From f41e3da43dca0d15cd2a2ef10ffe4cc62d9946e3 Mon Sep 17 00:00:00 2001
From: Michael Simon <simon@kit.edu>
Date: Fri, 26 Jul 2024 09:40:30 +0200
Subject: [PATCH] NO_STORY Add DTO classes for project rest api

---
 .../webreg/dto/entity/ProjectEntityDto.java   | 141 ++++++++++++++++++
 .../dto/mapper/ProjectEntityMapper.java       |  35 +++++
 .../webreg/dto/service/ProjectDtoService.java |  49 ++++++
 .../service/saml/SamlIdpServiceImpl.java      |   4 +
 .../rest/JaxRsApplicationActivator.java       |   1 +
 .../rest/ProjectServiceAdminController.java   |  97 ++++++++++++
 6 files changed, 327 insertions(+)
 create mode 100644 bwreg-service/src/main/java/edu/kit/scc/webreg/dto/entity/ProjectEntityDto.java
 create mode 100644 bwreg-service/src/main/java/edu/kit/scc/webreg/dto/mapper/ProjectEntityMapper.java
 create mode 100644 bwreg-service/src/main/java/edu/kit/scc/webreg/dto/service/ProjectDtoService.java
 create mode 100644 bwreg-webapp/src/main/java/edu/kit/scc/webreg/rest/ProjectServiceAdminController.java

diff --git a/bwreg-service/src/main/java/edu/kit/scc/webreg/dto/entity/ProjectEntityDto.java b/bwreg-service/src/main/java/edu/kit/scc/webreg/dto/entity/ProjectEntityDto.java
new file mode 100644
index 000000000..332595068
--- /dev/null
+++ b/bwreg-service/src/main/java/edu/kit/scc/webreg/dto/entity/ProjectEntityDto.java
@@ -0,0 +1,141 @@
+package edu.kit.scc.webreg.dto.entity;
+
+import java.util.Set;
+
+import edu.kit.scc.webreg.entity.project.ProjectStatus;
+
+public class ProjectEntityDto extends AbstractBaseEntityDto {
+
+	private static final long serialVersionUID = 1L;
+
+	private String name;
+	
+	private String shortName;
+	
+	private String groupName;
+	
+	private Long parentProjectId;
+	
+	private Set<Long> childProjects;
+
+	private String description;
+	
+	private String shortDescription;
+
+	private Boolean subProjectsAllowed;
+
+	private Boolean published;
+	
+	private Boolean approved;
+
+	private String attributePrefix;
+	
+	private String attributeName;
+	
+	private ProjectStatus projectStatus;
+
+	public String getName() {
+		return name;
+	}
+
+	public void setName(String name) {
+		this.name = name;
+	}
+
+	public String getShortName() {
+		return shortName;
+	}
+
+	public void setShortName(String shortName) {
+		this.shortName = shortName;
+	}
+
+	public String getGroupName() {
+		return groupName;
+	}
+
+	public void setGroupName(String groupName) {
+		this.groupName = groupName;
+	}
+
+	public Long getParentProjectId() {
+		return parentProjectId;
+	}
+
+	public void setParentProjectId(Long parentProjectId) {
+		this.parentProjectId = parentProjectId;
+	}
+
+	public Set<Long> getChildProjects() {
+		return childProjects;
+	}
+
+	public void setChildProjects(Set<Long> childProjects) {
+		this.childProjects = childProjects;
+	}
+
+	public String getDescription() {
+		return description;
+	}
+
+	public void setDescription(String description) {
+		this.description = description;
+	}
+
+	public String getShortDescription() {
+		return shortDescription;
+	}
+
+	public void setShortDescription(String shortDescription) {
+		this.shortDescription = shortDescription;
+	}
+
+	public Boolean getSubProjectsAllowed() {
+		return subProjectsAllowed;
+	}
+
+	public void setSubProjectsAllowed(Boolean subProjectsAllowed) {
+		this.subProjectsAllowed = subProjectsAllowed;
+	}
+
+	public Boolean getPublished() {
+		return published;
+	}
+
+	public void setPublished(Boolean published) {
+		this.published = published;
+	}
+
+	public Boolean getApproved() {
+		return approved;
+	}
+
+	public void setApproved(Boolean approved) {
+		this.approved = approved;
+	}
+
+	public String getAttributePrefix() {
+		return attributePrefix;
+	}
+
+	public void setAttributePrefix(String attributePrefix) {
+		this.attributePrefix = attributePrefix;
+	}
+
+	public String getAttributeName() {
+		return attributeName;
+	}
+
+	public void setAttributeName(String attributeName) {
+		this.attributeName = attributeName;
+	}
+
+	public ProjectStatus getProjectStatus() {
+		return projectStatus;
+	}
+
+	public void setProjectStatus(ProjectStatus projectStatus) {
+		this.projectStatus = projectStatus;
+	}	
+	
+}
diff --git a/bwreg-service/src/main/java/edu/kit/scc/webreg/dto/mapper/ProjectEntityMapper.java b/bwreg-service/src/main/java/edu/kit/scc/webreg/dto/mapper/ProjectEntityMapper.java
new file mode 100644
index 000000000..0a2125b88
--- /dev/null
+++ b/bwreg-service/src/main/java/edu/kit/scc/webreg/dto/mapper/ProjectEntityMapper.java
@@ -0,0 +1,35 @@
+package edu.kit.scc.webreg.dto.mapper;
+
+import java.util.HashSet;
+
+import edu.kit.scc.webreg.dto.entity.ProjectEntityDto;
+import edu.kit.scc.webreg.entity.project.ProjectEntity;
+import jakarta.enterprise.context.ApplicationScoped;
+
+@ApplicationScoped
+public class ProjectEntityMapper extends AbstractBaseEntityMapper<ProjectEntity, ProjectEntityDto> {
+
+	private static final long serialVersionUID = 1L;
+
+	@Override
+	protected void copyAllProperties(ProjectEntity fromBaseEntity, ProjectEntityDto toDtoEntity) {
+
+		if (fromBaseEntity.getParentProject() != null)
+			toDtoEntity.setParentProjectId(fromBaseEntity.getParentProject().getId());
+		if (fromBaseEntity.getChildProjects() != null)
+			toDtoEntity.setChildProjects(
+					new HashSet<Long>(fromBaseEntity.getChildProjects().stream().map(p -> p.getId()).toList()));
+	}
+
+	@Override
+	public Class<ProjectEntityDto> getEntityDtoClass() {
+		return ProjectEntityDto.class;
+	}
+
+	@Override
+	protected String[] getPropertiesToCopy() {
+		return new String[] { "name", "shortName", "groupName", "description", "shortDescription", "subProjectsAllowed",
+				"published", "approved", "attributePrefix", "attributeName", "projectStatus" };
+	}
+
+}
diff --git a/bwreg-service/src/main/java/edu/kit/scc/webreg/dto/service/ProjectDtoService.java b/bwreg-service/src/main/java/edu/kit/scc/webreg/dto/service/ProjectDtoService.java
new file mode 100644
index 000000000..0e07064f7
--- /dev/null
+++ b/bwreg-service/src/main/java/edu/kit/scc/webreg/dto/service/ProjectDtoService.java
@@ -0,0 +1,49 @@
+package edu.kit.scc.webreg.dto.service;
+
+import java.util.ArrayList;
+import java.util.List;
+
+import edu.kit.scc.webreg.dao.BaseDao;
+import edu.kit.scc.webreg.dao.project.ProjectDao;
+import edu.kit.scc.webreg.dto.entity.ProjectEntityDto;
+import edu.kit.scc.webreg.dto.mapper.BaseEntityMapper;
+import edu.kit.scc.webreg.dto.mapper.ProjectEntityMapper;
+import edu.kit.scc.webreg.entity.ServiceEntity;
+import edu.kit.scc.webreg.entity.project.ProjectEntity;
+import edu.kit.scc.webreg.entity.project.ProjectServiceEntity;
+import jakarta.ejb.Stateless;
+import jakarta.inject.Inject;
+
+@Stateless
+public class ProjectDtoService extends BaseDtoServiceImpl<ProjectEntity, ProjectEntityDto> {
+
+	private static final long serialVersionUID = 1L;
+
+	@Inject
+	private ProjectEntityMapper mapper;
+	
+	@Inject
+	private ProjectDao dao;
+	
+	public List<ProjectEntityDto> findByService(ServiceEntity service) {
+		List<ProjectServiceEntity> projectList = dao.findAllByService(service);
+		List<ProjectEntityDto> dtoList = new ArrayList<ProjectEntityDto>(projectList.size());
+		for (ProjectServiceEntity p : projectList) {
+			ProjectEntityDto dto = createNewDto();
+			mapper.copyProperties(p.getProject(), dto);
+			dtoList.add(dto);
+		}
+		return dtoList;
+	}
+	
+	@Override
+	protected BaseEntityMapper<ProjectEntity, ProjectEntityDto> getMapper() {
+		return mapper;
+	}
+
+	@Override
+	protected BaseDao<ProjectEntity> getDao() {
+		return dao;
+	}
+
+}
diff --git a/bwreg-service/src/main/java/edu/kit/scc/webreg/service/saml/SamlIdpServiceImpl.java b/bwreg-service/src/main/java/edu/kit/scc/webreg/service/saml/SamlIdpServiceImpl.java
index f6cec3252..fa695395a 100644
--- a/bwreg-service/src/main/java/edu/kit/scc/webreg/service/saml/SamlIdpServiceImpl.java
+++ b/bwreg-service/src/main/java/edu/kit/scc/webreg/service/saml/SamlIdpServiceImpl.java
@@ -266,6 +266,7 @@ public class SamlIdpServiceImpl implements SamlIdpService {
 					} else {
 						/*
 						 * There is no service set for this sp idp connection
+						 * TODO Check for authorization 
 						 */
 						filteredServiceSamlSpEntityList.add(serviceSamlSpEntity);
 					}
@@ -604,6 +605,9 @@ public class SamlIdpServiceImpl implements SamlIdpService {
 	}
 
 	private List<Object> checkRules(UserEntity user, ServiceEntity service, RegistryEntity registry) {
+		/*
+		 * TODO Also check script access rule? 
+		 */
 		return knowledgeSessionService.checkServiceAccessRule(user, service, registry, "user-self", false);
 	}
 
diff --git a/bwreg-webapp/src/main/java/edu/kit/scc/webreg/rest/JaxRsApplicationActivator.java b/bwreg-webapp/src/main/java/edu/kit/scc/webreg/rest/JaxRsApplicationActivator.java
index 9a6f3b42a..784371c89 100644
--- a/bwreg-webapp/src/main/java/edu/kit/scc/webreg/rest/JaxRsApplicationActivator.java
+++ b/bwreg-webapp/src/main/java/edu/kit/scc/webreg/rest/JaxRsApplicationActivator.java
@@ -55,6 +55,7 @@ public class JaxRsApplicationActivator extends Application {
 	        resources.add(UserController.class);
 	        resources.add(SshKeyController.class);
 	        resources.add(OtpController.class);
+	        resources.add(ProjectServiceAdminController.class);
 
 	        // Exceptions
 	        resources.add(AssertionExceptionMapper.class);
diff --git a/bwreg-webapp/src/main/java/edu/kit/scc/webreg/rest/ProjectServiceAdminController.java b/bwreg-webapp/src/main/java/edu/kit/scc/webreg/rest/ProjectServiceAdminController.java
new file mode 100644
index 000000000..5a525bade
--- /dev/null
+++ b/bwreg-webapp/src/main/java/edu/kit/scc/webreg/rest/ProjectServiceAdminController.java
@@ -0,0 +1,97 @@
+/*******************************************************************************
+ * Copyright (c) 2014 Michael Simon.
+ * All rights reserved. This program and the accompanying materials
+ * are made available under the terms of the GNU Public License v3.0
+ * which accompanies this distribution, and is available at
+ * http://www.gnu.org/licenses/gpl.html
+ * 
+ * Contributors:
+ *     Michael Simon - initial
+ ******************************************************************************/
+package edu.kit.scc.webreg.rest;
+
+import java.util.List;
+
+import org.slf4j.Logger;
+
+import edu.kit.scc.webreg.drools.exc.UnauthorizedException;
+import edu.kit.scc.webreg.dto.entity.ProjectEntityDto;
+import edu.kit.scc.webreg.dto.service.ProjectDtoService;
+import edu.kit.scc.webreg.entity.ServiceEntity;
+import edu.kit.scc.webreg.exc.NoItemFoundException;
+import edu.kit.scc.webreg.exc.RestInterfaceException;
+import edu.kit.scc.webreg.sec.SecurityFilter;
+import edu.kit.scc.webreg.service.RoleService;
+import edu.kit.scc.webreg.service.ServiceService;
+import jakarta.inject.Inject;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.ws.rs.GET;
+import jakarta.ws.rs.Path;
+import jakarta.ws.rs.PathParam;
+import jakarta.ws.rs.Produces;
+import jakarta.ws.rs.core.Context;
+
+@Path("/project-service-admin")
+public class ProjectServiceAdminController {
+
+	@Inject
+	private Logger logger;
+
+	@Inject
+	private RoleService roleService;
+
+	@Inject
+	private ServiceService serviceService;
+
+	@Inject
+	private ProjectDtoService projectDtoService;
+
+	@Path(value = "/find-all/{ssn}")
+	@Produces({ "application/json" })
+	@GET
+	public List<ProjectEntityDto> findAll(@PathParam("ssn") String ssn,
+			@Context HttpServletRequest request) throws RestInterfaceException {
+
+		ServiceEntity serviceEntity = serviceService.findByShortName(ssn);
+		if (serviceEntity == null)
+			throw new NoItemFoundException("No such service");
+
+		if (!checkAccess(request, serviceEntity.getProjectAdminRole().getName()))
+			throw new UnauthorizedException("No access");
+
+		List<ProjectEntityDto> projectList = projectDtoService.findByService(serviceEntity);
+
+		return projectList;
+	}
+
+	protected Boolean checkAccess(HttpServletRequest request, String roleName) {
+		Boolean check;
+
+		if (request.getAttribute(SecurityFilter.IDENTITY_ID) != null
+				&& request.getAttribute(SecurityFilter.IDENTITY_ID) instanceof Long) {
+			Long identityId = (Long) request.getAttribute(SecurityFilter.IDENTITY_ID);
+			check = roleService.checkIdentityInRole(identityId, roleName);
+		} else if (request.getAttribute(SecurityFilter.ADMIN_USER_ID) != null
+				&& request.getAttribute(SecurityFilter.ADMIN_USER_ID) instanceof Long) {
+			Long adminUserId = (Long) request.getAttribute(SecurityFilter.ADMIN_USER_ID);
+			check = roleService.checkAdminUserInRole(adminUserId, roleName);
+		} else {
+			check = Boolean.FALSE;
+		}
+
+		return check;
+	}
+
+	protected String resolveUsername(HttpServletRequest request) {
+		if (request.getAttribute(SecurityFilter.IDENTITY_ID) != null
+				&& request.getAttribute(SecurityFilter.IDENTITY_ID) instanceof Long) {
+			Long identityId = (Long) request.getAttribute(SecurityFilter.IDENTITY_ID);
+			return "identity-" + identityId;
+		} else if (request.getAttribute(SecurityFilter.ADMIN_USER_ID) != null
+				&& request.getAttribute(SecurityFilter.ADMIN_USER_ID) instanceof Long) {
+			Long adminUserId = (Long) request.getAttribute(SecurityFilter.ADMIN_USER_ID);
+			return "adminuser-" + adminUserId;
+		} else
+			return null;
+	}
+}
-- 
GitLab