service/src/main/java/org/apache/fineract/cn/identity/rest/ApplicationRestController.java - fineract-cn-identity - Git at Google

 /*
  * Licensed to the Apache Software Foundation (ASF) under one
  * or more contributor license agreements.  See the NOTICE file
  * distributed with this work for additional information
  * regarding copyright ownership.  The ASF licenses this file
  * to you under the Apache License, Version 2.0 (the
  * "License"); you may not use this file except in compliance
  * with the License.  You may obtain a copy of the License at
  *
  *   http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing,
  * software distributed under the License is distributed on an
  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
  * KIND, either express or implied.  See the License for the
  * specific language governing permissions and limitations
  * under the License.
  */
 package org.apache.fineract.cn.identity.rest;


 import org.apache.fineract.cn.identity.api.v1.PermittableGroupIds;
 import org.apache.fineract.cn.identity.api.v1.domain.Permission;
 import org.apache.fineract.cn.anubis.annotation.AcceptedTokenType;
 import org.apache.fineract.cn.anubis.annotation.Permittable;
 import org.apache.fineract.cn.anubis.api.v1.domain.Signature;
 import org.apache.fineract.cn.anubis.api.v1.validation.ValidKeyTimestamp;
 import org.apache.fineract.cn.command.gateway.CommandGateway;
 import org.apache.fineract.cn.identity.internal.command.CreateApplicationPermissionCommand;
 import org.apache.fineract.cn.identity.internal.command.DeleteApplicationCommand;
 import org.apache.fineract.cn.identity.internal.command.DeleteApplicationPermissionCommand;
 import org.apache.fineract.cn.identity.internal.command.SetApplicationSignatureCommand;
 import org.apache.fineract.cn.identity.internal.service.ApplicationService;
 import org.apache.fineract.cn.identity.internal.service.PermittableGroupService;
 import org.apache.fineract.cn.lang.ServiceException;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.http.MediaType;
 import org.springframework.http.ResponseEntity;
 import org.springframework.web.bind.annotation.*;

 import javax.annotation.Nonnull;
 import javax.validation.Valid;
 import java.util.List;

 /**
  * @author Myrle Krantz
  */
 @SuppressWarnings("WeakerAccess")
 @RestController
 @RequestMapping("/applications")
 public class ApplicationRestController {
   private final ApplicationService service;
   private final PermittableGroupService permittableGroupService;
   private final CommandGateway commandGateway;

   @Autowired
   public ApplicationRestController(
           final ApplicationService service,
           final PermittableGroupService permittableGroupService,
           final CommandGateway commandGateway) {
     this.service = service;
     this.permittableGroupService = permittableGroupService;
     this.commandGateway = commandGateway;
   }

   @RequestMapping(method = RequestMethod.GET,
           consumes = {MediaType.ALL_VALUE},
           produces = {MediaType.APPLICATION_JSON_VALUE})
   @Permittable(value = AcceptedTokenType.SYSTEM)
   public @ResponseBody
   ResponseEntity<List<String>>
   getApplications() {
     return ResponseEntity.ok(service.getAllApplications());
   }

   @RequestMapping(value = "/{applicationidentifier}/signatures/{timestamp}", method = RequestMethod.PUT,
           consumes = {MediaType.ALL_VALUE},
           produces = {MediaType.APPLICATION_JSON_VALUE})
   @Permittable(value = AcceptedTokenType.SYSTEM)
   public @ResponseBody
   ResponseEntity<Void>
   setApplicationSignature(@PathVariable("applicationidentifier") @Nonnull String applicationIdentifier,
                           @PathVariable("timestamp") @ValidKeyTimestamp String timestamp,
                           @RequestBody @Valid Signature signature) {
     commandGateway.process(new SetApplicationSignatureCommand(applicationIdentifier, timestamp, signature));

     return ResponseEntity.accepted().build();
   }

   @RequestMapping(value = "/{applicationidentifier}/signatures/{timestamp}", method = RequestMethod.GET,
           consumes = {MediaType.ALL_VALUE},
           produces = {MediaType.APPLICATION_JSON_VALUE})
   @Permittable(value = AcceptedTokenType.SYSTEM)
   public @ResponseBody
   ResponseEntity<Signature>
   getApplicationSignature(@PathVariable("applicationidentifier") @Nonnull String applicationIdentifier,
                           @PathVariable("timestamp") @ValidKeyTimestamp String timestamp) {
     return service.getSignatureForApplication(applicationIdentifier, timestamp)
             .map(ResponseEntity::ok)
             .orElseThrow(() -> ServiceException
                 .notFound("Signature for application ''" + applicationIdentifier + "'' and key timestamp ''" + timestamp + "'' doesn''t exist."));
   }

   @RequestMapping(value = "/{applicationidentifier}", method = RequestMethod.DELETE,
           consumes = {MediaType.ALL_VALUE},
           produces = {MediaType.APPLICATION_JSON_VALUE})
   @Permittable(value = AcceptedTokenType.SYSTEM)
   public @ResponseBody
   ResponseEntity<Void>
   deleteApplication(@PathVariable("applicationidentifier") @Nonnull String applicationIdentifier) {
     checkApplicationIdentifier(applicationIdentifier);
     commandGateway.process(new DeleteApplicationCommand(applicationIdentifier));
     return ResponseEntity.accepted().build();
   }

   @RequestMapping(value = "/{applicationidentifier}/permissions", method = RequestMethod.POST,
           consumes = {MediaType.ALL_VALUE},
           produces = {MediaType.APPLICATION_JSON_VALUE})
   @Permittable(value = AcceptedTokenType.SYSTEM)
   @Permittable(value = AcceptedTokenType.TENANT, permittedEndpoint = "applications/{applicationidentifier}/permissions", groupId = PermittableGroupIds.APPLICATION_SELF_MANAGEMENT)
   public @ResponseBody
   ResponseEntity<Void>
   createApplicationPermission(@PathVariable("applicationidentifier") @Nonnull String applicationIdentifier,
                               @RequestBody @Valid Permission permission) {
     checkApplicationIdentifier(applicationIdentifier);
     checkPermittableGroupIdentifier(permission.getPermittableEndpointGroupIdentifier());
     commandGateway.process(new CreateApplicationPermissionCommand(applicationIdentifier, permission));
     return ResponseEntity.accepted().build();
   }

   @RequestMapping(value = "/{applicationidentifier}/permissions", method = RequestMethod.GET,
           consumes = {MediaType.ALL_VALUE},
           produces = {MediaType.APPLICATION_JSON_VALUE})
   @Permittable(value = AcceptedTokenType.SYSTEM)
   @Permittable(value = AcceptedTokenType.TENANT, permittedEndpoint = "applications/{applicationidentifier}/permissions", groupId = PermittableGroupIds.APPLICATION_SELF_MANAGEMENT)
   public @ResponseBody
   ResponseEntity<List<Permission>>
   getApplicationPermissions(@PathVariable("applicationidentifier") @Nonnull String applicationIdentifier) {
     checkApplicationIdentifier(applicationIdentifier);
     return ResponseEntity.ok(service.getAllPermissionsForApplication(applicationIdentifier));
   }

   @RequestMapping(value = "/{applicationidentifier}/permissions/{permissionidentifier}", method = RequestMethod.GET,
           consumes = {MediaType.ALL_VALUE},
           produces = {MediaType.APPLICATION_JSON_VALUE})
   @Permittable(value = AcceptedTokenType.SYSTEM)
   public @ResponseBody
   ResponseEntity<Permission> getApplicationPermission(@PathVariable("applicationidentifier") String applicationIdentifier,
                                                      @PathVariable("permissionidentifier") String permittableEndpointGroupIdentifier) {
     return service.getPermissionForApplication(applicationIdentifier, permittableEndpointGroupIdentifier)
             .map(ResponseEntity::ok)
             .orElseThrow(() -> ServiceException.notFound("Application permission ''{0}.{1}'' doesn''t exist.",
                     applicationIdentifier, permittableEndpointGroupIdentifier));
   }

   @RequestMapping(value = "/{applicationidentifier}/permissions/{permissionidentifier}", method = RequestMethod.DELETE,
           consumes = {MediaType.ALL_VALUE},
           produces = {MediaType.APPLICATION_JSON_VALUE})
   @Permittable(value = AcceptedTokenType.SYSTEM)
   public @ResponseBody
   ResponseEntity<Void>
   deleteApplicationPermission(@PathVariable("applicationidentifier") @Nonnull String applicationIdentifier,
                               @PathVariable("permissionidentifier") @Nonnull String permittableEndpointGroupIdentifier)
   {
     checkApplicationPermissionIdentifier(service, applicationIdentifier, permittableEndpointGroupIdentifier);
     commandGateway.process(new DeleteApplicationPermissionCommand(applicationIdentifier, permittableEndpointGroupIdentifier));
     return ResponseEntity.accepted().build();
   }

   private void checkApplicationIdentifier(final @Nonnull String identifier) {
     if (!service.applicationExists(identifier))
       throw ServiceException.notFound("Application with identifier ''" + identifier + "'' doesn''t exist.");
   }

   static void checkApplicationPermissionIdentifier(final @Nonnull ApplicationService service,
                                                    final @Nonnull String applicationIdentifier,
                                                    final @Nonnull String permittableEndpointGroupIdentifier) {
     if (!service.applicationPermissionExists(applicationIdentifier, permittableEndpointGroupIdentifier))
       throw ServiceException.notFound("Application permission ''{0}.{1}'' doesn''t exist.",
               applicationIdentifier, permittableEndpointGroupIdentifier);
   }

   private void checkPermittableGroupIdentifier(final String permittableEndpointGroupIdentifier) {
     permittableGroupService.findByIdentifier(permittableEndpointGroupIdentifier)
             .orElseThrow(() -> ServiceException.notFound("Permittable group ''{0}'' doesn''t exist.", permittableEndpointGroupIdentifier));
   }
 }
	/*
	* Licensed to the Apache Software Foundation (ASF) under one
	* or more contributor license agreements. See the NOTICE file
	* distributed with this work for additional information
	* regarding copyright ownership. The ASF licenses this file
	* to you under the Apache License, Version 2.0 (the
	* "License"); you may not use this file except in compliance
	* with the License. You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing,
	* software distributed under the License is distributed on an
	* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
	* KIND, either express or implied. See the License for the
	* specific language governing permissions and limitations
	* under the License.
	*/
	package org.apache.fineract.cn.identity.rest;


	import org.apache.fineract.cn.identity.api.v1.PermittableGroupIds;
	import org.apache.fineract.cn.identity.api.v1.domain.Permission;
	import org.apache.fineract.cn.anubis.annotation.AcceptedTokenType;
	import org.apache.fineract.cn.anubis.annotation.Permittable;
	import org.apache.fineract.cn.anubis.api.v1.domain.Signature;
	import org.apache.fineract.cn.anubis.api.v1.validation.ValidKeyTimestamp;
	import org.apache.fineract.cn.command.gateway.CommandGateway;
	import org.apache.fineract.cn.identity.internal.command.CreateApplicationPermissionCommand;
	import org.apache.fineract.cn.identity.internal.command.DeleteApplicationCommand;
	import org.apache.fineract.cn.identity.internal.command.DeleteApplicationPermissionCommand;
	import org.apache.fineract.cn.identity.internal.command.SetApplicationSignatureCommand;
	import org.apache.fineract.cn.identity.internal.service.ApplicationService;
	import org.apache.fineract.cn.identity.internal.service.PermittableGroupService;
	import org.apache.fineract.cn.lang.ServiceException;
	import org.springframework.beans.factory.annotation.Autowired;
	import org.springframework.http.MediaType;
	import org.springframework.http.ResponseEntity;
	import org.springframework.web.bind.annotation.*;

	import javax.annotation.Nonnull;
	import javax.validation.Valid;
	import java.util.List;

	/**
	* @author Myrle Krantz
	*/
	@SuppressWarnings("WeakerAccess")
	@RestController
	@RequestMapping("/applications")
	public class ApplicationRestController {
	private final ApplicationService service;
	private final PermittableGroupService permittableGroupService;
	private final CommandGateway commandGateway;

	@Autowired
	public ApplicationRestController(
	final ApplicationService service,
	final PermittableGroupService permittableGroupService,
	final CommandGateway commandGateway) {
	this.service = service;
	this.permittableGroupService = permittableGroupService;
	this.commandGateway = commandGateway;
	}

	@RequestMapping(method = RequestMethod.GET,
	consumes = {MediaType.ALL_VALUE},
	produces = {MediaType.APPLICATION_JSON_VALUE})
	@Permittable(value = AcceptedTokenType.SYSTEM)
	public @ResponseBody
	ResponseEntity<List<String>>
	getApplications() {
	return ResponseEntity.ok(service.getAllApplications());
	}

	@RequestMapping(value = "/{applicationidentifier}/signatures/{timestamp}", method = RequestMethod.PUT,
	consumes = {MediaType.ALL_VALUE},
	produces = {MediaType.APPLICATION_JSON_VALUE})
	@Permittable(value = AcceptedTokenType.SYSTEM)
	public @ResponseBody
	ResponseEntity<Void>
	setApplicationSignature(@PathVariable("applicationidentifier") @Nonnull String applicationIdentifier,
	@PathVariable("timestamp") @ValidKeyTimestamp String timestamp,
	@RequestBody @Valid Signature signature) {
	commandGateway.process(new SetApplicationSignatureCommand(applicationIdentifier, timestamp, signature));

	return ResponseEntity.accepted().build();
	}

	@RequestMapping(value = "/{applicationidentifier}/signatures/{timestamp}", method = RequestMethod.GET,
	consumes = {MediaType.ALL_VALUE},
	produces = {MediaType.APPLICATION_JSON_VALUE})
	@Permittable(value = AcceptedTokenType.SYSTEM)
	public @ResponseBody
	ResponseEntity<Signature>
	getApplicationSignature(@PathVariable("applicationidentifier") @Nonnull String applicationIdentifier,
	@PathVariable("timestamp") @ValidKeyTimestamp String timestamp) {
	return service.getSignatureForApplication(applicationIdentifier, timestamp)
	.map(ResponseEntity::ok)
	.orElseThrow(() -> ServiceException
	.notFound("Signature for application ''" + applicationIdentifier + "'' and key timestamp ''" + timestamp + "'' doesn''t exist."));
	}

	@RequestMapping(value = "/{applicationidentifier}", method = RequestMethod.DELETE,
	consumes = {MediaType.ALL_VALUE},
	produces = {MediaType.APPLICATION_JSON_VALUE})
	@Permittable(value = AcceptedTokenType.SYSTEM)
	public @ResponseBody
	ResponseEntity<Void>
	deleteApplication(@PathVariable("applicationidentifier") @Nonnull String applicationIdentifier) {
	checkApplicationIdentifier(applicationIdentifier);
	commandGateway.process(new DeleteApplicationCommand(applicationIdentifier));
	return ResponseEntity.accepted().build();
	}

	@RequestMapping(value = "/{applicationidentifier}/permissions", method = RequestMethod.POST,
	consumes = {MediaType.ALL_VALUE},
	produces = {MediaType.APPLICATION_JSON_VALUE})
	@Permittable(value = AcceptedTokenType.SYSTEM)
	@Permittable(value = AcceptedTokenType.TENANT, permittedEndpoint = "applications/{applicationidentifier}/permissions", groupId = PermittableGroupIds.APPLICATION_SELF_MANAGEMENT)
	public @ResponseBody
	ResponseEntity<Void>
	createApplicationPermission(@PathVariable("applicationidentifier") @Nonnull String applicationIdentifier,
	@RequestBody @Valid Permission permission) {
	checkApplicationIdentifier(applicationIdentifier);
	checkPermittableGroupIdentifier(permission.getPermittableEndpointGroupIdentifier());
	commandGateway.process(new CreateApplicationPermissionCommand(applicationIdentifier, permission));
	return ResponseEntity.accepted().build();
	}

	@RequestMapping(value = "/{applicationidentifier}/permissions", method = RequestMethod.GET,
	consumes = {MediaType.ALL_VALUE},
	produces = {MediaType.APPLICATION_JSON_VALUE})
	@Permittable(value = AcceptedTokenType.SYSTEM)
	@Permittable(value = AcceptedTokenType.TENANT, permittedEndpoint = "applications/{applicationidentifier}/permissions", groupId = PermittableGroupIds.APPLICATION_SELF_MANAGEMENT)
	public @ResponseBody
	ResponseEntity<List<Permission>>
	getApplicationPermissions(@PathVariable("applicationidentifier") @Nonnull String applicationIdentifier) {
	checkApplicationIdentifier(applicationIdentifier);
	return ResponseEntity.ok(service.getAllPermissionsForApplication(applicationIdentifier));
	}

	@RequestMapping(value = "/{applicationidentifier}/permissions/{permissionidentifier}", method = RequestMethod.GET,
	consumes = {MediaType.ALL_VALUE},
	produces = {MediaType.APPLICATION_JSON_VALUE})
	@Permittable(value = AcceptedTokenType.SYSTEM)
	public @ResponseBody
	ResponseEntity<Permission> getApplicationPermission(@PathVariable("applicationidentifier") String applicationIdentifier,
	@PathVariable("permissionidentifier") String permittableEndpointGroupIdentifier) {
	return service.getPermissionForApplication(applicationIdentifier, permittableEndpointGroupIdentifier)
	.map(ResponseEntity::ok)
	.orElseThrow(() -> ServiceException.notFound("Application permission ''{0}.{1}'' doesn''t exist.",
	applicationIdentifier, permittableEndpointGroupIdentifier));
	}

	@RequestMapping(value = "/{applicationidentifier}/permissions/{permissionidentifier}", method = RequestMethod.DELETE,
	consumes = {MediaType.ALL_VALUE},
	produces = {MediaType.APPLICATION_JSON_VALUE})
	@Permittable(value = AcceptedTokenType.SYSTEM)
	public @ResponseBody
	ResponseEntity<Void>
	deleteApplicationPermission(@PathVariable("applicationidentifier") @Nonnull String applicationIdentifier,
	@PathVariable("permissionidentifier") @Nonnull String permittableEndpointGroupIdentifier)
	{
	checkApplicationPermissionIdentifier(service, applicationIdentifier, permittableEndpointGroupIdentifier);
	commandGateway.process(new DeleteApplicationPermissionCommand(applicationIdentifier, permittableEndpointGroupIdentifier));
	return ResponseEntity.accepted().build();
	}

	private void checkApplicationIdentifier(final @Nonnull String identifier) {
	if (!service.applicationExists(identifier))
	throw ServiceException.notFound("Application with identifier ''" + identifier + "'' doesn''t exist.");
	}

	static void checkApplicationPermissionIdentifier(final @Nonnull ApplicationService service,
	final @Nonnull String applicationIdentifier,
	final @Nonnull String permittableEndpointGroupIdentifier) {
	if (!service.applicationPermissionExists(applicationIdentifier, permittableEndpointGroupIdentifier))
	throw ServiceException.notFound("Application permission ''{0}.{1}'' doesn''t exist.",
	applicationIdentifier, permittableEndpointGroupIdentifier);
	}

	private void checkPermittableGroupIdentifier(final String permittableEndpointGroupIdentifier) {
	permittableGroupService.findByIdentifier(permittableEndpointGroupIdentifier)
	.orElseThrow(() -> ServiceException.notFound("Permittable group ''{0}'' doesn''t exist.", permittableEndpointGroupIdentifier));
	}
	}