Java tutorial
/** * Copyright 2013 Stockholm County Council * * This file is part of APIGW * * APIGW is free software; you can redistribute it and/or modify * it under the terms of version 2.1 of the GNU Lesser General Public * License as published by the Free Software Foundation. * * APIGW is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU Lesser General Public License for more details. * * You should have received a copy of the GNU Lesser General Public * License along with APIGW; if not, write to the * Free Software Foundation, Inc., 59 Temple Place, Suite 330, * Boston, MA 02111-1307 USA * */ package org.apigw.authserver.web.admin.v1.controller; import org.apigw.authserver.svc.PermissionServices; import org.apigw.authserver.types.domain.AuthorizationGrant; import org.apigw.authserver.types.domain.Permission; import org.apigw.authserver.web.admin.v1.dto.AuthorizationGrantDTO; import org.apigw.authserver.web.admin.v1.dto.CertifiedClientDTO; import org.apigw.authserver.svc.CertifiedClientDetailsService; import org.apigw.authserver.types.domain.CertifiedClient; import org.apigw.authserver.types.domain.CertifiedClientPermission; import org.apigw.authserver.web.admin.v1.dto.PermissionDTO; import org.apigw.authserver.web.exception.ResourceNotFoundException; import org.dozer.DozerBeanMapper; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Qualifier; import org.springframework.http.HttpStatus; import org.springframework.web.bind.annotation.PathVariable; import org.springframework.web.bind.annotation.RequestBody; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMethod; import org.springframework.web.bind.annotation.ResponseStatus; import org.springframework.web.bind.annotation.RestController; import javax.validation.Valid; import java.util.ArrayList; import java.util.Iterator; import java.util.List; /** * Restful controller to handle CertifiedClients * * @author Peter Merikan * * TODO: Document this rest controller */ @RestController("CertifiedClientRestController_v1") @RequestMapping(value = "/admin/v1/clients") public class CertifiedClientRestController { private static final Logger log = LoggerFactory.getLogger(CertifiedClientRestController.class); @Autowired @Qualifier("clientDetailsService") CertifiedClientDetailsService service; @Autowired PermissionServices permissionService; @Autowired private DozerBeanMapper mapper; @RequestMapping(method = RequestMethod.GET) public List<CertifiedClientDTO> list() { List<CertifiedClientDTO> result = new ArrayList<>(); List<CertifiedClient> clients = service.findAllClients(); for (CertifiedClient client : clients) { result.add(mapper.map(client, CertifiedClientDTO.class)); } return result; } @RequestMapping(value = "/{clientId}", method = RequestMethod.GET) public CertifiedClientDTO get(@PathVariable("clientId") String clientId) { CertifiedClient client = service.findClientByClientId(clientId); if (client == null) { log.debug("Client with clientId {} not found", clientId); throw new ResourceNotFoundException("Client with clientId " + clientId + " not found"); } return mapper.map(client, CertifiedClientDTO.class); } @RequestMapping(method = RequestMethod.POST) @ResponseStatus(HttpStatus.CREATED) public CertifiedClientDTO create(@Valid @RequestBody CertifiedClientDTO client) { //TODO: Add more validations to DTO CertifiedClient mappedClient = mapper.map(client, CertifiedClient.class); CertifiedClient persisted = service.store(mappedClient); return mapper.map(persisted, CertifiedClientDTO.class); } @RequestMapping(value = "/{clientId}", method = RequestMethod.DELETE) @ResponseStatus(HttpStatus.NO_CONTENT) public void delete(@PathVariable String clientId) { CertifiedClient client = service.findClientByClientId(clientId); if (client == null) { log.debug("Client with clientId {} not found", clientId); throw new ResourceNotFoundException("Client with clientId " + clientId + " not found"); } log.debug("Deleting client {}", clientId); service.delete(client); } @RequestMapping(value = "/{clientId}/permissions", method = RequestMethod.GET) public List<PermissionDTO> getAllPermissions(@PathVariable("clientId") String clientId) { List<PermissionDTO> result = new ArrayList<>(); CertifiedClient client = service.findClientByClientId(clientId); if (client == null) { log.debug("Client with clientId {} not found", clientId); throw new ResourceNotFoundException("Client with clientId " + clientId + " not found"); } for (CertifiedClientPermission ccp : client.getCertifiedClientPermissions()) { result.add(mapper.map(ccp.getPermission(), PermissionDTO.class)); } return result; } @RequestMapping(value = "/{clientId}/permissions/{permissionId}", method = RequestMethod.GET) public PermissionDTO getPermission(@PathVariable String clientId, @PathVariable Long permissionId) { CertifiedClient client = service.findClientByClientId(clientId); if (client == null) { log.debug("Client with clientId {} not found", clientId); throw new ResourceNotFoundException("Client with clientId " + clientId + " not found"); } Permission permission = null; for (Iterator<CertifiedClientPermission> permissionIterator = client.getCertifiedClientPermissions() .iterator(); permissionIterator.hasNext();) { CertifiedClientPermission ccp = permissionIterator.next(); if (ccp.getPermission().getId().equals(permissionId)) { permission = ccp.getPermission(); } } if (permission == null) { log.debug("Permission with id {} not found", permissionId); throw new ResourceNotFoundException("Permission with id " + permissionId + " not found"); } return mapper.map(permission, PermissionDTO.class); } @RequestMapping(value = "/{clientId}/permissions/{permissionId}", method = RequestMethod.PUT) public PermissionDTO createPermission(@PathVariable String clientId, @PathVariable Long permissionId) { CertifiedClient client = service.findClientByClientId(clientId); if (client == null) { log.debug("Client with clientId {} not found", clientId); throw new ResourceNotFoundException("Client with clientId " + clientId + " not found"); } for (Iterator<CertifiedClientPermission> permissionIterator = client.getCertifiedClientPermissions() .iterator(); permissionIterator.hasNext();) { CertifiedClientPermission permission = permissionIterator.next(); if (permission.getPermission().getId().equals(permissionId)) { // already exists, do nothing return mapper.map(permission.getPermission(), PermissionDTO.class); } } Permission permission = permissionService.get(permissionId); if (permission == null) { log.debug("Permission with id {} not found", permissionId); throw new ResourceNotFoundException("Permission with id " + permissionId + " not found"); } CertifiedClientPermission ccPermission = new CertifiedClientPermission(); ccPermission.setCertifiedClient(client); ccPermission.setPermission(permission); service.storePermission(ccPermission); log.debug("Added permission {} for client {}", permission.getName(), client.getName()); return mapper.map(permission, PermissionDTO.class); } @RequestMapping(value = "/{clientId}/permissions/{permissionId}", method = RequestMethod.DELETE) @ResponseStatus(HttpStatus.NO_CONTENT) public void deletePermission(@PathVariable String clientId, @PathVariable Long permissionId) { //TODO: Make sure that it's not possible to delete permission if it has grants. CertifiedClient client = service.findClientByClientId(clientId); if (client == null) { log.debug("Client with clientId {} not found", clientId); throw new ResourceNotFoundException("Client with clientId " + clientId + " not found"); } for (Iterator<CertifiedClientPermission> permissionIterator = client.getCertifiedClientPermissions() .iterator(); permissionIterator.hasNext();) { CertifiedClientPermission permission = permissionIterator.next(); if (permission.getPermission().getId().equals(permissionId)) { log.debug("Removing permission {} for client {}", permission.getPermission().getName(), client.getClientId()); service.deletePermission(permission); return; } } log.debug("Permission {} for Client {} not found", permissionId, clientId); throw new ResourceNotFoundException( "Permission " + permissionId + " for Client " + clientId + " not found"); } @RequestMapping(value = "/{clientId}/permissions/{permissionId}/grants", method = RequestMethod.GET) public List<AuthorizationGrantDTO> getGrants(@PathVariable String clientId, @PathVariable Long permissionId) { log.debug("getGrants(clientId: {}, permissionId: {})", clientId, permissionId); List<AuthorizationGrantDTO> result = new ArrayList<>(); CertifiedClient client = service.findClientByClientId(clientId); if (client == null) { log.debug("Client with clientId {} not found", clientId); throw new ResourceNotFoundException("Client with clientId " + clientId + " not found"); } CertifiedClientPermission certifiedClientPermission = null; List<CertifiedClientPermission> certifiedClientPermissions = client.getCertifiedClientPermissions(); for (CertifiedClientPermission ccp : certifiedClientPermissions) { if (ccp.getPermission().getId().equals(permissionId)) { certifiedClientPermission = ccp; break; } } if (certifiedClientPermission == null) { log.debug("Permission with id {} not found", permissionId); throw new ResourceNotFoundException("Permission with id " + permissionId + " not found"); } else { List<AuthorizationGrant> grants = service.findAuthorizationGrantsByClientIdAndPermissionId(clientId, certifiedClientPermission.getPermission().getId()); for (AuthorizationGrant grant : grants) { result.add(mapper.map(grant, AuthorizationGrantDTO.class)); } } return result; } }