/*
* Copyright (c) 2013, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.wso2.carbon.registry.rest.api;
import com.wordnik.swagger.annotations.Api;
import com.wordnik.swagger.annotations.ApiOperation;
import com.wordnik.swagger.annotations.ApiResponse;
import com.wordnik.swagger.annotations.ApiResponses;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.context.PrivilegedCarbonContext;
import org.wso2.carbon.registry.core.Registry;
import org.wso2.carbon.registry.core.exceptions.RegistryException;
import org.wso2.carbon.registry.rest.api.security.RestAPIAuthContext;
import org.wso2.carbon.registry.rest.api.security.RestAPISecurityUtils;
import javax.ws.rs.DELETE;
import javax.ws.rs.HeaderParam;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.Produces;
import javax.ws.rs.QueryParam;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
/**
* This class is to handle the association related REST verbs POST and DELETE.
*/
@Path("/association")
@Api(value = "/association",
description = "Rest api for doing operations on an association",
produces = MediaType.APPLICATION_JSON)
public class Association extends RegistryRestSuper {
private Log log = LogFactory.getLog(Association.class);
/**
* This method to add the association sent as query param in the request.
*
* @param sourcePath - path of the source resource.
* @param targetPath - path of the target resource.
* @return array of association model.HTTP 204 No Content.
*/
@POST
@Produces("application/json")
@ApiOperation(value = "Add an association between two resources",
httpMethod = "POST",
notes = "Add an association between two resources")
@ApiResponses(value = { @ApiResponse(code = 204, message = "Association added successfully"),
@ApiResponse(code = 401, message = "Invalid credentials provided"),
@ApiResponse(code = 404, message = "Specified resource not found"),
@ApiResponse(code = 500, message = "Internal server error occurred")})
public Response addAssociation(@QueryParam("path") String sourcePath,
@QueryParam("targetPath") String targetPath,
@QueryParam("type") String type,
@HeaderParam("X-JWT-Assertion") String JWTToken) {
PrivilegedCarbonContext carbonContext = PrivilegedCarbonContext.getThreadLocalCarbonContext();
RestAPIAuthContext authContext = RestAPISecurityUtils.getAuthContext(carbonContext, JWTToken);
if (!authContext.isAuthorized()) {
return Response.status(Response.Status.UNAUTHORIZED).build();
}
try {
Registry registry = getUserRegistry(authContext.getUserName(), authContext.getTenantId());
if (!registry.resourceExists(sourcePath)) {
return Response.status(Response.Status.NOT_FOUND).entity(
RestAPIConstants.RESOURCE_NOT_FOUND + sourcePath).build();
}
registry.addAssociation(sourcePath, targetPath, type);
return Response.status(Response.Status.NO_CONTENT).build();
} catch (RegistryException e) {
log.error("user is not allowed to delete association on the resource", e);
return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(e.getMessage()).build();
}
}
/**
* This method delete the association sent as query param in the request.
*
* @param sourcePath - path of the source resource.
* @param targetPath - path of the target resource.
* @return array of association model.HTTP 204 No Content.
*/
@DELETE
@Produces("application/json")
@ApiOperation(value = "Delete an association",
httpMethod = "DELETE",
notes = "Delete an association")
@ApiResponses(value = { @ApiResponse(code = 204, message = "Association deleted successfully"),
@ApiResponse(code = 401, message = "Invalid credentials provided"),
@ApiResponse(code = 404, message = "Specified resource not found"),
@ApiResponse(code = 500, message = "Internal server error occurred")})
public Response deleteAssociation(@QueryParam("path") String sourcePath,
@QueryParam("targetPath") String targetPath,
@QueryParam("type") String type,
@HeaderParam("X-JWT-Assertion") String JWTToken) {
PrivilegedCarbonContext carbonContext = PrivilegedCarbonContext.getThreadLocalCarbonContext();
RestAPIAuthContext authContext = RestAPISecurityUtils.getAuthContext(carbonContext, JWTToken);
if (!authContext.isAuthorized()) {
return Response.status(Response.Status.UNAUTHORIZED).build();
}
try {
Registry registry = getUserRegistry(authContext.getUserName(), authContext.getTenantId());
if (!registry.resourceExists(sourcePath)) {
return Response.status(Response.Status.NOT_FOUND).entity(
RestAPIConstants.RESOURCE_NOT_FOUND + sourcePath).build();
}
if (!registry.resourceExists(targetPath)) {
return Response.status(Response.Status.NOT_FOUND).entity(
RestAPIConstants.RESOURCE_NOT_FOUND + targetPath).build();
}
registry.removeAssociation(sourcePath, targetPath, type);
return Response.status(Response.Status.NO_CONTENT).build();
} catch (RegistryException e) {
log.error("user is not allowed to delete association on the resource", e);
return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(e.getMessage()).build();
}
}
}