portal-BE/src/main/java/org/onap/portal/controller/WidgetsController.java

   1 /*
   2  * ============LICENSE_START==========================================
   3  * ONAP Portal
   4  * ===================================================================
   5  * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved.
   6  * ===================================================================
   7  * Modifications Copyright (c) 2019 Samsung
   8  * ===================================================================
   9  *
  10  * Unless otherwise specified, all software contained herein is licensed
  11  * under the Apache License, Version 2.0 (the "License");
  12  * you may not use this software except in compliance with the License.
  13  * You may obtain a copy of the License at
  14  *
  15  *             http://www.apache.org/licenses/LICENSE-2.0
  16  *
  17  * Unless required by applicable law or agreed to in writing, software
  18  * distributed under the License is distributed on an "AS IS" BASIS,
  19  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  20  * See the License for the specific language governing permissions and
  21  * limitations under the License.
  22  *
  23  * Unless otherwise specified, all documentation contained herein is licensed
  24  * under the Creative Commons License, Attribution 4.0 Intl. (the "License");
  25  * you may not use this documentation except in compliance with the License.
  26  * You may obtain a copy of the License at
  27  *
  28  *             https://creativecommons.org/licenses/by/4.0/
  29  *
  30  * Unless required by applicable law or agreed to in writing, documentation
  31  * distributed under the License is distributed on an "AS IS" BASIS,
  32  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  33  * See the License for the specific language governing permissions and
  34  * limitations under the License.
  35  *
  36  * ============LICENSE_END============================================
  37  *
  38  *
  39  */
  40
  41 package org.onap.portal.controller;
  42
  43 import java.security.Principal;
  44 import java.util.List;
  45 import javax.servlet.http.HttpServletRequest;
  46 import javax.servlet.http.HttpServletResponse;
  47 import org.onap.portal.domain.db.fn.FnUser;
  48 import org.onap.portal.domain.dto.transport.FieldsValidator;
  49 import org.onap.portal.domain.dto.transport.OnboardingWidget;
  50 import org.onap.portal.service.AdminRolesService;
  51 import org.onap.portal.service.WidgetService;
  52 import org.onap.portal.service.fn.FnUserService;
  53 import org.onap.portal.utils.EcompPortalUtils;
  54 import org.onap.portal.validation.DataValidator;
  55 import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;
  56 import org.springframework.beans.factory.annotation.Autowired;
  57 import org.springframework.context.annotation.Configuration;
  58 import org.springframework.context.annotation.EnableAspectJAutoProxy;
  59 import org.springframework.web.bind.annotation.PathVariable;
  60 import org.springframework.web.bind.annotation.RequestBody;
  61 import org.springframework.web.bind.annotation.RequestMapping;
  62 import org.springframework.web.bind.annotation.RequestMethod;
  63 import org.springframework.web.bind.annotation.RestController;
  64
  65 @RestController
  66 @Configuration
  67 @EnableAspectJAutoProxy
  68 public class WidgetsController {
  69        private static final EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(WidgetsController.class);
  70
  71        private final FnUserService fnUserService;
  72        private final WidgetService widgetService;
  73        private final AdminRolesService adminRolesService;
  74        private final DataValidator dataValidator;
  75
  76        @Autowired
  77        public WidgetsController(FnUserService fnUserService, WidgetService widgetService,
  78                AdminRolesService adminRolesService, DataValidator dataValidator) {
  79               this.fnUserService = fnUserService;
  80               this.widgetService = widgetService;
  81               this.adminRolesService = adminRolesService;
  82               this.dataValidator = dataValidator;
  83        }
  84
  85        @RequestMapping(value = { "/portalApi/widgets" }, method = RequestMethod.GET, produces = "application/json")
  86        public List<OnboardingWidget> getOnboardingWidgets(Principal principal, HttpServletRequest request, HttpServletResponse response) {
  87               FnUser user = fnUserService.loadUserByUsername(principal.getName());
  88               List<OnboardingWidget> onboardingWidgets = null;
  89
  90               if (user == null || user.isGuest()) {
  91                      EcompPortalUtils.setBadPermissions(user, response, "getOnboardingWidgets");
  92               } else {
  93                      String getType = request.getHeader("X-Widgets-Type");
  94                      if (!getType.isEmpty() && ("managed".equals(getType) || "all".equals(getType))) {
  95                             onboardingWidgets = widgetService.getOnboardingWidgets(user, "managed".equals(getType));
  96                      } else {
  97                             logger.debug(EELFLoggerDelegate.debugLogger, "WidgetsController.getOnboardingApps - request must contain header 'X-Widgets-Type' with 'all' or 'managed'");
  98                             response.setStatus(HttpServletResponse.SC_BAD_REQUEST);
  99                      }
 100               }
 101
 102               EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/widgets", "GET result =", response.getStatus());
 103               return onboardingWidgets;
 104        }
 105
 106        @RequestMapping(value = { "/portalApi/widgets/{widgetId}" }, method = { RequestMethod.PUT }, produces = "application/json")
 107        public FieldsValidator putOnboardingWidget(Principal principal, HttpServletRequest request, @PathVariable("widgetId") Long widgetId,
 108                @RequestBody OnboardingWidget onboardingWidget, HttpServletResponse response) {
 109               FnUser user = fnUserService.loadUserByUsername(principal.getName());
 110               FieldsValidator fieldsValidator = null;
 111               if (onboardingWidget!=null){
 112                      if(!dataValidator.isValid(onboardingWidget)){
 113                             fieldsValidator = new FieldsValidator();
 114                             fieldsValidator.setHttpStatusCode((long)HttpServletResponse.SC_NOT_ACCEPTABLE);
 115                             return fieldsValidator;
 116                      }
 117               }
 118
 119               if (userHasPermissions(user, response, "putOnboardingWidget")) {
 120                      assert onboardingWidget != null;
 121                      onboardingWidget.setId(widgetId);
 122                      onboardingWidget.normalize();
 123                      fieldsValidator = widgetService.setOnboardingWidget(user, onboardingWidget);
 124                      response.setStatus(fieldsValidator.getHttpStatusCode().intValue());
 125               }
 126               EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/widgets/" + widgetId, "GET result =", response.getStatus());
 127
 128               return fieldsValidator;
 129        }
 130
 131        private boolean userHasPermissions(FnUser user, HttpServletResponse response, String invocator) {
 132               if (!adminRolesService.isSuperAdmin(user) && !adminRolesService.isAccountAdmin(user)) {
 133                      EcompPortalUtils.setBadPermissions(user, response, invocator);
 134                      return false;
 135               }
 136               return true;
 137        }
 138 }