X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=ecomp-portal-BE-common%2Fsrc%2Fmain%2Fjava%2Forg%2Fonap%2Fportalapp%2Fportal%2Fcontroller%2FAppsControllerExternalRequest.java;h=fe029e0e3e1a02394048baa8bf607845e473bef8;hb=55e5a4959170392857aa8ad95e50a49488f2d409;hp=34aa481e697e1f351a9facee25ec71b0a59c2065;hpb=21a8761f684745bb300e075c7e98ad897ace9eed;p=portal.git

diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/AppsControllerExternalRequest.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/AppsControllerExternalRequest.java
index 34aa481e..fe029e0e 100644
--- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/AppsControllerExternalRequest.java
+++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/AppsControllerExternalRequest.java
@@ -33,15 +33,21 @@
  *
  * ============LICENSE_END============================================
  *
- * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ * 
  */
 package org.onap.portalapp.portal.controller;
 
 import java.util.List;
 
+import java.util.Set;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
+import javax.validation.ConstraintViolation;
+import javax.validation.Valid;
+import javax.validation.Validation;
+import javax.validation.Validator;
+import javax.validation.ValidatorFactory;
 import org.onap.portalapp.portal.domain.EPApp;
 import org.onap.portalapp.portal.domain.EPUser;
 import org.onap.portalapp.portal.ecomp.model.PortalRestResponse;
@@ -53,6 +59,7 @@ import org.onap.portalapp.portal.service.PortalAdminService;
 import org.onap.portalapp.portal.service.UserService;
 import org.onap.portalapp.portal.transport.FieldsValidator;
 import org.onap.portalapp.portal.transport.OnboardingApp;
+import org.onap.portalapp.portal.utils.EPCommonSystemProperties;
 import org.onap.portalapp.portal.utils.EcompPortalUtils;
 import org.onap.portalapp.portal.utils.PortalConstants;
 import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;
@@ -70,7 +77,7 @@ import io.swagger.annotations.ApiOperation;
 
 /**
  * Processes requests from external systems (i.e., not the front-end web UI).
- * First use case is ECOMP Controller, which has to create an admin and onboard
+ * First use case is ONAP Controller, which has to create an admin and onboard
  * itself upon launch of a fresh Portal.
  * 
  * Listens on the "auxapi" path prefix. Provides alternate implementations of
@@ -87,16 +94,12 @@ import io.swagger.annotations.ApiOperation;
 @EnableAspectJAutoProxy
 @EPAuditLog
 public class AppsControllerExternalRequest implements BasicAuthenticationController {
+	private static final ValidatorFactory VALIDATOR_FACTORY = Validation.buildDefaultValidatorFactory();
 
 	private EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(AppsControllerExternalRequest.class);
 
 	private static final String ONBOARD_APP = "/onboardApp";
 
-	// Where is this used?
-	public boolean isAuxRESTfulCall() {
-		return true;
-	}
-
 	/**
 	 * For testing whether a user is a superadmin.
 	 */
@@ -144,10 +147,20 @@ public class AppsControllerExternalRequest implements BasicAuthenticationControl
 	@RequestMapping(value = "/portalAdmin", method = RequestMethod.POST, produces = "application/json")
 	@ResponseBody
 	public PortalRestResponse<String> postPortalAdmin(HttpServletRequest request, HttpServletResponse response,
-			@RequestBody EPUser epUser) {
+			@Valid @RequestBody EPUser epUser) {
 		EcompPortalUtils.logAndSerializeObject(logger, "postPortalAdmin", "request", epUser);
 		PortalRestResponse<String> portalResponse = new PortalRestResponse<>();
 
+		if (epUser!=null){
+			Validator validator = VALIDATOR_FACTORY.getValidator();
+			Set<ConstraintViolation<EPUser>> constraintViolations = validator.validate(epUser);
+			if (!constraintViolations.isEmpty()){
+				portalResponse.setStatus(PortalRestStatusEnum.ERROR);
+				portalResponse.setMessage("Data is not valid");
+				return portalResponse;
+			}
+		}
+
 		// Check mandatory fields.
 		if (epUser.getEmail() == null || epUser.getEmail().trim().length() == 0 //
 				|| epUser.getLoginId() == null || epUser.getLoginId().trim().length() == 0 //
@@ -212,6 +225,7 @@ public class AppsControllerExternalRequest implements BasicAuthenticationControl
 			@PathVariable("appId") Long appId) {
 		EPApp epApp = appService.getApp(appId);
 		OnboardingApp obApp = new OnboardingApp();
+		epApp.setAppPassword(EPCommonSystemProperties.APP_DISPLAY_PASSWORD); //to hide password from get request
 		appService.createOnboardingFromApp(epApp, obApp);
 		EcompPortalUtils.logAndSerializeObject(logger, "getOnboardAppExternal", "response", obApp);
 		return obApp;
@@ -246,10 +260,18 @@ public class AppsControllerExternalRequest implements BasicAuthenticationControl
 	@RequestMapping(value = { ONBOARD_APP }, method = RequestMethod.POST, produces = "application/json")
 	@ResponseBody
 	public PortalRestResponse<String> postOnboardAppExternal(HttpServletRequest request, HttpServletResponse response,
-			@RequestBody OnboardingApp newOnboardApp) {
+			@Valid @RequestBody OnboardingApp newOnboardApp) {
 		EcompPortalUtils.logAndSerializeObject(logger, "postOnboardAppExternal", "request", newOnboardApp);
 		PortalRestResponse<String> portalResponse = new PortalRestResponse<>();
-
+		if (newOnboardApp != null){
+			Validator validator = VALIDATOR_FACTORY.getValidator();
+			Set<ConstraintViolation<OnboardingApp>> constraintViolations = validator.validate(newOnboardApp);
+			if (!constraintViolations.isEmpty()){
+				portalResponse.setStatus(PortalRestStatusEnum.ERROR);
+				portalResponse.setMessage("Data is not valid");
+				return portalResponse;
+			}
+		}
 		// Validate fields
 		if (newOnboardApp.id != null) {
 			portalResponse.setStatus(PortalRestStatusEnum.ERROR);
@@ -333,9 +355,20 @@ public class AppsControllerExternalRequest implements BasicAuthenticationControl
 	@RequestMapping(value = { ONBOARD_APP + "/{appId}" }, method = RequestMethod.PUT, produces = "application/json")
 	@ResponseBody
 	public PortalRestResponse<String> putOnboardAppExternal(HttpServletRequest request, HttpServletResponse response,
-			@PathVariable("appId") Long appId, @RequestBody OnboardingApp oldOnboardApp) {
+			@PathVariable("appId") Long appId, @Valid @RequestBody OnboardingApp oldOnboardApp) {
 		EcompPortalUtils.logAndSerializeObject(logger, "putOnboardAppExternal", "request", oldOnboardApp);
 		PortalRestResponse<String> portalResponse = new PortalRestResponse<>();
+
+		if (oldOnboardApp != null){
+			Validator validator = VALIDATOR_FACTORY.getValidator();
+			Set<ConstraintViolation<OnboardingApp>> constraintViolations = validator.validate(oldOnboardApp);
+			if (!constraintViolations.isEmpty()){
+				portalResponse.setStatus(PortalRestStatusEnum.ERROR);
+				portalResponse.setMessage("Data is not valid");
+				return portalResponse;
+			}
+		}
+
 		// Validate fields.
 		if (oldOnboardApp.id == null || !appId.equals(oldOnboardApp.id)) {
 			portalResponse.setStatus(PortalRestStatusEnum.ERROR);