<ref bean="jsonProvider"/>
<bean class="org.openecomp.sdc.action.errors.ActionExceptionMapper"/>
<bean class="org.openecomp.sdcrests.errors.DefaultExceptionMapper"/>
+ <bean class="org.openecomp.sdcrests.errors.ZusammenExceptionMapper"/>
<bean class="org.openecomp.sdc.logging.servlet.jaxrs.LoggingRequestFilter">
<property name="requestIdHeaders" value="X-ECOMP-RequestID,X-ONAP-RequestID"/>
<property name="partnerNameHeaders" value="USER_ID"/>
package org.openecomp.sdcrests.errors;
+import java.util.ArrayList;
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+
+import javax.validation.ConstraintViolation;
+import javax.validation.ConstraintViolationException;
+import javax.validation.Path;
+import javax.ws.rs.core.MediaType;
+import javax.ws.rs.core.Response;
+import javax.ws.rs.ext.ExceptionMapper;
+
import org.codehaus.jackson.map.JsonMappingException;
import org.hibernate.validator.internal.engine.path.PathImpl;
import org.openecomp.core.utilities.CommonMethods;
import org.openecomp.sdc.logging.api.Logger;
import org.openecomp.sdc.logging.api.LoggerFactory;
-import javax.validation.ConstraintViolation;
-import javax.validation.ConstraintViolationException;
-import javax.validation.Path;
-import javax.ws.rs.core.MediaType;
-import javax.ws.rs.core.Response;
-import javax.ws.rs.ext.ExceptionMapper;
-import java.util.ArrayList;
-import java.util.List;
-import java.util.Map;
-import java.util.Set;
-
public class DefaultExceptionMapper implements ExceptionMapper<Exception> {
- private static final String ERROR_CODES_TO_RESPONSE_STATUS_MAPPING_FILE =
- "errorCodesToResponseStatusMapping.json";
- @SuppressWarnings("unchecked")
- private static final Map<String, String> ERROR_CODE_TO_RESPONSE_STATUS =
- FileUtils.readViaInputStream(ERROR_CODES_TO_RESPONSE_STATUS_MAPPING_FILE,
- stream -> JsonUtil.json2Object(stream, Map.class));
-
- private static final Logger LOGGER = LoggerFactory.getLogger(DefaultExceptionMapper
- .class);
-
- @Override
- public Response toResponse(Exception exception) {
- Response response;
- if (exception instanceof CoreException) {
- response = transform(CoreException.class.cast(exception));
- } else if (exception instanceof ConstraintViolationException) {
- response = transform(ConstraintViolationException.class.cast(exception));
-
- } else if (exception instanceof JsonMappingException) {
- response = transform(JsonMappingException.class.cast(exception));
-
- } else {
- response = transform(exception);
+
+ private static final String ERROR_CODES_TO_RESPONSE_STATUS_MAPPING_FILE = "errorCodesToResponseStatusMapping.json";
+ @SuppressWarnings("unchecked")
+ private static final Map<String, String> ERROR_CODE_TO_RESPONSE_STATUS = FileUtils.readViaInputStream(
+ ERROR_CODES_TO_RESPONSE_STATUS_MAPPING_FILE, stream -> JsonUtil.json2Object(stream, Map.class));
+
+ private static final Logger LOGGER = LoggerFactory.getLogger(DefaultExceptionMapper.class);
+
+ @Override
+ public Response toResponse(Exception exception) {
+ Response response;
+ if (exception instanceof CoreException) {
+ response = transform(CoreException.class.cast(exception));
+ } else if (exception instanceof ConstraintViolationException) {
+ response = transform(ConstraintViolationException.class.cast(exception));
+
+ } else if (exception instanceof JsonMappingException) {
+ response = transform(JsonMappingException.class.cast(exception));
+
+ } else {
+ response = transform(exception);
+ }
+
+ List<Object> contentTypes = new ArrayList<>();
+ contentTypes.add(MediaType.APPLICATION_JSON);
+ response.getMetadata().put("Content-Type", contentTypes);
+ return response;
}
- List<Object> contentTypes = new ArrayList<>();
- contentTypes.add(MediaType.APPLICATION_JSON);
- response.getMetadata().put("Content-Type", contentTypes);
- return response;
- }
-
- private Response transform(CoreException coreException) {
- Response response;
- ErrorCode code = coreException.code();
- LOGGER.error(code.message(), coreException);
-
- if (coreException.code().category().equals(ErrorCategory.APPLICATION)) {
- if (Response.Status.NOT_FOUND.name().equals(ERROR_CODE_TO_RESPONSE_STATUS.get(code.id()))) {
- response = Response
- .status(Response.Status.NOT_FOUND)
- .entity(toEntity(Response.Status.NOT_FOUND, code))
- .build();
- } else if (Response.Status.BAD_REQUEST.name()
- .equals(ERROR_CODE_TO_RESPONSE_STATUS.get(code.id()))) {
- response = Response
- .status(Response.Status.BAD_REQUEST)
- .entity(toEntity(Response.Status.BAD_REQUEST, code))
- .build();
- } else {
- response = Response
- .status(Response.Status.EXPECTATION_FAILED)
- .entity(toEntity(Response.Status.EXPECTATION_FAILED, code))
- .build();
- }
- } else {
- response = Response
- .status(Response.Status.INTERNAL_SERVER_ERROR)
- .entity(toEntity(Response.Status.INTERNAL_SERVER_ERROR, code))
- .build();
+ private Response transform(CoreException coreException) {
+ Response response;
+ ErrorCode code = coreException.code();
+ LOGGER.error(code.message(), coreException);
+
+ if (coreException.code().category().equals(ErrorCategory.APPLICATION)) {
+ if (Response.Status.NOT_FOUND.name().equals(ERROR_CODE_TO_RESPONSE_STATUS.get(code.id()))) {
+ response = Response.status(Response.Status.NOT_FOUND).entity(toEntity(Response.Status.NOT_FOUND, code))
+ .build();
+ } else if (Response.Status.BAD_REQUEST.name().equals(ERROR_CODE_TO_RESPONSE_STATUS.get(code.id()))) {
+ response =
+ Response.status(Response.Status.BAD_REQUEST).entity(toEntity(Response.Status.BAD_REQUEST, code))
+ .build();
+ } else {
+ response = Response.status(Response.Status.EXPECTATION_FAILED)
+ .entity(toEntity(Response.Status.EXPECTATION_FAILED, code)).build();
+ }
+ } else {
+ response = Response.status(Response.Status.INTERNAL_SERVER_ERROR)
+ .entity(toEntity(Response.Status.INTERNAL_SERVER_ERROR, code)).build();
+ }
+
+
+ return response;
}
+ private Response transform(ConstraintViolationException validationException) {
+ Set<ConstraintViolation<?>> constraintViolationSet = validationException.getConstraintViolations();
+ String message;
- return response;
- }
+ String fieldName = null;
+ if (!CommonMethods.isEmpty(constraintViolationSet)) {
+ // getting the first violation message for the output response.
+ ConstraintViolation<?> constraintViolation = constraintViolationSet.iterator().next();
+ message = constraintViolation.getMessage();
+ fieldName = getFieldName(constraintViolation.getPropertyPath());
- private Response transform(ConstraintViolationException validationException) {
- Set<ConstraintViolation<?>> constraintViolationSet =
- validationException.getConstraintViolations();
- String message;
+ } else {
+ message = validationException.getMessage();
+ }
- String fieldName = null;
- if (!CommonMethods.isEmpty(constraintViolationSet)) {
- // getting the first violation message for the output response.
- ConstraintViolation<?> constraintViolation = constraintViolationSet.iterator().next();
- message = constraintViolation.getMessage();
- fieldName = getFieldName(constraintViolation.getPropertyPath());
+ ErrorCode validationErrorCode = new ValidationErrorBuilder(message, fieldName).build();
- } else {
- message = validationException.getMessage();
+ LOGGER.error(validationErrorCode.message(), validationException);
+ return Response.status(Response.Status.EXPECTATION_FAILED) //error 417
+ .entity(toEntity(Response.Status.EXPECTATION_FAILED, validationErrorCode)).build();
}
- ErrorCode validationErrorCode = new ValidationErrorBuilder(message, fieldName).build();
-
- LOGGER.error(validationErrorCode.message(), validationException);
- return Response
- .status(Response.Status.EXPECTATION_FAILED) //error 417
- .entity(toEntity(Response.Status.EXPECTATION_FAILED, validationErrorCode))
- .build();
- }
-
- private Response transform(JsonMappingException jsonMappingException) {
- ErrorCode jsonMappingErrorCode = new JsonMappingErrorBuilder().build();
- LOGGER.error(jsonMappingErrorCode.message(), jsonMappingException);
- return Response
- .status(Response.Status.EXPECTATION_FAILED) //error 417
- .entity(toEntity(Response.Status.EXPECTATION_FAILED, jsonMappingErrorCode))
- .build();
- }
-
- private Response transform(Exception exception) {
- ErrorCode errorCode = new GeneralErrorBuilder().build();
- LOGGER.error(errorCode.message(), exception);
- return Response
- .status(Response.Status.INTERNAL_SERVER_ERROR)
- .entity(toEntity(Response.Status.INTERNAL_SERVER_ERROR, errorCode))
- .build();
- }
-
- private String getFieldName(Path propertyPath) {
- return ((PathImpl) propertyPath).getLeafNode().toString();
- }
-
- private Object toEntity(Response.Status status, ErrorCode code) {
- return new ErrorCodeAndMessage(status, code);
- }
+ private Response transform(JsonMappingException jsonMappingException) {
+ ErrorCode jsonMappingErrorCode = new JsonMappingErrorBuilder().build();
+ LOGGER.error(jsonMappingErrorCode.message(), jsonMappingException);
+ return Response.status(Response.Status.EXPECTATION_FAILED) //error 417
+ .entity(toEntity(Response.Status.EXPECTATION_FAILED, jsonMappingErrorCode)).build();
+ }
+
+ private Response transform(Exception exception) {
+ ErrorCode errorCode = new GeneralErrorBuilder().build();
+ LOGGER.error(errorCode.message(), exception);
+ return Response.status(Response.Status.INTERNAL_SERVER_ERROR)
+ .entity(toEntity(Response.Status.INTERNAL_SERVER_ERROR, errorCode)).build();
+ }
+
+ private String getFieldName(Path propertyPath) {
+ return ((PathImpl) propertyPath).getLeafNode().toString();
+ }
+
+ private Object toEntity(Response.Status status, ErrorCode code) {
+ return new ErrorCodeAndMessage(status, code);
+ }
}
--- /dev/null
+/*
+ * Copyright © 2016-2018 European Support Limited
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.openecomp.sdcrests.errors;
+
+import com.amdocs.zusammen.datatypes.response.Module;
+
+import java.util.stream.Stream;
+
+import javax.ws.rs.core.Response;
+import javax.ws.rs.ext.ExceptionMapper;
+
+import org.openecomp.sdc.common.errors.ErrorCode;
+import org.openecomp.sdc.common.errors.ErrorCodeAndMessage;
+import org.openecomp.sdc.common.errors.GeneralErrorBuilder;
+import org.openecomp.sdc.common.errors.Messages;
+import org.openecomp.sdc.common.errors.SdcRuntimeException;
+import org.openecomp.sdc.logging.api.Logger;
+import org.openecomp.sdc.logging.api.LoggerFactory;
+
+public class ZusammenExceptionMapper implements ExceptionMapper<SdcRuntimeException> {
+ private static final String ZUSAMMEN_DB_PREFIX = Module.ZDB + "-";
+ private static final String VLM_VSP_VERSION_ID_DOES_NOT_EXISTS =
+ ZUSAMMEN_DB_PREFIX + com.amdocs.zusammen.datatypes.response.ErrorCode.ZU_ITEM_VERSION_NOT_EXIST;
+ private static final String VLM_VSP_ITEM_ID_DOES_NOT_EXISTS =
+ ZUSAMMEN_DB_PREFIX + com.amdocs.zusammen.datatypes.response.ErrorCode.ZU_ITEM_DOES_NOT_EXIST;
+ private static final String SUB_ENTITY_ID_DOES_NOT_EXISTS =
+ ZUSAMMEN_DB_PREFIX + com.amdocs.zusammen.datatypes.response.ErrorCode.ZU_ELEMENT_GET_INFO;
+ private static final String FAILED_TO_SYNC =
+ ZUSAMMEN_DB_PREFIX + com.amdocs.zusammen.datatypes.response.ErrorCode.ZU_ITEM_VERSION_SYNC;
+ private static final String FAILED_TO_PUBLISH_OUT_OF_SYNC =
+ ZUSAMMEN_DB_PREFIX + com.amdocs.zusammen.datatypes.response.ErrorCode
+ .ZU_ITEM_VERSION_PUBLISH_NOT_ALLOWED;
+
+ private static final Logger LOGGER = LoggerFactory.getLogger(ZusammenExceptionMapper.class);
+
+ @Override
+ public Response toResponse(SdcRuntimeException exception) {
+ return transform(exception);
+ }
+
+ private Response transform(SdcRuntimeException exception) {
+ if (Stream.of(VLM_VSP_ITEM_ID_DOES_NOT_EXISTS, VLM_VSP_VERSION_ID_DOES_NOT_EXISTS)
+ .anyMatch(exception.getMessage()::contains)) {
+ return generateSdcErrorResponse(Messages.ENTITY_NOT_FOUND, Response.Status.NOT_FOUND,
+ new SdcRuntimeException(Messages.ENTITY_NOT_FOUND.getErrorMessage(), exception));
+ } else if (exception.getMessage().contains(SUB_ENTITY_ID_DOES_NOT_EXISTS)) {
+ return generateSdcErrorResponse(Messages.SUB_ENTITY_NOT_FOUND, Response.Status.NOT_FOUND,
+ new SdcRuntimeException(Messages.SUB_ENTITY_NOT_FOUND.getErrorMessage(), exception));
+ } else if (exception.getMessage().contains(FAILED_TO_SYNC)) {
+ return generateSdcErrorResponse(Messages.FAILED_TO_SYNC, Response.Status.EXPECTATION_FAILED,
+ new SdcRuntimeException(Messages.FAILED_TO_SYNC.getErrorMessage(), exception));
+ } else if (exception.getMessage().contains(FAILED_TO_PUBLISH_OUT_OF_SYNC)) {
+ return generateSdcErrorResponse(Messages.FAILED_TO_PUBLISH_OUT_OF_SYNC, Response.Status.EXPECTATION_FAILED,
+ new SdcRuntimeException(Messages.FAILED_TO_PUBLISH_OUT_OF_SYNC.getErrorMessage(), exception));
+ }
+
+ return genericError(exception);
+ }
+
+ private Response generateSdcErrorResponse(Messages messages, Response.Status status, Exception exception) {
+ ErrorCode errorCode = new ErrorCode.ErrorCodeBuilder()
+ .withId(messages.name())
+ .withMessage(exception.getMessage()).build();
+
+ LOGGER.error(errorCode.message(), exception);
+ return Response.status(status).entity(new ErrorCodeAndMessage(status, errorCode)).build();
+ }
+
+ private Response genericError(Exception exception) {
+ ErrorCode errorCode = new GeneralErrorBuilder().build();
+ LOGGER.error(errorCode.message(), exception);
+ return Response.status(Response.Status.INTERNAL_SERVER_ERROR)
+ .entity(new ErrorCodeAndMessage(Response.Status.INTERNAL_SERVER_ERROR, errorCode)).build();
+ }
+}
"PACKAGE_NOT_FOUND": "NOT_FOUND",
"PACKAGE_INVALID": "BAD_REQUEST",
"VENDOR_LICENSE_MODEL_NOT_FOUND": "NOT_FOUND",
- "VENDOR_LICENSE_ENTITY_NOT_FOUND": "NOT_FOUND"
+ "VENDOR_LICENSE_ENTITY_NOT_FOUND": "NOT_FOUND",
+ "VERSIONABLE_SUB_ENTITY_NOT_FOUND": "NOT_FOUND",
+ "FEATURE_GROUP_NOT_EXIST_FOR_VSP": "NOT_FOUND",
+ "INVALID_COMPUTE_FLAVOR_ID": "NOT_FOUND"
}
\ No newline at end of file
if (!permissionsServices.isAllowed(itemId, currentUser, CHANGE_PERMISSIONS)) {
throw new CoreException(new ErrorCode.ErrorCodeBuilder()
.withMessage(Messages.PERMISSIONS_ERROR.getErrorMessage())
- .withId(Messages.PERMISSIONS_ERROR.getErrorMessage())
+ .withId(Messages.PERMISSIONS_ERROR.name())
.withCategory(ErrorCategory.SECURITY).build());
}
} else {
throw new CoreException(new ErrorCode.ErrorCodeBuilder()
.withMessage(Messages.PERMISSIONS_OWNER_ERROR.getErrorMessage())
- .withId(Messages.PERMISSIONS_OWNER_ERROR.getErrorMessage())
+ .withId(Messages.PERMISSIONS_OWNER_ERROR.name())
.withCategory(ErrorCategory.SECURITY).build());
}
}
package org.openecomp.sdc.vendorsoftwareproduct.errors;
-
import org.openecomp.sdc.common.errors.ErrorCategory;
import org.openecomp.sdc.common.errors.ErrorCode;
import org.openecomp.sdc.versioning.dao.types.Version;
private static final String CREATE_DEPLOYMENT_FLAVOR_NOT_ALLOWED_IN_HEAT_ONBOARDING_MSG =
"Deployment Flavor cannot be added for VSPs onboarded with HEAT.";
private static final String FEATURE_GROUP_NOT_EXIST_FOR_VSP_MSG =
- "Invalid request,Feature Group with Id %s does not exist for Vsp with Id %s and version "
- + "%s.";
+ "Invalid request, Feature Group provided does not exist for this Vsp.";
private static final String INVALID_COMPONENT_COMPUTE_ASSOCIATION_MSG
= "Invalid request,for valid association please provide ComponentId for Compute Flavor";
private static final String SAME_VFC_ASSOCIATION_MORE_THAN_ONCE_NOT_ALLOWED_MSG =
private static final String DEPLOYMENT_FLAVOUR_NAME_FORMAT_MSG = "Field does not conform to predefined criteria"
+ ": name : must match %s";
private static final String INVALID_COMPUTE_FLAVOR_ID_MSG =
- "Invalid request, Compute Flavor with Id %s does not exist for VFC with Id %s.";
+ "Invalid request, Compute Flavor provided does not exist for this VFC.";
private static final String INVALID_COMPONENT_COMPUTE_ASSOCIATION_ERROR_MSG="VSP cannot be " +
"submitted with an invalid Deployment Flavor. All Deployment Flavor should have atleast a VFC included with it's required Compute needs. " +
"Please fix the Deployment Flavor %s and re-submit the VSP.";
ErrorCode.ErrorCodeBuilder builder = new ErrorCode.ErrorCodeBuilder();
builder.withId(VendorSoftwareProductErrorCodes.FEATURE_GROUP_NOT_EXIST_FOR_VSP);
builder.withCategory(ErrorCategory.APPLICATION);
- builder.withMessage(String.format(FEATURE_GROUP_NOT_EXIST_FOR_VSP_MSG,featureGroupId,
- vspId,activeVersion.toString()));
+ builder.withMessage(FEATURE_GROUP_NOT_EXIST_FOR_VSP_MSG);
return builder.build();
}
<groupId>org.apache.commons</groupId>
<artifactId>commons-text</artifactId>
</dependency>
+ <dependency>
+ <groupId>com.amdocs.zusammen</groupId>
+ <artifactId>zusammen-datatypes</artifactId>
+ <version>${zusammen.version}</version>
+ </dependency>
</dependencies>
</project>
PERMISSIONS_ERROR("Permissions Error. The user does not have permission to perform this action."),
PERMISSIONS_OWNER_ERROR("Permissions Error. Only one owner is allowed."),
+ ENTITY_NOT_FOUND("Incorrect item/version details provided."),
+ SUB_ENTITY_NOT_FOUND("Incorrect sub entity details provided."),
+ FAILED_TO_SYNC("Non existing version cannot be synced."),
+ FAILED_TO_PUBLISH_OUT_OF_SYNC("Publish is not allowed since the version status is Out of sync"),
+
DELETE_VSP_ERROR("VSP has been certified and cannot be deleted."),
DELETE_VLM_ERROR("VLM has been certified and cannot be deleted."),
package org.openecomp.core.util;
+import java.util.Optional;
+
+import org.apache.commons.lang3.ArrayUtils;
import org.openecomp.core.dao.UniqueValueDao;
import org.openecomp.core.dao.types.UniqueValueEntity;
import org.openecomp.core.utilities.CommonMethods;
import org.openecomp.sdc.common.errors.ErrorCategory;
import org.openecomp.sdc.common.errors.ErrorCode;
-import java.util.Optional;
-
public class UniqueValueUtil {
private static final String UNIQUE_VALUE_VIOLATION = "UNIQUE_VALUE_VIOLATION";
* @param uniqueCombination the unique combination
*/
public void createUniqueValue(String type, String... uniqueCombination) {
- formatValue(uniqueCombination).ifPresent(formattedValue -> {
- validateUniqueValue(type, formattedValue, uniqueCombination);
- uniqueValueDao.create(new UniqueValueEntity(type, formattedValue));
- });
+ String originalEntityName = null;
+ if (ArrayUtils.isNotEmpty(uniqueCombination)) {
+ originalEntityName = uniqueCombination[uniqueCombination.length - 1];
+ }
+
+ Optional<String> formattedValue = formatValue(uniqueCombination);
+ if (formattedValue.isPresent()) {
+ validateUniqueValue(type, formattedValue.get(), originalEntityName);
+ uniqueValueDao.create(new UniqueValueEntity(type, formattedValue.get()));
+ }
}
/**
* @param uniqueCombination the unique combination
*/
public void validateUniqueValue(String type, String... uniqueCombination) {
- formatValue(uniqueCombination)
- .ifPresent(formattedValue -> validateUniqueValue(type, formattedValue, uniqueCombination));
+ String originalEntityName = null;
+ if (ArrayUtils.isNotEmpty(uniqueCombination)) {
+ originalEntityName = uniqueCombination[uniqueCombination.length - 1];
+ }
+
+ Optional<String> formattedValue = formatValue(uniqueCombination);
+ if (formattedValue.isPresent()) {
+ validateUniqueValue(type, formattedValue.get(), originalEntityName);
+ }
}
/**
.orElse(false);
}
- private void validateUniqueValue(String type, String formattedValue,
- String... uniqueCombination) {
+ private void validateUniqueValue(String type, String formattedValue, String originalEntityName) {
if (isUniqueValueOccupied(type, formattedValue)) {
throw new CoreException(new ErrorCode.ErrorCodeBuilder()
.withCategory(ErrorCategory.APPLICATION)
.withId(UNIQUE_VALUE_VIOLATION)
.withMessage(String
- .format(UNIQUE_VALUE_VIOLATION_MSG, type, getValueWithoutContext(uniqueCombination)))
+ .format(UNIQUE_VALUE_VIOLATION_MSG, type, originalEntityName))
.build());
}
}
package org.openecomp.sdc.itempermissions.servlet;
-import org.openecomp.sdc.itempermissions.PermissionsServices;
-import org.openecomp.sdc.itempermissions.PermissionsServicesFactory;
-
+import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.ws.rs.HttpMethod;
-import java.io.IOException;
+import javax.ws.rs.core.Response;
+
+import org.codehaus.jackson.map.ObjectMapper;
+import org.openecomp.sdc.common.errors.ErrorCode;
+import org.openecomp.sdc.common.errors.ErrorCodeAndMessage;
+import org.openecomp.sdc.common.errors.Messages;
+import org.openecomp.sdc.itempermissions.PermissionsServices;
+import org.openecomp.sdc.itempermissions.PermissionsServicesFactory;
+import org.openecomp.sdc.logging.api.Logger;
+import org.openecomp.sdc.logging.api.LoggerFactory;
/**
* Created by ayalaben on 6/27/2017.
*/
public class PermissionsFilter implements Filter {
- private final PermissionsServices permissionsServices;
- private static final String IRRELEVANT_REQUEST = "Irrelevant_Request";
- private static final String EDIT_ITEM = "Edit_Item";
+ private static final Logger LOGGER = LoggerFactory.getLogger(PermissionsFilter.class);
+ private final PermissionsServices permissionsServices;
+ private static final String IRRELEVANT_REQUEST = "Irrelevant_Request";
+ private static final String EDIT_ITEM = "Edit_Item";
- public PermissionsFilter() {
- this.permissionsServices = PermissionsServicesFactory.getInstance().createInterface();
- }
+ public PermissionsFilter() {
+ this.permissionsServices = PermissionsServicesFactory.getInstance().createInterface();
+ }
- @Override
- public void init(FilterConfig filterConfig) {
- // required by servlet API
- }
+ @Override
+ public void init(FilterConfig filterConfig) {
+ // required by servlet API
+ }
- @Override
- public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse,
- FilterChain filterChain) throws IOException, ServletException {
+ @Override
+ public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain)
+ throws IOException, ServletException {
- if ((servletRequest instanceof HttpServletRequest) &&
- isIrrelevant((HttpServletRequest) servletRequest, servletResponse)) {
- return;
+ if ((servletRequest instanceof HttpServletRequest)
+ && isRelevant((HttpServletRequest) servletRequest, servletResponse)) {
+ filterChain.doFilter(servletRequest, servletResponse);
+ }
}
- filterChain.doFilter(servletRequest, servletResponse);
- }
+ private boolean isRelevant(HttpServletRequest servletRequest, ServletResponse servletResponse) throws IOException {
+ String method = servletRequest.getMethod();
+ if (method.equals(HttpMethod.POST) || method.equals(HttpMethod.PUT) || method.equals(HttpMethod.DELETE)) {
- private boolean isIrrelevant(HttpServletRequest servletRequest, ServletResponse servletResponse) throws IOException {
+ String userId = servletRequest.getHeader("USER_ID");
+ String itemId = parseItemIdFromPath(servletRequest.getPathInfo());
+ if (!itemId.equals(IRRELEVANT_REQUEST) && !permissionsServices.isAllowed(itemId, userId, EDIT_ITEM)) {
+ ((HttpServletResponse) servletResponse).setStatus(HttpServletResponse.SC_FORBIDDEN);
+ servletResponse.getWriter().print(buildResponse(Response.Status.FORBIDDEN,
+ Messages.PERMISSIONS_ERROR.getErrorMessage(),
+ Messages.PERMISSIONS_ERROR.name()));
+ return false;
+ }
+ }
- String method = servletRequest.getMethod();
- if (method.equals(HttpMethod.POST) || method.equals(HttpMethod.PUT) || method.equals(HttpMethod.DELETE)) {
-
- String userId = servletRequest.getHeader("USER_ID");
- String itemId = parseItemIdFromPath(servletRequest.getPathInfo());
+ return true;
+ }
- if (!itemId.equals(IRRELEVANT_REQUEST) && !permissionsServices.isAllowed(itemId,userId,EDIT_ITEM)) {
- ((HttpServletResponse) servletResponse).setStatus(HttpServletResponse.SC_FORBIDDEN);
- servletResponse.getWriter().print("Permissions Error. The user does not have " +
- "permission to perform" +
- " this action.");
- return true;
+ private String parseItemIdFromPath(String pathInfo) {
+ String[] tokens = pathInfo.split("/");
+ if (tokens.length < 4) {
+ return IRRELEVANT_REQUEST;
+ } else {
+ return tokens[3];
}
}
- return false;
- }
+ @Override
+ public void destroy() {
+ // required by serlvet API
+ }
- private String parseItemIdFromPath(String pathInfo) {
- String[] tokens = pathInfo.split("/");
- if (tokens.length < 4) {
- return IRRELEVANT_REQUEST;
- } else {
- return tokens[3];
+ private String buildResponse(Response.Status status, String message, String id) {
+ ErrorCode errorCode = new ErrorCode.ErrorCodeBuilder()
+ .withId(id)
+ .withMessage(message).build();
+ return objectToJsonString(new ErrorCodeAndMessage(status, errorCode));
}
- }
- @Override
- public void destroy() {
- // required by serlvet API
- }
+ private String objectToJsonString(Object obj) {
+ try {
+ return new ObjectMapper().writerWithDefaultPrettyPrinter().writeValueAsString(obj);
+ } catch (Exception e) {
+ LOGGER.error(e.getMessage(), e);
+ return "An internal error has occurred. Please contact support.";
+ }
+ }
}
Code Review / sdc.git / commitdiff