View Javadoc
1   /*
2    * Copyright (c) 2002-2017, Mairie de Paris
3    * All rights reserved.
4    *
5    * Redistribution and use in source and binary forms, with or without
6    * modification, are permitted provided that the following conditions
7    * are met:
8    *
9    *  1. Redistributions of source code must retain the above copyright notice
10   *     and the following disclaimer.
11   *
12   *  2. Redistributions in binary form must reproduce the above copyright notice
13   *     and the following disclaimer in the documentation and/or other materials
14   *     provided with the distribution.
15   *
16   *  3. Neither the name of 'Mairie de Paris' nor 'Lutece' nor the names of its
17   *     contributors may be used to endorse or promote products derived from
18   *     this software without specific prior written permission.
19   *
20   * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
21   * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22   * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23   * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE
24   * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
25   * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
26   * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
27   * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
28   * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
29   * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
30   * POSSIBILITY OF SUCH DAMAGE.
31   *
32   * License 1.0
33   */
34  package fr.paris.lutece.plugins.apilocannonces.rs;
35  
36  import java.io.IOException;
37  import java.util.Set;
38  
39  import javax.inject.Inject;
40  import javax.ws.rs.Consumes;
41  import javax.ws.rs.DELETE;
42  import javax.ws.rs.GET;
43  import javax.ws.rs.HeaderParam;
44  import javax.ws.rs.PUT;
45  import javax.ws.rs.Path;
46  import javax.ws.rs.PathParam;
47  import javax.ws.rs.Produces;
48  import javax.ws.rs.core.Context;
49  import javax.ws.rs.core.HttpHeaders;
50  import javax.ws.rs.core.MediaType;
51  import javax.ws.rs.core.Response;
52  import javax.ws.rs.core.Response.Status;
53  import javax.ws.rs.core.UriInfo;
54  
55  import org.codehaus.jackson.map.ObjectMapper;
56  import org.springframework.transaction.annotation.Transactional;
57  
58  import fr.paris.lutece.plugins.apilocannonces.business.ElementConfort;
59  import fr.paris.lutece.plugins.apilocannonces.business.Profil;
60  import fr.paris.lutece.plugins.apilocannonces.business.Role;
61  import fr.paris.lutece.plugins.apilocannonces.business.RoleId;
62  import fr.paris.lutece.plugins.apilocannonces.business.User;
63  import fr.paris.lutece.plugins.apilocannonces.service.IElementConfortService;
64  import fr.paris.lutece.plugins.apilocannonces.service.IUserService;
65  import fr.paris.lutece.plugins.rest.service.RestConstants;
66  
67  /**
68   * ElemenConfort queries handling
69   */
70  @Path( RestConstants.BASE_PATH + Constants.API_PATH + Constants.VERSION_PATH + Constants.REFERENCE_PATH
71          + "/elementdeconfort" )
72  @Produces( MediaType.APPLICATION_JSON )
73  @Transactional
74  public class ElementConfortRest
75  {
76      @Inject
77      private IElementConfortService _service;
78  
79      @Inject
80      private IUserService _userService;
81  
82      @Inject
83      private ObjectMapper _mapper;
84  
85      @Context
86      private UriInfo _uriInfo;
87  
88      /**
89       * List of ElementConfort
90       * 
91       * @param version
92       *            API Version
93       * @return List of ElementConfort
94       * @throws IOException
95       *             in case of error
96       */
97      @GET
98      public Response getList( @PathParam( Constants.VERSION ) Integer version ) throws IOException
99      {
100         return Response.ok( _mapper.writeValueAsString( _service.findAll( ) ) ).build( );
101     }
102 
103     /**
104      * Acces to an ElementConfort
105      * 
106      * @param version
107      *            API Version
108      * @param id
109      *            id of teh ElementConfort
110      * @return the ElementConfort
111      */
112     @GET
113     @Path( Constants.ID_PATH )
114     public Response get( @PathParam( Constants.VERSION ) Integer version, @PathParam( Constants.ID ) String id )
115     {
116         if ( id == null || id.isEmpty( ) )
117         {
118             return Response.status( Status.BAD_REQUEST ).entity( "No ID provided" ).type( MediaType.TEXT_PLAIN )
119                     .build( );
120         }
121         ElementConfort elt = _service.findById( id );
122         if ( elt == null )
123         {
124             return Response.status( Response.Status.NOT_FOUND ).entity( "No entity with id " + id )
125                     .type( MediaType.TEXT_PLAIN ).build( );
126         }
127         return Response.ok( elt ).build( );
128     }
129 
130     /**
131      * Creation or modification of ElementConfort
132      * 
133      * @param version
134      *            API version
135      * @param key
136      *            api key
137      * @param id
138      *            identifier of the ElementConfort
139      * @param elt
140      *            content of the ElementConfort
141      * @return the response
142      */
143     @PUT
144     @Path( Constants.ID_PATH )
145     @Consumes( MediaType.APPLICATION_JSON )
146     public Response put( @PathParam( Constants.VERSION ) Integer version,
147             @HeaderParam( HttpHeaders.AUTHORIZATION ) String key, @PathParam( Constants.ID ) String id,
148             ElementConfort elt )
149     {
150         if ( key == null )
151         {
152             return Response.status( Status.UNAUTHORIZED )
153                     .entity( "Clef non fournie dans l'entĂȘte " + HttpHeaders.AUTHORIZATION )
154                     .type( MediaType.TEXT_PLAIN ).build( );
155         }
156         if ( !checkUserRole( key, RoleId.config ) )
157         {
158             return Response.status( Status.FORBIDDEN ).entity( "Droits insuffisants" ).type( MediaType.TEXT_PLAIN )
159                     .build( );
160         }
161         if ( id == null || id.isEmpty( ) )
162         {
163             return Response.status( Status.BAD_REQUEST ).entity( "No ID provided" ).type( MediaType.TEXT_PLAIN )
164                     .build( );
165         }
166         if ( !id.equals( elt.getId( ) ) )
167         {
168             return Response.status( Status.BAD_REQUEST ).entity( "Entity URL and content do not match" )
169                     .type( MediaType.TEXT_PLAIN ).build( );
170         }
171         ElementConfort stored = _service.findById( elt.getId( ) );
172         if ( stored == null )
173         {
174             _service.create( elt );
175             return Response.created( _uriInfo.getBaseUriBuilder( ).path( ElementConfortRest.class )
176                     .path( ElementConfortRest.class, "get" ).build( version, elt.getId( ) ) ).build( );
177         }
178         _service.update( elt );
179         return Response.ok( elt ).build( );
180     }
181 
182     /**
183      * Deletion of ElementConfort
184      * 
185      * @param version
186      *            API version
187      * @param key
188      *            api key
189      * @param id
190      *            id of the ElementConfort
191      * @return the response
192      */
193     @DELETE
194     @Path( Constants.ID_PATH )
195     public Response delete( @PathParam( Constants.VERSION ) Integer version,
196             @HeaderParam( HttpHeaders.AUTHORIZATION ) String key, @PathParam( Constants.ID ) String id )
197     {
198         if ( key == null )
199         {
200             return Response.status( Status.UNAUTHORIZED )
201                     .entity( "Clef non fournie dans l'entĂȘte " + HttpHeaders.AUTHORIZATION )
202                     .type( MediaType.TEXT_PLAIN ).build( );
203         }
204         if ( !checkUserRole( key, RoleId.config ) )
205         {
206             return Response.status( Status.FORBIDDEN ).entity( "Droits insuffisants" ).type( MediaType.TEXT_PLAIN )
207                     .build( );
208         }
209         if ( id == null || id.isEmpty( ) )
210         {
211             return Response.status( Status.BAD_REQUEST ).entity( "No ID provided" ).type( MediaType.TEXT_PLAIN )
212                     .build( );
213         }
214         ElementConfort stored = _service.findById( id );
215         if ( stored == null )
216         {
217             return Response.status( Status.NOT_FOUND ).build( );
218         }
219         _service.remove( id );
220         return Response.ok( "Entity with ID " + id + " deleted" ).type( MediaType.TEXT_PLAIN ).build( );
221     }
222 
223     /**
224      * User role check
225      * 
226      * @param key
227      *            api key
228      * @param roleId
229      *            role identifier
230      * @return <code>true</code> if the user exists and has role with id
231      *         <code>roleId</code>
232      */
233     private boolean checkUserRole( String key, RoleId roleId )
234     {
235         if ( key == null )
236         {
237             throw new NullPointerException( "key should not be null" );
238         }
239         User user = _userService.getUser( key );
240         if ( user == null )
241         {
242             return false;
243         }
244         Profil profil = user.getProfil( );
245         if ( profil == null )
246         {
247             return false;
248         }
249         Set< Role > roles = profil.getRoles( );
250         for ( Role role : roles )
251         {
252             if ( role.getId( ).equals( roleId ) )
253             {
254                 return true;
255             }
256         }
257         return false;
258     }
259 
260 }