Java tutorial
/******************************************************************************* * Educational Online Test Delivery System * Copyright (c) 2013 American Institutes for Research * * Distributed under the AIR Open Source License, Version 1.0 * See accompanying file AIR-License-1_0.txt or at * http://www.smarterapp.org/documents/American_Institutes_for_Research_Open_Source_Software_License.pdf ******************************************************************************/ package org.opentestsystem.authoring.testauth.rest; import java.util.ArrayList; import java.util.List; import java.util.Locale; import java.util.Map.Entry; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.validation.Valid; import org.apache.commons.lang.StringUtils; import org.opentestsystem.authoring.testauth.domain.PublishingRecord; import org.opentestsystem.authoring.testauth.domain.PublishingStatus; import org.opentestsystem.authoring.testauth.service.PublishingRecordService; import org.opentestsystem.shared.exception.LocalizedException; import org.opentestsystem.shared.search.domain.SearchResponse; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.MessageSource; import org.springframework.http.HttpHeaders; import org.springframework.http.HttpStatus; import org.springframework.http.MediaType; import org.springframework.http.ResponseEntity; import org.springframework.security.access.annotation.Secured; import org.springframework.security.access.prepost.PostAuthorize; import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.stereotype.Controller; import org.springframework.web.bind.annotation.PathVariable; import org.springframework.web.bind.annotation.RequestBody; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMethod; import org.springframework.web.bind.annotation.RequestParam; import org.springframework.web.bind.annotation.ResponseBody; import org.springframework.web.bind.annotation.ResponseStatus; import com.google.common.collect.Lists; @Controller public class PublishingRecordController { @Autowired private PublishingRecordService publishingRecordService; @Autowired private MessageSource messageSource; @RequestMapping(value = "/publishingRecord/{publishingRecordId}", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_VALUE) @Secured({ "ROLE_Test Read" }) @PostAuthorize("hasPermission(returnObject, 'ROLE_Test Read')") @ResponseBody public PublishingRecord findPublishingRecordById(@PathVariable final String publishingRecordId) { return this.publishingRecordService.getPublishingRecord(publishingRecordId); } @ResponseStatus(HttpStatus.OK) @RequestMapping(value = "/publishingRecord/{publishingRecordId}", method = RequestMethod.PUT, consumes = MediaType.APPLICATION_JSON_VALUE, produces = MediaType.APPLICATION_JSON_VALUE) @Secured({ "ROLE_Approval Modify" }) @PreAuthorize("hasPermission(#publishingRecord, 'ROLE_Test Modify')") @ResponseBody public PublishingRecord savePublishingRecord(@PathVariable final String publishingRecordId, @RequestBody @Valid final PublishingRecord publishingRecord, @RequestParam(required = false) final String incrementNextMajor, final HttpServletResponse response) { return this.publishingRecordService.savePublishingRecord(publishingRecord, Boolean.valueOf(incrementNextMajor)); } @RequestMapping(value = "/publishingRecord/current/{assessmentId}", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_VALUE) @Secured({ "ROLE_Test Modify" }) @PostAuthorize("hasPermission(returnObject, 'ROLE_Test Read')") @ResponseBody public PublishingRecord findLatestPublishingRecordByAssessmentId(@PathVariable final String assessmentId) { return this.publishingRecordService.retrieveCurrentPublishingRecord(assessmentId); } @RequestMapping(value = "/publishingRecord/checkPublishingValidity/{assessmentId}", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_VALUE) @Secured({ "ROLE_Test Modify" }) @PostAuthorize("hasPermission(returnObject, 'ROLE_Test Read')") @ResponseBody public PublishingRecord checkPublishingValidityPublishingRecordByAssessmentId( @PathVariable final String assessmentId) { return this.publishingRecordService.retrievePublishingRecordWithAllowablePurposes(assessmentId); } @RequestMapping(value = "/publishingRecord", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_VALUE) @Secured({ "ROLE_Test Read" }) @PostAuthorize("hasPermission(returnObject, 'ROLE_Test Read')") @ResponseBody public SearchResponse<PublishingRecord> searchPublishingRecord(final HttpServletRequest request, final HttpServletResponse response) { return this.publishingRecordService.searchPublishingRecords(request.getParameterMap()); } @ResponseStatus(HttpStatus.OK) @RequestMapping(value = "/publishingRecord/publishingStatusTypes", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_VALUE) @Secured({ "ROLE_Test Read" }) // NOTE: there is intentionally no @PreAuthorize annotation...types are untennanted @ResponseBody public List<String> getPublishingStatusTypes() { ArrayList<String> pubStats = Lists.newArrayList(); for (PublishingStatus status : PublishingStatus.values()) { pubStats.add(status.toString()); } return pubStats; } @RequestMapping(value = "/publishingRecord/{publishingRecordId}/simulate", method = RequestMethod.GET, params = { "purpose" }) @Secured({ "ROLE_Test Read" }) // NOTE: intentionally no @Preauthorize public ResponseEntity<byte[]> runSimulation(@PathVariable final String publishingRecordId, @RequestParam(required = true) final String purpose, final HttpServletResponse response) { try { final Entry<String, byte[]> specFile = this.publishingRecordService.simulate(publishingRecordId, purpose); final HttpHeaders responseHeaders = buildResponseHeaders(specFile.getValue().length, specFile.getKey()); return new ResponseEntity<byte[]>(specFile.getValue(), responseHeaders, HttpStatus.OK); } catch (final LocalizedException e) { String messageText = "Simulation XML could not be generated"; final String retrievedMessageText = this.messageSource.getMessage(e.getMessageCode(), e.getMessageArgs(), Locale.US); messageText = messageText + (StringUtils.isNotBlank(retrievedMessageText) && !StringUtils.equals(retrievedMessageText, e.getMessageCode()) ? ": " + retrievedMessageText : ""); return new ResponseEntity<byte[]>(messageText.getBytes(), new HttpHeaders(), HttpStatus.BAD_REQUEST); } } private HttpHeaders buildResponseHeaders(final int contentLength, final String filename) { final HttpHeaders responseHeaders = new HttpHeaders(); responseHeaders.clear(); responseHeaders.add(org.apache.http.HttpHeaders.CONTENT_TYPE, MediaType.APPLICATION_XML_VALUE); responseHeaders.setPragma("public"); responseHeaders.setCacheControl("no-store, must-revalidate"); responseHeaders.setExpires(Long.valueOf("-1")); responseHeaders.setContentDispositionFormData("inline", filename); responseHeaders.setContentLength(contentLength); responseHeaders.add(org.apache.http.HttpHeaders.ACCEPT_RANGES, "bytes"); return responseHeaders; } }