Search in sources :

Example 6 with UnauthorizedException

use of com.salesmanager.shop.store.api.exception.UnauthorizedException in project shopizer by shopizer-ecommerce.

the class ProductApi method removeProductFromCategory.

@ResponseStatus(HttpStatus.OK)
@RequestMapping(value = { "/private/product/{productId}/category/{categoryId}", "/auth/product/{productId}/category/{categoryId}" }, method = RequestMethod.DELETE)
@ApiImplicitParams({ @ApiImplicitParam(name = "store", dataType = "String", defaultValue = "DEFAULT"), @ApiImplicitParam(name = "lang", dataType = "String", defaultValue = "en") })
@ResponseBody
public ReadableProduct removeProductFromCategory(@PathVariable Long productId, @PathVariable Long categoryId, @ApiIgnore MerchantStore merchantStore, @ApiIgnore Language language, HttpServletResponse response) {
    try {
        Product product = productService.getById(productId);
        if (product == null) {
            throw new ResourceNotFoundException("Product id [" + productId + "] is not found");
        }
        if (product.getMerchantStore().getId().intValue() != merchantStore.getId().intValue()) {
            throw new UnauthorizedException("Product id [" + productId + "] does not belong to store [" + merchantStore.getCode() + "]");
        }
        Category category = categoryService.getById(categoryId);
        if (category == null) {
            throw new ResourceNotFoundException("Category id [" + categoryId + "] is not found");
        }
        if (category.getMerchantStore().getId().intValue() != merchantStore.getId().intValue()) {
            throw new UnauthorizedException("Category id [" + categoryId + "] does not belong to store [" + merchantStore.getCode() + "]");
        }
        return productCommonFacade.removeProductFromCategory(category, product, language);
    } catch (Exception e) {
        LOGGER.error("Error while removing product from category", e);
        try {
            response.sendError(503, "Error while removing product from category " + e.getMessage());
        } catch (Exception ignore) {
        }
        return null;
    }
}
Also used : Category(com.salesmanager.core.model.catalog.category.Category) UnauthorizedException(com.salesmanager.shop.store.api.exception.UnauthorizedException) PersistableProduct(com.salesmanager.shop.model.catalog.product.PersistableProduct) ReadableProduct(com.salesmanager.shop.model.catalog.product.ReadableProduct) Product(com.salesmanager.core.model.catalog.product.Product) LightPersistableProduct(com.salesmanager.shop.model.catalog.product.LightPersistableProduct) ResourceNotFoundException(com.salesmanager.shop.store.api.exception.ResourceNotFoundException) ServiceRuntimeException(com.salesmanager.shop.store.api.exception.ServiceRuntimeException) ResourceNotFoundException(com.salesmanager.shop.store.api.exception.ResourceNotFoundException) IOException(java.io.IOException) UnauthorizedException(com.salesmanager.shop.store.api.exception.UnauthorizedException) ApiImplicitParams(io.swagger.annotations.ApiImplicitParams) ResponseStatus(org.springframework.web.bind.annotation.ResponseStatus) RequestMapping(org.springframework.web.bind.annotation.RequestMapping) ResponseBody(org.springframework.web.bind.annotation.ResponseBody)

Example 7 with UnauthorizedException

use of com.salesmanager.shop.store.api.exception.UnauthorizedException in project shopizer by shopizer-ecommerce.

the class MerchantStoreApi method get.

@ResponseStatus(HttpStatus.OK)
@GetMapping(value = { "/private/stores" }, produces = MediaType.APPLICATION_JSON_VALUE)
@ApiOperation(httpMethod = "GET", value = "Get list of stores. Returns all retailers and stores. If superadmin everything is returned, else only retailer and child stores.", notes = "", response = ReadableMerchantStore.class)
@ApiImplicitParams({ @ApiImplicitParam(name = "lang", dataType = "String", defaultValue = "en") })
public ReadableMerchantStoreList get(@ApiIgnore MerchantStore merchantStore, @ApiIgnore Language language, @RequestParam(value = "page", required = false, defaultValue = "0") Integer page, @RequestParam(value = "count", required = false, defaultValue = "10") Integer count, HttpServletRequest request) {
    String authenticatedUser = userFacade.authenticatedUser();
    if (authenticatedUser == null) {
        throw new UnauthorizedException();
    }
    // requires superadmin, admin and admin retail to see all
    userFacade.authorizedGroup(authenticatedUser, Stream.of(Constants.GROUP_SUPERADMIN, Constants.GROUP_ADMIN, Constants.GROUP_ADMIN_RETAIL).collect(Collectors.toList()));
    MerchantStoreCriteria criteria = createMerchantStoreCriteria(request);
    if (userFacade.userInRoles(authenticatedUser, Arrays.asList(Constants.GROUP_SUPERADMIN))) {
        criteria.setStoreCode(null);
    } else {
        criteria.setStoreCode(merchantStore.getCode());
    }
    // return storeFacade.findAll(criteria, language, page, count);
    ReadableMerchantStoreList readable = storeFacade.findAll(criteria, language, page, count);
    return readable;
}
Also used : ReadableMerchantStoreList(com.salesmanager.shop.model.store.ReadableMerchantStoreList) MerchantStoreCriteria(com.salesmanager.core.model.merchant.MerchantStoreCriteria) UnauthorizedException(com.salesmanager.shop.store.api.exception.UnauthorizedException) GetMapping(org.springframework.web.bind.annotation.GetMapping) ApiImplicitParams(io.swagger.annotations.ApiImplicitParams) ResponseStatus(org.springframework.web.bind.annotation.ResponseStatus) ApiOperation(io.swagger.annotations.ApiOperation)

Example 8 with UnauthorizedException

use of com.salesmanager.shop.store.api.exception.UnauthorizedException in project shopizer by shopizer-ecommerce.

the class ProductImageApi method uploadImage.

/**
 * To be used with MultipartFile
 *
 * @param id
 * @param uploadfiles
 * @param request
 * @param response
 * @throws Exception
 */
@ResponseStatus(HttpStatus.CREATED)
@RequestMapping(value = { "/private/products/{id}/images", "/auth/products/{id}/images" }, consumes = { MediaType.MULTIPART_FORM_DATA_VALUE }, method = RequestMethod.POST)
@ApiImplicitParams({ @ApiImplicitParam(name = "store", dataType = "String", defaultValue = "DEFAULT"), @ApiImplicitParam(name = "lang", dataType = "String", defaultValue = "en") })
public void uploadImage(@PathVariable Long id, @RequestParam(value = "file", required = true) MultipartFile[] files, @RequestParam(value = "order", required = false, defaultValue = "0") Integer position, @ApiIgnore MerchantStore merchantStore, @ApiIgnore Language language) throws IOException {
    try {
        // get the product
        Product product = productService.getById(id);
        if (product == null) {
            throw new ResourceNotFoundException("Product not found");
        }
        // product belongs to merchant store
        if (product.getMerchantStore().getId().intValue() != merchantStore.getId().intValue()) {
            throw new UnauthorizedException("Resource not authorized for this merchant");
        }
        boolean hasDefaultImage = false;
        Set<ProductImage> images = product.getImages();
        if (!CollectionUtils.isEmpty(images)) {
            for (ProductImage image : images) {
                if (image.isDefaultImage()) {
                    hasDefaultImage = true;
                    break;
                }
            }
        }
        List<ProductImage> contentImagesList = new ArrayList<ProductImage>();
        int sortOrder = position;
        for (MultipartFile multipartFile : files) {
            if (!multipartFile.isEmpty()) {
                ProductImage productImage = new ProductImage();
                productImage.setImage(multipartFile.getInputStream());
                productImage.setProductImage(multipartFile.getOriginalFilename());
                productImage.setProduct(product);
                if (!hasDefaultImage) {
                    productImage.setDefaultImage(true);
                    hasDefaultImage = true;
                }
                productImage.setSortOrder(sortOrder);
                position++;
                contentImagesList.add(productImage);
            }
        }
        if (CollectionUtils.isNotEmpty(contentImagesList)) {
            productImageService.addProductImages(product, contentImagesList);
        }
    } catch (Exception e) {
        LOGGER.error("Error while creating ProductImage", e);
        throw new ServiceRuntimeException("Error while creating image");
    }
}
Also used : MultipartFile(org.springframework.web.multipart.MultipartFile) ProductImage(com.salesmanager.core.model.catalog.product.image.ProductImage) UnauthorizedException(com.salesmanager.shop.store.api.exception.UnauthorizedException) ArrayList(java.util.ArrayList) Product(com.salesmanager.core.model.catalog.product.Product) ResourceNotFoundException(com.salesmanager.shop.store.api.exception.ResourceNotFoundException) ResourceNotFoundException(com.salesmanager.shop.store.api.exception.ResourceNotFoundException) IOException(java.io.IOException) UnauthorizedException(com.salesmanager.shop.store.api.exception.UnauthorizedException) ServiceRuntimeException(com.salesmanager.shop.store.api.exception.ServiceRuntimeException) ServiceRuntimeException(com.salesmanager.shop.store.api.exception.ServiceRuntimeException) ApiImplicitParams(io.swagger.annotations.ApiImplicitParams) ResponseStatus(org.springframework.web.bind.annotation.ResponseStatus) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Example 9 with UnauthorizedException

use of com.salesmanager.shop.store.api.exception.UnauthorizedException in project shopizer by shopizer-ecommerce.

the class UserApi method list.

@ResponseStatus(HttpStatus.OK)
@GetMapping(value = { "/private/users" }, produces = MediaType.APPLICATION_JSON_VALUE)
@ApiOperation(httpMethod = "GET", value = "Get list of user", notes = "", response = ReadableUserList.class)
@ApiImplicitParams({ @ApiImplicitParam(name = "store", dataType = "String", defaultValue = "DEFAULT"), @ApiImplicitParam(name = "lang", dataType = "String", defaultValue = "en") })
public ReadableUserList list(@ApiIgnore MerchantStore merchantStore, @ApiIgnore Language language, @RequestParam(value = "page", required = false, defaultValue = "0") Integer page, @RequestParam(value = "count", required = false, defaultValue = "20") Integer count, @RequestParam(value = "emailAddress", required = false) String emailAddress) {
    String authenticatedUser = userFacade.authenticatedUser();
    if (authenticatedUser == null) {
        throw new UnauthorizedException();
    }
    UserCriteria criteria = new UserCriteria();
    if (!StringUtils.isBlank(emailAddress)) {
        criteria.setAdminEmail(emailAddress);
    }
    criteria.setStoreCode(merchantStore.getCode());
    if (!userFacade.userInRoles(authenticatedUser, Arrays.asList(Constants.GROUP_SUPERADMIN))) {
        if (!userFacade.authorizedStore(authenticatedUser, merchantStore.getCode())) {
            throw new UnauthorizedException("Operation unauthorized for user [" + authenticatedUser + "] and store [" + merchantStore + "]");
        }
    }
    userFacade.authorizedGroup(authenticatedUser, Stream.of(Constants.GROUP_SUPERADMIN, Constants.GROUP_ADMIN, Constants.GROUP_ADMIN_RETAIL).collect(Collectors.toList()));
    return userFacade.listByCriteria(criteria, page, count, language);
}
Also used : UserCriteria(com.salesmanager.core.model.user.UserCriteria) UnauthorizedException(com.salesmanager.shop.store.api.exception.UnauthorizedException) GetMapping(org.springframework.web.bind.annotation.GetMapping) ApiImplicitParams(io.swagger.annotations.ApiImplicitParams) ResponseStatus(org.springframework.web.bind.annotation.ResponseStatus) ApiOperation(io.swagger.annotations.ApiOperation)

Example 10 with UnauthorizedException

use of com.salesmanager.shop.store.api.exception.UnauthorizedException in project shopizer by shopizer-ecommerce.

the class ProductInstanceApi method exists.

@ResponseStatus(HttpStatus.OK)
@GetMapping(value = { "/private/product/{id}/instance/{sku}/unique" }, produces = MediaType.APPLICATION_JSON_VALUE)
@ApiImplicitParams({ @ApiImplicitParam(name = "store", dataType = "string", defaultValue = "DEFAULT"), @ApiImplicitParam(name = "lang", dataType = "string", defaultValue = "en") })
@ApiOperation(httpMethod = "GET", value = "Check if option set code already exists", notes = "", response = EntityExists.class)
@ResponseBody
public ResponseEntity<EntityExists> exists(@PathVariable Long id, @RequestParam(value = "code") String sku, @ApiIgnore MerchantStore merchantStore, @ApiIgnore Language language) {
    String authenticatedUser = userFacade.authenticatedUser();
    if (authenticatedUser == null) {
        throw new UnauthorizedException();
    }
    userFacade.authorizedGroup(authenticatedUser, Stream.of(Constants.GROUP_SUPERADMIN, Constants.GROUP_ADMIN, Constants.GROUP_ADMIN_CATALOGUE, Constants.GROUP_ADMIN_RETAIL).collect(Collectors.toList()));
    boolean exist = productInstanceFacade.exists(sku, merchantStore, id, language);
    return new ResponseEntity<EntityExists>(new EntityExists(exist), HttpStatus.OK);
}
Also used : ResponseEntity(org.springframework.http.ResponseEntity) UnauthorizedException(com.salesmanager.shop.store.api.exception.UnauthorizedException) EntityExists(com.salesmanager.shop.model.entity.EntityExists) GetMapping(org.springframework.web.bind.annotation.GetMapping) ApiImplicitParams(io.swagger.annotations.ApiImplicitParams) ResponseStatus(org.springframework.web.bind.annotation.ResponseStatus) ApiOperation(io.swagger.annotations.ApiOperation) ResponseBody(org.springframework.web.bind.annotation.ResponseBody)

Aggregations

UnauthorizedException (com.salesmanager.shop.store.api.exception.UnauthorizedException)19 ResourceNotFoundException (com.salesmanager.shop.store.api.exception.ResourceNotFoundException)10 ServiceRuntimeException (com.salesmanager.shop.store.api.exception.ServiceRuntimeException)10 ApiImplicitParams (io.swagger.annotations.ApiImplicitParams)8 ServiceException (com.salesmanager.core.business.exception.ServiceException)7 ResponseStatus (org.springframework.web.bind.annotation.ResponseStatus)7 ApiOperation (io.swagger.annotations.ApiOperation)6 GetMapping (org.springframework.web.bind.annotation.GetMapping)5 Category (com.salesmanager.core.model.catalog.category.Category)4 ReadableUser (com.salesmanager.shop.model.user.ReadableUser)4 RequestMapping (org.springframework.web.bind.annotation.RequestMapping)4 Product (com.salesmanager.core.model.catalog.product.Product)3 MerchantStore (com.salesmanager.core.model.merchant.MerchantStore)3 TaxClass (com.salesmanager.core.model.tax.taxclass.TaxClass)3 PersistableTaxClass (com.salesmanager.shop.model.tax.PersistableTaxClass)3 ReadableTaxClass (com.salesmanager.shop.model.tax.ReadableTaxClass)3 IOException (java.io.IOException)3 ResponseBody (org.springframework.web.bind.annotation.ResponseBody)3 MerchantStoreCriteria (com.salesmanager.core.model.merchant.MerchantStoreCriteria)2 LightPersistableProduct (com.salesmanager.shop.model.catalog.product.LightPersistableProduct)2