Java tutorial
/* * Copyright 2012 SURFnet bv, The Netherlands * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ package org.surfnet.oaaas.resource.resourceserver; import java.net.URI; import java.util.Collections; import java.util.List; import javax.inject.Inject; import javax.inject.Named; import javax.servlet.http.HttpServletRequest; import javax.validation.Valid; import javax.ws.rs.DELETE; import javax.ws.rs.GET; import javax.ws.rs.POST; import javax.ws.rs.PUT; import javax.ws.rs.Path; import javax.ws.rs.PathParam; import javax.ws.rs.Produces; import javax.ws.rs.core.Context; import javax.ws.rs.core.MediaType; import javax.ws.rs.core.Response; import javax.ws.rs.core.UriBuilder; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.transaction.annotation.Transactional; import org.surfnet.oaaas.model.ResourceOwner; import org.surfnet.oaaas.repository.ResourceOwnerRepository; /** * JAX-RS Resource for resource owners. */ @Named @Path("/resourceOwner") @Produces(MediaType.APPLICATION_JSON) @Transactional public class ResourceOwnerResource extends AbstractResource { private static final Logger LOG = LoggerFactory.getLogger(ResourceOwnerResource.class); @Inject private ResourceOwnerRepository resourceOwnerRepository; /** * Get all existing resource owners for the provided credentials (== owner) or in case of an adminPrincipal we return all resource servers. */ @GET public Response getAll(@Context HttpServletRequest request) { Response validateScopeResponse = validateScope(request, Collections.singletonList(AbstractResource.SCOPE_READ)); if (validateScopeResponse != null) { return validateScopeResponse; } List<ResourceOwner> resourceOwners = getAllResourceOwners(request); return Response.ok(resourceOwners).build(); } /** * Get one resource owner. */ @GET @Path("/{resourceOwnerId}") public Response getById(@Context HttpServletRequest request, @PathParam("resourceOwnerId") Long id) { Response validateScopeResponse = validateScope(request, Collections.singletonList(AbstractResource.SCOPE_READ)); if (validateScopeResponse != null) { return validateScopeResponse; } return response(getResourceOwner(request, id)); } /** * Save a new resource owner. */ @PUT public Response put(@Context HttpServletRequest request, @Valid ResourceOwner newOne) { Response validateScopeResponse = validateScope(request, Collections.singletonList(AbstractResource.SCOPE_WRITE)); if (validateScopeResponse != null) { return validateScopeResponse; } ResourceOwner resourceOwnerSaved; try { //we run transactional modus, so any constraint violations only occur after the commit of the transaction (to late...) validate(newOne); resourceOwnerSaved = resourceOwnerRepository.save(newOne); } catch (Exception e) { return buildErrorResponse(e); } LOG.debug("New resourceOwner has been saved: {}. ", resourceOwnerSaved); final URI uri = UriBuilder.fromPath("{resourceServerId}.json").build(resourceOwnerSaved.getId()); return Response.created(uri).entity(resourceOwnerSaved).build(); } /** * Delete an existing resource owner. */ @DELETE @Path("/{resourceOwnerId}") public Response delete(@Context HttpServletRequest request, @PathParam("resourceOwnerId") Long id) { Response validateScopeResponse = validateScope(request, Collections.singletonList(AbstractResource.SCOPE_WRITE)); if (validateScopeResponse != null) { return validateScopeResponse; } ResourceOwner resourceOwner = getResourceOwner(request, id); if (resourceOwner == null) { return Response.status(Response.Status.NOT_FOUND).build(); } LOG.debug("About to delete resourceServer {}", id); resourceOwnerRepository.delete(id); return Response.noContent().build(); } /** * Update an existing resource server. */ @POST @Path("/{resourceOwnerId}") public Response post(@Valid final ResourceOwner resourceOwner, @Context HttpServletRequest request, @PathParam("resourceServerId") Long id) { Response validateScopeResponse = validateScope(request, Collections.singletonList(AbstractResource.SCOPE_WRITE)); if (validateScopeResponse != null) { return validateScopeResponse; } ResourceOwner persistedResourceOwner = getResourceOwner(request, id); if (persistedResourceOwner == null) { return Response.status(Response.Status.NOT_FOUND).build(); } LOG.debug("About to update existing resourceOwner {} with new properties: {}", persistedResourceOwner, resourceOwner); ResourceOwner savedInstance; try { //we run transactional modus, so any constraint violations only occur after the commit of the transaction (to late...) validate(resourceOwner); savedInstance = resourceOwnerRepository.save(resourceOwner); } catch (Exception e) { return buildErrorResponse(e); } return Response.ok(savedInstance).build(); } private ResourceOwner getResourceOwner(HttpServletRequest request, Long id) { ResourceOwner resourceOwner; if (isAdminPrincipal(request)) { resourceOwner = resourceOwnerRepository.findOne(id); } else { String owner = getUserId(request); resourceOwner = resourceOwnerRepository.findByUsername(owner); if (resourceOwner != null && resourceOwner.getId() != id) { resourceOwner = null; } } LOG.debug("About to return one resourceServer with id {}: {}", id, resourceOwner); return resourceOwner; } private List<ResourceOwner> getAllResourceOwners(HttpServletRequest request) { List<ResourceOwner> resourceOwners; if (isAdminPrincipal(request)) { resourceOwners = addAll(resourceOwnerRepository.findAll().iterator()); LOG.debug("About to return all resource owners ({}) for adminPrincipal", resourceOwners.size()); } else { String owner = getUserId(request); ResourceOwner resourceOwner = resourceOwnerRepository.findByUsername(owner); if (resourceOwner == null) { resourceOwners = Collections.emptyList(); } else { resourceOwners = Collections.singletonList(resourceOwner); } LOG.debug("About to return all resource owners ({}) for owner {}", resourceOwners.size(), owner); } return resourceOwners; } }