*
* ============LICENSE_END============================================
*
- *
+ *
*/
package org.onap.portalapp.portal.controller;
import org.onap.portalapp.portal.service.AdminRolesService;
import org.onap.portalapp.portal.service.BasicAuthAccountService;
import org.onap.portalapp.util.EPUserUtils;
+import org.onap.portalapp.validation.DataValidator;
+import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.EnableAspectJAutoProxy;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestBody;
-import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RequestMethod;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.PutMapping;
+import org.springframework.web.bind.annotation.DeleteMapping;
import org.springframework.web.bind.annotation.RestController;
@RestController
@EPAuditLog
public class BasicAuthAccountController extends EPRestrictedBaseController {
+ private static final String FAILURE = "FAILURE";
+ private static final String SUCCESS = "SUCCESS";
+ private static final String AUTHORIZATION_REQUIRED = "Authorization Required";
+ private static final String ADMIN_ONLY_OPERATIONS = "Admin Only Operation! ";
+
+ private static final EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(BasicAuthAccountController.class);
+ private final DataValidator dataValidator = new DataValidator();
+
@Autowired
private BasicAuthAccountService basicAuthAccountService;
/**
* Saves Basic Authentication account for external systems
- *
+ *
* @param request
* HttpServletRequest
* @param response
* @throws Exception
* on failure
*/
- @RequestMapping(value = { "/portalApi/basicAuthAccount" }, method = RequestMethod.POST)
+ @PostMapping(value = { "/portalApi/basicAuthAccount" })
public PortalRestResponse<String> createBasicAuthAccount(HttpServletRequest request, HttpServletResponse response,
@RequestBody BasicAuthCredentials newBasicAuthAccount) throws Exception {
+
+
EPUser user = EPUserUtils.getUserSession(request);
if (!adminRolesService.isSuperAdmin(user)) {
- return new PortalRestResponse<String>(PortalRestStatusEnum.ERROR, "Authorization Required",
- "Admin Only Operation! ");
+ return new PortalRestResponse<>(PortalRestStatusEnum.ERROR, AUTHORIZATION_REQUIRED,
+ ADMIN_ONLY_OPERATIONS);
}
if (newBasicAuthAccount == null) {
- return new PortalRestResponse<String>(PortalRestStatusEnum.ERROR, "FAILURE",
+ return new PortalRestResponse<>(PortalRestStatusEnum.ERROR, FAILURE,
"newBasicAuthAccount cannot be null or empty");
}
- long accountId = basicAuthAccountService.saveBasicAuthAccount(newBasicAuthAccount);
+
+ if(!dataValidator.isValid(newBasicAuthAccount)){
+ return new PortalRestResponse<>(PortalRestStatusEnum.ERROR, "createBasicAuthAccount() failed, new credential are not safe",
+ "");
+ }
+
+ long accountId;
+ try {
+ accountId = basicAuthAccountService.saveBasicAuthAccount(newBasicAuthAccount);
+ } catch (Exception e){
+ return new PortalRestResponse<>(PortalRestStatusEnum.ERROR, FAILURE, e.getMessage());
+ }
List<Long> endpointIdList = new ArrayList<>();
try {
basicAuthAccountService.saveEndpointAccount(accountId, endpointId);
}
} catch (Exception e) {
- return new PortalRestResponse<String>(PortalRestStatusEnum.ERROR, "FAILURE", e.getMessage());
+ logger.error(EELFLoggerDelegate.errorLogger, "createBasicAuthAccount failed", e);
+ return new PortalRestResponse<>(PortalRestStatusEnum.ERROR, FAILURE, e.getMessage());
}
- return new PortalRestResponse<String>(PortalRestStatusEnum.OK, "SUCCESS", "");
+ return new PortalRestResponse<>(PortalRestStatusEnum.OK, SUCCESS, "");
}
/**
* Returns list of all BasicAuthCredentials in the system
- *
+ *
* @param request
* HttpServletRequest
* @param response
* on failure
*/
- @RequestMapping(value = { "/portalApi/basicAuthAccount" }, method = RequestMethod.GET)
+ @GetMapping(value = { "/portalApi/basicAuthAccount" })
public PortalRestResponse<List<BasicAuthCredentials>> getBasicAuthAccount(HttpServletRequest request,
HttpServletResponse response) throws Exception {
EPUser user = EPUserUtils.getUserSession(request);
if (!adminRolesService.isSuperAdmin(user)) {
- return new PortalRestResponse<List<BasicAuthCredentials>>(PortalRestStatusEnum.ERROR,
+ return new PortalRestResponse<>(PortalRestStatusEnum.ERROR,
"UnAuthorized! Admin Only Operation", new ArrayList<>());
}
- return new PortalRestResponse<List<BasicAuthCredentials>>(PortalRestStatusEnum.OK, "Success",
+ return new PortalRestResponse<>(PortalRestStatusEnum.OK, "Success",
basicAuthAccountService.getAccountData());
}
/**
* Updates an existing BasicAuthCredentials account
- *
+ *
* @param request
* HttpServletRequest
* @param response
* @throws Exception
* on failure
*/
- @RequestMapping(value = { "/portalApi/basicAuthAccount/{accountId}" }, method = RequestMethod.PUT)
+ @PutMapping(value = { "/portalApi/basicAuthAccount/{accountId}" })
public PortalRestResponse<String> updateAccount(HttpServletRequest request, HttpServletResponse response,
@PathVariable("accountId") long accountId, @RequestBody BasicAuthCredentials newBasicAuthAccount)
throws Exception {
EPUser user = EPUserUtils.getUserSession(request);
if (!adminRolesService.isSuperAdmin(user)) {
- return new PortalRestResponse<String>(PortalRestStatusEnum.ERROR, "Authorization Required",
- "Admin Only Operation! ");
+ return new PortalRestResponse<>(PortalRestStatusEnum.ERROR, AUTHORIZATION_REQUIRED,
+ ADMIN_ONLY_OPERATIONS);
}
if (newBasicAuthAccount == null) {
- return new PortalRestResponse<String>(PortalRestStatusEnum.ERROR, "FAILURE",
+ return new PortalRestResponse<>(PortalRestStatusEnum.ERROR, FAILURE,
"BasicAuthCredentials cannot be null or empty");
}
try {
basicAuthAccountService.updateBasicAuthAccount(accountId, newBasicAuthAccount);
} catch (Exception e) {
- return new PortalRestResponse<String>(PortalRestStatusEnum.ERROR, "FAILURE", e.getMessage());
+ logger.error(EELFLoggerDelegate.errorLogger, "updateAccount failed", e);
+ return new PortalRestResponse<>(PortalRestStatusEnum.ERROR, FAILURE, e.getMessage());
}
- return new PortalRestResponse<String>(PortalRestStatusEnum.OK, "SUCCESS", "");
+ return new PortalRestResponse<>(PortalRestStatusEnum.OK, SUCCESS, "");
}
/**
* deletes an existing BasicAuthCredentials account
- *
+ *
* @param request
* HttpServletRequest
* @param response
* @throws Exception
* on failure
*/
- @RequestMapping(value = { "/portalApi/basicAuthAccount/{accountId}" }, method = RequestMethod.DELETE)
+ @DeleteMapping(value = { "/portalApi/basicAuthAccount/{accountId}" })
public PortalRestResponse<String> deleteAccount(HttpServletRequest request, HttpServletResponse response,
@PathVariable("accountId") long accountId) throws Exception {
EPUser user = EPUserUtils.getUserSession(request);
if (!adminRolesService.isSuperAdmin(user)) {
- return new PortalRestResponse<String>(PortalRestStatusEnum.ERROR, "Authorization Required",
- "Admin Only Operation! ");
+ return new PortalRestResponse<>(PortalRestStatusEnum.ERROR, AUTHORIZATION_REQUIRED,
+ ADMIN_ONLY_OPERATIONS);
}
try {
basicAuthAccountService.deleteEndpointAccout(accountId);
} catch (Exception e) {
- return new PortalRestResponse<String>(PortalRestStatusEnum.ERROR, "FAILURE", e.getMessage());
+ logger.error(EELFLoggerDelegate.errorLogger, "deleteAccount failed", e);
+ return new PortalRestResponse<>(PortalRestStatusEnum.ERROR, FAILURE, e.getMessage());
}
- return new PortalRestResponse<String>(PortalRestStatusEnum.OK, "SUCCESS", "");
+ return new PortalRestResponse<>(PortalRestStatusEnum.OK, SUCCESS, "");
}
}