portal-BE/src/main/java/org/onap/portal/controller/WidgetsController.java

   1 /*
   2  * ============LICENSE_START==========================================
   3  * ONAP Portal
   4  * ===================================================================
   5  * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved.
   6  * ===================================================================
   7  * Modifications Copyright (c) 2019 Samsung
   8  * ===================================================================
   9  *
  10  * Unless otherwise specified, all software contained herein is licensed
  11  * under the Apache License, Version 2.0 (the "License");
  12  * you may not use this software except in compliance with the License.
  13  * You may obtain a copy of the License at
  14  *
  15  *             http://www.apache.org/licenses/LICENSE-2.0
  16  *
  17  * Unless required by applicable law or agreed to in writing, software
  18  * distributed under the License is distributed on an "AS IS" BASIS,
  19  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  20  * See the License for the specific language governing permissions and
  21  * limitations under the License.
  22  *
  23  * Unless otherwise specified, all documentation contained herein is licensed
  24  * under the Creative Commons License, Attribution 4.0 Intl. (the "License");
  25  * you may not use this documentation except in compliance with the License.
  26  * You may obtain a copy of the License at
  27  *
  28  *             https://creativecommons.org/licenses/by/4.0/
  29  *
  30  * Unless required by applicable law or agreed to in writing, documentation
  31  * distributed under the License is distributed on an "AS IS" BASIS,
  32  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  33  * See the License for the specific language governing permissions and
  34  * limitations under the License.
  35  *
  36  * ============LICENSE_END============================================
  37  *
  38  *
  39  */
  40
  41 package org.onap.portal.controller;
  42
  43 import java.io.IOException;
  44 import java.security.Principal;
  45 import java.util.List;
  46 import javax.servlet.http.HttpServletRequest;
  47 import javax.servlet.http.HttpServletResponse;
  48 import org.onap.portal.domain.db.fn.FnUser;
  49 import org.onap.portal.domain.dto.transport.FieldsValidator;
  50 import org.onap.portal.domain.dto.transport.OnboardingWidget;
  51 import org.onap.portal.domain.dto.transport.WidgetCatalogPersonalization;
  52 import org.onap.portal.service.AdminRolesService;
  53 import org.onap.portal.service.PersUserWidgetService;
  54 import org.onap.portal.service.WidgetService;
  55 import org.onap.portal.service.fn.FnUserService;
  56 import org.onap.portal.utils.EcompPortalUtils;
  57 import org.onap.portal.validation.DataValidator;
  58 import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;
  59 import org.springframework.beans.factory.annotation.Autowired;
  60 import org.springframework.context.annotation.Configuration;
  61 import org.springframework.context.annotation.EnableAspectJAutoProxy;
  62 import org.springframework.web.bind.annotation.PathVariable;
  63 import org.springframework.web.bind.annotation.RequestBody;
  64 import org.springframework.web.bind.annotation.RequestMapping;
  65 import org.springframework.web.bind.annotation.RequestMethod;
  66 import org.springframework.web.bind.annotation.RestController;
  67
  68 @RestController
  69 @Configuration
  70 @EnableAspectJAutoProxy
  71 public class WidgetsController {
  72
  73        private static final EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(WidgetsController.class);
  74
  75        private final FnUserService fnUserService;
  76        private final WidgetService widgetService;
  77        private final AdminRolesService adminRolesService;
  78        private final DataValidator dataValidator;
  79        private final PersUserWidgetService persUserWidgetService;
  80
  81        @Autowired
  82        public WidgetsController(final FnUserService fnUserService, final WidgetService widgetService,
  83                final AdminRolesService adminRolesService, final DataValidator dataValidator,
  84                final PersUserWidgetService persUserWidgetService) {
  85               this.fnUserService = fnUserService;
  86               this.widgetService = widgetService;
  87               this.adminRolesService = adminRolesService;
  88               this.dataValidator = dataValidator;
  89               this.persUserWidgetService = persUserWidgetService;
  90        }
  91
  92        @RequestMapping(value = {"/portalApi/widgets"}, method = RequestMethod.GET, produces = "application/json")
  93        public List<OnboardingWidget> getOnboardingWidgets(Principal principal, HttpServletRequest request,
  94                HttpServletResponse response) {
  95               FnUser user = fnUserService.loadUserByUsername(principal.getName());
  96               List<OnboardingWidget> onboardingWidgets = null;
  97
  98               if (user == null || user.isGuest()) {
  99                      EcompPortalUtils.setBadPermissions(user, response, "getOnboardingWidgets");
 100               } else {
 101                      String getType = request.getHeader("X-Widgets-Type");
 102                      if (!getType.isEmpty() && ("managed".equals(getType) || "all".equals(getType))) {
 103                             onboardingWidgets = widgetService.getOnboardingWidgets(user, "managed".equals(getType));
 104                      } else {
 105                             logger.debug(EELFLoggerDelegate.debugLogger,
 106                                     "WidgetsController.getOnboardingApps - request must contain header 'X-Widgets-Type' with 'all' or 'managed'");
 107                             response.setStatus(HttpServletResponse.SC_BAD_REQUEST);
 108                      }
 109               }
 110
 111               EcompPortalUtils
 112                       .logAndSerializeObject(logger, "/portalApi/widgets", "GET result =", response.getStatus());
 113               return onboardingWidgets;
 114        }
 115
 116        @RequestMapping(value = {"/portalApi/widgets/{widgetId}"}, method = {
 117                RequestMethod.PUT}, produces = "application/json")
 118        public FieldsValidator putOnboardingWidget(Principal principal, HttpServletRequest request,
 119                @PathVariable("widgetId") Long widgetId,
 120                @RequestBody OnboardingWidget onboardingWidget, HttpServletResponse response) {
 121               FnUser user = fnUserService.loadUserByUsername(principal.getName());
 122               FieldsValidator fieldsValidator = null;
 123               if (onboardingWidget != null) {
 124                      if (!dataValidator.isValid(onboardingWidget)) {
 125                             fieldsValidator = new FieldsValidator();
 126                             fieldsValidator.setHttpStatusCode((long) HttpServletResponse.SC_NOT_ACCEPTABLE);
 127                             return fieldsValidator;
 128                      }
 129               }
 130
 131               if (userHasPermissions(user, response, "putOnboardingWidget")) {
 132                      assert onboardingWidget != null;
 133                      onboardingWidget.setId(widgetId);
 134                      onboardingWidget.normalize();
 135                      fieldsValidator = widgetService.setOnboardingWidget(user, onboardingWidget);
 136                      response.setStatus(fieldsValidator.getHttpStatusCode().intValue());
 137               }
 138               EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/widgets/" + widgetId, "GET result =",
 139                       response.getStatus());
 140
 141               return fieldsValidator;
 142        }
 143
 144        private boolean userHasPermissions(FnUser user, HttpServletResponse response, String invocator) {
 145               if (!adminRolesService.isSuperAdmin(user) && !adminRolesService.isAccountAdmin(user)) {
 146                      EcompPortalUtils.setBadPermissions(user, response, invocator);
 147                      return false;
 148               }
 149               return true;
 150        }
 151
 152        @RequestMapping(value = {"/portalApi/widgets"}, method = {RequestMethod.POST}, produces = "application/json")
 153        public FieldsValidator postOnboardingWidget(Principal principal, HttpServletRequest request,
 154                @RequestBody OnboardingWidget onboardingWidget, HttpServletResponse response) {
 155               FnUser user = fnUserService.loadUserByUsername(principal.getName());
 156               FieldsValidator fieldsValidator = null;
 157
 158               if (onboardingWidget != null) {
 159                      if (!dataValidator.isValid(onboardingWidget)) {
 160                             fieldsValidator = new FieldsValidator();
 161                             fieldsValidator.setHttpStatusCode((long) HttpServletResponse.SC_NOT_ACCEPTABLE);
 162                             return fieldsValidator;
 163                      }
 164               }
 165
 166               if (userHasPermissions(user, response, "postOnboardingWidget")) {
 167                      onboardingWidget.setId(null);
 168                      onboardingWidget.normalize();
 169                      fieldsValidator = widgetService.setOnboardingWidget(user, onboardingWidget);
 170                      response.setStatus(fieldsValidator.getHttpStatusCode().intValue());
 171               }
 172
 173               EcompPortalUtils
 174                       .logAndSerializeObject(logger, "/portalApi/widgets", "POST result =", response.getStatus());
 175               return fieldsValidator;
 176        }
 177
 178        @RequestMapping(value = {"/portalApi/widgets/{widgetId}"}, method = {
 179                RequestMethod.DELETE}, produces = "application/json")
 180        public FieldsValidator deleteOnboardingWidget(Principal principal, HttpServletRequest request,
 181                @PathVariable("widgetId") Long widgetId, HttpServletResponse response) {
 182               FnUser user = fnUserService.loadUserByUsername(principal.getName());
 183               FieldsValidator fieldsValidator = null;
 184
 185               if (userHasPermissions(user, response, "deleteOnboardingWidget")) {
 186                      fieldsValidator = widgetService.deleteOnboardingWidget(user, widgetId);
 187                      response.setStatus(fieldsValidator.getHttpStatusCode().intValue());
 188               }
 189
 190               EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/widgets/" + widgetId, "DELETE result =",
 191                       response.getStatus());
 192               return fieldsValidator;
 193        }
 194
 195        @RequestMapping(value = {
 196                "portalApi/widgetCatalogSelection"}, method = RequestMethod.PUT, produces = "application/json")
 197        public FieldsValidator putWidgetCatalogSelection(Principal principal, HttpServletRequest request,
 198                @RequestBody WidgetCatalogPersonalization persRequest, HttpServletResponse response) throws IOException {
 199               FieldsValidator result = new FieldsValidator();
 200               FnUser user = fnUserService.loadUserByUsername(principal.getName());
 201
 202               if (persRequest != null) {
 203                      if (!dataValidator.isValid(persRequest)) {
 204                             result.setHttpStatusCode((long) HttpServletResponse.SC_NOT_ACCEPTABLE);
 205                             return result;
 206                      }
 207               }
 208
 209               try {
 210                      if (persRequest.getWidgetId() == null || user == null) {
 211                             EcompPortalUtils.setBadPermissions(user, response, "putWidgetCatalogSelection");
 212                      } else {
 213                             persUserWidgetService
 214                                     .setPersUserAppValue(user, persRequest.getWidgetId(), persRequest.getSelect());
 215                      }
 216               } catch (Exception e) {
 217                      logger.error(EELFLoggerDelegate.errorLogger, "Failed in putAppCatalogSelection", e);
 218                      response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, e.toString());
 219               }
 220               result.setHttpStatusCode((long) HttpServletResponse.SC_OK);
 221               return result;
 222        }
 223 }