2 * ================================================================================
\r
4 * ================================================================================
\r
5 * Copyright (C) 2017 AT&T Intellectual Property
\r
6 * ================================================================================
\r
7 * Licensed under the Apache License, Version 2.0 (the "License");
\r
8 * you may not use this file except in compliance with the License.
\r
9 * You may obtain a copy of the License at
\r
11 * http://www.apache.org/licenses/LICENSE-2.0
\r
13 * Unless required by applicable law or agreed to in writing, software
\r
14 * distributed under the License is distributed on an "AS IS" BASIS,
\r
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
\r
16 * See the License for the specific language governing permissions and
\r
17 * limitations under the License.
\r
18 * ================================================================================
\r
20 package org.openecomp.portalapp.portal.controller;
\r
22 import java.util.List;
\r
24 import javax.servlet.http.HttpServletRequest;
\r
25 import javax.servlet.http.HttpServletResponse;
\r
27 import org.slf4j.MDC;
\r
28 import org.springframework.beans.factory.annotation.Autowired;
\r
29 import org.springframework.context.annotation.EnableAspectJAutoProxy;
\r
30 import org.springframework.web.bind.annotation.PathVariable;
\r
31 import org.springframework.web.bind.annotation.RequestBody;
\r
32 import org.springframework.web.bind.annotation.RequestMapping;
\r
33 import org.springframework.web.bind.annotation.RequestMethod;
\r
34 import org.springframework.web.bind.annotation.RestController;
\r
36 import org.openecomp.portalsdk.core.domain.AuditLog;
\r
37 import org.openecomp.portalsdk.core.logging.logic.EELFLoggerDelegate;
\r
38 import org.openecomp.portalsdk.core.service.AuditService;
\r
39 import org.openecomp.portalapp.controller.EPRestrictedBaseController;
\r
40 import org.openecomp.portalapp.portal.domain.EPRole;
\r
41 import org.openecomp.portalapp.portal.domain.EPUser;
\r
42 import org.openecomp.portalapp.portal.domain.EcompAuditLog;
\r
43 import org.openecomp.portalapp.portal.logging.aop.EPAuditLog;
\r
44 import org.openecomp.portalapp.portal.logging.aop.EPEELFLoggerAdvice;
\r
45 import org.openecomp.portalapp.portal.logging.logic.EPLogUtil;
\r
46 import org.openecomp.portalapp.portal.service.AdminRolesService;
\r
47 import org.openecomp.portalapp.portal.service.PortalAdminService;
\r
48 import org.openecomp.portalapp.portal.transport.FieldsValidator;
\r
49 import org.openecomp.portalapp.portal.transport.PortalAdmin;
\r
50 import org.openecomp.portalapp.portal.utils.EPCommonSystemProperties;
\r
51 import org.openecomp.portalapp.portal.utils.EcompPortalUtils;
\r
52 import org.openecomp.portalapp.util.EPUserUtils;
\r
55 @org.springframework.context.annotation.Configuration
\r
56 @EnableAspectJAutoProxy
\r
58 public class PortalAdminController extends EPRestrictedBaseController {
\r
60 PortalAdminService portalAdminService;
\r
62 AdminRolesService adminRolesService;
\r
64 AuditService auditService;
\r
66 EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(PortalAdminController.class);
\r
68 @RequestMapping(value = { "/portalApi/portalAdmins" }, method = RequestMethod.GET, produces = "application/json")
\r
69 public List<PortalAdmin> getPortalAdmins(HttpServletRequest request, HttpServletResponse response) {
\r
70 EPUser user = EPUserUtils.getUserSession(request);
\r
71 List<PortalAdmin> portalAdmins = null;
\r
73 logger.debug(EELFLoggerDelegate.debugLogger, "PortalAdminController.getPortalAdmins, null user");
\r
74 EcompPortalUtils.setBadPermissions(user, response, "getPortalAdmins");
\r
75 } else if (!adminRolesService.isSuperAdmin(user)) {
\r
76 logger.debug(EELFLoggerDelegate.debugLogger, "PortalAdminController.getPortalAdmins, bad permissions");
\r
77 EcompPortalUtils.setBadPermissions(user, response, "createPortalAdmin");
\r
79 // return the list of portal admins
\r
80 portalAdmins = portalAdminService.getPortalAdmins();
\r
81 logger.debug(EELFLoggerDelegate.debugLogger, "portalAdmins: called getPortalAdmins()");
\r
82 EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/getPortalAdmins", "result =", portalAdmins);
\r
85 return portalAdmins;
\r
89 * RESTful service method to create a new portal admin. Requirement: you
\r
90 * must be the Ecomp portal super admin user.
\r
93 @RequestMapping(value = { "/portalApi/portalAdmin" }, method = RequestMethod.POST)
\r
94 public FieldsValidator createPortalAdmin(HttpServletRequest request, @RequestBody String sbcid,
\r
95 HttpServletResponse response) {
\r
96 EPUser user = EPUserUtils.getUserSession(request);
\r
97 FieldsValidator fieldsValidator = null;
\r
99 logger.debug(EELFLoggerDelegate.debugLogger, "PortalAdminController.createPortalAdmin, null user");
\r
100 EcompPortalUtils.setBadPermissions(user, response, "createPortalAdmin");
\r
101 } else if (!adminRolesService.isSuperAdmin(user)) {
\r
102 logger.debug(EELFLoggerDelegate.debugLogger, "PortalAdminController.createPortalAdmin bad permissions");
\r
103 EcompPortalUtils.setBadPermissions(user, response, "createPortalAdmin");
\r
105 fieldsValidator = portalAdminService.createPortalAdmin(sbcid);
\r
106 int statusCode = fieldsValidator.httpStatusCode.intValue();
\r
107 response.setStatus(statusCode);
\r
108 if (statusCode == 200) {
\r
109 AuditLog auditLog = new AuditLog();
\r
110 auditLog.setUserId(user.getId());
\r
111 auditLog.setActivityCode(EcompAuditLog.CD_ACTIVITY_ADD_PORTAL_ADMIN);
\r
112 auditLog.setAffectedRecordId(sbcid);
\r
113 auditService.logActivity(auditLog, null);
\r
115 MDC.put(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP, EPEELFLoggerAdvice.getCurrentDateTimeUTC());
\r
116 MDC.put(EPCommonSystemProperties.AUDITLOG_END_TIMESTAMP, EPEELFLoggerAdvice.getCurrentDateTimeUTC());
\r
117 logger.info(EELFLoggerDelegate.auditLogger,
\r
118 EPLogUtil.formatAuditLogMessage("PortalAdminController.createPortalAdmin",
\r
119 EcompAuditLog.CD_ACTIVITY_ADD_PORTAL_ADMIN, user.getOrgUserId(), sbcid,
\r
120 "A new Portal Admin has been added"));
\r
121 MDC.remove(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP);
\r
122 MDC.remove(EPCommonSystemProperties.AUDITLOG_END_TIMESTAMP);
\r
125 EcompPortalUtils.logAndSerializeObject(logger, "/portalAdmin", "POST result =", response.getStatus());
\r
127 return fieldsValidator;
\r
130 @RequestMapping(value = { "/portalApi/portalAdmin/{userInfo}" }, method = RequestMethod.DELETE)
\r
131 public FieldsValidator deletePortalAdmin(HttpServletRequest request, @PathVariable("userInfo") String userInfo,
\r
132 HttpServletResponse response) {
\r
133 int userIdIdx = userInfo.indexOf("-");
\r
134 Long userId = null;
\r
135 String sbcid = null;
\r
136 FieldsValidator fieldsValidator = null;
\r
139 logger.error(EELFLoggerDelegate.errorLogger,"deletePortalAdmin missing userId");
\r
140 return fieldsValidator;
\r
142 String userIdStr = userInfo.substring(0, userIdIdx);
\r
143 userId = Long.valueOf(userIdStr);
\r
144 sbcid = userInfo.substring(userIdIdx+1, userInfo.length());
\r
146 }catch(Exception e){
\r
147 logger.error(EELFLoggerDelegate.errorLogger,"deletePortalAdmin error while parsing the userInfo",e);
\r
149 EPUser user = EPUserUtils.getUserSession(request);
\r
150 if (!adminRolesService.isSuperAdmin(user)) {
\r
151 EcompPortalUtils.setBadPermissions(user, response, "deletePortalAdmin");
\r
153 fieldsValidator = portalAdminService.deletePortalAdmin(userId);
\r
154 int statusCode = fieldsValidator.httpStatusCode.intValue();
\r
155 response.setStatus(statusCode);
\r
156 if (statusCode == 200) {
\r
157 AuditLog auditLog = new AuditLog();
\r
158 auditLog.setUserId(user.getId());
\r
159 auditLog.setActivityCode(EcompAuditLog.CD_ACTIVITY_DELETE_PORTAL_ADMIN);
\r
160 auditLog.setAffectedRecordId(sbcid);
\r
161 auditService.logActivity(auditLog, null);
\r
163 MDC.put(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP, EPEELFLoggerAdvice.getCurrentDateTimeUTC());
\r
164 MDC.put(EPCommonSystemProperties.AUDITLOG_END_TIMESTAMP, EPEELFLoggerAdvice.getCurrentDateTimeUTC());
\r
165 logger.info(EELFLoggerDelegate.auditLogger,
\r
166 EPLogUtil.formatAuditLogMessage("PortalAdminController.deletePortalAdmin",
\r
167 EcompAuditLog.CD_ACTIVITY_DELETE_PORTAL_ADMIN, user.getOrgUserId(), sbcid,
\r
168 "A Portal Admin has been deleted"));
\r
169 MDC.remove(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP);
\r
170 MDC.remove(EPCommonSystemProperties.AUDITLOG_END_TIMESTAMP);
\r
173 EcompPortalUtils.logAndSerializeObject(logger, "/portalAdmin", "DELETE result =", response.getStatus());
\r
175 return fieldsValidator;
\r
178 @RequestMapping(value = {
\r
179 "/portalApi/adminAppsRoles/{appId}" }, method = RequestMethod.GET, produces = "application/json")
\r
180 public List<EPRole> getRolesByApp(HttpServletRequest request, @PathVariable("appId") Long appId,
\r
181 HttpServletResponse response) {
\r
182 EPUser user = EPUserUtils.getUserSession(request);
\r
183 List<EPRole> rolesByApp = null;
\r
186 if (user == null) {
\r
187 EcompPortalUtils.setBadPermissions(user, response, "getUserApps");
\r
189 rolesByApp = adminRolesService.getRolesByApp(user, appId);
\r
191 } catch (Exception e) {
\r
192 logger.error(EELFLoggerDelegate.errorLogger,
\r
193 "Exception occurred while performing getRolesByApp operation, Details: "
\r
194 + EcompPortalUtils.getStackTrace(e));
\r
Code Review / portal.git / blob