ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/WidgetsController.java

   1 /*-
   2  * ============LICENSE_START==========================================
   3  * ONAP Portal
   4  * ===================================================================
   5  * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
   6  * ===================================================================
   7  *
   8  * Unless otherwise specified, all software contained herein is licensed
   9  * under the Apache License, Version 2.0 (the "License");
  10  * you may not use this software except in compliance with the License.
  11  * You may obtain a copy of the License at
  12  *
  13  *             http://www.apache.org/licenses/LICENSE-2.0
  14  *
  15  * Unless required by applicable law or agreed to in writing, software
  16  * distributed under the License is distributed on an "AS IS" BASIS,
  17  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  18  * See the License for the specific language governing permissions and
  19  * limitations under the License.
  20  *
  21  * Unless otherwise specified, all documentation contained herein is licensed
  22  * under the Creative Commons License, Attribution 4.0 Intl. (the "License");
  23  * you may not use this documentation except in compliance with the License.
  24  * You may obtain a copy of the License at
  25  *
  26  *             https://creativecommons.org/licenses/by/4.0/
  27  *
  28  * Unless required by applicable law or agreed to in writing, documentation
  29  * distributed under the License is distributed on an "AS IS" BASIS,
  30  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  31  * See the License for the specific language governing permissions and
  32  * limitations under the License.
  33  *
  34  * ============LICENSE_END============================================
  35  *
  36  *
  37  */
  38 package org.onap.portalapp.portal.controller;
  39
  40 import java.io.IOException;
  41 import java.util.List;
  42
  43 import javax.servlet.http.HttpServletRequest;
  44 import javax.servlet.http.HttpServletResponse;
  45
  46 import org.apache.cxf.common.util.StringUtils;
  47 import org.onap.portalapp.controller.EPRestrictedBaseController;
  48 import org.onap.portalapp.portal.domain.EPUser;
  49 import org.onap.portalapp.portal.logging.aop.EPAuditLog;
  50 import org.onap.portalapp.portal.service.AdminRolesService;
  51 import org.onap.portalapp.portal.service.PersUserWidgetService;
  52 import org.onap.portalapp.portal.service.WidgetService;
  53 import org.onap.portalapp.portal.transport.FieldsValidator;
  54 import org.onap.portalapp.portal.transport.OnboardingWidget;
  55 import org.onap.portalapp.portal.transport.WidgetCatalogPersonalization;
  56 import org.onap.portalapp.portal.utils.EcompPortalUtils;
  57 import org.onap.portalapp.util.EPUserUtils;
  58 import org.onap.portalapp.validation.DataValidator;
  59 import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;
  60 import org.springframework.beans.factory.annotation.Autowired;
  61 import org.springframework.context.annotation.Configuration;
  62 import org.springframework.context.annotation.EnableAspectJAutoProxy;
  63 import org.springframework.web.bind.annotation.PathVariable;
  64 import org.springframework.web.bind.annotation.RequestBody;
  65 import org.springframework.web.bind.annotation.RequestMapping;
  66 import org.springframework.web.bind.annotation.RequestMethod;
  67 import org.springframework.web.bind.annotation.RestController;
  68
  69 @RestController
  70 @Configuration
  71 @EnableAspectJAutoProxy
  72 @EPAuditLog
  73 public class WidgetsController extends EPRestrictedBaseController {
  74     private static final EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(WidgetsController.class);
  75     private static final DataValidator dataValidator = new DataValidator();
  76
  77     private AdminRolesService adminRolesService;
  78     private WidgetService widgetService;
  79     private PersUserWidgetService persUserWidgetService;
  80
  81     @Autowired
  82     public WidgetsController(AdminRolesService adminRolesService,
  83             WidgetService widgetService, PersUserWidgetService persUserWidgetService) {
  84         this.adminRolesService = adminRolesService;
  85         this.widgetService = widgetService;
  86         this.persUserWidgetService = persUserWidgetService;
  87     }
  88
  89     @RequestMapping(value = { "/portalApi/widgets" }, method = RequestMethod.GET, produces = "application/json")
  90     public List<OnboardingWidget> getOnboardingWidgets(HttpServletRequest request, HttpServletResponse response) {
  91         EPUser user = EPUserUtils.getUserSession(request);
  92         List<OnboardingWidget> onboardingWidgets = null;
  93
  94         if (user == null || user.isGuest()) {
  95             EcompPortalUtils.setBadPermissions(user, response, "getOnboardingWidgets");
  96         } else {
  97             String getType = request.getHeader("X-Widgets-Type");
  98             if (!StringUtils.isEmpty(getType) && ("managed".equals(getType) || "all".equals(getType))) {
  99                 onboardingWidgets = widgetService.getOnboardingWidgets(user, "managed".equals(getType));
 100             } else {
 101                 logger.debug(EELFLoggerDelegate.debugLogger,
 102                         "WidgetsController.getOnboardingApps - request must contain header 'X-Widgets-Type' with 'all' or 'managed'");
 103                 response.setStatus(HttpServletResponse.SC_BAD_REQUEST);
 104             }
 105         }
 106
 107         EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/widgets", "GET result =", response.getStatus());
 108         return onboardingWidgets;
 109     }
 110
 111     private boolean userHasPermissions(EPUser user, HttpServletResponse response, String invocator) {
 112         if (!adminRolesService.isSuperAdmin(user) && !adminRolesService.isAccountAdmin(user)) {
 113             EcompPortalUtils.setBadPermissions(user, response, invocator);
 114             return false;
 115         }
 116         return true;
 117     }
 118
 119     // Attention: real json has all OnboardingWidget fields except "id", we use OnboardingWidget for not
 120     // to create new class for parsing
 121     @RequestMapping(value = { "/portalApi/widgets/{widgetId}" }, method = { RequestMethod.PUT },
 122             produces = "application/json")
 123     public FieldsValidator putOnboardingWidget(HttpServletRequest request, @PathVariable("widgetId") Long widgetId,
 124             @RequestBody OnboardingWidget onboardingWidget, HttpServletResponse response) {
 125         EPUser user = EPUserUtils.getUserSession(request);
 126         FieldsValidator fieldsValidator = null;
 127         if (onboardingWidget != null && !dataValidator.isValid(onboardingWidget)) {
 128             fieldsValidator = new FieldsValidator();
 129             fieldsValidator.setHttpStatusCode((long) HttpServletResponse.SC_NOT_ACCEPTABLE);
 130             return fieldsValidator;
 131         }
 132
 133         if (userHasPermissions(user, response, "putOnboardingWidget")) {
 134             if (onboardingWidget != null) {
 135                 onboardingWidget.id = widgetId; // !
 136                 onboardingWidget.normalize();
 137             }
 138
 139             fieldsValidator = widgetService.setOnboardingWidget(user, onboardingWidget);
 140             response.setStatus(fieldsValidator.httpStatusCode.intValue());
 141         }
 142         EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/widgets/" + widgetId, "GET result =",
 143                 response.getStatus());
 144
 145         return fieldsValidator;
 146     }
 147
 148     // Attention: real json has all OnboardingWidget fields except "id", we use OnboardingWidget for not
 149     // to create new class for parsing
 150     @RequestMapping(value = { "/portalApi/widgets" }, method = { RequestMethod.POST }, produces = "application/json")
 151     public FieldsValidator postOnboardingWidget(HttpServletRequest request,
 152             @RequestBody OnboardingWidget onboardingWidget, HttpServletResponse response) {
 153         EPUser user = EPUserUtils.getUserSession(request);
 154         FieldsValidator fieldsValidator = null;
 155
 156         if (onboardingWidget != null && !dataValidator.isValid(onboardingWidget)) {
 157             fieldsValidator = new FieldsValidator();
 158             fieldsValidator.setHttpStatusCode((long) HttpServletResponse.SC_NOT_ACCEPTABLE);
 159             return fieldsValidator;
 160         }
 161
 162         if (userHasPermissions(user, response, "postOnboardingWidget")) {
 163
 164             if (onboardingWidget != null) {
 165                 onboardingWidget.id = null; // !
 166                 onboardingWidget.normalize();
 167             }
 168             fieldsValidator = widgetService.setOnboardingWidget(user, onboardingWidget);
 169             response.setStatus(fieldsValidator.httpStatusCode.intValue());
 170         }
 171
 172         EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/widgets", "POST result =", response.getStatus());
 173         return fieldsValidator;
 174     }
 175
 176     @RequestMapping(value = { "/portalApi/widgets/{widgetId}" }, method = { RequestMethod.DELETE },
 177             produces = "application/json")
 178     public FieldsValidator deleteOnboardingWidget(HttpServletRequest request, @PathVariable("widgetId") Long widgetId,
 179             HttpServletResponse response) {
 180         EPUser user = EPUserUtils.getUserSession(request);
 181         FieldsValidator fieldsValidator = null;
 182
 183         if (userHasPermissions(user, response, "deleteOnboardingWidget")) {
 184             fieldsValidator = widgetService.deleteOnboardingWidget(user, widgetId);
 185             response.setStatus(fieldsValidator.httpStatusCode.intValue());
 186         }
 187
 188         EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/widgets/" + widgetId, "DELETE result =",
 189                 response.getStatus());
 190         return fieldsValidator;
 191     }
 192
 193     /**
 194      * service to accept a user's action made on the application catalog.
 195      *
 196      * @param request
 197      * @param selectRequest JSON with data including application ID
 198      * @param response
 199      * @return FieldsValidator
 200      * @throws IOException
 201      */
 202     @RequestMapping(value = { "portalApi/widgetCatalogSelection" }, method = RequestMethod.PUT,
 203             produces = "application/json")
 204     public FieldsValidator putWidgetCatalogSelection(HttpServletRequest request,
 205             @RequestBody WidgetCatalogPersonalization persRequest, HttpServletResponse response) throws IOException {
 206         FieldsValidator result = new FieldsValidator();
 207         EPUser user = EPUserUtils.getUserSession(request);
 208
 209         if (persRequest != null) {
 210             if (!dataValidator.isValid(persRequest)) {
 211                 result.httpStatusCode = (long) HttpServletResponse.SC_NOT_ACCEPTABLE;
 212                 return result;
 213             }
 214         }
 215
 216         try {
 217             if (persRequest == null || persRequest.getWidgetId() == null || user == null) {
 218                 EcompPortalUtils.setBadPermissions(user, response, "putWidgetCatalogSelection");
 219             } else {
 220                 persUserWidgetService.setPersUserAppValue(user, persRequest.getWidgetId(), persRequest.getSelect());
 221             }
 222         } catch (Exception e) {
 223             logger.error(EELFLoggerDelegate.errorLogger, "Failed in putAppCatalogSelection", e);
 224             response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, e.toString());
 225         }
 226         result.httpStatusCode = (long) HttpServletResponse.SC_OK;
 227         return result;
 228     }
 229 }