gerrit.onap Code Review - portal.git/blob

   1 /*-
   2  * ================================================================================
   3  * ECOMP Portal
   4  * ================================================================================
   5  * Copyright (C) 2017 AT&T Intellectual Property
   6  * ================================================================================
   7  * Licensed under the Apache License, Version 2.0 (the "License");
   8  * you may not use this file except in compliance with the License.
   9  * You may obtain a copy of the License at
  10  *
  11  *      http://www.apache.org/licenses/LICENSE-2.0
  12  *
  13  * Unless required by applicable law or agreed to in writing, software
  14  * distributed under the License is distributed on an "AS IS" BASIS,
  15  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  16  * See the License for the specific language governing permissions and
  17  * limitations under the License.
  18  * ================================================================================
  19  */
  20 package org.openecomp.portalapp.portal.controller;
  21
  22 import java.util.List;
  23
  24 import javax.servlet.http.HttpServletRequest;
  25 import javax.servlet.http.HttpServletResponse;
  26
  27 import org.slf4j.MDC;
  28 import org.springframework.beans.factory.annotation.Autowired;
  29 import org.springframework.context.annotation.EnableAspectJAutoProxy;
  30 import org.springframework.web.bind.annotation.PathVariable;
  31 import org.springframework.web.bind.annotation.RequestBody;
  32 import org.springframework.web.bind.annotation.RequestMapping;
  33 import org.springframework.web.bind.annotation.RequestMethod;
  34 import org.springframework.web.bind.annotation.RestController;
  35
  36 import org.openecomp.portalsdk.core.domain.AuditLog;
  37 import org.openecomp.portalsdk.core.logging.logic.EELFLoggerDelegate;
  38 import org.openecomp.portalsdk.core.service.AuditService;
  39 import org.openecomp.portalsdk.core.util.SystemProperties;
  40 import org.openecomp.portalapp.controller.EPRestrictedBaseController;
  41 import org.openecomp.portalapp.portal.domain.EPRole;
  42 import org.openecomp.portalapp.portal.domain.EPUser;
  43 import org.openecomp.portalapp.portal.domain.EcompAuditLog;
  44 import org.openecomp.portalapp.portal.logging.aop.EPAuditLog;
  45 import org.openecomp.portalapp.portal.logging.aop.EPEELFLoggerAdvice;
  46 import org.openecomp.portalapp.portal.logging.logic.EPLogUtil;
  47 import org.openecomp.portalapp.portal.service.AdminRolesService;
  48 import org.openecomp.portalapp.portal.service.PortalAdminService;
  49 import org.openecomp.portalapp.portal.transport.FieldsValidator;
  50 import org.openecomp.portalapp.portal.transport.PortalAdmin;
  51 import org.openecomp.portalapp.portal.utils.EPCommonSystemProperties;
  52 import org.openecomp.portalapp.portal.utils.EcompPortalUtils;
  53 import org.openecomp.portalapp.util.EPUserUtils;
  54
  55 @RestController
  56 @org.springframework.context.annotation.Configuration
  57 @EnableAspectJAutoProxy
  58 @EPAuditLog
  59 public class PortalAdminController extends EPRestrictedBaseController {
  60         @Autowired
  61         PortalAdminService portalAdminService;
  62         @Autowired
  63         AdminRolesService adminRolesService;
  64         @Autowired
  65         AuditService auditService;
  66
  67         EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(PortalAdminController.class);
  68
  69         @RequestMapping(value = { "/portalApi/portalAdmins" }, method = RequestMethod.GET, produces = "application/json")
  70         public List<PortalAdmin> getPortalAdmins(HttpServletRequest request, HttpServletResponse response) {
  71                 EPUser user = EPUserUtils.getUserSession(request);
  72                 List<PortalAdmin> portalAdmins = null;
  73                 if (user == null) {
  74                         logger.debug(EELFLoggerDelegate.debugLogger, "PortalAdminController.getPortalAdmins, null user");
  75                         EcompPortalUtils.setBadPermissions(user, response, "getPortalAdmins");
  76                 } else if (!adminRolesService.isSuperAdmin(user)) {
  77                         logger.debug(EELFLoggerDelegate.debugLogger, "PortalAdminController.getPortalAdmins, bad permissions");
  78                         EcompPortalUtils.setBadPermissions(user, response, "createPortalAdmin");
  79                 } else {
  80                         // return the list of portal admins
  81                         portalAdmins = portalAdminService.getPortalAdmins();
  82                         logger.debug(EELFLoggerDelegate.debugLogger, "portalAdmins: called getPortalAdmins()");
  83                         EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/getPortalAdmins", "result =", portalAdmins);
  84                 }
  85
  86                 return portalAdmins;
  87         }
  88
  89         /**
  90          * RESTful service method to create a new portal admin. Requirement: you
  91          * must be the Ecomp portal super admin user.
  92          */
  93
  94         @RequestMapping(value = { "/portalApi/portalAdmin" }, method = RequestMethod.POST)
  95         public FieldsValidator createPortalAdmin(HttpServletRequest request, @RequestBody String userId,
  96                         HttpServletResponse response) {
  97                 EPUser user = EPUserUtils.getUserSession(request);
  98                 FieldsValidator fieldsValidator = null;
  99                 if (user == null) {
 100                         logger.debug(EELFLoggerDelegate.debugLogger, "PortalAdminController.createPortalAdmin, null user");
 101                         EcompPortalUtils.setBadPermissions(user, response, "createPortalAdmin");
 102                 } else if (!adminRolesService.isSuperAdmin(user)) {
 103                         logger.debug(EELFLoggerDelegate.debugLogger, "PortalAdminController.createPortalAdmin bad permissions");
 104                         EcompPortalUtils.setBadPermissions(user, response, "createPortalAdmin");
 105                 } else {
 106                         fieldsValidator = portalAdminService.createPortalAdmin(userId);
 107                         int statusCode = fieldsValidator.httpStatusCode.intValue();
 108                         response.setStatus(statusCode);
 109                         if (statusCode == 200) {
 110                                 AuditLog auditLog = new AuditLog();
 111                                 auditLog.setUserId(user.getId());
 112                                 auditLog.setActivityCode(EcompAuditLog.CD_ACTIVITY_ADD_PORTAL_ADMIN);
 113                                 auditLog.setAffectedRecordId(userId);
 114                                 auditService.logActivity(auditLog, null);
 115
 116                                 MDC.put(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP, EPEELFLoggerAdvice.getCurrentDateTimeUTC());
 117                                 MDC.put(EPCommonSystemProperties.AUDITLOG_END_TIMESTAMP, EPEELFLoggerAdvice.getCurrentDateTimeUTC());
 118                                 EcompPortalUtils.calculateDateTimeDifferenceForLog(
 119                                                 MDC.get(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP),
 120                                                 MDC.get(EPCommonSystemProperties.AUDITLOG_END_TIMESTAMP));
 121                                 logger.info(EELFLoggerDelegate.auditLogger,
 122                                                 EPLogUtil.formatAuditLogMessage("PortalAdminController.createPortalAdmin",
 123                                                                 EcompAuditLog.CD_ACTIVITY_ADD_PORTAL_ADMIN, user.getOrgUserId(), userId,
 124                                                                 "A new Portal Admin has been added"));
 125                                 MDC.remove(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP);
 126                                 MDC.remove(EPCommonSystemProperties.AUDITLOG_END_TIMESTAMP);
 127                                 MDC.remove(SystemProperties.MDC_TIMER);
 128                         }
 129                 }
 130                 EcompPortalUtils.logAndSerializeObject(logger, "/portalAdmin", "POST result =", response.getStatus());
 131
 132                 return fieldsValidator;
 133         }
 134
 135         @RequestMapping(value = { "/portalApi/portalAdmin/{userInfo}" }, method = RequestMethod.DELETE)
 136         public FieldsValidator deletePortalAdmin(HttpServletRequest request, @PathVariable("userInfo") String userInfo,
 137                         HttpServletResponse response) {
 138                 int userIdIdx = userInfo.indexOf("-");
 139                 Long userId = null;
 140                 String sbcid = null;
 141                 FieldsValidator fieldsValidator = null;
 142                 try {
 143                         if (userIdIdx == -1) {
 144                                 logger.error(EELFLoggerDelegate.errorLogger, "deletePortalAdmin missing userId");
 145                                 return fieldsValidator;
 146                         } else {
 147                                 String userIdStr = userInfo.substring(0, userIdIdx);
 148                                 userId = Long.valueOf(userIdStr);
 149                                 sbcid = userInfo.substring(userIdIdx + 1, userInfo.length());
 150                         }
 151                 } catch (Exception e) {
 152                         logger.error(EELFLoggerDelegate.errorLogger, "deletePortalAdmin error while parsing the userInfo", e);
 153                 }
 154                 EPUser user = EPUserUtils.getUserSession(request);
 155                 if (!adminRolesService.isSuperAdmin(user)) {
 156                         EcompPortalUtils.setBadPermissions(user, response, "deletePortalAdmin");
 157                 } else {
 158                         fieldsValidator = portalAdminService.deletePortalAdmin(userId);
 159                         int statusCode = fieldsValidator.httpStatusCode.intValue();
 160                         response.setStatus(statusCode);
 161                         if (statusCode == 200) {
 162                                 AuditLog auditLog = new AuditLog();
 163                                 auditLog.setUserId(user.getId());
 164                                 auditLog.setActivityCode(EcompAuditLog.CD_ACTIVITY_DELETE_PORTAL_ADMIN);
 165                                 auditLog.setAffectedRecordId(sbcid);
 166                                 auditService.logActivity(auditLog, null);
 167
 168                                 MDC.put(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP, EPEELFLoggerAdvice.getCurrentDateTimeUTC());
 169                                 MDC.put(EPCommonSystemProperties.AUDITLOG_END_TIMESTAMP, EPEELFLoggerAdvice.getCurrentDateTimeUTC());
 170                                 EcompPortalUtils.calculateDateTimeDifferenceForLog(
 171                                                 MDC.get(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP),
 172                                                 MDC.get(EPCommonSystemProperties.AUDITLOG_END_TIMESTAMP));
 173                                 logger.info(EELFLoggerDelegate.auditLogger,
 174                                                 EPLogUtil.formatAuditLogMessage("PortalAdminController.deletePortalAdmin",
 175                                                                 EcompAuditLog.CD_ACTIVITY_DELETE_PORTAL_ADMIN, user.getOrgUserId(), sbcid,
 176                                                                 "A Portal Admin has been deleted"));
 177                                 MDC.remove(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP);
 178                                 MDC.remove(EPCommonSystemProperties.AUDITLOG_END_TIMESTAMP);
 179                                 MDC.remove(SystemProperties.MDC_TIMER);
 180                         }
 181                 }
 182                 EcompPortalUtils.logAndSerializeObject(logger, "/portalAdmin", "DELETE result =", response.getStatus());
 183
 184                 return fieldsValidator;
 185         }
 186
 187         @RequestMapping(value = {
 188                         "/portalApi/adminAppsRoles/{appId}" }, method = RequestMethod.GET, produces = "application/json")
 189         public List<EPRole> getRolesByApp(HttpServletRequest request, @PathVariable("appId") Long appId,
 190                         HttpServletResponse response) {
 191                 EPUser user = EPUserUtils.getUserSession(request);
 192                 List<EPRole> rolesByApp = null;
 193
 194                 try {
 195                         if (user == null) {
 196                                 EcompPortalUtils.setBadPermissions(user, response, "getUserApps");
 197                         } else {
 198                                 rolesByApp = adminRolesService.getRolesByApp(user, appId);
 199                         }
 200                 } catch (Exception e) {
 201                         logger.error(EELFLoggerDelegate.errorLogger,
 202                                         "Exception occurred while performing getRolesByApp operation, Details: "
 203                                                         + EcompPortalUtils.getStackTrace(e));
 204                 }
 205
 206                 return rolesByApp;
 207         }
 208
 209 }