X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=ecomp-portal-BE-common%2Fsrc%2Fmain%2Fjava%2Forg%2Fonap%2Fportalapp%2Fportal%2Fcontroller%2FAppsController.java;h=99b4fcee12c227237a93d9e5cd3743d04b5cfb49;hb=5347a112e9570c38491b5cfb80a1250530daddab;hp=b5bd02bcfaf565448e3f33e950eab6db91e4a93d;hpb=7c291e0d10e63f403f016ede7d8e4ee47dcbf8a9;p=portal.git diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/AppsController.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/AppsController.java index b5bd02bc..99b4fcee 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/AppsController.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/AppsController.java @@ -2,7 +2,9 @@ * ============LICENSE_START========================================== * ONAP Portal * =================================================================== - * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. + * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved. + * =================================================================== + * Modifications Copyright (c) 2019 Samsung * =================================================================== * * Unless otherwise specified, all software contained herein is licensed @@ -37,13 +39,15 @@ */ package org.onap.portalapp.portal.controller; +import com.fasterxml.jackson.core.JsonProcessingException; +import com.fasterxml.jackson.databind.ObjectMapper; import java.io.IOException; import java.util.List; import java.util.Set; - import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; - +import lombok.Getter; +import lombok.NoArgsConstructor; import org.onap.portalapp.controller.EPRestrictedBaseController; import org.onap.portalapp.portal.domain.AdminUserApplications; import org.onap.portalapp.portal.domain.AppIdAndNameTransportModel; @@ -52,7 +56,9 @@ import org.onap.portalapp.portal.domain.EPApp; import org.onap.portalapp.portal.domain.EPUser; import org.onap.portalapp.portal.domain.EcompApp; import org.onap.portalapp.portal.domain.UserRoles; +import org.onap.portalapp.portal.exceptions.InvalidApplicationException; import org.onap.portalapp.portal.logging.aop.EPAuditLog; +import org.onap.portalapp.portal.logging.logic.EPLogUtil; import org.onap.portalapp.portal.service.AdminRolesService; import org.onap.portalapp.portal.service.EPAppService; import org.onap.portalapp.portal.service.EPLeftMenuService; @@ -66,6 +72,7 @@ import org.onap.portalapp.portal.transport.OnboardingApp; import org.onap.portalapp.portal.utils.EcompPortalUtils; import org.onap.portalapp.portal.utils.PortalConstants; import org.onap.portalapp.util.EPUserUtils; +import org.onap.portalapp.validation.DataValidator; import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate; import org.onap.portalsdk.core.util.SystemProperties; import org.onap.portalsdk.core.web.support.AppUtils; @@ -73,28 +80,38 @@ import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.annotation.EnableAspectJAutoProxy; import org.springframework.http.HttpEntity; import org.springframework.http.HttpHeaders; +import org.springframework.http.HttpStatus; import org.springframework.http.MediaType; +import org.springframework.http.ResponseEntity; import org.springframework.web.bind.annotation.PathVariable; import org.springframework.web.bind.annotation.RequestBody; import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.GetMapping; +import org.springframework.web.bind.annotation.PutMapping; +import org.springframework.web.bind.annotation.PostMapping; +import org.springframework.web.bind.annotation.DeleteMapping; import org.springframework.web.bind.annotation.RequestMethod; import org.springframework.web.bind.annotation.RestController; - -import com.fasterxml.jackson.core.JsonProcessingException; -import com.fasterxml.jackson.databind.ObjectMapper; +import org.springframework.web.client.HttpClientErrorException; @RestController @EnableAspectJAutoProxy @EPAuditLog +@NoArgsConstructor +@Getter public class AppsController extends EPRestrictedBaseController { - private EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(AppsController.class); + private static final String GET_RESULT = "GET result ="; + private static final String PUT_RESULT = "PUT result ="; + private static final String PORTAL_API_ONBOARDING_APPS = "/portalApi/onboardingApps"; + private static final String PORTAL_API_USER_APPS_ORDER_BY_SORT_PREF = "/portalApi/userAppsOrderBySortPref"; + + private final EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(AppsController.class); + private final DataValidator dataValidator = new DataValidator(); @Autowired private AdminRolesService adminRolesService; - @Autowired private EPAppService appService; - @Autowired private EPLeftMenuService leftMenuService; @@ -108,7 +125,7 @@ public class AppsController extends EPRestrictedBaseController { * HttpServletResponse * @return List */ - @RequestMapping(value = { "/portalApi/userApps" }, method = RequestMethod.GET, produces = "application/json") + @GetMapping(value = { "/portalApi/userApps" }, produces = "application/json") public List getUserApps(HttpServletRequest request, HttpServletResponse response) { EPUser user = EPUserUtils.getUserSession(request); List ecompApps = null; @@ -118,7 +135,7 @@ public class AppsController extends EPRestrictedBaseController { EcompPortalUtils.setBadPermissions(user, response, "getUserApps"); } else { ecompApps = appService.transformAppsToEcompApps(appService.getUserApps(user)); - EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/userApps", "GET result =", ecompApps); + EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/userApps", GET_RESULT, ecompApps); } } catch (Exception e) { logger.error(EELFLoggerDelegate.errorLogger, "getUserApps failed", e); @@ -139,7 +156,7 @@ public class AppsController extends EPRestrictedBaseController { * @throws IOException * if sendError fails */ - @RequestMapping(value = { "/portalApi/persUserApps" }, method = RequestMethod.GET, produces = "application/json") + @GetMapping(value = { "/portalApi/persUserApps" }, produces = "application/json") public List getPersUserApps(HttpServletRequest request, HttpServletResponse response) throws IOException { EPUser user = EPUserUtils.getUserSession(request); List ecompApps = null; @@ -153,7 +170,7 @@ public class AppsController extends EPRestrictedBaseController { else apps = appService.getPersUserApps(user); ecompApps = appService.transformAppsToEcompApps(apps); - EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/userPersApps", "GET result =", ecompApps); + EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/userPersApps", GET_RESULT, ecompApps); } } catch (Exception e) { logger.error(EELFLoggerDelegate.errorLogger, "getPersUserApps failed", e); @@ -172,7 +189,7 @@ public class AppsController extends EPRestrictedBaseController { * HttpServletResponse * @return List */ - @RequestMapping(value = { "/portalApi/adminApps" }, method = RequestMethod.GET, produces = "application/json") + @GetMapping(value = { "/portalApi/adminApps" }, produces = "application/json") public List getAdminApps(HttpServletRequest request, HttpServletResponse response) { EPUser user = EPUserUtils.getUserSession(request); List adminApps = null; @@ -182,7 +199,7 @@ public class AppsController extends EPRestrictedBaseController { EcompPortalUtils.setBadPermissions(user, response, "getAdminApps"); } else { adminApps = appService.getAdminApps(user); - EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/adminApps", "GET result =", adminApps); + EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/adminApps", GET_RESULT, adminApps); } } catch (Exception e) { logger.error(EELFLoggerDelegate.errorLogger, "getAdminApps failed", e); @@ -201,8 +218,8 @@ public class AppsController extends EPRestrictedBaseController { * HttpServletResponse * @return List */ - @RequestMapping(value = { - "/portalApi/appsForSuperAdminAndAccountAdmin" }, method = RequestMethod.GET, produces = "application/json") + @GetMapping(value = { + "/portalApi/appsForSuperAdminAndAccountAdmin" }, produces = "application/json") public List getAppsForSuperAdminAndAccountAdmin(HttpServletRequest request, HttpServletResponse response) { EPUser user = EPUserUtils.getUserSession(request); @@ -214,7 +231,7 @@ public class AppsController extends EPRestrictedBaseController { } else { adminApps = appService.getAppsForSuperAdminAndAccountAdmin(user); EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/appsForSuperAdminAndAccountAdmin", - "GET result =", adminApps); + GET_RESULT, adminApps); } } catch (Exception e) { logger.error(EELFLoggerDelegate.errorLogger, "getAppsForSuperAdminAndAccountAdmin failed", e); @@ -224,7 +241,7 @@ public class AppsController extends EPRestrictedBaseController { } /** - * RESTful service method to fetch left menu items from the user's session. + * RESTful service method to fetch left menu items from the user'PORTAL_API_USER_APPS_ORDER_BY_SORT_PREF session. * * @param request * HttpServletRequest @@ -233,7 +250,7 @@ public class AppsController extends EPRestrictedBaseController { * @return JSON with left menu */ @SuppressWarnings({ "rawtypes", "unchecked" }) - @RequestMapping(value = { "/portalApi/leftmenuItems" }, method = RequestMethod.GET, produces = "application/json;charset=UTF-8") + @GetMapping(value = { "/portalApi/leftmenuItems" }, produces = "application/json;charset=UTF-8") public String getLeftMenuItems(HttpServletRequest request, HttpServletResponse response) { String menuList = null; Set menuSet = (Set) AppUtils.getSession(request) @@ -246,15 +263,15 @@ public class AppsController extends EPRestrictedBaseController { try { menuList = leftMenuService.getLeftMenuItems(user, menuSet, roleFunctionSet); - EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/leftmenuItems", "GET result =", menuList); + EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/leftmenuItems", GET_RESULT, menuList); } catch (Exception e) { logger.error(EELFLoggerDelegate.errorLogger, "getLeftMenuItems failed", e); } return menuList; } - @RequestMapping(value = { - "/portalApi/userAppsOrderBySortPref" }, method = RequestMethod.GET, produces = "application/json") + @GetMapping(value = { + PORTAL_API_USER_APPS_ORDER_BY_SORT_PREF }, produces = "application/json") public List getUserAppsOrderBySortPref(HttpServletRequest request, HttpServletResponse response) { EPUser user = EPUserUtils.getUserSession(request); List ecompApps = null; @@ -263,28 +280,28 @@ public class AppsController extends EPRestrictedBaseController { EcompPortalUtils.setBadPermissions(user, response, "getUserAppsOrderBySortPref"); } else { String usrSortPref = request.getParameter("mparams"); - if (usrSortPref.equals("")) { + if (usrSortPref.isEmpty()) { usrSortPref = "N"; } switch (usrSortPref) { case "N": ecompApps = appService.transformAppsToEcompApps(appService.getAppsOrderByName(user)); - EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/userAppsOrderBySortPref", "GET result =", + EcompPortalUtils.logAndSerializeObject(logger, PORTAL_API_USER_APPS_ORDER_BY_SORT_PREF, GET_RESULT, ecompApps); break; case "L": ecompApps = appService.transformAppsToEcompApps(appService.getAppsOrderByLastUsed(user)); - EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/userAppsOrderBySortPref", "GET result =", + EcompPortalUtils.logAndSerializeObject(logger, PORTAL_API_USER_APPS_ORDER_BY_SORT_PREF, GET_RESULT, ecompApps); break; case "F": ecompApps = appService.transformAppsToEcompApps(appService.getAppsOrderByMostUsed(user)); - EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/userAppsOrderBySortPref", "GET result =", + EcompPortalUtils.logAndSerializeObject(logger, PORTAL_API_USER_APPS_ORDER_BY_SORT_PREF, GET_RESULT, ecompApps); break; case "M": ecompApps = appService.transformAppsToEcompApps(appService.getAppsOrderByManual(user)); - EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/userAppsOrderBySortPref", "GET result =", + EcompPortalUtils.logAndSerializeObject(logger, PORTAL_API_USER_APPS_ORDER_BY_SORT_PREF, GET_RESULT, ecompApps); break; default: @@ -309,11 +326,18 @@ public class AppsController extends EPRestrictedBaseController { * sort pref * @return FieldsValidator */ - @RequestMapping(value = { - "/portalApi/saveUserAppsSortingManual" }, method = RequestMethod.PUT, produces = "application/json") + @PutMapping(value = { + "/portalApi/saveUserAppsSortingManual" }, produces = "application/json") public FieldsValidator putUserAppsSortingManual(HttpServletRequest request, @RequestBody List epAppsManualPref, HttpServletResponse response) { FieldsValidator fieldsValidator = null; + + if (isNotNullAndNotValid(epAppsManualPref)){ + fieldsValidator = new FieldsValidator(); + fieldsValidator.setHttpStatusCode((long) HttpServletResponse.SC_NOT_ACCEPTABLE); + return fieldsValidator; + } + try { EPUser user = EPUserUtils.getUserSession(request); fieldsValidator = appService.saveAppsSortManual(epAppsManualPref, user); @@ -321,16 +345,23 @@ public class AppsController extends EPRestrictedBaseController { } catch (Exception e) { logger.error(EELFLoggerDelegate.errorLogger, "putUserAppsSortingManual failed", e); } - EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/saveUserAppsSortingManual", "PUT result =", + EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/saveUserAppsSortingManual", PUT_RESULT, response.getStatus()); return fieldsValidator; } - @RequestMapping(value = { - "/portalApi/saveUserWidgetsSortManual" }, method = RequestMethod.PUT, produces = "application/json") + @PutMapping(value = { + "/portalApi/saveUserWidgetsSortManual" }, produces = "application/json") public FieldsValidator putUserWidgetsSortManual(HttpServletRequest request, @RequestBody List saveManualWidgetSData, HttpServletResponse response) { FieldsValidator fieldsValidator = null; + + if (isNotNullAndNotValid(saveManualWidgetSData)){ + fieldsValidator = new FieldsValidator(); + fieldsValidator.setHttpStatusCode((long)HttpServletResponse.SC_NOT_ACCEPTABLE); + return fieldsValidator; + } + try { EPUser user = EPUserUtils.getUserSession(request); fieldsValidator = appService.saveWidgetsSortManual(saveManualWidgetSData, user); @@ -338,17 +369,23 @@ public class AppsController extends EPRestrictedBaseController { } catch (Exception e) { logger.error(EELFLoggerDelegate.errorLogger, "putUserWidgetsSortManual failed", e); } - // return fieldsValidator; - EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/putUserWidgetsSortManual", "PUT result =", + EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/putUserWidgetsSortManual", PUT_RESULT, response.getStatus()); return fieldsValidator; } - @RequestMapping(value = { - "/portalApi/updateWidgetsSortPref" }, method = RequestMethod.PUT, produces = "application/json") + @PutMapping(value = { + "/portalApi/updateWidgetsSortPref" }, produces = "application/json") public FieldsValidator putUserWidgetsSortPref(HttpServletRequest request, @RequestBody List delManualWidgetData, HttpServletResponse response) { FieldsValidator fieldsValidator = null; + + if (isNotNullAndNotValid(delManualWidgetData)){ + fieldsValidator = new FieldsValidator(); + fieldsValidator.setHttpStatusCode((long)HttpServletResponse.SC_NOT_ACCEPTABLE); + return fieldsValidator; + } + try { EPUser user = EPUserUtils.getUserSession(request); fieldsValidator = appService.deleteUserWidgetSortPref(delManualWidgetData, user); @@ -357,8 +394,7 @@ public class AppsController extends EPRestrictedBaseController { logger.error(EELFLoggerDelegate.errorLogger, "putUserWidgetsSortPref failed", e); } - // return fieldsValidator; - EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/putUserWidgetsSortPref", "PUT result =", + EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/putUserWidgetsSortPref", PUT_RESULT, response.getStatus()); return fieldsValidator; } @@ -374,11 +410,12 @@ public class AppsController extends EPRestrictedBaseController { * data to delete * @return FieldsValidator */ - @RequestMapping(value = { - "/portalApi/UpdateUserAppsSortManual" }, method = RequestMethod.PUT, produces = "application/json") + @PutMapping(value = { + "/portalApi/UpdateUserAppsSortManual" }, produces = "application/json") public FieldsValidator deleteUserAppSortManual(HttpServletRequest request, @RequestBody EPDeleteAppsManualSortPref delManualAppData, HttpServletResponse response) { FieldsValidator fieldsValidator = null; + try { EPUser user = EPUserUtils.getUserSession(request); fieldsValidator = appService.deleteUserAppSortManual(delManualAppData, user); @@ -387,14 +424,13 @@ public class AppsController extends EPRestrictedBaseController { logger.error(EELFLoggerDelegate.errorLogger, "deleteUserAppSortManual failed", e); } - // return fieldsValidator; - EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/deleteUserAppSortManual", "PUT result =", + EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/deleteUserAppSortManual", PUT_RESULT, response.getStatus()); return fieldsValidator; } - @RequestMapping(value = { - "/portalApi/saveUserAppsSortingPreference" }, method = RequestMethod.PUT, produces = "application/json") + @PutMapping(value = { + "/portalApi/saveUserAppsSortingPreference" }, produces = "application/json") public FieldsValidator putUserAppsSortingPreference(HttpServletRequest request, @RequestBody EPAppsSortPreference userAppsValue, HttpServletResponse response) { FieldsValidator fieldsValidator = null; @@ -407,14 +443,13 @@ public class AppsController extends EPRestrictedBaseController { } - // return fieldsValidator; - EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/putUserAppsSortingPreference", "PUT result =", + EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/putUserAppsSortingPreference", PUT_RESULT, response.getStatus()); return fieldsValidator; } - @RequestMapping(value = { - "/portalApi/userAppsSortTypePreference" }, method = RequestMethod.GET, produces = "application/String") + @GetMapping(value = { + "/portalApi/userAppsSortTypePreference" }, produces = "application/String") public String getUserAppsSortTypePreference(HttpServletRequest request, HttpServletResponse response) { EPUser user = EPUserUtils.getUserSession(request); String userSortPreference = null; @@ -424,7 +459,7 @@ public class AppsController extends EPRestrictedBaseController { EcompPortalUtils.setBadPermissions(user, response, "userAppsSortTypePreference"); } else { userSortPreference = appService.getUserAppsSortTypePreference(user); - EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/userAppsSortTypePreference", "GET result =", + EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/userAppsSortTypePreference", GET_RESULT, userSortPreference); } } catch (Exception e) { @@ -445,7 +480,7 @@ public class AppsController extends EPRestrictedBaseController { * HTTP servlet response * @return List */ - @RequestMapping(value = { "/portalApi/accountAdmins" }, method = RequestMethod.GET, produces = "application/json") + @GetMapping(value = { "/portalApi/accountAdmins" }, produces = "application/json") public List getAppsAdministrators(HttpServletRequest request, HttpServletResponse response) { EPUser user = EPUserUtils.getUserSession(request); List admins = null; @@ -454,7 +489,7 @@ public class AppsController extends EPRestrictedBaseController { EcompPortalUtils.setBadPermissions(user, response, "getAppsAdministrators"); } else { admins = appService.getAppsAdmins(); - EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/accountAdmins", "GET result =", admins); + EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/accountAdmins", GET_RESULT, admins); } } catch (Exception e) { logger.error(EELFLoggerDelegate.errorLogger, "getAppsAdministrators failed", e); @@ -463,7 +498,7 @@ public class AppsController extends EPRestrictedBaseController { return admins; } - @RequestMapping(value = { "/portalApi/availableApps" }, method = RequestMethod.GET, produces = "application/json") + @GetMapping(value = { "/portalApi/availableApps" }, produces = "application/json") public List getApps(HttpServletRequest request, HttpServletResponse response) { EPUser user = EPUserUtils.getUserSession(request); List apps = null; @@ -471,8 +506,8 @@ public class AppsController extends EPRestrictedBaseController { if (!adminRolesService.isSuperAdmin(user)) { EcompPortalUtils.setBadPermissions(user, response, "getApps"); } else { - apps = appService.getAllApps(false); - EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/availableApps", "GET result =", apps); + apps = appService.getAllApplications(false); + EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/availableApps", GET_RESULT, apps); } } catch (Exception e) { logger.error(EELFLoggerDelegate.errorLogger, "getApps failed", e); @@ -491,8 +526,8 @@ public class AppsController extends EPRestrictedBaseController { * HTTP servlet response * @return List of applications */ - @RequestMapping(value = { - "/portalApi/allAvailableApps" }, method = RequestMethod.GET, produces = "application/json") + @GetMapping(value = { + "/portalApi/allAvailableApps" }, produces = "application/json") public List getAllApps(HttpServletRequest request, HttpServletResponse response) { EPUser user = EPUserUtils.getUserSession(request); List apps = null; @@ -501,7 +536,7 @@ public class AppsController extends EPRestrictedBaseController { EcompPortalUtils.setBadPermissions(user, response, "getApps"); } else { apps = appService.getAllApps(true); - EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/availableApps", "GET result =", apps); + EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/availableApps", GET_RESULT, apps); } } catch (Exception e) { logger.error(EELFLoggerDelegate.errorLogger, "getAllApps failed", e); @@ -518,7 +553,7 @@ public class AppsController extends EPRestrictedBaseController { * HTTP servlet response * @return List of applications */ - @RequestMapping(value = { "/portalApi/appsFullList" }, method = RequestMethod.GET, produces = "application/json") + @GetMapping(value = { "/portalApi/appsFullList" }, produces = "application/json") public List getAppsFullList(HttpServletRequest request, HttpServletResponse response) { EPUser user = EPUserUtils.getUserSession(request); List ecompApps = null; @@ -526,7 +561,7 @@ public class AppsController extends EPRestrictedBaseController { EcompPortalUtils.setBadPermissions(user, response, "getAppsFullList"); } else { ecompApps = appService.getEcompAppAppsFullList(); - EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/appsFullList", "GET result =", ecompApps); + EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/appsFullList", GET_RESULT, ecompApps); } return ecompApps; } @@ -539,7 +574,7 @@ public class AppsController extends EPRestrictedBaseController { * HTTP servlet response * @return UserRoles */ - @RequestMapping(value = { "/portalApi/userProfile" }, method = RequestMethod.GET, produces = "application/json") + @GetMapping(value = { "/portalApi/userProfile" }, produces = "application/json") public UserRoles getUserProfile(HttpServletRequest request, HttpServletResponse response) { EPUser user = EPUserUtils.getUserSession(request); UserRoles userAndRoles = null; @@ -566,8 +601,7 @@ public class AppsController extends EPRestrictedBaseController { * application ID * @return List */ - @RequestMapping(value = { "/portalApi/appRoles/{appId}" }, method = { - RequestMethod.GET }, produces = "application/json") + @GetMapping(value = { "/portalApi/appRoles/{appId}" }, produces = "application/json") public List getAppRoles(HttpServletRequest request, @PathVariable("appId") Long appId, HttpServletResponse response) { List roleList = null; @@ -577,7 +611,7 @@ public class AppsController extends EPRestrictedBaseController { || (adminRolesService.isSuperAdmin(user) && requestedApp.getId() == PortalConstants.PORTAL_APP_ID))) { try { roleList = appService.getAppRoles(appId); - EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/appRoles/" + appId, "GET result =", + EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/appRoles/" + appId, GET_RESULT, roleList); } catch (Exception e) { logger.error(EELFLoggerDelegate.errorLogger, "getAppRoles failed", e); @@ -596,8 +630,7 @@ public class AppsController extends EPRestrictedBaseController { * @param response * @return EPApp object */ - @RequestMapping(value = { "/portalApi/singleAppInfo" }, method = { - RequestMethod.GET }, produces = "application/json") + @GetMapping(value = { "/portalApi/singleAppInfo" }, produces = "application/json") public EPApp getSingleAppInfo(HttpServletRequest request, HttpServletResponse response) { EPApp app = null; EPUser user = EPUserUtils.getUserSession(request); @@ -605,8 +638,8 @@ public class AppsController extends EPRestrictedBaseController { String appName = request.getParameter("appParam"); app = appService.getAppDetailByAppName(appName); if (user != null && (adminRolesService.isAccountAdminOfApplication(user, app) - || (adminRolesService.isSuperAdmin(user) && app.getId() == PortalConstants.PORTAL_APP_ID))) - EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/singleAppInfo" + appName, "GET result =", app); + || (adminRolesService.isSuperAdmin(user) && app.getId().equals(PortalConstants.PORTAL_APP_ID)))) + EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/singleAppInfo" + appName, GET_RESULT, app); else{ app= null; EcompPortalUtils.setBadPermissions(user, response, "createAdmin"); @@ -626,8 +659,7 @@ public class AppsController extends EPRestrictedBaseController { * @param response * @return EPApp object */ - @RequestMapping(value = { "/portalApi/singleAppInfoById" }, method = { - RequestMethod.GET }, produces = "application/json") + @GetMapping(value = { "/portalApi/singleAppInfoById" }, produces = "application/json") public EPApp getSingleAppInfoById(HttpServletRequest request, HttpServletResponse response) { EPApp app = null; EPUser user = EPUserUtils.getUserSession(request); @@ -635,11 +667,11 @@ public class AppsController extends EPRestrictedBaseController { String appId = request.getParameter("appParam"); app = appService.getApp(Long.valueOf(appId)); if(!EcompPortalUtils.checkIfRemoteCentralAccessAllowed()) { - app.setCentralAuth(false); + app.setRolesInAAF(false); } if (user != null && (adminRolesService.isAccountAdminOfApplication(user, app) - || (adminRolesService.isSuperAdmin(user) && app.getId() == PortalConstants.PORTAL_APP_ID))) - EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/singleAppInfoById" + appId, "GET result =", app); + || (adminRolesService.isSuperAdmin(user) && app.getId().equals(PortalConstants.PORTAL_APP_ID)))) + EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/singleAppInfoById" + appId, GET_RESULT, app); else{ app= null; EcompPortalUtils.setBadPermissions(user, response, "createAdmin"); @@ -659,17 +691,25 @@ public class AppsController extends EPRestrictedBaseController { * HTTP servlet response * @return List */ - @RequestMapping(value = { "/portalApi/onboardingApps" }, method = RequestMethod.GET, produces = "application/json") + @GetMapping(value = { PORTAL_API_ONBOARDING_APPS }, produces = "application/json") public List getOnboardingApps(HttpServletRequest request, HttpServletResponse response) { EPUser user = EPUserUtils.getUserSession(request); List onboardingApps = null; try { - if (!adminRolesService.isSuperAdmin(user)) { + if (!adminRolesService.isSuperAdmin(user) && !adminRolesService.isAccountAdmin(user)) { EcompPortalUtils.setBadPermissions(user, response, "getOnboardingApps"); } else { + + if(adminRolesService.isSuperAdmin(user)){ onboardingApps = appService.getOnboardingApps(); - EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/onboardingApps", "GET result =", - "onboardingApps of size " + onboardingApps.size()); + } + else if(adminRolesService.isAccountAdmin(user)) + { + //get all his admin apps + onboardingApps = appService.getAdminAppsOfUser(user); + } + EcompPortalUtils.logAndSerializeObject(logger, PORTAL_API_ONBOARDING_APPS, GET_RESULT, + "onboardingApps of size " + (onboardingApps != null ? onboardingApps.size() : 0)); } } catch (Exception e) { logger.error(EELFLoggerDelegate.errorLogger, "getOnboardingApps failed", e); @@ -681,25 +721,35 @@ public class AppsController extends EPRestrictedBaseController { /** * * @param request - * HTTP servlet request + * HTTP servlet request‰ * @param response * HTTP servlet response * @param modifiedOnboardingApp * app to update * @return FieldsValidator + * @throws Exception */ - @RequestMapping(value = { "/portalApi/onboardingApps" }, method = RequestMethod.PUT, produces = "application/json") + @PutMapping(value = { PORTAL_API_ONBOARDING_APPS }, produces = "application/json") public FieldsValidator putOnboardingApp(HttpServletRequest request, @RequestBody OnboardingApp modifiedOnboardingApp, HttpServletResponse response) { FieldsValidator fieldsValidator = null; EPUser user = null; - EPApp oldEPApp = null; + EPApp oldEPApp = appService.getApp(modifiedOnboardingApp.getId()); + try { user = EPUserUtils.getUserSession(request); - if (!adminRolesService.isSuperAdmin(user)) { + if (!adminRolesService.isSuperAdmin(user) && !adminRolesService.isAccountAdminOfAnyActiveorInactiveApplication(user, oldEPApp) ) { EcompPortalUtils.setBadPermissions(user, response, "putOnboardingApp"); + } else if(!dataValidator.isValid(modifiedOnboardingApp)){ + logger.error(EELFLoggerDelegate.errorLogger, "putOnboardingApp is not valid"); + EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/onboardingApps", "POST result =", + response.getStatus()); + return fieldsValidator; } else { - oldEPApp = appService.getApp(modifiedOnboardingApp.id); + if((oldEPApp.getRolesInAAF() && modifiedOnboardingApp.getRolesInAAF() && !oldEPApp.getNameSpace().equalsIgnoreCase(modifiedOnboardingApp.getNameSpace()) && modifiedOnboardingApp.getNameSpace()!= null ) || (!oldEPApp.getRolesInAAF() && modifiedOnboardingApp.getRolesInAAF() && modifiedOnboardingApp.getNameSpace() != null)) + { + checkIfNameSpaceIsValid(modifiedOnboardingApp, fieldsValidator, response); + } modifiedOnboardingApp.normalize(); fieldsValidator = appService.modifyOnboardingApp(modifiedOnboardingApp, user); response.setStatus(fieldsValidator.httpStatusCode.intValue()); @@ -711,17 +761,20 @@ public class AppsController extends EPRestrictedBaseController { try { String oldvaluesAsJson = new ObjectMapper().writeValueAsString(oldEPApp); String newvaluesAsJson = new ObjectMapper().writeValueAsString(modifiedOnboardingApp); - logger.info(EELFLoggerDelegate.auditLogger, "/portalApi/onboardingApps, old values ="+oldvaluesAsJson); - logger.info(EELFLoggerDelegate.auditLogger, "/portalApi/onboardingApps, loginId="+user.getLoginId()+", new values ="+newvaluesAsJson); + logger.info(EELFLoggerDelegate.auditLogger, "/portalApi/onboardingApps, old values ={}", oldvaluesAsJson); + logger.info(EELFLoggerDelegate.auditLogger, "/portalApi/onboardingApps, loginId={}, new values ={}", + user != null ? user.getLoginId() : "", newvaluesAsJson); } catch (JsonProcessingException e) { logger.error(EELFLoggerDelegate.errorLogger, "putOnboardingApps failed", e); } } - EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/onboardingApps", "PUT result =", + EcompPortalUtils.logAndSerializeObject(logger, PORTAL_API_ONBOARDING_APPS, PUT_RESULT, response.getStatus()); return fieldsValidator; } + + /** * * @param request @@ -732,7 +785,7 @@ public class AppsController extends EPRestrictedBaseController { * app to add * @return FieldsValidator */ - @RequestMapping(value = { "/portalApi/onboardingApps" }, method = RequestMethod.POST, produces = "application/json") + @PostMapping(value = { PORTAL_API_ONBOARDING_APPS }, produces = "application/json") public FieldsValidator postOnboardingApp(HttpServletRequest request, @RequestBody OnboardingApp newOnboardingApp, HttpServletResponse response) { FieldsValidator fieldsValidator = null; @@ -742,17 +795,45 @@ public class AppsController extends EPRestrictedBaseController { EcompPortalUtils.setBadPermissions(user, response, "postOnboardingApps"); } else { newOnboardingApp.normalize(); + if(newOnboardingApp.getRolesInAAF() != null && newOnboardingApp.getRolesInAAF()) + checkIfNameSpaceIsValid(newOnboardingApp, fieldsValidator, response); fieldsValidator = appService.addOnboardingApp(newOnboardingApp, user); response.setStatus(fieldsValidator.httpStatusCode.intValue()); } + if(response.getStatus()==200) { + try { + String newvaluesAsJson = new ObjectMapper().writeValueAsString(newOnboardingApp); + logger.info(EELFLoggerDelegate.auditLogger, "/portalApi/onboardingApps, loginId="+user.getLoginId()+", values ="+newvaluesAsJson); + } catch (JsonProcessingException e) { + logger.error(EELFLoggerDelegate.errorLogger, "postOnboardingApps failed", e); + } + } } catch (Exception e) { - logger.error(EELFLoggerDelegate.errorLogger, "postOnboardingApp failed", e); + logger.error(EELFLoggerDelegate.errorLogger, "postOnboardingApp failed", e); } - EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/onboardingApps", "POST result =", + EcompPortalUtils.logAndSerializeObject(logger, PORTAL_API_ONBOARDING_APPS, "POST result =", response.getStatus()); return fieldsValidator; } + + private FieldsValidator setResponse(HttpStatus statusCode, HttpServletResponse response) + { + FieldsValidator fieldsValidator = new FieldsValidator(); + if (statusCode == HttpStatus.NOT_FOUND || statusCode == HttpStatus.FORBIDDEN) { + fieldsValidator.httpStatusCode = (long) HttpServletResponse.SC_NOT_FOUND; + logger.error(EELFLoggerDelegate.errorLogger, "setResponse failed"+ "invalid namespace"); + }else if (statusCode == HttpStatus.UNAUTHORIZED) { + fieldsValidator.httpStatusCode = (long) HttpServletResponse.SC_UNAUTHORIZED; + logger.error(EELFLoggerDelegate.errorLogger, "setResponse failed"+ "unauthorized"); + } else{ + fieldsValidator.httpStatusCode = (long) HttpServletResponse.SC_BAD_REQUEST; + logger.error(EELFLoggerDelegate.errorLogger, "setResponse failed ",statusCode); + + } + response.setStatus(fieldsValidator.httpStatusCode.intValue()); + return fieldsValidator; + } /** * REST endpoint to process a request to delete an on-boarded application. @@ -765,8 +846,7 @@ public class AppsController extends EPRestrictedBaseController { * ID of app to delete * @return FieldsValidator */ - @RequestMapping(value = { "/portalApi/onboardingApps/{appId}" }, method = { - RequestMethod.DELETE }, produces = "application/json") + @DeleteMapping(value = { "/portalApi/onboardingApps/{appId}" }, produces = "application/json") public FieldsValidator deleteOnboardingApp(HttpServletRequest request, @PathVariable("appId") Long appId, HttpServletResponse response) { FieldsValidator fieldsValidator = null; @@ -778,12 +858,16 @@ public class AppsController extends EPRestrictedBaseController { fieldsValidator = appService.deleteOnboardingApp(user, appId); response.setStatus(fieldsValidator.httpStatusCode.intValue()); } + if (response.getStatus() == 200) { + logger.info(EELFLoggerDelegate.auditLogger, + "/portalApi/onboardingApps/" + appId + "deleted by user " + user.getLoginId()); + } } catch (Exception e) { logger.error(EELFLoggerDelegate.errorLogger, "deleteOnboardingApp failed", e); response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); } - - EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/onboardingApps" + appId, "DELETE result =", + + EcompPortalUtils.logAndSerializeObject(logger, PORTAL_API_ONBOARDING_APPS + appId, "DELETE result =", response.getStatus()); return fieldsValidator; } @@ -799,7 +883,7 @@ public class AppsController extends EPRestrictedBaseController { * Application ID * @return Bytes with the app thumbnail image; null if not available. */ - @RequestMapping(value = { "/portalApi/appThumbnail/{appId}" }, method = { RequestMethod.GET }) + @GetMapping(value = { "/portalApi/appThumbnail/{appId}" }) public HttpEntity getAppThumbnail(HttpServletRequest request, @PathVariable("appId") Long appId, HttpServletResponse response) { EPApp app = appService.getApp(appId); @@ -821,7 +905,29 @@ public class AppsController extends EPRestrictedBaseController { HttpHeaders header = new HttpHeaders(); header.setContentType(mediaType); header.setContentLength(app.getThumbnail().length); - return new HttpEntity(app.getThumbnail(), header); + return new HttpEntity<>(app.getThumbnail(), header); + } + + private void checkIfNameSpaceIsValid(OnboardingApp modifiedOnboardingApp, FieldsValidator fieldsValidator, HttpServletResponse response) + throws InvalidApplicationException { + try { + ResponseEntity res = appService.checkIfNameSpaceIsValid(modifiedOnboardingApp.getNameSpace()); + } catch (HttpClientErrorException e) { + logger.error(EELFLoggerDelegate.errorLogger, "checkIfNameSpaceExists failed", e); + EPLogUtil.logExternalAuthAccessAlarm(logger, e.getStatusCode()); + if (e.getStatusCode() == HttpStatus.NOT_FOUND || e.getStatusCode() == HttpStatus.FORBIDDEN) { + fieldsValidator = setResponse(e.getStatusCode(),response); + throw new InvalidApplicationException("Invalid NameSpace"); + }else{ + fieldsValidator = setResponse(e.getStatusCode(),response); + throw e; + } + } catch (Exception e) { + logger.error(EELFLoggerDelegate.errorLogger, "Exception in checkIfNameSpaceIsValid", e); + } } + private boolean isNotNullAndNotValid(Object o){ + return o!=null && !dataValidator.isValid(o); + } }