2 * ============LICENSE_START==========================================
4 * ===================================================================
5 * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved.
6 * ===================================================================
7 * Modifications Copyright (c) 2019 Samsung
8 * ===================================================================
10 * Unless otherwise specified, all software contained herein is licensed
11 * under the Apache License, Version 2.0 (the "License");
12 * you may not use this software except in compliance with the License.
13 * You may obtain a copy of the License at
15 * http://www.apache.org/licenses/LICENSE-2.0
17 * Unless required by applicable law or agreed to in writing, software
18 * distributed under the License is distributed on an "AS IS" BASIS,
19 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
20 * See the License for the specific language governing permissions and
21 * limitations under the License.
23 * Unless otherwise specified, all documentation contained herein is licensed
24 * under the Creative Commons License, Attribution 4.0 Intl. (the "License");
25 * you may not use this documentation except in compliance with the License.
26 * You may obtain a copy of the License at
28 * https://creativecommons.org/licenses/by/4.0/
30 * Unless required by applicable law or agreed to in writing, documentation
31 * distributed under the License is distributed on an "AS IS" BASIS,
32 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
33 * See the License for the specific language governing permissions and
34 * limitations under the License.
36 * ============LICENSE_END============================================
41 package org.onap.portal.controller;
43 import java.security.Principal;
44 import java.util.List;
45 import javax.servlet.http.HttpServletRequest;
46 import javax.servlet.http.HttpServletResponse;
47 import org.onap.portal.domain.db.fn.FnUser;
48 import org.onap.portal.domain.dto.transport.FieldsValidator;
49 import org.onap.portal.domain.dto.transport.OnboardingWidget;
50 import org.onap.portal.service.AdminRolesService;
51 import org.onap.portal.service.WidgetService;
52 import org.onap.portal.service.fn.FnUserService;
53 import org.onap.portal.utils.EcompPortalUtils;
54 import org.onap.portal.validation.DataValidator;
55 import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;
56 import org.springframework.beans.factory.annotation.Autowired;
57 import org.springframework.context.annotation.Configuration;
58 import org.springframework.context.annotation.EnableAspectJAutoProxy;
59 import org.springframework.web.bind.annotation.PathVariable;
60 import org.springframework.web.bind.annotation.RequestBody;
61 import org.springframework.web.bind.annotation.RequestMapping;
62 import org.springframework.web.bind.annotation.RequestMethod;
63 import org.springframework.web.bind.annotation.RestController;
67 @EnableAspectJAutoProxy
68 public class WidgetsController {
69 private static final EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(WidgetsController.class);
71 private final FnUserService fnUserService;
72 private final WidgetService widgetService;
73 private final AdminRolesService adminRolesService;
74 private final DataValidator dataValidator;
77 public WidgetsController(FnUserService fnUserService, WidgetService widgetService,
78 AdminRolesService adminRolesService, DataValidator dataValidator) {
79 this.fnUserService = fnUserService;
80 this.widgetService = widgetService;
81 this.adminRolesService = adminRolesService;
82 this.dataValidator = dataValidator;
85 @RequestMapping(value = { "/portalApi/widgets" }, method = RequestMethod.GET, produces = "application/json")
86 public List<OnboardingWidget> getOnboardingWidgets(Principal principal, HttpServletRequest request, HttpServletResponse response) {
87 FnUser user = fnUserService.loadUserByUsername(principal.getName());
88 List<OnboardingWidget> onboardingWidgets = null;
90 if (user == null || user.isGuest()) {
91 EcompPortalUtils.setBadPermissions(user, response, "getOnboardingWidgets");
93 String getType = request.getHeader("X-Widgets-Type");
94 if (!getType.isEmpty() && ("managed".equals(getType) || "all".equals(getType))) {
95 onboardingWidgets = widgetService.getOnboardingWidgets(user, "managed".equals(getType));
97 logger.debug(EELFLoggerDelegate.debugLogger, "WidgetsController.getOnboardingApps - request must contain header 'X-Widgets-Type' with 'all' or 'managed'");
98 response.setStatus(HttpServletResponse.SC_BAD_REQUEST);
102 EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/widgets", "GET result =", response.getStatus());
103 return onboardingWidgets;
106 @RequestMapping(value = { "/portalApi/widgets/{widgetId}" }, method = { RequestMethod.PUT }, produces = "application/json")
107 public FieldsValidator putOnboardingWidget(Principal principal, HttpServletRequest request, @PathVariable("widgetId") Long widgetId,
108 @RequestBody OnboardingWidget onboardingWidget, HttpServletResponse response) {
109 FnUser user = fnUserService.loadUserByUsername(principal.getName());
110 FieldsValidator fieldsValidator = null;
111 if (onboardingWidget!=null){
112 if(!dataValidator.isValid(onboardingWidget)){
113 fieldsValidator = new FieldsValidator();
114 fieldsValidator.setHttpStatusCode((long)HttpServletResponse.SC_NOT_ACCEPTABLE);
115 return fieldsValidator;
119 if (userHasPermissions(user, response, "putOnboardingWidget")) {
120 assert onboardingWidget != null;
121 onboardingWidget.setId(widgetId);
122 onboardingWidget.normalize();
123 fieldsValidator = widgetService.setOnboardingWidget(user, onboardingWidget);
124 response.setStatus(fieldsValidator.getHttpStatusCode().intValue());
126 EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/widgets/" + widgetId, "GET result =", response.getStatus());
128 return fieldsValidator;
131 private boolean userHasPermissions(FnUser user, HttpServletResponse response, String invocator) {
132 if (!adminRolesService.isSuperAdmin(user) && !adminRolesService.isAccountAdmin(user)) {
133 EcompPortalUtils.setBadPermissions(user, response, invocator);