diff --git a/src/main/java/org/cerberus/controllers/ApplicationController.java b/src/main/java/org/cerberus/controllers/ApplicationController.java index 6acd6e4..b684ada 100644 --- a/src/main/java/org/cerberus/controllers/ApplicationController.java +++ b/src/main/java/org/cerberus/controllers/ApplicationController.java @@ -1,6 +1,7 @@ package org.cerberus.controllers; import com.fasterxml.jackson.annotation.JsonView; +import org.cerberus.core.exceptions.UnauthorizedException; import org.cerberus.entities.dto.View; import org.cerberus.entities.persistence.Application; import org.cerberus.entities.persistence.User; @@ -19,7 +20,6 @@ import static org.cerberus.services.DaemonHandlingService.Action.*; @RestController @RequestMapping("/api/applications") -@SuppressWarnings("unused") public class ApplicationController { private ApplicationService service; private SecurityService securityService; @@ -39,8 +39,10 @@ public class ApplicationController { @GetMapping @JsonView({View.ApplicationDTO.class}) public List findAll(Principal connectedUser) { - securityService.getAdminUser(connectedUser); - return service.findAll(); + User user = securityService.getUserByPrincipal(connectedUser) + .orElseThrow(() -> new UnauthorizedException("")); + + return service.findAll(user); } @PostMapping diff --git a/src/main/java/org/cerberus/controllers/ConfigurationFileController.java b/src/main/java/org/cerberus/controllers/ConfigurationFileController.java index 42e8e1d..9a9f94e 100644 --- a/src/main/java/org/cerberus/controllers/ConfigurationFileController.java +++ b/src/main/java/org/cerberus/controllers/ConfigurationFileController.java @@ -9,6 +9,7 @@ import org.springframework.http.HttpStatus; import org.springframework.web.bind.annotation.*; import java.security.Principal; +import java.util.List; import java.util.UUID; import static org.cerberus.core.constant.RoleSecurity.ADMIN; @@ -16,7 +17,6 @@ import static org.cerberus.core.constant.RoleSecurity.MAINTAINER; @RestController @RequestMapping("/api/applications/{applicationId}/configurationFile") -@SuppressWarnings("unused") public class ConfigurationFileController { private ConfigurationFileService service; private SecurityService securityService; @@ -36,6 +36,18 @@ public class ConfigurationFileController { return service.findByApplicationIdAndId(applicationId, configurationFileId); } + /** + * Returns all the configuration files associates to the application that id is given in parameters. + * @return The configuration files but without their content. + */ + @GetMapping + @JsonView({View.ConfigurationFileDTO.class}) + public List getAllByApplication(@PathVariable("applicationId") UUID applicationId, + Principal connectedUser) { + securityService.checkHasAnyRole(connectedUser, applicationId, ADMIN, MAINTAINER); + return service.findAllByApplicationId(applicationId); + } + @PostMapping @JsonView({View.ConfigurationFileDTO.class}) public ConfigurationFile create(@PathVariable("applicationId") UUID applicationId, diff --git a/src/main/java/org/cerberus/core/constant/ResultCode.java b/src/main/java/org/cerberus/core/constant/ResultCode.java index a79053b..75b1250 100644 --- a/src/main/java/org/cerberus/core/constant/ResultCode.java +++ b/src/main/java/org/cerberus/core/constant/ResultCode.java @@ -8,7 +8,7 @@ public enum ResultCode { private int val; - private ResultCode(final int pVal) { + ResultCode(final int pVal) { val = pVal; } diff --git a/src/main/java/org/cerberus/core/constant/Role.java b/src/main/java/org/cerberus/core/constant/Role.java index eda8add..6fa5fbe 100644 --- a/src/main/java/org/cerberus/core/constant/Role.java +++ b/src/main/java/org/cerberus/core/constant/Role.java @@ -2,5 +2,5 @@ package org.cerberus.core.constant; public enum Role { VIEWER, - MAINTAINER; + MAINTAINER } diff --git a/src/main/java/org/cerberus/core/exceptions/BusinessException.java b/src/main/java/org/cerberus/core/exceptions/BusinessException.java index ff89a73..016b01b 100644 --- a/src/main/java/org/cerberus/core/exceptions/BusinessException.java +++ b/src/main/java/org/cerberus/core/exceptions/BusinessException.java @@ -11,4 +11,9 @@ abstract class BusinessException extends RuntimeException { BusinessException(String message, Throwable cause) { super(message, cause); } + + @Override + public StackTraceElement[] getStackTrace() { + return null; + } } diff --git a/src/main/java/org/cerberus/core/exceptions/UnauthorizedException.java b/src/main/java/org/cerberus/core/exceptions/UnauthorizedException.java new file mode 100644 index 0000000..e1cb49c --- /dev/null +++ b/src/main/java/org/cerberus/core/exceptions/UnauthorizedException.java @@ -0,0 +1,15 @@ +package org.cerberus.core.exceptions; + +import org.springframework.http.HttpStatus; +import org.springframework.web.bind.annotation.ResponseStatus; + +@ResponseStatus(value = HttpStatus.UNAUTHORIZED) +public class UnauthorizedException extends BusinessException { + public UnauthorizedException(String message) { + super(message); + } + + public UnauthorizedException(String message, Throwable cause) { + super(message, cause); + } +} diff --git a/src/main/java/org/cerberus/repositories/ApplicationRepository.java b/src/main/java/org/cerberus/repositories/ApplicationRepository.java index 94a89ec..d1c073e 100644 --- a/src/main/java/org/cerberus/repositories/ApplicationRepository.java +++ b/src/main/java/org/cerberus/repositories/ApplicationRepository.java @@ -6,6 +6,7 @@ import org.springframework.data.jpa.repository.Query; import org.springframework.data.repository.query.Param; import org.springframework.stereotype.Repository; +import java.util.List; import java.util.UUID; @Repository @@ -15,4 +16,7 @@ public interface ApplicationRepository extends JpaRepository @Query(value = "SELECT EXISTS(SELECT id FROM application WHERE service_name = :serviceName)", nativeQuery = true) boolean existsByServiceName(@Param("serviceName") String serviceName); + + @Query("SELECT a FROM Application a JOIN a.administratorList adm WHERE adm.user.id = :userId") + List getByUserId(@Param("userId") UUID userId); } diff --git a/src/main/java/org/cerberus/repositories/ConfigurationFileRepository.java b/src/main/java/org/cerberus/repositories/ConfigurationFileRepository.java index 68d36f9..c614621 100644 --- a/src/main/java/org/cerberus/repositories/ConfigurationFileRepository.java +++ b/src/main/java/org/cerberus/repositories/ConfigurationFileRepository.java @@ -6,6 +6,7 @@ import org.springframework.data.jpa.repository.Query; import org.springframework.data.repository.query.Param; import org.springframework.stereotype.Repository; +import java.util.List; import java.util.UUID; @Repository @@ -18,4 +19,7 @@ public interface ConfigurationFileRepository extends JpaRepository findAllByApplicationId(@Param("applicationId") UUID applicationId); } diff --git a/src/main/java/org/cerberus/services/ApplicationService.java b/src/main/java/org/cerberus/services/ApplicationService.java index 090d7a6..96eab65 100644 --- a/src/main/java/org/cerberus/services/ApplicationService.java +++ b/src/main/java/org/cerberus/services/ApplicationService.java @@ -16,10 +16,10 @@ import static org.cerberus.core.utils.StringUtils.concat; @Service public class ApplicationService extends AbstractService { - private ApplicationRepository repository; - private ApplicationRoleService applicationRoleService; - private ApplicationValidator validator; - private DaemonHandlingService daemonHandlingService; + private final ApplicationRepository repository; + private final ApplicationRoleService applicationRoleService; + private final ApplicationValidator validator; + private final DaemonHandlingService daemonHandlingService; ApplicationService(ApplicationRepository repository, ApplicationRoleService applicationRoleService, @@ -35,6 +35,7 @@ public class ApplicationService extends AbstractService { @Transactional public Application create(Application application, User user) { validator.validate(application); + validator.sanitize(application); if(repository.existsByName(application.getName())) { throw new BadRequestException(concat("The application ", application.getName(), " already exists.")); @@ -78,7 +79,15 @@ public class ApplicationService extends AbstractService { return daemonHandlingService.getStatus(findByIdOrElseThrow(applicationId)); } - public List findAll() { - return repository.findAll(); + public List findAll(User user) { + List result; + + if(user.isAdmin()) { + result = repository.findAll(); + } else { + result = repository.getByUserId(user.getId()); + } + + return result; } } diff --git a/src/main/java/org/cerberus/services/ConfigurationFileService.java b/src/main/java/org/cerberus/services/ConfigurationFileService.java index 72bf9c6..46308c6 100644 --- a/src/main/java/org/cerberus/services/ConfigurationFileService.java +++ b/src/main/java/org/cerberus/services/ConfigurationFileService.java @@ -11,6 +11,7 @@ import org.springframework.stereotype.Service; import java.io.IOException; import java.nio.file.Files; import java.nio.file.Paths; +import java.util.List; import java.util.UUID; import static org.cerberus.core.utils.StringUtils.concat; @@ -46,6 +47,18 @@ public class ConfigurationFileService extends AbstractService return configurationFile; } + /** + * Returns all the configuration files associates to the application that id is given in parameters. + * @return The configuration files but without their content. + */ + public List findAllByApplicationId(UUID applicationId) { + if(!applicationService.existsById(applicationId)) { + throwNotFoundException(); + } + + return repository.findAllByApplicationId(applicationId); + } + public ConfigurationFile create(UUID applicationId, ConfigurationFile configurationFile) { return save(applicationId, configurationFile, false); }