use of com.webank.wedatasphere.qualitis.exception.PermissionDeniedRequestException in project Qualitis by WeBankFinTech.
the class RuleBatchServiceImpl method downloadRules.
@Override
@Transactional(propagation = Propagation.REQUIRED, rollbackFor = { RuntimeException.class, UnExpectedRequestException.class })
public GeneralResponse<?> downloadRules(DownloadRuleRequest request, HttpServletResponse response) throws UnExpectedRequestException, IOException, WriteExcelException, PermissionDeniedRequestException {
// Check Arguments
DownloadRuleRequest.checkRequest(request);
String loginUser = HttpUtils.getUserName(httpServletRequest);
Boolean projectAllRules = request.getProjectId() != null;
List<Rule> ruleLists;
if (projectAllRules) {
LOGGER.info("Downloading all rules of project. project id: {}", request.getProjectId());
Project project = projectDao.findById(request.getProjectId());
if (project == null) {
throw new UnExpectedRequestException("{&PROJECT_ID} {&DOES_NOT_EXIST}");
}
ruleLists = ruleDao.findByProject(project);
} else {
LOGGER.info("Downloading all rules. rule ids: {}", request.getRuleIds());
ruleLists = ruleDao.findByIds(request.getRuleIds());
List<Long> ruleIds = ruleLists.stream().map(Rule::getId).distinct().collect(Collectors.toList());
List<Long> notExistRules = request.getRuleIds().stream().filter(l -> !ruleIds.contains(l)).collect(Collectors.toList());
if (!notExistRules.isEmpty()) {
throw new UnExpectedRequestException("{&THE_IDS_OF_RULE}: " + notExistRules.toString() + " {&DOES_NOT_EXIST}");
}
}
if (ruleLists == null || ruleLists.isEmpty()) {
throw new UnExpectedRequestException("{&NO_RULE_CAN_DOWNLOAD}");
}
// Check permissions of project
List<Integer> permissions = new ArrayList<>();
permissions.add(ProjectUserPermissionEnum.DEVELOPER.getCode());
projectService.checkProjectPermission(ruleLists.iterator().next().getProject(), loginUser, permissions);
LOGGER.info("Succeed to find rules that will be downloaded. rule_ids: {}", ruleLists.stream().map(Rule::getId));
return downloadRulesReal(ruleLists, response, loginUser);
}
use of com.webank.wedatasphere.qualitis.exception.PermissionDeniedRequestException in project Qualitis by WeBankFinTech.
the class ProjectBatchServiceImpl method uploadProjectsReal.
private GeneralResponse<?> uploadProjectsReal(InputStream fileInputStream, String fileName, String userName, boolean aomp) throws IOException, UnExpectedRequestException, PermissionDeniedRequestException, RoleNotFoundException {
String suffixName = fileName.substring(fileName.lastIndexOf('.'));
if (!suffixName.equals(SUPPORT_EXCEL_SUFFIX_NAME)) {
throw new UnExpectedRequestException("{&DO_NOT_SUPPORT_SUFFIX_NAME}: [" + suffixName + "]. {&ONLY_SUPPORT} [" + SUPPORT_EXCEL_SUFFIX_NAME + "]", 422);
}
if (userName == null) {
return new GeneralResponse<>("401", "{&PLEASE_LOGIN}", null);
}
User user = userDao.findByUsername(userName);
Long userId = user.getId();
// Read file and create project
ExcelProjectListener listener = readExcel(fileInputStream);
// Check if excel file is empty
if (listener.getExcelProjectContent().isEmpty() && listener.getExcelRuleContent().isEmpty() && listener.getExcelCustomRuleContent().isEmpty() && listener.getExcelMultiRuleContent().isEmpty() && listener.getTemplateFileExcelContent().isEmpty() && listener.getExcelMetricContent().isEmpty()) {
throw new UnExpectedRequestException("{&FILE_CAN_NOT_BE_EMPTY_OR_FILE_CAN_NOT_BE_RECOGNIZED}", 422);
}
for (ExcelProject excelProject : listener.getExcelProjectContent()) {
Project project = projectDao.findByNameAndCreateUser(excelProject.getProjectName(), userName);
if (project != null) {
if (!aomp) {
LOGGER.info("hint for user to decide to override or not.");
}
// Means update project.
LOGGER.info("Start to update project[name={}] with upload project file.", project.getName());
ModifyProjectDetailRequest request = convertExcelProjectToModifyProjectRequest(excelProject, project, userName);
projectService.modifyProjectDetail(request, false);
} else {
// Check excel project arguments is valid or not
AddProjectRequest request = convertExcelProjectToAddProjectRequest(excelProject);
projectService.addProject(request, userId);
}
}
for (ExcelRuleMetric excelRuleMetric : listener.getExcelMetricContent()) {
RuleMetric ruleMetric = ruleMetricDao.findByName(excelRuleMetric.getName());
if (ruleMetric != null) {
if (!aomp) {
LOGGER.info("hint for user to decide to override or not.");
}
LOGGER.info("Start to update rule metric[name={}] with upload rule metric file.", ruleMetric.getName());
modifyRuleMetric(excelRuleMetric, ruleMetric, userName);
} else {
addRuleMetric(excelRuleMetric, userName);
}
}
// Create rules according to excel sheet
Map<String, Map<String, List<ExcelTemplateRuleByProject>>> excelTemplateRulePartitionedByProject = listener.getExcelRuleContent();
Map<String, Map<String, List<ExcelCustomRuleByProject>>> excelCustomRulePartitionedByProject = listener.getExcelCustomRuleContent();
Map<String, Map<String, List<ExcelMultiTemplateRuleByProject>>> excelMultiTemplateRulePartitionedByProject = listener.getExcelMultiRuleContent();
Map<String, Map<String, List<ExcelTemplateFileRuleByProject>>> excelTemplateFileRulePartitionedByProject = listener.getTemplateFileExcelContent();
Set<String> allProjects = new HashSet<>();
allProjects.addAll(excelTemplateRulePartitionedByProject.keySet());
allProjects.addAll(excelCustomRulePartitionedByProject.keySet());
allProjects.addAll(excelMultiTemplateRulePartitionedByProject.keySet());
allProjects.addAll(excelTemplateFileRulePartitionedByProject.keySet());
for (String projectName : allProjects) {
try {
Project projectInDb = projectDao.findByNameAndCreateUser(projectName, userName);
if (projectInDb == null) {
throw new UnExpectedRequestException("{&PROJECT}: [" + projectName + "] {&DOES_NOT_EXIST}");
}
ruleBatchService.getAndSaveRule(excelTemplateRulePartitionedByProject.get(projectName), excelCustomRulePartitionedByProject.get(projectName), excelMultiTemplateRulePartitionedByProject.get(projectName), excelTemplateFileRulePartitionedByProject.get(projectName), projectInDb, userName, aomp);
} catch (Exception e) {
throw new UnExpectedRequestException(e.getMessage());
}
}
fileInputStream.close();
return new GeneralResponse<>("200", "{&SUCCEED_TO_UPLOAD_FILE}", null);
}
use of com.webank.wedatasphere.qualitis.exception.PermissionDeniedRequestException in project Qualitis by WeBankFinTech.
the class ProjectUserServiceImpl method getAllProjectUser.
@Override
@Transactional(propagation = Propagation.REQUIRED, readOnly = true, rollbackFor = { RuntimeException.class, UnExpectedRequestException.class })
public GeneralResponse<List<ProjectUserResponse>> getAllProjectUser(Long projectId) throws UnExpectedRequestException, PermissionDeniedRequestException {
List<ProjectUserResponse> projectUserResponses = new ArrayList<>();
Project projectInDb = projectDao.findById(projectId);
if (projectInDb == null) {
throw new UnExpectedRequestException("{&PROJECT}: [ID=" + projectId + "] {&DOES_NOT_EXIST}");
}
String userName = HttpUtils.getUserName(httpRequest);
List<ProjectUser> projectUsers = projectUserDao.findByProject(projectInDb);
List<String> projectUserNames = projectUsers.stream().map(ProjectUser::getUserName).collect(Collectors.toList());
if (!projectUserNames.contains(userName)) {
throw new PermissionDeniedRequestException("{&HAS_NO_PERMISSION_TO_ACCESS}", 403);
}
for (ProjectUser currentProjectUser : projectUsers) {
List<String> userNames = projectUserResponses.stream().map(ProjectUserResponse::getAuthorizedUser).collect(Collectors.toList());
String currentUser = currentProjectUser.getUserName();
if (userNames.contains(currentUser)) {
continue;
}
String projectCreator = projectInDb.getCreateUser();
ProjectUserResponse projectUserResponse = new ProjectUserResponse(projectInDb.getName(), projectCreator, currentUser);
List<Integer> permissions = getPermissionList(projectUsers, currentUser);
projectUserResponse.setPermissions(permissions);
projectUserResponses.add(projectUserResponse);
}
return new GeneralResponse<>("200", "{&SUCCESS_TO_GET_PROJECT_USER}", projectUserResponses);
}
use of com.webank.wedatasphere.qualitis.exception.PermissionDeniedRequestException in project Qualitis by WeBankFinTech.
the class ProjectBatchServiceImpl method modifyRuleMetric.
private void modifyRuleMetric(ExcelRuleMetric excelRuleMetric, RuleMetric ruleMetric, String userName) throws UnExpectedRequestException, PermissionDeniedRequestException {
// Check en code existence.
RuleMetric ruleMetricInDb = ruleMetricDao.findByEnCode(excelRuleMetric.getEnCode());
if (ruleMetricInDb != null && ruleMetricInDb.getId().longValue() != ruleMetric.getId().longValue()) {
throw new UnExpectedRequestException("Rule Metric [EN_CODE=" + excelRuleMetric.getEnCode() + "] {&DOES_NOT_EXIST}");
}
LOGGER.info("Start to modify rule metric, modify request: [{}], user: [{}]", excelRuleMetric.toString(), userName);
User loginUser = userDao.findByUsername(userName);
List<UserRole> userRoles = userRoleDao.findByUser(loginUser);
Integer roleType = roleService.getRoleType(userRoles);
if (roleType.equals(RoleDefaultTypeEnum.ADMIN.getCode())) {
LOGGER.info("First level(created by SYS_ADMIN) indicator will be modified soon.");
} else if (roleType.equals(RoleDefaultTypeEnum.DEPARTMENT_ADMIN.getCode())) {
LOGGER.info("Second level(created by DEPARTMENT_ADMIN) indicator will be modified soon.");
if (ruleMetric.getLevel().equals(RuleMetricLevelEnum.DEFAULT_METRIC.getCode())) {
throw new PermissionDeniedRequestException("User {&HAS_NO_PERMISSION_TO_ACCESS}", 403);
}
List<Department> managedDepartment = new ArrayList<>();
for (UserRole userRole : userRoles) {
Department department = userRole.getRole().getDepartment();
if (department != null) {
managedDepartment.add(department);
}
}
RuleMetricDepartmentUser ruleMetricDepartmentUser = ruleMetricDepartmentUserDao.findByRuleMetric(ruleMetric);
if (ruleMetricDepartmentUser != null && managedDepartment.contains(ruleMetricDepartmentUser.getDepartment())) {
LOGGER.info("Rule metric[{}] comes from department: {}", ruleMetric.toString(), ruleMetricDepartmentUser.getDepartment().getName());
} else {
throw new PermissionDeniedRequestException("User {&HAS_NO_PERMISSION_TO_ACCESS}", 403);
}
} else {
LOGGER.info("Third level(created by PROJECTOR) indicator will be modified soon.");
if (!ruleMetric.getLevel().equals(RuleMetricLevelEnum.PERSONAL_METRIC.getCode()) || !ruleMetric.getCreateUser().equals(loginUser.getUserName())) {
throw new PermissionDeniedRequestException("User {&HAS_NO_PERMISSION_TO_ACCESS}", 403);
}
}
ruleMetric.setName(excelRuleMetric.getName());
ruleMetric.setMetricDesc(excelRuleMetric.getMetricDesc());
ruleMetric.setSubSystemName(excelRuleMetric.getSubSystemName());
ruleMetric.setFullCnName(excelRuleMetric.getFullCnName());
ruleMetric.setModifyUser(userName);
ruleMetric.setModifyTime(ExecutionManagerImpl.PRINT_TIME_FORMAT.format(new Date()));
ruleMetric.setType(excelRuleMetric.getType());
ruleMetric.setFrequency(Integer.parseInt(excelRuleMetric.getFrequency()));
ruleMetric.setEnCode(excelRuleMetric.getEnCode());
ruleMetric.setDepartmentName(excelRuleMetric.getDepartmentName());
ruleMetric.setDevDepartmentName(excelRuleMetric.getDevDepartmentName());
ruleMetric.setOpsDepartmentName(excelRuleMetric.getOpsDepartmentName());
ruleMetric.setAvailable(excelRuleMetric.getAvailable());
ruleMetricDao.add(ruleMetric);
}
use of com.webank.wedatasphere.qualitis.exception.PermissionDeniedRequestException in project Qualitis by WeBankFinTech.
the class RuleTemplateServiceImpl method deleteRuleTemplate.
@Override
public void deleteRuleTemplate(Long templateId) throws UnExpectedRequestException, PermissionDeniedRequestException {
// Check template existence
Template templateInDb = checkRuleTemplate(templateId);
// Check operator permission
User userInDb = userDao.findById(HttpUtils.getUserId(httpServletRequest));
List<UserRole> userRoles = userRoleDao.findByUser(userInDb);
Integer roleType = roleService.getRoleType(userRoles);
if (roleType.equals(RoleDefaultTypeEnum.PROJECTOR.getCode())) {
LOGGER.info("The projector is going to delete template.");
if (templateInDb.getLevel().intValue() != RuleTemplateLevelEnum.PERSONAL_TEMPLATE.getCode()) {
throw new PermissionDeniedRequestException("User {&HAS_NO_PERMISSION_TO_ACCESS}", 403);
}
if (userInDb.getId() != (templateInDb.getCreateUser().getId())) {
throw new PermissionDeniedRequestException("User {&HAS_NO_PERMISSION_TO_ACCESS}", 403);
}
} else if (roleType.equals(RoleDefaultTypeEnum.DEPARTMENT_ADMIN.getCode())) {
LOGGER.info("The department admin is going to delete template.");
if (templateInDb.getLevel().intValue() == RuleTemplateLevelEnum.DEFAULT_TEMPLATE.getCode()) {
throw new PermissionDeniedRequestException("User {&HAS_NO_PERMISSION_TO_ACCESS}", 403);
}
List<User> createUsers = new ArrayList<>();
for (UserRole userRole : userRoles) {
Department department = userRole.getRole().getDepartment();
if (department != null) {
List<User> userList = userDao.findByDepartment(department);
createUsers.addAll(userList);
}
}
boolean exist = false;
for (User user : createUsers) {
if (user.getId() == templateInDb.getCreateUser().getId()) {
exist = true;
break;
}
}
if (!exist) {
throw new PermissionDeniedRequestException("User {&HAS_NO_PERMISSION_TO_ACCESS}", 403);
}
} else {
if (templateInDb.getLevel().equals(RuleTemplateLevelEnum.DEFAULT_TEMPLATE.getCode())) {
if (templateInDb.getCreateUser() == null || !userInDb.getUserName().equals(templateInDb.getCreateUser().getUserName())) {
throw new PermissionDeniedRequestException("User {&HAS_NO_PERMISSION_TO_ACCESS}", 403);
}
}
LOGGER.info("The system admin is going to delete template.");
}
// Check rules of template
ruleService.checkRuleOfTemplate(templateInDb);
// Delete 'Templatedepartment' or 'TemplateUser'
clearTemplateUser(templateInDb);
List<TemplateDataSourceType> templateDataSourceTypes = templateDataSourceTypeDao.findByTemplate(templateInDb);
for (TemplateDataSourceType templateDataSourceType : templateDataSourceTypes) {
templateDataSourceTypeDao.delete(templateDataSourceType);
}
ruleTemplateDao.deleteTemplate(templateInDb);
}
Aggregations