use of no.arkivlab.hioa.nikita.webapp.security.Authorisation in project nikita-noark5-core by HiOA-ABI.
the class DocumentObjectHateoasController method handleFileUpload.
// API - All POST Requests (CRUD - CREATE)
// upload a file and associate it with a documentObject
// POST [contextPath][api]/arkivstruktur/dokumentobjekt/{systemID}/referanseFil
@ApiOperation(value = "Uploads a file and associates it with the documentObject identified by a systemId", response = DocumentObjectHateoas.class)
@ApiResponses(value = { @ApiResponse(code = 200, message = "File uploaded successfully", response = DocumentObjectHateoas.class), @ApiResponse(code = 401, message = API_MESSAGE_UNAUTHENTICATED_USER), @ApiResponse(code = 403, message = API_MESSAGE_UNAUTHORISED_FOR_USER), @ApiResponse(code = 500, message = API_MESSAGE_INTERNAL_SERVER_ERROR) })
@Counted
@Timed
@RequestMapping(value = SLASH + LEFT_PARENTHESIS + SYSTEM_ID + RIGHT_PARENTHESIS + SLASH + REFERENCE_FILE, method = RequestMethod.POST, headers = "Accept=*/*", produces = { NOARK5_V4_CONTENT_TYPE_JSON, NOARK5_V4_CONTENT_TYPE_JSON_XML })
public ResponseEntity<DocumentObjectHateoas> handleFileUpload(final UriComponentsBuilder uriBuilder, HttpServletRequest request, final HttpServletResponse response, @ApiParam(name = "systemID", value = "systemID of the documentObject you wish to associate a file with", required = true) @PathVariable("systemID") final String documentObjectSystemId) {
try {
DocumentObject documentObject = documentObjectService.findBySystemIdOrderBySystemId(documentObjectSystemId);
if (documentObject == null) {
throw new NoarkEntityNotFoundException(documentObjectSystemId);
}
InputStream inputStream;
// Following will be needed for uploading file in chunks
//String headerContentRange = request.getHeader("content-range");//Content-Range:bytes 737280-819199/845769
// Check that content-length is set, > 0 and in agreement with the value set in documentObject
Long contentLength = 0L;
if (request.getHeader("content-length") == null) {
throw new StorageException("Attempt to upload a document without content-length set. The document " + "was attempted to be associated with " + documentObject);
}
contentLength = (long) request.getIntHeader("content-length");
if (contentLength < 1) {
throw new StorageException("Attempt to upload a document with 0 or negative content-length set. " + "Actual value was (" + contentLength + "). The document was attempted to be associated with " + documentObject);
}
if (null == documentObject.getFileSize()) {
throw new StorageException("Attempt to upload a document with a content-length set in the header (" + contentLength + "), but the value in documentObject has not been set (== null). The " + "document was attempted to be associated with " + documentObject);
}
if (!contentLength.equals(documentObject.getFileSize())) {
throw new StorageException("Attempt to upload a document with a content-length set in the header (" + contentLength + ") that is not the same as the value in documentObject (" + documentObject.getFileSize() + "). The document was attempted to be associated with " + documentObject);
}
// Check that the content-type is set and in agreement with mimeType value in documentObject
String headerContentType = request.getHeader("content-type");
if (headerContentType == null) {
throw new StorageException("Attempt to upload a document without content-type set. The document " + "was attempted to be associated with " + documentObject);
}
if (!headerContentType.equals(documentObject.getMimeType())) {
throw new StorageException("Attempt to upload a document with a content-type set in the header (" + contentLength + ") that is not the same as the mimeType in documentObject (" + documentObject.getMimeType() + "). The document was attempted to be associated with " + documentObject);
}
documentObjectService.storeAndCalculateChecksum(request.getInputStream(), documentObject);
// We need to update the documentObject in the database as checksum and checksum algorithm are set after
// the document has been uploaded
documentObjectService.update(documentObject);
DocumentObjectHateoas documentObjectHateoas = new DocumentObjectHateoas(documentObject);
documentObjectHateoasHandler.addLinks(documentObjectHateoas, request, new Authorisation());
return new ResponseEntity<>(documentObjectHateoas, HttpStatus.OK);
} catch (IOException e) {
throw new StorageException(e.toString());
}
}
use of no.arkivlab.hioa.nikita.webapp.security.Authorisation in project nikita-noark5-core by HiOA-ABI.
the class DocumentObjectHateoasController method findOneDocumentObjectBySystemId.
// API - All GET Requests (CRUD - READ)
// Get a documentObject identified by systemID
// GET [contextPath][api]/arkivstruktur/dokumentobjekt/{systemID}
@ApiOperation(value = "Retrieves a single DocumentObject entity given a systemId", response = DocumentObject.class)
@ApiResponses(value = { @ApiResponse(code = 200, message = "DocumentObject returned", response = DocumentObject.class), @ApiResponse(code = 401, message = API_MESSAGE_UNAUTHENTICATED_USER), @ApiResponse(code = 403, message = API_MESSAGE_UNAUTHORISED_FOR_USER), @ApiResponse(code = 500, message = API_MESSAGE_INTERNAL_SERVER_ERROR) })
@Counted
@Timed
@RequestMapping(value = SLASH + LEFT_PARENTHESIS + SYSTEM_ID + RIGHT_PARENTHESIS, method = RequestMethod.GET, produces = { NOARK5_V4_CONTENT_TYPE_JSON, NOARK5_V4_CONTENT_TYPE_JSON_XML })
public ResponseEntity<DocumentObjectHateoas> findOneDocumentObjectBySystemId(final UriComponentsBuilder uriBuilder, HttpServletRequest request, final HttpServletResponse response, @ApiParam(name = "systemID", value = "systemID of the documentObject to retrieve", required = true) @PathVariable("systemID") final String documentObjectSystemId) {
DocumentObject createdDocumentObject = documentObjectService.findBySystemIdOrderBySystemId(documentObjectSystemId);
if (createdDocumentObject == null) {
throw new NoarkEntityNotFoundException(documentObjectSystemId);
}
DocumentObjectHateoas documentObjectHateoas = new DocumentObjectHateoas(createdDocumentObject);
documentObjectHateoasHandler.addLinks(documentObjectHateoas, request, new Authorisation());
return ResponseEntity.status(HttpStatus.CREATED).allow(CommonUtils.WebUtils.getMethodsForRequestOrThrow(request.getServletPath())).eTag(createdDocumentObject.getVersion().toString()).body(documentObjectHateoas);
}
use of no.arkivlab.hioa.nikita.webapp.security.Authorisation in project nikita-noark5-core by HiOA-ABI.
the class DocumentObjectHateoasController method findAllDocumentObject.
// Get all documentObject
// GET [contextPath][api]/arkivstruktur/dokumentobjekt/
@ApiOperation(value = "Retrieves multiple DocumentObject entities limited by ownership rights", notes = "The field skip" + "tells how many DocumentObject rows of the result set to ignore (starting at 0), while top tells how many rows" + " after skip to return. Note if the value of top is greater than system value " + " nikita-noark5-core.pagination.maxPageSize, then nikita-noark5-core.pagination.maxPageSize is used. ", response = DocumentObjectHateoas.class)
@ApiResponses(value = { @ApiResponse(code = 200, message = "DocumentObject list found", response = DocumentObjectHateoas.class), @ApiResponse(code = 401, message = API_MESSAGE_UNAUTHENTICATED_USER), @ApiResponse(code = 403, message = API_MESSAGE_UNAUTHORISED_FOR_USER), @ApiResponse(code = 500, message = API_MESSAGE_INTERNAL_SERVER_ERROR) })
@Counted
@Timed
@RequestMapping(method = RequestMethod.GET, produces = { NOARK5_V4_CONTENT_TYPE_JSON, NOARK5_V4_CONTENT_TYPE_JSON_XML })
public ResponseEntity<DocumentObjectHateoas> findAllDocumentObject(final UriComponentsBuilder uriBuilder, HttpServletRequest request, final HttpServletResponse response, @RequestParam(name = "top", required = false) Integer top, @RequestParam(name = "skip", required = false) Integer skip, @RequestParam(name = "filter", required = false) String filter) {
String reg = " ";
String[] pieces;
DocumentObjectHateoas documentObjectHateoas = null;
if (filter != null) {
pieces = filter.split(reg);
if (pieces.length == 3 && pieces[1].equalsIgnoreCase("eq")) {
pieces[2] = pieces[2].replace("\'", "");
documentObjectHateoas = new DocumentObjectHateoas((ArrayList<INikitaEntity>) (ArrayList) documentObjectService.findDocumentObjectByAnyColumn(pieces[0], pieces[2]));
}
}
if (null == documentObjectHateoas) {
documentObjectHateoas = new DocumentObjectHateoas((ArrayList<INikitaEntity>) (ArrayList) documentObjectService.findDocumentObjectByOwnerPaginated(top, skip));
}
documentObjectHateoasHandler.addLinks(documentObjectHateoas, request, new Authorisation());
return ResponseEntity.status(HttpStatus.OK).allow(CommonUtils.WebUtils.getMethodsForRequestOrThrow(request.getServletPath())).body(documentObjectHateoas);
}
use of no.arkivlab.hioa.nikita.webapp.security.Authorisation in project nikita-noark5-core by HiOA-ABI.
the class FileHateoasController method createDefaultRecord.
// Create a Record with default values
// GET [contextPath][api]/arkivstruktur/mappe/{systemId}/ny-registrering
@ApiOperation(value = "Create a Record with default values", response = Record.class)
@ApiResponses(value = { @ApiResponse(code = 200, message = "Record returned", response = Record.class), @ApiResponse(code = 401, message = API_MESSAGE_UNAUTHENTICATED_USER), @ApiResponse(code = 403, message = API_MESSAGE_UNAUTHORISED_FOR_USER), @ApiResponse(code = 500, message = API_MESSAGE_INTERNAL_SERVER_ERROR) })
@Counted
@Timed
@RequestMapping(value = SLASH + LEFT_PARENTHESIS + SYSTEM_ID + RIGHT_PARENTHESIS + SLASH + NEW_RECORD, method = RequestMethod.GET)
public ResponseEntity<RecordHateoas> createDefaultRecord(final UriComponentsBuilder uriBuilder, HttpServletRequest request, final HttpServletResponse response) {
Record defaultRecord = new Record();
defaultRecord.setArchivedBy(TEST_USER_CASE_HANDLER_2);
defaultRecord.setArchivedDate(new Date());
RecordHateoas recordHateoas = new RecordHateoas(defaultRecord);
recordHateoasHandler.addLinksOnNew(recordHateoas, request, new Authorisation());
return ResponseEntity.status(HttpStatus.CREATED).allow(CommonUtils.WebUtils.getMethodsForRequestOrThrow(request.getServletPath())).body(recordHateoas);
}
use of no.arkivlab.hioa.nikita.webapp.security.Authorisation in project nikita-noark5-core by HiOA-ABI.
the class FileHateoasController method findAllRecordsAssociatedWithFile.
// API - All GET Requests (CRUD - READ)
// Retrieve all Records associated with File identified by systemId
// GET [contextPath][api]/arkivstruktur/mappe/{systemId}/registrering
// REL http://rel.kxml.no/noark5/v4/api/arkivstruktur/registrering/
@ApiOperation(value = "Retrieve all Record associated with a File identified by systemId", response = RecordHateoas.class)
@ApiResponses(value = { @ApiResponse(code = 200, message = "Record returned", response = RecordHateoas.class), @ApiResponse(code = 401, message = API_MESSAGE_UNAUTHENTICATED_USER), @ApiResponse(code = 403, message = API_MESSAGE_UNAUTHORISED_FOR_USER), @ApiResponse(code = 500, message = API_MESSAGE_INTERNAL_SERVER_ERROR) })
@Counted
@Timed
@RequestMapping(value = SLASH + LEFT_PARENTHESIS + SYSTEM_ID + RIGHT_PARENTHESIS + SLASH + REGISTRATION, method = RequestMethod.GET)
public ResponseEntity<RecordHateoas> findAllRecordsAssociatedWithFile(final UriComponentsBuilder uriBuilder, HttpServletRequest request, final HttpServletResponse response, @ApiParam(name = "systemID", value = "systemID of the file to retrieve associated Record", required = true) @PathVariable("systemID") final String systemID) {
File file = fileService.findBySystemIdOrderBySystemId(systemID);
if (file == null) {
throw new NoarkEntityNotFoundException("Could not find File object with systemID " + systemID);
}
RecordHateoas recordHateoas = new RecordHateoas(new ArrayList<>(file.getReferenceRecord()));
recordHateoasHandler.addLinks(recordHateoas, request, new Authorisation());
return ResponseEntity.status(HttpStatus.CREATED).allow(CommonUtils.WebUtils.getMethodsForRequestOrThrow(request.getServletPath())).body(recordHateoas);
}
Aggregations