Examples with UnauthorizedException com.salesmanager.shop.store.api.exception.UnauthorizedException used on opensource projects

Example 6 with UnauthorizedException

use of com.salesmanager.shop.store.api.exception.UnauthorizedException in project shopizer by shopizer-ecommerce.

the class ProductApi method removeProductFromCategory.

@ResponseStatus(HttpStatus.OK)
@RequestMapping(value = { "/private/product/{productId}/category/{categoryId}", "/auth/product/{productId}/category/{categoryId}" }, method = RequestMethod.DELETE)
@ApiImplicitParams({ @ApiImplicitParam(name = "store", dataType = "String", defaultValue = "DEFAULT"), @ApiImplicitParam(name = "lang", dataType = "String", defaultValue = "en") })
@ResponseBody
public ReadableProduct removeProductFromCategory(@PathVariable Long productId, @PathVariable Long categoryId, @ApiIgnore MerchantStore merchantStore, @ApiIgnore Language language, HttpServletResponse response) {
    try {
        Product product = productService.getById(productId);
        if (product == null) {
            throw new ResourceNotFoundException("Product id [" + productId + "] is not found");
        }
        if (product.getMerchantStore().getId().intValue() != merchantStore.getId().intValue()) {
            throw new UnauthorizedException("Product id [" + productId + "] does not belong to store [" + merchantStore.getCode() + "]");
        }
        Category category = categoryService.getById(categoryId);
        if (category == null) {
            throw new ResourceNotFoundException("Category id [" + categoryId + "] is not found");
        }
        if (category.getMerchantStore().getId().intValue() != merchantStore.getId().intValue()) {
            throw new UnauthorizedException("Category id [" + categoryId + "] does not belong to store [" + merchantStore.getCode() + "]");
        }
        return productCommonFacade.removeProductFromCategory(category, product, language);
    } catch (Exception e) {
        LOGGER.error("Error while removing product from category", e);
        try {
            response.sendError(503, "Error while removing product from category " + e.getMessage());
        } catch (Exception ignore) {
        }
        return null;
    }
}

Example 7 with UnauthorizedException

use of com.salesmanager.shop.store.api.exception.UnauthorizedException in project shopizer by shopizer-ecommerce.

the class MerchantStoreApi method get.

@ResponseStatus(HttpStatus.OK)
@GetMapping(value = { "/private/stores" }, produces = MediaType.APPLICATION_JSON_VALUE)
@ApiOperation(httpMethod = "GET", value = "Get list of stores. Returns all retailers and stores. If superadmin everything is returned, else only retailer and child stores.", notes = "", response = ReadableMerchantStore.class)
@ApiImplicitParams({ @ApiImplicitParam(name = "lang", dataType = "String", defaultValue = "en") })
public ReadableMerchantStoreList get(@ApiIgnore MerchantStore merchantStore, @ApiIgnore Language language, @RequestParam(value = "page", required = false, defaultValue = "0") Integer page, @RequestParam(value = "count", required = false, defaultValue = "10") Integer count, HttpServletRequest request) {
    String authenticatedUser = userFacade.authenticatedUser();
    if (authenticatedUser == null) {
        throw new UnauthorizedException();
    }
    // requires superadmin, admin and admin retail to see all
    userFacade.authorizedGroup(authenticatedUser, Stream.of(Constants.GROUP_SUPERADMIN, Constants.GROUP_ADMIN, Constants.GROUP_ADMIN_RETAIL).collect(Collectors.toList()));
    MerchantStoreCriteria criteria = createMerchantStoreCriteria(request);
    if (userFacade.userInRoles(authenticatedUser, Arrays.asList(Constants.GROUP_SUPERADMIN))) {
        criteria.setStoreCode(null);
    } else {
        criteria.setStoreCode(merchantStore.getCode());
    }
    // return storeFacade.findAll(criteria, language, page, count);
    ReadableMerchantStoreList readable = storeFacade.findAll(criteria, language, page, count);
    return readable;
}

Example 8 with UnauthorizedException

use of com.salesmanager.shop.store.api.exception.UnauthorizedException in project shopizer by shopizer-ecommerce.

the class ProductImageApi method uploadImage.

/**
 * To be used with MultipartFile
 *
 * @param id
 * @param uploadfiles
 * @param request
 * @param response
 * @throws Exception
 */
@ResponseStatus(HttpStatus.CREATED)
@RequestMapping(value = { "/private/products/{id}/images", "/auth/products/{id}/images" }, consumes = { MediaType.MULTIPART_FORM_DATA_VALUE }, method = RequestMethod.POST)
@ApiImplicitParams({ @ApiImplicitParam(name = "store", dataType = "String", defaultValue = "DEFAULT"), @ApiImplicitParam(name = "lang", dataType = "String", defaultValue = "en") })
public void uploadImage(@PathVariable Long id, @RequestParam(value = "file", required = true) MultipartFile[] files, @RequestParam(value = "order", required = false, defaultValue = "0") Integer position, @ApiIgnore MerchantStore merchantStore, @ApiIgnore Language language) throws IOException {
    try {
        // get the product
        Product product = productService.getById(id);
        if (product == null) {
            throw new ResourceNotFoundException("Product not found");
        }
        // product belongs to merchant store
        if (product.getMerchantStore().getId().intValue() != merchantStore.getId().intValue()) {
            throw new UnauthorizedException("Resource not authorized for this merchant");
        }
        boolean hasDefaultImage = false;
        Set<ProductImage> images = product.getImages();
        if (!CollectionUtils.isEmpty(images)) {
            for (ProductImage image : images) {
                if (image.isDefaultImage()) {
                    hasDefaultImage = true;
                    break;
                }
            }
        }
        List<ProductImage> contentImagesList = new ArrayList<ProductImage>();
        int sortOrder = position;
        for (MultipartFile multipartFile : files) {
            if (!multipartFile.isEmpty()) {
                ProductImage productImage = new ProductImage();
                productImage.setImage(multipartFile.getInputStream());
                productImage.setProductImage(multipartFile.getOriginalFilename());
                productImage.setProduct(product);
                if (!hasDefaultImage) {
                    productImage.setDefaultImage(true);
                    hasDefaultImage = true;
                }
                productImage.setSortOrder(sortOrder);
                position++;
                contentImagesList.add(productImage);
            }
        }
        if (CollectionUtils.isNotEmpty(contentImagesList)) {
            productImageService.addProductImages(product, contentImagesList);
        }
    } catch (Exception e) {
        LOGGER.error("Error while creating ProductImage", e);
        throw new ServiceRuntimeException("Error while creating image");
    }
}

Example 9 with UnauthorizedException

use of com.salesmanager.shop.store.api.exception.UnauthorizedException in project shopizer by shopizer-ecommerce.

the class UserApi method list.

@ResponseStatus(HttpStatus.OK)
@GetMapping(value = { "/private/users" }, produces = MediaType.APPLICATION_JSON_VALUE)
@ApiOperation(httpMethod = "GET", value = "Get list of user", notes = "", response = ReadableUserList.class)
@ApiImplicitParams({ @ApiImplicitParam(name = "store", dataType = "String", defaultValue = "DEFAULT"), @ApiImplicitParam(name = "lang", dataType = "String", defaultValue = "en") })
public ReadableUserList list(@ApiIgnore MerchantStore merchantStore, @ApiIgnore Language language, @RequestParam(value = "page", required = false, defaultValue = "0") Integer page, @RequestParam(value = "count", required = false, defaultValue = "20") Integer count, @RequestParam(value = "emailAddress", required = false) String emailAddress) {
    String authenticatedUser = userFacade.authenticatedUser();
    if (authenticatedUser == null) {
        throw new UnauthorizedException();
    }
    UserCriteria criteria = new UserCriteria();
    if (!StringUtils.isBlank(emailAddress)) {
        criteria.setAdminEmail(emailAddress);
    }
    criteria.setStoreCode(merchantStore.getCode());
    if (!userFacade.userInRoles(authenticatedUser, Arrays.asList(Constants.GROUP_SUPERADMIN))) {
        if (!userFacade.authorizedStore(authenticatedUser, merchantStore.getCode())) {
            throw new UnauthorizedException("Operation unauthorized for user [" + authenticatedUser + "] and store [" + merchantStore + "]");
        }
    }
    userFacade.authorizedGroup(authenticatedUser, Stream.of(Constants.GROUP_SUPERADMIN, Constants.GROUP_ADMIN, Constants.GROUP_ADMIN_RETAIL).collect(Collectors.toList()));
    return userFacade.listByCriteria(criteria, page, count, language);
}

Example 10 with UnauthorizedException

use of com.salesmanager.shop.store.api.exception.UnauthorizedException in project shopizer by shopizer-ecommerce.

the class ProductInstanceApi method exists.

@ResponseStatus(HttpStatus.OK)
@GetMapping(value = { "/private/product/{id}/instance/{sku}/unique" }, produces = MediaType.APPLICATION_JSON_VALUE)
@ApiImplicitParams({ @ApiImplicitParam(name = "store", dataType = "string", defaultValue = "DEFAULT"), @ApiImplicitParam(name = "lang", dataType = "string", defaultValue = "en") })
@ApiOperation(httpMethod = "GET", value = "Check if option set code already exists", notes = "", response = EntityExists.class)
@ResponseBody
public ResponseEntity<EntityExists> exists(@PathVariable Long id, @RequestParam(value = "code") String sku, @ApiIgnore MerchantStore merchantStore, @ApiIgnore Language language) {
    String authenticatedUser = userFacade.authenticatedUser();
    if (authenticatedUser == null) {
        throw new UnauthorizedException();
    }
    userFacade.authorizedGroup(authenticatedUser, Stream.of(Constants.GROUP_SUPERADMIN, Constants.GROUP_ADMIN, Constants.GROUP_ADMIN_CATALOGUE, Constants.GROUP_ADMIN_RETAIL).collect(Collectors.toList()));
    boolean exist = productInstanceFacade.exists(sku, merchantStore, id, language);
    return new ResponseEntity<EntityExists>(new EntityExists(exist), HttpStatus.OK);
}