2 * ============LICENSE_START==========================================
4 * ===================================================================
5 * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
6 * ===================================================================
7 * Modifications Copyright (c) 2020 IBM
8 * ===================================================================
10 * Unless otherwise specified, all software contained herein is licensed
11 * under the Apache License, Version 2.0 (the "License");
12 * you may not use this software except in compliance with the License.
13 * You may obtain a copy of the License at
15 * http://www.apache.org/licenses/LICENSE-2.0
17 * Unless required by applicable law or agreed to in writing, software
18 * distributed under the License is distributed on an "AS IS" BASIS,
19 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
20 * See the License for the specific language governing permissions and
21 * limitations under the License.
23 * Unless otherwise specified, all documentation contained herein is licensed
24 * under the Creative Commons License, Attribution 4.0 Intl. (the "License");
25 * you may not use this documentation except in compliance with the License.
26 * You may obtain a copy of the License at
28 * https://creativecommons.org/licenses/by/4.0/
30 * Unless required by applicable law or agreed to in writing, documentation
31 * distributed under the License is distributed on an "AS IS" BASIS,
32 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
33 * See the License for the specific language governing permissions and
34 * limitations under the License.
36 * ============LICENSE_END============================================
40 package org.onap.portalapp.portal.controller;
42 import java.io.IOException;
43 import java.util.List;
45 import javax.servlet.http.HttpServletRequest;
46 import javax.servlet.http.HttpServletResponse;
48 import org.apache.cxf.common.util.StringUtils;
49 import org.onap.portalapp.controller.EPRestrictedBaseController;
50 import org.onap.portalapp.portal.domain.EPUser;
51 import org.onap.portalapp.portal.logging.aop.EPAuditLog;
52 import org.onap.portalapp.portal.service.AdminRolesService;
53 import org.onap.portalapp.portal.service.PersUserWidgetService;
54 import org.onap.portalapp.portal.service.WidgetService;
55 import org.onap.portalapp.portal.transport.FieldsValidator;
56 import org.onap.portalapp.portal.transport.OnboardingWidget;
57 import org.onap.portalapp.portal.transport.WidgetCatalogPersonalization;
58 import org.onap.portalapp.portal.utils.EcompPortalUtils;
59 import org.onap.portalapp.util.EPUserUtils;
60 import org.onap.portalapp.validation.DataValidator;
61 import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;
62 import org.springframework.beans.factory.annotation.Autowired;
63 import org.springframework.context.annotation.Configuration;
64 import org.springframework.context.annotation.EnableAspectJAutoProxy;
65 import org.springframework.web.bind.annotation.PathVariable;
66 import org.springframework.web.bind.annotation.RequestBody;
67 import org.springframework.web.bind.annotation.GetMapping;
68 import org.springframework.web.bind.annotation.PostMapping;
69 import org.springframework.web.bind.annotation.PutMapping;
70 import org.springframework.web.bind.annotation.DeleteMapping;
71 import org.springframework.web.bind.annotation.RestController;
75 @EnableAspectJAutoProxy
77 public class WidgetsController extends EPRestrictedBaseController {
78 private static final EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(WidgetsController.class);
79 private static final DataValidator dataValidator = new DataValidator();
81 private AdminRolesService adminRolesService;
82 private WidgetService widgetService;
83 private PersUserWidgetService persUserWidgetService;
86 public WidgetsController(AdminRolesService adminRolesService,
87 WidgetService widgetService, PersUserWidgetService persUserWidgetService) {
88 this.adminRolesService = adminRolesService;
89 this.widgetService = widgetService;
90 this.persUserWidgetService = persUserWidgetService;
93 @GetMapping(value = { "/portalApi/widgets" }, produces = "application/json")
94 public List<OnboardingWidget> getOnboardingWidgets(HttpServletRequest request, HttpServletResponse response) {
95 EPUser user = EPUserUtils.getUserSession(request);
96 List<OnboardingWidget> onboardingWidgets = null;
98 if (user == null || user.isGuest()) {
99 EcompPortalUtils.setBadPermissions(user, response, "getOnboardingWidgets");
101 String getType = request.getHeader("X-Widgets-Type");
102 if (!StringUtils.isEmpty(getType) && ("managed".equals(getType) || "all".equals(getType))) {
103 onboardingWidgets = widgetService.getOnboardingWidgets(user, "managed".equals(getType));
105 logger.debug(EELFLoggerDelegate.debugLogger,
106 "WidgetsController.getOnboardingApps - request must contain header 'X-Widgets-Type' with 'all' or 'managed'");
107 response.setStatus(HttpServletResponse.SC_BAD_REQUEST);
111 EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/widgets", "GET result =", response.getStatus());
112 return onboardingWidgets;
115 private boolean userHasPermissions(EPUser user, HttpServletResponse response, String invocator) {
116 if (!adminRolesService.isSuperAdmin(user) && !adminRolesService.isAccountAdmin(user)) {
117 EcompPortalUtils.setBadPermissions(user, response, invocator);
123 // Attention: real json has all OnboardingWidget fields except "id", we use OnboardingWidget for not
124 // to create new class for parsing
125 @PutMapping(value = { "/portalApi/widgets/{widgetId}" },
126 produces = "application/json")
127 public FieldsValidator putOnboardingWidget(HttpServletRequest request, @PathVariable("widgetId") Long widgetId,
128 @RequestBody OnboardingWidget onboardingWidget, HttpServletResponse response) {
129 EPUser user = EPUserUtils.getUserSession(request);
130 FieldsValidator fieldsValidator = null;
131 if (onboardingWidget != null && !dataValidator.isValid(onboardingWidget)) {
132 fieldsValidator = new FieldsValidator();
133 fieldsValidator.setHttpStatusCode((long) HttpServletResponse.SC_NOT_ACCEPTABLE);
134 return fieldsValidator;
137 if (userHasPermissions(user, response, "putOnboardingWidget")) {
138 if (onboardingWidget != null) {
139 onboardingWidget.id = widgetId; // !
140 onboardingWidget.normalize();
143 fieldsValidator = widgetService.setOnboardingWidget(user, onboardingWidget);
144 response.setStatus(fieldsValidator.httpStatusCode.intValue());
146 EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/widgets/" + widgetId, "GET result =",
147 response.getStatus());
149 return fieldsValidator;
152 // Attention: real json has all OnboardingWidget fields except "id", we use OnboardingWidget for not
153 // to create new class for parsing
154 @PostMapping(value = { "/portalApi/widgets" }, produces = "application/json")
155 public FieldsValidator postOnboardingWidget(HttpServletRequest request,
156 @RequestBody OnboardingWidget onboardingWidget, HttpServletResponse response) {
157 EPUser user = EPUserUtils.getUserSession(request);
158 FieldsValidator fieldsValidator = null;
160 if (onboardingWidget != null && !dataValidator.isValid(onboardingWidget)) {
161 fieldsValidator = new FieldsValidator();
162 fieldsValidator.setHttpStatusCode((long) HttpServletResponse.SC_NOT_ACCEPTABLE);
163 return fieldsValidator;
166 if (userHasPermissions(user, response, "postOnboardingWidget")) {
168 if (onboardingWidget != null) {
169 onboardingWidget.id = null; // !
170 onboardingWidget.normalize();
172 fieldsValidator = widgetService.setOnboardingWidget(user, onboardingWidget);
173 response.setStatus(fieldsValidator.httpStatusCode.intValue());
176 EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/widgets", "POST result =", response.getStatus());
177 return fieldsValidator;
180 @DeleteMapping(value = { "/portalApi/widgets/{widgetId}" },
181 produces = "application/json")
182 public FieldsValidator deleteOnboardingWidget(HttpServletRequest request, @PathVariable("widgetId") Long widgetId,
183 HttpServletResponse response) {
184 EPUser user = EPUserUtils.getUserSession(request);
185 FieldsValidator fieldsValidator = null;
187 if (userHasPermissions(user, response, "deleteOnboardingWidget")) {
188 fieldsValidator = widgetService.deleteOnboardingWidget(user, widgetId);
189 response.setStatus(fieldsValidator.httpStatusCode.intValue());
192 EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/widgets/" + widgetId, "DELETE result =",
193 response.getStatus());
194 return fieldsValidator;
198 * service to accept a user's action made on the application catalog.
201 * @param selectRequest JSON with data including application ID
203 * @return FieldsValidator
204 * @throws IOException
206 @PutMapping(value = { "portalApi/widgetCatalogSelection" },
207 produces = "application/json")
208 public FieldsValidator putWidgetCatalogSelection(HttpServletRequest request,
209 @RequestBody WidgetCatalogPersonalization persRequest, HttpServletResponse response) throws IOException {
210 FieldsValidator result = new FieldsValidator();
211 EPUser user = EPUserUtils.getUserSession(request);
213 if (persRequest != null) {
214 if (!dataValidator.isValid(persRequest)) {
215 result.httpStatusCode = (long) HttpServletResponse.SC_NOT_ACCEPTABLE;
221 if (persRequest == null || persRequest.getWidgetId() == null || user == null) {
222 EcompPortalUtils.setBadPermissions(user, response, "putWidgetCatalogSelection");
224 persUserWidgetService.setPersUserAppValue(user, persRequest.getWidgetId(), persRequest.getSelect());
226 } catch (Exception e) {
227 logger.error(EELFLoggerDelegate.errorLogger, "Failed in putAppCatalogSelection", e);
228 response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, e.toString());
230 result.httpStatusCode = (long) HttpServletResponse.SC_OK;