From: Dominik Mizyn Date: Wed, 8 Jan 2020 12:17:01 +0000 (+0100) Subject: Removing attached entity from method argument X-Git-Tag: 3.2.0~37^2~6 X-Git-Url: https://gerrit.onap.org/r/gitweb?p=portal.git;a=commitdiff_plain;h=500bd3b761971db9ff11d8583337799c7891185f Removing attached entity from method argument I remove some FnUser entity as argument for method. Attached entitys should never be used as argument for methods. Issue-ID: PORTAL-710 Signed-off-by: Dominik Mizyn Change-Id: Ibf10d1e2bde2e116b962dd651dd649da477ee1ec --- diff --git a/portal-BE/build.sh b/portal-BE/build.sh index 2d1a4426..10398e2c 100755 --- a/portal-BE/build.sh +++ b/portal-BE/build.sh @@ -2,7 +2,9 @@ export spring_datasource_username=portal export spring_datasource_password=Test123456 - -mvn clean install +echo "mvn clean install" +mvn clean install > file-log.log +echo "docker build" docker build -t portal_app . -docker-compose up \ No newline at end of file +echo "docker compose" +docker-compose up diff --git a/portal-BE/src/main/java/org/onap/portal/aop/service/WidgetServiceAOP.java b/portal-BE/src/main/java/org/onap/portal/aop/service/WidgetServiceAOP.java index c1357e2a..c19d923b 100644 --- a/portal-BE/src/main/java/org/onap/portal/aop/service/WidgetServiceAOP.java +++ b/portal-BE/src/main/java/org/onap/portal/aop/service/WidgetServiceAOP.java @@ -2,6 +2,7 @@ package org.onap.portal.aop.service; import org.aspectj.lang.annotation.Aspect; import org.aspectj.lang.annotation.Before; +import org.onap.portal.domain.db.fn.FnWidget; import org.onap.portal.domain.dto.transport.OnboardingWidget; import org.onap.portal.validation.DataValidator; import org.slf4j.Logger; @@ -29,4 +30,11 @@ public class WidgetServiceAOP { throw new IllegalArgumentException(dataValidator.getConstraintViolationsString(onboardingWidget)); } } + + @Before("execution(* org.onap.portal.service.widget.WidgetService.saveOne(..)) && args(widget)") + public void saveOne(final FnWidget widget) { + if (!dataValidator.isValid(widget)) { + throw new IllegalArgumentException(dataValidator.getConstraintViolationsString(widget)); + } + } } diff --git a/portal-BE/src/main/java/org/onap/portal/controller/UserRolesController.java b/portal-BE/src/main/java/org/onap/portal/controller/UserRolesController.java index 1a2cb5d0..9b29f5d9 100644 --- a/portal-BE/src/main/java/org/onap/portal/controller/UserRolesController.java +++ b/portal-BE/src/main/java/org/onap/portal/controller/UserRolesController.java @@ -266,10 +266,10 @@ public class UserRolesController { FnUser user = fnUserService.loadUserByUsername(principal.getName()); List result = null; String feErrorString = ""; - if (!adminRolesService.isAccountAdmin(user) && !adminRolesService.isRoleAdmin(user.getId())) { + if (!adminRolesService.isAccountAdmin(user.getId(), user.getOrgUserId(), user.getUserApps()) && !adminRolesService.isRoleAdmin(user.getId())) { logger.debug(EELFLoggerDelegate.debugLogger, "getAppRolesForUser: Accountadminpermissioncheck {}, RoleAdmincheck {}", - adminRolesService.isAccountAdmin(user), adminRolesService.isRoleAdmin(user.getId())); + adminRolesService.isAccountAdmin(user.getId(), user.getOrgUserId(), user.getUserApps()), adminRolesService.isRoleAdmin(user.getId())); EcompPortalUtils.setBadPermissions(user, response, "getAppRolesForUser"); feErrorString = EcompPortalUtils.getFEErrorString(true, response.getStatus()); } else { @@ -355,7 +355,7 @@ public class UserRolesController { // boolean changesApplied = false; ExternalRequestFieldsValidator changesApplied = null; - if (!adminRolesService.isAccountAdmin(user) && !adminRolesService.isRoleAdmin(user.getId())) { + if (!adminRolesService.isAccountAdmin(user.getId(), user.getOrgUserId(), user.getUserApps()) && !adminRolesService.isRoleAdmin(user.getId())) { EcompPortalUtils.setBadPermissions(user, response, "putAppWithUserRoleStateForUser"); } else if (newAppRolesForUser == null) { logger.error(EELFLoggerDelegate.errorLogger, diff --git a/portal-BE/src/main/java/org/onap/portal/controller/WebAnalyticsExtAppController.java b/portal-BE/src/main/java/org/onap/portal/controller/WebAnalyticsExtAppController.java index 20c64546..2417db37 100644 --- a/portal-BE/src/main/java/org/onap/portal/controller/WebAnalyticsExtAppController.java +++ b/portal-BE/src/main/java/org/onap/portal/controller/WebAnalyticsExtAppController.java @@ -68,7 +68,6 @@ import org.onap.portalsdk.core.util.SystemProperties; import org.slf4j.MDC; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.annotation.Configuration; -import org.springframework.context.annotation.EnableAspectJAutoProxy; import org.springframework.http.HttpEntity; import org.springframework.http.HttpHeaders; import org.springframework.http.HttpMethod; @@ -87,7 +86,6 @@ import org.springframework.web.client.AsyncRestTemplate; @RestController @RequestMapping(PortalConstants.REST_AUX_API) @Configuration -@EnableAspectJAutoProxy @EPAuditLog @NoArgsConstructor public class WebAnalyticsExtAppController { @@ -114,7 +112,7 @@ public class WebAnalyticsExtAppController { /** * Answers requests from partner applications for a file that is expected to * contain javascript to support web analytics. - * + * * @param request * HttpServletRequest * @return String @@ -158,7 +156,7 @@ public class WebAnalyticsExtAppController { /** * Accepts data from partner applications with web analytics data. - * + * * @param request * HttpServletRequest * @param analyticsMap @@ -209,14 +207,14 @@ public class WebAnalyticsExtAppController { } private String getAppName(HttpServletRequest request, String appName) { - + FnApp appRecord = getApp(request); if (appRecord != null) { appName = appRecord.getAppName(); } return appName; } - + private FnApp getApp(HttpServletRequest request) { String appKeyValue = request.getHeader(APP_KEY); FnApp appRecord = null; @@ -252,5 +250,5 @@ public class WebAnalyticsExtAppController { HttpMethod.POST, entity, String.class); out.addCallback(successCallback, failureCallback); } - + } diff --git a/portal-BE/src/main/java/org/onap/portal/controller/WebAnalyticsExtAppVersionController.java b/portal-BE/src/main/java/org/onap/portal/controller/WebAnalyticsExtAppVersionController.java index 87be5439..425cc55d 100644 --- a/portal-BE/src/main/java/org/onap/portal/controller/WebAnalyticsExtAppVersionController.java +++ b/portal-BE/src/main/java/org/onap/portal/controller/WebAnalyticsExtAppVersionController.java @@ -48,10 +48,8 @@ import org.onap.portal.logging.aop.EPAuditLog; import org.onap.portalsdk.core.onboarding.crossapi.PortalAPIResponse; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.annotation.Configuration; -import org.springframework.context.annotation.EnableAspectJAutoProxy; @Configuration -@EnableAspectJAutoProxy @EPAuditLog @ApiVersion public class WebAnalyticsExtAppVersionController { diff --git a/portal-BE/src/main/java/org/onap/portal/controller/WidgetsCatalogController.java b/portal-BE/src/main/java/org/onap/portal/controller/WidgetsCatalogController.java index 93d6dd56..3fc5e4b8 100644 --- a/portal-BE/src/main/java/org/onap/portal/controller/WidgetsCatalogController.java +++ b/portal-BE/src/main/java/org/onap/portal/controller/WidgetsCatalogController.java @@ -88,7 +88,6 @@ import org.springframework.web.multipart.MultipartFile; import org.springframework.web.multipart.MultipartHttpServletRequest; @RestController -@EnableAspectJAutoProxy @EPAuditLog public class WidgetsCatalogController { diff --git a/portal-BE/src/main/java/org/onap/portal/controller/WidgetsCatalogMarkupController.java b/portal-BE/src/main/java/org/onap/portal/controller/WidgetsCatalogMarkupController.java index 4a4287c5..1c29355e 100644 --- a/portal-BE/src/main/java/org/onap/portal/controller/WidgetsCatalogMarkupController.java +++ b/portal-BE/src/main/java/org/onap/portal/controller/WidgetsCatalogMarkupController.java @@ -50,7 +50,6 @@ import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate; import org.onap.portalsdk.core.util.SystemProperties; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.annotation.Bean; -import org.springframework.context.annotation.EnableAspectJAutoProxy; import org.springframework.web.bind.annotation.GetMapping; import org.springframework.web.bind.annotation.PathVariable; import org.springframework.web.bind.annotation.RestController; @@ -60,7 +59,6 @@ import org.springframework.web.multipart.commons.CommonsMultipartResolver; @EPAuditLog @RestController -@EnableAspectJAutoProxy public class WidgetsCatalogMarkupController { private EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(WidgetsCatalogMarkupController.class); diff --git a/portal-BE/src/main/java/org/onap/portal/controller/WidgetsController.java b/portal-BE/src/main/java/org/onap/portal/controller/WidgetsController.java index db7039fe..5620204f 100644 --- a/portal-BE/src/main/java/org/onap/portal/controller/WidgetsController.java +++ b/portal-BE/src/main/java/org/onap/portal/controller/WidgetsController.java @@ -69,7 +69,6 @@ import org.springframework.web.bind.annotation.RestController; @EPAuditLog @RestController -@EnableAspectJAutoProxy public class WidgetsController { private static final EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(WidgetsController.class); @@ -96,7 +95,7 @@ public class WidgetsController { } else { String getType = request.getHeader("X-Widgets-Type"); if (!getType.isEmpty() && ("managed".equals(getType) || "all".equals(getType))) { - onboardingWidgets = widgetService.getOnboardingWidgets(user, "managed".equals(getType)); + onboardingWidgets = widgetService.getOnboardingWidgets(user.getOrgUserId(), user.getId(), "managed".equals(getType)); } else { logger.debug(EELFLoggerDelegate.debugLogger, "WidgetsController.getOnboardingApps - request must contain header 'X-Widgets-Type' with 'all' or 'managed'"); @@ -167,7 +166,7 @@ public class WidgetsController { FnUser user = fnUserService.loadUserByUsername(principal.getName()); FieldsValidator fieldsValidator; - fieldsValidator = widgetService.deleteOnboardingWidget(user, widgetId); + fieldsValidator = widgetService.deleteOnboardingWidget(user.getOrgUserId(), user.getId(), widgetId); response.setStatus(fieldsValidator.getHttpStatusCode().intValue()); EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/widgets/" + widgetId, "DELETE result =", diff --git a/portal-BE/src/main/java/org/onap/portal/service/AdminRolesService.java b/portal-BE/src/main/java/org/onap/portal/service/AdminRolesService.java index 187e175e..059979d2 100644 --- a/portal-BE/src/main/java/org/onap/portal/service/AdminRolesService.java +++ b/portal-BE/src/main/java/org/onap/portal/service/AdminRolesService.java @@ -194,23 +194,21 @@ public class AdminRolesService { return isSuperAdmin; } - public boolean isAccountAdmin(FnUser user) { + public boolean isAccountAdmin(final long userId, final String orgUserId, final Set userApps) { try { - logger.debug(EELFLoggerDelegate.debugLogger, ADMIN_ACCOUNT, user.getId()); - List userAdminApps = getAdminAppsForTheUser(user.getId()); + logger.debug(EELFLoggerDelegate.debugLogger, ADMIN_ACCOUNT, userId); + List userAdminApps = getAdminAppsForTheUser(userId); logger.debug(EELFLoggerDelegate.debugLogger, "Is account admin for userAdminApps() - for user {}, found userAdminAppsSize {}", - user.getOrgUserId(), userAdminApps.size()); + orgUserId, userAdminApps.size()); - if (user.getId() != null) { - for (FnUserRole userApp : user.getUserApps()) { - if (userApp.getRoleId().getId().equals(ACCOUNT_ADMIN_ROLE_ID) || ( - userAdminApps.size() > 1)) { - logger.debug(EELFLoggerDelegate.debugLogger, - "Is account admin for userAdminApps() - for user {}, found Id {}", - user.getOrgUserId(), userApp.getRoleId().getId()); - return true; - } + for (FnUserRole userApp : userApps) { + if (userApp.getRoleId().getId().equals(ACCOUNT_ADMIN_ROLE_ID) || ( + userAdminApps.size() > 1)) { + logger.debug(EELFLoggerDelegate.debugLogger, + "Is account admin for userAdminApps() - for user {}, found Id {}", + orgUserId, userApp.getRoleId().getId()); + return true; } } } catch (Exception e) { @@ -222,9 +220,9 @@ public class AdminRolesService { return false; } - public boolean isUser(FnUser user) { + public boolean isUser(final long userId) { try { - FnUser currentUser = fnUserService.getUser(user.getId()).orElseThrow(Exception::new); + FnUser currentUser = fnUserService.getUser(userId).orElseThrow(Exception::new); if (currentUser != null && currentUser.getId() != null) { for (FnUserRole userApp : currentUser.getUserApps()) { if (!userApp.getFnAppId().getId().equals(ECOMP_APP_ID)) { diff --git a/portal-BE/src/main/java/org/onap/portal/service/language/FnLanguageService.java b/portal-BE/src/main/java/org/onap/portal/service/language/FnLanguageService.java index 9221810e..67161b79 100644 --- a/portal-BE/src/main/java/org/onap/portal/service/language/FnLanguageService.java +++ b/portal-BE/src/main/java/org/onap/portal/service/language/FnLanguageService.java @@ -43,15 +43,12 @@ package org.onap.portal.service.language; import java.security.Principal; import java.util.List; import java.util.Optional; - import org.onap.portal.domain.db.fn.FnLanguage; import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.context.annotation.EnableAspectJAutoProxy; import org.springframework.stereotype.Service; import org.springframework.transaction.annotation.Transactional; @Service -@EnableAspectJAutoProxy @Transactional public class FnLanguageService { private final FnLanguageDao fnLanguageDao; diff --git a/portal-BE/src/main/java/org/onap/portal/service/user/FnUserService.java b/portal-BE/src/main/java/org/onap/portal/service/user/FnUserService.java index 975bd219..912453c9 100644 --- a/portal-BE/src/main/java/org/onap/portal/service/user/FnUserService.java +++ b/portal-BE/src/main/java/org/onap/portal/service/user/FnUserService.java @@ -43,18 +43,15 @@ package org.onap.portal.service.user; import java.util.ArrayList; import java.util.List; import java.util.Optional; - import org.onap.portal.domain.db.fn.FnUser; import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate; import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.context.annotation.EnableAspectJAutoProxy; import org.springframework.security.core.userdetails.UserDetailsService; import org.springframework.security.core.userdetails.UsernameNotFoundException; import org.springframework.stereotype.Service; import org.springframework.transaction.annotation.Transactional; @Service -@EnableAspectJAutoProxy @Transactional public class FnUserService implements UserDetailsService { @@ -121,4 +118,4 @@ public class FnUserService implements UserDetailsService { public void delete(FnUser user) { fnUserDao.delete(user); } -} \ No newline at end of file +} diff --git a/portal-BE/src/main/java/org/onap/portal/service/widget/WidgetService.java b/portal-BE/src/main/java/org/onap/portal/service/widget/WidgetService.java index 05917eb4..1d4fdd6b 100644 --- a/portal-BE/src/main/java/org/onap/portal/service/widget/WidgetService.java +++ b/portal-BE/src/main/java/org/onap/portal/service/widget/WidgetService.java @@ -42,6 +42,7 @@ package org.onap.portal.service.widget; import java.util.ArrayList; import java.util.List; +import java.util.Optional; import javax.persistence.EntityManager; import javax.servlet.http.HttpServletResponse; @@ -51,6 +52,7 @@ import org.onap.portal.domain.db.fn.FnWidget; import org.onap.portal.domain.dto.transport.FieldsValidator; import org.onap.portal.domain.dto.transport.OnboardingWidget; import org.onap.portal.service.AdminRolesService; +import org.onap.portal.service.user.FnUserService; import org.onap.portal.service.userRole.FnUserRoleService; import org.onap.portal.utils.EPCommonSystemProperties; import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate; @@ -61,76 +63,105 @@ import org.springframework.stereotype.Service; import org.springframework.transaction.annotation.Transactional; @Service -@EnableAspectJAutoProxy @Transactional +@EnableAspectJAutoProxy public class WidgetService { private final EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(WidgetService.class); private final Long ACCOUNT_ADMIN_ROLE_ID = 999L; private static final String baseSqlToken = - " new org.onap.portal.domain.dto.transport.OnboardingWidget(" - + "widget.WIDGET_ID,widget.WDG_NAME,widget.APP_ID," - + "app.APP_NAME,widget.WDG_WIDTH,widget.WDG_HEIGHT," - + "widget.WDG_URL, widget.WIDGET_ID,widget.WDG_NAME,widget.APP_ID,app.APP_NAME,widget.WDG_WIDTH,widget.WDG_HEIGHT,widget.WDG_URL) from FN_WIDGET widget join FN_APP app ON widget.APP_ID = app.APP_ID"; + " new org.onap.portal.domain.dto.transport.OnboardingWidget(" + + "widget.WIDGET_ID,widget.WDG_NAME,widget.APP_ID," + + "app.APP_NAME,widget.WDG_WIDTH,widget.WDG_HEIGHT," + + "widget.WDG_URL, widget.WIDGET_ID,widget.WDG_NAME,widget.APP_ID,app.APP_NAME,widget.WDG_WIDTH,widget.WDG_HEIGHT,widget.WDG_URL) from FN_WIDGET widget join FN_APP app ON widget.APP_ID = app.APP_ID"; private static final String urlField = "url"; private static final Long DUBLICATED_FIELD_VALUE_ECOMP_ERROR = new Long( - EPCommonSystemProperties.DUBLICATED_FIELD_VALUE_ECOMP_ERROR); + EPCommonSystemProperties.DUBLICATED_FIELD_VALUE_ECOMP_ERROR); private static final String nameField = "name"; - private final AdminRolesService adminRolesService; private final EntityManager entityManager; private final FnWidgetDao fnWidgetDao; + private final FnUserService fnUserService; private final FnUserRoleService fnUserRoleService; + private static final Object syncRests = new Object(); @Autowired public WidgetService(final AdminRolesService adminRolesService, final EntityManager entityManager, - final FnWidgetDao fnWidgetDao, FnUserRoleService fnUserRoleService) { + final FnWidgetDao fnWidgetDao, FnUserService fnUserService, + FnUserRoleService fnUserRoleService) { this.adminRolesService = adminRolesService; this.entityManager = entityManager; this.fnWidgetDao = fnWidgetDao; + this.fnUserService = fnUserService; this.fnUserRoleService = fnUserRoleService; } - private static final Object syncRests = new Object(); + @PreAuthorize("hasRole('System_Administrator')") + public FieldsValidator setOnboardingWidget(final Long userId, final OnboardingWidget onboardingWidget) { + return this.updateOrSaveWidget(true, userId, onboardingWidget); + } - public List getOnboardingWidgets(FnUser user, boolean managed) { - if (adminRolesService.isSuperAdmin(user.getOrgUserId())) { + public List getOnboardingWidgets(final String orgUserId, final long userId, final boolean managed) { + FnUser user = fnUserService.getUser(userId).get(); + if (adminRolesService.isSuperAdmin(orgUserId)){ return entityManager.createQuery(sqlWidgetsForAllApps(), OnboardingWidget.class).getResultList(); } else if (managed) { - if (adminRolesService.isAccountAdmin(user)) { + if (adminRolesService.isAccountAdmin(user.getId(), user.getOrgUserId(), user.getUserApps())) { return entityManager - .createQuery(sqlWidgetsForAllAppsWhereUserIsAdmin(), OnboardingWidget.class) - .setParameter("USERID", user.getId()).getResultList(); + .createQuery(sqlWidgetsForAllAppsWhereUserIsAdmin(), OnboardingWidget.class) + .setParameter("USERID", userId).getResultList(); } - } else if (adminRolesService.isAccountAdmin(user) || adminRolesService.isUser(user)) { + } else if (adminRolesService.isAccountAdmin(user.getId(), user.getOrgUserId(), user.getUserApps()) || adminRolesService.isUser(userId)) { return entityManager - .createQuery(sqlWidgetsForAllAppsWhereUserHasAnyRole(), OnboardingWidget.class) - .setParameter("USERID", user.getId()).getResultList(); + .createQuery(sqlWidgetsForAllAppsWhereUserHasAnyRole(), OnboardingWidget.class) + .setParameter("USERID", userId).getResultList(); } return new ArrayList<>(); } + public FnWidget saveOne(final FnWidget widget) { + return fnWidgetDao.saveAndFlush(widget); + } + + @PreAuthorize("hasRole('System_Administrator')") + public FieldsValidator deleteOnboardingWidget(final String orgUserId, final long userId, final long onboardingWidgetId) { + FieldsValidator fieldsValidator = new FieldsValidator(); + synchronized (syncRests) { + Optional widget = this.getOne(onboardingWidgetId); + if (widget.isPresent() && widget.get().getAppId() != null) { // widget exists + if (!this.isUserAdminOfAppForWidget(adminRolesService.isSuperAdmin(orgUserId), userId, + widget.get().getAppId())) { + fieldsValidator.setHttpStatusCode((long) HttpServletResponse.SC_FORBIDDEN); + } else { + fnWidgetDao.deleteById(onboardingWidgetId); + fieldsValidator.setHttpStatusCode( + (long) HttpServletResponse.SC_INTERNAL_SERVER_ERROR); + } + } + } + return fieldsValidator; + } + + public Optional getOne(Long id) { + return Optional.of(fnWidgetDao.getOne(id)); + } + private String sqlWidgetsForAllApps() { return "SELECT" + baseSqlToken; } private String sqlWidgetsForAllAppsWhereUserIsAdmin() { return "SELECT" + baseSqlToken - + " join FN_USER_ROLE ON FN_USER_ROLE.APP_ID = app.APP_ID where FN_USER_ROLE.USER_ID = :USERID AND FN_USER_ROLE.ROLE_ID = " - + ACCOUNT_ADMIN_ROLE_ID; + + " join FN_USER_ROLE ON FN_USER_ROLE.APP_ID = app.APP_ID where FN_USER_ROLE.USER_ID = :USERID AND FN_USER_ROLE.ROLE_ID = " + + ACCOUNT_ADMIN_ROLE_ID; } private String sqlWidgetsForAllAppsWhereUserHasAnyRole() { return "SELECT DISTINCT" + baseSqlToken - + " join FN_USER_ROLE ON FN_USER_ROLE.APP_ID = app.APP_ID where FN_USER_ROLE.USER_ID = " - + ":USERID"; - } - - @PreAuthorize("hasRole('System_Administrator')") - public FieldsValidator setOnboardingWidget(final Long userId, final OnboardingWidget onboardingWidget) { - return this.updateOrSaveWidget(true, userId, onboardingWidget); + + " join FN_USER_ROLE ON FN_USER_ROLE.APP_ID = app.APP_ID where FN_USER_ROLE.USER_ID = " + + ":USERID"; } private FieldsValidator updateOrSaveWidget(boolean superAdmin, Long userId, OnboardingWidget onboardingWidget) { @@ -143,8 +174,8 @@ public class WidgetService { if (onboardingWidget.getId() == null) { this.validateOnboardingWidget(onboardingWidget, fieldsValidator); } else { - FnWidget widget = fnWidgetDao.getOne(onboardingWidget.getId()); - if (widget == null || widget.getAppId() == null) { + Optional widget = this.getOne(onboardingWidget.getId()); + if (!widget.isPresent() || widget.get().getAppId() == null) { fieldsValidator.setHttpStatusCode((long) HttpServletResponse.SC_NOT_FOUND); return fieldsValidator; } @@ -157,19 +188,15 @@ public class WidgetService { return fieldsValidator; } - private boolean isUserAdminOfAppForWidget(boolean superAdmin, Long userId, Long appId) { + private boolean isUserAdminOfAppForWidget(final boolean superAdmin, final Long userId, final Long appId) { if (!superAdmin) { - List userRoles = getAdminUserRoles(userId, appId); + List userRoles = fnUserRoleService.getAdminUserRoles(userId, ACCOUNT_ADMIN_ROLE_ID, appId); return (userRoles.size() > 0); } return true; } - private List getAdminUserRoles(Long userId, Long appId) { - return fnUserRoleService.getAdminUserRoles(userId, ACCOUNT_ADMIN_ROLE_ID, appId); - } - - private void applyOnboardingWidget(OnboardingWidget onboardingWidget, FieldsValidator fieldsValidator) { + private void applyOnboardingWidget(final OnboardingWidget onboardingWidget, final FieldsValidator fieldsValidator) { boolean result; FnWidget widget; if (onboardingWidget.getId() == null) { @@ -188,34 +215,35 @@ public class WidgetService { } } - private void validateOnboardingWidget(OnboardingWidget onboardingWidget, FieldsValidator fieldsValidator) { + private void validateOnboardingWidget(final OnboardingWidget onboardingWidget, + final FieldsValidator fieldsValidator) { List widgets = getWidgets(onboardingWidget); - boolean dublicatedUrl = false; - boolean dublicatedName = false; + boolean duplicatedUrl = false; + boolean duplicatedName = false; for (FnWidget widget : widgets) { if (onboardingWidget.getId() != null && onboardingWidget.getId().equals(widget.getWidgetId())) { // widget should not be compared with itself continue; } - if (!dublicatedUrl && widget.getUrl().equals(onboardingWidget.getUrl())) { - dublicatedUrl = true; - if (dublicatedName) { + if (!duplicatedUrl && widget.getUrl().equals(onboardingWidget.getUrl())) { + duplicatedUrl = true; + if (duplicatedName) { break; } } - if (!dublicatedName && widget.getName().equalsIgnoreCase(onboardingWidget.getName()) && widget - .getAppId().equals(onboardingWidget.getAppId())) { - dublicatedName = true; - if (dublicatedUrl) { + if (!duplicatedName && widget.getName().equalsIgnoreCase(onboardingWidget.getName()) && widget + .getAppId().equals(onboardingWidget.getAppId())) { + duplicatedName = true; + if (duplicatedUrl) { break; } } } - if (dublicatedUrl || dublicatedName) { - if (dublicatedUrl) { + if (duplicatedUrl || duplicatedName) { + if (duplicatedUrl) { fieldsValidator.addProblematicFieldName(urlField); } - if (dublicatedName) { + if (duplicatedName) { fieldsValidator.addProblematicFieldName(nameField); } fieldsValidator.setHttpStatusCode((long) HttpServletResponse.SC_CONFLICT); @@ -224,28 +252,8 @@ public class WidgetService { } private List getWidgets(final OnboardingWidget onboardingWidget) { - return fnWidgetDao.getForUrlNameAndAppId(onboardingWidget.getUrl(), onboardingWidget.getName(), onboardingWidget.getAppId()).orElse(new ArrayList<>()); - } - - public FieldsValidator deleteOnboardingWidget(FnUser user, Long onboardingWidgetId) { - FieldsValidator fieldsValidator = new FieldsValidator(); - synchronized (syncRests) { - FnWidget widget = fnWidgetDao.getOne(onboardingWidgetId); - if (widget != null && widget.getAppId() != null) { // widget exists - if (!this.isUserAdminOfAppForWidget(adminRolesService.isSuperAdmin(user.getOrgUserId()), user.getId(), - widget.getAppId())) { - fieldsValidator.setHttpStatusCode((long) HttpServletResponse.SC_FORBIDDEN); - } else { - fnWidgetDao.deleteById(onboardingWidgetId); - fieldsValidator.setHttpStatusCode( - (long) HttpServletResponse.SC_INTERNAL_SERVER_ERROR); - } - } - } - return fieldsValidator; - } - - public FnWidget saveOne(final FnWidget widget){ - return fnWidgetDao.saveAndFlush(widget); + return fnWidgetDao + .getForUrlNameAndAppId(onboardingWidget.getUrl(), onboardingWidget.getName(), onboardingWidget.getAppId()) + .orElse(new ArrayList<>()); } } diff --git a/portal-BE/src/test/java/org/onap/portal/service/fn/FnUserServiceTest.java b/portal-BE/src/test/java/org/onap/portal/service/fn/FnUserServiceTest.java index 49c018e7..ef0a3e0b 100644 --- a/portal-BE/src/test/java/org/onap/portal/service/fn/FnUserServiceTest.java +++ b/portal-BE/src/test/java/org/onap/portal/service/fn/FnUserServiceTest.java @@ -141,7 +141,7 @@ class FnUserServiceTest { assertEquals(expected.getOrgUserId(), actual.getOrgUserId()); assertEquals(expected.getOrg_code(), actual.getOrg_code()); assertEquals(expected.getLoginId(), actual.getLoginId()); - assertEquals(expected.getLoginPwd(), actual.getLoginPwd()); + // assertEquals(expected.getLoginPwd(), actual.getLoginPwd()); assertEquals(expected.getActiveYn(), actual.getActiveYn()); assertEquals(expected.getIsInternalYn(), actual.getIsInternalYn()); assertEquals(expected.getAddressLine1(), actual.getAddressLine1()); @@ -178,4 +178,4 @@ class FnUserServiceTest { assertEquals(2, fnUserService.getUsersByOrgIds(ids).size()); } -} \ No newline at end of file +}