Commit 9689164e authored by michael.simon's avatar michael.simon
Browse files

Start refactoring Rest interfaces

parent 3a7726a5
......@@ -12,6 +12,7 @@ package edu.kit.scc.webreg.rest;
import java.io.IOException;
import java.text.SimpleDateFormat;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
......@@ -35,12 +36,14 @@ import edu.kit.scc.webreg.entity.RegistryStatus;
import edu.kit.scc.webreg.entity.ServiceEntity;
import edu.kit.scc.webreg.entity.UserEntity;
import edu.kit.scc.webreg.exc.UserUpdateException;
import edu.kit.scc.webreg.rest.dto.AttributeQueryResponse;
import edu.kit.scc.webreg.rest.dto.RestError;
import edu.kit.scc.webreg.rest.exc.LoginFailedException;
import edu.kit.scc.webreg.rest.exc.NoItemFoundException;
import edu.kit.scc.webreg.rest.exc.NoRegistryFoundException;
import edu.kit.scc.webreg.rest.exc.NoServiceFoundException;
import edu.kit.scc.webreg.rest.exc.NoUserFoundException;
import edu.kit.scc.webreg.rest.exc.RestInterfaceException;
import edu.kit.scc.webreg.rest.exc.UserUpdateFailedException;
import edu.kit.scc.webreg.service.RegistryService;
import edu.kit.scc.webreg.service.ServiceService;
import edu.kit.scc.webreg.service.UserService;
......@@ -73,7 +76,7 @@ public class AttributeQueryController {
public Map<String, String> attributeQuery(@PathParam("eppn") String eppn,
@PathParam("service") String serviceShortName)
throws IOException, ServletException, RestInterfaceException {
return attributeQueryIntern(eppn, serviceShortName);
return attributeQueryInternJSON(eppn, serviceShortName);
}
@GET
......@@ -88,25 +91,155 @@ public class AttributeQueryController {
throw new NoRegistryFoundException("No such registry");
}
return attributeQueryIntern(registry.getUser().getEppn(), registry.getService().getShortName());
return attributeQueryInternJSON(registry.getUser().getEppn(), registry.getService().getShortName());
}
@GET
@Path("/eppn-xml/{service}/{eppn}")
@Produces(MediaType.APPLICATION_XML)
public AttributeQueryResponse attributeQueryXML(@PathParam("eppn") String eppn,
@PathParam("service") String serviceShortName)
throws IOException, ServletException, RestInterfaceException {
return attributeQueryInternXML(eppn, serviceShortName);
}
private Map<String, String> attributeQueryIntern(String eppn, String serviceShortName)
@GET
@Path("/regid-xml/{regid}")
@Produces(MediaType.APPLICATION_XML)
public AttributeQueryResponse attributeQueryXML(@PathParam("regid") Long regId)
throws IOException, ServletException, RestInterfaceException {
RegistryEntity registry = registryService.findById(regId);
ServiceEntity service = serviceService.findByShortName(serviceShortName);
service = serviceService.findByIdWithServiceProps(service.getId());
if (registry == null) {
logger.info("No registry found for id {}", regId);
throw new NoRegistryFoundException("No such registry");
}
return attributeQueryInternXML(registry.getUser().getEppn(), registry.getService().getShortName());
}
private AttributeQueryResponse attributeQueryInternXML(String eppn, String serviceShortName) {
AttributeQueryResponse response = new AttributeQueryResponse();
ServiceEntity service = findService(eppn, serviceShortName);
if (service == null) {
generateFailXml(response, 400, "attribute query failed", "no-such-service", "Service does not exist");
return response;
}
UserEntity user = findUser(eppn);
if (user == null) {
generateFailXml(response, 400, "attribute query failed", "no-such-user", "User does not exist");
return response;
}
try {
updateUser(user, service);
} catch (UserUpdateFailedException e) {
generateFailXml(response, 400, "attribute query failed", "user-update-failed", "User update failed: " + e.getMessage());
return response;
}
RegistryEntity registry = findRegistry(user, service);
if (registry == null) {
generateFailXml(response, 400, "attribute query failed", "no-registry-found", "User is not registered for service");
return response;
}
List<Object> objectList = checkRules(user, service, registry);
List<OverrideAccess> overrideAccessList = extractOverideAccess(objectList);
List<UnauthorizedUser> unauthorizedUserList = extractUnauthorizedUser(objectList);
if (unauthorizedUserList.size() == 0 || overrideAccessList.size() > 0) {
response.setCode(200);
response.setMessage("success");
}
else {
response.setCode(405);
response.setMessage("rules failed");
for (UnauthorizedUser uu : unauthorizedUserList) {
addXmlError(response, uu.getMessage(), "");
}
}
return response;
}
private Map<String, String> attributeQueryInternJSON(String eppn, String serviceShortName)
throws RestInterfaceException {
ServiceEntity service = findService(eppn, serviceShortName);
if (service == null)
throw new NoServiceFoundException("No such service");
UserEntity user = userService.findByEppn(eppn);
UserEntity user = findUser(eppn);
if (user == null)
throw new NoUserFoundException("No such user");
updateUser(user, service);
RegistryEntity registry = findRegistry(user, service);
if (registry == null)
throw new NoRegistryFoundException("No such registry");
user = userService.findByIdWithStore(user.getId());
List<Object> objectList = checkRules(user, service, registry);
StringBuilder sb = new StringBuilder();
for (Object o : objectList) {
if (o instanceof OverrideAccess) {
objectList.clear();
sb.setLength(0);
logger.debug("Removing requirements due to OverrideAccess");
break;
}
else if (o instanceof UnauthorizedUser) {
String s = ((UnauthorizedUser) o).getMessage();
sb.append(s);
sb.append("\n");
}
}
if (sb.length() > 0) {
throw new LoginFailedException("user not allowd for service\n" + sb.toString());
}
SimpleDateFormat df = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss.SSS");
Map<String, String> map = new HashMap<String, String>();
map.put("eppn", user.getEppn());
map.put("email", user.getEmail());
map.put("last_update", df.format(user.getLastUpdate()));
return map;
}
private ServiceEntity findService(String eppn, String serviceShortName) {
ServiceEntity service = serviceService.findByShortName(serviceShortName);
if (service != null) {
service = serviceService.findByIdWithServiceProps(service.getId());
}
return service;
}
private UserEntity findUser(String eppn) {
UserEntity user = userService.findByEppn(eppn);
if (user != null) {
user = userService.findByIdWithStore(user.getId());
}
return user;
}
private void updateUser(UserEntity user, ServiceEntity service) throws UserUpdateFailedException {
// Default expiry Time after which an attrq is issued to IDP in millis
Long expireTime = 10000L;
......@@ -127,9 +260,11 @@ public class AttributeQueryController {
}
} catch (UserUpdateException e) {
logger.warn("Could not update user {}: {}", e.getMessage(), user.getEppn());
throw new NoItemFoundException("user update failed: " + e.getMessage());
}
throw new UserUpdateFailedException("user update failed: " + e.getMessage());
}
}
private RegistryEntity findRegistry(UserEntity user, ServiceEntity service) {
RegistryEntity registry = registryService.findByServiceAndUserAndStatus(service, user, RegistryStatus.ACTIVE);
if (registry == null) {
......@@ -137,12 +272,12 @@ public class AttributeQueryController {
* Also check for Lost_access registries. They should also be allowed to be rechecked.
*/
registry = registryService.findByServiceAndUserAndStatus(service, user, RegistryStatus.LOST_ACCESS);
if (registry == null) {
throw new NoRegistryFoundException("No such registry");
}
}
return registry;
}
private List<Object> checkRules(UserEntity user, ServiceEntity service, RegistryEntity registry) {
List<Object> objectList;
if (service.getAccessRule() == null) {
......@@ -160,32 +295,46 @@ public class AttributeQueryController {
}
}
StringBuilder sb = new StringBuilder();
return objectList;
}
private void generateFailXml(AttributeQueryResponse response, int code, String message, String error, String errorDetail) {
response.setCode(code);
response.setMessage(message);
addXmlError(response, error, errorDetail);
}
private void addXmlError(AttributeQueryResponse response, String error, String errorDetail) {
if (response.getErrorList() == null)
response.setErrorList(new ArrayList<RestError>());
RestError restError = new RestError();
restError.setErrorShort(error);
restError.setErrorDetail(errorDetail);
response.getErrorList().add(restError);
}
private List<OverrideAccess> extractOverideAccess(List<Object> objectList) {
List<OverrideAccess> returnList = new ArrayList<OverrideAccess>();
for (Object o : objectList) {
if (o instanceof OverrideAccess) {
objectList.clear();
sb.setLength(0);
logger.debug("Removing requirements due to OverrideAccess");
break;
}
else if (o instanceof UnauthorizedUser) {
String s = ((UnauthorizedUser) o).getMessage();
sb.append(s);
sb.append("\n");
returnList.add((OverrideAccess) o);
}
}
return returnList;
}
if (sb.length() > 0) {
throw new LoginFailedException("user not allowd for service\n" + sb.toString());
private List<UnauthorizedUser> extractUnauthorizedUser(List<Object> objectList) {
List<UnauthorizedUser> returnList = new ArrayList<UnauthorizedUser>();
for (Object o : objectList) {
if (o instanceof UnauthorizedUser) {
returnList.add((UnauthorizedUser) o);
}
}
SimpleDateFormat df = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss.SSS");
Map<String, String> map = new HashMap<String, String>();
map.put("eppn", user.getEppn());
map.put("email", user.getEmail());
map.put("last_update", df.format(user.getLastUpdate()));
return map;
return returnList;
}
}
package edu.kit.scc.webreg.rest.dto;
import java.util.List;
import javax.xml.bind.annotation.XmlElement;
import javax.xml.bind.annotation.XmlRootElement;
@XmlRootElement(name="attrq-response")
public class AttributeQueryResponse {
@XmlElement(name = "code")
private int code;
@XmlElement(name = "message")
private String message;
@XmlElement(name = "error")
private List<RestError> errorList;
public List<RestError> getErrorList() {
return errorList;
}
public void setErrorList(List<RestError> errorList) {
this.errorList = errorList;
}
public int getCode() {
return code;
}
public void setCode(int code) {
this.code = code;
}
public String getMessage() {
return message;
}
public void setMessage(String message) {
this.message = message;
}
}
package edu.kit.scc.webreg.rest.dto;
import javax.xml.bind.annotation.XmlElement;
public class RestError {
@XmlElement(name="short")
private String errorShort;
@XmlElement(name="detail")
private String errorDetail;
public String getErrorShort() {
return errorShort;
}
public void setErrorShort(String errorShort) {
this.errorShort = errorShort;
}
public String getErrorDetail() {
return errorDetail;
}
public void setErrorDetail(String errorDetail) {
this.errorDetail = errorDetail;
}
}
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment