2 * ============LICENSE_START==========================================
4 * ===================================================================
5 * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
6 * ===================================================================
8 * Unless otherwise specified, all software contained herein is licensed
9 * under the Apache License, Version 2.0 (the "License");
10 * you may not use this software except in compliance with the License.
11 * You may obtain a copy of the License at
13 * http://www.apache.org/licenses/LICENSE-2.0
15 * Unless required by applicable law or agreed to in writing, software
16 * distributed under the License is distributed on an "AS IS" BASIS,
17 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
18 * See the License for the specific language governing permissions and
19 * limitations under the License.
21 * Unless otherwise specified, all documentation contained herein is licensed
22 * under the Creative Commons License, Attribution 4.0 Intl. (the "License");
23 * you may not use this documentation except in compliance with the License.
24 * You may obtain a copy of the License at
26 * https://creativecommons.org/licenses/by/4.0/
28 * Unless required by applicable law or agreed to in writing, documentation
29 * distributed under the License is distributed on an "AS IS" BASIS,
30 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
31 * See the License for the specific language governing permissions and
32 * limitations under the License.
34 * ============LICENSE_END============================================
38 package org.onap.portalapp.portal.controller;
40 import java.io.IOException;
41 import java.util.List;
43 import javax.servlet.http.HttpServletRequest;
44 import javax.servlet.http.HttpServletResponse;
46 import org.apache.cxf.common.util.StringUtils;
47 import org.onap.portalapp.controller.EPRestrictedBaseController;
48 import org.onap.portalapp.portal.domain.EPUser;
49 import org.onap.portalapp.portal.logging.aop.EPAuditLog;
50 import org.onap.portalapp.portal.service.AdminRolesService;
51 import org.onap.portalapp.portal.service.PersUserWidgetService;
52 import org.onap.portalapp.portal.service.WidgetService;
53 import org.onap.portalapp.portal.transport.FieldsValidator;
54 import org.onap.portalapp.portal.transport.OnboardingWidget;
55 import org.onap.portalapp.portal.transport.WidgetCatalogPersonalization;
56 import org.onap.portalapp.portal.utils.EcompPortalUtils;
57 import org.onap.portalapp.util.EPUserUtils;
58 import org.onap.portalapp.validation.DataValidator;
59 import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;
60 import org.springframework.beans.factory.annotation.Autowired;
61 import org.springframework.context.annotation.Configuration;
62 import org.springframework.context.annotation.EnableAspectJAutoProxy;
63 import org.springframework.web.bind.annotation.PathVariable;
64 import org.springframework.web.bind.annotation.RequestBody;
65 import org.springframework.web.bind.annotation.RequestMapping;
66 import org.springframework.web.bind.annotation.RequestMethod;
67 import org.springframework.web.bind.annotation.RestController;
71 @EnableAspectJAutoProxy
73 public class WidgetsController extends EPRestrictedBaseController {
74 private static final EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(WidgetsController.class);
75 private static final DataValidator dataValidator = new DataValidator();
77 private AdminRolesService adminRolesService;
78 private WidgetService widgetService;
79 private PersUserWidgetService persUserWidgetService;
82 public WidgetsController(AdminRolesService adminRolesService,
83 WidgetService widgetService, PersUserWidgetService persUserWidgetService) {
84 this.adminRolesService = adminRolesService;
85 this.widgetService = widgetService;
86 this.persUserWidgetService = persUserWidgetService;
89 @RequestMapping(value = { "/portalApi/widgets" }, method = RequestMethod.GET, produces = "application/json")
90 public List<OnboardingWidget> getOnboardingWidgets(HttpServletRequest request, HttpServletResponse response) {
91 EPUser user = EPUserUtils.getUserSession(request);
92 List<OnboardingWidget> onboardingWidgets = null;
94 if (user == null || user.isGuest()) {
95 EcompPortalUtils.setBadPermissions(user, response, "getOnboardingWidgets");
97 String getType = request.getHeader("X-Widgets-Type");
98 if (!StringUtils.isEmpty(getType) && ("managed".equals(getType) || "all".equals(getType))) {
99 onboardingWidgets = widgetService.getOnboardingWidgets(user, "managed".equals(getType));
101 logger.debug(EELFLoggerDelegate.debugLogger,
102 "WidgetsController.getOnboardingApps - request must contain header 'X-Widgets-Type' with 'all' or 'managed'");
103 response.setStatus(HttpServletResponse.SC_BAD_REQUEST);
107 EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/widgets", "GET result =", response.getStatus());
108 return onboardingWidgets;
111 private boolean userHasPermissions(EPUser user, HttpServletResponse response, String invocator) {
112 if (!adminRolesService.isSuperAdmin(user) && !adminRolesService.isAccountAdmin(user)) {
113 EcompPortalUtils.setBadPermissions(user, response, invocator);
119 // Attention: real json has all OnboardingWidget fields except "id", we use OnboardingWidget for not
120 // to create new class for parsing
121 @RequestMapping(value = { "/portalApi/widgets/{widgetId}" }, method = { RequestMethod.PUT },
122 produces = "application/json")
123 public FieldsValidator putOnboardingWidget(HttpServletRequest request, @PathVariable("widgetId") Long widgetId,
124 @RequestBody OnboardingWidget onboardingWidget, HttpServletResponse response) {
125 EPUser user = EPUserUtils.getUserSession(request);
126 FieldsValidator fieldsValidator = null;
127 if (onboardingWidget != null && !dataValidator.isValid(onboardingWidget)) {
128 fieldsValidator = new FieldsValidator();
129 fieldsValidator.setHttpStatusCode((long) HttpServletResponse.SC_NOT_ACCEPTABLE);
130 return fieldsValidator;
133 if (userHasPermissions(user, response, "putOnboardingWidget")) {
134 if (onboardingWidget != null) {
135 onboardingWidget.id = widgetId; // !
136 onboardingWidget.normalize();
139 fieldsValidator = widgetService.setOnboardingWidget(user, onboardingWidget);
140 response.setStatus(fieldsValidator.httpStatusCode.intValue());
142 EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/widgets/" + widgetId, "GET result =",
143 response.getStatus());
145 return fieldsValidator;
148 // Attention: real json has all OnboardingWidget fields except "id", we use OnboardingWidget for not
149 // to create new class for parsing
150 @RequestMapping(value = { "/portalApi/widgets" }, method = { RequestMethod.POST }, produces = "application/json")
151 public FieldsValidator postOnboardingWidget(HttpServletRequest request,
152 @RequestBody OnboardingWidget onboardingWidget, HttpServletResponse response) {
153 EPUser user = EPUserUtils.getUserSession(request);
154 FieldsValidator fieldsValidator = null;
156 if (onboardingWidget != null && !dataValidator.isValid(onboardingWidget)) {
157 fieldsValidator = new FieldsValidator();
158 fieldsValidator.setHttpStatusCode((long) HttpServletResponse.SC_NOT_ACCEPTABLE);
159 return fieldsValidator;
162 if (userHasPermissions(user, response, "postOnboardingWidget")) {
164 if (onboardingWidget != null) {
165 onboardingWidget.id = null; // !
166 onboardingWidget.normalize();
168 fieldsValidator = widgetService.setOnboardingWidget(user, onboardingWidget);
169 response.setStatus(fieldsValidator.httpStatusCode.intValue());
172 EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/widgets", "POST result =", response.getStatus());
173 return fieldsValidator;
176 @RequestMapping(value = { "/portalApi/widgets/{widgetId}" }, method = { RequestMethod.DELETE },
177 produces = "application/json")
178 public FieldsValidator deleteOnboardingWidget(HttpServletRequest request, @PathVariable("widgetId") Long widgetId,
179 HttpServletResponse response) {
180 EPUser user = EPUserUtils.getUserSession(request);
181 FieldsValidator fieldsValidator = null;
183 if (userHasPermissions(user, response, "deleteOnboardingWidget")) {
184 fieldsValidator = widgetService.deleteOnboardingWidget(user, widgetId);
185 response.setStatus(fieldsValidator.httpStatusCode.intValue());
188 EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/widgets/" + widgetId, "DELETE result =",
189 response.getStatus());
190 return fieldsValidator;
194 * service to accept a user's action made on the application catalog.
197 * @param selectRequest JSON with data including application ID
199 * @return FieldsValidator
200 * @throws IOException
202 @RequestMapping(value = { "portalApi/widgetCatalogSelection" }, method = RequestMethod.PUT,
203 produces = "application/json")
204 public FieldsValidator putWidgetCatalogSelection(HttpServletRequest request,
205 @RequestBody WidgetCatalogPersonalization persRequest, HttpServletResponse response) throws IOException {
206 FieldsValidator result = new FieldsValidator();
207 EPUser user = EPUserUtils.getUserSession(request);
209 if (persRequest != null) {
210 if (!dataValidator.isValid(persRequest)) {
211 result.httpStatusCode = (long) HttpServletResponse.SC_NOT_ACCEPTABLE;
217 if (persRequest == null || persRequest.getWidgetId() == null || user == null) {
218 EcompPortalUtils.setBadPermissions(user, response, "putWidgetCatalogSelection");
220 persUserWidgetService.setPersUserAppValue(user, persRequest.getWidgetId(), persRequest.getSelect());
222 } catch (Exception e) {
223 logger.error(EELFLoggerDelegate.errorLogger, "Failed in putAppCatalogSelection", e);
224 response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, e.toString());
226 result.httpStatusCode = (long) HttpServletResponse.SC_OK;