2 * ============LICENSE_START==========================================
4 * ===================================================================
5 * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
6 * ===================================================================
8 * Unless otherwise specified, all software contained herein is licensed
9 * under the Apache License, Version 2.0 (the "License");
10 * you may not use this software except in compliance with the License.
11 * You may obtain a copy of the License at
13 * http://www.apache.org/licenses/LICENSE-2.0
15 * Unless required by applicable law or agreed to in writing, software
16 * distributed under the License is distributed on an "AS IS" BASIS,
17 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
18 * See the License for the specific language governing permissions and
19 * limitations under the License.
21 * Unless otherwise specified, all documentation contained herein is licensed
22 * under the Creative Commons License, Attribution 4.0 Intl. (the "License");
23 * you may not use this documentation except in compliance with the License.
24 * You may obtain a copy of the License at
26 * https://creativecommons.org/licenses/by/4.0/
28 * Unless required by applicable law or agreed to in writing, documentation
29 * distributed under the License is distributed on an "AS IS" BASIS,
30 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
31 * See the License for the specific language governing permissions and
32 * limitations under the License.
34 * ============LICENSE_END============================================
38 package org.onap.portalapp.portal.controller;
40 import java.util.List;
42 import javax.servlet.http.HttpServletRequest;
43 import javax.servlet.http.HttpServletResponse;
45 import org.onap.portalapp.controller.EPRestrictedBaseController;
46 import org.onap.portalapp.portal.domain.EPRole;
47 import org.onap.portalapp.portal.domain.EPUser;
48 import org.onap.portalapp.portal.domain.EcompAuditLog;
49 import org.onap.portalapp.portal.logging.aop.EPAuditLog;
50 import org.onap.portalapp.portal.logging.aop.EPEELFLoggerAdvice;
51 import org.onap.portalapp.portal.logging.logic.EPLogUtil;
52 import org.onap.portalapp.portal.service.AdminRolesService;
53 import org.onap.portalapp.portal.service.PortalAdminService;
54 import org.onap.portalapp.portal.transport.FieldsValidator;
55 import org.onap.portalapp.portal.transport.PortalAdmin;
56 import org.onap.portalapp.portal.utils.EPCommonSystemProperties;
57 import org.onap.portalapp.portal.utils.EcompPortalUtils;
58 import org.onap.portalapp.util.EPUserUtils;
59 import org.onap.portalsdk.core.domain.AuditLog;
60 import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;
61 import org.onap.portalsdk.core.service.AuditService;
62 import org.onap.portalsdk.core.util.SystemProperties;
64 import org.springframework.beans.factory.annotation.Autowired;
65 import org.springframework.context.annotation.EnableAspectJAutoProxy;
66 import org.springframework.web.bind.annotation.PathVariable;
67 import org.springframework.web.bind.annotation.RequestBody;
68 import org.springframework.web.bind.annotation.RequestMapping;
69 import org.springframework.web.bind.annotation.RequestMethod;
70 import org.springframework.web.bind.annotation.RestController;
73 @org.springframework.context.annotation.Configuration
74 @EnableAspectJAutoProxy
76 public class PortalAdminController extends EPRestrictedBaseController {
78 PortalAdminService portalAdminService;
80 AdminRolesService adminRolesService;
82 AuditService auditService;
84 EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(PortalAdminController.class);
86 @RequestMapping(value = { "/portalApi/portalAdmins" }, method = RequestMethod.GET, produces = "application/json")
87 public List<PortalAdmin> getPortalAdmins(HttpServletRequest request, HttpServletResponse response) {
88 EPUser user = EPUserUtils.getUserSession(request);
89 List<PortalAdmin> portalAdmins = null;
91 logger.debug(EELFLoggerDelegate.debugLogger, "PortalAdminController.getPortalAdmins, null user");
92 EcompPortalUtils.setBadPermissions(user, response, "getPortalAdmins");
93 } else if (!adminRolesService.isSuperAdmin(user)) {
94 logger.debug(EELFLoggerDelegate.debugLogger, "PortalAdminController.getPortalAdmins, bad permissions");
95 EcompPortalUtils.setBadPermissions(user, response, "createPortalAdmin");
97 // return the list of portal admins
98 portalAdmins = portalAdminService.getPortalAdmins();
99 logger.debug(EELFLoggerDelegate.debugLogger, "portalAdmins: called getPortalAdmins()");
100 EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/getPortalAdmins", "result =", portalAdmins);
107 * RESTful service method to create a new portal admin. Requirement: you
108 * must be the ONAP portal super admin user.
112 * @return FieldsValidator
114 @RequestMapping(value = { "/portalApi/portalAdmin" }, method = RequestMethod.POST)
115 public FieldsValidator createPortalAdmin(HttpServletRequest request, @RequestBody String userId,
116 HttpServletResponse response) {
117 EPUser user = EPUserUtils.getUserSession(request);
118 FieldsValidator fieldsValidator = null;
120 logger.debug(EELFLoggerDelegate.debugLogger, "PortalAdminController.createPortalAdmin, null user");
121 EcompPortalUtils.setBadPermissions(user, response, "createPortalAdmin");
122 } else if (!adminRolesService.isSuperAdmin(user)) {
123 logger.debug(EELFLoggerDelegate.debugLogger, "PortalAdminController.createPortalAdmin bad permissions");
124 EcompPortalUtils.setBadPermissions(user, response, "createPortalAdmin");
126 fieldsValidator = portalAdminService.createPortalAdmin(userId);
127 int statusCode = fieldsValidator.httpStatusCode.intValue();
128 response.setStatus(statusCode);
129 if (statusCode == 200) {
130 AuditLog auditLog = new AuditLog();
131 auditLog.setUserId(user.getId());
132 auditLog.setActivityCode(EcompAuditLog.CD_ACTIVITY_ADD_PORTAL_ADMIN);
133 auditLog.setAffectedRecordId(userId);
135 auditService.logActivity(auditLog, null);
136 } catch (Exception e) {
137 logger.error(EELFLoggerDelegate.errorLogger, "createPortalAdmin: failed for save audit log", e);
139 MDC.put(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP, EPEELFLoggerAdvice.getCurrentDateTimeUTC());
140 MDC.put(EPCommonSystemProperties.AUDITLOG_END_TIMESTAMP, EPEELFLoggerAdvice.getCurrentDateTimeUTC());
141 EcompPortalUtils.calculateDateTimeDifferenceForLog(
142 MDC.get(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP),
143 MDC.get(EPCommonSystemProperties.AUDITLOG_END_TIMESTAMP));
144 logger.info(EELFLoggerDelegate.auditLogger,
145 EPLogUtil.formatAuditLogMessage("PortalAdminController.createPortalAdmin",
146 EcompAuditLog.CD_ACTIVITY_ADD_PORTAL_ADMIN, user.getOrgUserId(), userId,
147 "A new Portal Admin has been added"));
148 MDC.remove(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP);
149 MDC.remove(EPCommonSystemProperties.AUDITLOG_END_TIMESTAMP);
150 MDC.remove(SystemProperties.MDC_TIMER);
153 EcompPortalUtils.logAndSerializeObject(logger, "/portalAdmin", "POST result =", response.getStatus());
155 return fieldsValidator;
158 @RequestMapping(value = { "/portalApi/portalAdmin/{userInfo}" }, method = RequestMethod.DELETE)
159 public FieldsValidator deletePortalAdmin(HttpServletRequest request, @PathVariable("userInfo") String userInfo,
160 HttpServletResponse response) {
161 int userIdIdx = userInfo.indexOf("-");
164 FieldsValidator fieldsValidator = null;
166 if (userIdIdx == -1) {
167 logger.error(EELFLoggerDelegate.errorLogger, "deletePortalAdmin missing userId");
168 return fieldsValidator;
170 String userIdStr = userInfo.substring(0, userIdIdx);
171 userId = Long.valueOf(userIdStr);
172 sbcid = userInfo.substring(userIdIdx + 1, userInfo.length());
174 } catch (Exception e) {
175 logger.error(EELFLoggerDelegate.errorLogger, "deletePortalAdmin error while parsing the userInfo", e);
177 EPUser user = EPUserUtils.getUserSession(request);
178 if (!adminRolesService.isSuperAdmin(user)) {
179 EcompPortalUtils.setBadPermissions(user, response, "deletePortalAdmin");
181 fieldsValidator = portalAdminService.deletePortalAdmin(userId);
182 int statusCode = fieldsValidator.httpStatusCode.intValue();
183 response.setStatus(statusCode);
184 if (statusCode == 200) {
185 AuditLog auditLog = new AuditLog();
186 auditLog.setUserId(user.getId());
187 auditLog.setActivityCode(EcompAuditLog.CD_ACTIVITY_DELETE_PORTAL_ADMIN);
188 auditLog.setAffectedRecordId(sbcid);
189 auditService.logActivity(auditLog, null);
191 MDC.put(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP, EPEELFLoggerAdvice.getCurrentDateTimeUTC());
192 MDC.put(EPCommonSystemProperties.AUDITLOG_END_TIMESTAMP, EPEELFLoggerAdvice.getCurrentDateTimeUTC());
193 EcompPortalUtils.calculateDateTimeDifferenceForLog(
194 MDC.get(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP),
195 MDC.get(EPCommonSystemProperties.AUDITLOG_END_TIMESTAMP));
196 logger.info(EELFLoggerDelegate.auditLogger,
197 EPLogUtil.formatAuditLogMessage("PortalAdminController.deletePortalAdmin",
198 EcompAuditLog.CD_ACTIVITY_DELETE_PORTAL_ADMIN, user.getOrgUserId(), sbcid,
199 "A Portal Admin has been deleted"));
200 MDC.remove(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP);
201 MDC.remove(EPCommonSystemProperties.AUDITLOG_END_TIMESTAMP);
202 MDC.remove(SystemProperties.MDC_TIMER);
205 EcompPortalUtils.logAndSerializeObject(logger, "/portalAdmin", "DELETE result =", response.getStatus());
207 return fieldsValidator;
210 @RequestMapping(value = {
211 "/portalApi/adminAppsRoles/{appId}" }, method = RequestMethod.GET, produces = "application/json")
212 public List<EPRole> getRolesByApp(HttpServletRequest request, @PathVariable("appId") Long appId,
213 HttpServletResponse response) {
214 EPUser user = EPUserUtils.getUserSession(request);
215 List<EPRole> rolesByApp = null;
219 EcompPortalUtils.setBadPermissions(user, response, "getUserApps");
221 rolesByApp = adminRolesService.getRolesByApp(user, appId);
223 } catch (Exception e) {
224 logger.error(EELFLoggerDelegate.errorLogger, "getRolesByApp failed", e);