X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=ecomp-portal-BE-common%2Fsrc%2Fmain%2Fjava%2Forg%2Fonap%2Fportalapp%2Fportal%2Fcontroller%2FRoleManageController.java;h=ead2ee9bc48ac7a9aae9919810aa5030f7bf7c6b;hb=858fda6824501c6d40a7fc5a130d2c04510c5231;hp=b50d1cf43e43aa2fe4e2668ee0fd9f9a577d8400;hpb=9c75bfe936c5deb4775ecef059d3fedbd5a96352;p=portal.git

diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/RoleManageController.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/RoleManageController.java
index b50d1cf4..ead2ee9b 100644
--- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/RoleManageController.java
+++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/RoleManageController.java
@@ -4,17 +4,19 @@
  * ===================================================================
  * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
  * ===================================================================
- * Modifications Copyright (c) 2019 Samsung
+ * Modifications Copyright (c) 2019 Samsung 
  * ===================================================================
+ * Modifications Copyright (c) 2020 IBM
+ * =================================================================== 
  *
  * Unless otherwise specified, all software contained herein is licensed
- * under the Apache License, Version 2.0 (the "License");
+ * under the Apache License, Version 2.0 (the "License"); 
  * you may not use this software except in compliance with the License.
  * You may obtain a copy of the License at
- *
+ * 
  *             http://www.apache.org/licenses/LICENSE-2.0
  *
- * Unless required by applicable law or agreed to in writing, software
+ * Unless required by applicable law or agreed to in writing, software 
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
@@ -46,10 +48,8 @@ import java.util.List;
 import java.util.Map;
 import java.util.Set;
 import java.util.TreeSet;
-
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
-
 import javax.validation.ConstraintViolation;
 import javax.validation.Valid;
 import javax.validation.Validation;
@@ -97,11 +97,10 @@ import org.springframework.context.annotation.EnableAspectJAutoProxy;
 import org.springframework.http.ResponseEntity;
 import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.web.bind.annotation.RequestBody;
-import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RequestMethod;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.RestController;
 import org.springframework.web.servlet.ModelAndView;
-
 import com.fasterxml.jackson.databind.DeserializationFeature;
 import com.fasterxml.jackson.databind.JsonNode;
 import com.fasterxml.jackson.databind.ObjectMapper;
@@ -157,7 +156,7 @@ public class RoleManageController extends EPRestrictedBaseController {
 	 * @throws Exception
 	 */
 
-	@RequestMapping(value = { "/portalApi/get_roles/{appId}" }, method = RequestMethod.GET)
+	@GetMapping(value = { "/portalApi/get_roles/{appId}" })
 	public void getRoles(HttpServletRequest request, HttpServletResponse response, @PathVariable("appId") Long appId)
 			throws Exception {
 		try {
@@ -186,7 +185,7 @@ public class RoleManageController extends EPRestrictedBaseController {
 		}
 	}
 
-	@RequestMapping(value = { "/portalApi/role_list/toggleRole/{appId}/{roleId}" }, method = RequestMethod.POST)
+	@PostMapping(value = { "/portalApi/role_list/toggleRole/{appId}/{roleId}" })
 	public Map<String, Object> toggleRole(HttpServletRequest request, HttpServletResponse response,
 			@PathVariable("appId") Long appId, @PathVariable("roleId") Long roleId) throws Exception {
 		EPApp requestedApp = null;
@@ -230,7 +229,7 @@ public class RoleManageController extends EPRestrictedBaseController {
 		return responseMap;
 	}
 
-	@RequestMapping(value = { "/portalApi/role_list/removeRole/{appId}/{roleId}" }, method = RequestMethod.POST)
+	@PostMapping(value = { "/portalApi/role_list/removeRole/{appId}/{roleId}" })
 	public Map<String, Object> removeRole(HttpServletRequest request, HttpServletResponse response,
 			@PathVariable("appId") Long appId, @PathVariable("roleId") Long roleId) throws Exception {
 
@@ -296,7 +295,7 @@ public class RoleManageController extends EPRestrictedBaseController {
 		return responseMap;
 	}
 
-	@RequestMapping(value = { "/portalApi/role/saveRole/{appId}" }, method = RequestMethod.POST)
+	@PostMapping(value = { "/portalApi/role/saveRole/{appId}" })
 	public Map<String, Object> saveRole(HttpServletRequest request, HttpServletResponse response,
 			@PathVariable("appId") Long appId) throws Exception {
 		EPUser user = EPUserUtils.getUserSession(request);
@@ -333,7 +332,7 @@ public class RoleManageController extends EPRestrictedBaseController {
 							if (existRole.getName().equalsIgnoreCase(role.getName()))
 								throw new DuplicateRecordException("Role already exists: " + existRole.getName());
 
-						domainRole = new CentralV2Role();
+                        domainRole = new CentralV2Role.CentralV2RoleBuilder().createCentralV2Role();
 						domainRole.setName(role.getName());
 						domainRole.setPriority(role.getPriority());
 						domainRole.setActive(role.getActive());
@@ -418,29 +417,29 @@ public class RoleManageController extends EPRestrictedBaseController {
 		return responseMap;
 	}
 
-	@RequestMapping(value = { "/portalApi/role/removeRoleFunction" }, method = RequestMethod.POST)
+	@PostMapping(value = { "/portalApi/role/removeRoleFunction" })
 	public ModelAndView removeRoleRoleFunction(HttpServletRequest request, HttpServletResponse response)
 			throws Exception {
 		return getRoleController().removeRoleFunction(request, response);
 	}
 
-	@RequestMapping(value = { "/portalApi/role/addRoleFunction" }, method = RequestMethod.POST)
+	@PostMapping(value = { "/portalApi/role/addRoleFunction" })
 	public ModelAndView addRoleRoRoleFunction(HttpServletRequest request, HttpServletResponse response)
 			throws Exception {
 		return getRoleController().addRoleFunction(request, response);
 	}
 
-	@RequestMapping(value = { "/portalApi/role/removeChildRole" }, method = RequestMethod.POST)
+	@PostMapping(value = { "/portalApi/role/removeChildRole" })
 	public ModelAndView removeChildRole(HttpServletRequest request, HttpServletResponse response) throws Exception {
 		return getRoleController().removeChildRole(request, response);
 	}
 
-	@RequestMapping(value = { "/portalApi/role/addChildRole" }, method = RequestMethod.POST)
+	@PostMapping(value = { "/portalApi/role/addChildRole" })
 	public ModelAndView addChildRole(HttpServletRequest request, HttpServletResponse response) throws Exception {
 		return getRoleController().addChildRole(request, response);
 	}
 
-	@RequestMapping(value = { "/portalApi/get_role/{appId}/{roleId}" }, method = RequestMethod.GET)
+	@GetMapping(value = { "/portalApi/get_role/{appId}/{roleId}" })
 	public void getRole(HttpServletRequest request, HttpServletResponse response, @PathVariable("appId") Long appId,
 			@PathVariable("roleId") Long roleId) throws Exception {
 		try {
@@ -474,7 +473,7 @@ public class RoleManageController extends EPRestrictedBaseController {
 		}
 	}
 
-	@RequestMapping(value = { "/portalApi/get_role_functions/{appId}" }, method = RequestMethod.GET)
+	@GetMapping(value = { "/portalApi/get_role_functions/{appId}" })
 	public void getRoleFunctionList(HttpServletRequest request, HttpServletResponse response,
 			@PathVariable("appId") Long appId) throws Exception {
 		try {
@@ -505,7 +504,7 @@ public class RoleManageController extends EPRestrictedBaseController {
 		}
 	}
 
-	@RequestMapping(value = { "/portalApi/role_function_list/saveRoleFunction/{appId}" }, method = RequestMethod.POST)
+	@PostMapping(value = { "/portalApi/role_function_list/saveRoleFunction/{appId}" })
 	public PortalRestResponse<String> saveRoleFunction(HttpServletRequest request, HttpServletResponse response, @Valid @RequestBody CentralV2RoleFunction roleFunc,
 			@PathVariable("appId") Long appId) throws Exception {
 		if (roleFunc!=null) {
@@ -517,13 +516,14 @@ public class RoleManageController extends EPRestrictedBaseController {
 				return new PortalRestResponse<>(PortalRestStatusEnum.ERROR, "Data is not valid", "ERROR");
 			}
 		}
+
 		EPUser user = EPUserUtils.getUserSession(request);
 		boolean saveOrUpdateResponse = false;
 		try {
 			EPApp requestedApp = appService.getApp(appId);
 			if (isAuthorizedUser(user, requestedApp)) {
 				fieldsValidation(requestedApp);
-				if (requestedApp.getCentralAuth()) {
+				if (requestedApp.getCentralAuth() && roleFunc!=null) {
 					String code = roleFunc.getType() + PIPE + roleFunc.getCode() + PIPE + roleFunc.getAction();
 					CentralV2RoleFunction domainRoleFunction = externalAccessRolesService.getRoleFunction(code,
 							requestedApp.getUebKey());
@@ -601,7 +601,7 @@ public class RoleManageController extends EPRestrictedBaseController {
 		}
 	}
 
-	@RequestMapping(value = { "/portalApi/role_function_list/removeRoleFunction/{appId}" }, method = RequestMethod.POST)
+	@PostMapping(value = { "/portalApi/role_function_list/removeRoleFunction/{appId}" })
 	public PortalRestResponse<String> removeRoleFunction(HttpServletRequest request, HttpServletResponse response,
 			@RequestBody String roleFunc, @PathVariable("appId") Long appId) throws Exception {
 		EPUser user = EPUserUtils.getUserSession(request);
@@ -678,8 +678,8 @@ public class RoleManageController extends EPRestrictedBaseController {
 		return new PortalRestResponse<>(PortalRestStatusEnum.OK, "Deleted Successfully!", "Success");
 	}
 
-	@RequestMapping(value = { "/portalApi/centralizedApps" }, method = RequestMethod.GET)
-	public List<CentralizedApp> getCentralizedAppRoles(HttpServletRequest request, HttpServletResponse response, String userId) throws IOException {
+	@GetMapping(value = { "/portalApi/centralizedApps" })
+	public List<CentralizedApp> getCentralizedAppRoles(HttpServletRequest request, HttpServletResponse response, String userId) {
 		if(userId!=null) {
 			SecureString secureString = new SecureString(userId);
 
@@ -691,6 +691,7 @@ public class RoleManageController extends EPRestrictedBaseController {
 				return null;
 			}
 		}
+
 		EPUser user = EPUserUtils.getUserSession(request);
 		List<CentralizedApp> applicationsList = null;
 		if (adminRolesService.isAccountAdmin(user) || adminRolesService.isSuperAdmin(user)
@@ -720,7 +721,7 @@ public class RoleManageController extends EPRestrictedBaseController {
 		this.roleController = roleController;
 	}
 
-	@RequestMapping(value = { "/portalApi/syncRoles" }, method = RequestMethod.POST, produces = "application/json")
+	@PostMapping(value = { "/portalApi/syncRoles" }, produces = "application/json")
 	public PortalRestResponse<String> syncRoles(HttpServletRequest request, HttpServletResponse response,
 			@RequestBody Long appId) {
 		EPUser user = EPUserUtils.getUserSession(request);
@@ -742,7 +743,7 @@ public class RoleManageController extends EPRestrictedBaseController {
 		return new PortalRestResponse<>(PortalRestStatusEnum.OK, "Sync roles completed successfully!", "Success");
 	}
 
-	@RequestMapping(value = { "/portalApi/syncFunctions" }, method = RequestMethod.POST, produces = "application/json")
+	@PostMapping(value = { "/portalApi/syncFunctions" }, produces = "application/json")
 	public PortalRestResponse<String> syncFunctions(HttpServletRequest request, HttpServletResponse response,
 			@RequestBody Long appId) {
 		EPUser user = EPUserUtils.getUserSession(request);
@@ -817,7 +818,7 @@ public class RoleManageController extends EPRestrictedBaseController {
 
 	private boolean isAuthorizedUser(EPUser user, EPApp requestedApp) {
 		if (user != null && (adminRolesService.isAccountAdminOfApplication(user, requestedApp)
-				|| (adminRolesService.isSuperAdmin(user) && requestedApp.getId() == PortalConstants.PORTAL_APP_ID)))
+				|| (adminRolesService.isSuperAdmin(user) && requestedApp.getId().equals(PortalConstants.PORTAL_APP_ID))))
 			return true;
 		return false;
 	}
@@ -827,8 +828,8 @@ public class RoleManageController extends EPRestrictedBaseController {
 		response.getWriter().write("Unauthorized User");
 	}
 
-	@RequestMapping(value = {
-			"/portalApi/uploadRoleFunction/{appId}" }, method = RequestMethod.POST, produces = "application/json")
+	@PostMapping(value = {
+			"/portalApi/uploadRoleFunction/{appId}" }, produces = "application/json")
 	public PortalRestResponse<String> bulkUploadRoleFunc(HttpServletRequest request, HttpServletResponse response,
 			@RequestBody UploadRoleFunctionExtSystem data, @PathVariable("appId") Long appId) {
 		EPUser user = EPUserUtils.getUserSession(request);