Add admin APIs for review management

feature/appm-store/pbac
lasanthaDLPDS 6 years ago
parent 569809b1de
commit e8743f001b

@ -1,4 +1,3 @@
package org.wso2.carbon.device.application.mgt.common;
/* Copyright (c) 2019, Entgra (Pvt) Ltd. (http://www.entgra.io) All Rights Reserved.
*
* Entgra (Pvt) Ltd. licenses this file to you under the Apache License,
@ -16,7 +15,7 @@ package org.wso2.carbon.device.application.mgt.common;
* under the License.
*/
package org.wso2.carbon.device.application.mgt.common;
import java.util.ArrayList;
import java.util.List;

@ -76,7 +76,7 @@ public interface ReviewManager {
* @return {@link ReviewTmp}updated reviewTmp
* @throws ReviewManagementException Exceptions of the reviewTmp management
*/
boolean updateReview(ReviewWrapper updatingReview, int reviewId, String uuid)
boolean updateReview(ReviewWrapper updatingReview, int reviewId, String uuid, boolean isPriviledgedUser)
throws ReviewManagementException, ApplicationManagementException;
/**

@ -228,7 +228,7 @@ public class ReviewManagerImpl implements ReviewManager {
}
@Override
public boolean updateReview(ReviewWrapper updatingReview, int reviewId, String uuid)
public boolean updateReview(ReviewWrapper updatingReview, int reviewId, String uuid, boolean isPriviledgedUser)
throws ReviewManagementException, ApplicationManagementException {
int tenantId = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId(true);
String username = PrivilegedCarbonContext.getThreadLocalCarbonContext().getUsername();
@ -252,7 +252,7 @@ public class ReviewManagerImpl implements ReviewManager {
throw new NotFoundException(msg);
}
if (!username.equals(reviewDTO.getUsername())) {
if (!isPriviledgedUser && !username.equals(reviewDTO.getUsername())) {
String msg = "You are trying to update a review which is created by " + reviewDTO.getUsername()
+ ". Hence you are not permitted to update the review.";
log.error(msg);

@ -0,0 +1,174 @@
/* Copyright (c) 2019, Entgra (Pvt) Ltd. (http://www.entgra.io) All Rights Reserved.
*
* Entgra (Pvt) Ltd. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.device.application.mgt.store.api.services.admin;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import io.swagger.annotations.ApiParam;
import io.swagger.annotations.ApiResponse;
import io.swagger.annotations.ApiResponses;
import io.swagger.annotations.Extension;
import io.swagger.annotations.ExtensionProperty;
import io.swagger.annotations.Info;
import io.swagger.annotations.SwaggerDefinition;
import io.swagger.annotations.Tag;
import org.wso2.carbon.apimgt.annotations.api.Scope;
import org.wso2.carbon.apimgt.annotations.api.Scopes;
import org.wso2.carbon.device.application.mgt.common.ErrorResponse;
import org.wso2.carbon.device.application.mgt.common.ReviewTmp;
import org.wso2.carbon.device.application.mgt.common.wrapper.ReviewWrapper;
import javax.validation.Valid;
import javax.ws.rs.Consumes;
import javax.ws.rs.DELETE;
import javax.ws.rs.PUT;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
/**
* APIs to handle review management related tasks.
*/
@SwaggerDefinition(
info = @Info(
version = "1.0.0",
title = "Store Management Admin Service",
extensions = {
@Extension(properties = {
@ExtensionProperty(name = "name", value = "ReviewManagementAdminService"),
@ExtensionProperty(name = "context", value = "/api/application-mgt/v1.0/review"),
})
}
),
tags = {
@Tag(name = "review_management", description = "ReviewTmp Management related Admin APIs")
}
)
@Scopes(
scopes = {
@Scope(
name = "Update a Review",
description = "Update a Review from the application store.",
key = "perm:admin:app:review:update",
permissions = {"/app-mgt/store/admin/review/update"}
)
}
)
@Path("/admin/reviews")
@Api(value = "ReviewTmp Management")
@Produces(MediaType.APPLICATION_JSON)
public interface ReviewManagementAdminAPI {
String SCOPE = "scope";
@PUT
@Path("/{uuid}/{reviewId}")
@Produces(MediaType.APPLICATION_JSON)
@Consumes(MediaType.APPLICATION_JSON)
@ApiOperation(
consumes = MediaType.APPLICATION_JSON,
produces = MediaType.APPLICATION_JSON,
httpMethod = "PUT",
value = "Edit a reviewTmp",
notes = "This will edit the reviewTmp",
tags = "Store Management",
extensions = {
@Extension(properties = {
@ExtensionProperty(name = SCOPE, value = "perm:admin:app:review:update")
})
}
)
@ApiResponses(
value = {
@ApiResponse(
code = 200,
message = "OK. \n Successfully updated reviewTmp.",
response = ReviewTmp.class),
@ApiResponse(
code = 400,
message = "Bad Request. \n Invalid request or validation error."),
@ApiResponse(
code = 500,
message = "Internal Server Error. \n Error occurred while updating the new reviewTmp.",
response = ErrorResponse.class)
})
Response updateReview(
@ApiParam(
name = "reviewTmp",
value = "The reviewTmp that need to be updated.",
required = true)
@Valid ReviewWrapper updatingReview,
@ApiParam(
name = "uuid",
value = "uuid of the application release",
required = true)
@PathParam("uuid") String uuid,
@ApiParam(
name = "reviewId",
value = "reviewTmp id of the updating reviewTmp.",
required = true)
@PathParam("reviewId") int reviewId);
@DELETE
@Path("/{uuid}/{reviewId}")
@Produces(MediaType.APPLICATION_JSON)
@Consumes(MediaType.APPLICATION_JSON)
@ApiOperation(
consumes = MediaType.APPLICATION_JSON,
produces = MediaType.APPLICATION_JSON,
httpMethod = "DELETE",
value = "Remove comment",
notes = "Remove comment",
tags = "Store Management",
extensions = {
@Extension(properties = {
@ExtensionProperty(name = SCOPE, value = "perm:admin:app:review:update")
})
}
)
@ApiResponses(
value = {
@ApiResponse(
code = 200,
message = "OK. \n Successfully deleted the review"),
@ApiResponse(
code = 404,
message = "Not Found. \n No activity found with the given ID.",
response = ErrorResponse.class),
@ApiResponse(
code = 500,
message = "Internal Server Error. \n Error occurred while deleting the review.",
response = ErrorResponse.class)
})
Response deleteReview(
@ApiParam(
name = "uuid",
value = "UUID of the application release.",
required = true)
@PathParam("uuid") String uuid,
@ApiParam(name = "reviewId",
value = "Id of the review.",
required = true)
@PathParam("reviewId") int reviewId);
}

@ -170,7 +170,7 @@ public class ReviewManagementAPIImpl implements ReviewManagementAPI {
@PathParam("reviewId") int reviewId) {
ReviewManager reviewManager = APIUtil.getReviewManager();
try {
if (reviewManager.updateReview(updatingReview, reviewId, uuid)) {
if (reviewManager.updateReview(updatingReview, reviewId, uuid, false)) {
return Response.status(Response.Status.OK).entity(updatingReview).build();
} else {
String msg = "Review updating failed. Please contact the administrator";

@ -0,0 +1,103 @@
/* Copyright (c) 2019, Entgra (Pvt) Ltd. (http://www.entgra.io) All Rights Reserved.
*
* Entgra (Pvt) Ltd. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.device.application.mgt.store.api.services.impl.admin;
import io.swagger.annotations.ApiParam;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.device.application.mgt.common.exception.ApplicationManagementException;
import org.wso2.carbon.device.application.mgt.common.exception.ReviewDoesNotExistException;
import org.wso2.carbon.device.application.mgt.common.exception.ReviewManagementException;
import org.wso2.carbon.device.application.mgt.common.services.ReviewManager;
import org.wso2.carbon.device.application.mgt.common.wrapper.ReviewWrapper;
import org.wso2.carbon.device.application.mgt.core.exception.ForbiddenException;
import org.wso2.carbon.device.application.mgt.core.exception.NotFoundException;
import org.wso2.carbon.device.application.mgt.core.util.APIUtil;
import org.wso2.carbon.device.application.mgt.store.api.services.admin.ReviewManagementAdminAPI;
import javax.ws.rs.Consumes;
import javax.ws.rs.DELETE;
import javax.ws.rs.PUT;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.core.Response;
/**
* ReviewTmp Management related jax-rs APIs.
*/
@Path("/admin/reviews")
public class ReviewManagementAdminAPIImpl implements ReviewManagementAdminAPI {
private static Log log = LogFactory.getLog(ReviewManagementAdminAPIImpl.class);
@Override
@PUT
@Consumes("application/json")
@Path("/{uuid}/{reviewId}")
public Response updateReview(
@ApiParam ReviewWrapper updatingReview,
@PathParam("uuid") String uuid,
@PathParam("reviewId") int reviewId) {
ReviewManager reviewManager = APIUtil.getReviewManager();
try {
if (reviewManager.updateReview(updatingReview, reviewId, uuid, true)) {
return Response.status(Response.Status.OK).entity(updatingReview).build();
} else {
String msg = "Review updating failed. Please contact the administrator";
log.error(msg);
return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(msg).build();
}
} catch (ReviewManagementException e) {
String msg = "Error occurred while retrieving comments.";
log.error(msg, e);
return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(msg).build();
} catch (NotFoundException e) {
String msg = "Couldn't found application release data for UUID " + uuid + " or Review for review ID: " + reviewId;
log.error(msg, e);
return Response.status(Response.Status.NOT_FOUND).entity(msg).build();
} catch (ApplicationManagementException e) {
String msg = "Error occurred when getting application release data for application release UUID:." + uuid;
log.error(msg, e);
return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(msg).build(); }
}
@Override
@DELETE
@Path("/{uuid}/{reviewId}")
public Response deleteReview(
@PathParam("uuid") String uuid,
@PathParam("reviewId") int reviewId) {
ReviewManager reviewManager = APIUtil.getReviewManager();
try {
if (reviewManager.deleteReview(uuid, reviewId)) {
return Response.status(Response.Status.OK).entity("ReviewTmp is deleted successfully.").build();
} else {
return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity("ReviewTmp deleting is failed.")
.build();
}
} catch (ReviewManagementException e) {
String msg = "Error occurred while deleting the comment.";
log.error(msg, e);
return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(msg).build();
} catch (ReviewDoesNotExistException e) {
String msg = "Couldn't find a review for review-id: " + reviewId + " to delete.";
log.error(msg, e);
return Response.status(Response.Status.NOT_FOUND).entity(msg).build();
}
}
}
Loading…
Cancel
Save