ClaytonWWilson/Listify
1
0
Fork 0
mirror of https://github.com/ClaytonWWilson/Listify.git synced 2025-12-16 10:48:46 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Treat ListSharee as access table

Browse Source 
This is so that multiple users can be paired with a single list.

In the future, we may want to reconsider list deletion behavior to simply remove a user's access and only delete it when no one has access.

We may also want the user deletion Lambda to use the list deletion Lambda when it is created.
This commit is contained in:
NMerz 2020-10-24 14:46:56 -04:00
parent 2637cab282
commit 34d74aae6a
6 changed files with 112 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
Lambdas/Lists/List/src/ListAdder.java
View File

@ -8,7 +8,8 @@ public class ListAdder implements CallHandler {
private Connection connection; private Connection connection;
private String cognitoID; private String cognitoID;
private final String LIST_CREATE = "INSERT INTO List (name, owner, lastUpdated) VALUES (?, ?, ?)"; private final String LIST_CREATE = "INSERT INTO List (name, owner, lastUpdated) VALUES (?, ?, ?);";
private final String LIST_ACCESS_GRANT = "INSERT INTO ListSharee(listID, userID) VALUES(?, ?);";
public ListAdder(Connection connection, String cognitoID) { public ListAdder(Connection connection, String cognitoID) {
this.connection = connection; this.connection = connection;
@ -17,7 +18,9 @@ public class ListAdder implements CallHandler {
public Object conductAction(Map<String, Object> bodyMap, HashMap<String, String> queryString, String cognitoID) throws SQLException { public Object conductAction(Map<String, Object> bodyMap, HashMap<String, String> queryString, String cognitoID) throws SQLException {
PreparedStatement statement = connection.prepareStatement(LIST_CREATE, Statement.RETURN_GENERATED_KEYS); PreparedStatement statement = connection.prepareStatement(LIST_CREATE, Statement.RETURN_GENERATED_KEYS);
statement.setString(1, bodyMap.get("name").toString());//Needs safe checking
String listName = bodyMap.get("name").toString();//Needs safe checking
statement.setString(1, listName);
statement.setString(2, cognitoID); statement.setString(2, cognitoID);
statement.setTimestamp(3, Timestamp.from(Instant.now())); statement.setTimestamp(3, Timestamp.from(Instant.now()));
System.out.println(statement); System.out.println(statement);
@ -25,7 +28,13 @@ public class ListAdder implements CallHandler {
ResultSet newIDRS = statement.getGeneratedKeys(); ResultSet newIDRS = statement.getGeneratedKeys();
newIDRS.first(); newIDRS.first();
Integer newID = newIDRS.getInt(1); Integer newID = newIDRS.getInt(1);
PreparedStatement accessGrant = connection.prepareStatement(LIST_ACCESS_GRANT);
accessGrant.setInt(1, newID);
accessGrant.setString(2, cognitoID);
System.out.println(accessGrant);
accessGrant.executeUpdate();
connection.commit(); connection.commit();
System.out.println(newID);
return newID; return newID;
} }
} }

2
Lambdas/Lists/List/src/ListGetter.java
View File

@ -11,7 +11,7 @@ public class ListGetter implements CallHandler{
private final String cognitoID; private final String cognitoID;
private final String GET_LIST = "SELECT * FROM List WHERE listID = ?;"; private final String GET_LIST = "SELECT * FROM List WHERE listID = ?;";
private final String GET_LISTS = "SELECT listID FROM List WHERE owner = ?;"; private final String GET_LISTS = "SELECT listID FROM ListSharee WHERE userID = ?;";
private final String GET_ENTRIES = "SELECT * FROM ListProduct WHERE listID = ?;"; private final String GET_ENTRIES = "SELECT * FROM ListProduct WHERE listID = ?;";
public ListGetter(Connection connection, String cognitoID) { public ListGetter(Connection connection, String cognitoID) {

11
Lambdas/Lists/ListShare/src/ListSharePOST.java Normal file
View File

@ -0,0 +1,11 @@
import com.amazonaws.services.lambda.runtime.Context;
import com.amazonaws.services.lambda.runtime.RequestHandler;
import java.util.Map;
public class ListSharePOST implements RequestHandler<Map<String,Object>, Object> {
public Object handleRequest(Map<String, Object> inputMap, Context unfilled) {
return BasicHandler.handleRequest(inputMap, unfilled, ListSharer.class);
}
}

68
Lambdas/Lists/ListShare/src/ListSharer.java Normal file
View File

@ -0,0 +1,68 @@
import com.amazonaws.services.lambda.AWSLambdaClientBuilder;
import com.amazonaws.services.lambda.model.InvokeRequest;
import com.amazonaws.services.lambda.model.InvokeResult;
import java.security.AccessControlException;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.util.HashMap;
import java.util.InputMismatchException;
import java.util.Map;
public class ListSharer implements CallHandler {
private Connection connection;
private String cognitoID;
public ListSharer(Connection connection, String cognitoID) {
this.connection = connection;
this.cognitoID = cognitoID;
}
final private String CHECK_ACCESS = "SELECT * from ListSharee WHERE listID = ? AND userID = ?;";
final private String SHARE_LIST = "INSERT INTO ListSharee(listID, userID) VALUES(?, ?);";
public Object conductAction(Map<String, Object> bodyMap, HashMap<String, String> queryString, String cognitoID) throws SQLException {
PreparedStatement checkAccess = connection.prepareStatement(CHECK_ACCESS);
Integer listID = Integer.parseInt(bodyMap.get("listID").toString());
checkAccess.setInt(1, listID);
checkAccess.setString(2, cognitoID);
ResultSet checkAccessRS = checkAccess.executeQuery();
if (!checkAccessRS.next()) {
throw new AccessControlException("The requesting user does not have access to the requested list");
}
InvokeRequest invokeRequest = new InvokeRequest();
invokeRequest.setFunctionName("UserGET");
invokeRequest.setPayload("{" +
" \"body\": {" +
" \"emailToCheck\": \"" + bodyMap.get("shareWith").toString() + "\"" +
" }," +
" \"params\": {" +
" \"querystring\": {" +
" }" +
" }," +
" \"context\": {" +
" \"sub\": \"not used\"" +
" }" +
"}");
InvokeResult invokeResult = AWSLambdaClientBuilder.defaultClient().invoke(invokeRequest);
if (invokeResult.getStatusCode() != 200) {
throw new InputMismatchException("Could not find specified user to share with");
}
String shareWithSub = new String(invokeResult.getPayload().array()).replace("\"", "");
checkAccess.setString(2, shareWithSub);
checkAccessRS = checkAccess.executeQuery();
if (checkAccessRS.next()) {
throw new InputMismatchException("The specified user already has access");
}
PreparedStatement shareList = connection.prepareStatement(SHARE_LIST);
shareList.setInt(1, listID);
shareList.setString(2, shareWithSub);
shareList.executeUpdate();
connection.commit();
return null;
}
}

16
Lambdas/Lists/User/src/UserDeleter.java
View File

@ -19,6 +19,8 @@ public class UserDeleter implements CallHandler {
private final String GET_LISTS = "SELECT * FROM List WHERE (owner = ?);"; private final String GET_LISTS = "SELECT * FROM List WHERE (owner = ?);";
private final String DELETE_LIST_PRODUCT = "DELETE FROM ListProduct WHERE (listID = ?);"; private final String DELETE_LIST_PRODUCT = "DELETE FROM ListProduct WHERE (listID = ?);";
private final String DELETE_LISTS = "DELETE FROM List WHERE (owner = ?);"; private final String DELETE_LISTS = "DELETE FROM List WHERE (owner = ?);";
private final String DELETE_LIST_SHARES = "DELETE FROM ListSharee WHERE (listID = ?);";
private final String DELETE_LIST_ACCESS = "DELETE FROM ListSharee WHERE (userID = ?);";
public UserDeleter(Connection connection, String cognitoID) { public UserDeleter(Connection connection, String cognitoID) {
this.connection = connection; this.connection = connection;
@ -57,13 +59,23 @@ public class UserDeleter implements CallHandler {
statement = connection.prepareStatement(DELETE_LIST_PRODUCT); statement = connection.prepareStatement(DELETE_LIST_PRODUCT);
statement.setInt(1, listID); statement.setInt(1, listID);
System.out.println(statement); System.out.println(statement);
statement.executeQuery(); statement.executeUpdate();
statement = connection.prepareStatement(DELETE_LIST_SHARES);
statement.setInt(1, listID);
System.out.println(statement);
statement.executeUpdate();
} }
statement = connection.prepareStatement(DELETE_LISTS); statement = connection.prepareStatement(DELETE_LISTS);
statement.setString(1, cognitoID); statement.setString(1, cognitoID);
System.out.println(statement); System.out.println(statement);
statement.executeQuery(); statement.executeUpdate();
statement = connection.prepareStatement(DELETE_LIST_ACCESS);
statement.setString(1, cognitoID);
System.out.println(statement);
statement.executeUpdate();
connection.commit(); connection.commit();
return null; return null;

9
Lambdas/Lists/pom.xml
View File

@ -14,10 +14,15 @@
<artifactId>aws-lambda-java-core</artifactId> <artifactId>aws-lambda-java-core</artifactId>
<version>1.2.1</version> <version>1.2.1</version>
</dependency> </dependency>
<dependency>
<groupId>com.amazonaws</groupId>
<artifactId>aws-java-sdk-lambda</artifactId>
<version>1.11.875</version>
</dependency>
<dependency> <dependency>
<groupId>com.amazonaws</groupId> <groupId>com.amazonaws</groupId>
<artifactId>aws-lambda-java-events</artifactId> <artifactId>aws-lambda-java-events</artifactId>
<version>3.1.0</version> <version>3.4.0</version>
</dependency> </dependency>
<dependency> <dependency>
<groupId>com.amazonaws</groupId> <groupId>com.amazonaws</groupId>
@ -42,7 +47,7 @@
<dependency> <dependency>
<groupId>org.apache.httpcomponents</groupId> <groupId>org.apache.httpcomponents</groupId>
<artifactId>httpclient</artifactId> <artifactId>httpclient</artifactId>
<version>4.5.12</version> <version>4.5.13</version>
</dependency> </dependency>
<dependency> <dependency>
<groupId>com.google.code.gson</groupId> <groupId>com.google.code.gson</groupId>