Code Review / portal.git / blob
? search:


e77f8f9500a3426f90cf7ca203a0225375113511
[portal.git] /
1 /*-
2  * ============LICENSE_START==========================================
3  * ONAP Portal
4  * ===================================================================
5  * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
6  * ===================================================================
7  *
8  * Unless otherwise specified, all software contained herein is licensed
9  * under the Apache License, Version 2.0 (the "License");
10  * you may not use this software except in compliance with the License.
11  * You may obtain a copy of the License at
12  *
13  *             http://www.apache.org/licenses/LICENSE-2.0
14  *
15  * Unless required by applicable law or agreed to in writing, software
16  * distributed under the License is distributed on an "AS IS" BASIS,
17  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
18  * See the License for the specific language governing permissions and
19  * limitations under the License.
20  *
21  * Unless otherwise specified, all documentation contained herein is licensed
22  * under the Creative Commons License, Attribution 4.0 Intl. (the "License");
23  * you may not use this documentation except in compliance with the License.
24  * You may obtain a copy of the License at
25  *
26  *             https://creativecommons.org/licenses/by/4.0/
27  *
28  * Unless required by applicable law or agreed to in writing, documentation
29  * distributed under the License is distributed on an "AS IS" BASIS,
30  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
31  * See the License for the specific language governing permissions and
32  * limitations under the License.
33  *
34  * ============LICENSE_END============================================
35  *
36  * ECOMP is a trademark and service mark of AT&T Intellectual Property.
37  */
38 package org.onap.portalapp.portal.controller;
39
40 import java.util.List;
41
42 import javax.servlet.http.HttpServletRequest;
43 import javax.servlet.http.HttpServletResponse;
44
45 import org.onap.portalapp.controller.EPRestrictedBaseController;
46 import org.onap.portalapp.portal.domain.EPRole;
47 import org.onap.portalapp.portal.domain.EPUser;
48 import org.onap.portalapp.portal.domain.EcompAuditLog;
49 import org.onap.portalapp.portal.logging.aop.EPAuditLog;
50 import org.onap.portalapp.portal.logging.aop.EPEELFLoggerAdvice;
51 import org.onap.portalapp.portal.logging.logic.EPLogUtil;
52 import org.onap.portalapp.portal.service.AdminRolesService;
53 import org.onap.portalapp.portal.service.PortalAdminService;
54 import org.onap.portalapp.portal.transport.FieldsValidator;
55 import org.onap.portalapp.portal.transport.PortalAdmin;
56 import org.onap.portalapp.portal.utils.EPCommonSystemProperties;
57 import org.onap.portalapp.portal.utils.EcompPortalUtils;
58 import org.onap.portalapp.util.EPUserUtils;
59 import org.onap.portalsdk.core.domain.AuditLog;
60 import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;
61 import org.onap.portalsdk.core.service.AuditService;
62 import org.onap.portalsdk.core.util.SystemProperties;
63 import org.slf4j.MDC;
64 import org.springframework.beans.factory.annotation.Autowired;
65 import org.springframework.context.annotation.EnableAspectJAutoProxy;
66 import org.springframework.web.bind.annotation.PathVariable;
67 import org.springframework.web.bind.annotation.RequestBody;
68 import org.springframework.web.bind.annotation.RequestMapping;
69 import org.springframework.web.bind.annotation.RequestMethod;
70 import org.springframework.web.bind.annotation.RestController;
71
72 @RestController
73 @org.springframework.context.annotation.Configuration
74 @EnableAspectJAutoProxy
75 @EPAuditLog
76 public class PortalAdminController extends EPRestrictedBaseController {
77         @Autowired
78         PortalAdminService portalAdminService;
79         @Autowired
80         AdminRolesService adminRolesService;
81         @Autowired
82         AuditService auditService;
83
84         EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(PortalAdminController.class);
85
86         @RequestMapping(value = { "/portalApi/portalAdmins" }, method = RequestMethod.GET, produces = "application/json")
87         public List<PortalAdmin> getPortalAdmins(HttpServletRequest request, HttpServletResponse response) {
88                 EPUser user = EPUserUtils.getUserSession(request);
89                 List<PortalAdmin> portalAdmins = null;
90                 if (user == null) {
91                         logger.debug(EELFLoggerDelegate.debugLogger, "PortalAdminController.getPortalAdmins, null user");
92                         EcompPortalUtils.setBadPermissions(user, response, "getPortalAdmins");
93                 } else if (!adminRolesService.isSuperAdmin(user)) {
94                         logger.debug(EELFLoggerDelegate.debugLogger, "PortalAdminController.getPortalAdmins, bad permissions");
95                         EcompPortalUtils.setBadPermissions(user, response, "createPortalAdmin");
96                 } else {
97                         // return the list of portal admins
98                         portalAdmins = portalAdminService.getPortalAdmins();
99                         logger.debug(EELFLoggerDelegate.debugLogger, "portalAdmins: called getPortalAdmins()");
100                         EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/getPortalAdmins", "result =", portalAdmins);
101                 }
102
103                 return portalAdmins;
104         }
105
106         /**
107          * RESTful service method to create a new portal admin. Requirement: you
108          * must be the Ecomp portal super admin user.
109          * @param request 
110          * @param userId 
111          * @param response 
112          * @return FieldsValidator 
113          */
114         @RequestMapping(value = { "/portalApi/portalAdmin" }, method = RequestMethod.POST)
115         public FieldsValidator createPortalAdmin(HttpServletRequest request, @RequestBody String userId,
116                         HttpServletResponse response) {
117                 EPUser user = EPUserUtils.getUserSession(request);
118                 FieldsValidator fieldsValidator = null;
119                 if (user == null) {
120                         logger.debug(EELFLoggerDelegate.debugLogger, "PortalAdminController.createPortalAdmin, null user");
121                         EcompPortalUtils.setBadPermissions(user, response, "createPortalAdmin");
122                 } else if (!adminRolesService.isSuperAdmin(user)) {
123                         logger.debug(EELFLoggerDelegate.debugLogger, "PortalAdminController.createPortalAdmin bad permissions");
124                         EcompPortalUtils.setBadPermissions(user, response, "createPortalAdmin");
125                 } else {
126                         fieldsValidator = portalAdminService.createPortalAdmin(userId);
127                         int statusCode = fieldsValidator.httpStatusCode.intValue();
128                         response.setStatus(statusCode);
129                         if (statusCode == 200) {
130                                 AuditLog auditLog = new AuditLog();
131                                 auditLog.setUserId(user.getId());
132                                 auditLog.setActivityCode(EcompAuditLog.CD_ACTIVITY_ADD_PORTAL_ADMIN);
133                                 auditLog.setAffectedRecordId(userId);
134                                 try {
135                                         auditService.logActivity(auditLog, null);
136                                 } catch (Exception e) {
137                                         logger.error(EELFLoggerDelegate.errorLogger, "createPortalAdmin: failed for save audit log", e);
138                                 }
139                                 MDC.put(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP, EPEELFLoggerAdvice.getCurrentDateTimeUTC());
140                                 MDC.put(EPCommonSystemProperties.AUDITLOG_END_TIMESTAMP, EPEELFLoggerAdvice.getCurrentDateTimeUTC());
141                                 EcompPortalUtils.calculateDateTimeDifferenceForLog(
142                                                 MDC.get(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP),
143                                                 MDC.get(EPCommonSystemProperties.AUDITLOG_END_TIMESTAMP));
144                                 logger.info(EELFLoggerDelegate.auditLogger,
145                                                 EPLogUtil.formatAuditLogMessage("PortalAdminController.createPortalAdmin",
146                                                                 EcompAuditLog.CD_ACTIVITY_ADD_PORTAL_ADMIN, user.getOrgUserId(), userId,
147                                                                 "A new Portal Admin has been added"));
148                                 MDC.remove(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP);
149                                 MDC.remove(EPCommonSystemProperties.AUDITLOG_END_TIMESTAMP);
150                                 MDC.remove(SystemProperties.MDC_TIMER);
151                         }
152                 }
153                 EcompPortalUtils.logAndSerializeObject(logger, "/portalAdmin", "POST result =", response.getStatus());
154
155                 return fieldsValidator;
156         }
157
158         @RequestMapping(value = { "/portalApi/portalAdmin/{userInfo}" }, method = RequestMethod.DELETE)
159         public FieldsValidator deletePortalAdmin(HttpServletRequest request, @PathVariable("userInfo") String userInfo,
160                         HttpServletResponse response) {
161                 int userIdIdx = userInfo.indexOf("-");
162                 Long userId = null;
163                 String sbcid = null;
164                 FieldsValidator fieldsValidator = null;
165                 try {
166                         if (userIdIdx == -1) {
167                                 logger.error(EELFLoggerDelegate.errorLogger, "deletePortalAdmin missing userId");
168                                 return fieldsValidator;
169                         } else {
170                                 String userIdStr = userInfo.substring(0, userIdIdx);
171                                 userId = Long.valueOf(userIdStr);
172                                 sbcid = userInfo.substring(userIdIdx + 1, userInfo.length());
173                         }
174                 } catch (Exception e) {
175                         logger.error(EELFLoggerDelegate.errorLogger, "deletePortalAdmin error while parsing the userInfo", e);
176                 }
177                 EPUser user = EPUserUtils.getUserSession(request);
178                 if (!adminRolesService.isSuperAdmin(user)) {
179                         EcompPortalUtils.setBadPermissions(user, response, "deletePortalAdmin");
180                 } else {
181                         fieldsValidator = portalAdminService.deletePortalAdmin(userId);
182                         int statusCode = fieldsValidator.httpStatusCode.intValue();
183                         response.setStatus(statusCode);
184                         if (statusCode == 200) {
185                                 AuditLog auditLog = new AuditLog();
186                                 auditLog.setUserId(user.getId());
187                                 auditLog.setActivityCode(EcompAuditLog.CD_ACTIVITY_DELETE_PORTAL_ADMIN);
188                                 auditLog.setAffectedRecordId(sbcid);
189                                 auditService.logActivity(auditLog, null);
190                                 
191                                 MDC.put(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP, EPEELFLoggerAdvice.getCurrentDateTimeUTC());
192                                 MDC.put(EPCommonSystemProperties.AUDITLOG_END_TIMESTAMP, EPEELFLoggerAdvice.getCurrentDateTimeUTC());
193                                 EcompPortalUtils.calculateDateTimeDifferenceForLog(
194                                                 MDC.get(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP),
195                                                 MDC.get(EPCommonSystemProperties.AUDITLOG_END_TIMESTAMP));
196                                 logger.info(EELFLoggerDelegate.auditLogger,
197                                                 EPLogUtil.formatAuditLogMessage("PortalAdminController.deletePortalAdmin",
198                                                                 EcompAuditLog.CD_ACTIVITY_DELETE_PORTAL_ADMIN, user.getOrgUserId(), sbcid,
199                                                                 "A Portal Admin has been deleted"));
200                                 MDC.remove(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP);
201                                 MDC.remove(EPCommonSystemProperties.AUDITLOG_END_TIMESTAMP);
202                                 MDC.remove(SystemProperties.MDC_TIMER);
203                         }
204                 }
205                 EcompPortalUtils.logAndSerializeObject(logger, "/portalAdmin", "DELETE result =", response.getStatus());
206
207                 return fieldsValidator;
208         }
209
210         @RequestMapping(value = {
211                         "/portalApi/adminAppsRoles/{appId}" }, method = RequestMethod.GET, produces = "application/json")
212         public List<EPRole> getRolesByApp(HttpServletRequest request, @PathVariable("appId") Long appId,
213                         HttpServletResponse response) {
214                 EPUser user = EPUserUtils.getUserSession(request);
215                 List<EPRole> rolesByApp = null;
216
217                 try {
218                         if (user == null) {
219                                 EcompPortalUtils.setBadPermissions(user, response, "getUserApps");
220                         } else {
221                                 rolesByApp = adminRolesService.getRolesByApp(user, appId);
222                         }
223                 } catch (Exception e) {
224                         logger.error(EELFLoggerDelegate.errorLogger,    "getRolesByApp failed", e);
225                 }
226
227                 return rolesByApp;
228         }
229
230 }
ARCHIVED- 2022-02-15 at the request of the project