2 * ============LICENSE_START==========================================
4 * ===================================================================
5 * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
6 * ===================================================================
8 * Unless otherwise specified, all software contained herein is licensed
9 * under the Apache License, Version 2.0 (the "License");
10 * you may not use this software except in compliance with the License.
11 * You may obtain a copy of the License at
13 * http://www.apache.org/licenses/LICENSE-2.0
15 * Unless required by applicable law or agreed to in writing, software
16 * distributed under the License is distributed on an "AS IS" BASIS,
17 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
18 * See the License for the specific language governing permissions and
19 * limitations under the License.
21 * Unless otherwise specified, all documentation contained herein is licensed
22 * under the Creative Commons License, Attribution 4.0 Intl. (the "License");
23 * you may not use this documentation except in compliance with the License.
24 * You may obtain a copy of the License at
26 * https://creativecommons.org/licenses/by/4.0/
28 * Unless required by applicable law or agreed to in writing, documentation
29 * distributed under the License is distributed on an "AS IS" BASIS,
30 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
31 * See the License for the specific language governing permissions and
32 * limitations under the License.
34 * ============LICENSE_END============================================
38 package org.onap.portalapp.portal.controller;
40 import io.swagger.annotations.ApiOperation;
41 import java.util.List;
42 import javax.servlet.http.HttpServletRequest;
43 import javax.servlet.http.HttpServletResponse;
44 import javax.validation.Valid;
45 import lombok.NoArgsConstructor;
46 import org.onap.portalapp.portal.domain.EPApp;
47 import org.onap.portalapp.portal.domain.EPUser;
48 import org.onap.portalapp.portal.ecomp.model.PortalRestResponse;
49 import org.onap.portalapp.portal.ecomp.model.PortalRestStatusEnum;
50 import org.onap.portalapp.portal.logging.aop.EPAuditLog;
51 import org.onap.portalapp.portal.service.AdminRolesService;
52 import org.onap.portalapp.portal.service.EPAppService;
53 import org.onap.portalapp.portal.service.PortalAdminService;
54 import org.onap.portalapp.portal.service.UserService;
55 import org.onap.portalapp.portal.transport.FieldsValidator;
56 import org.onap.portalapp.portal.transport.OnboardingApp;
57 import org.onap.portalapp.portal.utils.EPCommonSystemProperties;
58 import org.onap.portalapp.portal.utils.EcompPortalUtils;
59 import org.onap.portalapp.portal.utils.PortalConstants;
60 import org.onap.portalapp.validation.DataValidator;
61 import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;
62 import org.springframework.beans.factory.annotation.Autowired;
63 import org.springframework.context.annotation.Configuration;
64 import org.springframework.context.annotation.EnableAspectJAutoProxy;
65 import org.springframework.web.bind.annotation.PathVariable;
66 import org.springframework.web.bind.annotation.RequestBody;
67 import org.springframework.web.bind.annotation.RequestMapping;
68 import org.springframework.web.bind.annotation.GetMapping;
69 import org.springframework.web.bind.annotation.PutMapping;
70 import org.springframework.web.bind.annotation.PostMapping;
71 import org.springframework.web.bind.annotation.RequestMethod;
72 import org.springframework.web.bind.annotation.ResponseBody;
73 import org.springframework.web.bind.annotation.RestController;
76 * Processes requests from external systems (i.e., not the front-end web UI).
77 * First use case is ONAP Controller, which has to create an admin and onboard
78 * itself upon launch of a fresh Portal.
80 * Listens on the "auxapi" path prefix. Provides alternate implementations of
81 * methods in several existing controllers because an EPUser object is not
82 * available in the session for these requests.
84 * Checks credentials sent via HTTP Basic Authentication. The Portal's basic
85 * HTTP authentication system requires that the user names and endpoints are
86 * registered together.
89 @RequestMapping(PortalConstants.REST_AUX_API)
91 @EnableAspectJAutoProxy
94 public class AppsControllerExternalRequest implements BasicAuthenticationController {
95 private static final String ONBOARD_APP = "/onboardApp";
96 private static final String DATA_IS_NOT_VALID = "Data is not valid";
97 private static final String REQUEST = "request";
98 private static final String RESPONSE = "response";
100 private static final DataValidator DATA_VALIDATOR = new DataValidator();
101 private static final EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(AppsControllerExternalRequest.class);
103 private AdminRolesService adminRolesService;
104 private EPAppService appService;
105 private PortalAdminService portalAdminService;
106 private UserService userService;
109 public AppsControllerExternalRequest(AdminRolesService adminRolesService,
110 EPAppService appService, PortalAdminService portalAdminService,
111 UserService userService) {
112 this.adminRolesService = adminRolesService;
113 this.appService = appService;
114 this.portalAdminService = portalAdminService;
115 this.userService = userService;
120 * Creates a new user as a Portal administrator.
123 * { "loginId" : "abc123", "loginPwd": "", "email":"ecomp@controller" }
126 * @param request HttpServletRequest
127 * @param epUser User details; the email and orgUserId fields are mandatory
128 * @param response HttpServletResponse
129 * @return PortalRestResponse with success or failure
131 @ApiOperation(value = "Creates a new user as a Portal administrator.", response = PortalRestResponse.class)
132 @PostMapping(value = "/portalAdmin", produces = "application/json")
134 public PortalRestResponse<String> postPortalAdmin(HttpServletRequest request, HttpServletResponse response,
135 @Valid @RequestBody EPUser epUser) {
136 EcompPortalUtils.logAndSerializeObject(logger, "postPortalAdmin", REQUEST, epUser);
137 PortalRestResponse<String> portalResponse = new PortalRestResponse<>();
138 if (epUser == null) {
139 portalResponse.setStatus(PortalRestStatusEnum.ERROR);
140 portalResponse.setMessage("User can not be NULL");
141 return portalResponse;
142 } else if (!DATA_VALIDATOR.isValid(epUser)) {
143 portalResponse.setStatus(PortalRestStatusEnum.ERROR);
144 portalResponse.setMessage(DATA_IS_NOT_VALID);
145 return portalResponse;
148 if (epUser.getEmail() == null || epUser.getEmail().trim().length() == 0 //
149 || epUser.getLoginId() == null || epUser.getLoginId().trim().length() == 0 //
150 || epUser.getLoginPwd() == null) {
151 portalResponse.setStatus(PortalRestStatusEnum.ERROR);
152 portalResponse.setMessage("Missing required field: email, loginId, or loginPwd");
153 return portalResponse;
157 // Check for existing user; create if not found.
158 List<EPUser> userList = userService.getUserByUserId(epUser.getOrgUserId());
159 if (userList == null || userList.isEmpty()) {
160 // Create user with first, last names etc.; do check for
162 String userCreateResult = userService.saveNewUser(epUser, "Yes");
163 if (!"success".equals(userCreateResult)) {
164 portalResponse.setStatus(PortalRestStatusEnum.ERROR);
165 portalResponse.setMessage(userCreateResult);
166 return portalResponse;
170 // Check for Portal admin status; promote if not.
171 if (adminRolesService.isSuperAdmin(epUser)) {
172 portalResponse.setStatus(PortalRestStatusEnum.OK);
175 fv = portalAdminService.createPortalAdmin(epUser.getOrgUserId());
176 if (fv != null && fv.httpStatusCode.intValue() == HttpServletResponse.SC_OK) {
177 portalResponse.setStatus(PortalRestStatusEnum.OK);
179 portalResponse.setStatus(PortalRestStatusEnum.ERROR);
181 portalResponse.setMessage(fv.toString());
185 } catch (Exception ex) {
186 // Uncaught exceptions yield 404 and an empty error page
187 logger.error(EELFLoggerDelegate.errorLogger, ex.getMessage(), ex);
188 response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
189 portalResponse.setStatus(PortalRestStatusEnum.ERROR);
190 portalResponse.setMessage(ex.toString());
193 EcompPortalUtils.logAndSerializeObject(logger, "postPortalAdmin", RESPONSE, portalResponse);
194 return portalResponse;
198 * Gets the specified application that is on-boarded in Portal.
200 * @param request HttpServletRequest
201 * @param appId Application ID to get
202 * @param response httpServletResponse
203 * @return OnboardingApp objects
205 @ApiOperation(value = "Gets the specified application that is on-boarded in Portal.", response = OnboardingApp.class)
206 @GetMapping(value = {ONBOARD_APP + "/{appId}"}, produces = "application/json")
208 public OnboardingApp getOnboardAppExternal(HttpServletRequest request, HttpServletResponse response,
209 @PathVariable("appId") Long appId) {
210 EPApp epApp = appService.getApp(appId);
211 OnboardingApp obApp = new OnboardingApp();
212 epApp.setAppPassword(EPCommonSystemProperties.APP_DISPLAY_PASSWORD); //to hide password from get request
213 appService.createOnboardingFromApp(epApp, obApp);
214 EcompPortalUtils.logAndSerializeObject(logger, "getOnboardAppExternal", RESPONSE, obApp);
219 * Adds a new application to Portal. The My Logins App Owner in the request must be the organization user ID of a
220 * person who is a Portal administrator.
224 * "myLoginsAppOwner" : "abc123",
225 * "name": "dashboard",
226 * "url": "http://k8s/something",
227 * "restUrl" : "http://targeturl.com",
228 * "restrictedApp" : true,
234 * @param request HttpServletRequest
235 * @param response httpServletResponse
236 * @param newOnboardApp Message with details about the app to add
237 * @return PortalRestResponse
239 @ApiOperation(value = "Adds a new application to Portal.", response = PortalRestResponse.class)
240 @PostMapping(value = {ONBOARD_APP}, produces = "application/json")
242 public PortalRestResponse<String> postOnboardAppExternal(HttpServletRequest request, HttpServletResponse response,
243 @Valid @RequestBody OnboardingApp newOnboardApp) {
244 EcompPortalUtils.logAndSerializeObject(logger, "postOnboardAppExternal", REQUEST, newOnboardApp);
245 PortalRestResponse<String> portalResponse = new PortalRestResponse<>();
246 if (newOnboardApp == null) {
247 portalResponse.setStatus(PortalRestStatusEnum.ERROR);
248 portalResponse.setMessage("newOnboardApp can not be NULL");
249 return portalResponse;
250 } else if (!DATA_VALIDATOR.isValid(newOnboardApp)) {
251 portalResponse.setStatus(PortalRestStatusEnum.ERROR);
252 portalResponse.setMessage(DATA_IS_NOT_VALID);
253 return portalResponse;
256 if (newOnboardApp.id != null) {
257 portalResponse.setStatus(PortalRestStatusEnum.ERROR);
258 portalResponse.setMessage("Unexpected field: id");
259 return portalResponse;
261 if (checkOnboardingApp(newOnboardApp)) {
262 portalResponse.setStatus(PortalRestStatusEnum.ERROR);
263 portalResponse.setMessage(
264 "Missing required field: name, url, restUrl, restrictedApp, isOpen, isEnabled, myLoginsAppOwner");
265 return portalResponse;
269 List<EPUser> userList;
270 userList = userService.getUserByUserId(newOnboardApp.myLoginsAppOwner);
271 if (userList == null || userList.size() != 1) {
272 portalResponse.setStatus(PortalRestStatusEnum.ERROR);
273 portalResponse.setMessage("Failed to find user: " + newOnboardApp.myLoginsAppOwner);
275 return portalResponse;
278 EPUser epUser = userList.get(0);
279 // Check for Portal admin status
280 if (!adminRolesService.isSuperAdmin(epUser)) {
281 portalResponse.setStatus(PortalRestStatusEnum.ERROR);
282 portalResponse.setMessage("User lacks Portal admin role: " + epUser.getLoginId());
283 return portalResponse;
286 newOnboardApp.normalize();
287 FieldsValidator fv = appService.addOnboardingApp(newOnboardApp, epUser);
288 if (fv.httpStatusCode.intValue() == HttpServletResponse.SC_OK) {
289 portalResponse.setStatus(PortalRestStatusEnum.OK);
291 portalResponse.setStatus(PortalRestStatusEnum.ERROR);
292 portalResponse.setMessage(fv.toString());
294 } catch (Exception ex) {
295 // Uncaught exceptions yield 404 and an empty error page
296 logger.error(EELFLoggerDelegate.errorLogger, ex.getMessage(), ex);
297 response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
298 portalResponse.setStatus(PortalRestStatusEnum.ERROR);
299 portalResponse.setMessage(ex.toString());
301 EcompPortalUtils.logAndSerializeObject(logger, "postOnboardAppExternal", RESPONSE, portalResponse);
302 return portalResponse;
306 * Updates information about an on-boarded application in Portal. The My Logins App Owner in the request must be
307 * the organization user ID of a person who is a Portal administrator.
311 * "myLoginsAppOwner" : "abc123",
312 * "name": "dashboard",
313 * "url": "http://k8s/something",
314 * "restUrl" : "http://targeturl.com",
315 * "restrictedApp" : true,
321 * @param request HttpServletRequest
322 * @param response httpServletResponse
323 * @param appId application id
324 * @param oldOnboardApp Message with details about the app to add
325 * @return PortalRestResponse
327 @ApiOperation(value = "Updates information about an on-boarded application in Portal.", response = PortalRestResponse.class)
328 @PutMapping(value = {ONBOARD_APP + "/{appId}"}, produces = "application/json")
330 public PortalRestResponse<String> putOnboardAppExternal(HttpServletRequest request, HttpServletResponse response,
331 @PathVariable("appId") Long appId, @Valid @RequestBody OnboardingApp oldOnboardApp) {
332 EcompPortalUtils.logAndSerializeObject(logger, "putOnboardAppExternal", REQUEST, oldOnboardApp);
333 PortalRestResponse<String> portalResponse = new PortalRestResponse<>();
335 if (oldOnboardApp == null){
336 portalResponse.setStatus(PortalRestStatusEnum.ERROR);
337 portalResponse.setMessage("OnboardingApp can not be NULL");
338 return portalResponse;
339 }else if (!DATA_VALIDATOR.isValid(oldOnboardApp)) {
340 portalResponse.setStatus(PortalRestStatusEnum.ERROR);
341 portalResponse.setMessage(DATA_IS_NOT_VALID);
342 return portalResponse;
347 if (appId == null || !appId.equals(oldOnboardApp.id)) {
348 portalResponse.setStatus(PortalRestStatusEnum.ERROR);
349 portalResponse.setMessage("Unexpected value for field: id");
350 return portalResponse;
352 if (checkOnboardingApp(oldOnboardApp)) {
354 portalResponse.setStatus(PortalRestStatusEnum.ERROR);
355 portalResponse.setMessage(
356 "Missing required field: name, url, restUrl, restrictedApp, isOpen, isEnabled, myLoginsAppOwner");
357 return portalResponse;
361 List<EPUser> userList;
362 userList = userService.getUserByUserId(oldOnboardApp.myLoginsAppOwner);
363 if (userList == null || userList.size() != 1) {
364 portalResponse.setStatus(PortalRestStatusEnum.ERROR);
365 portalResponse.setMessage("Failed to find user: " + oldOnboardApp.myLoginsAppOwner);
367 return portalResponse;
370 EPUser epUser = userList.get(0);
371 // Check for Portal admin status
372 if (!adminRolesService.isSuperAdmin(epUser)) {
373 portalResponse.setStatus(PortalRestStatusEnum.ERROR);
374 portalResponse.setMessage("User lacks Portal admin role: " + epUser.getLoginId());
375 return portalResponse;
378 oldOnboardApp.normalize();
379 FieldsValidator fv = appService.modifyOnboardingApp(oldOnboardApp, epUser);
380 if (fv.httpStatusCode.intValue() == HttpServletResponse.SC_OK) {
381 portalResponse.setStatus(PortalRestStatusEnum.OK);
383 portalResponse.setStatus(PortalRestStatusEnum.ERROR);
384 portalResponse.setMessage(fv.toString());
386 } catch (Exception ex) {
387 // Uncaught exceptions yield 404 and an empty error page
388 logger.error(EELFLoggerDelegate.errorLogger, ex.getMessage(), ex);
389 response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
390 portalResponse.setStatus(PortalRestStatusEnum.ERROR);
391 portalResponse.setMessage(ex.toString());
393 EcompPortalUtils.logAndSerializeObject(logger, "putOnboardAppExternal", RESPONSE, portalResponse);
394 return portalResponse;
397 private boolean checkOnboardingApp(OnboardingApp onboardingApp) {
398 return checkIfFieldsAreNull(onboardingApp) || checkIfFieldsAreEmpty(onboardingApp);
401 private boolean checkIfFieldsAreNull(OnboardingApp onboardingApp) {
402 return onboardingApp.name == null || onboardingApp.url == null || onboardingApp.restUrl == null
403 || onboardingApp.myLoginsAppOwner == null || onboardingApp.restrictedApp == null
404 || onboardingApp.isOpen == null || onboardingApp.isEnabled == null;
407 private boolean checkIfFieldsAreEmpty(OnboardingApp onboardingApp) {
408 return onboardingApp.name.trim().isEmpty()
409 || onboardingApp.url.trim().isEmpty()
410 || onboardingApp.restUrl.trim().isEmpty()
411 || onboardingApp.myLoginsAppOwner.trim().isEmpty();