2 * ================================================================================
4 * ================================================================================
5 * Copyright (C) 2017 AT&T Intellectual Property
6 * ================================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ================================================================================
20 package org.openecomp.portalapp.portal.controller;
22 import java.util.List;
24 import javax.servlet.http.HttpServletRequest;
25 import javax.servlet.http.HttpServletResponse;
27 import org.openecomp.portalapp.portal.domain.EPApp;
28 import org.openecomp.portalapp.portal.domain.EPUser;
29 import org.openecomp.portalapp.portal.ecomp.model.PortalRestResponse;
30 import org.openecomp.portalapp.portal.ecomp.model.PortalRestStatusEnum;
31 import org.openecomp.portalapp.portal.logging.aop.EPAuditLog;
32 import org.openecomp.portalapp.portal.service.AdminRolesService;
33 import org.openecomp.portalapp.portal.service.EPAppService;
34 import org.openecomp.portalapp.portal.service.PortalAdminService;
35 import org.openecomp.portalapp.portal.service.UserService;
36 import org.openecomp.portalapp.portal.transport.FieldsValidator;
37 import org.openecomp.portalapp.portal.transport.OnboardingApp;
38 import org.openecomp.portalapp.portal.utils.EcompPortalUtils;
39 import org.openecomp.portalapp.portal.utils.PortalConstants;
40 import org.openecomp.portalsdk.core.logging.logic.EELFLoggerDelegate;
41 import org.springframework.beans.factory.annotation.Autowired;
42 import org.springframework.context.annotation.Configuration;
43 import org.springframework.context.annotation.EnableAspectJAutoProxy;
44 import org.springframework.web.bind.annotation.PathVariable;
45 import org.springframework.web.bind.annotation.RequestBody;
46 import org.springframework.web.bind.annotation.RequestMapping;
47 import org.springframework.web.bind.annotation.RequestMethod;
48 import org.springframework.web.bind.annotation.ResponseBody;
49 import org.springframework.web.bind.annotation.RestController;
51 import io.swagger.annotations.ApiOperation;
54 * Processes requests from external systems (i.e., not the front-end web UI).
55 * First use case is ECOMP Controller, which has to create an admin and onboard
56 * itself upon launch of a fresh Portal.
58 * Listens on the "auxapi" path prefix. Provides alternate implementations of
59 * methods in several existing controllers because an EPUser object is not
60 * available in the session for these requests.
62 * Checks credentials sent via HTTP Basic Authentication. The Portal's basic
63 * HTTP authentication system requires that the user names and endpoints are
64 * registered together.
67 @RequestMapping(PortalConstants.REST_AUX_API)
69 @EnableAspectJAutoProxy
71 public class AppsControllerExternalRequest implements BasicAuthenticationController {
73 private EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(AppsControllerExternalRequest.class);
75 private static final String ONBOARD_APP = "/onboardApp";
77 // Where is this used?
78 public boolean isAuxRESTfulCall() {
83 * For testing whether a user is a superadmin.
86 private AdminRolesService adminRolesService;
89 * For onboarding or updating an app
92 private EPAppService appService;
95 * For promoting a user to Portal admin
98 private PortalAdminService portalAdminService;
101 * For creating a new user
104 private UserService userService;
107 * Creates a new user as a Portal administrator.
111 "loginId" : "abc123",
113 "email":"ecomp@controller"
120 * User details; the email and orgUserId fields are mandatory
122 * HttpServletResponse
123 * @return PortalRestResponse with success or failure
125 @ApiOperation(value = "Creates a new user as a Portal administrator.", response = PortalRestResponse.class)
126 @RequestMapping(value = "/portalAdmin", method = RequestMethod.POST, produces = "application/json")
128 public PortalRestResponse<String> postPortalAdmin(HttpServletRequest request, HttpServletResponse response,
129 @RequestBody EPUser epUser) {
130 EcompPortalUtils.logAndSerializeObject(logger, "postPortalAdmin", "request", epUser);
131 PortalRestResponse<String> portalResponse = new PortalRestResponse<>();
133 // Check mandatory fields.
134 if (epUser.getEmail() == null || epUser.getEmail().trim().length() == 0 //
135 || epUser.getLoginId() == null || epUser.getLoginId().trim().length() == 0 //
136 || epUser.getLoginPwd() == null) {
137 portalResponse.setStatus(PortalRestStatusEnum.ERROR);
138 portalResponse.setMessage("Missing required field: email, loginId, or loginPwd");
139 return portalResponse;
143 // Check for existing user; create if not found.
144 List<EPUser> userList = userService.getUserByUserId(epUser.getOrgUserId());
145 if (userList == null || userList.size() == 0) {
146 // Create user with first, last names etc.; do check for
148 String userCreateResult = userService.saveNewUser(epUser, "Yes");
149 if (!"success".equals(userCreateResult)) {
150 portalResponse.setStatus(PortalRestStatusEnum.ERROR);
151 portalResponse.setMessage(userCreateResult);
152 return portalResponse;
156 // Check for Portal admin status; promote if not.
157 if (adminRolesService.isSuperAdmin(epUser)) {
158 portalResponse.setStatus(PortalRestStatusEnum.OK);
160 FieldsValidator fv = portalAdminService.createPortalAdmin(epUser.getOrgUserId());
161 if (fv.httpStatusCode.intValue() == HttpServletResponse.SC_OK) {
162 portalResponse.setStatus(PortalRestStatusEnum.OK);
164 portalResponse.setStatus(PortalRestStatusEnum.ERROR);
165 portalResponse.setMessage(fv.toString());
168 } catch (Exception ex) {
169 // Uncaught exceptions yield 404 and an empty error page
170 response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
171 portalResponse.setStatus(PortalRestStatusEnum.ERROR);
172 portalResponse.setMessage(ex.toString());
175 EcompPortalUtils.logAndSerializeObject(logger, "postPortalAdmin", "response", portalResponse);
176 return portalResponse;
180 * Gets the specified application that is on-boarded in Portal.
185 * Application ID to get
187 * httpServletResponse
188 * @return OnboardingApp objects
190 @ApiOperation(value = "Gets the specified application that is on-boarded in Portal.", response = OnboardingApp.class)
191 @RequestMapping(value = { ONBOARD_APP + "/{appId}" }, method = RequestMethod.GET, produces = "application/json")
193 public OnboardingApp getOnboardAppExternal(HttpServletRequest request, HttpServletResponse response,
194 @PathVariable("appId") Long appId) {
195 EPApp epApp = appService.getApp(appId);
196 OnboardingApp obApp = new OnboardingApp();
197 appService.createOnboardingFromApp(epApp, obApp);
198 EcompPortalUtils.logAndSerializeObject(logger, "getOnboardAppExternal", "response", obApp);
203 * Adds a new application to Portal. The My Logins App Owner in the request
204 * must be the organization user ID of a person who is a Portal
209 "myLoginsAppOwner" : "abc123",
211 "url": "http://k8s/something",
212 "restUrl" : "http://targeturl.com",
213 "restrictedApp" : true,
222 * httpServletResponse
223 * @param newOnboardApp
224 * Message with details about the app to add
225 * @return PortalRestResponse
227 @ApiOperation(value = "Adds a new application to Portal.", response = PortalRestResponse.class)
228 @RequestMapping(value = { ONBOARD_APP }, method = RequestMethod.POST, produces = "application/json")
230 public PortalRestResponse<String> postOnboardAppExternal(HttpServletRequest request, HttpServletResponse response,
231 @RequestBody OnboardingApp newOnboardApp) {
232 EcompPortalUtils.logAndSerializeObject(logger, "postOnboardAppExternal", "request", newOnboardApp);
233 PortalRestResponse<String> portalResponse = new PortalRestResponse<>();
236 if (newOnboardApp.id != null) {
237 portalResponse.setStatus(PortalRestStatusEnum.ERROR);
238 portalResponse.setMessage("Unexpected field: id");
239 return portalResponse;
241 if (newOnboardApp.name == null || newOnboardApp.name.trim().length() == 0 //
242 || newOnboardApp.url == null || newOnboardApp.url.trim().length() == 0 //
243 || newOnboardApp.restUrl == null || newOnboardApp.restUrl.trim().length() == 0
244 || newOnboardApp.myLoginsAppOwner == null || newOnboardApp.myLoginsAppOwner.trim().length() == 0
245 || newOnboardApp.restrictedApp == null //
246 || newOnboardApp.isOpen == null //
247 || newOnboardApp.isEnabled == null) {
248 portalResponse.setStatus(PortalRestStatusEnum.ERROR);
249 portalResponse.setMessage(
250 "Missing required field: name, url, restUrl, restrictedApp, isOpen, isEnabled, myLoginsAppOwner");
251 return portalResponse;
255 List<EPUser> userList = userService.getUserByUserId(newOnboardApp.myLoginsAppOwner);
256 if (userList == null || userList.size() != 1) {
257 portalResponse.setStatus(PortalRestStatusEnum.ERROR);
258 portalResponse.setMessage("Failed to find user: " + newOnboardApp.myLoginsAppOwner);
259 return portalResponse;
262 EPUser epUser = userList.get(0);
263 // Check for Portal admin status
264 if (! adminRolesService.isSuperAdmin(epUser)) {
265 portalResponse.setStatus(PortalRestStatusEnum.ERROR);
266 portalResponse.setMessage("User lacks Portal admin role: " + epUser.getLoginId());
267 return portalResponse;
270 newOnboardApp.normalize();
271 FieldsValidator fv = appService.addOnboardingApp(newOnboardApp, epUser);
272 if (fv.httpStatusCode.intValue() == HttpServletResponse.SC_OK) {
273 portalResponse.setStatus(PortalRestStatusEnum.OK);
275 portalResponse.setStatus(PortalRestStatusEnum.ERROR);
276 portalResponse.setMessage(fv.toString());
278 } catch (Exception ex) {
279 // Uncaught exceptions yield 404 and an empty error page
280 response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
281 portalResponse.setStatus(PortalRestStatusEnum.ERROR);
282 portalResponse.setMessage(ex.toString());
284 EcompPortalUtils.logAndSerializeObject(logger, "postOnboardAppExternal", "response", portalResponse);
285 return portalResponse;
289 * Updates information about an on-boarded application in Portal. The My
290 * Logins App Owner in the request must be the organization user ID of a
291 * person who is a Portal administrator.
295 "myLoginsAppOwner" : "abc123",
297 "url": "http://k8s/something",
298 "restUrl" : "http://targeturl.com",
299 "restrictedApp" : true,
307 * httpServletResponse
310 * @param oldOnboardApp
311 * Message with details about the app to add
312 * @return PortalRestResponse
314 @ApiOperation(value = "Updates information about an on-boarded application in Portal.", response = PortalRestResponse.class)
315 @RequestMapping(value = { ONBOARD_APP + "/{appId}" }, method = RequestMethod.PUT, produces = "application/json")
317 public PortalRestResponse<String> putOnboardAppExternal(HttpServletRequest request, HttpServletResponse response,
318 @PathVariable("appId") Long appId, @RequestBody OnboardingApp oldOnboardApp) {
319 EcompPortalUtils.logAndSerializeObject(logger, "putOnboardAppExternal", "request", oldOnboardApp);
320 PortalRestResponse<String> portalResponse = new PortalRestResponse<>();
322 if (oldOnboardApp.id == null || !appId.equals(oldOnboardApp.id)) {
323 portalResponse.setStatus(PortalRestStatusEnum.ERROR);
324 portalResponse.setMessage("Unexpected value for field: id");
325 return portalResponse;
327 if (oldOnboardApp.name == null || oldOnboardApp.name.trim().length() == 0 //
328 || oldOnboardApp.url == null || oldOnboardApp.url.trim().length() == 0 //
329 || oldOnboardApp.restUrl == null || oldOnboardApp.restUrl.trim().length() == 0
330 || oldOnboardApp.myLoginsAppOwner == null || oldOnboardApp.myLoginsAppOwner.trim().length() == 0
331 || oldOnboardApp.restrictedApp == null //
332 || oldOnboardApp.isOpen == null //
333 || oldOnboardApp.isEnabled == null) {
334 portalResponse.setStatus(PortalRestStatusEnum.ERROR);
335 portalResponse.setMessage(
336 "Missing required field: name, url, restUrl, restrictedApp, isOpen, isEnabled, myLoginsAppOwner");
337 return portalResponse;
341 List<EPUser> userList = userService.getUserByUserId(oldOnboardApp.myLoginsAppOwner);
342 if (userList == null || userList.size() != 1) {
343 portalResponse.setStatus(PortalRestStatusEnum.ERROR);
344 portalResponse.setMessage("Failed to find user: " + oldOnboardApp.myLoginsAppOwner);
345 return portalResponse;
348 EPUser epUser = userList.get(0);
349 // Check for Portal admin status
350 if (! adminRolesService.isSuperAdmin(epUser)) {
351 portalResponse.setStatus(PortalRestStatusEnum.ERROR);
352 portalResponse.setMessage("User lacks Portal admin role: " + epUser.getLoginId());
353 return portalResponse;
356 oldOnboardApp.normalize();
357 FieldsValidator fv = appService.modifyOnboardingApp(oldOnboardApp, epUser);
358 if (fv.httpStatusCode.intValue() == HttpServletResponse.SC_OK) {
359 portalResponse.setStatus(PortalRestStatusEnum.OK);
361 portalResponse.setStatus(PortalRestStatusEnum.ERROR);
362 portalResponse.setMessage(fv.toString());
364 } catch (Exception ex) {
365 // Uncaught exceptions yield 404 and an empty error page
366 response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
367 portalResponse.setStatus(PortalRestStatusEnum.ERROR);
368 portalResponse.setMessage(ex.toString());
370 EcompPortalUtils.logAndSerializeObject(logger, "putOnboardAppExternal", "response", portalResponse);
371 return portalResponse;