mobile` int(10) DEFAULT NULL,
`fax` int(10) DEFAULT NULL,
`mobile` varchar(16) DEFAULT NULL,
`fax` varchar(16) DEFAULT NULL,
`email` varchar(100) DEFAULT NULL,
`address` varchar(500) DEFAULT NULL,
PRIMARY KEY (`customer_id`,`contact_id`)
@ -141,8 +142,8 @@ CREATE TABLE IF NOT EXISTS `customer_contact` (
-- Dumping data for table astute.customer_contact: ~2 rows (approximately)
/*!40000 ALTER TABLE `customer_contact` DISABLE KEYS */;
INSERT INTO `customer_contact` (`customer_id`, `contact_id`, `name`, `title`, `work_phone`, `work_phone_ext`, `mobile`, `fax`, `email`, `address`) VALUES
('MDOT', 1, 'John Shaw', 'Manager', 1231231233, 1233, 1232343455, 234123344, 'Test@Test.com', '123 Test Drive'),
('MDOT', 2, 'John John', 'Manager', 1231231233, 1233, 1232343455, 234123344, 'Test@Test.com', '123 Test Drive');
('MDOT', 1, 'John Shaw', 'Manager', '1231231233', 1233, '1232343455', '234123344', 'Test@Test.com', '123 Test Drive'),
('MDOT', 2, 'John John', 'Manager', '1231231233', 1233, '1232343455', '234123344', 'Test@Test.com', '123 Test Drive');
/*!40000 ALTER TABLE `customer_contact` ENABLE KEYS */;
-- Dumping structure for function astute.delete_custmer
@ -613,11 +614,11 @@ INSERT INTO `service_type` (`service_type_id`, `desc`) VALUES
/*!40000 ALTER TABLE `service_type` ENABLE KEYS */;
-- Dumping structure for table astute.session
CREATE TABLE IF NOT EXISTS `session` (
CREATE TABLE `session` (
`session_id` varchar(200) NOT NULL,
`user_id` int(11) NOT NULL,
`session_start_date` date DEFAULT NULL,
`session_end_date` date DEFAULT NULL,
`session_start_date` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,
`session_end_date` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,
PRIMARY KEY (`session_id`),
KEY `fk_session_user_id` (`user_id`),
CONSTRAINT `fk_session_user_id` FOREIGN KEY (`user_id`) REFERENCES `user` (`user_id`)
@ -760,3 +761,5 @@ INSERT INTO `user` (`user_id`, `username`, `password`, `first_name`, `middle_nam
/*!40101 SET SQL_MODE=IFNULL(@OLD_SQL_MODE, '') */;
/*!40014 SET FOREIGN_KEY_CHECKS=IF(@OLD_FOREIGN_KEY_CHECKS IS NULL, 1, @OLD_FOREIGN_KEY_CHECKS) */;
/*!40101 SET CHARACTER_SET_CLIENT=@OLD_CHARACTER_SET_CLIENT */;
GRANT ALL PRIVILEGES ON *.* TO 'astute_user'@'localhost' IDENTIFIED BY 'password';

4
AstuteSystem/src/main/java/com/astute/dao/DAO.java
View File

@ -165,6 +165,8 @@ public abstract class DAO {
public abstract ResultSet executeQuery(String sessionId, String sql) throws AstuteException ;
public abstract Integer authenticateSession(String sessionId) throws AstuteException;
public abstract User getUser(String username) throws AstuteException ;
public abstract void createSession(int userId, String sessionId) throws AstuteException;
@ -175,6 +177,8 @@ public abstract class DAO {
public abstract User login(String username, String password) throws AstuteException;
public abstract void logout(String sessionId) throws AstuteException;
public abstract List<ChangeOrder> getChangeOrders(String poNum) throws AstuteException;
public abstract void updateChangeOrder(String poNum, int changeOrderNum, double changeOrderAmt, Date changeOrderDate, String description) throws AstuteException;

46
AstuteSystem/src/main/java/com/astute/dao/SqlDAO.java
View File

@ -16,6 +16,7 @@ import java.util.List;
import java.util.UUID;
import java.text.SimpleDateFormat;
import static com.astute.exceptions.AstuteException.AUTH_ERROR;
import static com.astute.exceptions.AstuteException.DB_ERROR;
public class SqlDAO extends DAO {
@ -977,6 +978,39 @@ public class SqlDAO extends DAO {
}
}
public Integer authenticateSession(String sessionId) throws AstuteException {
String sql = "select user_id, TIME_TO_SEC(CURRENT_TIMESTAMP()) - TIME_TO_SEC(session_end_date) from session where session_id='" + sessionId + "'";
System.out.println(sql);
int userId;
try {
Statement stmt = conn.createStatement();
ResultSet resultSet = stmt.executeQuery(sql);
Integer timeLapse;
java.util.Date utilDate = new java.util.Date();
java.sql.Timestamp currentTime = new java.sql.Timestamp(utilDate.getTime());
if (resultSet.next()) {
userId = resultSet.getInt(1);
timeLapse = resultSet.getInt(2);
if (timeLapse > 1200) {
logout(sessionId);
throw new AstuteException(AUTH_ERROR, "Session expred. Please login again!");
}
} else {
return null;
}
sql = "update session set session_end_date = current_timestamp() where session_id='" + sessionId + "'";
stmt = conn.createStatement();
stmt.executeUpdate(sql);
return userId;
} catch (SQLException e) {
e.printStackTrace();
throw new AstuteException(DB_ERROR, e.getMessage());
}
}
public User getUser(String username) throws AstuteException {
String sql = "select user_id, username, password, CONCAT(first_name, ' ', last_name) as name from user where username='" + username + "'";
@ -1227,6 +1261,18 @@ public class SqlDAO extends DAO {
}
}
public void logout(String sessionId) throws AstuteException{
try {
Statement stmt = conn.createStatement();
String sql = "DELETE FROM SESSION WHERE SESSION_ID = '" + sessionId + "'";
stmt.executeUpdate(sql);
} catch (SQLException e) {
e.printStackTrace();
throw new AstuteException(DB_ERROR,e.getMessage());
}
}
private String generatePasswordHash(String password) throws InvalidKeySpecException, NoSuchAlgorithmException {
int iterations = 100;
char[] chars = password.toCharArray();

7
AstuteSystem/src/main/java/com/astute/resources/AuthResource.java
View File

@ -6,6 +6,7 @@ import com.astute.requests.LoginRequest;
import com.astute.response.ApiResponse;
import com.astute.service.AuthService;
import javax.ws.rs.*;
import javax.ws.rs.Consumes;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
@ -33,4 +34,10 @@ public class AuthResource {
return new ApiResponse(ApiResponse.ACCESS_DENIED).toResponse();
}
}
@Path("/logout")
@POST
public Response logout(@QueryParam("sessionId") String sessionId) throws AstuteException {
service.logout(sessionId);
return new ApiResponse(ApiResponse.UPDATE_ACCESS_SUCESS).toResponse();
}
}

10
AstuteSystem/src/main/java/com/astute/resources/ChangeOrderResource.java
View File

@ -24,23 +24,25 @@ public class ChangeOrderResource {
}
@GET
public Response getChangeOrders(@QueryParam("poNum") String poNum, @QueryParam("sessionId") String sessionId)
public Response getChangeOrders(@QueryParam("sessionId") String sessionId, @QueryParam("poNum") String poNum)
throws AstuteException {
authService.getUser(sessionId);
authService.authenticateSession(sessionId);
return new ApiResponse(service.getChangeOrders(poNum)).toResponse();
}
@Path("/{PONum}/{changeOrderNum}")
@PUT
public Response updateChangeOrder(ChangeOrderRequest request, @PathParam("PONum") String PONum, @PathParam("changeOrderNum") int changeOrderNum)
public Response updateChangeOrder(@QueryParam("sessionId") String sessionId, ChangeOrderRequest request, @PathParam("PONum") String PONum, @PathParam("changeOrderNum") int changeOrderNum)
throws AstuteException {
authService.authenticateSession(sessionId);
service.updateChangeOrder(PONum,changeOrderNum, request.getChangeOrderAmt(), request.getChangeOrderDate(), request.getDescription());
return new ApiResponse(ApiResponse.UPDATE_ACCESS_SUCESS).toResponse();
}
@POST
public Response createChangeOrder(ChangeOrderRequest request)
public Response createChangeOrder(@QueryParam("sessionId") String sessionId, ChangeOrderRequest request)
throws AstuteException {
authService.authenticateSession(sessionId);
return new ApiResponse(service.createChangeOrder(request.getPoNum(), request.getChangeOrderNum(), request.getChangeOrderAmt(),
request.getChangeOrderDate(), request.getDescription())).toResponse();
}

2
AstuteSystem/src/main/java/com/astute/resources/CustomerContactResource.java
View File

@ -32,7 +32,7 @@ public class CustomerContactResource {
return new ApiResponse(service.getCustomerContacts(customerId)).toResponse();
}
@Path("/{customerId}/{contactId}")
@Path("/{customerId}")
@PUT
public Response updateCustomerContact(@PathParam("customerId") String customerId, CustomerContactRequest request)
throws AstuteException {

14
AstuteSystem/src/main/java/com/astute/resources/InvoicePaymentResource.java
View File

@ -3,6 +3,7 @@ package com.astute.resources;
import com.astute.exceptions.AstuteException;
import com.astute.requests.InvoicePaymentRequest;
import com.astute.response.ApiResponse;
import com.astute.service.AuthService;
import com.astute.service.InvoicePaymentService;
import javax.ws.rs.*;
@ -18,21 +19,24 @@ import java.text.SimpleDateFormat;
public class InvoicePaymentResource {
private com.astute.service.InvoicePaymentService service = new InvoicePaymentService();
private com.astute.service.AuthService authService = new AuthService();
public InvoicePaymentResource() {
}
@GET
public Response getInvoicePayments(@QueryParam("invoiceNum") String invoiceNum)
public Response getInvoicePayments(@QueryParam("sessionId") String sessionId, @QueryParam("invoiceNum") String invoiceNum)
throws AstuteException {
authService.authenticateSession(sessionId);
return new ApiResponse(service.getInvoicePayments(invoiceNum)).toResponse();
}
@Path("/{invoiceNum}/{invoicePaymentId}")
@PUT
public Response updateInvoicePayment(InvoicePaymentRequest request, @PathParam("invoiceNum") String invoiceNum, @PathParam("invoicePaymentId") int invoicePaymentId, @PathParam("checkTransactionNo")String checkTransactionNo)
public Response updateInvoicePayment(@QueryParam("sessionId") String sessionId, InvoicePaymentRequest request, @PathParam("invoiceNum") String invoiceNum, @PathParam("invoicePaymentId") int invoicePaymentId, @PathParam("checkTransactionNo")String checkTransactionNo)
throws AstuteException, ParseException {
authService.authenticateSession(sessionId);
String dateStr = request.getPaymentDate();
SimpleDateFormat df = new SimpleDateFormat("yyyy-MM-dd");
Date date = new java.sql.Date(df.parse(dateStr).getTime());
@ -41,8 +45,9 @@ public class InvoicePaymentResource {
}
@POST
public Response createInvoicePayment(InvoicePaymentRequest request)
public Response createInvoicePayment(@QueryParam("sessionId") String sessionId, InvoicePaymentRequest request)
throws AstuteException, ParseException {
authService.authenticateSession(sessionId);
String dateStr = request.getPaymentDate();
SimpleDateFormat df = new SimpleDateFormat("yyyy-MM-dd");
Date date = new java.sql.Date(df.parse(dateStr).getTime());
@ -52,7 +57,8 @@ public class InvoicePaymentResource {
@GET
@Path("/paymentTypes")
public Response getInvoicePaymentTypes() throws AstuteException {
public Response getInvoicePaymentTypes(@QueryParam("sessionId") String sessionId) throws AstuteException {
authService.authenticateSession(sessionId);
return new ApiResponse(service.getPaymentTypes()).toResponse();
}

47
AstuteSystem/src/main/java/com/astute/resources/InvoiceResource.java
View File

@ -5,6 +5,7 @@ import com.astute.exceptions.DatabaseException;
import com.astute.requests.InvoiceDetailRequest;
import com.astute.requests.InvoiceMasterRequest;
import com.astute.response.ApiResponse;
import com.astute.service.AuthService;
import com.astute.service.InvoiceService;
import javax.ws.rs.*;
@ -21,36 +22,39 @@ import java.text.SimpleDateFormat;
public class InvoiceResource {
private com.astute.service.InvoiceService service = new InvoiceService();
private com.astute.service.AuthService authService = new AuthService();
public InvoiceResource() {
}
@GET
public Response getInvoiceMaster(@QueryParam("invoiceNumber") String invoiceNumber, @QueryParam("pmtStatus") int pmtStatus)
public Response getInvoiceMaster(@QueryParam("sessionId") String sessionId, @QueryParam("invoiceNumber") String invoiceNumber, @QueryParam("pmtStatus") int pmtStatus)
throws AstuteException {
authService.authenticateSession(sessionId);
return new ApiResponse(service.getInvoiceMaster(invoiceNumber, pmtStatus)).toResponse();
}
@Path("/paymentStatuses")
@GET
public Response getPaymentStatuses() throws AstuteException {
public Response getPaymentStatuses(@QueryParam("sessionId") String sessionId) throws AstuteException {
authService.authenticateSession(sessionId);
return new ApiResponse(service.getPaymentStatuses()).toResponse();
}
@Path("/detail")
@GET
public Response getInvoiceDetail(@QueryParam("invoiceNumber") String invoiceNumber, @QueryParam("lineItemNo") int lineItemNo)
public Response getInvoiceDetail(@QueryParam("sessionId") String sessionId, @QueryParam("invoiceNumber") String invoiceNumber, @QueryParam("lineItemNo") int lineItemNo)
throws AstuteException {
authService.authenticateSession(sessionId);
return new ApiResponse(service.getInvoiceDetail(invoiceNumber,lineItemNo)).toResponse();
}
@Path("/{InvoiceNum}")
@PUT
public Response updateInvoiceMaster(@PathParam("InvoiceNum") String InvoiceNum, InvoiceMasterRequest request)
public Response updateInvoiceMaster(@QueryParam("sessionId") String sessionId, @PathParam("InvoiceNum") String InvoiceNum, InvoiceMasterRequest request)
throws AstuteException, ParseException {
authService.authenticateSession(sessionId);
service.updateInvoiceMaster(InvoiceNum, request.getInvoiceDate(), request.getPoNum(),
request.getPmtStatus(), request.getBillAmt(), request.getSpecialNotes(), request.getCertification(), request.getInvoiceStatus());
return new ApiResponse(ApiResponse.UPDATE_ACCESS_SUCESS).toResponse();
@ -58,33 +62,37 @@ public class InvoiceResource {
@Path("/{InvoiceNum}/delete")
@PUT
public Response deleteInvoice(@PathParam("InvoiceNum") String InvoiceNum)
public Response deleteInvoice(@QueryParam("sessionId") String sessionId, @PathParam("InvoiceNum") String InvoiceNum)
throws AstuteException {
authService.authenticateSession(sessionId);
service.deleteInvoice(InvoiceNum);
return new ApiResponse(ApiResponse.UPDATE_ACCESS_SUCESS).toResponse();
}
@Path("/detail/{InvoiceNum}/{lineItemNum}")
@PUT
public Response updateInvoiceDetail(@PathParam("InvoiceNum") String InvoiceNum, @PathParam("lineItemNum") int lineItemNum, InvoiceDetailRequest request)
public Response updateInvoiceDetail(@QueryParam("sessionId") String sessionId, @PathParam("InvoiceNum") String InvoiceNum, @PathParam("lineItemNum") int lineItemNum, InvoiceDetailRequest request)
throws AstuteException {
authService.authenticateSession(sessionId);
service.updateInvoiceDetail(InvoiceNum, lineItemNum, request.getPoLineItemNum(), request.getServiceTypeId(),
request.getDesc(), request.getQty(), request.getFee(), request.getFeeTypeId());
return new ApiResponse(ApiResponse.UPDATE_ACCESS_SUCESS).toResponse();
}
@POST
public Response createInvoiceMaster(InvoiceMasterRequest request)
public Response createInvoiceMaster(@QueryParam("sessionId") String sessionId, InvoiceMasterRequest request)
throws AstuteException, ParseException {
authService.authenticateSession(sessionId);
service.createInvoiceMaster(request.getInvoiceNumber(), request.getInvoiceDate(), request.getPoNum(),
request.getPmtStatus(), request.getBillAmt(), request.getSpecialNotes(), request.getCertification(), request.getInvoiceStatus());
return new ApiResponse(ApiResponse.UPDATE_ACCESS_SUCESS).toResponse();
}
@Path("/detail")
@POST
public Response createInvoiceDetail(InvoiceDetailRequest request)
public Response createInvoiceDetail(@QueryParam("sessionId") String sessionId, InvoiceDetailRequest request)
throws AstuteException {
authService.authenticateSession(sessionId);
service.createInvoiceDetail(request.getInvoiceNum(), request.getLineItemNum(), request.getPoLineItemNum(), request.getServiceTypeId(),
request.getDesc(), request.getQty(), request.getFee(), request.getFeeTypeId());
return new ApiResponse(ApiResponse.UPDATE_ACCESS_SUCESS).toResponse();
@ -92,41 +100,46 @@ public class InvoiceResource {
@Path("/generatedInvoice/{InvoiceNum}")
@GET
public Response getGeneratedInvoice(@PathParam("InvoiceNum") String InvoiceNum) throws AstuteException {
public Response getGeneratedInvoice(@QueryParam("sessionId") String sessionId, @PathParam("InvoiceNum") String InvoiceNum) throws AstuteException {
authService.authenticateSession(sessionId);
return new ApiResponse(service.getGeneratedInvoice(InvoiceNum)).toResponse();
}
@Path("/generateInvoiceNumber/{PONum}")
@GET
public Response generateInvoiceNumber(@PathParam("PONum") String PONum) throws AstuteException {
public Response generateInvoiceNumber(@QueryParam("sessionId") String sessionId, @PathParam("PONum") String PONum) throws AstuteException {
authService.authenticateSession(sessionId);
return new ApiResponse(service.generateInvoiceNumber(PONum)).toResponse();
}
@Path("/{InvoiceNumber}/submit")
@PUT
public Response submitInvoice(@PathParam("InvoiceNumber") String InvoiceNumber) throws AstuteException {
public Response submitInvoice(@QueryParam("sessionId") String sessionId, @PathParam("InvoiceNumber") String InvoiceNumber) throws AstuteException {
authService.authenticateSession(sessionId);
service.submitInvoice(InvoiceNumber);
return new ApiResponse(ApiResponse.UPDATE_ACCESS_SUCESS).toResponse();
}
@Path("/{InvoiceNumber}/void")
@PUT
public Response voidInvoice(@PathParam("InvoiceNumber") String InvoiceNumber) throws AstuteException {
public Response voidInvoice(@QueryParam("sessionId") String sessionId, @PathParam("InvoiceNumber") String InvoiceNumber) throws AstuteException {
authService.authenticateSession(sessionId);
service.voidInvoice(InvoiceNumber);
return new ApiResponse(ApiResponse.UPDATE_ACCESS_SUCESS).toResponse();
}
@Path("/{InvoiceNumber}/duplicate")
@PUT
public Response duplicateInvoice(@PathParam("InvoiceNumber") String InvoiceNumber) throws AstuteException {
public Response duplicateInvoice(@QueryParam("sessionId") String sessionId, @PathParam("InvoiceNumber") String InvoiceNumber) throws AstuteException {
authService.authenticateSession(sessionId);
return new ApiResponse(service.dupliateInvoice(InvoiceNumber)).toResponse();
}
@Path("/submitted")
@GET
public Response getSubmittedInvoiceNumbers() throws AstuteException {
public Response getSubmittedInvoiceNumbers(@QueryParam("sessionId") String sessionId) throws AstuteException {
System.out.println("In getSubmittedInvoiceNumbers");
authService.authenticateSession(sessionId);
return new ApiResponse(service.getSubmittedInvoiceNumbers()).toResponse();
}

36
AstuteSystem/src/main/java/com/astute/resources/POResource.java
View File

@ -4,6 +4,7 @@ import com.astute.exceptions.AstuteException;
import com.astute.requests.PODetailRequest;
import com.astute.requests.POMasterRequest;
import com.astute.response.ApiResponse;
import com.astute.service.AuthService;
import com.astute.service.POService;
import javax.ws.rs.*;
@ -19,56 +20,62 @@ import java.text.SimpleDateFormat;
public class POResource {
private POService POService = new POService();
private AuthService authService = new AuthService();
public POResource() {
}
public POResource() { }
@GET
public Response getPOMaster(
@QueryParam("PONum") String PONum,
public Response getPOMaster(@QueryParam("sessionId") String sessionId,
@QueryParam("PONum") String PONum,
@QueryParam("ContractNum") String contractNum,
@QueryParam("PODate") String PODate, String astuteProjectNumber)
throws AstuteException, ParseException {
return new ApiResponse(POService.getPOMaster(PONum, contractNum, PODate, astuteProjectNumber)).toResponse();
authService.authenticateSession(sessionId);
return new ApiResponse(POService.getPOMaster(PONum, contractNum, PODate, astuteProjectNumber)).toResponse();
}
@Path("/detail")
@GET
public Response getPODetail(@QueryParam("PONum") String PONum, @QueryParam("lineItemNo") int lineItemNo)
public Response getPODetail(@QueryParam("sessionId") String sessionId, @QueryParam("PONum") String PONum, @QueryParam("lineItemNo") int lineItemNo)
throws AstuteException {
authService.authenticateSession(sessionId);
return new ApiResponse(POService.getPODetail(PONum, lineItemNo)).toResponse();
}
@Path("/{PONum}")
@PUT
public Response updatePOMaster(@PathParam("PONum") String PONum, POMasterRequest request)
public Response updatePOMaster(@QueryParam("sessionId") String sessionId, @PathParam("PONum") String PONum, POMasterRequest request)
throws AstuteException, ParseException {
System.out.println("PODate in Resource is "+ request.getPODate());
authService.authenticateSession(sessionId);
POService.updatePOMaster(PONum, request.getContractNum(), request.getPODate(), request.getContractAmt(), request.getAstuteProjectNumber(), request.getTitle(), request.getNotes());
return new ApiResponse(ApiResponse.UPDATE_ACCESS_SUCESS).toResponse();
}
@Path("/detail/{PONum}/{lineItemNo}")
@PUT
public Response updatePODetail(@PathParam("PONum") String PONum, @PathParam("lineItemNo") int lineItemNo, PODetailRequest request)
public Response updatePODetail(@QueryParam("sessionId") String sessionId, @PathParam("PONum") String PONum, @PathParam("lineItemNo") int lineItemNo, PODetailRequest request)
throws AstuteException {
authService.authenticateSession(sessionId);
POService.updatePODetail(PONum, lineItemNo, request.getServiceDesc(), request.getFeeTypeId(),
request.getQty(), request.getFee(), request.getServiceTypeId(), request.getRemainingQuantity());
return new ApiResponse(ApiResponse.UPDATE_ACCESS_SUCESS).toResponse();
}
@POST
public Response createPOMaster(POMasterRequest request)
public Response createPOMaster(@QueryParam("sessionId") String sessionId, POMasterRequest request)
throws AstuteException, ParseException {
authService.authenticateSession(sessionId);
POService.createPOMaster(request.getPoNum(), request.getContractNum(), request.getPODate(), request.getContractAmt(), request.getCustomerId(), request.getAstuteProjectNumber(),request.getTitle(), request.getNotes());
return new ApiResponse(ApiResponse.UPDATE_ACCESS_SUCESS).toResponse();
}
@Path("/detail")
@POST
public Response createPODetail(PODetailRequest request)
public Response createPODetail(@QueryParam("sessionId") String sessionId, PODetailRequest request)
throws AstuteException {
authService.authenticateSession(sessionId);
POService.createPODetail(request.getPoNum(), request.getLineItemNo(), request.getServiceDesc(), request.getFeeTypeId(),
request.getQty(), request.getFee(), request.getServiceTypeId(), request.getRemainingQuantity());
return new ApiResponse(ApiResponse.UPDATE_ACCESS_SUCESS).toResponse();
@ -77,7 +84,8 @@ public class POResource {
// Finalize
@Path("/{PONum}/finalize")
@PUT
public Response finalizePO(@PathParam("PONum") String PONum) throws AstuteException {
public Response finalizePO(@QueryParam("sessionId") String sessionId, @PathParam("PONum") String PONum) throws AstuteException {
authService.authenticateSession(sessionId);
POService.finalizePO(PONum);
return new ApiResponse(ApiResponse.UPDATE_ACCESS_SUCESS).toResponse();
}
@ -85,7 +93,8 @@ public class POResource {
// delete
@Path("/{PONum}/delete")
@PUT
public Response deletePO(@PathParam("PONum") String PONum) throws AstuteException {
public Response deletePO(@QueryParam("sessionId") String sessionId, @PathParam("PONum") String PONum) throws AstuteException {
authService.authenticateSession(sessionId);
POService.deletePO(PONum);
return new ApiResponse(ApiResponse.UPDATE_ACCESS_SUCESS).toResponse();
}
@ -93,7 +102,8 @@ public class POResource {
// Misc
@Path("/serviceTypes")
@GET
public Response getServiceTypes() throws AstuteException {
public Response getServiceTypes(@QueryParam("sessionId") String sessionId) throws AstuteException {
authService.authenticateSession(sessionId);
return new ApiResponse(POService.getServiceTypes()).toResponse();
}

14
AstuteSystem/src/main/java/com/astute/resources/ServiceTypeResource.java
View File

@ -25,35 +25,37 @@ public class ServiceTypeResource {
}
@GET
public Response getServiceTypes()
public Response getServiceTypes(@QueryParam("sessionId") String sessionId)
throws AstuteException {
// TODO , @QueryParam("sessionId") String sessionId
// authService.getUser(sessionId);
authService.authenticateSession(sessionId);
return new ApiResponse(service.getServiceTypes()).toResponse();
}
@Path("/{serviceTypeId}")
@PUT
public Response updateServiceType(@PathParam("serviceTypeId") int serviceTypeId, @QueryParam("serviceTypeDesc") String serviceTypeDesc)
public Response updateServiceType(@QueryParam("sessionId") String sessionId, @PathParam("serviceTypeId") int serviceTypeId, @QueryParam("serviceTypeDesc") String serviceTypeDesc)
throws AstuteException {
System.out.println("in updateServiceType()");
authService.authenticateSession(sessionId);
service.updateServiceType(serviceTypeId, serviceTypeDesc);
return new ApiResponse(ApiResponse.UPDATE_ACCESS_SUCESS).toResponse();
}
@Path("/delete/{serviceTypeId}")
@PUT
public Response deleteServiceType(@PathParam("serviceTypeId") int serviceTypeId)
public Response deleteServiceType(@QueryParam("sessionId") String sessionId, @PathParam("serviceTypeId") int serviceTypeId)
throws AstuteException {
System.out.println("in deleteServiceType()");
authService.authenticateSession(sessionId);
service.deleteServiceType(serviceTypeId);
return new ApiResponse(ApiResponse.UPDATE_ACCESS_SUCESS).toResponse();
}
@POST
public Response createServiceType(ServiceTypeRequest request)
public Response createServiceType(@QueryParam("sessionId") String sessionId, ServiceTypeRequest request)
throws AstuteException {
System.out.println("in AstuteSyste createServiceType()");
authService.authenticateSession(sessionId);
service.createServiceType(request.getServiceTypeDesc());
return new ApiResponse(ApiResponse.UPDATE_ACCESS_SUCESS).toResponse();
}

11
AstuteSystem/src/main/java/com/astute/service/AuthService.java
View File

@ -19,12 +19,15 @@ public class AuthService extends Service{
return getDao().login(username,password);
}
public String getUser(String sessionId) throws AstuteException {
User user = getDao().getUser(sessionId);
if (user == null) {
public Integer authenticateSession(String sessionId) throws AstuteException {
Integer userId = getDao().authenticateSession(sessionId);
if (userId == null) {
throw new AstuteException(AUTH_ERROR, "Authentication Error. Please login first!");
}
return user.getUsername();
return userId;
}
public void logout(String sessionId) throws AstuteException {
getDao().logout(sessionId);
}
}

2
AstuteSystem/src/main/java/com/astute/service/CustomerService.java
View File

@ -13,7 +13,7 @@ public class CustomerService extends Service{
super();
}
public List<Customer> getCustomers(String sessionId, String customerId)
public List<Customer> getCustomers(String customerId)
throws AstuteException {
return getDao().getCustomers(customerId);