base.jee.api.cassandra.GetPersonByEmail Maven / Gradle / Ivy

Go to download
/**
 * Creative commons Attribution-NonCommercial license.
 *
 * http://creativecommons.org/licenses/by-nc/2.5/au/deed.en_GB
 *
 * NO WARRANTY IS GIVEN OR IMPLIED, USE AT YOUR OWN RISK.
 */
package base.jee.api.cassandra;

import java.io.IOException;

import base.Query;
import com.datastax.driver.core.Row;
import com.datastax.driver.core.Session;
import com.datastax.driver.core.PreparedStatement;
import java.util.Date;
import java.util.LinkedList;
import java.util.List;
import java.util.Map;

import base.jee.Constants;
import base.json.Json;
import base.security.PermissionException;
import base.security.Person;
import base.security.User;

import static base.jee.api.cassandra.util.Log.log;

/**
 * Return the personal details associated with a particular person. A user
 * may only lookup the details associated with their own account unless they
 * have the Types.PERSON_MANAGE permission.
 */
public class GetPersonByEmail extends Query {

	private CassandraAPI api;
	private User user;
	private String email;

	public GetPersonByEmail(CassandraAPI api, User user, String email) throws PermissionException {

		if(api == null) {
			throw new IllegalArgumentException("Invalid parameter: api");
		}
		if(user == null || !user.isAuthenticated()) {
			throw new PermissionException(getClass().getSimpleName(), user, "Authenticate before invoking this command.", null);
		}

		this.api = api;
		this.user = user;
		this.email = email;
	}

	public GetPersonByEmail() {
	}

	@Override
	public Query newWithParameters(Map parameters) throws PermissionException {
		return new GetPersonByEmail(
				(CassandraAPI)parameters.get("api"),
				(User)parameters.get("user"),
				(String)parameters.get("email"));
	}

	public List execute() throws IOException {
		List results = new LinkedList<>();
		Session s = api.getCassandraSession();

		if(!user.hasRole(Constants.PERSON_MANAGE_ROLE)) {
			log(s, "WARN", user, "Permission denied invoking: " + GetPersonByEmail.class.getSimpleName() + " " + getJsonParameters());
			throw new PermissionException(this.getClass().getSimpleName(), user, "You do not have permission to view this persons account details.", Constants.PERSON_MANAGE_ROLE);
		}

		PreparedStatement q = s.prepare(
				"select uuid, first_name, last_name, email, username, last_auth, last_auth_ip, created, updated, expiry "+
				"from  person "+
						"where email = ?");
		for(Row r : s.execute(q.bind(email))) {
			Person p = new Person();
			p.setUuid(r.getUUID(0));
			p.setFirstName(r.getString(1));
			p.setLastName(r.getString(2));
			p.setEmail(r.getString(3));
			p.setUsername(r.getString(4));
			if(r.getLong(5) != 0) {
				p.setLastAuth(new Date(r.getLong(5)));
			}
			p.setLastAuthIp(r.getString(6));
			p.setCreated(new Date(r.getLong(7)));
			p.setUpdated(new Date(r.getLong(8)));
			if(r.getLong(9) > 0) {
				p.setExpiry(new Date(r.getLong(9)));
			}
			results.add(p);
		}

		return results;
	}

	@Override
	public String getJsonParameters() {
		return "{" +
				"\"person\":" + user.getPersonUuid() + "," +
				"\"email\":\"" + Json.escape(email) + "\"" +
				"}";
	}

}