2 * ============LICENSE_START=======================================================
4 * ================================================================================
5 * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
6 * ================================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ============LICENSE_END=========================================================
21 package org.openecomp.sdc.be.servlets;
23 import java.io.UnsupportedEncodingException;
24 import java.net.URLDecoder;
25 import java.util.ArrayList;
26 import java.util.List;
28 import javax.inject.Singleton;
29 import javax.servlet.ServletContext;
30 import javax.servlet.http.HttpServletRequest;
31 import javax.ws.rs.Consumes;
32 import javax.ws.rs.DELETE;
33 import javax.ws.rs.GET;
34 import javax.ws.rs.HeaderParam;
35 import javax.ws.rs.POST;
36 import javax.ws.rs.Path;
37 import javax.ws.rs.PathParam;
38 import javax.ws.rs.Produces;
39 import javax.ws.rs.QueryParam;
40 import javax.ws.rs.core.Context;
41 import javax.ws.rs.core.MediaType;
42 import javax.ws.rs.core.Response;
44 import org.openecomp.sdc.be.config.BeEcompErrorManager;
45 import org.openecomp.sdc.be.dao.api.ActionStatus;
46 import org.openecomp.sdc.be.model.User;
47 import org.openecomp.sdc.be.resources.data.auditing.AuditingActionEnum;
48 import org.openecomp.sdc.be.user.UserBusinessLogic;
49 import org.openecomp.sdc.common.api.Constants;
50 import org.openecomp.sdc.exception.ResponseFormat;
51 import org.slf4j.Logger;
52 import org.slf4j.LoggerFactory;
54 import com.jcabi.aspects.Loggable;
56 import fj.data.Either;
57 import io.swagger.annotations.Api;
58 import io.swagger.annotations.ApiOperation;
59 import io.swagger.annotations.ApiParam;
60 import io.swagger.annotations.ApiResponse;
61 import io.swagger.annotations.ApiResponses;
62 @Loggable(prepend = true, value = Loggable.DEBUG, trim = false)
64 @Api(value = "User Administration", description = "User admininstarator operations")
66 public class UserAdminServlet extends BeGenericServlet {
68 private static final String ROLE_DELIMITER = ",";
69 private static final Logger log = LoggerFactory.getLogger(UserAdminServlet.class);
71 /***************************************
73 *************************************************************/
75 /* User by userId CRUD start */
77 /////////////////////////////////////////////////////////////////////////////////////////////////////
78 // retrieve all user details
81 @Consumes(MediaType.APPLICATION_JSON)
82 @Produces(MediaType.APPLICATION_JSON)
83 @ApiOperation(value = "retrieve user details", httpMethod = "GET", notes = "Returns user details according to userId", response = User.class)
84 @ApiResponses(value = { @ApiResponse(code = 200, message = "Returns user Ok"), @ApiResponse(code = 404, message = "User not found"), @ApiResponse(code = 405, message = "Method Not Allowed"),
85 @ApiResponse(code = 500, message = "Internal Server Error") })
86 public Response get(@ApiParam(value = "userId of user to get", required = true) @PathParam("userId") final String userId, @Context final HttpServletRequest request) {
88 String url = request.getMethod() + " " + request.getRequestURI();
89 log.debug("(get) Start handle request of {}", url);
91 UserBusinessLogic userAdminManager = getUserAdminManager(request.getSession().getServletContext());
94 Either<User, ActionStatus> either = userAdminManager.getUser(userId, false);
96 if (either.isRight()) {
97 return buildErrorResponse(getComponentsUtils().getResponseFormatByUserId(either.right().value(), userId));
99 if (either.left().value() != null) {
100 return buildOkResponse(getComponentsUtils().getResponseFormat(ActionStatus.OK), either.left().value());
102 return buildErrorResponse(getComponentsUtils().getResponseFormat(ActionStatus.GENERAL_ERROR));
105 } catch (Exception e) {
106 BeEcompErrorManager.getInstance().logBeRestApiGeneralError("Get User");
107 log.debug("get user failed with unexpected error: {}", e.getMessage(), e);
108 return buildErrorResponse(getComponentsUtils().getResponseFormat(ActionStatus.GENERAL_ERROR));
113 @Path("/{userId}/role")
114 @Consumes(MediaType.APPLICATION_JSON)
115 @Produces(MediaType.APPLICATION_JSON)
116 @ApiOperation(value = "retrieve user role", notes = "Returns user role according to userId", response = String.class)
117 @ApiResponses(value = { @ApiResponse(code = 200, message = "Returns user role Ok"), @ApiResponse(code = 404, message = "User not found"), @ApiResponse(code = 405, message = "Method Not Allowed"),
118 @ApiResponse(code = 500, message = "Internal Server Error") })
119 public Response getRole(@ApiParam(value = "userId of user to get", required = true) @PathParam("userId") final String userId, @Context final HttpServletRequest request) {
121 String url = request.getMethod() + " " + request.getRequestURI();
122 log.debug("(getRole) Start handle request of {}", url);
124 UserBusinessLogic userAdminManager = getUserAdminManager(request.getSession().getServletContext());
127 Either<User, ActionStatus> either = userAdminManager.getUser(userId, false);
128 if (either.isRight()) {
129 return buildErrorResponse(getComponentsUtils().getResponseFormatByUserId(either.right().value(), userId));
131 if (either.left().value() != null) {
132 String roleJson = "{ \"role\" : \"" + either.left().value().getRole() + "\" }";
133 return buildOkResponse(getComponentsUtils().getResponseFormat(ActionStatus.OK), roleJson);
135 return buildErrorResponse(getComponentsUtils().getResponseFormat(ActionStatus.GENERAL_ERROR));
138 } catch (Exception e) {
139 BeEcompErrorManager.getInstance().logBeRestApiGeneralError("Get User Role");
140 log.debug("Get user role failed with unexpected error: {}", e);
141 return buildErrorResponse(getComponentsUtils().getResponseFormat(ActionStatus.GENERAL_ERROR));
145 /////////////////////////////////////////////////////////////////////////////////////////////////////
148 @Path("/{userId}/role")
149 @Consumes(MediaType.APPLICATION_JSON)
150 @Produces(MediaType.APPLICATION_JSON)
151 @ApiOperation(value = "update user role", notes = "Update user role", response = User.class)
152 @ApiResponses(value = { @ApiResponse(code = 200, message = "Update user OK"), @ApiResponse(code = 400, message = "Invalid Content."), @ApiResponse(code = 403, message = "Missing information/Restricted operation"),
153 @ApiResponse(code = 404, message = "User not found"), @ApiResponse(code = 405, message = "Method Not Allowed"), @ApiResponse(code = 409, message = "User already exists"), @ApiResponse(code = 500, message = "Internal Server Error") })
154 public Response updateUserRole(@ApiParam(value = "userId of user to get", required = true) @PathParam("userId") final String userIdUpdateUser, @Context final HttpServletRequest request,
155 @ApiParam(value = "json describe the update role", required = true) String data, @HeaderParam(value = Constants.USER_ID_HEADER) String modifierUserId) {
157 ServletContext context = request.getSession().getServletContext();
159 String url = request.getMethod() + " " + request.getRequestURI();
160 log.debug("Start handle request of {}", url);
163 User modifier = new User();
164 modifier.setUserId(modifierUserId);
165 log.debug("modifier id is {}", modifierUserId);
167 Response response = null;
170 UserBusinessLogic businessLogic = getUserAdminManager(context);
171 User updateInfoUser = getComponentsUtils().convertJsonToObject(data, modifier, User.class, AuditingActionEnum.UPDATE_USER).left().value();
172 Either<User, ResponseFormat> updateUserResponse = businessLogic.updateUserRole(modifier, userIdUpdateUser, updateInfoUser.getRole());
174 if (updateUserResponse.isRight()) {
175 log.debug("failed to update user role");
176 response = buildErrorResponse(updateUserResponse.right().value());
179 response = buildOkResponse(getComponentsUtils().getResponseFormat(ActionStatus.OK), updateUserResponse.left().value());
182 } catch (Exception e) {
183 BeEcompErrorManager.getInstance().logBeRestApiGeneralError("Update User Metadata");
184 log.debug("Update User Role failed with exception", e);
185 response = buildErrorResponse(getComponentsUtils().getResponseFormat(ActionStatus.GENERAL_ERROR));
191 /* User role CRUD end */
193 /* New user CRUD start */
195 @Consumes(MediaType.APPLICATION_JSON)
196 @Produces(MediaType.APPLICATION_JSON)
197 @ApiOperation(value = "add user", httpMethod = "POST", notes = "Provision new user", response = User.class)
198 @ApiResponses(value = { @ApiResponse(code = 201, message = "New user created"), @ApiResponse(code = 400, message = "Invalid Content."), @ApiResponse(code = 403, message = "Missing information"),
199 @ApiResponse(code = 405, message = "Method Not Allowed"), @ApiResponse(code = 409, message = "User already exists"), @ApiResponse(code = 500, message = "Internal Server Error") })
200 public Response createUser(@Context final HttpServletRequest request, @ApiParam(value = "json describe the user", required = true) String newUserData, @HeaderParam(value = Constants.USER_ID_HEADER) String modifierAttId) {
202 ServletContext context = request.getSession().getServletContext();
204 String url = request.getMethod() + " " + request.getRequestURI();
205 log.debug("Start handle request of {}", url);
208 User modifier = new User();
209 modifier.setUserId(modifierAttId);
210 log.debug("modifier id is {}", modifierAttId);
212 Response response = null;
215 UserBusinessLogic businessLogic = getUserAdminManager(context);
216 User newUserInfo = getComponentsUtils().convertJsonToObject(newUserData, modifier, User.class, AuditingActionEnum.ADD_USER).left().value();
217 Either<User, ResponseFormat> createUserResponse = businessLogic.createUser(modifier, newUserInfo);
219 if (createUserResponse.isRight()) {
220 log.debug("failed to create user");
221 response = buildErrorResponse(createUserResponse.right().value());
224 response = buildOkResponse(getComponentsUtils().getResponseFormat(ActionStatus.CREATED), createUserResponse.left().value());
227 } catch (Exception e) {
228 BeEcompErrorManager.getInstance().logBeRestApiGeneralError("Update User Metadata");
229 log.debug("Create User failed with exception", e);
230 response = buildErrorResponse(getComponentsUtils().getResponseFormat(ActionStatus.GENERAL_ERROR));
236 /* New user CRUD end */
238 /* User authorization start */
240 /////////////////////////////////////////////////////////////////////////////////////////////////////
241 // User Authorization
244 @Consumes(MediaType.APPLICATION_JSON)
245 @Produces(MediaType.APPLICATION_JSON)
247 @ApiOperation(value = "authorize", notes = "authorize user", response = User.class)
248 @ApiResponses(value = { @ApiResponse(code = 200, message = "Returns user Ok"), @ApiResponse(code = 403, message = "Restricted Access"), @ApiResponse(code = 500, message = "Internal Server Error") })
249 public Response authorize(@Context final HttpServletRequest request, @HeaderParam(value = Constants.USER_ID_HEADER) String userId, @HeaderParam("HTTP_CSP_FIRSTNAME") String firstName, @HeaderParam("HTTP_CSP_LASTNAME") String lastName,
250 @HeaderParam("HTTP_CSP_EMAIL") String email) {
253 userId = userId != null ? URLDecoder.decode(userId, "UTF-8") : null;
254 firstName = firstName != null ? URLDecoder.decode(firstName, "UTF-8") : null;
255 lastName = lastName != null ? URLDecoder.decode(lastName, "UTF-8") : null;
256 email = email != null ? URLDecoder.decode(email, "UTF-8") : null;
257 } catch (UnsupportedEncodingException e) {
258 BeEcompErrorManager.getInstance().logBeRestApiGeneralError("Authorize User - decode headers");
259 ResponseFormat errorResponseWrapper = getComponentsUtils().getResponseFormat(ActionStatus.GENERAL_ERROR);
260 log.error("#authorize - authorization decoding failed with error: ", e);
261 return buildErrorResponse(errorResponseWrapper);
264 ServletContext context = request.getSession().getServletContext();
265 String url = request.getMethod() + " " + request.getRequestURI();
266 log.debug("Start handle request of {}", url);
268 User authUser = new User();
269 authUser.setUserId(userId);
270 authUser.setFirstName(firstName);
271 authUser.setLastName(lastName);
272 authUser.setEmail(email);
273 log.debug("auth user id is {}", userId);
275 Response response = null;
277 UserBusinessLogic userAdminManager = getUserAdminManager(context);
278 Either<User, ResponseFormat> authorize = userAdminManager.authorize(authUser);
280 if (authorize.isRight()) {
281 log.debug("authorize user failed");
282 response = buildErrorResponse(authorize.right().value());
285 response = buildOkResponse(getComponentsUtils().getResponseFormat(ActionStatus.OK), authorize.left().value());
288 } catch (Exception e) {
289 log.debug("authorize user failed with unexpected error: {}", e);
290 return buildErrorResponse(getComponentsUtils().getResponseFormat(ActionStatus.GENERAL_ERROR));
294 /* User authorization end */
298 @Consumes(MediaType.APPLICATION_JSON)
299 @Produces(MediaType.APPLICATION_JSON)
300 @ApiOperation(value = "retrieve all administrators", httpMethod = "GET", notes = "Returns all administrators", response = User.class)
301 @ApiResponses(value = { @ApiResponse(code = 200, message = "Returns user Ok"), @ApiResponse(code = 405, message = "Method Not Allowed"), @ApiResponse(code = 500, message = "Internal Server Error") })
302 public Response getAdminsUser(@Context final HttpServletRequest request) {
304 String url = request.getMethod() + " " + request.getRequestURI();
305 log.debug("(get) Start handle request of {}", url);
307 UserBusinessLogic userAdminManager = getUserAdminManager(request.getSession().getServletContext());
310 Either<List<User>, ResponseFormat> either = userAdminManager.getAllAdminUsers(request.getSession().getServletContext());
312 if (either.isRight()) {
313 log.debug("Failed to get all admin users");
314 return buildErrorResponse(either.right().value());
316 if (either.left().value() != null) {
317 return buildOkResponse(getComponentsUtils().getResponseFormat(ActionStatus.OK), either.left().value());
319 return buildErrorResponse(getComponentsUtils().getResponseFormat(ActionStatus.GENERAL_ERROR));
322 } catch (Exception e) {
323 BeEcompErrorManager.getInstance().logBeRestApiGeneralError("Get All Administrators");
324 log.debug("get all admins failed with unexpected error: {}", e);
325 return buildErrorResponse(getComponentsUtils().getResponseFormat(ActionStatus.GENERAL_ERROR));
331 @Consumes(MediaType.APPLICATION_JSON)
332 @Produces(MediaType.APPLICATION_JSON)
333 @ApiOperation(value = "Retrieve the list of all active ASDC users or only group of users having specific roles.", httpMethod = "GET", notes = "Returns list of users with the specified roles, or all of users in the case of empty 'roles' header", response = User.class)
334 @ApiResponses(value = { @ApiResponse(code = 200, message = "Returns users Ok"), @ApiResponse(code = 204, message = "No provisioned ASDC users of requested role"), @ApiResponse(code = 403, message = "Restricted Access"),
335 @ApiResponse(code = 400, message = "Missing content"), @ApiResponse(code = 500, message = "Internal Server Error") })
336 public Response getUsersList(@Context final HttpServletRequest request, @ApiParam(value = "Any active user's USER_ID ") @HeaderParam(Constants.USER_ID_HEADER) final String userId,
337 @ApiParam(value = "TESTER,DESIGNER,PRODUCT_STRATEGIST,OPS,PRODUCT_MANAGER,GOVERNOR, ADMIN OR all users by not typing anything") @QueryParam("roles") final String roles) {
339 ServletContext context = request.getSession().getServletContext();
340 String url = request.getMethod() + " " + request.getRequestURI();
341 log.debug("Start handle request of {} modifier id is {}", url, userId);
343 List<String> rolesList = new ArrayList<>();
344 if (roles != null && !roles.trim().isEmpty()) {
345 String[] rolesArr = roles.split(ROLE_DELIMITER);
346 for (String role : rolesArr) {
347 rolesList.add(role.trim());
352 UserBusinessLogic userAdminManager = getUserAdminManager(context);
353 Either<List<User>, ResponseFormat> either = userAdminManager.getUsersList(userId, rolesList, roles);
355 if (either.isRight()) {
356 log.debug("Failed to get ASDC users");
357 return buildErrorResponse(either.right().value());
359 return buildOkResponse(getComponentsUtils().getResponseFormat(ActionStatus.OK), either.left().value());
361 } catch (Exception e) {
362 BeEcompErrorManager.getInstance().logBeRestApiGeneralError("Get ASDC users");
363 log.debug("get users failed with unexpected error: {}", e);
364 return buildErrorResponse(getComponentsUtils().getResponseFormat(ActionStatus.GENERAL_ERROR));
369 /////////////////////////////////////////////////////////////////////////////////////////////////////
373 @Consumes(MediaType.APPLICATION_JSON)
374 @Produces(MediaType.APPLICATION_JSON)
375 @ApiOperation(value = "delete user", notes = "Delete user", response = User.class)
376 @ApiResponses(value = { @ApiResponse(code = 200, message = "Update deleted OK"), @ApiResponse(code = 400, message = "Invalid Content."), @ApiResponse(code = 403, message = "Missing information"),
377 @ApiResponse(code = 404, message = "User not found"), @ApiResponse(code = 405, message = "Method Not Allowed"), @ApiResponse(code = 409, message = "Restricted operation"), @ApiResponse(code = 500, message = "Internal Server Error") })
378 public Response deActivateUser(@ApiParam(value = "userId of user to get", required = true) @PathParam("userId") final String userId, @Context final HttpServletRequest request, @HeaderParam(value = Constants.USER_ID_HEADER) String userIdHeader) {
380 ServletContext context = request.getSession().getServletContext();
381 String url = request.getMethod() + " " + request.getRequestURI();
382 log.debug("Start handle request of {} modifier id is {}", url, userIdHeader);
384 User modifier = new User();
385 modifier.setUserId(userIdHeader);
387 Response response = null;
389 UserBusinessLogic userAdminManager = getUserAdminManager(context);
390 Either<User, ResponseFormat> deactiveUserResponse = userAdminManager.deActivateUser(modifier, userId);
392 if (deactiveUserResponse.isRight()) {
393 log.debug("Failed to deactivate user");
394 response = buildErrorResponse(deactiveUserResponse.right().value());
397 response = buildOkResponse(getComponentsUtils().getResponseFormat(ActionStatus.OK), deactiveUserResponse.left().value());
400 } catch (Exception e) {
401 BeEcompErrorManager.getInstance().logBeRestApiGeneralError("Get ASDC users");
402 log.debug("deactivate user failed with unexpected error: {}", e);
403 return buildErrorResponse(getComponentsUtils().getResponseFormat(ActionStatus.GENERAL_ERROR));