From 7f7edc0986b74ad513d7edee944927f650d3ba35 Mon Sep 17 00:00:00 2001 From: Pete Meyer Date: Mon, 21 Aug 2017 11:47:42 -0400 Subject: [PATCH 1/7] first pass at filling in the create oai set API --- .../iq/dataverse/api/HarvestingServer.java | 76 +++++++++++++------ 1 file changed, 54 insertions(+), 22 deletions(-) diff --git a/src/main/java/edu/harvard/iq/dataverse/api/HarvestingServer.java b/src/main/java/edu/harvard/iq/dataverse/api/HarvestingServer.java index 6d7cf218e35..b9781fcd07a 100644 --- a/src/main/java/edu/harvard/iq/dataverse/api/HarvestingServer.java +++ b/src/main/java/edu/harvard/iq/dataverse/api/HarvestingServer.java @@ -104,30 +104,62 @@ public Response oaiSet(@PathParam("specname") String spec, @QueryParam("key") St "Internal error: failed to produce output for OAI set " + spec + "."); } } - + + /** + * create an OAI set from spec in path and other parameters from POST body (as JSON). + * {"name":$set_name, "description":$optional_set_description,"defination":$set_search_query_string}. + */ @POST @Path("{specname}") - public Response createOaiSet(String jsonBody, @PathParam("specname") String spec, @QueryParam("key") String apiKey) throws IOException, JsonParseException { - - //try () { - StringReader rdr = new StringReader(jsonBody); - JsonObject json = Json.createReader(rdr).readObject(); - - OAISet set = new OAISet(); - // TODO: check that it doesn't exist yet... - set.setSpec(spec); - // TODO: jsonParser().parseOaiSet(json, set); - - oaiSetService.save(set); - - return created( "/harvest/server/oaisets" + spec, oaiSetAsJson(set)); - - //} catch (JsonParseException ex) { - // return errorResponse( Response.Status.BAD_REQUEST, "Error parsing OAI set: " + ex.getMessage() ); - - //} catch (WrappedResponse ex) { - // return ex.getResponse(); - //} + public Response createOaiSet(String jsonBody, @PathParam("specname") String spec, @QueryParam("key") String apiKey) throws IOException, JsonParseException + { + + //try () { + StringReader rdr = new StringReader(jsonBody); + JsonObject json = Json.createReader(rdr).readObject(); + + OAISet set = new OAISet(); + // TODO: check that it doesn't exist yet... + set.setSpec(spec); + // TODO: jsonParser().parseOaiSet(json, set); + String name,desc,defn; + try + { + name = json.getString("name"); + } + catch( NullPointerException npe_name) + { + throw new JsonParseException("name unspecified"); + } + try + { + defn = json.getString("defination"); + } + catch( NullPointerException npe_defn) + { + throw new JsonParseException("defination unspecified"); + } + try + { + desc = json.getString("description"); + } + catch( NullPointerException npe_desc) + { + desc = ""; //treating description as optional + } + set.setName( name ); + set.setDescription( desc ); + set.setDefinition( defn ); + oaiSetService.save(set); + + return created( "/harvest/server/oaisets" + spec, oaiSetAsJson(set)); + + //} catch (JsonParseException ex) { + // return errorResponse( Response.Status.BAD_REQUEST, "Error parsing OAI set: " + ex.getMessage() ); + + //} catch (WrappedResponse ex) { + // return ex.getResponse(); + //} } @PUT From 99030ac6d417cc264bce96c08c40fedd73a7d4bf Mon Sep 17 00:00:00 2001 From: Pete Meyer Date: Mon, 21 Aug 2017 12:47:34 -0400 Subject: [PATCH 2/7] first pass superuser req --- .../iq/dataverse/api/HarvestingServer.java | 29 +++++++++++++++++-- 1 file changed, 27 insertions(+), 2 deletions(-) diff --git a/src/main/java/edu/harvard/iq/dataverse/api/HarvestingServer.java b/src/main/java/edu/harvard/iq/dataverse/api/HarvestingServer.java index b9781fcd07a..b191182c2ee 100644 --- a/src/main/java/edu/harvard/iq/dataverse/api/HarvestingServer.java +++ b/src/main/java/edu/harvard/iq/dataverse/api/HarvestingServer.java @@ -20,6 +20,7 @@ import edu.harvard.iq.dataverse.harvest.server.OAISet; import edu.harvard.iq.dataverse.harvest.server.OAISetServiceBean; import edu.harvard.iq.dataverse.util.json.JsonParseException; +import edu.harvard.iq.dataverse.authorization.users.User; import javax.json.JsonObjectBuilder; import static edu.harvard.iq.dataverse.util.json.NullSafeJsonBuilder.jsonObjectBuilder; import java.io.IOException; @@ -111,17 +112,41 @@ public Response oaiSet(@PathParam("specname") String spec, @QueryParam("key") St */ @POST @Path("{specname}") + //@Path("/api/admin/harvest/server/oaisets/{specname}") // doesn't work. public Response createOaiSet(String jsonBody, @PathParam("specname") String spec, @QueryParam("key") String apiKey) throws IOException, JsonParseException { + //TODO - add authentication + /* + * getRequestApiKey : string + * AuthenticatedUser findUserByApiToken + * or findUserOrDie for covering both + * but which permission to check for - DataverseRole.ADMIN probably corresponds to dataverse admin, not installation admin. + * can I move this behind the admin endpoint? - no. + * So who's currently allowed to create OAI sets? `isSuperUser()` from HarvestingSetsPage + * ah - should work the same way - User.isSuperUser() + */ + AuthenticatedUser dvUser; + try + { + dvUser = findAuthenticatedUserOrDie(); + } + catch( WrappedResponse wr ) + { + return wr.getResponse(); + } + if ( ! dvUser.isSuperuser() ) + { + return badRequest( "only superusers can create OAI sets"); + } + - //try () { StringReader rdr = new StringReader(jsonBody); JsonObject json = Json.createReader(rdr).readObject(); OAISet set = new OAISet(); // TODO: check that it doesn't exist yet... + // today's fun fact - you can create exact duplicate OAI sets, apparently without error. set.setSpec(spec); - // TODO: jsonParser().parseOaiSet(json, set); String name,desc,defn; try { From 43ac017fa920cd3a7b8824a9825de082347f3197 Mon Sep 17 00:00:00 2001 From: Pete Meyer Date: Mon, 21 Aug 2017 12:56:08 -0400 Subject: [PATCH 3/7] cleanup --- .../iq/dataverse/api/HarvestingServer.java | 17 +---------------- 1 file changed, 1 insertion(+), 16 deletions(-) diff --git a/src/main/java/edu/harvard/iq/dataverse/api/HarvestingServer.java b/src/main/java/edu/harvard/iq/dataverse/api/HarvestingServer.java index b191182c2ee..985230ea4e8 100644 --- a/src/main/java/edu/harvard/iq/dataverse/api/HarvestingServer.java +++ b/src/main/java/edu/harvard/iq/dataverse/api/HarvestingServer.java @@ -112,18 +112,10 @@ public Response oaiSet(@PathParam("specname") String spec, @QueryParam("key") St */ @POST @Path("{specname}") - //@Path("/api/admin/harvest/server/oaisets/{specname}") // doesn't work. public Response createOaiSet(String jsonBody, @PathParam("specname") String spec, @QueryParam("key") String apiKey) throws IOException, JsonParseException { - //TODO - add authentication /* - * getRequestApiKey : string - * AuthenticatedUser findUserByApiToken - * or findUserOrDie for covering both - * but which permission to check for - DataverseRole.ADMIN probably corresponds to dataverse admin, not installation admin. - * can I move this behind the admin endpoint? - no. - * So who's currently allowed to create OAI sets? `isSuperUser()` from HarvestingSetsPage - * ah - should work the same way - User.isSuperUser() + * authorization modeled after the UI (aka HarvestingSetsPage) */ AuthenticatedUser dvUser; try @@ -178,13 +170,6 @@ public Response createOaiSet(String jsonBody, @PathParam("specname") String spec oaiSetService.save(set); return created( "/harvest/server/oaisets" + spec, oaiSetAsJson(set)); - - //} catch (JsonParseException ex) { - // return errorResponse( Response.Status.BAD_REQUEST, "Error parsing OAI set: " + ex.getMessage() ); - - //} catch (WrappedResponse ex) { - // return ex.getResponse(); - //} } @PUT From d06456b504f2d56ae3dd310192cfbc03ddedf3e6 Mon Sep 17 00:00:00 2001 From: Stephen Kraffmiller Date: Tue, 10 Oct 2017 16:12:28 -0400 Subject: [PATCH 4/7] #4096 Add validators for admin user and name length --- src/main/java/Bundle.properties | 2 + .../iq/dataverse/HarvestingSetsPage.java | 7 + .../iq/dataverse/api/HarvestingServer.java | 124 +++++++++--------- 3 files changed, 74 insertions(+), 59 deletions(-) diff --git a/src/main/java/Bundle.properties b/src/main/java/Bundle.properties index bf6753279b0..37120aca13f 100755 --- a/src/main/java/Bundle.properties +++ b/src/main/java/Bundle.properties @@ -479,6 +479,8 @@ harvestserver.editSetDialog.setspec.helptext=The name can not be changed once th harvestserver.newSetDialog.setspec.required=Name (OAI setSpec) cannot be empty! harvestserver.newSetDialog.setspec.invalid=Name (OAI setSpec) can contain only letters, digits, underscores (_) and dashes (-). harvestserver.newSetDialog.setspec.alreadyused=This set name (OAI setSpec) is already used. +harvestserver.newSetDialog.setspec.sizelimit=This set name (OAI setSpec) may be no longer than 30 characters. +harvestserver.newSetDialog.setspec.superUser.required=Only superusers may create OAI sets. harvestserver.newSetDialog.setdescription=Description harvestserver.newSetDialog.setdescription.tip=Provide a brief description for this OAI set. diff --git a/src/main/java/edu/harvard/iq/dataverse/HarvestingSetsPage.java b/src/main/java/edu/harvard/iq/dataverse/HarvestingSetsPage.java index cdb157f0ad4..11f83df9491 100644 --- a/src/main/java/edu/harvard/iq/dataverse/HarvestingSetsPage.java +++ b/src/main/java/edu/harvard/iq/dataverse/HarvestingSetsPage.java @@ -479,6 +479,13 @@ public void validateSetSpec(FacesContext context, UIComponent toValidate, Object if (context.getExternalContext().getRequestParameterMap().get("DO_VALIDATION") != null) { if (!StringUtils.isEmpty(value)) { + if (value.length() > 30){ + input.setValid(false); + context.addMessage(toValidate.getClientId(), + new FacesMessage(FacesMessage.SEVERITY_ERROR, "", JH.localize("harvestserver.newSetDialog.setspec.sizelimit"))); + return; + + } if (!Pattern.matches("^[a-zA-Z0-9\\_\\-]+$", value)) { input.setValid(false); context.addMessage(toValidate.getClientId(), diff --git a/src/main/java/edu/harvard/iq/dataverse/api/HarvestingServer.java b/src/main/java/edu/harvard/iq/dataverse/api/HarvestingServer.java index 985230ea4e8..769c440c5d9 100644 --- a/src/main/java/edu/harvard/iq/dataverse/api/HarvestingServer.java +++ b/src/main/java/edu/harvard/iq/dataverse/api/HarvestingServer.java @@ -21,14 +21,18 @@ import edu.harvard.iq.dataverse.harvest.server.OAISetServiceBean; import edu.harvard.iq.dataverse.util.json.JsonParseException; import edu.harvard.iq.dataverse.authorization.users.User; +import static edu.harvard.iq.dataverse.util.JsfHelper.JH; import javax.json.JsonObjectBuilder; import static edu.harvard.iq.dataverse.util.json.NullSafeJsonBuilder.jsonObjectBuilder; import java.io.IOException; import java.io.StringReader; import java.util.List; +import java.util.ResourceBundle; import java.util.logging.Logger; +import java.util.regex.Pattern; import javax.ejb.EJB; import javax.ejb.Stateless; +import javax.faces.application.FacesMessage; import javax.json.Json; import javax.json.JsonArrayBuilder; import javax.json.JsonObject; @@ -40,6 +44,7 @@ import javax.ws.rs.PathParam; import javax.ws.rs.QueryParam; import javax.ws.rs.core.Response; +import org.apache.commons.lang.StringUtils; /** * @@ -107,69 +112,70 @@ public Response oaiSet(@PathParam("specname") String spec, @QueryParam("key") St } /** - * create an OAI set from spec in path and other parameters from POST body (as JSON). - * {"name":$set_name, "description":$optional_set_description,"defination":$set_search_query_string}. + * create an OAI set from spec in path and other parameters from POST body + * (as JSON). {"name":$set_name, + * "description":$optional_set_description,"definition":$set_search_query_string}. */ @POST @Path("{specname}") - public Response createOaiSet(String jsonBody, @PathParam("specname") String spec, @QueryParam("key") String apiKey) throws IOException, JsonParseException - { - /* + public Response createOaiSet(String jsonBody, @PathParam("specname") String spec, @QueryParam("key") String apiKey) throws IOException, JsonParseException { + /* * authorization modeled after the UI (aka HarvestingSetsPage) - */ - AuthenticatedUser dvUser; - try - { - dvUser = findAuthenticatedUserOrDie(); - } - catch( WrappedResponse wr ) - { - return wr.getResponse(); - } - if ( ! dvUser.isSuperuser() ) - { - return badRequest( "only superusers can create OAI sets"); - } - - - StringReader rdr = new StringReader(jsonBody); - JsonObject json = Json.createReader(rdr).readObject(); - - OAISet set = new OAISet(); - // TODO: check that it doesn't exist yet... - // today's fun fact - you can create exact duplicate OAI sets, apparently without error. - set.setSpec(spec); - String name,desc,defn; - try - { - name = json.getString("name"); - } - catch( NullPointerException npe_name) - { - throw new JsonParseException("name unspecified"); - } - try - { - defn = json.getString("defination"); - } - catch( NullPointerException npe_defn) - { - throw new JsonParseException("defination unspecified"); - } - try - { - desc = json.getString("description"); - } - catch( NullPointerException npe_desc) - { - desc = ""; //treating description as optional - } - set.setName( name ); - set.setDescription( desc ); - set.setDefinition( defn ); - oaiSetService.save(set); - - return created( "/harvest/server/oaisets" + spec, oaiSetAsJson(set)); + */ + AuthenticatedUser dvUser; + try { + dvUser = findAuthenticatedUserOrDie(); + } catch (WrappedResponse wr) { + return wr.getResponse(); + } + if (!dvUser.isSuperuser()) { + return badRequest(ResourceBundle.getBundle("Bundle").getString("harvestserver.newSetDialog.setspec.superUser.required")); + } + + StringReader rdr = new StringReader(jsonBody); + JsonObject json = Json.createReader(rdr).readObject(); + + OAISet set = new OAISet(); + //Validating spec + if (!StringUtils.isEmpty(spec)) { + if (spec.length() > 30) { + return badRequest(ResourceBundle.getBundle("Bundle").getString("harvestserver.newSetDialog.setspec.sizelimit")); + } + if (!Pattern.matches("^[a-zA-Z0-9\\_\\-]+$", spec)) { + return badRequest(ResourceBundle.getBundle("Bundle").getString("harvestserver.newSetDialog.setspec.invalid")); + // If it passes the regex test, check + } + if (oaiSetService.findBySpec(spec) != null) { + return badRequest(ResourceBundle.getBundle("Bundle").getString("harvestserver.newSetDialog.setspec.alreadyused")); + } + + } else { + return badRequest(ResourceBundle.getBundle("Bundle").getString("harvestserver.newSetDialog.setspec.required")); + } + set.setSpec(spec); + String name, desc, defn; + + try { + name = json.getString("name"); + } catch (NullPointerException npe_name) { + return badRequest(ResourceBundle.getBundle("Bundle").getString("harvestserver.newSetDialog.setspec.required")); + } + try { + defn = json.getString("definition"); + } catch (NullPointerException npe_defn) { + throw new JsonParseException("definition unspecified"); + } + try { + desc = json.getString("description"); + } catch (NullPointerException npe_desc) { + desc = ""; //treating description as optional + } + set.setName(name); + set.setDescription(desc); + set.setDefinition(defn); + oaiSetService.save(set); + + return created("/harvest/server/oaisets" + spec, oaiSetAsJson(set)); } @PUT From 132eb7f6f83b175349522b6d58a61ec0e471b9c7 Mon Sep 17 00:00:00 2001 From: Pete Meyer Date: Fri, 9 Mar 2018 10:15:51 -0500 Subject: [PATCH 5/7] first pass admin API for triggering manual OAI set export --- .../harvard/iq/dataverse/api/Metadata.java | 47 ++++++++++++++++++- 1 file changed, 45 insertions(+), 2 deletions(-) diff --git a/src/main/java/edu/harvard/iq/dataverse/api/Metadata.java b/src/main/java/edu/harvard/iq/dataverse/api/Metadata.java index b77954bf1a5..5084b5267a4 100644 --- a/src/main/java/edu/harvard/iq/dataverse/api/Metadata.java +++ b/src/main/java/edu/harvard/iq/dataverse/api/Metadata.java @@ -13,6 +13,12 @@ import javax.ws.rs.Produces; import javax.ws.rs.core.Response; +import javax.ws.rs.core.Response; +import javax.ws.rs.PathParam; +import javax.ws.rs.PUT; +import edu.harvard.iq.dataverse.harvest.server.OAISetServiceBean; +import edu.harvard.iq.dataverse.harvest.server.OAISet; + /** * * @author Leonid Andreev @@ -22,7 +28,10 @@ @Path("admin/metadata") public class Metadata extends AbstractApiBean { private static final Logger logger = Logger.getLogger(Metadata.class.getName()); - + + @EJB + OAISetServiceBean oaiSetService; + @EJB DatasetServiceBean datasetService; @@ -50,5 +59,39 @@ public Response exportAll() { public Response reExportAll() { datasetService.reExportAllAsync(); return this.accepted(); - } + } + + /** + * initial attempt at triggering indexing/creation/population of a OAI set without going throught + * the UI. + */ + @PUT + @Path("/exportOAI/{specname}") + public Response exportOaiSet( @PathParam("specname") String spec ) + { + // assuming this belongs here (because it's a metadata export), but open to moving it elsewhere + OAISet set = null; + try + { + set = oaiSetService.findBySpec(spec); + } + catch(Exception ex) + { + return error(Response.Status.BAD_REQUEST,"bad request / invalid OAI set"); + } + if ( null == set ) + { + return error(Response.Status.NOT_FOUND, "unable to find specified OAI set"); + } + try + { + oaiSetService.setUpdateInProgress( set.getId() ); + oaiSetService.exportOaiSetAsync(set); + return ok("export started"); + } + catch( Exception ex ) + { + return error(Response.Status.BAD_REQUEST, "problem exporting OAI set"); + } + } } From eb6064d5a6fc9fe285585a5c7600a0d430337ea6 Mon Sep 17 00:00:00 2001 From: Pete Meyer Date: Fri, 9 Mar 2018 11:46:25 -0500 Subject: [PATCH 6/7] very minimal harvesting server API tests --- .../iq/dataverse/api/HarvestingServerIT.java | 95 +++++++++++++++++++ .../edu/harvard/iq/dataverse/api/UtilIT.java | 3 +- 2 files changed, 97 insertions(+), 1 deletion(-) create mode 100644 src/test/java/edu/harvard/iq/dataverse/api/HarvestingServerIT.java diff --git a/src/test/java/edu/harvard/iq/dataverse/api/HarvestingServerIT.java b/src/test/java/edu/harvard/iq/dataverse/api/HarvestingServerIT.java new file mode 100644 index 00000000000..648d8aa6e34 --- /dev/null +++ b/src/test/java/edu/harvard/iq/dataverse/api/HarvestingServerIT.java @@ -0,0 +1,95 @@ +package edu.harvard.iq.dataverse.api; + +import java.util.logging.Logger; +import com.jayway.restassured.RestAssured; +import org.junit.BeforeClass; +import org.junit.AfterClass; +import org.junit.Test; +import static junit.framework.Assert.assertEquals; + +import com.jayway.restassured.response.Response; +import static com.jayway.restassured.RestAssured.given; + +/** + * extremely minimal API tests for creating OAI sets. + */ +public class HarvestingServerIT +{ + private static final Logger logger = Logger.getLogger(HarvestingServerIT.class.getCanonicalName()); + + @BeforeClass + public static void setUpClass() + { + RestAssured.baseURI = UtilIT.getRestAssuredBaseUri(); + } + + @AfterClass + public static void afterClass() + { + //intentional no-op until there's cleanup to be done + } + + private void setupUsers() + { + Response cu0 = UtilIT.createRandomUser(); + normalUserAPIKey = UtilIT.getApiTokenFromResponse( cu0 ); + Response cu1 = UtilIT.createRandomUser(); + String un1 = UtilIT.getUsernameFromResponse( cu1 ); + Response u1a = UtilIT.makeSuperUser( un1 ); + adminUserAPIKey = UtilIT.getApiTokenFromResponse( cu1 ); + } + + private String jsonForTestSpec(String name, String def) + { + String r = String.format("{\"name\":\"%s\",\"definition\":\"%s\"}",name,def);//description is optional + return r; + } + + private String normalUserAPIKey; + private String adminUserAPIKey; + + @Test + public void testSetCreation() + { + setupUsers(); + String setName = UtilIT.getRandomString(6); + String def="*"; + + // make sure the set does not exist + String u0 = String.format("/api/harvest/server/oaisets/%s",setName); + Response r0 = given() + .get( u0 ); + assertEquals( 404, r0.getStatusCode() ); + + // try to create set as normal user, should fail + + Response r1 = given() + .header( UtilIT.API_TOKEN_HTTP_HEADER,normalUserAPIKey) + .body( jsonForTestSpec( setName,def) ) + .post( u0 ); + assertEquals( 400, r1.getStatusCode() ); + + // try to create set as admin user, should succeed + Response r2 = given() + .header( UtilIT.API_TOKEN_HTTP_HEADER,adminUserAPIKey) + .body( jsonForTestSpec( setName,def) ) + .post( u0 ); + assertEquals( 201, r2.getStatusCode() ); + + // try to create set with same name as admin user, should fail + Response r3 = given() + .header( UtilIT.API_TOKEN_HTTP_HEADER,adminUserAPIKey) + .body( jsonForTestSpec( setName,def) ) + .post( u0 ); + assertEquals( 400, r3.getStatusCode() ); + + // try to export set as admin user, should succeed (under admin API, not checking that normal user will fail) + String u1 = String.format("/api/admin/metadata/exportOAI/%s",setName); + Response r4 = given() + .put( u1 ); + assertEquals( 200 , r4.getStatusCode() ); + + // TODO - get an answer to the question of if it's worth cleaning up (users, sets) or not + + } +} diff --git a/src/test/java/edu/harvard/iq/dataverse/api/UtilIT.java b/src/test/java/edu/harvard/iq/dataverse/api/UtilIT.java index a45452fe388..2ab8d589aca 100644 --- a/src/test/java/edu/harvard/iq/dataverse/api/UtilIT.java +++ b/src/test/java/edu/harvard/iq/dataverse/api/UtilIT.java @@ -138,7 +138,8 @@ private static String getRandomUsername(String usernamePrefix) { return usernamePrefix + getRandomIdentifier().substring(0, 8); } - public static String getRandomString(int length) { + public static String getRandomString(int length) { +//is it worth replacing with something that doesn't error out on getRandomString(8) if (length < 0) { length = 3; } From f514d1a67eacd56460029c695904c5740afbff61 Mon Sep 17 00:00:00 2001 From: Pete Meyer Date: Fri, 9 Mar 2018 12:40:15 -0500 Subject: [PATCH 7/7] avoid resource leak --- .../iq/dataverse/api/HarvestingServer.java | 87 ++++++++++--------- 1 file changed, 46 insertions(+), 41 deletions(-) diff --git a/src/main/java/edu/harvard/iq/dataverse/api/HarvestingServer.java b/src/main/java/edu/harvard/iq/dataverse/api/HarvestingServer.java index 5ede4dcf611..bf5964d44ef 100644 --- a/src/main/java/edu/harvard/iq/dataverse/api/HarvestingServer.java +++ b/src/main/java/edu/harvard/iq/dataverse/api/HarvestingServer.java @@ -34,6 +34,7 @@ import javax.ejb.Stateless; import javax.faces.application.FacesMessage; import javax.json.Json; +import javax.json.JsonReader; import javax.json.JsonArrayBuilder; import javax.json.JsonObject; import javax.ws.rs.DELETE; @@ -133,49 +134,53 @@ public Response createOaiSet(String jsonBody, @PathParam("specname") String spec } StringReader rdr = new StringReader(jsonBody); - JsonObject json = Json.createReader(rdr).readObject(); - - OAISet set = new OAISet(); - //Validating spec - if (!StringUtils.isEmpty(spec)) { - if (spec.length() > 30) { - return badRequest(ResourceBundle.getBundle("Bundle").getString("harvestserver.newSetDialog.setspec.sizelimit")); - } - if (!Pattern.matches("^[a-zA-Z0-9\\_\\-]+$", spec)) { - return badRequest(ResourceBundle.getBundle("Bundle").getString("harvestserver.newSetDialog.setspec.invalid")); - // If it passes the regex test, check - } - if (oaiSetService.findBySpec(spec) != null) { - return badRequest(ResourceBundle.getBundle("Bundle").getString("harvestserver.newSetDialog.setspec.alreadyused")); - } - - } else { - return badRequest(ResourceBundle.getBundle("Bundle").getString("harvestserver.newSetDialog.setspec.required")); - } - set.setSpec(spec); - String name, desc, defn; + + try( JsonReader jrdr = Json.createReader(rdr) ) + { + JsonObject json = jrdr.readObject(); - try { - name = json.getString("name"); - } catch (NullPointerException npe_name) { - return badRequest(ResourceBundle.getBundle("Bundle").getString("harvestserver.newSetDialog.setspec.required")); - } - try { - defn = json.getString("definition"); - } catch (NullPointerException npe_defn) { - throw new JsonParseException("definition unspecified"); - } - try { - desc = json.getString("description"); - } catch (NullPointerException npe_desc) { - desc = ""; //treating description as optional - } - set.setName(name); - set.setDescription(desc); - set.setDefinition(defn); - oaiSetService.save(set); + OAISet set = new OAISet(); + //Validating spec + if (!StringUtils.isEmpty(spec)) { + if (spec.length() > 30) { + return badRequest(ResourceBundle.getBundle("Bundle").getString("harvestserver.newSetDialog.setspec.sizelimit")); + } + if (!Pattern.matches("^[a-zA-Z0-9\\_\\-]+$", spec)) { + return badRequest(ResourceBundle.getBundle("Bundle").getString("harvestserver.newSetDialog.setspec.invalid")); + // If it passes the regex test, check + } + if (oaiSetService.findBySpec(spec) != null) { + return badRequest(ResourceBundle.getBundle("Bundle").getString("harvestserver.newSetDialog.setspec.alreadyused")); + } + + } else { + return badRequest(ResourceBundle.getBundle("Bundle").getString("harvestserver.newSetDialog.setspec.required")); + } + set.setSpec(spec); + String name, desc, defn; - return created("/harvest/server/oaisets" + spec, oaiSetAsJson(set)); + try { + name = json.getString("name"); + } catch (NullPointerException npe_name) { + return badRequest(ResourceBundle.getBundle("Bundle").getString("harvestserver.newSetDialog.setspec.required")); + } + try { + defn = json.getString("definition"); + } catch (NullPointerException npe_defn) { + throw new JsonParseException("definition unspecified"); + } + try { + desc = json.getString("description"); + } catch (NullPointerException npe_desc) { + desc = ""; //treating description as optional + } + set.setName(name); + set.setDescription(desc); + set.setDefinition(defn); + oaiSetService.save(set); + return created("/harvest/server/oaisets" + spec, oaiSetAsJson(set)); + } + } @PUT