use of org.niis.xroad.restapi.openapi.BadRequestException in project X-Road by nordic-institute.
the class ServiceDescriptionsApiController method refreshServiceDescription.
@Override
@PreAuthorize("hasAnyAuthority('REFRESH_WSDL', 'REFRESH_REST', 'REFRESH_OPENAPI3')")
@AuditEventMethod(event = REFRESH_SERVICE_DESCRIPTION)
public ResponseEntity<ServiceDescription> refreshServiceDescription(String id, IgnoreWarnings ignoreWarnings) {
Long serviceDescriptionId = FormatUtils.parseLongIdOrThrowNotFound(id);
ServiceDescription serviceDescription = null;
try {
serviceDescription = serviceDescriptionConverter.convert(serviceDescriptionService.refreshServiceDescription(serviceDescriptionId, ignoreWarnings.getIgnoreWarnings()));
} catch (WsdlParser.WsdlNotFoundException | UnhandledWarningsException | InvalidUrlException | InvalidWsdlException | ServiceDescriptionService.WrongServiceDescriptionTypeException | OpenApiParser.ParsingException | InvalidServiceUrlException | UnsupportedOpenApiVersionException e) {
throw new BadRequestException(e);
} catch (ServiceDescriptionService.ServiceAlreadyExistsException | ServiceDescriptionService.WsdlUrlAlreadyExistsException e) {
throw new ConflictException(e);
} catch (ServiceDescriptionNotFoundException e) {
throw new ResourceNotFoundException(e);
} catch (InterruptedException e) {
throw new InternalServerErrorException(new ErrorDeviation(ERROR_WSDL_VALIDATOR_INTERRUPTED));
}
return new ResponseEntity<>(serviceDescription, HttpStatus.OK);
}
use of org.niis.xroad.restapi.openapi.BadRequestException in project X-Road by nordic-institute.
the class ServicesApiController method addEndpoint.
@Override
@PreAuthorize("hasAuthority('ADD_OPENAPI3_ENDPOINT')")
@AuditEventMethod(event = RestApiAuditEvent.ADD_REST_ENDPOINT)
public ResponseEntity<Endpoint> addEndpoint(String id, Endpoint endpoint) {
ServiceType serviceType = getServiceType(id);
if (endpoint.getId() != null) {
throw new BadRequestException("Passing id for endpoint while creating it is not allowed");
}
Endpoint ep;
try {
ep = endpointConverter.convert(serviceService.addEndpoint(serviceType, endpoint.getMethod().toString(), endpoint.getPath()));
} catch (EndpointAlreadyExistsException e) {
throw new ConflictException(e);
} catch (ServiceDescriptionService.WrongServiceDescriptionTypeException e) {
throw new BadRequestException(e);
}
return ControllerUtil.createCreatedResponse("/api/endpoints/{id}", ep, ep.getId());
}
use of org.niis.xroad.restapi.openapi.BadRequestException in project X-Road by nordic-institute.
the class ServicesApiController method addServiceServiceClients.
@PreAuthorize("hasAuthority('EDIT_SERVICE_ACL')")
@Override
@AuditEventMethod(event = RestApiAuditEvent.ADD_SERVICE_ACCESS_RIGHTS)
public ResponseEntity<Set<ServiceClient>> addServiceServiceClients(String encodedServiceId, ServiceClients serviceClients) {
ClientId clientId = serviceConverter.parseClientId(encodedServiceId);
String fullServiceCode = serviceConverter.parseFullServiceCode(encodedServiceId);
List<ServiceClientDto> serviceClientDtos;
try {
Set<XRoadId> xRoadIds = serviceClientHelper.processServiceClientXRoadIds(serviceClients);
serviceClientDtos = accessRightService.addSoapServiceAccessRights(clientId, fullServiceCode, xRoadIds);
} catch (ClientNotFoundException | ServiceNotFoundException e) {
throw new ResourceNotFoundException(e);
} catch (ServiceClientNotFoundException e) {
throw new BadRequestException(e);
} catch (AccessRightService.DuplicateAccessRightException e) {
throw new ConflictException(e);
} catch (ServiceClientIdentifierConverter.BadServiceClientIdentifierException e) {
throw serviceClientHelper.wrapInBadRequestException(e);
}
Set<ServiceClient> serviceClientsResult = serviceClientConverter.convertServiceClientDtos(serviceClientDtos);
return new ResponseEntity<>(serviceClientsResult, HttpStatus.OK);
}
use of org.niis.xroad.restapi.openapi.BadRequestException in project X-Road by nordic-institute.
the class CertificateAuthoritiesApiController method getSubjectFieldDescriptions.
// see reason below
@SuppressWarnings("squid:S3655")
@Override
@PreAuthorize("(hasAuthority('GENERATE_AUTH_CERT_REQ') and " + " (#keyUsageType == T(org.niis.xroad.securityserver.restapi.openapi.model.KeyUsageType).AUTHENTICATION))" + " or (hasAuthority('GENERATE_SIGN_CERT_REQ') and " + "(#keyUsageType == T(org.niis.xroad.securityserver.restapi.openapi.model.KeyUsageType).SIGNING))")
public ResponseEntity<Set<CsrSubjectFieldDescription>> getSubjectFieldDescriptions(String caName, KeyUsageType keyUsageType, String keyId, String encodedMemberId, Boolean isNewMember) {
// squid:S3655 throwing NoSuchElementException if there is no value present is
// fine since keyUsageInfo is mandatory parameter
KeyUsageInfo keyUsageInfo = KeyUsageTypeMapping.map(keyUsageType).get();
// memberId is mandatory for sign csrs
if (keyUsageInfo == KeyUsageInfo.SIGNING) {
if (StringUtils.isBlank(encodedMemberId)) {
throw new BadRequestException("memberId is mandatory for sign csrs");
}
}
try {
if (!StringUtils.isBlank(keyId)) {
// validate that key.usage matches keyUsageType
KeyInfo keyInfo = keyService.getKey(keyId);
if (keyInfo.getUsage() != null) {
if (keyInfo.getUsage() != keyUsageInfo) {
throw new BadRequestException("key is for different usage", new ErrorDeviation("wrong_key_usage"));
}
}
}
ClientId memberId = null;
if (!StringUtils.isBlank(encodedMemberId)) {
memberId = clientConverter.convertId(encodedMemberId);
}
CertificateProfileInfo profileInfo;
profileInfo = certificateAuthorityService.getCertificateProfile(caName, keyUsageInfo, memberId, isNewMember);
Set<CsrSubjectFieldDescription> converted = subjectConverter.convert(profileInfo.getSubjectFields());
return new ResponseEntity<>(converted, HttpStatus.OK);
} catch (WrongKeyUsageException | KeyNotFoundException | ClientNotFoundException e) {
throw new BadRequestException(e);
} catch (CertificateAuthorityNotFoundException e) {
throw new ResourceNotFoundException(e);
} catch (CertificateProfileInstantiationException e) {
throw new InternalServerErrorException(e);
}
}
use of org.niis.xroad.restapi.openapi.BadRequestException in project X-Road by nordic-institute.
the class ClientsApiController method addClient.
/**
* This method is synchronized (like client add in old Ruby implementation)
* to prevent a problem with two threads both creating "first" additional members.
*/
@Override
@PreAuthorize("hasAuthority('ADD_CLIENT')")
@AuditEventMethod(event = ADD_CLIENT)
public synchronized ResponseEntity<Client> addClient(ClientAdd clientAdd) {
boolean ignoreWarnings = clientAdd.getIgnoreWarnings();
IsAuthentication isAuthentication = null;
try {
isAuthentication = ConnectionTypeMapping.map(clientAdd.getClient().getConnectionType()).get();
} catch (Exception e) {
throw new BadRequestException("bad connection type parameter", e);
}
ClientType added = null;
try {
added = clientService.addLocalClient(clientAdd.getClient().getMemberClass(), clientAdd.getClient().getMemberCode(), clientAdd.getClient().getSubsystemCode(), isAuthentication, ignoreWarnings);
} catch (ClientService.ClientAlreadyExistsException | ClientService.AdditionalMemberAlreadyExistsException e) {
throw new ConflictException(e);
} catch (UnhandledWarningsException | ClientService.InvalidMemberClassException e) {
throw new BadRequestException(e);
}
Client result = clientConverter.convert(added);
return createCreatedResponse("/api/clients/{id}", result, result.getId());
}
Aggregations