BlacklistAPI.java

  1. /*******************************************************************************
  2.  * Copyright 2017 The MIT Internet Trust Consortium
  3.  *
  4.  * Portions copyright 2011-2013 The MITRE Corporation
  5.  *
  6.  * Licensed under the Apache License, Version 2.0 (the "License");
  7.  * you may not use this file except in compliance with the License.
  8.  * You may obtain a copy of the License at
  9.  *
  10.  *   http://www.apache.org/licenses/LICENSE-2.0
  11.  *
  12.  * Unless required by applicable law or agreed to in writing, software
  13.  * distributed under the License is distributed on an "AS IS" BASIS,
  14.  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  15.  * See the License for the specific language governing permissions and
  16.  * limitations under the License.
  17.  *******************************************************************************/
  18. /**
  19.  *
  20.  */
  21. package org.mitre.openid.connect.web;

  23. import java.security.Principal;
  24. import java.util.Collection;

  26. import org.mitre.openid.connect.model.BlacklistedSite;
  27. import org.mitre.openid.connect.service.BlacklistedSiteService;
  28. import org.mitre.openid.connect.view.HttpCodeView;
  29. import org.mitre.openid.connect.view.JsonEntityView;
  30. import org.mitre.openid.connect.view.JsonErrorView;
  31. import org.slf4j.Logger;
  32. import org.slf4j.LoggerFactory;
  33. import org.springframework.beans.factory.annotation.Autowired;
  34. import org.springframework.http.HttpStatus;
  35. import org.springframework.http.MediaType;
  36. import org.springframework.security.access.prepost.PreAuthorize;
  37. import org.springframework.stereotype.Controller;
  38. import org.springframework.ui.ModelMap;
  39. import org.springframework.web.bind.annotation.PathVariable;
  40. import org.springframework.web.bind.annotation.RequestBody;
  41. import org.springframework.web.bind.annotation.RequestMapping;
  42. import org.springframework.web.bind.annotation.RequestMethod;

  44. import com.google.gson.Gson;
  45. import com.google.gson.JsonObject;
  46. import com.google.gson.JsonParser;
  47. import com.google.gson.JsonSyntaxException;

  49. /**
  50.  * @author jricher
  51.  *
  52.  */
  53. @Controller
  54. @RequestMapping("/" + BlacklistAPI.URL)
  55. @PreAuthorize("hasRole('ROLE_ADMIN')")
  56. public class BlacklistAPI {

  58.     public static final String URL = RootController.API_URL + "/blacklist";

  60.     @Autowired
  61.     private BlacklistedSiteService blacklistService;

  63.     /**
  64.      * Logger for this class
  65.      */
  66.     private static final Logger logger = LoggerFactory.getLogger(BlacklistAPI.class);

  68.     private Gson gson = new Gson();
  69.     private JsonParser parser = new JsonParser();

  71.     /**
  72.      * Get a list of all blacklisted sites
  73.      * @param m
  74.      * @return
  75.      */
  76.     @RequestMapping(method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_VALUE)
  77.     public String getAllBlacklistedSites(ModelMap m) {

  79.         Collection<BlacklistedSite> all = blacklistService.getAll();

  81.         m.put(JsonEntityView.ENTITY, all);

  83.         return JsonEntityView.VIEWNAME;
  84.     }

  86.     /**
  87.      * Create a new blacklisted site
  88.      * @param jsonString
  89.      * @param m
  90.      * @param p
  91.      * @return
  92.      */
  93.     @RequestMapping(method = RequestMethod.POST, consumes = MediaType.APPLICATION_JSON_VALUE, produces = MediaType.APPLICATION_JSON_VALUE)
  94.     public String addNewBlacklistedSite(@RequestBody String jsonString, ModelMap m, Principal p) {

  96.         JsonObject json;

  98.         BlacklistedSite blacklist = null;

  100.         try {

  102.             json = parser.parse(jsonString).getAsJsonObject();
  103.             blacklist = gson.fromJson(json, BlacklistedSite.class);
  104.             BlacklistedSite newBlacklist = blacklistService.saveNew(blacklist);
  105.             m.put(JsonEntityView.ENTITY, newBlacklist);

  107.         }
  108.         catch (JsonSyntaxException e) {
  109.             logger.error("addNewBlacklistedSite failed due to JsonSyntaxException: ", e);
  110.             m.put(HttpCodeView.CODE, HttpStatus.BAD_REQUEST);
  111.             m.put(JsonErrorView.ERROR_MESSAGE, "Could not save new blacklisted site. The server encountered a JSON syntax exception. Contact a system administrator for assistance.");
  112.             return JsonErrorView.VIEWNAME;
  113.         } catch (IllegalStateException e) {
  114.             logger.error("addNewBlacklistedSite failed due to IllegalStateException", e);
  115.             m.put(HttpCodeView.CODE, HttpStatus.BAD_REQUEST);
  116.             m.put(JsonErrorView.ERROR_MESSAGE, "Could not save new blacklisted site. The server encountered an IllegalStateException. Refresh and try again - if the problem persists, contact a system administrator for assistance.");
  117.             return JsonErrorView.VIEWNAME;
  118.         }

  120.         return JsonEntityView.VIEWNAME;

  122.     }

  124.     /**
  125.      * Update an existing blacklisted site
  126.      */
  127.     @RequestMapping(value="/{id}", method = RequestMethod.PUT, consumes = MediaType.APPLICATION_JSON_VALUE, produces = MediaType.APPLICATION_JSON_VALUE)
  128.     public String updateBlacklistedSite(@PathVariable("id") Long id, @RequestBody String jsonString, ModelMap m, Principal p) {

  130.         JsonObject json;

  132.         BlacklistedSite blacklist = null;

  134.         try {

  136.             json = parser.parse(jsonString).getAsJsonObject();
  137.             blacklist = gson.fromJson(json, BlacklistedSite.class);

  139.         }
  140.         catch (JsonSyntaxException e) {
  141.             logger.error("updateBlacklistedSite failed due to JsonSyntaxException", e);
  142.             m.put(HttpCodeView.CODE, HttpStatus.BAD_REQUEST);
  143.             m.put(JsonErrorView.ERROR_MESSAGE, "Could not update blacklisted site. The server encountered a JSON syntax exception. Contact a system administrator for assistance.");
  144.             return JsonErrorView.VIEWNAME;
  145.         } catch (IllegalStateException e) {
  146.             logger.error("updateBlacklistedSite failed due to IllegalStateException", e);
  147.             m.put(HttpCodeView.CODE, HttpStatus.BAD_REQUEST);
  148.             m.put(JsonErrorView.ERROR_MESSAGE, "Could not update blacklisted site. The server encountered an IllegalStateException. Refresh and try again - if the problem persists, contact a system administrator for assistance.");
  149.             return JsonErrorView.VIEWNAME;
  150.         }


  153.         BlacklistedSite oldBlacklist = blacklistService.getById(id);

  155.         if (oldBlacklist == null) {
  156.             logger.error("updateBlacklistedSite failed; blacklist with id " + id + " could not be found");
  157.             m.put(HttpCodeView.CODE, HttpStatus.NOT_FOUND);
  158.             m.put(JsonErrorView.ERROR_MESSAGE, "Could not update blacklisted site. The requested blacklist with id " + id + "could not be found.");
  159.             return JsonErrorView.VIEWNAME;
  160.         } else {

  162.             BlacklistedSite newBlacklist = blacklistService.update(oldBlacklist, blacklist);

  164.             m.put(JsonEntityView.ENTITY, newBlacklist);

  166.             return JsonEntityView.VIEWNAME;
  167.         }
  168.     }

  170.     /**
  171.      * Delete a blacklisted site
  172.      *
  173.      */
  174.     @RequestMapping(value="/{id}", method = RequestMethod.DELETE)
  175.     public String deleteBlacklistedSite(@PathVariable("id") Long id, ModelMap m) {
  176.         BlacklistedSite blacklist = blacklistService.getById(id);

  178.         if (blacklist == null) {
  179.             logger.error("deleteBlacklistedSite failed; blacklist with id " + id + " could not be found");
  180.             m.put(JsonErrorView.ERROR_MESSAGE, "Could not delete bladklist. The requested bladklist with id " + id + " could not be found.");
  181.             return JsonErrorView.VIEWNAME;
  182.         } else {
  183.             m.put(HttpCodeView.CODE, HttpStatus.OK);
  184.             blacklistService.remove(blacklist);
  185.         }

  187.         return HttpCodeView.VIEWNAME;
  188.     }

  190.     /**
  191.      * Get a single blacklisted site
  192.      */
  193.     @RequestMapping(value="/{id}", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_VALUE)
  194.     public String getBlacklistedSite(@PathVariable("id") Long id, ModelMap m) {
  195.         BlacklistedSite blacklist = blacklistService.getById(id);
  196.         if (blacklist == null) {
  197.             logger.error("getBlacklistedSite failed; blacklist with id " + id + " could not be found");
  198.             m.put(HttpCodeView.CODE, HttpStatus.NOT_FOUND);
  199.             m.put(JsonErrorView.ERROR_MESSAGE, "Could not delete bladklist. The requested bladklist with id " + id + " could not be found.");
  200.             return JsonErrorView.VIEWNAME;
  201.         } else {

  203.             m.put(JsonEntityView.ENTITY, blacklist);

  205.             return JsonEntityView.VIEWNAME;
  206.         }

  208.     }

  210. }
Created with JaCoCo 0.7.9.201702052155