1
|
package eu.dnetlib.openaire.rest;
|
2
|
|
3
|
import com.google.gson.*;
|
4
|
import eu.dnetlib.api.enabling.ISLookUpService;
|
5
|
import eu.dnetlib.api.enabling.ISLookUpServiceException;
|
6
|
import eu.dnetlib.data.claims.migration.ClaimValidationException;
|
7
|
import eu.dnetlib.data.claims.migration.entity.Claim;
|
8
|
import eu.dnetlib.data.claims.migration.handler.ClaimHandler;
|
9
|
import eu.dnetlib.data.claims.migration.handler.DirectIndexHandler;
|
10
|
import eu.dnetlib.data.claims.migration.handler.FetchClaimHandler;
|
11
|
import eu.dnetlib.data.claims.migration.handler.FetchProjectHandler;
|
12
|
import eu.dnetlib.data.claimsDemo.SQLStoreException;
|
13
|
import gr.uoa.di.driver.util.ServiceLocator;
|
14
|
import org.apache.commons.validator.EmailValidator;
|
15
|
import org.apache.log4j.Logger;
|
16
|
import org.json.XML;
|
17
|
import org.springframework.beans.factory.annotation.Autowired;
|
18
|
import org.springframework.stereotype.Controller;
|
19
|
import org.springframework.web.bind.annotation.RequestMapping;
|
20
|
import org.springframework.web.bind.annotation.RequestMethod;
|
21
|
|
22
|
import javax.annotation.Resource;
|
23
|
import javax.servlet.http.HttpServletRequest;
|
24
|
import javax.servlet.http.HttpServletResponse;
|
25
|
import javax.ws.rs.*;
|
26
|
import javax.ws.rs.core.Context;
|
27
|
import javax.ws.rs.core.MediaType;
|
28
|
import javax.ws.rs.core.Response;
|
29
|
import java.io.IOException;
|
30
|
import java.io.PrintWriter;
|
31
|
import java.util.ArrayList;
|
32
|
import java.util.List;
|
33
|
|
34
|
/**
|
35
|
* Created by kiatrop on 15/4/2016.
|
36
|
*/
|
37
|
@Controller
|
38
|
public class HelloWorldService {
|
39
|
|
40
|
private static final Logger logger = Logger.getLogger(HelloWorldService.class);
|
41
|
|
42
|
@Autowired
|
43
|
private FetchClaimHandler fetchClaimHandler = null;
|
44
|
|
45
|
@Autowired
|
46
|
private FetchProjectHandler fetchProjectHandler= null;
|
47
|
|
48
|
@Resource
|
49
|
private ServiceLocator<ISLookUpService> lookupServiceLocator = null;
|
50
|
|
51
|
@Autowired
|
52
|
private ClaimHandler claimHandler = null;
|
53
|
|
54
|
@Autowired
|
55
|
private DirectIndexHandler directIndexHandler = null;
|
56
|
|
57
|
@Autowired
|
58
|
public Authorization authorization = null;
|
59
|
|
60
|
|
61
|
@GET
|
62
|
@Path("projects/{projectId}/claims")
|
63
|
@Produces(MediaType.APPLICATION_JSON)
|
64
|
public Response getProjectClaims(@PathParam("projectId") String projectId,
|
65
|
@DefaultValue("0") @QueryParam("offset") int offset,
|
66
|
@DefaultValue("20") @QueryParam("limit") int limit,
|
67
|
@DefaultValue("") @QueryParam("keyword") String keyword,
|
68
|
@DefaultValue("") @QueryParam("sortby") String orderby,
|
69
|
@DefaultValue("true") @QueryParam("descending") boolean descending,
|
70
|
@DefaultValue("") @QueryParam("types") String types,
|
71
|
@HeaderParam("X-XSRF-TOKEN") String token,
|
72
|
@CookieParam("AccessToken") String cookie,
|
73
|
@Context HttpServletRequest request) {
|
74
|
logger.debug("header \"X-XSRF-TOKEN\" has value " + token);
|
75
|
logger.debug("cookie \"AccessToken\" has value " + cookie);
|
76
|
|
77
|
if(token == null || token.isEmpty() || cookie == null || cookie.isEmpty() || !cookie.equals(token)){
|
78
|
return Response.status(Response.Status.FORBIDDEN).entity(compose403Message("Forbidden: You don't have permission to access. Maybe you are not registered."))
|
79
|
.type(MediaType.APPLICATION_JSON)
|
80
|
.build();
|
81
|
}
|
82
|
|
83
|
if(authorization.isAdmin(token)) {
|
84
|
|
85
|
int total = -1;
|
86
|
|
87
|
if (projectId == null || projectId.isEmpty()) {
|
88
|
return Response.status(Response.Status.BAD_REQUEST).entity(compose400Message("Project id cannot be empty."))
|
89
|
.type(MediaType.APPLICATION_JSON).build();
|
90
|
}
|
91
|
|
92
|
List<Claim> claims = null;
|
93
|
List<String> listTypes = new ArrayList<String>();
|
94
|
String[] types_array = types.split(",");
|
95
|
for (int i = 0; i < types_array.length; i++) {
|
96
|
if (types_array[i].length() > 0) {
|
97
|
listTypes.add(types_array[i]);
|
98
|
}
|
99
|
}
|
100
|
try {
|
101
|
claims = fetchClaimHandler.fetchClaimsByProject(projectId, limit, offset, keyword, orderby, descending, listTypes,false);
|
102
|
total = fetchClaimHandler.countClaimsByProject(projectId, keyword, listTypes);
|
103
|
|
104
|
} catch (SQLStoreException|Exception e) { //TODO check this with exception
|
105
|
logger.error("Could not fetch claims for project with id " + projectId, e);
|
106
|
return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(compose500Message("Fail to fetch claims" +
|
107
|
" for projects with id " + projectId + ".", e)).type(MediaType.APPLICATION_JSON).build();
|
108
|
|
109
|
}
|
110
|
|
111
|
return Response.status(200).entity(composeDataResponse(request, claims, total, offset, limit)).build();
|
112
|
}
|
113
|
|
114
|
return Response.status(Response.Status.FORBIDDEN).entity(compose403Message("Forbidden: You don't have permission to access"))
|
115
|
.type(MediaType.APPLICATION_JSON)
|
116
|
.build();
|
117
|
}
|
118
|
|
119
|
@GET
|
120
|
@Path("project/claims")
|
121
|
@Produces(MediaType.APPLICATION_JSON)
|
122
|
public Response getProjectClaimsByToken(@QueryParam("projectToken") String projectToken,
|
123
|
@DefaultValue("-1") @QueryParam("offset") int offset,
|
124
|
@DefaultValue("-1") @QueryParam("limit") int limit,
|
125
|
@DefaultValue("") @QueryParam("keyword") String keyword,
|
126
|
@DefaultValue("") @QueryParam("sortby") String orderby,
|
127
|
@DefaultValue("true") @QueryParam("descending") boolean descending,
|
128
|
@DefaultValue("") @QueryParam("types") String types,
|
129
|
@HeaderParam("X-XSRF-TOKEN") String token,
|
130
|
@CookieParam("AccessToken") String cookie,
|
131
|
@Context HttpServletRequest request) {
|
132
|
logger.debug("header \"X-XSRF-TOKEN\" has value " + token);
|
133
|
logger.debug("cookie \"AccessToken\" has value " + cookie);
|
134
|
|
135
|
if(token == null || token.isEmpty() || cookie == null || cookie.isEmpty() || !cookie.equals(token)){
|
136
|
return Response.status(Response.Status.FORBIDDEN).entity(compose403Message("Forbidden: You don't have permission to access. Maybe you are not registered."))
|
137
|
.type(MediaType.APPLICATION_JSON)
|
138
|
.build();
|
139
|
}
|
140
|
|
141
|
UserInfo userInfo = authorization.getUserHandler().getUserInfo(token);
|
142
|
if(authorization.isProjectCurator(userInfo)) {
|
143
|
String userMail = userInfo.getEmail();
|
144
|
|
145
|
int total = -1;
|
146
|
|
147
|
if (projectToken == null || projectToken.isEmpty()) {
|
148
|
return Response.status(Response.Status.BAD_REQUEST).entity(compose400Message("Project token cannot be empty."))
|
149
|
.type(MediaType.APPLICATION_JSON).build();
|
150
|
}
|
151
|
|
152
|
List<Claim> claims = null;
|
153
|
List<String> listTypes = new ArrayList<String>();
|
154
|
String[] types_array = types.split(",");
|
155
|
for (int i = 0; i < types_array.length; i++) {
|
156
|
if (types_array[i].length() > 0) {
|
157
|
listTypes.add(types_array[i]);
|
158
|
}
|
159
|
}
|
160
|
try {
|
161
|
String projectId = fetchProjectHandler.fetchProjectIdByToken(projectToken,userMail);
|
162
|
if(projectId == null){
|
163
|
return Response.status(Response.Status.FORBIDDEN).entity(compose403Message("Forbidden: You don't have permission to access"))
|
164
|
.type(MediaType.APPLICATION_JSON)
|
165
|
.build();
|
166
|
}else{
|
167
|
if(offset == -1 && limit == -1) {
|
168
|
// when offset and limit are -1 fetch claims with null values, to ignore paging and limit clause
|
169
|
claims = fetchClaimHandler.fetchClaimsByProject(projectId, null, null, keyword, orderby, descending, listTypes, true);
|
170
|
} else {
|
171
|
claims = fetchClaimHandler.fetchClaimsByProject(projectId, limit, offset, keyword, orderby, descending, listTypes, true);
|
172
|
}
|
173
|
total = fetchClaimHandler.countClaimsByProject(projectId, keyword, listTypes);
|
174
|
|
175
|
return Response.status(200).entity(composeDataResponse(request, claims, total, offset, limit)).build();
|
176
|
}
|
177
|
|
178
|
} catch (SQLStoreException|Exception e) {
|
179
|
logger.error("Could not fetch claims for project token " + projectToken, e);
|
180
|
return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(compose500Message("Fail to fetch claims" +
|
181
|
" for projects with token " + projectToken + ".", e)).type(MediaType.APPLICATION_JSON).build();
|
182
|
}
|
183
|
}
|
184
|
|
185
|
return Response.status(Response.Status.FORBIDDEN).entity(compose403Message("Forbidden: You don't have permission to access"))
|
186
|
.type(MediaType.APPLICATION_JSON)
|
187
|
.build();
|
188
|
}
|
189
|
@GET
|
190
|
@Path("/contexts/{contextId}/claims")
|
191
|
@Produces(MediaType.APPLICATION_JSON)
|
192
|
public Response getContextClaims(@PathParam("contextId") String contextId,
|
193
|
@DefaultValue("0") @QueryParam("offset") int offset,
|
194
|
@DefaultValue("20") @QueryParam("limit") int limit,
|
195
|
@DefaultValue("") @QueryParam("keyword") String keyword,
|
196
|
@DefaultValue("") @QueryParam("sortby") String orderby,
|
197
|
@DefaultValue("true") @QueryParam("descending") boolean descending,
|
198
|
@DefaultValue("") @QueryParam("types") String types,
|
199
|
@HeaderParam("X-XSRF-TOKEN") String token,
|
200
|
@CookieParam("AccessToken") String cookie,
|
201
|
@Context HttpServletRequest request) {
|
202
|
logger.debug("header \"X-XSRF-TOKEN\" has value " + token);
|
203
|
logger.debug("cookie \"AccessToken\" has value " + cookie);
|
204
|
|
205
|
if(token == null || token.isEmpty() || cookie == null || cookie.isEmpty() || !cookie.equals(token)){
|
206
|
return Response.status(Response.Status.FORBIDDEN).entity(compose403Message("Forbidden: You don't have permission to access. Maybe you are not registered."))
|
207
|
.type(MediaType.APPLICATION_JSON)
|
208
|
.build();
|
209
|
}
|
210
|
logger.debug("Calling API for context with token " + token);
|
211
|
|
212
|
if(authorization.isAdmin(token)) {
|
213
|
|
214
|
int total = -1;
|
215
|
if (contextId == null || contextId.isEmpty()) {
|
216
|
return Response.status(Response.Status.BAD_REQUEST).entity(compose400Message("Context id cannot be empty."))
|
217
|
.type(MediaType.APPLICATION_JSON).build();
|
218
|
}
|
219
|
|
220
|
List<Claim> claims = null;
|
221
|
List<String> listTypes = new ArrayList<String>();
|
222
|
String[] types_array = types.split(",");
|
223
|
for (int i = 0; i < types_array.length; i++) {
|
224
|
if (types_array[i].length() > 0) {
|
225
|
listTypes.add(types_array[i]);
|
226
|
}
|
227
|
}
|
228
|
try {
|
229
|
claims = fetchClaimHandler.fetchClaimsByContext(contextId, limit, offset, keyword, orderby, descending, listTypes,false);
|
230
|
total = fetchClaimHandler.countClaimsByContext(contextId, keyword, listTypes);
|
231
|
|
232
|
} catch (SQLStoreException|Exception e) {
|
233
|
logger.error("Could not fetch claims for context with id " + contextId, e);
|
234
|
return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(compose500Message("Fail to fetch claims" +
|
235
|
" for context with id " + contextId + ".", e)).type(MediaType.APPLICATION_JSON).build();
|
236
|
}
|
237
|
|
238
|
return Response.status(200).entity(composeDataResponse(request, claims, total, offset, limit)).build();
|
239
|
}
|
240
|
|
241
|
return Response.status(Response.Status.FORBIDDEN).entity(compose403Message("Forbidden: You don't have permission to access"))
|
242
|
.type(MediaType.APPLICATION_JSON)
|
243
|
.build();
|
244
|
}
|
245
|
|
246
|
|
247
|
@GET
|
248
|
@Path("/results/{resultId}/claims")
|
249
|
@Produces(MediaType.APPLICATION_JSON)
|
250
|
public Response getResultClaims(@PathParam("resultId") String resultId,
|
251
|
@DefaultValue("0") @QueryParam("offset") int offset,
|
252
|
@DefaultValue("20") @QueryParam("limit") int limit,
|
253
|
@DefaultValue("") @QueryParam("keyword") String keyword,
|
254
|
@DefaultValue("") @QueryParam("sortby") String orderby,
|
255
|
@DefaultValue("true") @QueryParam("descending") boolean descending,
|
256
|
@DefaultValue("") @QueryParam("types") String types,
|
257
|
@HeaderParam("X-XSRF-TOKEN") String token,
|
258
|
@CookieParam("AccessToken") String cookie,
|
259
|
@Context HttpServletRequest request) {
|
260
|
logger.debug("header \"X-XSRF-TOKEN\" has value " + token);
|
261
|
logger.debug("cookie \"AccessToken\" has value " + cookie);
|
262
|
|
263
|
//OIDCAuthenticationToken authentication = (OIDCAuthenticationToken) SecurityContextHolder.getContext().getAuthentication();
|
264
|
//@PreAuthorize @PostAuthorize @see SPEL expressions
|
265
|
|
266
|
if(token == null || token.isEmpty() || cookie == null || cookie.isEmpty() || !cookie.equals(token)){
|
267
|
return Response.status(Response.Status.FORBIDDEN).entity(compose403Message("Forbidden: You don't have permission to access. Maybe you are not registered."))
|
268
|
.type(MediaType.APPLICATION_JSON)
|
269
|
.build();
|
270
|
}
|
271
|
|
272
|
if(authorization.isAdmin(token)) {
|
273
|
|
274
|
int total = -1;
|
275
|
if (resultId == null || resultId.isEmpty()) {
|
276
|
return Response.status(Response.Status.BAD_REQUEST).entity(compose400Message("Context id cannot be empty."))
|
277
|
.type(MediaType.APPLICATION_JSON).build();
|
278
|
}
|
279
|
|
280
|
List<Claim> claims = null;
|
281
|
List<String> listTypes = new ArrayList<String>();
|
282
|
String[] types_array = types.split(",");
|
283
|
for (int i = 0; i < types_array.length; i++) {
|
284
|
if (types_array[i].length() > 0) {
|
285
|
listTypes.add(types_array[i]);
|
286
|
}
|
287
|
}
|
288
|
|
289
|
try {
|
290
|
claims = fetchClaimHandler.fetchClaimsByResult(resultId, limit, offset, keyword, orderby, descending, listTypes,false);
|
291
|
total = fetchClaimHandler.countClaimsByResult(resultId, keyword, listTypes);
|
292
|
|
293
|
} catch (SQLStoreException|Exception e) {
|
294
|
logger.error("Could not fetch claims for result with id " + resultId, e);
|
295
|
return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(compose500Message("Fail to fetch claims" +
|
296
|
" for result with id " + resultId + ".", e)).type(MediaType.APPLICATION_JSON).build();
|
297
|
}
|
298
|
|
299
|
return Response.status(200).entity(composeDataResponse(request, claims, total, offset, limit)).build();
|
300
|
}
|
301
|
|
302
|
return Response.status(Response.Status.FORBIDDEN).entity(compose403Message("Forbidden: You don't have permission to access"))
|
303
|
.type(MediaType.APPLICATION_JSON)
|
304
|
.build();
|
305
|
}
|
306
|
|
307
|
|
308
|
@GET
|
309
|
@Path("/users/claims")
|
310
|
@Produces(MediaType.APPLICATION_JSON)
|
311
|
public Response getUserClaims(@DefaultValue("0") @QueryParam("offset") int offset,
|
312
|
@DefaultValue("20") @QueryParam("limit") int limit,
|
313
|
@DefaultValue("") @QueryParam("keyword") String keyword,
|
314
|
@DefaultValue("") @QueryParam("sortby") String orderby,
|
315
|
@DefaultValue("true") @QueryParam("descending") boolean descending,
|
316
|
@DefaultValue("") @QueryParam("types") String types,
|
317
|
@HeaderParam("X-XSRF-TOKEN") String token,
|
318
|
@CookieParam("AccessToken") String cookie,
|
319
|
@Context HttpServletRequest request) {
|
320
|
logger.debug("header \"X-XSRF-TOKEN\" has value " + token);
|
321
|
logger.debug("cookie \"AccessToken\" has value " + cookie);
|
322
|
|
323
|
if(token == null || token.isEmpty() || cookie == null || cookie.isEmpty() || !cookie.equals(token)){
|
324
|
return Response.status(Response.Status.FORBIDDEN).entity(compose403Message("Forbidden: You don't have permission to access. Maybe you are not registered."))
|
325
|
.type(MediaType.APPLICATION_JSON)
|
326
|
.build();
|
327
|
}
|
328
|
|
329
|
UserInfo userInfo = authorization.getUserHandler().getUserInfo(token);
|
330
|
if(authorization.isRegistered(userInfo)) {
|
331
|
String userMail = userInfo.getEmail();
|
332
|
logger.debug("User is registerd " );
|
333
|
int total = -1;
|
334
|
EmailValidator emailValidator = EmailValidator.getInstance();
|
335
|
|
336
|
if (userMail == null || userMail.isEmpty()) {
|
337
|
return Response.status(Response.Status.BAD_REQUEST).entity(compose400Message("User e-mail cannot be empty."))
|
338
|
.type(MediaType.APPLICATION_JSON).build();
|
339
|
}
|
340
|
|
341
|
if (!emailValidator.isValid(userMail)) {
|
342
|
return Response.status(Response.Status.BAD_REQUEST).entity(compose400Message("User e-mail is not valid."))
|
343
|
.type(MediaType.APPLICATION_JSON).build();
|
344
|
}
|
345
|
|
346
|
List<Claim> claims = null;
|
347
|
List<String> listTypes = new ArrayList<String>();
|
348
|
String[] types_array = types.split(",");
|
349
|
for (int i = 0; i < types_array.length; i++) {
|
350
|
if (types_array[i].length() > 0) {
|
351
|
listTypes.add(types_array[i]);
|
352
|
}
|
353
|
}
|
354
|
try {
|
355
|
logger.debug("About to fetch claims" );
|
356
|
claims = fetchClaimHandler.fetchClaimsByUser(userMail, limit, offset, keyword, orderby, descending, listTypes,false);
|
357
|
total = fetchClaimHandler.countClaimsByUser(userMail, keyword, listTypes);
|
358
|
|
359
|
} catch (SQLStoreException|Exception e) {
|
360
|
logger.error("Could not fetch claims for user with mail " + userMail, e);
|
361
|
return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(compose500Message("Fail to fetch claims" +
|
362
|
" for user with e-mail " + userMail + ".", e)).type(MediaType.APPLICATION_JSON).build();
|
363
|
}
|
364
|
|
365
|
return Response.status(200).entity(composeDataResponse(request, claims, total, offset, limit)).build();
|
366
|
}
|
367
|
logger.debug("User is *NOT* registerd " );
|
368
|
return Response.status(Response.Status.FORBIDDEN).entity(compose403Message("Forbidden: You don't have permission to access. You are not registered."))
|
369
|
.type(MediaType.APPLICATION_JSON)
|
370
|
.build();
|
371
|
}
|
372
|
|
373
|
@GET
|
374
|
@Path("/claims/{claimId}")
|
375
|
@Produces(MediaType.APPLICATION_JSON)
|
376
|
public Response getClaimsById(@PathParam("claimId") String claimId,
|
377
|
@DefaultValue("0") @QueryParam("offset") int offset,
|
378
|
@DefaultValue("20") @QueryParam("limit") int limit,
|
379
|
@HeaderParam("X-XSRF-TOKEN") String token,
|
380
|
@CookieParam("AccessToken") String cookie,
|
381
|
@Context HttpServletRequest request) {
|
382
|
logger.debug("header \"X-XSRF-TOKEN\" has value " + token);
|
383
|
logger.debug("cookie \"AccessToken\" has value " + cookie);
|
384
|
|
385
|
if(token == null || token.isEmpty() || cookie == null || cookie.isEmpty() || !cookie.equals(token)){
|
386
|
return Response.status(Response.Status.FORBIDDEN).entity(compose403Message("Forbidden: You don't have permission to access. Maybe you are not registered."))
|
387
|
.type(MediaType.APPLICATION_JSON)
|
388
|
.build();
|
389
|
}
|
390
|
|
391
|
if(authorization.isRegistered(token)) {
|
392
|
|
393
|
List<Claim> claims = null;
|
394
|
|
395
|
int total = -1;
|
396
|
if (claimId == null || claimId.isEmpty()) {
|
397
|
try {
|
398
|
claims = fetchClaimHandler.fetchAllClaims(limit, offset,false);
|
399
|
total = fetchClaimHandler.countAllClaims("", new ArrayList<String>());
|
400
|
|
401
|
return Response.status(200).entity(composeDataResponse(request, claims, total, offset, limit)).type(MediaType.APPLICATION_JSON).build();
|
402
|
|
403
|
} catch (SQLStoreException|Exception e) {
|
404
|
logger.error("Could not fetch claims.", e);
|
405
|
return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(compose500Message("Fail to fetch claims.", e))
|
406
|
.type(MediaType.APPLICATION_JSON).build();
|
407
|
}
|
408
|
}
|
409
|
|
410
|
try {
|
411
|
Claim claim = fetchClaimHandler.fetchClaimById(claimId,false);
|
412
|
if (claim == null) {
|
413
|
return Response.status(Response.Status.NOT_FOUND).entity(compose404Message("Cannot find claim with id " + claimId + "."))
|
414
|
.type(MediaType.APPLICATION_JSON).build();
|
415
|
}
|
416
|
|
417
|
return Response.status(200).entity(composeDataResponse(claim)).build();
|
418
|
|
419
|
} catch (SQLStoreException|Exception e) {
|
420
|
return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(compose500Message("Fail to fetch claim " +
|
421
|
"with id " + claimId + " id.", e)).type(MediaType.APPLICATION_JSON).build();
|
422
|
}
|
423
|
}
|
424
|
return Response.status(Response.Status.FORBIDDEN).entity(compose403Message("Forbidden: You don't have permission to access. You are not registered."))
|
425
|
.type(MediaType.APPLICATION_JSON)
|
426
|
.build();
|
427
|
}
|
428
|
|
429
|
@RequestMapping(value = "/claims", method = RequestMethod.GET)
|
430
|
public void getClaims(HttpServletRequest request, HttpServletResponse response) {
|
431
|
PrintWriter writer = null;
|
432
|
|
433
|
try {
|
434
|
writer = response.getWriter();
|
435
|
writer.append("Hello! I am not using jersey");
|
436
|
writer.flush();
|
437
|
|
438
|
} catch (IOException e) {
|
439
|
logger.error(e);
|
440
|
}
|
441
|
|
442
|
}
|
443
|
|
444
|
@GET
|
445
|
@Path("/claims")
|
446
|
@Produces(MediaType.APPLICATION_JSON)
|
447
|
public Response getAllClaims(@DefaultValue("0") @QueryParam("offset") int offset,
|
448
|
@DefaultValue("20") @QueryParam("limit") int limit,
|
449
|
@DefaultValue("") @QueryParam("keyword") String keyword,
|
450
|
@DefaultValue("date") @QueryParam("sortby") String orderby,
|
451
|
@DefaultValue("true") @QueryParam("descending") boolean descending,
|
452
|
@DefaultValue("") @QueryParam("types") String types,
|
453
|
@HeaderParam("X-XSRF-TOKEN") String token,
|
454
|
@HeaderParam("Origin") String origin,
|
455
|
@CookieParam("AccessToken") String cookie,
|
456
|
@Context HttpServletRequest request) {
|
457
|
|
458
|
logger.debug("header \"X-XSRF-TOKEN\" has value " + token);
|
459
|
logger.debug("cookie \"AccessToken\" has value " + cookie);
|
460
|
logger.debug("Header \"Origin\" has value " + origin);
|
461
|
|
462
|
|
463
|
|
464
|
if(token == null || token.isEmpty() || cookie == null || cookie.isEmpty() || !cookie.equals(token)){
|
465
|
logger.debug("User is not authorized - Eroor 403");
|
466
|
|
467
|
return Response.status(Response.Status.FORBIDDEN).entity(compose403Message("Forbidden: You don't have permission to access. Maybe you are not registered."))
|
468
|
.type(MediaType.APPLICATION_JSON)
|
469
|
.build();
|
470
|
}
|
471
|
|
472
|
if(authorization.isAdmin(token)) {
|
473
|
logger.debug("User is authorized ! !");
|
474
|
List<Claim> claims = null;
|
475
|
List<String> listTypes = new ArrayList<String>();
|
476
|
String[] types_array = types.split(",");
|
477
|
for (int i = 0; i < types_array.length; i++) {
|
478
|
if (types_array[i].length() > 0) {
|
479
|
listTypes.add(types_array[i]);
|
480
|
}
|
481
|
}
|
482
|
logger.debug("Types: " + listTypes.toString());
|
483
|
|
484
|
int total = -1;
|
485
|
try {
|
486
|
claims = fetchClaimHandler.fetchAllClaims(limit, offset, keyword, orderby, descending, listTypes,false);
|
487
|
total = fetchClaimHandler.countAllClaims(keyword, listTypes);
|
488
|
|
489
|
return Response.status(200).entity(composeDataResponse(request, claims, total, offset, limit)).build();
|
490
|
|
491
|
} catch (SQLStoreException|Exception e) {
|
492
|
logger.error("Could not fetch claims.", e);
|
493
|
return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(compose500Message("Fail to fetch claims.", e))
|
494
|
.type(MediaType.APPLICATION_JSON).build();
|
495
|
}
|
496
|
}
|
497
|
|
498
|
return Response.status(Response.Status.FORBIDDEN).entity(compose403Message("Forbidden: You don't have permission to access"))
|
499
|
.type(MediaType.APPLICATION_JSON)
|
500
|
.build();
|
501
|
}
|
502
|
|
503
|
//ARGIRO TODO: Na thn tsekarw
|
504
|
// @POST
|
505
|
// @Path("/claims/{claimId}")
|
506
|
// @Produces(MediaType.APPLICATION_JSON)
|
507
|
// public Response deleteClaim(@PathParam("claimId") String claimId,
|
508
|
// @QueryParam("token") String token) {
|
509
|
//
|
510
|
// if(!JWTValidator.isValid(token)) {
|
511
|
// return Response.status(Response.Status.UNAUTHORIZED).entity(compose404Message("Not valid Token"))
|
512
|
// .type(MediaType.APPLICATION_JSON)
|
513
|
// .build();
|
514
|
// }
|
515
|
// try {
|
516
|
//
|
517
|
// if (authorization.isRegistered(token) && (authorization.getUserHandler().getMail(token).equals(fetchClaimHandler.fetchClaimById(claimId).getUserMail()))) {
|
518
|
// if (claimId == null || claimId.isEmpty()) {
|
519
|
// return Response.status(Response.Status.NOT_FOUND).entity(compose404Message("Claim id cannot be empty."))
|
520
|
// .type(MediaType.APPLICATION_JSON).build();
|
521
|
// }
|
522
|
//
|
523
|
// try {
|
524
|
// if (claimHandler.deleteClaim(claimId)) {
|
525
|
// return Response.status(204).entity(compose204Message()).type(MediaType.APPLICATION_JSON).build();
|
526
|
// }
|
527
|
//
|
528
|
// } catch (Exception e) {
|
529
|
// logger.error("Fail to delete claim with id " + claimId + ".", e);
|
530
|
// return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(compose500Message("Fail to delete claim with id " + claimId + ".", e))
|
531
|
// .type(MediaType.APPLICATION_JSON).build();
|
532
|
// }
|
533
|
//
|
534
|
// return Response.status(Response.Status.NOT_FOUND).entity(compose404Message("Claim id cannot be empty."))
|
535
|
// .type(MediaType.APPLICATION_JSON).build();
|
536
|
// }
|
537
|
//
|
538
|
// return Response.status(Response.Status.FORBIDDEN).entity(compose403Message("Forbidden: You don't have permission to access. Maybe you are not registered."))
|
539
|
// .type(MediaType.APPLICATION_JSON)
|
540
|
// .build();
|
541
|
//
|
542
|
// } catch (Exception e) {
|
543
|
// logger.error("Could not fetch claims.", e);
|
544
|
// return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(compose500Message("Fail to fetch claims.", e))
|
545
|
// .type(MediaType.APPLICATION_JSON).build();
|
546
|
// }
|
547
|
// }
|
548
|
/*
|
549
|
|
550
|
@DELETE
|
551
|
@Path("/claims/{claimId}")
|
552
|
public Response deleteClaim(@PathParam("claimId") String claimId) {
|
553
|
|
554
|
if (claimId == null || claimId.isEmpty()) {
|
555
|
return Response.status(Response.Status.NOT_FOUND).entity(compose404Message("Claim id cannot be empty.")).header("Access-Control-Allow-Origin", "*")
|
556
|
.header("Access-Control-Allow-Methods", "DELETE")
|
557
|
.type(MediaType.APPLICATION_JSON).build();
|
558
|
}
|
559
|
|
560
|
try {
|
561
|
if(claimHandler.deleteClaim(claimId)) {
|
562
|
return Response.status(204).entity(compose204Message()).header("Access-Control-Allow-Origin", "*")
|
563
|
.header("Access-Control-Allow-Methods", "DELETE").type(MediaType.APPLICATION_JSON).build();
|
564
|
}
|
565
|
|
566
|
} catch (Exception e) {return Response.status(Response.Status.UNAUTHORIZED).entity(compose404Message("Not valid Token"))
|
567
|
.type(MediaType.APPLICATION_JSON)
|
568
|
.build();
|
569
|
logger.error("Fail to delete claim with id " + claimId + ".", e);
|
570
|
return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(compose500Message("Fail to delete claim with id " + claimId +".", e))
|
571
|
.header("Access-Control-Allow-Origin", "*")
|
572
|
.header("Access-Control-Allow-Methods", "DELETE")
|
573
|
.type(MediaType.APPLICATION_JSON).build();
|
574
|
}
|
575
|
|
576
|
return Response.status(Response.Status.NOT_FOUND).entity(compose404Message("Claim id cannot be empty.")).header("Access-Control-Allow-Origin", "*")
|
577
|
.header("Access-Control-Allow-Methods", "DELETE")
|
578
|
.type(MediaType.APPLICATION_JSON).build();
|
579
|
}
|
580
|
*/
|
581
|
@DELETE
|
582
|
@Path("/claims/bulk")
|
583
|
@Produces(MediaType.APPLICATION_JSON)
|
584
|
public Response deleteBulkClaims(@QueryParam("claimId") List<String> claimIds,
|
585
|
@HeaderParam("X-XSRF-TOKEN") String token,
|
586
|
@HeaderParam("Origin") String origin,
|
587
|
@CookieParam("AccessToken") String cookie){
|
588
|
|
589
|
logger.debug("header \"X-XSRF-TOKEN\" has value " + token);
|
590
|
logger.debug("cookie \"AccessToken\" has value " + cookie);
|
591
|
|
592
|
if(token == null || token.isEmpty() || cookie == null || cookie.isEmpty() || !cookie.equals(token)|| !authorization.hasValidOrigin(origin)){
|
593
|
return Response.status(Response.Status.FORBIDDEN).entity(compose403Message("Forbidden: You don't have permission to access. Maybe you are not registered."))
|
594
|
.type(MediaType.APPLICATION_JSON)
|
595
|
.build();
|
596
|
}
|
597
|
|
598
|
|
599
|
ArrayList<String> deletedIds= new ArrayList<String>();
|
600
|
ArrayList<String> notFoundIds= new ArrayList<String>();
|
601
|
|
602
|
if (claimIds == null || claimIds.size() == 0) {
|
603
|
return Response.status(Response.Status.NOT_FOUND).entity(compose404BulkDeleteMessage("Claim ids cannot be empty.",deletedIds,notFoundIds))
|
604
|
.type(MediaType.APPLICATION_JSON).build();
|
605
|
}
|
606
|
|
607
|
logger.debug("Trying to delete claims with ids: " + claimIds.toString() + ".");
|
608
|
UserInfo userInfo = authorization.getUserHandler().getUserInfo(token);
|
609
|
for (String claimId : claimIds) {
|
610
|
try {
|
611
|
|
612
|
if (authorization.isRegistered(userInfo)) {
|
613
|
if (authorization.isAdmin(userInfo) || userInfo.getEmail().equals(fetchClaimHandler.fetchClaimById(claimId,false).getUserMail())) {
|
614
|
if (claimHandler.deleteClaim(claimId)) {
|
615
|
deletedIds.add(claimId);
|
616
|
} else {
|
617
|
notFoundIds.add(claimId);
|
618
|
}
|
619
|
} else {
|
620
|
return Response.status(Response.Status.FORBIDDEN).entity(compose403Message("Forbidden: You don't have permission to delete."))
|
621
|
.type(MediaType.APPLICATION_JSON)
|
622
|
.build();
|
623
|
}
|
624
|
} else {
|
625
|
return Response.status(Response.Status.FORBIDDEN).entity(compose403Message("Forbidden: You don't have permission to access. Maybe you are not registered."))
|
626
|
.type(MediaType.APPLICATION_JSON)
|
627
|
.build();
|
628
|
}
|
629
|
} catch (SQLStoreException|Exception e) {
|
630
|
logger.error("Fail to delete claim with id " + claimId + ".", e);
|
631
|
notFoundIds.add(claimId);
|
632
|
}
|
633
|
}
|
634
|
logger.debug("Successfully deleted " + deletedIds.size() + " from " + claimIds.size() +". Deleted claims with ids: " + deletedIds.toString() + ".");
|
635
|
if (claimIds.size() == notFoundIds.size()) {
|
636
|
return Response.status(Response.Status.NOT_FOUND).entity(compose404BulkDeleteMessage("Claim ids cannot be empty.",deletedIds,notFoundIds))
|
637
|
.type(MediaType.APPLICATION_JSON).build();
|
638
|
} else if (claimIds.size() == notFoundIds.size()) {
|
639
|
return Response.status(204).entity(compose204BulkDeleteMessage(deletedIds,notFoundIds)).type(MediaType.APPLICATION_JSON).build();
|
640
|
} else {
|
641
|
return Response.status(204).entity(compose204BulkDeleteMessage(deletedIds,notFoundIds)).type(MediaType.APPLICATION_JSON).build();
|
642
|
}
|
643
|
}
|
644
|
|
645
|
@POST
|
646
|
@Path("/claims")
|
647
|
@Produces(MediaType.APPLICATION_JSON)
|
648
|
@Consumes(MediaType.APPLICATION_JSON)
|
649
|
public Response addClaim(String input, @Context HttpServletRequest request,
|
650
|
@HeaderParam("X-XSRF-TOKEN") String token,
|
651
|
@HeaderParam("Origin") String origin,
|
652
|
@CookieParam("AccessToken") String cookie) {
|
653
|
logger.debug("header \"X-XSRF-TOKEN\" has value " + token);
|
654
|
logger.debug("cookie \"AccessToken\" has value " + cookie);
|
655
|
|
656
|
if(token == null || token.isEmpty() || cookie == null || cookie.isEmpty() || !cookie.equals(token) || !authorization.hasValidOrigin(origin)){
|
657
|
return Response.status(Response.Status.FORBIDDEN).entity(compose403Message("Forbidden: You don't have permission to access. Maybe you are not registered."))
|
658
|
.type(MediaType.APPLICATION_JSON)
|
659
|
.build();
|
660
|
}
|
661
|
|
662
|
UserInfo userInfo = authorization.getUserHandler().getUserInfo(token);
|
663
|
if(authorization.isRegistered(userInfo)) {
|
664
|
JsonObject jsonObject = new JsonParser().parse(input).getAsJsonObject();
|
665
|
|
666
|
String claimedBy = userInfo.getEmail();
|
667
|
logger.info("claimedBy " + claimedBy);
|
668
|
|
669
|
String sourceId = jsonObject.get("sourceId").getAsString();
|
670
|
logger.info("sourceId " + sourceId);
|
671
|
String sourceType = jsonObject.get("sourceType").getAsString();
|
672
|
logger.info("sourceType " + sourceType);
|
673
|
String sourceCollectedFrom = jsonObject.get("sourceCollectedFrom").getAsString();
|
674
|
logger.info("sourceCollectedFrom " + sourceCollectedFrom);
|
675
|
String sourceAccessRights = jsonObject.get("sourceAccessRights").getAsString();
|
676
|
logger.info("sourceAccessRights " + sourceAccessRights);
|
677
|
String sourceEmbargoEndDate = jsonObject.get("sourceEmbargoEndDate").getAsString();
|
678
|
sourceEmbargoEndDate = (sourceEmbargoEndDate != null && sourceEmbargoEndDate.equals("")) ? null : sourceEmbargoEndDate;
|
679
|
logger.info("sourceEmbargoEndDate " + sourceEmbargoEndDate);
|
680
|
|
681
|
String targetId = jsonObject.get("targetId").getAsString();
|
682
|
logger.info("targetId " + targetId);
|
683
|
String targetType = jsonObject.get("targetType").getAsString();
|
684
|
logger.info("targetType " + targetType);
|
685
|
String targetCollectedFrom = jsonObject.get("targetCollectedFrom").getAsString();
|
686
|
logger.info("targetCollectedFrom " + targetCollectedFrom);
|
687
|
String targetAccessRights = jsonObject.get("targetAccessRights").getAsString();
|
688
|
logger.info("targetAccessRights " + targetAccessRights);
|
689
|
String targetEmbargoEndDate = jsonObject.get("targetEmbargoEndDate").getAsString();
|
690
|
targetEmbargoEndDate = (targetEmbargoEndDate != null && targetEmbargoEndDate.equals("")) ? null : targetEmbargoEndDate;
|
691
|
logger.info("targetEmbargoEndDate " + targetEmbargoEndDate);
|
692
|
|
693
|
EmailValidator emailValidator = EmailValidator.getInstance();
|
694
|
if (!emailValidator.isValid(claimedBy)) {
|
695
|
return Response.status(Response.Status.BAD_REQUEST).entity(compose400Message("User e-mail is invalid."))
|
696
|
.type(MediaType.APPLICATION_JSON).build();
|
697
|
}
|
698
|
|
699
|
|
700
|
try {
|
701
|
String claimId = claimHandler.buildAndInsertClaim(claimedBy, sourceType, sourceId, sourceCollectedFrom, sourceAccessRights, sourceEmbargoEndDate, targetType, targetId, targetCollectedFrom, targetAccessRights, targetEmbargoEndDate);
|
702
|
return Response.status(200).entity(compose201PostMessage(request, claimId)).type(MediaType.APPLICATION_JSON).build();
|
703
|
|
704
|
} catch (ClaimValidationException ve) {
|
705
|
return Response.status(Response.Status.BAD_REQUEST).entity(compose400Message("The given ids are wrong.", ve))
|
706
|
.type(MediaType.APPLICATION_JSON).build();
|
707
|
|
708
|
} catch (SQLStoreException|Exception e) {
|
709
|
logger.error("Fail to add new claim.", e);
|
710
|
return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(compose500Message("Fail to add new claim.", e))
|
711
|
.type(MediaType.APPLICATION_JSON).build();
|
712
|
}
|
713
|
}
|
714
|
return Response.status(Response.Status.FORBIDDEN).entity(compose403Message("Forbidden: You don't have permission to access."))
|
715
|
.type(MediaType.APPLICATION_JSON)
|
716
|
.build();
|
717
|
}
|
718
|
|
719
|
@POST
|
720
|
@Path("/claims/bulk")
|
721
|
@Produces(MediaType.APPLICATION_JSON)
|
722
|
@Consumes(MediaType.APPLICATION_JSON)
|
723
|
public Response addBulkClaims(String input, @Context HttpServletRequest request,
|
724
|
@HeaderParam("X-XSRF-TOKEN") String token,
|
725
|
@HeaderParam("Origin") String origin,
|
726
|
@CookieParam("AccessToken") String cookie) {
|
727
|
logger.debug("header \"X-XSRF-TOKEN\" has value " + token);
|
728
|
logger.debug("cookie \"AccessToken\" has value " + cookie);
|
729
|
|
730
|
if(token == null || token.isEmpty() || cookie == null || cookie.isEmpty() || !cookie.equals(token)|| !authorization.hasValidOrigin(origin)){
|
731
|
return Response.status(Response.Status.FORBIDDEN).entity(compose403Message("Forbidden: You don't have permission to access. Maybe you are not registered."))
|
732
|
.type(MediaType.APPLICATION_JSON)
|
733
|
.build();
|
734
|
}
|
735
|
|
736
|
UserInfo userInfo = authorization.getUserHandler().getUserInfo(token);
|
737
|
if(authorization.isRegistered(userInfo)) {
|
738
|
ArrayList<String> insertedIds = new ArrayList<String>();
|
739
|
JsonArray errorInClaims = new JsonArray();
|
740
|
|
741
|
int code200 = 0;
|
742
|
int code400 = 0;
|
743
|
int code500 = 0;
|
744
|
|
745
|
JsonArray jsonArray = new JsonParser().parse(input).getAsJsonArray();
|
746
|
for (JsonElement je : jsonArray) {
|
747
|
JsonObject jsonObject = je.getAsJsonObject();
|
748
|
|
749
|
logger.info("targetId " + jsonObject.toString());
|
750
|
String claimedBy = userInfo.getEmail();
|
751
|
logger.info("claimedBy " + claimedBy);
|
752
|
|
753
|
String sourceId = jsonObject.get("sourceId").getAsString();
|
754
|
logger.info("sourceId " + sourceId);
|
755
|
String sourceType = jsonObject.get("sourceType").getAsString();
|
756
|
logger.info("sourceType " + sourceType);
|
757
|
String sourceCollectedFrom = jsonObject.get("sourceCollectedFrom").getAsString();
|
758
|
logger.info("sourceCollectedFrom " + sourceCollectedFrom);
|
759
|
String sourceAccessRights = jsonObject.get("sourceAccessRights").getAsString();
|
760
|
logger.info("sourceAccessRights " + sourceAccessRights);
|
761
|
String sourceEmbargoEndDate = jsonObject.get("sourceEmbargoEndDate").getAsString();
|
762
|
sourceEmbargoEndDate = (sourceEmbargoEndDate != null && sourceEmbargoEndDate.equals("")) ? null : sourceEmbargoEndDate;
|
763
|
logger.info("sourceEmbargoEndDate " + sourceEmbargoEndDate);
|
764
|
|
765
|
String targetId = jsonObject.get("targetId").getAsString();
|
766
|
logger.info("targetId " + targetId);
|
767
|
String targetType = jsonObject.get("targetType").getAsString();
|
768
|
logger.info("targetType " + targetType);
|
769
|
String targetCollectedFrom = jsonObject.get("targetCollectedFrom").getAsString();
|
770
|
logger.info("targetCollectedFrom " + targetCollectedFrom);
|
771
|
String targetAccessRights = jsonObject.get("targetAccessRights").getAsString();
|
772
|
logger.info("targetAccessRights " + targetAccessRights);
|
773
|
String targetEmbargoEndDate = jsonObject.get("targetEmbargoEndDate").getAsString();
|
774
|
targetEmbargoEndDate = (targetEmbargoEndDate != null && targetEmbargoEndDate.equals("")) ? null : targetEmbargoEndDate;
|
775
|
logger.info("targetEmbargoEndDate " + targetEmbargoEndDate);
|
776
|
|
777
|
EmailValidator emailValidator = EmailValidator.getInstance();
|
778
|
if (!emailValidator.isValid(claimedBy)) {
|
779
|
jsonObject.addProperty("error", "user");
|
780
|
// return Response.status(Response.Status.BAD_REQUEST).entity(compose400Message("User e-mail is invalid."))
|
781
|
// .type(MediaType.APPLICATION_JSON).build();
|
782
|
code400++;
|
783
|
errorInClaims.add(jsonObject);
|
784
|
}
|
785
|
|
786
|
|
787
|
try {
|
788
|
String claimId = claimHandler.buildAndInsertClaim(claimedBy, sourceType, sourceId, sourceCollectedFrom, sourceAccessRights, sourceEmbargoEndDate, targetType, targetId, targetCollectedFrom, targetAccessRights, targetEmbargoEndDate);
|
789
|
insertedIds.add(claimId);
|
790
|
code200++;
|
791
|
// return Response.status(200).entity(compose201PostMessage(request, claimId)).type(MediaType.APPLICATION_JSON).build();
|
792
|
|
793
|
} catch (ClaimValidationException ve) {
|
794
|
// return Response.status(Response.Status.BAD_REQUEST).entity(compose400Message("The given ids are wrong.", ve))
|
795
|
// .type(MediaType.APPLICATION_JSON).build();
|
796
|
jsonObject.addProperty("error", "validation");
|
797
|
errorInClaims.add(jsonObject);
|
798
|
code400++;
|
799
|
|
800
|
} catch (SQLStoreException|Exception e) {
|
801
|
// logger.error("Fail to add new claim.", e);
|
802
|
// return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(compose500Message("Fail to add new claim.", e))
|
803
|
// .type(MediaType.APPLICATION_JSON).build();
|
804
|
jsonObject.addProperty("error", "insertion");
|
805
|
errorInClaims.add(jsonObject);
|
806
|
code500++;
|
807
|
}
|
808
|
}
|
809
|
if (jsonArray.size() == code500) {
|
810
|
return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(compose500BulkInsertMessage("Fail to add new claim.", insertedIds, errorInClaims))
|
811
|
.type(MediaType.APPLICATION_JSON).build();
|
812
|
} else if (code200 > 0) {
|
813
|
return Response.status(200).entity(compose201BulkInsertMessage(insertedIds, errorInClaims)).type(MediaType.APPLICATION_JSON).build();
|
814
|
} else {
|
815
|
return Response.status(Response.Status.BAD_REQUEST).entity(compose400BulkInsertMessage("The given ids are wrong.", insertedIds, errorInClaims))
|
816
|
.type(MediaType.APPLICATION_JSON).build();
|
817
|
}
|
818
|
}
|
819
|
return Response.status(Response.Status.FORBIDDEN).entity(compose403Message("Forbidden: You don't have permission to access. You are not registered."))
|
820
|
.type(MediaType.APPLICATION_JSON)
|
821
|
.build();
|
822
|
|
823
|
}
|
824
|
@POST
|
825
|
@Path("/curate/bulk")
|
826
|
@Produces(MediaType.APPLICATION_JSON)
|
827
|
@Consumes(MediaType.APPLICATION_JSON)
|
828
|
public Response curateBulkClaims(String input, @Context HttpServletRequest request,
|
829
|
@HeaderParam("X-XSRF-TOKEN") String token,
|
830
|
@HeaderParam("Origin") String origin,
|
831
|
@CookieParam("AccessToken") String cookie) {
|
832
|
logger.debug("header \"X-XSRF-TOKEN\" has value " + token);
|
833
|
logger.debug("cookie \"AccessToken\" has value " + cookie);
|
834
|
|
835
|
if(token == null || token.isEmpty() || cookie == null || cookie.isEmpty() || !cookie.equals(token)|| !authorization.hasValidOrigin(origin)){
|
836
|
return Response.status(Response.Status.FORBIDDEN).entity(compose403Message("Forbidden: You don't have permission to access. Maybe you are not registered."))
|
837
|
.type(MediaType.APPLICATION_JSON)
|
838
|
.build();
|
839
|
}
|
840
|
UserInfo userInfo = authorization.getUserHandler().getUserInfo(token);
|
841
|
if (authorization.isRegistered(userInfo)) {
|
842
|
ArrayList<String> insertedIds = new ArrayList<String>();
|
843
|
JsonArray errorInClaims = new JsonArray();
|
844
|
int code200 = 0;
|
845
|
int code400 = 0;
|
846
|
int code500 = 0;
|
847
|
JsonArray jsonArray = new JsonParser().parse(input).getAsJsonArray();
|
848
|
String curatedBy =userInfo.getEmail();
|
849
|
|
850
|
for (JsonElement je : jsonArray) {
|
851
|
JsonObject jsonObject = je.getAsJsonObject();
|
852
|
|
853
|
String id = jsonObject.get("id").getAsString();
|
854
|
logger.info("id " + id);
|
855
|
|
856
|
Boolean approved = jsonObject.get("approved").getAsBoolean();
|
857
|
logger.info("approved " + approved);
|
858
|
EmailValidator emailValidator = EmailValidator.getInstance();
|
859
|
if (!emailValidator.isValid(curatedBy)) {
|
860
|
jsonObject.addProperty("error", "user");
|
861
|
// return Response.status(Response.Status.BAD_REQUEST).entity(compose400Message("User e-mail is invalid."))
|
862
|
// .type(MediaType.APPLICATION_JSON).build();
|
863
|
code400++;
|
864
|
errorInClaims.add(jsonObject);
|
865
|
}
|
866
|
|
867
|
try {
|
868
|
claimHandler.updateClaimCurationInfo(curatedBy,id, approved);
|
869
|
insertedIds.add(id);
|
870
|
code200++;
|
871
|
|
872
|
} catch (SQLStoreException|Exception e) {
|
873
|
jsonObject.addProperty("error", "insertion");
|
874
|
errorInClaims.add(jsonObject);
|
875
|
code500++;
|
876
|
}
|
877
|
}
|
878
|
if (jsonArray.size() == code500) {
|
879
|
return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(compose500BulkInsertMessage("Fail to update claims.", insertedIds, errorInClaims))
|
880
|
.type(MediaType.APPLICATION_JSON).build();
|
881
|
} else if (code200 > 0) {
|
882
|
return Response.status(200).entity(compose201BulkInsertMessage(insertedIds, errorInClaims)).type(MediaType.APPLICATION_JSON).build();
|
883
|
} else {
|
884
|
return Response.status(Response.Status.BAD_REQUEST).entity(compose400BulkInsertMessage("The given ids are wrong.", insertedIds, errorInClaims))
|
885
|
.type(MediaType.APPLICATION_JSON).build();
|
886
|
}
|
887
|
}
|
888
|
return Response.status(Response.Status.FORBIDDEN).entity(compose403Message("Forbidden: You don't have permission to access. You are not registered."))
|
889
|
.type(MediaType.APPLICATION_JSON)
|
890
|
.build();
|
891
|
|
892
|
}
|
893
|
@POST
|
894
|
@Path("/feed/bulk")
|
895
|
@Produces(MediaType.APPLICATION_JSON)
|
896
|
@Consumes(MediaType.APPLICATION_JSON)
|
897
|
public Response feedBulkRecords(String input, @Context HttpServletRequest request,
|
898
|
@HeaderParam("X-XSRF-TOKEN") String token,
|
899
|
@HeaderParam("Origin") String origin,
|
900
|
@CookieParam("AccessToken") String cookie) {
|
901
|
logger.debug("header \"X-XSRF-TOKEN\" has value " + token);
|
902
|
logger.debug("cookie \"AccessToken\" has value " + cookie);
|
903
|
|
904
|
if(token == null || token.isEmpty() || cookie == null || cookie.isEmpty() || !cookie.equals(token)|| !authorization.hasValidOrigin(origin)){
|
905
|
return Response.status(Response.Status.FORBIDDEN).entity(compose403Message("Forbidden: You don't have permission to access. Maybe you are not registered."))
|
906
|
.type(MediaType.APPLICATION_JSON)
|
907
|
.build();
|
908
|
}
|
909
|
|
910
|
if (authorization.isRegistered(token)) {
|
911
|
ArrayList<String> insertedIds = new ArrayList<String>();
|
912
|
JsonArray errorInClaims = new JsonArray();
|
913
|
int code200 = 0;
|
914
|
int code400 = 0;
|
915
|
int code500 = 0;
|
916
|
JsonArray jsonArray = new JsonParser().parse(input).getAsJsonArray();
|
917
|
for (JsonElement je : jsonArray) {
|
918
|
JsonObject jsonObject = je.getAsJsonObject();
|
919
|
Boolean inserted = directIndexHandler.insertRecord(new Gson().toJson(jsonObject.get("record")));
|
920
|
if (inserted) {
|
921
|
insertedIds.add(jsonObject.get("id").getAsString());
|
922
|
code200++;
|
923
|
} else {
|
924
|
errorInClaims.add(jsonObject.get("id").getAsString());
|
925
|
code400++;
|
926
|
}
|
927
|
|
928
|
|
929
|
}
|
930
|
if (jsonArray.size() == code500) {
|
931
|
return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(compose500BulkInsertMessage("Fail to add new claim.", insertedIds, errorInClaims))
|
932
|
.type(MediaType.APPLICATION_JSON).build();
|
933
|
} else if (code200 > 0) {
|
934
|
return Response.status(200).entity(compose201BulkInsertMessage(insertedIds, errorInClaims)).type(MediaType.APPLICATION_JSON).build();
|
935
|
} else {
|
936
|
return Response.status(Response.Status.BAD_REQUEST).entity(compose400BulkInsertMessage("The given ids are wrong.", insertedIds, errorInClaims))
|
937
|
.type(MediaType.APPLICATION_JSON).build();
|
938
|
}
|
939
|
}
|
940
|
return Response.status(Response.Status.FORBIDDEN).entity(compose403Message("Forbidden: You don't have permission to access. You are not registered."))
|
941
|
.type(MediaType.APPLICATION_JSON)
|
942
|
.build();
|
943
|
|
944
|
}
|
945
|
|
946
|
@Path("/communities")
|
947
|
@GET
|
948
|
@Produces(MediaType.APPLICATION_JSON)
|
949
|
public Response fetchCommunities(@HeaderParam("X-XSRF-TOKEN") String token,
|
950
|
@CookieParam("AccessToken") String cookie) throws ISLookUpServiceException {
|
951
|
logger.debug("header \"X-XSRF-TOKEN\" has value " + token);
|
952
|
logger.debug("cookie \"AccessToken\" has value " + cookie);
|
953
|
|
954
|
if(token == null || token.isEmpty() || cookie == null || cookie.isEmpty() || !cookie.equals(token)){
|
955
|
return Response.status(Response.Status.FORBIDDEN).entity(compose403Message("Forbidden: You don't have permission to access. Maybe you are not registered."))
|
956
|
.type(MediaType.APPLICATION_JSON)
|
957
|
.build();
|
958
|
}
|
959
|
|
960
|
if (authorization.isRegistered(token)) {
|
961
|
//it needs to have at lease one category with @claim=true
|
962
|
List<String> communities = lookupServiceLocator.getService().quickSearchProfile
|
963
|
("for $x in collection('/db/DRIVER/ContextDSResources/ContextDSResourceType') \n" +
|
964
|
" where $x//context[@type='community']//category[@claim='true'] \n" +
|
965
|
" return <communities>{$x//context/@id}{$x//context/@label}</communities>");
|
966
|
|
967
|
return Response.status(200).entity(composeDataResponse(xml2Json(communities))).type(MediaType.APPLICATION_JSON).build();
|
968
|
}
|
969
|
return Response.status(Response.Status.FORBIDDEN).entity(compose403Message("Forbidden: You don't have permission to access. You are not registered."))
|
970
|
.type(MediaType.APPLICATION_JSON)
|
971
|
.build();
|
972
|
}
|
973
|
|
974
|
@Path("/communities/{communityid}/categories")
|
975
|
@GET
|
976
|
@Produces(MediaType.APPLICATION_JSON)
|
977
|
public Response fetchCommunityCategories(@PathParam("communityid") String communityid,
|
978
|
@HeaderParam("X-XSRF-TOKEN") String token,
|
979
|
@CookieParam("AccessToken") String cookie) throws ISLookUpServiceException {
|
980
|
logger.debug("header \"X-XSRF-TOKEN\" has value " + token);
|
981
|
logger.debug("cookie \"AccessToken\" has value " + cookie);
|
982
|
|
983
|
if(token == null || token.isEmpty() || cookie == null || cookie.isEmpty() || !cookie.equals(token)){
|
984
|
return Response.status(Response.Status.FORBIDDEN).entity(compose403Message("Forbidden: You don't have permission to access. Maybe you are not registered."))
|
985
|
.type(MediaType.APPLICATION_JSON)
|
986
|
.build();
|
987
|
}
|
988
|
|
989
|
if (authorization.isRegistered(token)) {
|
990
|
List<String> categories = lookupServiceLocator.getService().quickSearchProfile
|
991
|
("for $x in collection('/db/DRIVER/ContextDSResources/ContextDSResourceType')//context[@id='" + communityid + "']//category[@claim=\'true\']\n" +
|
992
|
"return <category>{$x/@id}{$x/@label}</category>");
|
993
|
|
994
|
logger.info("for $x in collection('/db/DRIVER/ContextDSResources/ContextDSResourceType')//context[@id='" + communityid + "']//category[@claim=\'true\']\n" +
|
995
|
"return <category>{$x/@id}{$x/@label}</category>");
|
996
|
|
997
|
if (categories == null || categories.isEmpty()) {
|
998
|
return Response.status(404).entity(compose404Message("There are no categories for community with id " + communityid)).type(MediaType.APPLICATION_JSON).build();
|
999
|
}
|
1000
|
|
1001
|
xml2Json(categories);
|
1002
|
|
1003
|
return Response.status(200).entity(composeDataResponse(xml2Json(categories))).type(MediaType.APPLICATION_JSON).build();
|
1004
|
}
|
1005
|
return Response.status(Response.Status.FORBIDDEN).entity(compose403Message("Forbidden: You don't have permission to access. You are not registered."))
|
1006
|
.type(MediaType.APPLICATION_JSON)
|
1007
|
.build();
|
1008
|
}
|
1009
|
|
1010
|
@Path("/categories/{categoryid}/concepts")
|
1011
|
@GET
|
1012
|
@Produces(MediaType.APPLICATION_JSON)
|
1013
|
public Response fetchCategoryConcepts(@PathParam("categoryid") String categoryid,
|
1014
|
@HeaderParam("X-XSRF-TOKEN") String token,
|
1015
|
@CookieParam("AccessToken") String cookie) throws ISLookUpServiceException {
|
1016
|
logger.debug("header \"X-XSRF-TOKEN\" has value " + token);
|
1017
|
logger.debug("cookie \"AccessToken\" has value " + cookie);
|
1018
|
|
1019
|
if(token == null || token.isEmpty() || cookie == null || cookie.isEmpty() || !cookie.equals(token)){
|
1020
|
return Response.status(Response.Status.FORBIDDEN).entity(compose403Message("Forbidden: You don't have permission to access. Maybe you are not registered."))
|
1021
|
.type(MediaType.APPLICATION_JSON)
|
1022
|
.build();
|
1023
|
}
|
1024
|
|
1025
|
if (authorization.isRegistered(token)) {
|
1026
|
List<String> concepts = lookupServiceLocator.getService().quickSearchProfile
|
1027
|
("for $x in collection('/db/DRIVER/ContextDSResources/ContextDSResourceType') return $x//category[@id='" + categoryid + "']//concept");
|
1028
|
|
1029
|
if (concepts == null || concepts.isEmpty()) {
|
1030
|
return Response.status(404).entity(compose404Message("There are no concepts for category with id " + categoryid)).type(MediaType.APPLICATION_JSON).build();
|
1031
|
}
|
1032
|
|
1033
|
return Response.status(200).entity(composeDataResponse(xml2Json(concepts))).type(MediaType.APPLICATION_JSON).build();
|
1034
|
}
|
1035
|
return Response.status(Response.Status.FORBIDDEN).entity(compose403Message("Forbidden: You don't have permission to access. You are not registered."))
|
1036
|
.type(MediaType.APPLICATION_JSON)
|
1037
|
.build();
|
1038
|
}
|
1039
|
|
1040
|
private String xml2Json(List<String> input) {
|
1041
|
StringBuilder builder = new StringBuilder();
|
1042
|
for(String category: input) {
|
1043
|
builder.append(category);
|
1044
|
}
|
1045
|
return builder.toString();
|
1046
|
}
|
1047
|
|
1048
|
private String compose400Message(String message) {
|
1049
|
return "{ \"status\" : \"error\", \"code\" : \"400\", \"message\" : \" " + message +" \" }";
|
1050
|
}
|
1051
|
|
1052
|
private String compose400Message(String message, Exception exception) {
|
1053
|
return "{ \"status\" : \"error\", \"code\" : \"400\", \"message\" : \" " + message +"\", " +
|
1054
|
"\"description\" : \""+ exception.getMessage() +"\" }";
|
1055
|
}
|
1056
|
|
1057
|
private String compose403Message(String message) {
|
1058
|
return "{ \"status\" : \"error\", \"code\" : \"403\", \"message\" : \" " + message +"\", " +
|
1059
|
"\"description\" : \"\" }";
|
1060
|
}
|
1061
|
|
1062
|
private String compose404BulkDeleteMessage(String message, List<String> deletedIds, List<String> notFoundIds) {
|
1063
|
return "{ \"status\" : \"error\", \"code\" : \"404\", \"message\" : \" " + message +" \","+ "\"deletedIds\" : " + new Gson().toJson(deletedIds) +","+ "\"notFoundIds\" : " + new Gson().toJson(notFoundIds) + " }";
|
1064
|
}
|
1065
|
private String compose404Message(String message) {
|
1066
|
return "{ \"status\" : \"error\", \"code\" : \"404\", \"message\" : \" " + message +" \" }";
|
1067
|
}
|
1068
|
|
1069
|
private String compose400BulkInsertMessage(String message, List<String> insertedIds,JsonArray errorInClaims) {
|
1070
|
return "{ \"status\" : \"error\", \"code\" : \"400\", \"message\" : \" " + message +" \""+ ", \"insertedIds\" : " + new Gson().toJson(insertedIds) +","+ "\"errorInClaims\" : " + new Gson().toJson(errorInClaims) + " }";
|
1071
|
}
|
1072
|
|
1073
|
private String compose500Message(String message, Throwable throwable) {
|
1074
|
return "{ \"status\" : \"fail\", \"code\" : \"500\", \"message\" : \" " + message + "\", " +
|
1075
|
"\"description\" : \""+ throwable.getMessage() +"\" }";
|
1076
|
}
|
1077
|
|
1078
|
private String compose500BulkInsertMessage(String message, List<String> insertedIds, JsonArray errorInClaims) {
|
1079
|
return "{ \"status\" : \"fail\", \"code\" : \"500\", \"message\" : \" " + message + "\", " +
|
1080
|
"\"description\" : \""+ "\" , " + "\"insertedIds\" : " + new Gson().toJson(insertedIds) +","+ "\"errorInClaims\" : " + new Gson().toJson(errorInClaims) + " }";
|
1081
|
}
|
1082
|
|
1083
|
/*
|
1084
|
TODO check if needed
|
1085
|
private String compose500BulkDeleteMessage(String message, List<String> deletedIds, List<String> notFoundIds, Exception exception) {
|
1086
|
return "{ \"status\" : \"fail\", \"code\" : \"500\", \"message\" : \" " + message + "\", " +
|
1087
|
"\"description\" : \""+ exception.getMessage() +"\" ," + "\"deletedIds\" : " + new Gson().toJson(deletedIds) +","+ "\"notFoundIds\" : " + new Gson().toJson(notFoundIds) + " }";
|
1088
|
}
|
1089
|
|
1090
|
TODO check if needed
|
1091
|
private String compose200Message(){
|
1092
|
return " { \"status\" : \"success\", \"code\": \"200\" }";
|
1093
|
}
|
1094
|
|
1095
|
TODO check if needed
|
1096
|
private String compose204Message(){
|
1097
|
return " { \"status\" : \"success\", \"code\": \"204\" }";
|
1098
|
} */
|
1099
|
|
1100
|
private String compose204BulkDeleteMessage(List<String> deletedIds, List<String> notFoundIds){
|
1101
|
return " { \"status\" : \"success\", \"code\": \"204\", "+ "\"deletedIds\" : " + new Gson().toJson(deletedIds) +","+ "\"notFoundIds\" : " + new Gson().toJson(notFoundIds) + "}";
|
1102
|
}
|
1103
|
|
1104
|
|
1105
|
private String compose201PostMessage(@Context HttpServletRequest request, String claimId){
|
1106
|
String url = request.getRequestURL().toString();
|
1107
|
//String query = request.getQueryString();
|
1108
|
|
1109
|
return " { \"status\" : \"success\", \"code\": \"201\", \"link\": \"" + url +"/"+ claimId +"\" }";
|
1110
|
}
|
1111
|
private String compose201BulkInsertMessage(List<String> insertedIds, JsonArray errorInClaims){
|
1112
|
//String url = request.getRequestURL().toString();
|
1113
|
//String query = request.getQueryString();
|
1114
|
|
1115
|
return " { \"status\" : \"success\", \"code\": \"201\","+ "\"insertedIds\" : " + new Gson().toJson(insertedIds) +","+ "\"errorInClaims\" : " + new Gson().toJson(errorInClaims)+ "}";
|
1116
|
}
|
1117
|
private String composeDataResponse(HttpServletRequest request, List<Claim> claims, int total, int offset, int limit) {
|
1118
|
if(offset != -1 && limit != -1) { // if offset and limit are -1, no paging in the response
|
1119
|
return " { \"status\" : \"success\", \"code\": \"200\", "+composeTotalResults(total)+", " + composePaging(request, total, offset, limit) + ", "
|
1120
|
+ "\"data\" : " + new Gson().toJson(claims) + " }";
|
1121
|
} else {
|
1122
|
return " { \"status\" : \"success\", \"code\": \"200\", "+composeTotalResults(total)+", "
|
1123
|
+ "\"data\" : " + new Gson().toJson(claims) + " }";
|
1124
|
}
|
1125
|
}
|
1126
|
|
1127
|
private String composeDataResponse(String xml) {
|
1128
|
return " { \"status\" : \"success\", \"code\": \"200\", "
|
1129
|
+ "\"data\" : " + XML.toJSONObject(xml).toString() + " }";
|
1130
|
}
|
1131
|
|
1132
|
private String composeDataResponse(Claim claim) {
|
1133
|
return " { \"status\" : \"success\", \"code\": \"200\", " + "\"data\" : " + new Gson().toJson(claim) + " }";
|
1134
|
}
|
1135
|
|
1136
|
private static String composePaging(HttpServletRequest request, int total, int currentOffset, int limit) {
|
1137
|
logger.info("total " + total);
|
1138
|
logger.info("currentOffset " + currentOffset);
|
1139
|
logger.info("limit " + limit);
|
1140
|
|
1141
|
String url = request.getRequestURL().toString();
|
1142
|
//String query = request.getQueryString();
|
1143
|
|
1144
|
String first = url+"?offset=0&limit=20";
|
1145
|
|
1146
|
int previousPage;
|
1147
|
int nextPage;
|
1148
|
int lastPage;
|
1149
|
|
1150
|
if (total <= limit) {
|
1151
|
lastPage = 0;
|
1152
|
} else {
|
1153
|
if(total%limit == 0) {
|
1154
|
lastPage = total/limit-1;
|
1155
|
} else {
|
1156
|
lastPage = total/limit ;
|
1157
|
}
|
1158
|
}
|
1159
|
String last = url+"?offset=" + lastPage + "&limit=20";
|
1160
|
|
1161
|
if (currentOffset-1 <= 0) {
|
1162
|
previousPage = 0;
|
1163
|
} else {
|
1164
|
previousPage = currentOffset-1;
|
1165
|
}
|
1166
|
String previous = url+"?offset=" + previousPage + "&limit=20";
|
1167
|
|
1168
|
if (currentOffset+1 >= lastPage) {
|
1169
|
nextPage = lastPage;
|
1170
|
|
1171
|
} else {
|
1172
|
nextPage = currentOffset + 1;
|
1173
|
}
|
1174
|
String next = url+"?offset=" + nextPage + "&limit=20";
|
1175
|
|
1176
|
return "\"paging\": [" + "{\"rel\":\"first\", \"href\":\"" + first +"\"}, {\"rel\":\"last\", \"href\":\"" + last + "\"}, {\"rel\":\"previous\", \"href\": \"" + previous + "\"}, {\"rel\":\"next\", \"href\":\"" + next +"\"}"+ "]";
|
1177
|
}
|
1178
|
private String composeTotalResults(int total) {
|
1179
|
return "\"total\": \""+total+"\"";
|
1180
|
}
|
1181
|
|
1182
|
public static void main(String[] args) {
|
1183
|
|
1184
|
/*
|
1185
|
EmailValidator emailValidator = EmailValidator.getInstance();
|
1186
|
System.out.println(emailValidator.isValid("jate@gdddd"));
|
1187
|
|
1188
|
InternetAddress emailAddr = null;
|
1189
|
try {
|
1190
|
emailAddr = new InternetAddress("jate@gdddd");
|
1191
|
emailAddr.validate();
|
1192
|
} catch (AddressException e) {
|
1193
|
System.out.println("false");
|
1194
|
}
|
1195
|
System.out.println("true");
|
1196
|
|
1197
|
ArrayList<String> insertedIds= new ArrayList<String>();
|
1198
|
insertedIds.add("1");
|
1199
|
insertedIds.add("2");
|
1200
|
insertedIds.add("3");
|
1201
|
System.out.println(helloWorldService.compose403Message("hello"));
|
1202
|
|
1203
|
*/
|
1204
|
// BasicConfigurator.configure();
|
1205
|
// ApplicationContext context = new ClassPathXmlApplicationContext("eu/dnetlib/openaire/rest/springContext-claims-authorization.xml");
|
1206
|
//
|
1207
|
// Authorization authorization = context.getBean(Authorization.class);
|
1208
|
// UserHandler userHandler = context.getBean(UserHandler.class);
|
1209
|
// System.out.println(authorization.getAdminRoles());
|
1210
|
// authorization.isAdmin("eyJraWQiOiJvaWRjIiwiYWxnIjoiUlMyNTYifQ.eyJzdWIiOiIwOTMxNzMwMTMyODMzNjMyQG9wZW5taW50ZWQuZXUiLCJhenAiOiIyNGU4MzE3Ni0xMzEyLTRiYTMtYmMwYi1mZmVlYmVhMTYwM2UiLCJpc3MiOiJodHRwczpcL1wvYWFpLm9wZW5taW50ZWQuZXVcL29pZGNcLyIsImV4cCI6MTQ5ODQ4NTk3NiwiaWF0IjoxNDk4NDcxNTc2LCJqdGkiOiJkMWRlZjc1Yi00MTEyLTRiZDktYTIyNi0wZThhOWI2M2Y3MWQifQ.WVYOb_yO8OaxIIt2jRYEDQBhGGFRDTBw3DgtVV_smuN5yx1ScCj6aehLu3JKPSArme4m2SGF4TEGhpwNJkwhM2WapGtxmtuCmCzYIo_QlC1Yki9hr2OT2rXMcQsJCiKaBSf6pLue6Sn78GMB5yaUTvOQHRgidXGiZXH5lsuZUx15Q6Equ_wzond_rgP9mRheRkTyIFuvvg4PuzmudBc11Ty863vIIQtoWF7_p98zTbHxiNF9lLPwzPZKxDoQ8JeayQEC-jsWVLgxmp-h0jG_Ko5jFVVJeeosqMMucOrs2FT_NKHVYVqB6VVh0C6nOufeiLrNDeMUlDT4dAvKD2zE9w");
|
1211
|
|
1212
|
}
|
1213
|
|
1214
|
}
|