2 * ============LICENSE_START==========================================
4 * ===================================================================
5 * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
6 * ===================================================================
7 * Modifications Copyright (c) 2020 IBM
8 * ===================================================================
10 * Unless otherwise specified, all software contained herein is licensed
11 * under the Apache License, Version 2.0 (the "License");
12 * you may not use this software except in compliance with the License.
13 * You may obtain a copy of the License at
15 * http://www.apache.org/licenses/LICENSE-2.0
17 * Unless required by applicable law or agreed to in writing, software
18 * distributed under the License is distributed on an "AS IS" BASIS,
19 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
20 * See the License for the specific language governing permissions and
21 * limitations under the License.
23 * Unless otherwise specified, all documentation contained herein is licensed
24 * under the Creative Commons License, Attribution 4.0 Intl. (the "License");
25 * you may not use this documentation except in compliance with the License.
26 * You may obtain a copy of the License at
28 * https://creativecommons.org/licenses/by/4.0/
30 * Unless required by applicable law or agreed to in writing, documentation
31 * distributed under the License is distributed on an "AS IS" BASIS,
32 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
33 * See the License for the specific language governing permissions and
34 * limitations under the License.
36 * ============LICENSE_END============================================
40 package org.onap.portalapp.portal.controller;
42 import java.io.IOException;
43 import java.util.List;
45 import javax.servlet.http.HttpServletRequest;
46 import javax.servlet.http.HttpServletResponse;
48 import org.apache.cxf.common.util.StringUtils;
49 import org.onap.portalapp.controller.EPRestrictedBaseController;
50 import org.onap.portalapp.portal.domain.EPUser;
51 import org.onap.portalapp.portal.logging.aop.EPAuditLog;
52 import org.onap.portalapp.portal.service.AdminRolesService;
53 import org.onap.portalapp.portal.service.PersUserWidgetService;
54 import org.onap.portalapp.portal.service.WidgetService;
55 import org.onap.portalapp.portal.transport.FieldsValidator;
56 import org.onap.portalapp.portal.transport.OnboardingWidget;
57 import org.onap.portalapp.portal.transport.WidgetCatalogPersonalization;
58 import org.onap.portalapp.portal.utils.EcompPortalUtils;
59 import org.onap.portalapp.util.EPUserUtils;
60 import org.onap.portalapp.validation.DataValidator;
61 import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;
62 import org.springframework.beans.factory.annotation.Autowired;
63 import org.springframework.context.annotation.Configuration;
64 import org.springframework.context.annotation.EnableAspectJAutoProxy;
65 import org.springframework.web.bind.annotation.PathVariable;
66 import org.springframework.web.bind.annotation.RequestBody;
67 import org.springframework.web.bind.annotation.RequestMapping;
68 import org.springframework.web.bind.annotation.GetMapping;
69 import org.springframework.web.bind.annotation.PostMapping;
70 import org.springframework.web.bind.annotation.PutMapping;
71 import org.springframework.web.bind.annotation.DeleteMapping;
72 import org.springframework.web.bind.annotation.RequestMethod;
73 import org.springframework.web.bind.annotation.RestController;
77 @EnableAspectJAutoProxy
79 public class WidgetsController extends EPRestrictedBaseController {
80 private static final EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(WidgetsController.class);
81 private static final DataValidator dataValidator = new DataValidator();
83 private AdminRolesService adminRolesService;
84 private WidgetService widgetService;
85 private PersUserWidgetService persUserWidgetService;
88 public WidgetsController(AdminRolesService adminRolesService,
89 WidgetService widgetService, PersUserWidgetService persUserWidgetService) {
90 this.adminRolesService = adminRolesService;
91 this.widgetService = widgetService;
92 this.persUserWidgetService = persUserWidgetService;
95 @GetMapping(value = { "/portalApi/widgets" }, produces = "application/json")
96 public List<OnboardingWidget> getOnboardingWidgets(HttpServletRequest request, HttpServletResponse response) {
97 EPUser user = EPUserUtils.getUserSession(request);
98 List<OnboardingWidget> onboardingWidgets = null;
100 if (user == null || user.isGuest()) {
101 EcompPortalUtils.setBadPermissions(user, response, "getOnboardingWidgets");
103 String getType = request.getHeader("X-Widgets-Type");
104 if (!StringUtils.isEmpty(getType) && ("managed".equals(getType) || "all".equals(getType))) {
105 onboardingWidgets = widgetService.getOnboardingWidgets(user, "managed".equals(getType));
107 logger.debug(EELFLoggerDelegate.debugLogger,
108 "WidgetsController.getOnboardingApps - request must contain header 'X-Widgets-Type' with 'all' or 'managed'");
109 response.setStatus(HttpServletResponse.SC_BAD_REQUEST);
113 EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/widgets", "GET result =", response.getStatus());
114 return onboardingWidgets;
117 private boolean userHasPermissions(EPUser user, HttpServletResponse response, String invocator) {
118 if (!adminRolesService.isSuperAdmin(user) && !adminRolesService.isAccountAdmin(user)) {
119 EcompPortalUtils.setBadPermissions(user, response, invocator);
125 // Attention: real json has all OnboardingWidget fields except "id", we use OnboardingWidget for not
126 // to create new class for parsing
127 @PutMapping(value = { "/portalApi/widgets/{widgetId}" },
128 produces = "application/json")
129 public FieldsValidator putOnboardingWidget(HttpServletRequest request, @PathVariable("widgetId") Long widgetId,
130 @RequestBody OnboardingWidget onboardingWidget, HttpServletResponse response) {
131 EPUser user = EPUserUtils.getUserSession(request);
132 FieldsValidator fieldsValidator = null;
133 if (onboardingWidget != null && !dataValidator.isValid(onboardingWidget)) {
134 fieldsValidator = new FieldsValidator();
135 fieldsValidator.setHttpStatusCode((long) HttpServletResponse.SC_NOT_ACCEPTABLE);
136 return fieldsValidator;
139 if (userHasPermissions(user, response, "putOnboardingWidget")) {
140 if (onboardingWidget != null) {
141 onboardingWidget.id = widgetId; // !
142 onboardingWidget.normalize();
145 fieldsValidator = widgetService.setOnboardingWidget(user, onboardingWidget);
146 response.setStatus(fieldsValidator.httpStatusCode.intValue());
148 EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/widgets/" + widgetId, "GET result =",
149 response.getStatus());
151 return fieldsValidator;
154 // Attention: real json has all OnboardingWidget fields except "id", we use OnboardingWidget for not
155 // to create new class for parsing
156 @PostMapping(value = { "/portalApi/widgets" }, produces = "application/json")
157 public FieldsValidator postOnboardingWidget(HttpServletRequest request,
158 @RequestBody OnboardingWidget onboardingWidget, HttpServletResponse response) {
159 EPUser user = EPUserUtils.getUserSession(request);
160 FieldsValidator fieldsValidator = null;
162 if (onboardingWidget != null && !dataValidator.isValid(onboardingWidget)) {
163 fieldsValidator = new FieldsValidator();
164 fieldsValidator.setHttpStatusCode((long) HttpServletResponse.SC_NOT_ACCEPTABLE);
165 return fieldsValidator;
168 if (userHasPermissions(user, response, "postOnboardingWidget")) {
170 if (onboardingWidget != null) {
171 onboardingWidget.id = null; // !
172 onboardingWidget.normalize();
174 fieldsValidator = widgetService.setOnboardingWidget(user, onboardingWidget);
175 response.setStatus(fieldsValidator.httpStatusCode.intValue());
178 EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/widgets", "POST result =", response.getStatus());
179 return fieldsValidator;
182 @DeleteMapping(value = { "/portalApi/widgets/{widgetId}" },
183 produces = "application/json")
184 public FieldsValidator deleteOnboardingWidget(HttpServletRequest request, @PathVariable("widgetId") Long widgetId,
185 HttpServletResponse response) {
186 EPUser user = EPUserUtils.getUserSession(request);
187 FieldsValidator fieldsValidator = null;
189 if (userHasPermissions(user, response, "deleteOnboardingWidget")) {
190 fieldsValidator = widgetService.deleteOnboardingWidget(user, widgetId);
191 response.setStatus(fieldsValidator.httpStatusCode.intValue());
194 EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/widgets/" + widgetId, "DELETE result =",
195 response.getStatus());
196 return fieldsValidator;
200 * service to accept a user's action made on the application catalog.
203 * @param selectRequest JSON with data including application ID
205 * @return FieldsValidator
206 * @throws IOException
208 @PutMapping(value = { "portalApi/widgetCatalogSelection" },
209 produces = "application/json")
210 public FieldsValidator putWidgetCatalogSelection(HttpServletRequest request,
211 @RequestBody WidgetCatalogPersonalization persRequest, HttpServletResponse response) throws IOException {
212 FieldsValidator result = new FieldsValidator();
213 EPUser user = EPUserUtils.getUserSession(request);
215 if (persRequest != null) {
216 if (!dataValidator.isValid(persRequest)) {
217 result.httpStatusCode = (long) HttpServletResponse.SC_NOT_ACCEPTABLE;
223 if (persRequest == null || persRequest.getWidgetId() == null || user == null) {
224 EcompPortalUtils.setBadPermissions(user, response, "putWidgetCatalogSelection");
226 persUserWidgetService.setPersUserAppValue(user, persRequest.getWidgetId(), persRequest.getSelect());
228 } catch (Exception e) {
229 logger.error(EELFLoggerDelegate.errorLogger, "Failed in putAppCatalogSelection", e);
230 response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, e.toString());
232 result.httpStatusCode = (long) HttpServletResponse.SC_OK;