2 * ============LICENSE_START==========================================
4 * ===================================================================
5 * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
6 * ===================================================================
8 * Unless otherwise specified, all software contained herein is licensed
9 * under the Apache License, Version 2.0 (the "License");
10 * you may not use this software except in compliance with the License.
11 * You may obtain a copy of the License at
13 * http://www.apache.org/licenses/LICENSE-2.0
15 * Unless required by applicable law or agreed to in writing, software
16 * distributed under the License is distributed on an "AS IS" BASIS,
17 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
18 * See the License for the specific language governing permissions and
19 * limitations under the License.
21 * Unless otherwise specified, all documentation contained herein is licensed
22 * under the Creative Commons License, Attribution 4.0 Intl. (the "License");
23 * you may not use this documentation except in compliance with the License.
24 * You may obtain a copy of the License at
26 * https://creativecommons.org/licenses/by/4.0/
28 * Unless required by applicable law or agreed to in writing, documentation
29 * distributed under the License is distributed on an "AS IS" BASIS,
30 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
31 * See the License for the specific language governing permissions and
32 * limitations under the License.
34 * ============LICENSE_END============================================
38 package org.onap.portalapp.portal.controller;
40 import java.io.IOException;
41 import java.util.List;
43 import javax.servlet.http.HttpServletRequest;
44 import javax.servlet.http.HttpServletResponse;
46 import org.apache.cxf.common.util.StringUtils;
47 import org.onap.portalapp.controller.EPRestrictedBaseController;
48 import org.onap.portalapp.portal.domain.EPUser;
49 import org.onap.portalapp.portal.logging.aop.EPAuditLog;
50 import org.onap.portalapp.portal.service.AdminRolesService;
51 import org.onap.portalapp.portal.service.PersUserWidgetService;
52 import org.onap.portalapp.portal.service.WidgetService;
53 import org.onap.portalapp.portal.transport.FieldsValidator;
54 import org.onap.portalapp.portal.transport.OnboardingWidget;
55 import org.onap.portalapp.portal.transport.WidgetCatalogPersonalization;
56 import org.onap.portalapp.portal.utils.EcompPortalUtils;
57 import org.onap.portalapp.util.EPUserUtils;
58 import org.onap.portalapp.validation.DataValidator;
59 import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;
60 import org.springframework.beans.factory.annotation.Autowired;
61 import org.springframework.context.annotation.Configuration;
62 import org.springframework.context.annotation.EnableAspectJAutoProxy;
63 import org.springframework.web.bind.annotation.PathVariable;
64 import org.springframework.web.bind.annotation.RequestBody;
65 import org.springframework.web.bind.annotation.RequestMapping;
66 import org.springframework.web.bind.annotation.RequestMethod;
67 import org.springframework.web.bind.annotation.RestController;
71 @EnableAspectJAutoProxy
73 public class WidgetsController extends EPRestrictedBaseController {
74 private static final EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(WidgetsController.class);
75 private static final DataValidator dataValidator = new DataValidator();
77 private AdminRolesService adminRolesService;
78 private WidgetService widgetService;
79 private PersUserWidgetService persUserWidgetService;
82 public WidgetsController(AdminRolesService adminRolesService,
83 WidgetService widgetService, PersUserWidgetService persUserWidgetService) {
84 this.adminRolesService = adminRolesService;
85 this.widgetService = widgetService;
86 this.persUserWidgetService = persUserWidgetService;
89 @RequestMapping(value = { "/portalApi/widgets" }, method = RequestMethod.GET, produces = "application/json")
90 public List<OnboardingWidget> getOnboardingWidgets(HttpServletRequest request, HttpServletResponse response) {
91 EPUser user = EPUserUtils.getUserSession(request);
92 List<OnboardingWidget> onboardingWidgets = null;
94 if (user == null || user.isGuest()) {
95 EcompPortalUtils.setBadPermissions(user, response, "getOnboardingWidgets");
97 String getType = request.getHeader("X-Widgets-Type");
98 if (!StringUtils.isEmpty(getType) && ("managed".equals(getType) || "all".equals(getType))) {
99 onboardingWidgets = widgetService.getOnboardingWidgets(user, "managed".equals(getType));
101 logger.debug(EELFLoggerDelegate.debugLogger, "WidgetsController.getOnboardingApps - request must contain header 'X-Widgets-Type' with 'all' or 'managed'");
102 response.setStatus(HttpServletResponse.SC_BAD_REQUEST);
106 EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/widgets", "GET result =", response.getStatus());
107 return onboardingWidgets;
110 private boolean userHasPermissions(EPUser user, HttpServletResponse response, String invocator) {
111 if (!adminRolesService.isSuperAdmin(user) && !adminRolesService.isAccountAdmin(user)) {
112 EcompPortalUtils.setBadPermissions(user, response, invocator);
118 // Attention: real json has all OnboardingWidget fields except "id", we use OnboardingWidget for not to create new class for parsing
119 @RequestMapping(value = { "/portalApi/widgets/{widgetId}" }, method = { RequestMethod.PUT }, produces = "application/json")
120 public FieldsValidator putOnboardingWidget(HttpServletRequest request, @PathVariable("widgetId") Long widgetId,
121 @RequestBody OnboardingWidget onboardingWidget, HttpServletResponse response) {
122 EPUser user = EPUserUtils.getUserSession(request);
123 FieldsValidator fieldsValidator = null;
124 if (onboardingWidget!=null){
125 if(!dataValidator.isValid(onboardingWidget)){
126 fieldsValidator = new FieldsValidator();
127 fieldsValidator.setHttpStatusCode((long)HttpServletResponse.SC_NOT_ACCEPTABLE);
128 return fieldsValidator;
132 if (userHasPermissions(user, response, "putOnboardingWidget")) {
133 onboardingWidget.id = widgetId; // !
134 onboardingWidget.normalize();
135 fieldsValidator = widgetService.setOnboardingWidget(user, onboardingWidget);
136 response.setStatus(fieldsValidator.httpStatusCode.intValue());
138 EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/widgets/" + widgetId, "GET result =", response.getStatus());
140 return fieldsValidator;
143 // Attention: real json has all OnboardingWidget fields except "id", we use OnboardingWidget for not to create new class for parsing
144 @RequestMapping(value = { "/portalApi/widgets" }, method = { RequestMethod.POST }, produces = "application/json")
145 public FieldsValidator postOnboardingWidget(HttpServletRequest request, @RequestBody OnboardingWidget onboardingWidget, HttpServletResponse response) {
146 EPUser user = EPUserUtils.getUserSession(request);
147 FieldsValidator fieldsValidator = null;
149 if (onboardingWidget!=null){
150 if(!dataValidator.isValid(onboardingWidget)){
151 fieldsValidator = new FieldsValidator();
152 fieldsValidator.setHttpStatusCode((long)HttpServletResponse.SC_NOT_ACCEPTABLE);
153 return fieldsValidator;
157 if (userHasPermissions(user, response, "postOnboardingWidget")) {
158 onboardingWidget.id = null; // !
159 onboardingWidget.normalize();
160 fieldsValidator = widgetService.setOnboardingWidget(user, onboardingWidget);
161 response.setStatus(fieldsValidator.httpStatusCode.intValue());
164 EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/widgets", "POST result =", response.getStatus());
165 return fieldsValidator;
168 @RequestMapping(value = { "/portalApi/widgets/{widgetId}" }, method = { RequestMethod.DELETE }, produces = "application/json")
169 public FieldsValidator deleteOnboardingWidget(HttpServletRequest request, @PathVariable("widgetId") Long widgetId, HttpServletResponse response) {
170 EPUser user = EPUserUtils.getUserSession(request);
171 FieldsValidator fieldsValidator = null;
173 if (userHasPermissions(user, response, "deleteOnboardingWidget")) {
174 fieldsValidator = widgetService.deleteOnboardingWidget(user, widgetId);
175 response.setStatus(fieldsValidator.httpStatusCode.intValue());
178 EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/widgets/" + widgetId, "DELETE result =", response.getStatus());
179 return fieldsValidator;
183 * service to accept a user's action made on the application
187 * @param selectRequest
188 * JSON with data including application ID
190 * @return FieldsValidator
191 * @throws IOException
193 @RequestMapping(value = { "portalApi/widgetCatalogSelection" }, method = RequestMethod.PUT, produces = "application/json")
194 public FieldsValidator putWidgetCatalogSelection(HttpServletRequest request,
195 @RequestBody WidgetCatalogPersonalization persRequest, HttpServletResponse response) throws IOException {
196 FieldsValidator result = new FieldsValidator();
197 EPUser user = EPUserUtils.getUserSession(request);
199 if (persRequest!=null){
200 if(!dataValidator.isValid(persRequest)){
201 result.httpStatusCode = (long)HttpServletResponse.SC_NOT_ACCEPTABLE;
208 if (persRequest.getWidgetId() == null || user == null) {
209 EcompPortalUtils.setBadPermissions(user, response, "putWidgetCatalogSelection");
211 persUserWidgetService.setPersUserAppValue(user, persRequest.getWidgetId(), persRequest.getSelect());
213 } catch (Exception e) {
214 logger.error(EELFLoggerDelegate.errorLogger, "Failed in putAppCatalogSelection", e);
215 response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, e.toString());
217 result.httpStatusCode = (long) HttpServletResponse.SC_OK;