2 * ============LICENSE_START==========================================
4 * ===================================================================
5 * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
6 * ===================================================================
7 * Modifications Copyright (c) 2019 Samsung
8 * ===================================================================
9 * Modification Copyright © 2020 IBM.
10 * ===================================================================
12 * Unless otherwise specified, all software contained herein is licensed
13 * under the Apache License, Version 2.0 (the "License");
14 * you may not use this software except in compliance with the License.
15 * You may obtain a copy of the License at
17 * http://www.apache.org/licenses/LICENSE-2.0
19 * Unless required by applicable law or agreed to in writing, software
20 * distributed under the License is distributed on an "AS IS" BASIS,
21 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
22 * See the License for the specific language governing permissions and
23 * limitations under the License.
25 * Unless otherwise specified, all documentation contained herein is licensed
26 * under the Creative Commons License, Attribution 4.0 Intl. (the "License");
27 * you may not use this documentation except in compliance with the License.
28 * You may obtain a copy of the License at
30 * https://creativecommons.org/licenses/by/4.0/
32 * Unless required by applicable law or agreed to in writing, documentation
33 * distributed under the License is distributed on an "AS IS" BASIS,
34 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
35 * See the License for the specific language governing permissions and
36 * limitations under the License.
38 * ============LICENSE_END============================================
42 package org.onap.portalapp.portal.controller;
44 import java.io.IOException;
45 import java.util.ArrayList;
46 import java.util.Calendar;
47 import java.util.HashMap;
48 import java.util.List;
51 import javax.servlet.http.HttpServletRequest;
52 import javax.servlet.http.HttpServletResponse;
54 import org.onap.portalapp.controller.EPRestrictedRESTfulBaseController;
55 import org.onap.portalapp.music.conf.MusicSession;
56 import org.onap.portalapp.music.util.MusicUtil;
57 import org.onap.portalapp.portal.domain.EPApp;
58 import org.onap.portalapp.portal.domain.EPRole;
59 import org.onap.portalapp.portal.domain.EPServiceCookie;
60 import org.onap.portalapp.portal.domain.EPUser;
61 import org.onap.portalapp.portal.logging.aop.EPAuditLog;
62 import org.onap.portalapp.portal.service.AdminRolesService;
63 import org.onap.portalapp.portal.service.EPLoginService;
64 import org.onap.portalapp.portal.service.EPRoleService;
65 import org.onap.portalapp.portal.service.FunctionalMenuService;
66 import org.onap.portalapp.portal.service.UserNotificationService;
67 import org.onap.portalapp.portal.transport.EpNotificationItem;
68 import org.onap.portalapp.portal.transport.FavoritesFunctionalMenuItemJson;
69 import org.onap.portalapp.portal.transport.FieldsValidator;
70 import org.onap.portalapp.portal.transport.FunctionalMenuItem;
71 import org.onap.portalapp.portal.utils.EPCommonSystemProperties;
72 import org.onap.portalapp.portal.utils.EcompPortalUtils;
73 import org.onap.portalapp.portal.utils.PortalConstants;
74 import org.onap.portalapp.validation.DataValidator;
75 import org.onap.portalapp.validation.SecureString;
76 import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;
77 import org.onap.portalsdk.core.onboarding.crossapi.PortalAPIResponse;
78 import org.onap.portalsdk.core.onboarding.util.CipherUtil;
79 import org.onap.portalsdk.core.util.SystemProperties;
81 import org.springframework.beans.factory.annotation.Autowired;
82 import org.springframework.context.annotation.Configuration;
83 import org.springframework.context.annotation.EnableAspectJAutoProxy;
84 import org.springframework.http.HttpStatus;
85 import org.springframework.web.bind.annotation.ExceptionHandler;
86 import org.springframework.web.bind.annotation.RequestBody;
87 import org.springframework.web.bind.annotation.RequestMapping;
88 import org.springframework.web.bind.annotation.GetMapping;
89 import org.springframework.web.bind.annotation.PostMapping;
90 import org.springframework.web.bind.annotation.PutMapping;
91 import org.springframework.web.bind.annotation.DeleteMapping;
92 import org.springframework.web.bind.annotation.RequestMethod;
93 import org.springframework.web.bind.annotation.ResponseBody;
94 import org.springframework.web.bind.annotation.RestController;
96 import io.swagger.annotations.ApiOperation;
99 @RequestMapping(PortalConstants.REST_AUX_API)
101 @EnableAspectJAutoProxy
103 public class ExternalAppsRestfulController extends EPRestrictedRESTfulBaseController {
105 private EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(ExternalAppsRestfulController.class);
106 private final DataValidator DATA_VALIDATOR = new DataValidator();
109 private FunctionalMenuService functionalMenuService;
112 private EPLoginService epLoginService;
115 private AdminRolesService adminRolesService;
118 private UserNotificationService userNotificationService;
121 private EPRoleService epRoleService;
123 @ApiOperation(value = "Creates a Portal user notification for roles identified in the content from an external application.", response = PortalAPIResponse.class)
124 @PostMapping(value = { "/publishNotification" }, produces = "application/json")
126 public PortalAPIResponse publishNotification(HttpServletRequest request,
127 @RequestBody EpNotificationItem notificationItem) throws Exception {
129 if(!DATA_VALIDATOR.isValid(notificationItem)){
130 PortalAPIResponse response = new PortalAPIResponse(false, "failed");
133 String appKey = request.getHeader("uebkey");
134 EPApp app = findEpApp(appKey);
135 List<Long> postRoleIds = new ArrayList<Long>();
137 for (Long roleId : notificationItem.getRoleIds()) {
138 EPRole role = epRoleService.getRole(app.getId(), roleId);
140 postRoleIds.add(role.getId());
144 // --- recreate the user notification object with the POrtal Role Ids
145 EpNotificationItem postItem = new EpNotificationItem();
146 postItem.setRoleIds(postRoleIds);
147 postItem.setIsForAllRoles("N");
148 postItem.setIsForOnlineUsers("N");
149 postItem.setActiveYn("Y");
150 postItem.setPriority(notificationItem.getPriority());
151 postItem.setMsgHeader(notificationItem.getMsgHeader());
152 postItem.setMsgDescription(notificationItem.getMsgDescription());
153 postItem.setStartTime(notificationItem.getStartTime());
154 postItem.setEndTime(notificationItem.getEndTime());
155 postItem.setCreatedDate(Calendar.getInstance().getTime());
156 // default creator to 1 for now
157 postItem.setCreatorId(PortalConstants.DEFAULT_NOTIFICATION_CREATOR);
161 userNotificationService.saveNotification(postItem);
162 } catch (Exception e) {
163 return new PortalAPIResponse(false, e.getMessage());
166 PortalAPIResponse response = new PortalAPIResponse(true, "success");
170 private EPApp findEpApp(String uebKey) {
172 Map<String, String> params = new HashMap<>();
173 params.put("appKey", uebKey);
175 list = this.getDataAccessService().executeNamedQuery("getMyAppDetailsByUebKey", params, null);
176 } catch (Exception e) {
177 logger.error(EELFLoggerDelegate.errorLogger, "getMyAppDetailsByUebKey failed", e);
180 return (list == null || list.isEmpty()) ? null : (EPApp) list.get(0);
183 @ApiOperation(value = "Gets favorite items within the functional menu for the current user.", response = FavoritesFunctionalMenuItemJson.class, responseContainer="List")
184 @GetMapping(value = { "/getFavorites" }, produces = "application/json")
185 public List<FavoritesFunctionalMenuItemJson> getFavoritesForUser(HttpServletRequest request,
186 HttpServletResponse response) throws Exception {
188 String userAgent = "";
189 List<FavoritesFunctionalMenuItemJson> favorites = null;
191 loginId = request.getHeader(EPCommonSystemProperties.MDC_LOGIN_ID);
192 userAgent = MDC.get(EPCommonSystemProperties.PARTNER_NAME);
194 EPUser epUser = epLoginService.findUserWithoutPwd(loginId);
195 logger.info(EELFLoggerDelegate.errorLogger,
196 "getFavorites request was received from " + userAgent + " for the user " + loginId + ".");
197 if (epUser == null || epUser.getId() == null) {
198 logger.error(EELFLoggerDelegate.errorLogger,
199 "No User record found for the LoginId '" + loginId + "' in the database.");
200 throw new Exception("Received null for Login-Id.");
202 favorites = functionalMenuService.getFavoriteItems(epUser.getId());
203 FieldsValidator fieldsValidator = new FieldsValidator();
204 response.setStatus(fieldsValidator.httpStatusCode.intValue());
206 EcompPortalUtils.logAndSerializeObject(logger, "/getFavorites", "result = ", favorites);
212 @ApiOperation(value = "Gets functional menu items appropriate for the current user.", response = FunctionalMenuItem.class, responseContainer="List")
213 @GetMapping(value = {
214 "/functionalMenuItemsForUser" }, produces = "application/json")
215 public List<FunctionalMenuItem> getFunctionalMenuItemsForUser(HttpServletRequest request,
216 HttpServletResponse response) throws Exception {
218 String userAgent = "";
219 List<FunctionalMenuItem> fnMenuItems = null;
221 loginId = request.getHeader("LoginId");
222 userAgent = MDC.get(EPCommonSystemProperties.PARTNER_NAME);
224 EPUser epUser = epLoginService.findUserWithoutPwd(loginId);
225 logger.info(EELFLoggerDelegate.errorLogger, "getFunctionalMenuItemsForUser request was received from "
226 + userAgent + " for the user " + loginId + ".");
227 if (epUser == null || epUser.getId() == null) {
228 logger.error(EELFLoggerDelegate.errorLogger,
229 "No User record found for the LoginId '" + loginId + "' in the database.");
230 throw new Exception("Received null for Login-Id.");
231 } else if (adminRolesService.isSuperAdmin(epUser)) {
232 logger.debug(EELFLoggerDelegate.debugLogger,
233 "FunctionalMenuHandler: SuperUser, about to call getFunctionalMenuItems()");
234 fnMenuItems = functionalMenuService.getFunctionalMenuItems();
236 logger.debug(EELFLoggerDelegate.debugLogger,
237 "getMenuItemsForAuthUser: about to call getFunctionalMenuItemsForUser()");
238 fnMenuItems = functionalMenuService.getFunctionalMenuItemsForUser(epUser.getOrgUserId());
241 FieldsValidator fieldsValidator = new FieldsValidator();
242 response.setStatus(fieldsValidator.httpStatusCode.intValue());
244 EcompPortalUtils.logAndSerializeObject(logger, "/functionalMenuItemsForUser", "result = ", fnMenuItems);
249 @ExceptionHandler(Exception.class)
250 protected void handleBadRequests(Exception e, HttpServletResponse response) throws IOException {
251 logger.warn(EELFLoggerDelegate.errorLogger, "Handling bad request", e);
252 response.sendError(HttpStatus.BAD_REQUEST.value(), e.getMessage());
256 @PostMapping(value = { "/validateCookie" })
257 public boolean validateCookie(@RequestBody EPServiceCookie epServiceCookie, HttpServletRequest request) throws Exception {
258 Map<String,String> epServiceCookieValueMap = epServiceCookie.getValue();
259 if(epServiceCookieValueMap!=null) {
260 String multifactorauthfrontendurl = SystemProperties.getProperty("frontend_url");
261 String encryptedJSessionId = epServiceCookieValueMap.get(multifactorauthfrontendurl);
262 if(encryptedJSessionId != null) {
263 String jSessionId = CipherUtil.decryptPKC(encryptedJSessionId);
264 if(jSessionId != null) {
265 if(jSessionId.equals(request.getSession().getId())) {
266 if(MusicUtil.isMusicEnable()) {
267 MusicSession musicSession = new MusicSession();
268 String sessionId = musicSession.getAttribute(encryptedJSessionId);
269 logger.info(EELFLoggerDelegate.errorLogger, "Music sessionid : "+sessionId);
270 return (sessionId != null);