portal-BE/src/main/java/org/onap/portal/controller/UserRolesController.java

   1 /*
   2  * ============LICENSE_START==========================================
   3  * ONAP Portal
   4  * ===================================================================
   5  * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved.
   6  * ===================================================================
   7  * Modifications Copyright (c) 2019 Samsung
   8  * ===================================================================
   9  *
  10  * Unless otherwise specified, all software contained herein is licensed
  11  * under the Apache License, Version 2.0 (the "License");
  12  * you may not use this software except in compliance with the License.
  13  * You may obtain a copy of the License at
  14  *
  15  *             http://www.apache.org/licenses/LICENSE-2.0
  16  *
  17  * Unless required by applicable law or agreed to in writing, software
  18  * distributed under the License is distributed on an "AS IS" BASIS,
  19  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  20  * See the License for the specific language governing permissions and
  21  * limitations under the License.
  22  *
  23  * Unless otherwise specified, all documentation contained herein is licensed
  24  * under the Creative Commons License, Attribution 4.0 Intl. (the "License");
  25  * you may not use this documentation except in compliance with the License.
  26  * You may obtain a copy of the License at
  27  *
  28  *             https://creativecommons.org/licenses/by/4.0/
  29  *
  30  * Unless required by applicable law or agreed to in writing, documentation
  31  * distributed under the License is distributed on an "AS IS" BASIS,
  32  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  33  * See the License for the specific language governing permissions and
  34  * limitations under the License.
  35  *
  36  * ============LICENSE_END============================================
  37  *
  38  *
  39  */
  40
  41 package org.onap.portal.controller;
  42
  43 import java.security.Principal;
  44 import org.onap.portal.domain.db.fn.FnUser;
  45 import org.onap.portal.service.AdminRolesService;
  46 import org.onap.portal.service.fn.FnUserService;
  47 import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;
  48 import org.springframework.beans.factory.annotation.Autowired;
  49 import org.springframework.context.annotation.Configuration;
  50 import org.springframework.web.bind.annotation.RequestMapping;
  51 import org.springframework.web.bind.annotation.RequestMethod;
  52 import org.springframework.web.bind.annotation.RestController;
  53
  54 @RestController
  55 @Configuration
  56 public class UserRolesController {
  57
  58        private EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(UserRolesController.class);
  59
  60        private final FnUserService fnUserService;
  61        private final AdminRolesService adminRolesService;
  62
  63
  64 /*
  65        private final UserRolesService userRolesService;
  66        private final ApplicationsRestClientService applicationsRestClientService;
  67        private final SearchService searchService;*/
  68
  69
  70        private static final String FAILURE = "failure";
  71
  72        @Autowired
  73        public UserRolesController(final FnUserService fnUserService,
  74                final AdminRolesService adminRolesService) {
  75               this.fnUserService = fnUserService;
  76               this.adminRolesService = adminRolesService;
  77        }
  78
  79 /*
  80
  81        @RequestMapping(value = {"/portalApi/queryUsers"}, method = RequestMethod.GET, produces = "application/json")
  82        @PreAuthorize("hasRole('System_Administrator') and hasRole('Account_Administrator')")
  83        public String getPhoneBookSearchResult(Principal principal, @RequestParam("search") String searchString,
  84                HttpServletResponse response) {
  85               FnUser user = fnUserService.loadUserByUsername(principal.getName());
  86
  87               String searchResult = null;
  88               if (!adminRolesService.isSuperAdmin(user) && !adminRolesService.isAccountAdmin(user)
  89                       && !adminRolesService.isRoleAdmin(user)) {
  90                      EcompPortalUtils.setBadPermissions(user, response, "getPhoneBookSearchResult");
  91               } else {
  92                      searchString = searchString.trim();
  93                      if (searchString.length() > 2) {
  94                             searchResult = searchService.searchUsersInPhoneBook(searchString);
  95                      } else {
  96                             logger.info(EELFLoggerDelegate.errorLogger,
  97                                     "getPhoneBookSearchResult - too short search string: " + searchString);
  98                      }
  99               }
 100               EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/queryUsers", "result =", searchResult);
 101
 102               return searchResult;
 103        }
 104
 105        @RequestMapping(value = {"/portalApi/adminAppsRoles"}, method = {
 106                RequestMethod.GET}, produces = "application/json")
 107        public AppsListWithAdminRole getAppsWithAdminRoleStateForUser(Principal principal,
 108                @RequestParam("user") String orgUserId, HttpServletResponse response) {
 109
 110               FnUser user = fnUserService.loadUserByUsername(principal.getName());
 111
 112               AppsListWithAdminRole result = null;
 113               if (!adminRolesService.isSuperAdmin(user)) {
 114                      EcompPortalUtils.setBadPermissions(user, response, "getAppsWithAdminRoleStateForUser");
 115               } else {
 116                      if (EcompPortalUtils.legitimateUserId(orgUserId)) {
 117                             result = adminRolesService.getAppsWithAdminRoleStateForUser(orgUserId);
 118                      } else {
 119                             logger.info(EELFLoggerDelegate.errorLogger,
 120                                     "getAppsWithAdminRoleStateForUser - parms error, no Organization User ID");
 121                             response.setStatus(HttpServletResponse.SC_BAD_REQUEST);
 122                      }
 123               }
 124
 125               StringBuilder adminAppRoles = new StringBuilder();
 126               if (result != null) {
 127                      if (!result.appsRoles.isEmpty()) {
 128                             adminAppRoles.append("User '" + result.orgUserId + "' has admin role to the apps = {");
 129                             for (AppNameIdIsAdmin adminAppRole : result.appsRoles) {
 130                                    if (adminAppRole.isAdmin) {
 131                                           adminAppRoles.append(adminAppRole.appName + ", ");
 132                                    }
 133                             }
 134                             adminAppRoles.append("}.");
 135                      } else {
 136                             adminAppRoles.append("User '" + result.orgUserId + "' has no Apps with Admin Role.");
 137                      }
 138               } else {
 139                      logger.error(EELFLoggerDelegate.errorLogger,
 140                              "putAppWithUserRoleStateForUser: getAppsWithAdminRoleStateForUser result is null");
 141               }
 142
 143               logger.info(EELFLoggerDelegate.errorLogger, adminAppRoles.toString());
 144
 145               EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/adminAppsRoles", "get result =", result);
 146
 147               return result;
 148        }
 149
 150        @RequestMapping(value = {"/portalApi/adminAppsRoles"}, method = {
 151                RequestMethod.PUT}, produces = "application/json")
 152        public FieldsValidator putAppsWithAdminRoleStateForUser(Principal principal,
 153                @RequestBody AppsListWithAdminRole newAppsListWithAdminRoles, HttpServletResponse response) {
 154
 155               // newAppsListWithAdminRoles.appsRoles
 156               FieldsValidator fieldsValidator = new FieldsValidator();
 157               StringBuilder newAppRoles = new StringBuilder();
 158               if (newAppsListWithAdminRoles != null) {
 159                      if (!newAppsListWithAdminRoles.appsRoles.isEmpty()) {
 160                             newAppRoles
 161                                     .append("User '" + newAppsListWithAdminRoles.orgUserId
 162                                             + "' has admin role to the apps = { ");
 163                             for (AppNameIdIsAdmin adminAppRole : newAppsListWithAdminRoles.appsRoles) {
 164                                    if (adminAppRole.isAdmin) {
 165                                           newAppRoles.append(adminAppRole.appName + " ,");
 166                                    }
 167                             }
 168                             newAppRoles.deleteCharAt(newAppRoles.length() - 1);
 169                             newAppRoles.append("}.");
 170                      } else {
 171                             newAppRoles.append("User '" + newAppsListWithAdminRoles.orgUserId
 172                                     + "' has no Apps with Admin Role.");
 173                      }
 174               } else {
 175                      logger.error(EELFLoggerDelegate.errorLogger,
 176                              "putAppWithUserRoleStateForUser: putAppsWithAdminRoleStateForUser result is null");
 177                      fieldsValidator.setHttpStatusCode((long) HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
 178               }
 179
 180               logger.info(EELFLoggerDelegate.errorLogger, newAppRoles.toString());
 181
 182               FnUser user = fnUserService.loadUserByUsername(principal.getName());
 183
 184               boolean changesApplied = false;
 185
 186               if (!adminRolesService.isSuperAdmin(user)) {
 187                      EcompPortalUtils.setBadPermissions(user, response, "putAppsWithAdminRoleStateForUser");
 188               } else {
 189                      changesApplied = adminRolesService.setAppsWithAdminRoleStateForUser(newAppsListWithAdminRoles);
 190                      AuditLog auditLog = new AuditLog();
 191                      auditLog.setUserId(user.getId());
 192                      auditLog.setActivityCode(EcompAuditLog.CD_ACTIVITY_UPDATE_ACCOUNT_ADMIN);
 193                      if (newAppsListWithAdminRoles != null) {
 194                             auditLog.setAffectedRecordId(newAppsListWithAdminRoles.orgUserId);
 195                      }
 196                      auditLog.setComments(
 197                              EcompPortalUtils
 198                                      .truncateString(newAppRoles.toString(), PortalConstants.AUDIT_LOG_COMMENT_SIZE));
 199                      auditService.logActivity(auditLog, null);
 200
 201                      MDC.put(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP,
 202                              EPEELFLoggerAdvice.getCurrentDateTimeUTC());
 203                      MDC.put(EPCommonSystemProperties.AUDITLOG_END_TIMESTAMP,
 204                              EPEELFLoggerAdvice.getCurrentDateTimeUTC());
 205                      EcompPortalUtils.calculateDateTimeDifferenceForLog(
 206                              MDC.get(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP),
 207                              MDC.get(EPCommonSystemProperties.AUDITLOG_END_TIMESTAMP));
 208                      if (newAppsListWithAdminRoles != null) {
 209                             logger.info(EELFLoggerDelegate.auditLogger,
 210                                     EPLogUtil.formatAuditLogMessage(
 211                                             "UserRolesController.putAppsWithAdminRoleStateForUser",
 212                                             EcompAuditLog.CD_ACTIVITY_UPDATE_ACCOUNT_ADMIN, user.getOrgUserId(),
 213                                             newAppsListWithAdminRoles.orgUserId, newAppRoles.toString()));
 214                      }
 215                      MDC.remove(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP);
 216                      MDC.remove(EPCommonSystemProperties.AUDITLOG_END_TIMESTAMP);
 217                      MDC.remove(SystemProperties.MDC_TIMER);
 218               }
 219               EcompPortalUtils
 220                       .logAndSerializeObject(logger, "/portalApi/adminAppsRoles", "put result =", changesApplied);
 221
 222               return fieldsValidator;
 223        }
 224
 225
 226        @RequestMapping(value = {"/portalApi/userAppRoles"}, method = {
 227                RequestMethod.GET}, produces = "application/json")
 228        public List<RoleInAppForUser> getAppRolesForUser(Principal principal,
 229                @RequestParam("user") String orgUserId,
 230                @RequestParam("app") Long appid, @RequestParam("externalRequest") Boolean extRequestValue,
 231                @RequestParam("isSystemUser") Boolean isSystemUser,
 232                HttpServletResponse response) {
 233               FnUser user = fnUserService.loadUserByUsername(principal.getName());
 234               List<RoleInAppForUser> result = null;
 235               String feErrorString = "";
 236               if (!adminRolesService.isAccountAdmin(user) && !adminRolesService.isRoleAdmin(user)) {
 237                      logger.debug(EELFLoggerDelegate.debugLogger,
 238                              "getAppRolesForUser: Accountadminpermissioncheck {}, RoleAdmincheck {}",
 239                              adminRolesService.isAccountAdmin(user), adminRolesService.isRoleAdmin(user));
 240                      EcompPortalUtils.setBadPermissions(user, response, "getAppRolesForUser");
 241                      feErrorString = EcompPortalUtils.getFEErrorString(true, response.getStatus());
 242               } else {
 243                      if ((!isSystemUser && EcompPortalUtils.legitimateUserId(orgUserId)) || isSystemUser) {
 244                             result = userRolesService.getAppRolesForUser(appid, orgUserId, extRequestValue, user);
 245                             logger.debug(EELFLoggerDelegate.debugLogger, "getAppRolesForUser: result {}, appId {}",
 246                                     result, appid);
 247                             int responseCode = EcompPortalUtils.getExternalAppResponseCode();
 248                             if (responseCode != 0 && responseCode != 200) {
 249                                    // external error
 250                                    response.setStatus(responseCode);
 251                                    feErrorString = EcompPortalUtils.getFEErrorString(false, responseCode);
 252                             } else if (result == null) {
 253                                    // If the result is null, there was an internal onap error
 254                                    // in the service call.
 255                                    response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
 256                                    feErrorString = EcompPortalUtils.getFEErrorString(true,
 257                                            HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
 258                             }
 259                      } else {
 260                             logger.info(EELFLoggerDelegate.errorLogger, "getAppRolesForUser - no Organization User ID");
 261                             response.setStatus(HttpServletResponse.SC_BAD_REQUEST);
 262                             feErrorString = EcompPortalUtils.getFEErrorString(true, HttpServletResponse.SC_BAD_REQUEST);
 263                      }
 264               }
 265
 266               StringBuilder sbUserApps = new StringBuilder();
 267               if (result != null && !result.isEmpty()) {
 268                      sbUserApps.append("User '" + orgUserId + "' has Roles={");
 269                      for (RoleInAppForUser appRole : result) {
 270                             if (appRole.isApplied) {
 271                                    sbUserApps.append(appRole.roleName + ", ");
 272                             }
 273                      }
 274                      sbUserApps.append("} assigned to the appId '" + appid + "'.");
 275               } else {
 276                      // Not sure creating an empty object will make any difference
 277                      // but would like to give it a shot for defect #DE221057
 278                      if (result == null) {
 279                             result = new ArrayList<>();
 280                      }
 281                      sbUserApps.append("User '" + orgUserId + "' and appid " + appid + " has no roles");
 282               }
 283               logger.info(EELFLoggerDelegate.errorLogger, sbUserApps.toString());
 284
 285               EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/userAppRoles", "get result =", result);
 286               if (feErrorString != "") {
 287                      logger.debug(EELFLoggerDelegate.debugLogger, "LR: FEErrorString to header: " + feErrorString);
 288
 289                      response.addHeader("FEErrorString", feErrorString);
 290                      response.addHeader("Access-Control-Expose-Headers", "FEErrorString");
 291               }
 292               return result;
 293        }
 294
 295        @RequestMapping(value = {"/portalApi/userAppRoles"}, method = {
 296                RequestMethod.PUT}, produces = "application/json")
 297        public PortalRestResponse<String> putAppWithUserRoleStateForUser(Principal principal,
 298                @RequestBody AppWithRolesForUser newAppRolesForUser, HttpServletResponse response) {
 299               // FieldsValidator fieldsValidator = new FieldsValidator();
 300               PortalRestResponse<String> portalResponse = new PortalRestResponse<>();
 301               StringBuilder sbUserApps = new StringBuilder();
 302               if (newAppRolesForUser != null) {
 303                      sbUserApps.append("User '" + newAppRolesForUser.getOrgUserId());
 304                      if (newAppRolesForUser.getAppId() != null && !newAppRolesForUser.getAppRoles().isEmpty()) {
 305                             sbUserApps.append("' has roles = { ");
 306                             for (RoleInAppForUser appRole : newAppRolesForUser.getAppRoles()) {
 307                                    if (appRole.isApplied) {
 308                                           sbUserApps.append(appRole.roleName + " ,");
 309                                    }
 310                             }
 311                             sbUserApps.deleteCharAt(sbUserApps.length() - 1);
 312                             sbUserApps.append("} assigned for the app " + newAppRolesForUser.getAppId());
 313                      } else {
 314                             sbUserApps.append("' has no roles assigned for app " + newAppRolesForUser.getAppId());
 315                      }
 316               }
 317               logger.info(EELFLoggerDelegate.applicationLogger, "putAppWithUserRoleStateForUser: {}",
 318                       sbUserApps.toString());
 319
 320               FnUser user = fnUserService.loadUserByUsername(principal.getName());
 321               // boolean changesApplied = false;
 322               ExternalRequestFieldsValidator changesApplied = null;
 323
 324               if (!adminRolesService.isAccountAdmin(user) && !adminRolesService.isRoleAdmin(user)) {
 325                      EcompPortalUtils.setBadPermissions(user, response, "putAppWithUserRoleStateForUser");
 326               } else if (newAppRolesForUser == null) {
 327                      logger.error(EELFLoggerDelegate.errorLogger,
 328                              "putAppWithUserRoleStateForUser: newAppRolesForUser is null");
 329               } else {
 330                      changesApplied = userRolesService.setAppWithUserRoleStateForUser(user, newAppRolesForUser);
 331                      try {
 332                             if (changesApplied.isResult()) {
 333                                    logger.info(EELFLoggerDelegate.applicationLogger,
 334                                            "putAppWithUserRoleStateForUser: succeeded for app {}, user {}",
 335                                            newAppRolesForUser.getAppId(),
 336                                            newAppRolesForUser.getAppId());
 337
 338                                    MDC.put(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP,
 339                                            EPEELFLoggerAdvice.getCurrentDateTimeUTC());
 340                                    AuditLog auditLog = new AuditLog();
 341                                    auditLog.setUserId(user.getId());
 342                                    auditLog.setActivityCode(EcompAuditLog.CD_ACTIVITY_UPDATE_USER);
 343                                    auditLog.setAffectedRecordId(newAppRolesForUser.getOrgUserId());
 344                                    auditLog.setComments(EcompPortalUtils.truncateString(sbUserApps.toString(),
 345                                            PortalConstants.AUDIT_LOG_COMMENT_SIZE));
 346                                    auditService.logActivity(auditLog, null);
 347
 348                                    MDC.put(EPCommonSystemProperties.AUDITLOG_END_TIMESTAMP,
 349                                            EPEELFLoggerAdvice.getCurrentDateTimeUTC());
 350                                    EcompPortalUtils.calculateDateTimeDifferenceForLog(
 351                                            MDC.get(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP),
 352                                            MDC.get(EPCommonSystemProperties.AUDITLOG_END_TIMESTAMP));
 353                                    logger.info(EELFLoggerDelegate.auditLogger,
 354                                            EPLogUtil.formatAuditLogMessage(
 355                                                    "UserRolesController.putAppWithUserRoleStateForUser",
 356                                                    EcompAuditLog.CD_ACTIVITY_UPDATE_USER, user.getOrgUserId(),
 357                                                    newAppRolesForUser.getOrgUserId(), sbUserApps.toString()));
 358                                    MDC.remove(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP);
 359                                    MDC.remove(EPCommonSystemProperties.AUDITLOG_END_TIMESTAMP);
 360                                    MDC.remove(SystemProperties.MDC_TIMER);
 361                                    portalResponse = new PortalRestResponse<>(PortalRestStatusEnum.OK, "success", null);
 362
 363                             }
 364                             if (!changesApplied.isResult()) {
 365                                    throw new Exception(changesApplied.getDetailMessage());
 366                             }
 367
 368                      } catch (Exception e) {
 369                             logger.error(EELFLoggerDelegate.errorLogger,
 370                                     "putAppWithUserRoleStateForUser: failed for app {}, user {}",
 371                                     newAppRolesForUser.getAppId(),
 372                                     newAppRolesForUser.getOrgUserId(), e);
 373                             portalResponse = new PortalRestResponse<>(PortalRestStatusEnum.ERROR, e.getMessage(), null);
 374                      }
 375               }
 376
 377               EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/userAppRoles", "put result =", changesApplied);
 378               return portalResponse;
 379        }
 380
 381        @RequestMapping(value = {"/portalApi/updateRemoteUserProfile"}, method = {
 382                RequestMethod.GET}, produces = "application/json")
 383        public PortalRestResponse<String> updateRemoteUserProfile(HttpServletRequest request) {
 384
 385               String updateRemoteUserFlag = FAILURE;
 386               try {
 387                      // saveNewUser = userService.saveNewUser(newUser);
 388                      String orgUserId = request.getParameter("loginId");
 389                      Long appId = Long.parseLong(request.getParameter("appId"));
 390                      userRolesService.updateRemoteUserProfile(orgUserId, appId);
 391
 392               } catch (Exception e) {
 393                      logger.error(EELFLoggerDelegate.errorLogger, "updateRemoteUserProfile failed", e);
 394                      return new PortalRestResponse<>(PortalRestStatusEnum.OK, updateRemoteUserFlag, e.getMessage());
 395               }
 396               return new PortalRestResponse<>(PortalRestStatusEnum.ERROR, updateRemoteUserFlag, "");
 397
 398        }
 399
 400        @RequestMapping(value = {"/portalApi/app/{appId}/users"}, method = {
 401                RequestMethod.GET}, produces = "application/json")
 402        public List<UserApplicationRoles> getUsersFromAppEndpoint(HttpServletRequest request,
 403                @PathVariable("appId") Long appId) throws HTTPException {
 404               try {
 405                      logger.debug(EELFLoggerDelegate.debugLogger, "/portalApi/app/{}/users was invoked", appId);
 406                      return userRolesService.getUsersFromAppEndpoint(appId);
 407               } catch (Exception e) {
 408                      logger.error(EELFLoggerDelegate.errorLogger, "getUsersFromAppEndpoint failed", e);
 409                      return new ArrayList<>();
 410               }
 411        }
 412
 413        @RequestMapping(value = {"/portalApi/app/{appId}/roles"}, method = {
 414                RequestMethod.GET}, produces = "application/json")
 415        public List<EcompRole> testGetRoles(HttpServletRequest request, @PathVariable("appId") Long appId)
 416                throws HTTPException {
 417               EcompRole[] appRoles = applicationsRestClientService.get(EcompRole[].class, appId, "/roles");
 418               List<EcompRole> rolesList = Arrays.asList(appRoles);
 419               EcompPortalUtils
 420                       .logAndSerializeObject(logger, "/portalApi/app/{appId}/roles", "response for appId=" + appId,
 421                               rolesList);
 422
 423               return rolesList;
 424        }
 425
 426        @RequestMapping(value = {"/portalApi/admin/import/app/{appId}/roles"}, method = {
 427                RequestMethod.GET}, produces = "application/json")
 428        public List<FnRole> importRolesFromRemoteApplication(HttpServletRequest request,
 429                @PathVariable("appId") Long appId)
 430                throws HTTPException {
 431               List<FnRole> rolesList = userRolesService.importRolesFromRemoteApplication(appId);
 432               EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/admin/import/app/{appId}/roles",
 433                       "response for appId=" + appId, rolesList);
 434
 435               return rolesList;
 436        }
 437
 438        @RequestMapping(value = {"/portalApi/app/{appId}/user/{orgUserId}/roles"}, method = {
 439                RequestMethod.GET}, produces = "application/json")
 440        public EcompRole testGetRoles(HttpServletRequest request, @PathVariable("appId") Long appId,
 441                @PathVariable("orgUserId") String orgUserId) throws Exception {
 442               if (!EcompPortalUtils.legitimateUserId(orgUserId)) {
 443                      String msg = "Error /user/<user>/roles not legitimate orgUserId = " + orgUserId;
 444                      logger.error(EELFLoggerDelegate.errorLogger, msg);
 445                      throw new Exception(msg);
 446               }
 447               EcompRole[] roles = applicationsRestClientService.get(EcompRole[].class, appId,
 448                       String.format("/user/%s/roles", orgUserId));
 449               if (roles.length != 1) {
 450                      String msg =
 451                              "Error /user/<user>/roles returned array. expected size 1 recieved size = " + roles.length;
 452                      logger.error(EELFLoggerDelegate.errorLogger, msg);
 453                      throw new Exception(msg);
 454               }
 455
 456               EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/app/{appId}/user/{orgUserId}/roles",
 457                       "response for appId='" + appId + "' and orgUserId='" + orgUserId + "'", roles[0]);
 458               return roles[0];
 459        }
 460
 461        @RequestMapping(value = {"/portalApi/saveUserAppRoles"}, method = {
 462                RequestMethod.PUT}, produces = "application/json")
 463        public FieldsValidator putAppWithUserRoleRequest(Principal principal,
 464                @RequestBody AppWithRolesForUser newAppRolesForUser, HttpServletResponse response) {
 465               FieldsValidator fieldsValidator = null;
 466               try {
 467
 468                      FnUser user = fnUserService.loadUserByUsername(principal.getName());
 469                      fieldsValidator = userRolesService.putUserAppRolesRequest(newAppRolesForUser, user);
 470                      response.setStatus(fieldsValidator.httpStatusCode.intValue());
 471
 472               } catch (Exception e) {
 473                      logger.error(EELFLoggerDelegate.errorLogger, "putAppWithUserRoleRequest failed", e);
 474
 475               }
 476               // return fieldsValidator;
 477               EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/saveUserAppRoles", "PUT result =",
 478                       response.getStatus());
 479               return fieldsValidator;
 480        }
 481
 482        @RequestMapping(value = {"/portalApi/appCatalogRoles"}, method = {
 483                RequestMethod.GET}, produces = "application/json")
 484        public List<EPUserAppCatalogRoles> getUserAppCatalogRoles(Principal principal,
 485                @RequestParam("appName") String appName) {
 486               FnUser user = fnUserService.loadUserByUsername(principal.getName());
 487               List<EPUserAppCatalogRoles> userAppRoleList = null;
 488               try {
 489                      userAppRoleList = userRolesService.getUserAppCatalogRoles(user, appName);
 490               } catch (Exception e) {
 491                      logger.error(EELFLoggerDelegate.errorLogger, "putUserWidgetsSortPref failed", e);
 492
 493               }
 494               Collections.sort(userAppRoleList, getUserAppCatalogRolesComparator);
 495               EcompPortalUtils
 496                       .logAndSerializeObject(logger, "/portalApi/userApplicationRoles", "result =", userAppRoleList);
 497
 498               return userAppRoleList;
 499
 500        }
 501
 502        private Comparator<EPUserAppCatalogRoles> getUserAppCatalogRolesComparator =
 503                Comparator.comparing(EPUserAppCatalogRoles::getRolename);
 504
 505        @RequestMapping(value = "/portalApi/externalRequestAccessSystem", method = RequestMethod.GET,
 506                produces = "application/json")
 507        public ExternalSystemAccess readExternalRequestAccess(HttpServletRequest request) {
 508               ExternalSystemAccess result = null;
 509               try {
 510                      result = userRolesService.getExternalRequestAccess();
 511                      EcompPortalUtils
 512                              .logAndSerializeObject(logger, "/portalApi/externalRequestAccessSystem", "GET result =",
 513                                      result);
 514               } catch (Exception e) {
 515                      logger.error(EELFLoggerDelegate.errorLogger,
 516                              "readExternalRequestAccess failed: " + e.getMessage());
 517               }
 518               return result;
 519        }
 520 */
 521
 522
 523        @RequestMapping(value = {"/portalApi/checkIfUserIsSuperAdmin"}, method = RequestMethod.GET,
 524                produces = "application/json")
 525        public boolean checkIfUserIsSuperAdmin(Principal principal) {
 526               FnUser user = fnUserService.loadUserByUsername(principal.getName());
 527
 528               boolean isSuperAdmin = false;
 529               try {
 530                      isSuperAdmin = adminRolesService.isSuperAdmin(user.getOrgUserId());
 531               } catch (Exception e) {
 532                      logger.error(EELFLoggerDelegate.errorLogger, "checkIfUserIsSuperAdmin failed: " + e.getMessage());
 533               }
 534               return isSuperAdmin;
 535        }
 536 }