use of com.xebia.vulnmanager.models.company.Team in project vulnmanager by xebia-research.
the class UploadFileController method uploadFile.
/**
* Upload a report to the server.
*
* @param uploadFile The file that will be uploaded
* @return A response with correct http header
*/
@RequestMapping(value = "/{company}/{team}/{scannerType}/upload", method = RequestMethod.POST)
@ResponseBody
ResponseEntity<?> uploadFile(@RequestParam("file") MultipartFile uploadFile, @RequestHeader(value = "auth", defaultValue = "nope") String authKey, @PathVariable("company") String companyName, @PathVariable("team") String teamName, @PathVariable("scannerType") String scannerType) {
AuthenticationChecker authenticationChecker = new AuthenticationChecker();
if (!authenticationChecker.checkTeamAndCompany(companyName, authKey, teamName)) {
return new ResponseEntity(new ErrorMsg("Auth not correct!"), HttpStatus.BAD_REQUEST);
}
// Check if the parser type endpoint exists.
if (!isValidScannerType(scannerType)) {
return new ResponseEntity(new ErrorMsg("Unknown parser type"), HttpStatus.BAD_REQUEST);
}
// Shouldn't return null because the authenticationChecker als checks for null.
MockCompanyFactory factory = new MockCompanyFactory();
Company comp = factory.findCompanyByName(companyName);
Team team = factory.findTeamByName(teamName, comp);
logger.info("Single file upload started!");
String newFileName = "";
if (uploadFile.isEmpty()) {
return new ResponseEntity(new ErrorMsg("Uploaded file should't be empty"), HttpStatus.BAD_REQUEST);
}
try {
// IOUtil will try to save the file. Returns true on succes
String filePath = IOUtil.saveUploadedFiles(uploadFile);
// Success with upload. Check file to see of it is a {scannerType} document
logger.info("File succesfully uploaded");
boolean wrongEndpoint = false;
// Success check uploaded file
ReportType reportType = ReportUtil.checkDocumentType(ReportUtil.getDocumentFromFile(new File(filePath)));
if (reportType != ReportType.UNKNOWN) {
if (reportType.toString().equalsIgnoreCase(scannerType)) {
newFileName = IOUtil.moveFileToFolder(new File(filePath), comp, team, reportType);
} else {
// File is known but wrong endpoint
wrongEndpoint = true;
}
}
File fileToRemove = new File(filePath);
if (!fileToRemove.delete()) {
logger.error("Temp file couldn't be deleted but it shoudl have been");
}
// Separate if to delete the tmp file
if (reportType == ReportType.UNKNOWN) {
// Type unknown send bad request.
return new ResponseEntity(new ErrorMsg("Unknown report!"), HttpStatus.BAD_REQUEST);
} else if (wrongEndpoint) {
return new ResponseEntity(new ErrorMsg("This is a " + reportType.name() + " report but this endpoint expects a " + scannerType), HttpStatus.BAD_REQUEST);
}
} catch (IOException ex) {
return new ResponseEntity(new ErrorMsg("IOException with msg: " + ex.getMessage()), HttpStatus.INTERNAL_SERVER_ERROR);
}
return new ResponseEntity(new ErrorMsg("Successfully uploaded - " + newFileName), HttpStatus.OK);
}
use of com.xebia.vulnmanager.models.company.Team in project vulnmanager by xebia-research.
the class CompanyController method getCompanyTeamMembers.
/**
* Get the teams of a specific company
* @param authKey The auth key of the company used to auth the request
* @param companyName The name of the company
* @return A list of teams within the team
*/
@RequestMapping(value = "/{team}", method = RequestMethod.GET)
@ResponseBody
ResponseEntity<?> getCompanyTeamMembers(@RequestHeader(value = "auth", defaultValue = "nope") String authKey, @PathVariable("company") String companyName, @PathVariable("team") String teamName) {
AuthenticationChecker authChecker = new AuthenticationChecker();
boolean authIsGood = authChecker.checkTeamAndCompany(companyName, authKey, teamName);
MockCompanyFactory compFact = new MockCompanyFactory();
if (authIsGood) {
Company foundComp = compFact.findCompanyByName(companyName);
Team team = foundComp.findTeamByName(teamName);
return new ResponseEntity<Team>(team, HttpStatus.OK);
}
return new ResponseEntity<ErrorMsg>(new ErrorMsg("Wrong auth key or company not found"), HttpStatus.NOT_FOUND);
}
Aggregations