Source Code of com.streamreduce.rest.resource.AbstractResource

/*
 * Copyright 2012 Nodeable Inc
 *
 *    Licensed under the Apache License, Version 2.0 (the "License");
 *    you may not use this file except in compliance with the License.
 *    You may obtain a copy of the License at
 *
 *        http://www.apache.org/licenses/LICENSE-2.0
 *
 *    Unless required by applicable law or agreed to in writing, software
 *    distributed under the License is distributed on an "AS IS" BASIS,
 *    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 *    See the License for the specific language governing permissions and
 *    limitations under the License.
 */

package com.streamreduce.rest.resource;

import com.google.gson.Gson;
import com.streamreduce.core.ApplicationManager;
import com.streamreduce.core.model.Account;
import com.streamreduce.core.model.Role;
import com.streamreduce.core.model.SobaObject;
import com.streamreduce.core.model.User;
import com.streamreduce.core.service.SecurityService;
import com.streamreduce.rest.dto.response.AccountResponseDTO;
import com.streamreduce.rest.dto.response.RoleResponseDTO;
import com.streamreduce.rest.dto.response.SobaObjectResponseDTO;
import com.streamreduce.rest.dto.response.UserResponseDTO;
import com.streamreduce.security.Roles;

import java.lang.reflect.Type;
import java.util.ArrayList;
import java.util.HashSet;
import java.util.List;
import java.util.Set;

import javax.ws.rs.Produces;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.Response.ResponseBuilder;

import net.sf.json.JSONObject;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import org.springframework.util.StringUtils;

@Component
@Produces(MediaType.APPLICATION_JSON)
public abstract class AbstractResource {

    @Autowired
    protected ApplicationManager applicationManager;
    @Autowired
    public SecurityService securityService;

    public transient Logger logger = LoggerFactory.getLogger(getClass());

    /**
     * Helper method to render error messages as the Http Response Entity
     *
     * @param string  - the error message
     * @param builder ResponseBuilder
     * @return Http Response with the error string as the entity
     */
    public Response error(String string, ResponseBuilder builder) {
        return builder
                .entity(new ErrorMessage(string))
                .build();
    }

    /**
     * Helper method to render error messages with a valid http status code. There is not entity value set.
     *
     * @param status - a valid http Response.Status code
     * @return Http Response with the error string as the entity
     */
    public Response error(Response.Status status) {
        return Response
                .status(status)
                .build();
    }

    protected boolean isEmpty(String s) {
        return !StringUtils.hasText(s);
    }

    // object or string helper
    protected boolean isNullOrEmpty(Object o) {
        if (o instanceof String) {
            return isEmpty((String) o);
        }
        return o == null;
    }

    protected String getJSON(JSONObject json, String value) {
        if (json == null) {
            return null;
        }
        return json.containsKey(value) ? json.getString(value).trim() : null;
    }

    protected  <T> T getJSON(JSONObject json, String value, Class<T> classOfT) {
        if (json == null) {
            return null;
        }
        if(json.containsKey(value)) {
            return new Gson().fromJson(json.getString(value).trim(),(Type) classOfT);
        }
        return null;
    }

    /**
     * Helper method that can be used as a security check.
     * Tests if the current logged in user has the same Id as the User object passed in the method param
     *
     * @param user - the User object to test against
     * @return true if it matches, false if not
     */
    protected boolean isOwner(User user) {
        User currentUser = securityService.getCurrentUser();
        return (user.getId().equals(currentUser.getId()));
    }

    /**
     * Helper method that can be used as a security check.
     * Tests if the current logged in user is the Owner or Account Admin
     *
     * @param user    - the User object to test against
     * @param account - the Account object to test against
     * @return true if it matches, false if not
     */
    protected boolean isOwnerOrAdmin(User user, Account account) {
        return (isOwner(user) ||
                (user.getAccount().getId().equals(account.getId()) &&
                        securityService.hasRole(Roles.ADMIN_ROLE)));
    }

    /**
     * Helper method that can be used as a security check. You can test if the current logged in user is in the account
     * you are passing as a param
     *
     * @param account - the account to test to see if the User is in.
     * @return - true if they are, false if they are not
     */
    protected boolean isInAccount(Account account) {
        User currentUser = securityService.getCurrentUser();
        return account.getId().equals(currentUser.getAccount().getId());
    }

    protected <T extends SobaObjectResponseDTO> T toBaseDTO(SobaObject sobaObject, T dto) {
        dto.setAccountId(sobaObject.getAccount().getId());
        dto.setAlias(sobaObject.getAlias());
        dto.setDescription(sobaObject.getDescription());
        dto.setHashtags(sobaObject.getHashtags());
        dto.setUserId(sobaObject.getUser().getId());
        dto.setCreated(sobaObject.getCreated());
        dto.setId(sobaObject.getId());
        dto.setModified(sobaObject.getModified());
        dto.setVisibility(sobaObject.getVisibility());
        dto.setVersion(sobaObject.getVersion());
        return dto;
    }

    protected RoleResponseDTO toDTO(Role role) {
        RoleResponseDTO dto = new RoleResponseDTO();
        dto.setDescription(role.getDescription());
        dto.setName(role.getName());
        dto.setPermissions(role.getPermissions());
        dto.setId(role.getId());
        return dto;
    }

    protected AccountResponseDTO toDTO(Account account) {
        AccountResponseDTO dto = new AccountResponseDTO();
//        dto.setBillingAddress(account.getBillingAddress());
        dto.setDescription(account.getDescription());
        dto.setFuid(account.getFuid());
        dto.setName(account.getName());
        dto.setUrl(account.getUrl());
        dto.setId(account.getId());
        return dto;
    }

    protected List<UserResponseDTO> toFullDTO(List<User> users) {
        List<UserResponseDTO> allUsers = new ArrayList<>();
        for (User user : users) {
            allUsers.add(toFullDTO(user));
        }
        return allUsers;
    }

    protected UserResponseDTO toFullDTO(User user) {
        UserResponseDTO dto = new UserResponseDTO();

        toBaseDTO(user, dto);

        dto.setAccountOriginator(user.isAccountOriginator());
        dto.setFullname(user.getFullname());
        Set<RoleResponseDTO> rolesDTOs = new HashSet<>();
        for (Role role : user.getRoles()) {
            rolesDTOs.add(toDTO(role));
        }
        dto.setRoles(rolesDTOs);
        dto.setStatus(user.getUserStatus());
        dto.setUserConfig(user.getConfig());
        dto.setUsername(user.getUsername());
        return dto;
    }


}