Search in sources :

Example 1 with BadRequestException

use of org.niis.xroad.restapi.openapi.BadRequestException in project X-Road by nordic-institute.

the class ServiceDescriptionsApiController method refreshServiceDescription.

@Override
@PreAuthorize("hasAnyAuthority('REFRESH_WSDL', 'REFRESH_REST', 'REFRESH_OPENAPI3')")
@AuditEventMethod(event = REFRESH_SERVICE_DESCRIPTION)
public ResponseEntity<ServiceDescription> refreshServiceDescription(String id, IgnoreWarnings ignoreWarnings) {
    Long serviceDescriptionId = FormatUtils.parseLongIdOrThrowNotFound(id);
    ServiceDescription serviceDescription = null;
    try {
        serviceDescription = serviceDescriptionConverter.convert(serviceDescriptionService.refreshServiceDescription(serviceDescriptionId, ignoreWarnings.getIgnoreWarnings()));
    } catch (WsdlParser.WsdlNotFoundException | UnhandledWarningsException | InvalidUrlException | InvalidWsdlException | ServiceDescriptionService.WrongServiceDescriptionTypeException | OpenApiParser.ParsingException | InvalidServiceUrlException | UnsupportedOpenApiVersionException e) {
        throw new BadRequestException(e);
    } catch (ServiceDescriptionService.ServiceAlreadyExistsException | ServiceDescriptionService.WsdlUrlAlreadyExistsException e) {
        throw new ConflictException(e);
    } catch (ServiceDescriptionNotFoundException e) {
        throw new ResourceNotFoundException(e);
    } catch (InterruptedException e) {
        throw new InternalServerErrorException(new ErrorDeviation(ERROR_WSDL_VALIDATOR_INTERRUPTED));
    }
    return new ResponseEntity<>(serviceDescription, HttpStatus.OK);
}
Also used : ServiceDescription(org.niis.xroad.securityserver.restapi.openapi.model.ServiceDescription) InvalidUrlException(org.niis.xroad.securityserver.restapi.service.InvalidUrlException) ErrorDeviation(org.niis.xroad.restapi.exceptions.ErrorDeviation) InvalidServiceUrlException(org.niis.xroad.securityserver.restapi.service.InvalidServiceUrlException) ResponseEntity(org.springframework.http.ResponseEntity) UnhandledWarningsException(org.niis.xroad.restapi.service.UnhandledWarningsException) UnsupportedOpenApiVersionException(org.niis.xroad.securityserver.restapi.wsdl.UnsupportedOpenApiVersionException) BadRequestException(org.niis.xroad.restapi.openapi.BadRequestException) ResourceNotFoundException(org.niis.xroad.restapi.openapi.ResourceNotFoundException) InvalidWsdlException(org.niis.xroad.securityserver.restapi.wsdl.InvalidWsdlException) ServiceDescriptionNotFoundException(org.niis.xroad.securityserver.restapi.service.ServiceDescriptionNotFoundException) PreAuthorize(org.springframework.security.access.prepost.PreAuthorize) AuditEventMethod(org.niis.xroad.restapi.config.audit.AuditEventMethod)

Example 2 with BadRequestException

use of org.niis.xroad.restapi.openapi.BadRequestException in project X-Road by nordic-institute.

the class ServicesApiController method addEndpoint.

@Override
@PreAuthorize("hasAuthority('ADD_OPENAPI3_ENDPOINT')")
@AuditEventMethod(event = RestApiAuditEvent.ADD_REST_ENDPOINT)
public ResponseEntity<Endpoint> addEndpoint(String id, Endpoint endpoint) {
    ServiceType serviceType = getServiceType(id);
    if (endpoint.getId() != null) {
        throw new BadRequestException("Passing id for endpoint while creating it is not allowed");
    }
    Endpoint ep;
    try {
        ep = endpointConverter.convert(serviceService.addEndpoint(serviceType, endpoint.getMethod().toString(), endpoint.getPath()));
    } catch (EndpointAlreadyExistsException e) {
        throw new ConflictException(e);
    } catch (ServiceDescriptionService.WrongServiceDescriptionTypeException e) {
        throw new BadRequestException(e);
    }
    return ControllerUtil.createCreatedResponse("/api/endpoints/{id}", ep, ep.getId());
}
Also used : Endpoint(org.niis.xroad.securityserver.restapi.openapi.model.Endpoint) ServiceType(ee.ria.xroad.common.conf.serverconf.model.ServiceType) BadRequestException(org.niis.xroad.restapi.openapi.BadRequestException) EndpointAlreadyExistsException(org.niis.xroad.securityserver.restapi.service.EndpointAlreadyExistsException) ServiceDescriptionService(org.niis.xroad.securityserver.restapi.service.ServiceDescriptionService) PreAuthorize(org.springframework.security.access.prepost.PreAuthorize) AuditEventMethod(org.niis.xroad.restapi.config.audit.AuditEventMethod)

Example 3 with BadRequestException

use of org.niis.xroad.restapi.openapi.BadRequestException in project X-Road by nordic-institute.

the class ServicesApiController method addServiceServiceClients.

@PreAuthorize("hasAuthority('EDIT_SERVICE_ACL')")
@Override
@AuditEventMethod(event = RestApiAuditEvent.ADD_SERVICE_ACCESS_RIGHTS)
public ResponseEntity<Set<ServiceClient>> addServiceServiceClients(String encodedServiceId, ServiceClients serviceClients) {
    ClientId clientId = serviceConverter.parseClientId(encodedServiceId);
    String fullServiceCode = serviceConverter.parseFullServiceCode(encodedServiceId);
    List<ServiceClientDto> serviceClientDtos;
    try {
        Set<XRoadId> xRoadIds = serviceClientHelper.processServiceClientXRoadIds(serviceClients);
        serviceClientDtos = accessRightService.addSoapServiceAccessRights(clientId, fullServiceCode, xRoadIds);
    } catch (ClientNotFoundException | ServiceNotFoundException e) {
        throw new ResourceNotFoundException(e);
    } catch (ServiceClientNotFoundException e) {
        throw new BadRequestException(e);
    } catch (AccessRightService.DuplicateAccessRightException e) {
        throw new ConflictException(e);
    } catch (ServiceClientIdentifierConverter.BadServiceClientIdentifierException e) {
        throw serviceClientHelper.wrapInBadRequestException(e);
    }
    Set<ServiceClient> serviceClientsResult = serviceClientConverter.convertServiceClientDtos(serviceClientDtos);
    return new ResponseEntity<>(serviceClientsResult, HttpStatus.OK);
}
Also used : ServiceClientDto(org.niis.xroad.securityserver.restapi.dto.ServiceClientDto) ServiceClientNotFoundException(org.niis.xroad.securityserver.restapi.service.ServiceClientNotFoundException) ClientNotFoundException(org.niis.xroad.securityserver.restapi.service.ClientNotFoundException) XRoadId(ee.ria.xroad.common.identifier.XRoadId) ServiceClientIdentifierConverter(org.niis.xroad.securityserver.restapi.converter.ServiceClientIdentifierConverter) ResponseEntity(org.springframework.http.ResponseEntity) ServiceNotFoundException(org.niis.xroad.securityserver.restapi.service.ServiceNotFoundException) ServiceClient(org.niis.xroad.securityserver.restapi.openapi.model.ServiceClient) ServiceClientNotFoundException(org.niis.xroad.securityserver.restapi.service.ServiceClientNotFoundException) AccessRightService(org.niis.xroad.securityserver.restapi.service.AccessRightService) ClientId(ee.ria.xroad.common.identifier.ClientId) BadRequestException(org.niis.xroad.restapi.openapi.BadRequestException) ResourceNotFoundException(org.niis.xroad.restapi.openapi.ResourceNotFoundException) PreAuthorize(org.springframework.security.access.prepost.PreAuthorize) AuditEventMethod(org.niis.xroad.restapi.config.audit.AuditEventMethod)

Example 4 with BadRequestException

use of org.niis.xroad.restapi.openapi.BadRequestException in project X-Road by nordic-institute.

the class CertificateAuthoritiesApiController method getSubjectFieldDescriptions.

// see reason below
@SuppressWarnings("squid:S3655")
@Override
@PreAuthorize("(hasAuthority('GENERATE_AUTH_CERT_REQ') and " + " (#keyUsageType == T(org.niis.xroad.securityserver.restapi.openapi.model.KeyUsageType).AUTHENTICATION))" + " or (hasAuthority('GENERATE_SIGN_CERT_REQ') and " + "(#keyUsageType == T(org.niis.xroad.securityserver.restapi.openapi.model.KeyUsageType).SIGNING))")
public ResponseEntity<Set<CsrSubjectFieldDescription>> getSubjectFieldDescriptions(String caName, KeyUsageType keyUsageType, String keyId, String encodedMemberId, Boolean isNewMember) {
    // squid:S3655 throwing NoSuchElementException if there is no value present is
    // fine since keyUsageInfo is mandatory parameter
    KeyUsageInfo keyUsageInfo = KeyUsageTypeMapping.map(keyUsageType).get();
    // memberId is mandatory for sign csrs
    if (keyUsageInfo == KeyUsageInfo.SIGNING) {
        if (StringUtils.isBlank(encodedMemberId)) {
            throw new BadRequestException("memberId is mandatory for sign csrs");
        }
    }
    try {
        if (!StringUtils.isBlank(keyId)) {
            // validate that key.usage matches keyUsageType
            KeyInfo keyInfo = keyService.getKey(keyId);
            if (keyInfo.getUsage() != null) {
                if (keyInfo.getUsage() != keyUsageInfo) {
                    throw new BadRequestException("key is for different usage", new ErrorDeviation("wrong_key_usage"));
                }
            }
        }
        ClientId memberId = null;
        if (!StringUtils.isBlank(encodedMemberId)) {
            memberId = clientConverter.convertId(encodedMemberId);
        }
        CertificateProfileInfo profileInfo;
        profileInfo = certificateAuthorityService.getCertificateProfile(caName, keyUsageInfo, memberId, isNewMember);
        Set<CsrSubjectFieldDescription> converted = subjectConverter.convert(profileInfo.getSubjectFields());
        return new ResponseEntity<>(converted, HttpStatus.OK);
    } catch (WrongKeyUsageException | KeyNotFoundException | ClientNotFoundException e) {
        throw new BadRequestException(e);
    } catch (CertificateAuthorityNotFoundException e) {
        throw new ResourceNotFoundException(e);
    } catch (CertificateProfileInstantiationException e) {
        throw new InternalServerErrorException(e);
    }
}
Also used : ClientNotFoundException(org.niis.xroad.securityserver.restapi.service.ClientNotFoundException) CertificateAuthorityNotFoundException(org.niis.xroad.securityserver.restapi.service.CertificateAuthorityNotFoundException) CertificateProfileInfo(ee.ria.xroad.common.certificateprofile.CertificateProfileInfo) ErrorDeviation(org.niis.xroad.restapi.exceptions.ErrorDeviation) ResponseEntity(org.springframework.http.ResponseEntity) CertificateProfileInstantiationException(org.niis.xroad.securityserver.restapi.service.CertificateProfileInstantiationException) KeyInfo(ee.ria.xroad.signer.protocol.dto.KeyInfo) WrongKeyUsageException(org.niis.xroad.securityserver.restapi.service.WrongKeyUsageException) BadRequestException(org.niis.xroad.restapi.openapi.BadRequestException) ClientId(ee.ria.xroad.common.identifier.ClientId) CsrSubjectFieldDescription(org.niis.xroad.securityserver.restapi.openapi.model.CsrSubjectFieldDescription) ResourceNotFoundException(org.niis.xroad.restapi.openapi.ResourceNotFoundException) KeyUsageInfo(ee.ria.xroad.signer.protocol.dto.KeyUsageInfo) KeyNotFoundException(org.niis.xroad.securityserver.restapi.service.KeyNotFoundException) PreAuthorize(org.springframework.security.access.prepost.PreAuthorize)

Example 5 with BadRequestException

use of org.niis.xroad.restapi.openapi.BadRequestException in project X-Road by nordic-institute.

the class ClientsApiController method addClient.

/**
 * This method is synchronized (like client add in old Ruby implementation)
 * to prevent a problem with two threads both creating "first" additional members.
 */
@Override
@PreAuthorize("hasAuthority('ADD_CLIENT')")
@AuditEventMethod(event = ADD_CLIENT)
public synchronized ResponseEntity<Client> addClient(ClientAdd clientAdd) {
    boolean ignoreWarnings = clientAdd.getIgnoreWarnings();
    IsAuthentication isAuthentication = null;
    try {
        isAuthentication = ConnectionTypeMapping.map(clientAdd.getClient().getConnectionType()).get();
    } catch (Exception e) {
        throw new BadRequestException("bad connection type parameter", e);
    }
    ClientType added = null;
    try {
        added = clientService.addLocalClient(clientAdd.getClient().getMemberClass(), clientAdd.getClient().getMemberCode(), clientAdd.getClient().getSubsystemCode(), isAuthentication, ignoreWarnings);
    } catch (ClientService.ClientAlreadyExistsException | ClientService.AdditionalMemberAlreadyExistsException e) {
        throw new ConflictException(e);
    } catch (UnhandledWarningsException | ClientService.InvalidMemberClassException e) {
        throw new BadRequestException(e);
    }
    Client result = clientConverter.convert(added);
    return createCreatedResponse("/api/clients/{id}", result, result.getId());
}
Also used : ClientType(ee.ria.xroad.common.conf.serverconf.model.ClientType) ServiceClientType(org.niis.xroad.securityserver.restapi.openapi.model.ServiceClientType) GlobalConfOutdatedException(org.niis.xroad.securityserver.restapi.service.GlobalConfOutdatedException) UnsupportedOpenApiVersionException(org.niis.xroad.securityserver.restapi.wsdl.UnsupportedOpenApiVersionException) InvalidUrlException(org.niis.xroad.securityserver.restapi.service.InvalidUrlException) MissingParameterException(org.niis.xroad.securityserver.restapi.service.MissingParameterException) ServiceClientNotFoundException(org.niis.xroad.securityserver.restapi.service.ServiceClientNotFoundException) CertificateNotFoundException(org.niis.xroad.securityserver.restapi.service.CertificateNotFoundException) InvalidWsdlException(org.niis.xroad.securityserver.restapi.wsdl.InvalidWsdlException) InvalidServiceUrlException(org.niis.xroad.securityserver.restapi.service.InvalidServiceUrlException) ResourceNotFoundException(org.niis.xroad.restapi.openapi.ResourceNotFoundException) ActionNotPossibleException(org.niis.xroad.securityserver.restapi.service.ActionNotPossibleException) ServiceNotFoundException(org.niis.xroad.securityserver.restapi.service.ServiceNotFoundException) BadRequestException(org.niis.xroad.restapi.openapi.BadRequestException) ClientNotFoundException(org.niis.xroad.securityserver.restapi.service.ClientNotFoundException) UnhandledWarningsException(org.niis.xroad.restapi.service.UnhandledWarningsException) CertificateAlreadyExistsException(org.niis.xroad.securityserver.restapi.service.CertificateAlreadyExistsException) CertificateException(java.security.cert.CertificateException) IsAuthentication(ee.ria.xroad.common.conf.serverconf.IsAuthentication) UnhandledWarningsException(org.niis.xroad.restapi.service.UnhandledWarningsException) BadRequestException(org.niis.xroad.restapi.openapi.BadRequestException) Client(org.niis.xroad.securityserver.restapi.openapi.model.Client) ServiceClient(org.niis.xroad.securityserver.restapi.openapi.model.ServiceClient) PreAuthorize(org.springframework.security.access.prepost.PreAuthorize) AuditEventMethod(org.niis.xroad.restapi.config.audit.AuditEventMethod)

Aggregations

BadRequestException (org.niis.xroad.restapi.openapi.BadRequestException)52 PreAuthorize (org.springframework.security.access.prepost.PreAuthorize)26 Test (org.junit.Test)25 WithMockUser (org.springframework.security.test.context.support.WithMockUser)25 AuditEventMethod (org.niis.xroad.restapi.config.audit.AuditEventMethod)22 ResourceNotFoundException (org.niis.xroad.restapi.openapi.ResourceNotFoundException)22 ResponseEntity (org.springframework.http.ResponseEntity)19 ClientNotFoundException (org.niis.xroad.securityserver.restapi.service.ClientNotFoundException)17 ClientId (ee.ria.xroad.common.identifier.ClientId)12 ErrorDeviation (org.niis.xroad.restapi.exceptions.ErrorDeviation)12 ServiceClientNotFoundException (org.niis.xroad.securityserver.restapi.service.ServiceClientNotFoundException)12 WsdlValidatorTest (org.niis.xroad.securityserver.restapi.wsdl.WsdlValidatorTest)9 UnhandledWarningsException (org.niis.xroad.restapi.service.UnhandledWarningsException)8 ServiceClient (org.niis.xroad.securityserver.restapi.openapi.model.ServiceClient)8 XRoadId (ee.ria.xroad.common.identifier.XRoadId)7 ServiceClientIdentifierConverter (org.niis.xroad.securityserver.restapi.converter.ServiceClientIdentifierConverter)6 ServiceNotFoundException (org.niis.xroad.securityserver.restapi.service.ServiceNotFoundException)6 ActionNotPossibleException (org.niis.xroad.securityserver.restapi.service.ActionNotPossibleException)5 CertificateAlreadyExistsException (org.niis.xroad.securityserver.restapi.service.CertificateAlreadyExistsException)5 InvalidUrlException (org.niis.xroad.securityserver.restapi.service.InvalidUrlException)5