Java tutorial
/** * Copyright (C) 2015 Caratarse Auth Team <lucio.benfante@gmail.com> * * This file is part of Caratarse Auth Services. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ package org.caratarse.auth.services.controller; import com.strategicgains.hyperexpress.HyperExpress; import com.strategicgains.hyperexpress.builder.TokenBinder; import com.strategicgains.hyperexpress.builder.TokenResolver; import com.strategicgains.hyperexpress.builder.UrlBuilder; import com.strategicgains.syntaxe.ValidationException; import io.netty.handler.codec.http.HttpMethod; import io.netty.handler.codec.http.HttpResponseStatus; import java.util.ArrayList; import java.util.List; import javax.annotation.Resource; import org.caratarse.auth.model.bo.AuthorizationBo; import org.caratarse.auth.model.bo.UserAuthorizationBo; import org.caratarse.auth.model.bo.UserBo; import org.caratarse.auth.model.dao.UserAuthorizationDao; import org.caratarse.auth.model.po.Authorization; import org.caratarse.auth.model.po.User; import org.caratarse.auth.model.po.UserAuthorization; import org.caratarse.auth.services.Constants; import org.caratarse.auth.services.util.HyperExpressBindHelper; import org.lambico.dao.generic.Page; import org.restexpress.Request; import org.restexpress.Response; import org.restexpress.common.query.QueryFilter; import org.restexpress.common.query.QueryOrder; import org.restexpress.common.query.QueryRange; import org.restexpress.query.QueryFilters; import org.restexpress.query.QueryOrders; import org.restexpress.query.QueryRanges; import org.springframework.transaction.annotation.Transactional; public class UserAuthorizationController { private static final UrlBuilder LOCATION_BUILDER = new UrlBuilder(); @Resource private UserBo userBo; @Resource private AuthorizationBo authorizationBo; @Resource private UserAuthorizationDao userAuthorizationDao; @Resource private UserAuthorizationBo userAuthorizationBo; public UserAuthorizationController() { } public UserAuthorization addAuthorizationToUser(Request request, Response response) { String userUuid = request.getHeader(Constants.Url.USER_UUID, "No User UUID supplied"); String authorizationName = request.getHeader(Constants.Url.AUTHORIZATION_NAME, "No Authorization Name supplied"); UserAuthorization userAuthorizationPermissions = request.getBodyAs(UserAuthorization.class, "UserAuthorization with permissions details not provided"); validateAndThrow(userUuid, authorizationName); UserAuthorization userAuthorization = userAuthorizationBo.addAuthorizationToUser(userUuid, authorizationName, userAuthorizationPermissions.getPermissions()); // Construct the response for create... response.setResponseCreated(); TokenResolver resolver = HyperExpress.bind(Constants.Url.USER_UUID, userUuid) .bind(Constants.Url.AUTHORIZATION_NAME, authorizationName); // Include the Location header... String locationPattern = request.getNamedUrl(HttpMethod.GET, Constants.Routes.USER_READ_ROUTE); response.addLocationHeader(LOCATION_BUILDER.build(locationPattern, resolver)); // Return the newly-created item... return userAuthorization; } public UserAuthorization read(Request request, Response response) { String userUuid = request.getHeader(Constants.Url.USER_UUID, "No User UUID supplied"); String authorizationName = request.getHeader(Constants.Url.AUTHORIZATION_NAME, "No Authorization Name supplied"); UserAuthorization userAuthorization = userAuthorizationBo.findUserAuthorization(userUuid, authorizationName); if (userAuthorization == null) { response.setResponseStatus(HttpResponseStatus.NOT_FOUND); } addTokenBinder(); return userAuthorization; } @Transactional public List<UserAuthorization> readAll(Request request, Response response) { String uuid = request.getHeader(Constants.Url.USER_UUID, "No User UUID supplied"); QueryFilter filter = QueryFilters.parseFrom(request); QueryOrder order = QueryOrders.parseFrom(request); QueryRange range = QueryRanges.parseFrom(request, Constants.DEFAULT_RANGE_LIMIT); Page<UserAuthorization> entities = userAuthorizationBo.readAllByUserAndService(uuid, filter, range, order); response.setCollectionResponse(range, entities.getList().size(), entities.getRowCount()); HyperExpressBindHelper.bindPaginationTokens(range, entities.getRowCount()); addTokenBinder(); return entities.getList(); } private void addTokenBinder() { // Bind the resources in the collection with link URL tokens, etc. here... HyperExpress.tokenBinder(new TokenBinder<UserAuthorization>() { @Override public void bind(UserAuthorization entity, TokenResolver resolver) { resolver.bind(Constants.Url.USER_AUTHORIZATION_ID, entity.getId().toString()) .bind(Constants.Url.AUTHORIZATION_NAME, entity.getAuthorization().getName()) .bind(Constants.Url.USER_UUID, entity.getUser().getUuid()) .bind(Constants.Url.USER_ID, entity.getUser().getId().toString()); } }); } public void update(Request request, Response response) { String userUuid = request.getHeader(Constants.Url.USER_UUID, "No User UUID supplied"); String authorizationName = request.getHeader(Constants.Url.AUTHORIZATION_NAME, "No Authorization Name supplied"); UserAuthorization dbUserAuthorization = userAuthorizationBo.findUserAuthorization(userUuid, authorizationName); if (dbUserAuthorization == null) { response.setResponseStatus(HttpResponseStatus.NOT_FOUND); return; } UserAuthorization userAuthorizationPermissions = request.getBodyAs(UserAuthorization.class, "UserAuthorization with permissions details not provided"); dbUserAuthorization.copy(userAuthorizationPermissions); userAuthorizationBo.store(dbUserAuthorization); response.setResponseNoContent(); } public void delete(Request request, Response response) { String userUuid = request.getHeader(Constants.Url.USER_UUID, "No User UUID supplied"); String authorizationName = request.getHeader(Constants.Url.AUTHORIZATION_NAME, "No Authorization Name supplied"); userAuthorizationBo.delete(userUuid, authorizationName); response.setResponseNoContent(); } private void validateAndThrow(String userUuid, String authorizationName) { List<String> errors = new ArrayList<>(); User user = userBo.getUser(userUuid); if (user == null) { errors.add("User with UUID " + userUuid + " not found."); } Authorization authorization = authorizationBo.findAuthorization(authorizationName); if (authorization == null) { errors.add("Authorization with name " + authorizationName + " not found."); } UserAuthorization userAuthorization = userAuthorizationBo.findUserAuthorization(userUuid, authorizationName); if (userAuthorization != null) { errors.add("Authorization " + authorizationName + " already attached to user " + userUuid + "."); } if (!errors.isEmpty()) { throw new ValidationException(errors); } } }