ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/WidgetsController.java

   1 /*-
   2  * ============LICENSE_START==========================================
   3  * ONAP Portal
   4  * ===================================================================
   5  * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
   6  * ===================================================================
   7  *
   8  * Unless otherwise specified, all software contained herein is licensed
   9  * under the Apache License, Version 2.0 (the "License");
  10  * you may not use this software except in compliance with the License.
  11  * You may obtain a copy of the License at
  12  *
  13  *             http://www.apache.org/licenses/LICENSE-2.0
  14  *
  15  * Unless required by applicable law or agreed to in writing, software
  16  * distributed under the License is distributed on an "AS IS" BASIS,
  17  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  18  * See the License for the specific language governing permissions and
  19  * limitations under the License.
  20  *
  21  * Unless otherwise specified, all documentation contained herein is licensed
  22  * under the Creative Commons License, Attribution 4.0 Intl. (the "License");
  23  * you may not use this documentation except in compliance with the License.
  24  * You may obtain a copy of the License at
  25  *
  26  *             https://creativecommons.org/licenses/by/4.0/
  27  *
  28  * Unless required by applicable law or agreed to in writing, documentation
  29  * distributed under the License is distributed on an "AS IS" BASIS,
  30  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  31  * See the License for the specific language governing permissions and
  32  * limitations under the License.
  33  *
  34  * ============LICENSE_END============================================
  35  *
  36  *
  37  */
  38 package org.onap.portalapp.portal.controller;
  39
  40 import java.io.IOException;
  41 import java.util.List;
  42
  43 import javax.servlet.http.HttpServletRequest;
  44 import javax.servlet.http.HttpServletResponse;
  45
  46 import org.apache.cxf.common.util.StringUtils;
  47 import org.onap.portalapp.controller.EPRestrictedBaseController;
  48 import org.onap.portalapp.portal.domain.EPUser;
  49 import org.onap.portalapp.portal.logging.aop.EPAuditLog;
  50 import org.onap.portalapp.portal.service.AdminRolesService;
  51 import org.onap.portalapp.portal.service.PersUserWidgetService;
  52 import org.onap.portalapp.portal.service.WidgetService;
  53 import org.onap.portalapp.portal.transport.FieldsValidator;
  54 import org.onap.portalapp.portal.transport.OnboardingWidget;
  55 import org.onap.portalapp.portal.utils.EcompPortalUtils;
  56 import org.onap.portalapp.util.EPUserUtils;
  57 import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;
  58 import org.springframework.beans.factory.annotation.Autowired;
  59 import org.springframework.context.annotation.EnableAspectJAutoProxy;
  60 import org.springframework.web.bind.annotation.PathVariable;
  61 import org.springframework.web.bind.annotation.RequestBody;
  62 import org.springframework.web.bind.annotation.RequestMapping;
  63 import org.springframework.web.bind.annotation.RequestMethod;
  64 import org.springframework.web.bind.annotation.RestController;
  65
  66 @RestController
  67 @org.springframework.context.annotation.Configuration
  68 @EnableAspectJAutoProxy
  69 @EPAuditLog
  70 public class WidgetsController extends EPRestrictedBaseController {
  71         private EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(WidgetsController.class);
  72
  73         @Autowired
  74         private AdminRolesService adminRolesService;
  75         @Autowired
  76         private WidgetService widgetService;
  77         @Autowired
  78         private PersUserWidgetService persUserWidgetService;
  79
  80         @RequestMapping(value = { "/portalApi/widgets" }, method = RequestMethod.GET, produces = "application/json")
  81         public List<OnboardingWidget> getOnboardingWidgets(HttpServletRequest request, HttpServletResponse response) {
  82                 EPUser user = EPUserUtils.getUserSession(request);
  83                 List<OnboardingWidget> onboardingWidgets = null;
  84
  85                 if (user == null || user.isGuest()) {
  86                         EcompPortalUtils.setBadPermissions(user, response, "getOnboardingWidgets");
  87                 } else {
  88                         String getType = request.getHeader("X-Widgets-Type");
  89                         if (!StringUtils.isEmpty(getType) && (getType.equals("managed") || getType.equals("all"))) {
  90                                 onboardingWidgets = widgetService.getOnboardingWidgets(user, getType.equals("managed"));
  91                         } else {
  92                                 logger.debug(EELFLoggerDelegate.debugLogger, "WidgetsController.getOnboardingApps - request must contain header 'X-Widgets-Type' with 'all' or 'managed'");
  93                                 response.setStatus(HttpServletResponse.SC_BAD_REQUEST);
  94                         }
  95                 }
  96
  97                 EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/widgets", "GET result =", response.getStatus());
  98                 return onboardingWidgets;
  99         }
 100
 101         private boolean userHasPermissions(EPUser user, HttpServletResponse response, String invocator) {
 102                 if (!adminRolesService.isSuperAdmin(user) && !adminRolesService.isAccountAdmin(user)) {
 103                         EcompPortalUtils.setBadPermissions(user, response, invocator);
 104                         return false;
 105                 }
 106                 return true;
 107         }
 108
 109         // Attention: real json has all OnboardingWidget fields except "id", we use OnboardingWidget for not to create new class for parsing
 110         @RequestMapping(value = { "/portalApi/widgets/{widgetId}" }, method = { RequestMethod.PUT }, produces = "application/json")
 111         public FieldsValidator putOnboardingWidget(HttpServletRequest request, @PathVariable("widgetId") Long widgetId,
 112                         @RequestBody OnboardingWidget onboardingWidget, HttpServletResponse response) {
 113                 EPUser user = EPUserUtils.getUserSession(request);
 114                 FieldsValidator fieldsValidator = null;
 115                 if (userHasPermissions(user, response, "putOnboardingWidget")) {
 116                         onboardingWidget.id = widgetId; // !
 117                         onboardingWidget.normalize();
 118                         fieldsValidator = widgetService.setOnboardingWidget(user, onboardingWidget);
 119                         response.setStatus(fieldsValidator.httpStatusCode.intValue());
 120                 }
 121                 EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/widgets/" + widgetId, "GET result =", response.getStatus());
 122
 123                 return fieldsValidator;
 124         }
 125
 126         // Attention: real json has all OnboardingWidget fields except "id", we use OnboardingWidget for not to create new class for parsing
 127         @RequestMapping(value = { "/portalApi/widgets" }, method = { RequestMethod.POST }, produces = "application/json")
 128         public FieldsValidator postOnboardingWidget(HttpServletRequest request, @RequestBody OnboardingWidget onboardingWidget, HttpServletResponse response) {
 129                 EPUser user = EPUserUtils.getUserSession(request);
 130                 FieldsValidator fieldsValidator = null; ;
 131
 132                 if (userHasPermissions(user, response, "postOnboardingWidget")) {
 133                         onboardingWidget.id = null; // !
 134                         onboardingWidget.normalize();
 135                         fieldsValidator = widgetService.setOnboardingWidget(user, onboardingWidget);
 136                         response.setStatus(fieldsValidator.httpStatusCode.intValue());
 137                 }
 138
 139                 EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/widgets", "POST result =", response.getStatus());
 140                 return fieldsValidator;
 141         }
 142
 143         @RequestMapping(value = { "/portalApi/widgets/{widgetId}" }, method = { RequestMethod.DELETE }, produces = "application/json")
 144         public FieldsValidator deleteOnboardingWidget(HttpServletRequest request, @PathVariable("widgetId") Long widgetId, HttpServletResponse response) {
 145                 EPUser user = EPUserUtils.getUserSession(request);
 146                 FieldsValidator fieldsValidator = null; ;
 147
 148                 if (userHasPermissions(user, response, "deleteOnboardingWidget")) {
 149                         fieldsValidator = widgetService.deleteOnboardingWidget(user, widgetId);
 150                         response.setStatus(fieldsValidator.httpStatusCode.intValue());
 151                 }
 152
 153                 EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/widgets/" + widgetId, "DELETE result =", response.getStatus());
 154                 return fieldsValidator;
 155         }
 156
 157         /**
 158          * service to accept a user's action made on the application
 159          * catalog.
 160          *
 161          * @param request
 162          * @param selectRequest
 163          *            JSON with data including application ID
 164          * @param response
 165          * @return FieldsValidator
 166          * @throws IOException
 167          */
 168         @RequestMapping(value = { "portalApi/widgetCatalogSelection" }, method = RequestMethod.PUT, produces = "application/json")
 169         public FieldsValidator putWidgetCatalogSelection(HttpServletRequest request,
 170                         @RequestBody org.onap.portalapp.portal.transport.WidgetCatalogPersonalization persRequest, HttpServletResponse response) throws IOException {
 171                 FieldsValidator result = new FieldsValidator();
 172                 EPUser user = EPUserUtils.getUserSession(request);
 173                 try {
 174                         if (persRequest.getWidgetId() == null || user == null) {
 175                                 EcompPortalUtils.setBadPermissions(user, response, "putWidgetCatalogSelection");
 176                         } else {
 177                                 persUserWidgetService.setPersUserAppValue(user, persRequest.getWidgetId(), persRequest.getSelect());
 178                         }
 179                 } catch (Exception e) {
 180                         logger.error(EELFLoggerDelegate.errorLogger, "Failed in putAppCatalogSelection", e);
 181                         response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, e.toString());
 182                 }
 183                 result.httpStatusCode = new Long(HttpServletResponse.SC_OK);
 184                 return result;
 185         }
 186 }