use of com.salesmanager.shop.store.api.exception.UnauthorizedException in project shopizer by shopizer-ecommerce.
the class ProductApi method removeProductFromCategory.
@ResponseStatus(HttpStatus.OK)
@RequestMapping(value = { "/private/product/{productId}/category/{categoryId}", "/auth/product/{productId}/category/{categoryId}" }, method = RequestMethod.DELETE)
@ApiImplicitParams({ @ApiImplicitParam(name = "store", dataType = "String", defaultValue = "DEFAULT"), @ApiImplicitParam(name = "lang", dataType = "String", defaultValue = "en") })
@ResponseBody
public ReadableProduct removeProductFromCategory(@PathVariable Long productId, @PathVariable Long categoryId, @ApiIgnore MerchantStore merchantStore, @ApiIgnore Language language, HttpServletResponse response) {
try {
Product product = productService.getById(productId);
if (product == null) {
throw new ResourceNotFoundException("Product id [" + productId + "] is not found");
}
if (product.getMerchantStore().getId().intValue() != merchantStore.getId().intValue()) {
throw new UnauthorizedException("Product id [" + productId + "] does not belong to store [" + merchantStore.getCode() + "]");
}
Category category = categoryService.getById(categoryId);
if (category == null) {
throw new ResourceNotFoundException("Category id [" + categoryId + "] is not found");
}
if (category.getMerchantStore().getId().intValue() != merchantStore.getId().intValue()) {
throw new UnauthorizedException("Category id [" + categoryId + "] does not belong to store [" + merchantStore.getCode() + "]");
}
return productCommonFacade.removeProductFromCategory(category, product, language);
} catch (Exception e) {
LOGGER.error("Error while removing product from category", e);
try {
response.sendError(503, "Error while removing product from category " + e.getMessage());
} catch (Exception ignore) {
}
return null;
}
}
use of com.salesmanager.shop.store.api.exception.UnauthorizedException in project shopizer by shopizer-ecommerce.
the class MerchantStoreApi method get.
@ResponseStatus(HttpStatus.OK)
@GetMapping(value = { "/private/stores" }, produces = MediaType.APPLICATION_JSON_VALUE)
@ApiOperation(httpMethod = "GET", value = "Get list of stores. Returns all retailers and stores. If superadmin everything is returned, else only retailer and child stores.", notes = "", response = ReadableMerchantStore.class)
@ApiImplicitParams({ @ApiImplicitParam(name = "lang", dataType = "String", defaultValue = "en") })
public ReadableMerchantStoreList get(@ApiIgnore MerchantStore merchantStore, @ApiIgnore Language language, @RequestParam(value = "page", required = false, defaultValue = "0") Integer page, @RequestParam(value = "count", required = false, defaultValue = "10") Integer count, HttpServletRequest request) {
String authenticatedUser = userFacade.authenticatedUser();
if (authenticatedUser == null) {
throw new UnauthorizedException();
}
// requires superadmin, admin and admin retail to see all
userFacade.authorizedGroup(authenticatedUser, Stream.of(Constants.GROUP_SUPERADMIN, Constants.GROUP_ADMIN, Constants.GROUP_ADMIN_RETAIL).collect(Collectors.toList()));
MerchantStoreCriteria criteria = createMerchantStoreCriteria(request);
if (userFacade.userInRoles(authenticatedUser, Arrays.asList(Constants.GROUP_SUPERADMIN))) {
criteria.setStoreCode(null);
} else {
criteria.setStoreCode(merchantStore.getCode());
}
// return storeFacade.findAll(criteria, language, page, count);
ReadableMerchantStoreList readable = storeFacade.findAll(criteria, language, page, count);
return readable;
}
use of com.salesmanager.shop.store.api.exception.UnauthorizedException in project shopizer by shopizer-ecommerce.
the class ProductImageApi method uploadImage.
/**
* To be used with MultipartFile
*
* @param id
* @param uploadfiles
* @param request
* @param response
* @throws Exception
*/
@ResponseStatus(HttpStatus.CREATED)
@RequestMapping(value = { "/private/products/{id}/images", "/auth/products/{id}/images" }, consumes = { MediaType.MULTIPART_FORM_DATA_VALUE }, method = RequestMethod.POST)
@ApiImplicitParams({ @ApiImplicitParam(name = "store", dataType = "String", defaultValue = "DEFAULT"), @ApiImplicitParam(name = "lang", dataType = "String", defaultValue = "en") })
public void uploadImage(@PathVariable Long id, @RequestParam(value = "file", required = true) MultipartFile[] files, @RequestParam(value = "order", required = false, defaultValue = "0") Integer position, @ApiIgnore MerchantStore merchantStore, @ApiIgnore Language language) throws IOException {
try {
// get the product
Product product = productService.getById(id);
if (product == null) {
throw new ResourceNotFoundException("Product not found");
}
// product belongs to merchant store
if (product.getMerchantStore().getId().intValue() != merchantStore.getId().intValue()) {
throw new UnauthorizedException("Resource not authorized for this merchant");
}
boolean hasDefaultImage = false;
Set<ProductImage> images = product.getImages();
if (!CollectionUtils.isEmpty(images)) {
for (ProductImage image : images) {
if (image.isDefaultImage()) {
hasDefaultImage = true;
break;
}
}
}
List<ProductImage> contentImagesList = new ArrayList<ProductImage>();
int sortOrder = position;
for (MultipartFile multipartFile : files) {
if (!multipartFile.isEmpty()) {
ProductImage productImage = new ProductImage();
productImage.setImage(multipartFile.getInputStream());
productImage.setProductImage(multipartFile.getOriginalFilename());
productImage.setProduct(product);
if (!hasDefaultImage) {
productImage.setDefaultImage(true);
hasDefaultImage = true;
}
productImage.setSortOrder(sortOrder);
position++;
contentImagesList.add(productImage);
}
}
if (CollectionUtils.isNotEmpty(contentImagesList)) {
productImageService.addProductImages(product, contentImagesList);
}
} catch (Exception e) {
LOGGER.error("Error while creating ProductImage", e);
throw new ServiceRuntimeException("Error while creating image");
}
}
use of com.salesmanager.shop.store.api.exception.UnauthorizedException in project shopizer by shopizer-ecommerce.
the class UserApi method list.
@ResponseStatus(HttpStatus.OK)
@GetMapping(value = { "/private/users" }, produces = MediaType.APPLICATION_JSON_VALUE)
@ApiOperation(httpMethod = "GET", value = "Get list of user", notes = "", response = ReadableUserList.class)
@ApiImplicitParams({ @ApiImplicitParam(name = "store", dataType = "String", defaultValue = "DEFAULT"), @ApiImplicitParam(name = "lang", dataType = "String", defaultValue = "en") })
public ReadableUserList list(@ApiIgnore MerchantStore merchantStore, @ApiIgnore Language language, @RequestParam(value = "page", required = false, defaultValue = "0") Integer page, @RequestParam(value = "count", required = false, defaultValue = "20") Integer count, @RequestParam(value = "emailAddress", required = false) String emailAddress) {
String authenticatedUser = userFacade.authenticatedUser();
if (authenticatedUser == null) {
throw new UnauthorizedException();
}
UserCriteria criteria = new UserCriteria();
if (!StringUtils.isBlank(emailAddress)) {
criteria.setAdminEmail(emailAddress);
}
criteria.setStoreCode(merchantStore.getCode());
if (!userFacade.userInRoles(authenticatedUser, Arrays.asList(Constants.GROUP_SUPERADMIN))) {
if (!userFacade.authorizedStore(authenticatedUser, merchantStore.getCode())) {
throw new UnauthorizedException("Operation unauthorized for user [" + authenticatedUser + "] and store [" + merchantStore + "]");
}
}
userFacade.authorizedGroup(authenticatedUser, Stream.of(Constants.GROUP_SUPERADMIN, Constants.GROUP_ADMIN, Constants.GROUP_ADMIN_RETAIL).collect(Collectors.toList()));
return userFacade.listByCriteria(criteria, page, count, language);
}
use of com.salesmanager.shop.store.api.exception.UnauthorizedException in project shopizer by shopizer-ecommerce.
the class ProductInstanceApi method exists.
@ResponseStatus(HttpStatus.OK)
@GetMapping(value = { "/private/product/{id}/instance/{sku}/unique" }, produces = MediaType.APPLICATION_JSON_VALUE)
@ApiImplicitParams({ @ApiImplicitParam(name = "store", dataType = "string", defaultValue = "DEFAULT"), @ApiImplicitParam(name = "lang", dataType = "string", defaultValue = "en") })
@ApiOperation(httpMethod = "GET", value = "Check if option set code already exists", notes = "", response = EntityExists.class)
@ResponseBody
public ResponseEntity<EntityExists> exists(@PathVariable Long id, @RequestParam(value = "code") String sku, @ApiIgnore MerchantStore merchantStore, @ApiIgnore Language language) {
String authenticatedUser = userFacade.authenticatedUser();
if (authenticatedUser == null) {
throw new UnauthorizedException();
}
userFacade.authorizedGroup(authenticatedUser, Stream.of(Constants.GROUP_SUPERADMIN, Constants.GROUP_ADMIN, Constants.GROUP_ADMIN_CATALOGUE, Constants.GROUP_ADMIN_RETAIL).collect(Collectors.toList()));
boolean exist = productInstanceFacade.exists(sku, merchantStore, id, language);
return new ResponseEntity<EntityExists>(new EntityExists(exist), HttpStatus.OK);
}
Aggregations