portal-BE/src/main/java/org/onap/portal/service/WidgetService.java

   1 /*
   2  * ============LICENSE_START==========================================
   3  * ONAP Portal
   4  * ===================================================================
   5  * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved.
   6  * ===================================================================
   7  * Modifications Copyright (c) 2019 Samsung
   8  * ===================================================================
   9  *
  10  * Unless otherwise specified, all software contained herein is licensed
  11  * under the Apache License, Version 2.0 (the "License");
  12  * you may not use this software except in compliance with the License.
  13  * You may obtain a copy of the License at
  14  *
  15  *             http://www.apache.org/licenses/LICENSE-2.0
  16  *
  17  * Unless required by applicable law or agreed to in writing, software
  18  * distributed under the License is distributed on an "AS IS" BASIS,
  19  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  20  * See the License for the specific language governing permissions and
  21  * limitations under the License.
  22  *
  23  * Unless otherwise specified, all documentation contained herein is licensed
  24  * under the Creative Commons License, Attribution 4.0 Intl. (the "License");
  25  * you may not use this documentation except in compliance with the License.
  26  * You may obtain a copy of the License at
  27  *
  28  *             https://creativecommons.org/licenses/by/4.0/
  29  *
  30  * Unless required by applicable law or agreed to in writing, documentation
  31  * distributed under the License is distributed on an "AS IS" BASIS,
  32  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  33  * See the License for the specific language governing permissions and
  34  * limitations under the License.
  35  *
  36  * ============LICENSE_END============================================
  37  *
  38  *
  39  */
  40
  41 package org.onap.portal.service;
  42
  43 import java.util.ArrayList;
  44 import java.util.List;
  45 import javax.persistence.EntityManager;
  46 import javax.servlet.http.HttpServletResponse;
  47 import org.onap.portal.dao.fn.FnWidgetDao;
  48 import org.onap.portal.domain.db.fn.FnUser;
  49 import org.onap.portal.domain.db.fn.FnUserRole;
  50 import org.onap.portal.domain.db.fn.FnWidget;
  51 import org.onap.portal.domain.dto.ecomp.EPUserApp;
  52 import org.onap.portal.domain.dto.transport.FieldsValidator;
  53 import org.onap.portal.domain.dto.transport.OnboardingWidget;
  54 import org.onap.portal.service.fn.FnUserRoleService;
  55 import org.onap.portal.utils.EPCommonSystemProperties;
  56 import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;
  57 import org.springframework.beans.factory.annotation.Autowired;
  58 import org.springframework.context.annotation.EnableAspectJAutoProxy;
  59 import org.springframework.security.access.prepost.PreAuthorize;
  60 import org.springframework.stereotype.Service;
  61 import org.springframework.transaction.annotation.Transactional;
  62
  63 @Service
  64 @EnableAspectJAutoProxy
  65 @Transactional
  66 public class WidgetService {
  67
  68        private final EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(WidgetService.class);
  69        private final Long ACCOUNT_ADMIN_ROLE_ID = 999L;
  70
  71        private static String baseSqlToken =
  72                " new org.onap.portal.domain.dto.transport.OnboardingWidget("
  73                        + "widget.WIDGET_ID,widget.WDG_NAME,widget.APP_ID,"
  74                        + "app.APP_NAME,widget.WDG_WIDTH,widget.WDG_HEIGHT,"
  75                        + "widget.WDG_URL, widget.WIDGET_ID,widget.WDG_NAME,widget.APP_ID,app.APP_NAME,widget.WDG_WIDTH,widget.WDG_HEIGHT,widget.WDG_URL) from FN_WIDGET widget join FN_APP app ON widget.APP_ID = app.APP_ID";
  76
  77        private static final String urlField = "url";
  78        private static final Long DUBLICATED_FIELD_VALUE_ECOMP_ERROR = new Long(
  79                EPCommonSystemProperties.DUBLICATED_FIELD_VALUE_ECOMP_ERROR);
  80        private static final String nameField = "name";
  81
  82        private final AdminRolesService adminRolesService;
  83        private final EntityManager entityManager;
  84        private final FnWidgetDao fnWidgetDao;
  85        private final FnUserRoleService fnUserRoleService;
  86
  87        @Autowired
  88        public WidgetService(final AdminRolesService adminRolesService, final EntityManager entityManager,
  89                final FnWidgetDao fnWidgetDao, FnUserRoleService fnUserRoleService) {
  90               this.adminRolesService = adminRolesService;
  91               this.entityManager = entityManager;
  92               this.fnWidgetDao = fnWidgetDao;
  93               this.fnUserRoleService = fnUserRoleService;
  94        }
  95
  96        private static final Object syncRests = new Object();
  97
  98        public List<OnboardingWidget> getOnboardingWidgets(FnUser user, boolean managed) {
  99               if (adminRolesService.isSuperAdmin(user.getOrgUserId())) {
 100                      return entityManager.createQuery(sqlWidgetsForAllApps(), OnboardingWidget.class).getResultList();
 101               } else if (managed) {
 102                      if (adminRolesService.isAccountAdmin(user)) {
 103                             return entityManager
 104                                     .createQuery(sqlWidgetsForAllAppsWhereUserIsAdmin(), OnboardingWidget.class)
 105                                     .setParameter("USERID", user.getId()).getResultList();
 106                      }
 107               } else if (adminRolesService.isAccountAdmin(user) || adminRolesService.isUser(user)) {
 108                      return entityManager
 109                              .createQuery(sqlWidgetsForAllAppsWhereUserHasAnyRole(), OnboardingWidget.class)
 110                              .setParameter("USERID", user.getId()).getResultList();
 111               }
 112               return new ArrayList<>();
 113        }
 114
 115        private String sqlWidgetsForAllApps() {
 116               return "SELECT" + baseSqlToken;
 117        }
 118
 119        private String sqlWidgetsForAllAppsWhereUserIsAdmin() {
 120               return "SELECT" + baseSqlToken
 121                       + " join FN_USER_ROLE ON FN_USER_ROLE.APP_ID = app.APP_ID where FN_USER_ROLE.USER_ID = :USERID AND FN_USER_ROLE.ROLE_ID = "
 122                       + ACCOUNT_ADMIN_ROLE_ID;
 123        }
 124
 125        private String sqlWidgetsForAllAppsWhereUserHasAnyRole() {
 126               return "SELECT DISTINCT" + baseSqlToken
 127                       + " join FN_USER_ROLE ON FN_USER_ROLE.APP_ID = app.APP_ID where FN_USER_ROLE.USER_ID = "
 128                       + ":USERID";
 129        }
 130
 131        @PreAuthorize("hasRole('System_Administrator')")
 132        public FieldsValidator setOnboardingWidget(final Long userId, final OnboardingWidget onboardingWidget) {
 133               return this.updateOrSaveWidget(true, userId, onboardingWidget);
 134        }
 135
 136        private FieldsValidator updateOrSaveWidget(boolean superAdmin, Long userId, OnboardingWidget onboardingWidget) {
 137               FieldsValidator fieldsValidator = new FieldsValidator();
 138               if (!this.isUserAdminOfAppForWidget(superAdmin, userId, onboardingWidget.getAppId())) {
 139                      fieldsValidator.setHttpStatusCode((long) HttpServletResponse.SC_FORBIDDEN);
 140                      return fieldsValidator;
 141               }
 142               synchronized (syncRests) {
 143                      if (onboardingWidget.getId() == null) {
 144                             this.validateOnboardingWidget(onboardingWidget, fieldsValidator);
 145                      } else {
 146                             FnWidget widget = fnWidgetDao.getOne(onboardingWidget.getId());
 147                             if (widget == null || widget.getAppId() == null) {
 148                                    fieldsValidator.setHttpStatusCode((long) HttpServletResponse.SC_NOT_FOUND);
 149                                    return fieldsValidator;
 150                             }
 151                             this.validateOnboardingWidget(onboardingWidget, fieldsValidator);
 152                      }
 153                      if (fieldsValidator.getHttpStatusCode() == HttpServletResponse.SC_OK) {
 154                             this.applyOnboardingWidget(onboardingWidget, fieldsValidator);
 155                      }
 156               }
 157               return fieldsValidator;
 158        }
 159
 160        private boolean isUserAdminOfAppForWidget(boolean superAdmin, Long userId, Long appId) {
 161               if (!superAdmin) {
 162                      List<FnUserRole> userRoles = getAdminUserRoles(userId, appId);
 163                      return (userRoles.size() > 0);
 164               }
 165               return true;
 166        }
 167
 168        private List<FnUserRole> getAdminUserRoles(Long userId, Long appId) {
 169               return fnUserRoleService.getAdminUserRoles(userId, ACCOUNT_ADMIN_ROLE_ID, appId);
 170        }
 171
 172        private void applyOnboardingWidget(OnboardingWidget onboardingWidget, FieldsValidator fieldsValidator) {
 173               boolean result;
 174               FnWidget widget;
 175               if (onboardingWidget.getId() == null) {
 176                      widget = new FnWidget();
 177               } else {
 178                      widget = fnWidgetDao.getOne(onboardingWidget.getId());
 179               }
 180               widget.setAppId(onboardingWidget.getAppId());
 181               widget.setName(onboardingWidget.getName());
 182               widget.setWidth(onboardingWidget.getWidth());
 183               widget.setHeight(onboardingWidget.getHeight());
 184               widget.setUrl(onboardingWidget.getUrl());
 185               result = widget.equals(fnWidgetDao.saveAndFlush(widget));
 186               if (!result) {
 187                      fieldsValidator.setHttpStatusCode((long) HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
 188               }
 189        }
 190
 191        private void validateOnboardingWidget(OnboardingWidget onboardingWidget, FieldsValidator fieldsValidator) {
 192               List<FnWidget> widgets = getWidgets(onboardingWidget);
 193               boolean dublicatedUrl = false;
 194               boolean dublicatedName = false;
 195               for (FnWidget widget : widgets) {
 196                      if (onboardingWidget.getId() != null && onboardingWidget.getId().equals(widget.getWidgetId())) {
 197                             // widget should not be compared with itself
 198                             continue;
 199                      }
 200                      if (!dublicatedUrl && widget.getUrl().equals(onboardingWidget.getUrl())) {
 201                             dublicatedUrl = true;
 202                             if (dublicatedName) {
 203                                    break;
 204                             }
 205                      }
 206                      if (!dublicatedName && widget.getName().equalsIgnoreCase(onboardingWidget.getName()) && widget
 207                              .getAppId().equals(onboardingWidget.getAppId())) {
 208                             dublicatedName = true;
 209                             if (dublicatedUrl) {
 210                                    break;
 211                             }
 212                      }
 213               }
 214               if (dublicatedUrl || dublicatedName) {
 215                      if (dublicatedUrl) {
 216                             fieldsValidator.addProblematicFieldName(urlField);
 217                      }
 218                      if (dublicatedName) {
 219                             fieldsValidator.addProblematicFieldName(nameField);
 220                      }
 221                      fieldsValidator.setHttpStatusCode((long) HttpServletResponse.SC_CONFLICT);
 222                      fieldsValidator.setErrorCode(DUBLICATED_FIELD_VALUE_ECOMP_ERROR);
 223               }
 224        }
 225
 226        private List<FnWidget> getWidgets(final OnboardingWidget onboardingWidget) {
 227               return fnWidgetDao.getForUrlNameAndAppId(onboardingWidget.getUrl(), onboardingWidget.getName(), onboardingWidget.getAppId()).orElse(new ArrayList<>());
 228        }
 229
 230        public FieldsValidator deleteOnboardingWidget(FnUser user, Long onboardingWidgetId) {
 231               FieldsValidator fieldsValidator = new FieldsValidator();
 232               synchronized (syncRests) {
 233                      FnWidget widget = fnWidgetDao.getOne(onboardingWidgetId);
 234                      if (widget != null && widget.getAppId() != null) { // widget exists
 235                             if (!this.isUserAdminOfAppForWidget(adminRolesService.isSuperAdmin(user.getOrgUserId()), user.getUserId(),
 236                                     widget.getAppId())) {
 237                                    fieldsValidator.setHttpStatusCode((long) HttpServletResponse.SC_FORBIDDEN);
 238                             } else {
 239                                    fnWidgetDao.deleteById(onboardingWidgetId);
 240                                    fieldsValidator.setHttpStatusCode(
 241                                            (long) HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
 242                             }
 243                      }
 244               }
 245               return fieldsValidator;
 246        }
 247
 248        public FnWidget saveOne(final FnWidget widget){
 249               return fnWidgetDao.saveAndFlush(widget);
 250        }
 251 }