Example 6 with UnsupportedResourceOperationException
use of org.alfresco.rest.framework.core.exceptions.UnsupportedResourceOperationException in project alfresco-remote-api by Alfresco.
the class TasksImpl method update.
@Override
public Task update(String taskId, Task task, Parameters parameters) {
TaskStateTransition taskAction = null;
List<String> selectedProperties = parameters.getSelectedProperties();
if (selectedProperties.contains("state")) {
taskAction = TaskStateTransition.getTaskActionFromString(task.getState());
}
// Fetch the task unfiltered, we check authorization below
TaskQuery query = activitiProcessEngine.getTaskService().createTaskQuery().taskId(taskId);
org.activiti.engine.task.Task taskInstance = query.singleResult();
if (taskInstance == null) {
// Check if task exists in history, to be able to return appropriate error when trying to update an
// existing completed task vs. an unexisting task vs. unauthorized
boolean taskHasExisted = activitiProcessEngine.getHistoryService().createHistoricTaskInstanceQuery().taskId(taskId).count() > 0;
if (taskHasExisted) {
throw new UnsupportedResourceOperationException("Task with id: " + taskId + " cannot be updated, it's completed");
} else {
throw new EntityNotFoundException(taskId);
}
} else {
String user = AuthenticationUtil.getRunAsUser();
// Check if user is either assignee, owner or admin
boolean authorized = authorityService.isAdminAuthority(user) || user.equals(taskInstance.getOwner()) || user.equals(taskInstance.getAssignee());
Set<String> candidateGroups = new HashSet<String>();
if (!authorized) {
// Check if user is initiator of the process this task is involved with
List<IdentityLink> linksForTask = activitiProcessEngine.getTaskService().getIdentityLinksForTask(taskId);
// the identity-links, there is no reason why we should check candidate using a DB-query
for (IdentityLink link : linksForTask) {
if (user.equals(link.getUserId()) && IdentityLinkType.STARTER.equals(link.getType())) {
authorized = true;
break;
}
// MNT-13276
if ((taskInstance.getAssignee() == null) && (link.getGroupId() != null) && link.getType().equals(IdentityLinkType.CANDIDATE)) {
Set<String> userGroups = authorityService.getAuthoritiesForUser(user);
if (userGroups.contains(link.getGroupId())) {
authorized = true;
break;
}
}
if (taskAction == TaskStateTransition.CLAIMED && link.getGroupId() != null && link.getType().equals(IdentityLinkType.CANDIDATE)) {
candidateGroups.add(link.getGroupId());
}
if (taskAction == TaskStateTransition.CLAIMED && link.getUserId() != null && link.getType().equals(IdentityLinkType.CANDIDATE) && user.equals(link.getUserId())) {
// User is a direct candidate for the task, authorized to claim
authorized = true;
break;
}
}
}
// When claiming, a limited update (set assignee through claim) is allowed
if (!authorized && taskAction == TaskStateTransition.CLAIMED) {
Set<String> userGroups = authorityService.getAuthoritiesForUser(user);
for (String group : candidateGroups) {
if (userGroups.contains(group)) {
authorized = true;
break;
}
}
}
if (!authorized) {
// None of the above conditions are met, not authorized to update task
throw new PermissionDeniedException();
}
}
// Update fields if no action is required
if (taskAction == null) {
// Only update task in Activiti API if actual properties are changed
if (updateTaskProperties(selectedProperties, task, taskInstance)) {
activitiProcessEngine.getTaskService().saveTask(taskInstance);
}
} else {
// Perform actions associated to state transition
if (taskAction != null) {
// look for variables submitted with task action
Map<String, Object> globalVariables = new HashMap<String, Object>();
Map<String, Object> localVariables = new HashMap<String, Object>();
if (selectedProperties.contains("variables") && task.getVariables() != null && task.getVariables().size() > 0) {
for (TaskVariable taskVariable : task.getVariables()) {
taskVariable = convertToTypedVariable(taskVariable, taskInstance);
if (taskVariable.getVariableScope() == VariableScope.GLOBAL) {
globalVariables.put(taskVariable.getName(), taskVariable.getValue());
} else {
localVariables.put(taskVariable.getName(), taskVariable.getValue());
}
}
}
switch(taskAction) {
case CLAIMED:
try {
activitiProcessEngine.getTaskService().claim(taskId, AuthenticationUtil.getRunAsUser());
} catch (ActivitiTaskAlreadyClaimedException atace) {
throw new ConstraintViolatedException("The task is already claimed by another user.");
}
break;
case COMPLETED:
if (localVariables.size() > 0) {
activitiProcessEngine.getTaskService().setVariablesLocal(taskId, localVariables);
}
setOutcome(taskId);
if (globalVariables.size() > 0) {
activitiProcessEngine.getTaskService().complete(taskId, globalVariables);
} else {
activitiProcessEngine.getTaskService().complete(taskId);
}
break;
case DELEGATED:
if (selectedProperties.contains("assignee") && task.getAssignee() != null) {
if (taskInstance.getAssignee() == null || !taskInstance.getAssignee().equals(AuthenticationUtil.getRunAsUser())) {
// Alter assignee before delegating to preserve trail of who actually delegated
activitiProcessEngine.getTaskService().setAssignee(taskId, AuthenticationUtil.getRunAsUser());
}
activitiProcessEngine.getTaskService().delegateTask(taskId, task.getAssignee());
} else {
throw new InvalidArgumentException("When delegating a task, assignee should be selected and provided in the request.");
}
break;
case RESOLVED:
if (localVariables.size() > 0) {
activitiProcessEngine.getTaskService().setVariablesLocal(taskId, localVariables);
}
setOutcome(taskId);
if (globalVariables.size() > 0) {
activitiProcessEngine.getTaskService().resolveTask(taskId, globalVariables);
} else {
activitiProcessEngine.getTaskService().resolveTask(taskId);
}
break;
case UNCLAIMED:
activitiProcessEngine.getTaskService().setAssignee(taskId, null);
break;
}
}
}
Task responseTask = new Task(activitiProcessEngine.getHistoryService().createHistoricTaskInstanceQuery().taskId(taskId).singleResult());
// if the task is not ended the task state might be pending or resolved
if (responseTask.getEndedAt() == null) {
try {
org.activiti.engine.task.Task runningTask = activitiProcessEngine.getTaskService().createTaskQuery().taskId(taskId).singleResult();
if (runningTask != null) {
if (runningTask.getDelegationState() == DelegationState.PENDING) {
responseTask.setState(TaskStateTransition.DELEGATED.name().toLowerCase());
} else if (runningTask.getDelegationState() == DelegationState.RESOLVED) {
responseTask.setState(TaskStateTransition.RESOLVED.name().toLowerCase());
}
}
} catch (Exception e) {
// ignore the exception
}
}
return responseTask;
}
Also used :
Task(org.alfresco.rest.workflow.api.model.Task)
TaskStateTransition(org.alfresco.rest.workflow.api.model.TaskStateTransition)
UnsupportedResourceOperationException(org.alfresco.rest.framework.core.exceptions.UnsupportedResourceOperationException)
HashMap(java.util.HashMap)
TaskVariable(org.alfresco.rest.workflow.api.model.TaskVariable)
EntityNotFoundException(org.alfresco.rest.framework.core.exceptions.EntityNotFoundException)
IdentityLink(org.activiti.engine.task.IdentityLink)
ConstraintViolatedException(org.alfresco.rest.framework.core.exceptions.ConstraintViolatedException)
PermissionDeniedException(org.alfresco.rest.framework.core.exceptions.PermissionDeniedException)
EntityNotFoundException(org.alfresco.rest.framework.core.exceptions.EntityNotFoundException)
UnsupportedResourceOperationException(org.alfresco.rest.framework.core.exceptions.UnsupportedResourceOperationException)
ActivitiTaskAlreadyClaimedException(org.activiti.engine.ActivitiTaskAlreadyClaimedException)
ConstraintViolatedException(org.alfresco.rest.framework.core.exceptions.ConstraintViolatedException)
InvalidQNameException(org.alfresco.service.namespace.InvalidQNameException)
InvalidArgumentException(org.alfresco.rest.framework.core.exceptions.InvalidArgumentException)
ActivitiTaskAlreadyClaimedException(org.activiti.engine.ActivitiTaskAlreadyClaimedException)
InvalidArgumentException(org.alfresco.rest.framework.core.exceptions.InvalidArgumentException)
TaskQuery(org.activiti.engine.task.TaskQuery)
PermissionDeniedException(org.alfresco.rest.framework.core.exceptions.PermissionDeniedException)
HashSet(java.util.HashSet)
Example 7 with UnsupportedResourceOperationException
use of org.alfresco.rest.framework.core.exceptions.UnsupportedResourceOperationException in project alfresco-remote-api by Alfresco.
the class ResourceWebScriptGet method extractParams.
@Override
public Params extractParams(ResourceMetadata resourceMeta, WebScriptRequest req) {
final String entityId = req.getServiceMatch().getTemplateVars().get(ResourceLocator.ENTITY_ID);
final String relationshipId = req.getServiceMatch().getTemplateVars().get(ResourceLocator.RELATIONSHIP_ID);
final RecognizedParams params = getRecognizedParams(req);
switch(resourceMeta.getType()) {
case ENTITY:
if (StringUtils.isNotBlank(entityId)) {
return Params.valueOf(params, entityId, null, req);
} else {
// collection resource
return Params.valueOf(params, null, null, req);
}
case RELATIONSHIP:
if (StringUtils.isNotBlank(relationshipId)) {
return Params.valueOf(params, entityId, relationshipId, req);
} else {
// relationship collection resource
return Params.valueOf(params, entityId, null, req);
}
case PROPERTY:
final String resourceName = req.getServiceMatch().getTemplateVars().get(ResourceLocator.RELATIONSHIP_RESOURCE);
final String propertyName = req.getServiceMatch().getTemplateVars().get(ResourceLocator.PROPERTY);
if (StringUtils.isNotBlank(entityId) && StringUtils.isNotBlank(resourceName)) {
if (StringUtils.isNotBlank(propertyName)) {
return Params.valueOf(entityId, relationshipId, null, null, propertyName, params, null, req);
} else {
return Params.valueOf(entityId, null, null, null, resourceName, params, null, req);
}
}
// Fall through to unsupported.
default:
throw new UnsupportedResourceOperationException("GET not supported for Actions");
}
}
Also used :
RecognizedParams(org.alfresco.rest.framework.resource.parameters.Params.RecognizedParams)
UnsupportedResourceOperationException(org.alfresco.rest.framework.core.exceptions.UnsupportedResourceOperationException)
Example 8 with UnsupportedResourceOperationException
use of org.alfresco.rest.framework.core.exceptions.UnsupportedResourceOperationException in project alfresco-remote-api by Alfresco.
the class ResourceWebScriptPost method extractObjFromJson.
/**
* If the @WebApiParam has been used and set allowMultiple to false then this will get a single entry. It
* should error if an array is passed in.
* @param resourceMeta ResourceMetadata
* @param req WebScriptRequest
* @return Either an object
*/
private Object extractObjFromJson(ResourceMetadata resourceMeta, ResourceOperation operation, WebScriptRequest req) {
if (operation == null) {
return null;
}
Class<?> objType = resourceMeta.getObjectType(operation);
boolean isTypeOperation = resourceMeta.getType().equals(ResourceMetadata.RESOURCE_TYPE.OPERATION);
List<ResourceParameter> params = operation.getParameters();
if (!params.isEmpty()) {
for (ResourceParameter resourceParameter : params) {
// POST to collection may or may not support List as json body, Operations don't support a List as json body
boolean notMultiple = ((!resourceParameter.isAllowMultiple()) || isTypeOperation);
if (ResourceParameter.KIND.HTTP_BODY_OBJECT.equals(resourceParameter.getParamType()) && notMultiple) {
// Only allow 1 value.
try {
Object jsonContent = null;
if (objType != null) {
// check if the body is optional and is not provided
if (!resourceParameter.isRequired() && Integer.valueOf(req.getHeader("content-length")) <= 0) {
// in some cases the body is optional and the json doesn't need to be extracted
return null;
} else {
jsonContent = extractJsonContent(req, assistant.getJsonHelper(), objType);
}
}
if (isTypeOperation) {
return jsonContent;
} else {
return Arrays.asList(jsonContent);
}
} catch (InvalidArgumentException iae) {
if (iae.getMessage().contains("START_ARRAY") && iae.getMessage().contains("line: 1, column: 1")) {
throw new UnsupportedResourceOperationException("Only 1 entity is supported in the HTTP request body");
} else {
throw iae;
}
}
}
}
}
if (objType == null) {
return null;
}
if (isTypeOperation) {
// Operations don't support a List as json body
return extractJsonContent(req, assistant.getJsonHelper(), objType);
} else {
return extractJsonContentAsList(req, assistant.getJsonHelper(), objType);
}
}
Also used :
ResourceParameter(org.alfresco.rest.framework.core.ResourceParameter)
InvalidArgumentException(org.alfresco.rest.framework.core.exceptions.InvalidArgumentException)
UnsupportedResourceOperationException(org.alfresco.rest.framework.core.exceptions.UnsupportedResourceOperationException)
Example 9 with UnsupportedResourceOperationException
use of org.alfresco.rest.framework.core.exceptions.UnsupportedResourceOperationException in project alfresco-remote-api by Alfresco.
the class GroupsImpl method getGroupMembers.
public CollectionWithPagingInfo<GroupMember> getGroupMembers(String groupId, final Parameters parameters) {
validateGroupId(groupId, false);
// Not allowed to list all members.
if (PermissionService.ALL_AUTHORITIES.equals(groupId)) {
throw new UnsupportedResourceOperationException();
}
Paging paging = parameters.getPaging();
// Retrieve sort column. This is limited for now to sort column due to
// v0 api implementation. Should be improved in the future.
Pair<String, Boolean> sortProp = getGroupsSortProp(parameters);
AuthorityType authorityType = null;
// Parse where clause properties.
Query q = parameters.getQuery();
if (q != null) {
MapBasedQueryWalkerOrSupported propertyWalker = new MapBasedQueryWalkerOrSupported(LIST_GROUP_MEMBERS_QUERY_PROPERTIES, null);
QueryHelper.walk(q, propertyWalker);
String memberTypeStr = propertyWalker.getProperty(PARAM_MEMBER_TYPE, WhereClauseParser.EQUALS, String.class);
authorityType = getAuthorityType(memberTypeStr);
}
PagingResults<AuthorityInfo> pagingResult = getAuthoritiesInfo(authorityType, groupId, sortProp, paging);
// Create response.
final List<AuthorityInfo> page = pagingResult.getPage();
int totalItems = pagingResult.getTotalResultCount().getFirst();
List<GroupMember> groupMembers = new AbstractList<GroupMember>() {
@Override
public GroupMember get(int index) {
AuthorityInfo authorityInfo = page.get(index);
return getGroupMember(authorityInfo);
}
@Override
public int size() {
return page.size();
}
};
return CollectionWithPagingInfo.asPaged(paging, groupMembers, pagingResult.hasMoreItems(), totalItems);
}
Also used :
AbstractList(java.util.AbstractList)
GroupMember(org.alfresco.rest.api.model.GroupMember)
Query(org.alfresco.rest.framework.resource.parameters.where.Query)
UnsupportedResourceOperationException(org.alfresco.rest.framework.core.exceptions.UnsupportedResourceOperationException)
Paging(org.alfresco.rest.framework.resource.parameters.Paging)
AuthorityType(org.alfresco.service.cmr.security.AuthorityType)
AuthorityInfo(org.alfresco.repo.security.authority.AuthorityInfo)
MapBasedQueryWalkerOrSupported(org.alfresco.rest.workflow.api.impl.MapBasedQueryWalkerOrSupported)
Example 10 with UnsupportedResourceOperationException
use of org.alfresco.rest.framework.core.exceptions.UnsupportedResourceOperationException in project alfresco-remote-api by Alfresco.
the class NodeRatingsImpl method addRating.
public void addRating(String nodeId, String ratingSchemeId, Object rating) {
NodeRef nodeRef = nodes.validateNode(nodeId);
RatingScheme ratingScheme = validateRatingScheme(ratingSchemeId);
if (!typeConstraint.matches(nodeRef)) {
throw new UnsupportedResourceOperationException("Cannot rate this node");
}
ratingScheme.applyRating(nodeRef, rating);
}
Also used :
NodeRef(org.alfresco.service.cmr.repository.NodeRef)
RatingScheme(org.alfresco.rest.api.impl.node.ratings.RatingScheme)
UnsupportedResourceOperationException(org.alfresco.rest.framework.core.exceptions.UnsupportedResourceOperationException)
Aggregations
UnsupportedResourceOperationException (org.alfresco.rest.framework.core.exceptions.UnsupportedResourceOperationException)17
HashMap (java.util.HashMap)8
Test (org.junit.Test)8
ResourceWithMetadata (org.alfresco.rest.framework.core.ResourceWithMetadata)4
InvalidArgumentException (org.alfresco.rest.framework.core.exceptions.InvalidArgumentException)4
Api (org.alfresco.rest.framework.Api)3
ResourceOperation (org.alfresco.rest.framework.core.ResourceOperation)3
EntityResourceAction (org.alfresco.rest.framework.resource.actions.interfaces.EntityResourceAction)3
Params (org.alfresco.rest.framework.resource.parameters.Params)3
RecognizedParams (org.alfresco.rest.framework.resource.parameters.Params.RecognizedParams)3
Match (org.springframework.extensions.webscripts.Match)3
WebScriptRequest (org.springframework.extensions.webscripts.WebScriptRequest)3
StringReader (java.io.StringReader)2
AbstractList (java.util.AbstractList)2
ResourceParameter (org.alfresco.rest.framework.core.ResourceParameter)2
ConstraintViolatedException (org.alfresco.rest.framework.core.exceptions.ConstraintViolatedException)2
DeletedResourceException (org.alfresco.rest.framework.core.exceptions.DeletedResourceException)2
EntityNotFoundException (org.alfresco.rest.framework.core.exceptions.EntityNotFoundException)2
NotFoundException (org.alfresco.rest.framework.core.exceptions.NotFoundException)2
PermissionDeniedException (org.alfresco.rest.framework.core.exceptions.PermissionDeniedException)2
