From 26abc89a7ce21999cccd88b77cd2ecda21cbe905 Mon Sep 17 00:00:00 2001 From: Dominik Mizyn Date: Fri, 4 Oct 2019 12:24:14 +0200 Subject: Tests coverage up and some minor bug fixes Tests coverage up and some minor bug fixes Issue-ID: PORTAL-710 Change-Id: I1abb5025f8cc91738c976bd6a49113776d9b4617 Signed-off-by: Dominik Mizyn --- .../onap/portal/aop/service/FnUserServiceAOP.java | 5 +-- .../onap/portal/aop/service/WidgetServiceAOP.java | 33 ++++++++++++++ .../controller/WidgetsCatalogController.java | 29 ++++++++----- .../controller/WidgetsCatalogMarkupController.java | 10 +---- .../onap/portal/controller/WidgetsController.java | 50 +++++++++++----------- .../java/org/onap/portal/dao/fn/FnWidgetDao.java | 6 +++ .../org/onap/portal/domain/db/fn/FnWidget.java | 21 +++++++-- .../domain/dto/transport/FieldsValidator.java | 18 ++++++++ .../domain/dto/transport/OnboardingWidget.java | 18 ++++++-- .../portal/exception/NotValidDataException.java | 48 +++++++++++++++++++++ .../portal/exception/RoleFunctionException.java | 8 ++-- .../org/onap/portal/service/AdminRolesService.java | 2 +- .../org/onap/portal/service/WidgetService.java | 42 ++++++++---------- .../ep/EpWidgetCatalogParameterService.java | 9 ++-- 14 files changed, 214 insertions(+), 85 deletions(-) create mode 100644 portal-BE/src/main/java/org/onap/portal/aop/service/WidgetServiceAOP.java create mode 100644 portal-BE/src/main/java/org/onap/portal/exception/NotValidDataException.java (limited to 'portal-BE/src/main') diff --git a/portal-BE/src/main/java/org/onap/portal/aop/service/FnUserServiceAOP.java b/portal-BE/src/main/java/org/onap/portal/aop/service/FnUserServiceAOP.java index 8c2ff74b..65fc88d9 100644 --- a/portal-BE/src/main/java/org/onap/portal/aop/service/FnUserServiceAOP.java +++ b/portal-BE/src/main/java/org/onap/portal/aop/service/FnUserServiceAOP.java @@ -62,14 +62,11 @@ public class FnUserServiceAOP { private final DataValidator dataValidator; private final FnUserMapper fnUserMapper; - private final FnUserService fnUserService; @Autowired - public FnUserServiceAOP(final DataValidator dataValidator, final FnUserMapper fnUserMapper, - final FnUserService fnUserService) { + public FnUserServiceAOP(final DataValidator dataValidator, final FnUserMapper fnUserMapper) { this.dataValidator = dataValidator; this.fnUserMapper = fnUserMapper; - this.fnUserService = fnUserService; } @Before("execution(* org.onap.portal.service.fn.FnUserService.saveFnUser(..)) && args(principal, fnUser)") diff --git a/portal-BE/src/main/java/org/onap/portal/aop/service/WidgetServiceAOP.java b/portal-BE/src/main/java/org/onap/portal/aop/service/WidgetServiceAOP.java new file mode 100644 index 00000000..cc168578 --- /dev/null +++ b/portal-BE/src/main/java/org/onap/portal/aop/service/WidgetServiceAOP.java @@ -0,0 +1,33 @@ +package org.onap.portal.aop.service; + +import org.aspectj.lang.annotation.Aspect; +import org.aspectj.lang.annotation.Before; +import org.onap.portal.domain.db.fn.FnUser; +import org.onap.portal.domain.dto.transport.OnboardingWidget; +import org.onap.portal.validation.DataValidator; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Component; + +@Aspect +@Component +public class WidgetServiceAOP { + private final Long LONG_ECOMP_APP_ID = 1L; + + private static final Logger LOGGER = LoggerFactory.getLogger(WidgetServiceAOP.class); + + private final DataValidator dataValidator; + + @Autowired + public WidgetServiceAOP(DataValidator dataValidator) { + this.dataValidator = dataValidator; + } + + @Before("execution(* org.onap.portal.service.WidgetService.setOnboardingWidget(..)) && args(fnUser, onboardingWidget)") + public void setOnboardingWidget(final FnUser fnUser, OnboardingWidget onboardingWidget) { + if (!dataValidator.isValid(onboardingWidget)) { + throw new IllegalArgumentException(dataValidator.getConstraintViolationsString(onboardingWidget)); + } + } +} diff --git a/portal-BE/src/main/java/org/onap/portal/controller/WidgetsCatalogController.java b/portal-BE/src/main/java/org/onap/portal/controller/WidgetsCatalogController.java index ff8426a3..07695aeb 100644 --- a/portal-BE/src/main/java/org/onap/portal/controller/WidgetsCatalogController.java +++ b/portal-BE/src/main/java/org/onap/portal/controller/WidgetsCatalogController.java @@ -301,7 +301,8 @@ public class WidgetsCatalogController { } @GetMapping(value = {"/portalApi/microservices/parameters/{widgetId}"}) - public PortalRestResponse> getWidgetParameterResult(Principal principal, HttpServletRequest request, + public PortalRestResponse> getWidgetParameterResult(Principal principal, + HttpServletRequest request, @PathVariable("widgetId") long widgetId) throws Exception { FnUser user = fnUserService.loadUserByUsername(principal.getName()); @@ -317,14 +318,15 @@ public class WidgetsCatalogController { return new PortalRestResponse<>(PortalRestStatusEnum.WARN, "No service parameters for this widget", list); } else { - List defaultParam = epMicroserviceParameterService.getParametersById(serviceId); + List defaultParam = epMicroserviceParameterService + .getParametersById(serviceId); for (MicroserviceParameter param : defaultParam) { WidgetParameterResult userResult = new WidgetParameterResult(); userResult.setParamId(param.getId()); userResult.setDefaultValue(param.getPara_value()); userResult.setParamKey(param.getPara_key()); EpWidgetCatalogParameter userValue = epWidgetCatalogParameterService - .getUserParamById(widgetId, user.getId(), + .getUserParamById(widgetId, user.getUserId(), param.getId()); if (userValue == null) { userResult.setUserValue(param.getPara_value()); @@ -334,7 +336,7 @@ public class WidgetsCatalogController { list.add(userResult); } } - return new PortalRestResponse>(PortalRestStatusEnum.OK, "SUCCESS", list); + return new PortalRestResponse<>(PortalRestStatusEnum.OK, "SUCCESS", list); } @GetMapping(value = {"/portalApi/microservices/services/{paramId}"}) @@ -347,7 +349,7 @@ public class WidgetsCatalogController { try { epWidgetCatalogParameterService.deleteUserParameterById(paramId); return true; - }catch (Exception e){ + } catch (Exception e) { logger.error(EELFLoggerDelegate.errorLogger, e.getMessage()); return false; } @@ -401,29 +403,34 @@ public class WidgetsCatalogController { } @PostMapping(value = {"/portalApi/microservices/parameters"}) - public PortalRestResponse saveWidgetParameter(Principal principal, HttpServletRequest request, + public PortalRestResponse saveWidgetParameter(Principal principal, @RequestBody EpWidgetCatalogParameter widgetParameters) { FnUser user = fnUserService.loadUserByUsername(principal.getName()); widgetParameters.setUserId(user); try { EpWidgetCatalogParameter oldParam = epWidgetCatalogParameterService .getUserParamById(widgetParameters.getWidgetId().getWidgetId(), - widgetParameters.getUserId().getId(), widgetParameters.getParamId().getId()); + widgetParameters.getUserId().getUserId(), widgetParameters.getParamId().getId()); if (oldParam != null) { - widgetParameters.setId(oldParam.getId()); + oldParam.setParamId(widgetParameters.getParamId()); + oldParam.setUserId(widgetParameters.getUserId()); + oldParam.setUserValue(widgetParameters.getUserValue()); + oldParam.setWidgetId(widgetParameters.getWidgetId()); + epWidgetCatalogParameterService.saveUserParameter(oldParam); + } else { + epWidgetCatalogParameterService.saveUserParameter(widgetParameters); } - epWidgetCatalogParameterService.saveUserParameter(widgetParameters); } catch (Exception e) { logger.error(EELFLoggerDelegate.errorLogger, "saveWidgetParameter failed", e); - return new PortalRestResponse(PortalRestStatusEnum.ERROR, "FAILURE", e.getMessage()); + return new PortalRestResponse<>(PortalRestStatusEnum.ERROR, "FAILURE", e.getMessage()); } return new PortalRestResponse<>(PortalRestStatusEnum.OK, "SUCCESS", ""); } @GetMapping(value = {"/portalApi/microservices/uploadFlag"}) public String getUploadFlag() { - String uplaodFlag = ""; + String uplaodFlag; try { uplaodFlag = SystemProperties.getProperty(EPCommonSystemProperties.MS_WIDGET_UPLOAD_FLAG); } catch (Exception e) { diff --git a/portal-BE/src/main/java/org/onap/portal/controller/WidgetsCatalogMarkupController.java b/portal-BE/src/main/java/org/onap/portal/controller/WidgetsCatalogMarkupController.java index 06dd62da..e63de2e8 100644 --- a/portal-BE/src/main/java/org/onap/portal/controller/WidgetsCatalogMarkupController.java +++ b/portal-BE/src/main/java/org/onap/portal/controller/WidgetsCatalogMarkupController.java @@ -77,14 +77,8 @@ public class WidgetsCatalogMarkupController { static { // for localhost testing only - javax.net.ssl.HttpsURLConnection.setDefaultHostnameVerifier(new javax.net.ssl.HostnameVerifier() { - - public boolean verify(String hostname, javax.net.ssl.SSLSession sslSession) { - if (hostname.equals("localhost")) { - return true; - } - return false; - } + javax.net.ssl.HttpsURLConnection.setDefaultHostnameVerifier((hostname, sslSession) -> { + return hostname.equals("localhost"); }); } diff --git a/portal-BE/src/main/java/org/onap/portal/controller/WidgetsController.java b/portal-BE/src/main/java/org/onap/portal/controller/WidgetsController.java index c2915275..571cbc13 100644 --- a/portal-BE/src/main/java/org/onap/portal/controller/WidgetsController.java +++ b/portal-BE/src/main/java/org/onap/portal/controller/WidgetsController.java @@ -43,13 +43,13 @@ package org.onap.portal.controller; import java.io.IOException; import java.security.Principal; import java.util.List; -import java.util.Optional; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.onap.portal.domain.db.fn.FnUser; import org.onap.portal.domain.dto.transport.FieldsValidator; import org.onap.portal.domain.dto.transport.OnboardingWidget; import org.onap.portal.domain.dto.transport.WidgetCatalogPersonalization; +import org.onap.portal.exception.NotValidDataException; import org.onap.portal.logging.aop.EPAuditLog; import org.onap.portal.service.AdminRolesService; import org.onap.portal.service.PersUserWidgetService; @@ -59,9 +59,9 @@ import org.onap.portal.utils.EcompPortalUtils; import org.onap.portal.validation.DataValidator; import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate; import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.EnableAspectJAutoProxy; import org.springframework.http.MediaType; +import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.web.bind.annotation.DeleteMapping; import org.springframework.web.bind.annotation.GetMapping; import org.springframework.web.bind.annotation.PathVariable; @@ -99,7 +99,6 @@ public class WidgetsController { HttpServletResponse response) { FnUser user = fnUserService.loadUserByUsername(principal.getName()); List onboardingWidgets = null; - if (user.getGuest()) { EcompPortalUtils.setBadPermissions(user, response, "getOnboardingWidgets"); } else { @@ -119,26 +118,25 @@ public class WidgetsController { } @PutMapping(value = {"/portalApi/widgets/{widgetId}"}, produces = MediaType.APPLICATION_JSON_VALUE) - public FieldsValidator putOnboardingWidget(Principal principal, HttpServletRequest request, - @PathVariable("widgetId") Long widgetId, + @PreAuthorize("hasRole('System_Administrator')") + public FieldsValidator putOnboardingWidget(Principal principal, @PathVariable("widgetId") Long widgetId, @RequestBody OnboardingWidget onboardingWidget, HttpServletResponse response) { FnUser user = fnUserService.loadUserByUsername(principal.getName()); FieldsValidator fieldsValidator = null; - if (onboardingWidget != null) { - if (!dataValidator.isValid(onboardingWidget)) { - fieldsValidator = new FieldsValidator(); - fieldsValidator.setHttpStatusCode((long) HttpServletResponse.SC_NOT_ACCEPTABLE); - return fieldsValidator; - } - } - if (userHasPermissions(user, response, "putOnboardingWidget")) { - assert onboardingWidget != null; - onboardingWidget.setId(widgetId); - onboardingWidget.normalize(); + assert onboardingWidget != null; + onboardingWidget.setId(widgetId); + onboardingWidget.normalize(); + try { fieldsValidator = widgetService.setOnboardingWidget(user, onboardingWidget); response.setStatus(fieldsValidator.getHttpStatusCode().intValue()); + } catch (IllegalArgumentException e) { + fieldsValidator = new FieldsValidator(); + fieldsValidator.setHttpStatusCode((long) HttpServletResponse.SC_NOT_ACCEPTABLE); + fieldsValidator.addProblematicFieldName(e.getMessage()); + return fieldsValidator; } + EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/widgets/" + widgetId, "GET result =", response.getStatus()); @@ -154,14 +152,13 @@ public class WidgetsController { } @PostMapping(value = {"/portalApi/widgets"}, produces = MediaType.APPLICATION_JSON_VALUE) - public FieldsValidator postOnboardingWidget(Principal principal, HttpServletRequest request, - @RequestBody OnboardingWidget onboardingWidget, HttpServletResponse response) { + public FieldsValidator postOnboardingWidget(Principal principal, HttpServletResponse response, + @RequestBody OnboardingWidget onboardingWidget) { FnUser user = fnUserService.loadUserByUsername(principal.getName()); - FieldsValidator fieldsValidator = null; + FieldsValidator fieldsValidator = new FieldsValidator(); if (onboardingWidget != null) { if (!dataValidator.isValid(onboardingWidget)) { - fieldsValidator = new FieldsValidator(); fieldsValidator.setHttpStatusCode((long) HttpServletResponse.SC_NOT_ACCEPTABLE); return fieldsValidator; } @@ -170,7 +167,11 @@ public class WidgetsController { if (userHasPermissions(user, response, "postOnboardingWidget")) { onboardingWidget.setId(null); onboardingWidget.normalize(); - fieldsValidator = widgetService.setOnboardingWidget(user, onboardingWidget); + try { + fieldsValidator = widgetService.setOnboardingWidget(user, onboardingWidget); + } catch (Exception e) { + fieldsValidator.setHttpStatusCode((long) HttpServletResponse.SC_BAD_REQUEST); + } response.setStatus(fieldsValidator.getHttpStatusCode().intValue()); } @@ -180,8 +181,8 @@ public class WidgetsController { } @DeleteMapping(value = {"/portalApi/widgets/{widgetId}"}, produces = MediaType.APPLICATION_JSON_VALUE) - public FieldsValidator deleteOnboardingWidget(Principal principal, HttpServletRequest request, - @PathVariable("widgetId") Long widgetId, HttpServletResponse response) { + public FieldsValidator deleteOnboardingWidget(Principal principal, HttpServletResponse response, + @PathVariable("widgetId") Long widgetId) { FnUser user = fnUserService.loadUserByUsername(principal.getName()); FieldsValidator fieldsValidator = null; @@ -196,7 +197,7 @@ public class WidgetsController { } @PutMapping(value = {"portalApi/widgetCatalogSelection"}, produces = MediaType.APPLICATION_JSON_VALUE) - public FieldsValidator putWidgetCatalogSelection(Principal principal, HttpServletRequest request, + public FieldsValidator putWidgetCatalogSelection(Principal principal, @RequestBody WidgetCatalogPersonalization persRequest, HttpServletResponse response) throws IOException { FieldsValidator result = new FieldsValidator(); FnUser user = fnUserService.loadUserByUsername(principal.getName()); @@ -208,6 +209,7 @@ public class WidgetsController { } } try { + assert persRequest != null; if (persRequest.getWidgetId() == null || user == null) { EcompPortalUtils.setBadPermissions(user, response, "putWidgetCatalogSelection"); } else { diff --git a/portal-BE/src/main/java/org/onap/portal/dao/fn/FnWidgetDao.java b/portal-BE/src/main/java/org/onap/portal/dao/fn/FnWidgetDao.java index a47a1a0d..9c3e7a1f 100644 --- a/portal-BE/src/main/java/org/onap/portal/dao/fn/FnWidgetDao.java +++ b/portal-BE/src/main/java/org/onap/portal/dao/fn/FnWidgetDao.java @@ -40,8 +40,12 @@ package org.onap.portal.dao.fn; +import java.util.List; +import java.util.Optional; import org.onap.portal.domain.db.fn.FnWidget; import org.springframework.data.jpa.repository.JpaRepository; +import org.springframework.data.jpa.repository.Query; +import org.springframework.data.repository.query.Param; import org.springframework.stereotype.Repository; import org.springframework.transaction.annotation.Transactional; @@ -49,4 +53,6 @@ import org.springframework.transaction.annotation.Transactional; @Transactional public interface FnWidgetDao extends JpaRepository { + @Query + Optional> getForUrlNameAndAppId(final @Param("URL") String url, final @Param("NAME") String name, final @Param("APPID") Long appId); } diff --git a/portal-BE/src/main/java/org/onap/portal/domain/db/fn/FnWidget.java b/portal-BE/src/main/java/org/onap/portal/domain/db/fn/FnWidget.java index 649267bf..f595536f 100644 --- a/portal-BE/src/main/java/org/onap/portal/domain/db/fn/FnWidget.java +++ b/portal-BE/src/main/java/org/onap/portal/domain/db/fn/FnWidget.java @@ -42,21 +42,36 @@ package org.onap.portal.domain.db.fn; import javax.persistence.Column; import javax.persistence.Entity; +import javax.persistence.GeneratedValue; +import javax.persistence.GenerationType; import javax.persistence.Id; +import javax.persistence.NamedNativeQueries; +import javax.persistence.NamedNativeQuery; +import javax.persistence.NamedQueries; +import javax.persistence.NamedQuery; import javax.persistence.Table; import lombok.AllArgsConstructor; +import lombok.Builder; import lombok.Getter; import lombok.NoArgsConstructor; import lombok.Setter; -@Table(name = "fn_widget") -@NoArgsConstructor -@AllArgsConstructor +@NamedQueries({ + @NamedQuery(name = "FnWidget.getForUrlNameAndAppId", + query = "FROM FnWidget where url =:URL and name =:NAME and appId =:APPID") +}) + @Getter @Setter @Entity +@Builder +@NoArgsConstructor +@AllArgsConstructor +@Table(name = "fn_widget") public class FnWidget { + @Id + @GeneratedValue(strategy = GenerationType.AUTO) private Long widgetId; @Column(name = "WDG_NAME") private String name; diff --git a/portal-BE/src/main/java/org/onap/portal/domain/dto/transport/FieldsValidator.java b/portal-BE/src/main/java/org/onap/portal/domain/dto/transport/FieldsValidator.java index 1999d236..75f04dfd 100644 --- a/portal-BE/src/main/java/org/onap/portal/domain/dto/transport/FieldsValidator.java +++ b/portal-BE/src/main/java/org/onap/portal/domain/dto/transport/FieldsValidator.java @@ -42,6 +42,7 @@ package org.onap.portal.domain.dto.transport; import java.util.ArrayList; import java.util.List; +import java.util.Objects; import javax.servlet.http.HttpServletResponse; import lombok.AllArgsConstructor; import lombok.Getter; @@ -71,5 +72,22 @@ public class FieldsValidator { @AllArgsConstructor public class FieldName { public String name; + + @Override + public boolean equals(Object o) { + if (this == o) { + return true; + } + if (!(o instanceof FieldName)) { + return false; + } + FieldName fieldName = (FieldName) o; + return Objects.equals(name, fieldName.name); + } + + @Override + public int hashCode() { + return Objects.hash(name); + } } } diff --git a/portal-BE/src/main/java/org/onap/portal/domain/dto/transport/OnboardingWidget.java b/portal-BE/src/main/java/org/onap/portal/domain/dto/transport/OnboardingWidget.java index de13bec5..ccc9a785 100644 --- a/portal-BE/src/main/java/org/onap/portal/domain/dto/transport/OnboardingWidget.java +++ b/portal-BE/src/main/java/org/onap/portal/domain/dto/transport/OnboardingWidget.java @@ -41,27 +41,39 @@ package org.onap.portal.domain.dto.transport; import java.io.Serializable; +import javax.validation.constraints.Min; +import javax.validation.constraints.NotNull; +import javax.validation.constraints.Positive; +import lombok.Builder; import lombok.Getter; import lombok.NoArgsConstructor; import lombok.Setter; +import org.hibernate.validator.constraints.NotBlank; import org.hibernate.validator.constraints.SafeHtml; @Getter @Setter +@Builder @NoArgsConstructor public class OnboardingWidget implements Serializable { private static final long serialVersionUID = 1L; private Long id; - @SafeHtml + @SafeHtml(message = "name may have unsafe html content") private String name; + @NotNull(message = "appId can't be null") + @Min(message = "appId value must be higher than 1",value = 2) private Long appId; - @SafeHtml + @SafeHtml(message = "appName may have unsafe html content") + @NotBlank(message = "appName can't be blank") private String appName; + @Positive(message = "width must be positive number") private Integer width; + @Positive(message = "height must be positive number") private Integer height; - @SafeHtml + @SafeHtml(message = "url may have unsafe html content") + @NotBlank(message = "url can't be blank") private String url; public OnboardingWidget(Long id, String name, Long appId, diff --git a/portal-BE/src/main/java/org/onap/portal/exception/NotValidDataException.java b/portal-BE/src/main/java/org/onap/portal/exception/NotValidDataException.java new file mode 100644 index 00000000..7a8aadef --- /dev/null +++ b/portal-BE/src/main/java/org/onap/portal/exception/NotValidDataException.java @@ -0,0 +1,48 @@ +/* + * ============LICENSE_START========================================== + * ONAP Portal + * =================================================================== + * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved. + * =================================================================== + * Modifications Copyright (c) 2019 Samsung + * =================================================================== + * + * Unless otherwise specified, all software contained herein is licensed + * under the Apache License, Version 2.0 (the "License"); + * you may not use this software except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * Unless otherwise specified, all documentation contained herein is licensed + * under the Creative Commons License, Attribution 4.0 Intl. (the "License"); + * you may not use this documentation except in compliance with the License. + * You may obtain a copy of the License at + * + * https://creativecommons.org/licenses/by/4.0/ + * + * Unless required by applicable law or agreed to in writing, documentation + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * ============LICENSE_END============================================ + * + * + */ + +package org.onap.portal.exception; + +public class NotValidDataException extends Exception { + + public NotValidDataException(String exceptionMsg) { + super(exceptionMsg); + } +} diff --git a/portal-BE/src/main/java/org/onap/portal/exception/RoleFunctionException.java b/portal-BE/src/main/java/org/onap/portal/exception/RoleFunctionException.java index 75ecfa39..8ae396cf 100644 --- a/portal-BE/src/main/java/org/onap/portal/exception/RoleFunctionException.java +++ b/portal-BE/src/main/java/org/onap/portal/exception/RoleFunctionException.java @@ -1,8 +1,10 @@ -/*- +/* * ============LICENSE_START========================================== * ONAP Portal * =================================================================== - * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. + * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved. + * =================================================================== + * Modifications Copyright (c) 2019 Samsung * =================================================================== * * Unless otherwise specified, all software contained herein is licensed @@ -33,7 +35,7 @@ * * ============LICENSE_END============================================ * - * + * */ package org.onap.portal.exception; diff --git a/portal-BE/src/main/java/org/onap/portal/service/AdminRolesService.java b/portal-BE/src/main/java/org/onap/portal/service/AdminRolesService.java index c948ece4..90a28df2 100644 --- a/portal-BE/src/main/java/org/onap/portal/service/AdminRolesService.java +++ b/portal-BE/src/main/java/org/onap/portal/service/AdminRolesService.java @@ -101,7 +101,7 @@ public class AdminRolesService { userParams.put("userId", user.getId()); logger.debug(EELFLoggerDelegate.debugLogger, ADMIN_ACCOUNT, user.getId()); List userAdminApps; - String query = "select fa.app_id from fn_user_role ur,fn_app fa where ur.user_id =:userId and ur.app_id=fa.app_id and ur.role_id= 999 and (fa.enabled = 'Y' || fa.app_id=1)"; + String query = "select fa.app_id from fn_user_role ur,fn_app fa where ur.user_id =:userId and ur.app_id=fa.app_id and ur.role_id= 999 and (fa.enabled = 'Y' || fa.app_id=1)"; userAdminApps = entityManager.createQuery(query, Integer.class).setParameter("userId", user.getId()).getResultList(); logger.debug(EELFLoggerDelegate.debugLogger, "Is account admin for userAdminApps() - for user {}, found userAdminAppsSize {}", user.getOrgUserId(), userAdminApps.size()); diff --git a/portal-BE/src/main/java/org/onap/portal/service/WidgetService.java b/portal-BE/src/main/java/org/onap/portal/service/WidgetService.java index 794f9336..90d6ab78 100644 --- a/portal-BE/src/main/java/org/onap/portal/service/WidgetService.java +++ b/portal-BE/src/main/java/org/onap/portal/service/WidgetService.java @@ -44,6 +44,7 @@ import java.util.ArrayList; import java.util.List; import javax.persistence.EntityManager; import javax.servlet.http.HttpServletResponse; +import javax.validation.constraints.NotNull; import org.onap.portal.dao.fn.FnWidgetDao; import org.onap.portal.domain.db.fn.FnUser; import org.onap.portal.domain.db.fn.FnWidget; @@ -54,14 +55,17 @@ import org.onap.portal.domain.dto.transport.OnboardingWidget; import org.onap.portal.utils.EPCommonSystemProperties; import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate; import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.context.annotation.EnableAspectJAutoProxy; +import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.stereotype.Service; import org.springframework.transaction.annotation.Transactional; @Service +@EnableAspectJAutoProxy +@Transactional public class WidgetService { private final EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(WidgetService.class); - private final Long LONG_ECOMP_APP_ID = 1L; private final Long ACCOUNT_ADMIN_ROLE_ID = 999L; private static String baseSqlToken = @@ -122,16 +126,9 @@ public class WidgetService { + ":USERID"; } - public FieldsValidator setOnboardingWidget(FnUser user, OnboardingWidget onboardingWidget) { - if (onboardingWidget.getAppName().isEmpty() || onboardingWidget.getUrl().isEmpty() - || onboardingWidget.getAppId() == null - || onboardingWidget.getAppId().equals(LONG_ECOMP_APP_ID) || onboardingWidget.getWidth() <= 0 || - onboardingWidget.getHeight() <= 0) { - FieldsValidator fieldsValidator = new FieldsValidator(); - fieldsValidator.setHttpStatusCode((long) HttpServletResponse.SC_BAD_REQUEST); - return fieldsValidator; - } - return this.updateOrSaveWidget(adminRolesService.isSuperAdmin(user), user.getId(), onboardingWidget); + @PreAuthorize("hasRole('System_Administrator')") + public FieldsValidator setOnboardingWidget(final FnUser user, final OnboardingWidget onboardingWidget) { + return this.updateOrSaveWidget(true, user.getId(), onboardingWidget); } private FieldsValidator updateOrSaveWidget(boolean superAdmin, Long userId, OnboardingWidget onboardingWidget) { @@ -178,7 +175,6 @@ public class WidgetService { .getResultList(); } - @Transactional private void applyOnboardingWidget(OnboardingWidget onboardingWidget, FieldsValidator fieldsValidator) { boolean result; FnWidget widget; @@ -199,11 +195,11 @@ public class WidgetService { } private void validateOnboardingWidget(OnboardingWidget onboardingWidget, FieldsValidator fieldsValidator) { - List widgets = getWidgets(onboardingWidget); + List widgets = getWidgets(onboardingWidget); boolean dublicatedUrl = false; boolean dublicatedName = false; - for (Widget widget : widgets) { - if (onboardingWidget.getId() != null && onboardingWidget.getId().equals(widget.getId())) { + for (FnWidget widget : widgets) { + if (onboardingWidget.getId() != null && onboardingWidget.getId().equals(widget.getWidgetId())) { // widget should not be compared with itself continue; } @@ -233,18 +229,10 @@ public class WidgetService { } } - private List getWidgets(OnboardingWidget onboardingWidget) { - return entityManager.createQuery( - "SELECT new org.onap.portal.domain.dto.ecomp.Widget(fn.APP_ID, fn.WDG_NAME, fn.WDG_URL) FROM FnWidget fn" - + "WHERE fn.WDG_URL = :WDGURL " - + "AND fn.WDG_NAME = :WDGNAME " - + "AND fn.APP_ID = :APPID", Widget.class) - .setParameter("WDGURL", onboardingWidget.getUrl()) - .setParameter("WDGNAME", onboardingWidget.getName()) - .getResultList(); + private List getWidgets(final OnboardingWidget onboardingWidget) { + return fnWidgetDao.getForUrlNameAndAppId(onboardingWidget.getUrl(), onboardingWidget.getName(), onboardingWidget.getAppId()).orElse(new ArrayList<>()); } - @Transactional public FieldsValidator deleteOnboardingWidget(FnUser user, Long onboardingWidgetId) { FieldsValidator fieldsValidator = new FieldsValidator(); synchronized (syncRests) { @@ -262,4 +250,8 @@ public class WidgetService { } return fieldsValidator; } + + public FnWidget saveOne(final FnWidget widget){ + return fnWidgetDao.saveAndFlush(widget); + } } diff --git a/portal-BE/src/main/java/org/onap/portal/service/ep/EpWidgetCatalogParameterService.java b/portal-BE/src/main/java/org/onap/portal/service/ep/EpWidgetCatalogParameterService.java index 75cc9aa7..d43acc04 100644 --- a/portal-BE/src/main/java/org/onap/portal/service/ep/EpWidgetCatalogParameterService.java +++ b/portal-BE/src/main/java/org/onap/portal/service/ep/EpWidgetCatalogParameterService.java @@ -75,6 +75,10 @@ public class EpWidgetCatalogParameterService { epMicroserviceParameterService.deleteMicroserviceParameterById(paramId)); } + public EpWidgetCatalogParameter getById(final Long id){ + return epWidgetCatalogParameterDao.getOne(id); + } + @Transactional public boolean deleteByParamId(final Long paramId) { try { @@ -90,8 +94,8 @@ public class EpWidgetCatalogParameterService { EpWidgetCatalogParameter widgetParam = null; List list = epWidgetCatalogParameterDao .getUserParamById(widgetId, userId, paramId) - .orElse(new ArrayList<>()); - if (list.size() != 0) { + .orElse(null); + if (list != null && !list.isEmpty()) { widgetParam = list.get(0); } logger.debug(EELFLoggerDelegate.debugLogger, @@ -99,7 +103,6 @@ public class EpWidgetCatalogParameterService { return widgetParam; } - @Transactional public void saveUserParameter(final EpWidgetCatalogParameter newParameter) { epWidgetCatalogParameterDao.save(newParameter); } -- cgit 1.2.3-korg