gerrit.onap Code Review - portal.git/blob

   1 /*-
   2  * ============LICENSE_START==========================================
   3  * ONAP Portal
   4  * ===================================================================
   5  * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
   6  * ===================================================================
   7  *
   8  * Unless otherwise specified, all software contained herein is licensed
   9  * under the Apache License, Version 2.0 (the “License”);
  10  * you may not use this software except in compliance with the License.
  11  * You may obtain a copy of the License at
  12  *
  13  *             http://www.apache.org/licenses/LICENSE-2.0
  14  *
  15  * Unless required by applicable law or agreed to in writing, software
  16  * distributed under the License is distributed on an "AS IS" BASIS,
  17  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  18  * See the License for the specific language governing permissions and
  19  * limitations under the License.
  20  *
  21  * Unless otherwise specified, all documentation contained herein is licensed
  22  * under the Creative Commons License, Attribution 4.0 Intl. (the “License”);
  23  * you may not use this documentation except in compliance with the License.
  24  * You may obtain a copy of the License at
  25  *
  26  *             https://creativecommons.org/licenses/by/4.0/
  27  *
  28  * Unless required by applicable law or agreed to in writing, documentation
  29  * distributed under the License is distributed on an "AS IS" BASIS,
  30  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  31  * See the License for the specific language governing permissions and
  32  * limitations under the License.
  33  *
  34  * ============LICENSE_END============================================
  35  *
  36  * ECOMP is a trademark and service mark of AT&T Intellectual Property.
  37  */
  38 package org.openecomp.portalapp.portal.controller;
  39
  40 import java.util.List;
  41
  42 import javax.servlet.http.HttpServletRequest;
  43 import javax.servlet.http.HttpServletResponse;
  44
  45 import org.openecomp.portalapp.controller.EPRestrictedBaseController;
  46 import org.openecomp.portalapp.portal.domain.EPRole;
  47 import org.openecomp.portalapp.portal.domain.EPUser;
  48 import org.openecomp.portalapp.portal.logging.aop.EPAuditLog;
  49 import org.openecomp.portalapp.portal.service.AdminRolesService;
  50 import org.openecomp.portalapp.portal.service.PortalAdminService;
  51 import org.openecomp.portalapp.portal.transport.FieldsValidator;
  52 import org.openecomp.portalapp.portal.transport.PortalAdmin;
  53 import org.openecomp.portalapp.portal.utils.EcompPortalUtils;
  54 import org.openecomp.portalapp.util.EPUserUtils;
  55 import org.openecomp.portalsdk.core.logging.logic.EELFLoggerDelegate;
  56 import org.springframework.beans.factory.annotation.Autowired;
  57 import org.springframework.context.annotation.EnableAspectJAutoProxy;
  58 import org.springframework.web.bind.annotation.PathVariable;
  59 import org.springframework.web.bind.annotation.RequestBody;
  60 import org.springframework.web.bind.annotation.RequestMapping;
  61 import org.springframework.web.bind.annotation.RequestMethod;
  62 import org.springframework.web.bind.annotation.RestController;
  63
  64 @RestController
  65 @org.springframework.context.annotation.Configuration
  66 @EnableAspectJAutoProxy
  67 @EPAuditLog
  68 public class PortalAdminController extends EPRestrictedBaseController {
  69         @Autowired
  70         PortalAdminService portalAdminService;
  71         @Autowired
  72         AdminRolesService adminRolesService;
  73
  74         EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(PortalAdminController.class);
  75
  76         @RequestMapping(value = { "/portalApi/portalAdmins" }, method = RequestMethod.GET, produces = "application/json")
  77         public List<PortalAdmin> getPortalAdmins(HttpServletRequest request, HttpServletResponse response) {
  78                 EPUser user = EPUserUtils.getUserSession(request);
  79                 List<PortalAdmin> portalAdmins = null;
  80                 if (user == null) {
  81                         logger.debug(EELFLoggerDelegate.debugLogger, "PortalAdminController.getPortalAdmins, null user");
  82                         EcompPortalUtils.setBadPermissions(user, response, "getPortalAdmins");
  83                 } else if (!adminRolesService.isSuperAdmin(user)) {
  84                         logger.debug(EELFLoggerDelegate.debugLogger, "PortalAdminController.getPortalAdmins, bad permissions");
  85                         EcompPortalUtils.setBadPermissions(user, response, "createPortalAdmin");
  86                 } else {
  87                         // return the list of portal admins
  88                         portalAdmins = portalAdminService.getPortalAdmins();
  89                         logger.debug(EELFLoggerDelegate.debugLogger, "portalAdmins: called getPortalAdmins()");
  90                         EcompPortalUtils.logAndSerializeObject("/portalApi/getPortalAdmins", "result =", portalAdmins);
  91                 }
  92
  93                 return portalAdmins;
  94         }
  95
  96         /**
  97          * RESTful service method to create a new portal admin. Requirement: you
  98          * must be the Ecomp portal super admin user.
  99          */
 100
 101         @RequestMapping(value = { "/portalApi/portalAdmin" }, method = RequestMethod.POST)
 102         public FieldsValidator createPortalAdmin(HttpServletRequest request, @RequestBody String userid,
 103                         HttpServletResponse response) {
 104                 EPUser user = EPUserUtils.getUserSession(request);
 105                 FieldsValidator fieldsValidator = null;
 106                 if (user == null) {
 107                         logger.debug(EELFLoggerDelegate.debugLogger, "PortalAdminController.createPortalAdmin, null user");
 108                         EcompPortalUtils.setBadPermissions(user, response, "createPortalAdmin");
 109                 } else if (!adminRolesService.isSuperAdmin(user)) {
 110                         logger.debug(EELFLoggerDelegate.debugLogger, "PortalAdminController.createPortalAdmin bad permissions");
 111                         EcompPortalUtils.setBadPermissions(user, response, "createPortalAdmin");
 112                 } else {
 113                         fieldsValidator = portalAdminService.createPortalAdmin(userid);
 114                         response.setStatus(fieldsValidator.httpStatusCode.intValue());
 115                 }
 116                 EcompPortalUtils.logAndSerializeObject("/portalAdmin", "POST result =", response.getStatus());
 117
 118                 return fieldsValidator;
 119         }
 120
 121         @RequestMapping(value = { "/portalApi/portalAdmin/{orgUserId}" }, method = RequestMethod.DELETE)
 122         public FieldsValidator deletePortalAdmin(HttpServletRequest request, @PathVariable("orgUserId") Long orgUserId,
 123                         HttpServletResponse response) {
 124                 EPUser user = EPUserUtils.getUserSession(request);
 125                 FieldsValidator fieldsValidator = null;
 126                 if (!adminRolesService.isSuperAdmin(user)) {
 127                         EcompPortalUtils.setBadPermissions(user, response, "deletePortalAdmin");
 128                 } else {
 129                         fieldsValidator = portalAdminService.deletePortalAdmin(orgUserId);
 130                         response.setStatus(fieldsValidator.httpStatusCode.intValue());
 131                 }
 132                 EcompPortalUtils.logAndSerializeObject("/portalAdmin", "DELETE result =", response.getStatus());
 133
 134                 return fieldsValidator;
 135         }
 136
 137         @RequestMapping(value = { "/portalApi/adminAppsRoles/{appId}" }, method = RequestMethod.GET, produces = "application/json")
 138         public List<EPRole> getRolesByApp(HttpServletRequest request, @PathVariable("appId") Long appId,
 139                         HttpServletResponse response) {
 140                 EPUser user = EPUserUtils.getUserSession(request);
 141                 List<EPRole> rolesByApp = null;
 142
 143                 try {
 144                         if (user == null) {
 145                                 EcompPortalUtils.setBadPermissions(user, response, "getUserApps");
 146                         } else {
 147                                 rolesByApp = adminRolesService.getRolesByApp(user, appId);
 148                         }
 149                 } catch (Exception e) {
 150                         logger.error(EELFLoggerDelegate.errorLogger, "getRolesByApp failed", e);
 151                 }
 152
 153                 return rolesByApp;
 154         }
 155 }