common/securis.git

..	..	@@ -1,11 +1,15 @@
1	1	package net.curisit.securis.services;
2	2
3	3	import java.io.File;
	4	+import java.io.FileWriter;
4	5	import java.io.IOException;
	6	+import java.nio.file.Files;
	7	+import java.text.MessageFormat;
5	8	import java.util.Date;
	9	+import java.util.HashMap;
6	10	import java.util.List;
7	11	import java.util.Map;
8		-import java.util.TreeMap;
	12	+import java.util.Set;
9	13
10	14	import javax.inject.Inject;
11	15	import javax.inject.Provider;
..	..	@@ -13,6 +17,8 @@
13	17	import javax.persistence.TypedQuery;
14	18	import javax.ws.rs.Consumes;
15	19	import javax.ws.rs.DELETE;
	20	+import javax.ws.rs.DefaultValue;
	21	+import javax.ws.rs.FormParam;
16	22	import javax.ws.rs.GET;
17	23	import javax.ws.rs.POST;
18	24	import javax.ws.rs.PUT;
..	..	@@ -27,16 +33,26 @@
27	33
28	34	import net.curisit.integrity.commons.JsonUtils;
29	35	import net.curisit.integrity.commons.Utils;
	36	+import net.curisit.integrity.exception.CurisException;
30	37	import net.curisit.securis.DefaultExceptionHandler;
	38	+import net.curisit.securis.LicenseGenerator;
31	39	import net.curisit.securis.SeCurisException;
	40	+import net.curisit.securis.beans.LicenseBean;
32	41	import net.curisit.securis.beans.RequestBean;
	42	+import net.curisit.securis.beans.SignedLicenseBean;
	43	+import net.curisit.securis.db.Application;
33	44	import net.curisit.securis.db.License;
34	45	import net.curisit.securis.db.LicenseHistory;
	46	+import net.curisit.securis.db.LicenseStatus;
35	47	import net.curisit.securis.db.Pack;
	48	+import net.curisit.securis.db.PackMetadata;
36	49	import net.curisit.securis.db.User;
37	50	import net.curisit.securis.security.BasicSecurityContext;
38	51	import net.curisit.securis.security.Securable;
39	52	import net.curisit.securis.services.exception.SeCurisServiceException;
	53	+import net.curisit.securis.services.exception.SeCurisServiceException.ErrorCodes;
	54	+import net.curisit.securis.utils.EmailManager;
	55	+import net.curisit.securis.utils.Params;
40	56	import net.curisit.securis.utils.TokenHelper;
41	57
42	58	import org.apache.commons.io.IOUtils;
..	..	@@ -60,7 +76,13 @@
60	76	TokenHelper tokenHelper;
61	77
62	78	@Inject
	79	+ EmailManager emailManager;
	80	+
	81	+ @Inject
63	82	Provider<EntityManager> emProvider;
	83	+
	84	+ @Inject
	85	+ LicenseGenerator licenseGenerator;
64	86
65	87	/**
66	88	*
..	..	@@ -138,11 +160,16 @@
138	160	LOG.error("License with id {} is not active, so It can not downloaded", licId, bsc.getUserPrincipal());
139	161	throw new SeCurisServiceException(Status.FORBIDDEN.getStatusCode(), "License is not active, so It can not be downloaded");
140	162	}
141		- return Response.ok(lic.getLicenseData()).build();
	163	+ em.persist(createLicenseHistoryAction(lic, getUser(bsc, em), LicenseHistory.Actions.DOWNLOAD));
	164	+ return Response
	165	+ .ok(lic.getLicenseData())
	166	+ .header("Content-Disposition",
	167	+ String.format("attachment; filename=\"%s\"", lic.getPack().getLicenseType().getApplication().getLicenseFilename())).build();
142	168	}
143	169
144	170	/**
145	171	* Activate the given license
	172	+ *
146	173	* @param licId
147	174	* @param bsc
148	175	* @return
..	..	@@ -168,8 +195,9 @@
168	195	+ " can not be activated from the current license status");
169	196	}
170	197
171		- lic.setStatus(License.Status.ACTIVE);
	198	+ lic.setStatus(LicenseStatus.ACTIVE);
172	199	lic.setModificationTimestamp(new Date());
	200	+
173	201	em.persist(lic);
174	202	User user = getUser(bsc.getUserPrincipal().getName(), em);
175	203	em.persist(createLicenseHistoryAction(lic, user, LicenseHistory.Actions.ACTIVATE));
..	..	@@ -178,6 +206,7 @@
178	206
179	207	/**
180	208	* Send license file by email to the organization
	209	+ *
181	210	* @param licId
182	211	* @param bsc
183	212	* @return
..	..	@@ -192,13 +221,34 @@
192	221	@Produces({
193	222	MediaType.APPLICATION_JSON
194	223	})
195		- public Response send(@PathParam("licId") Integer licId, @Context BasicSecurityContext bsc) throws SeCurisServiceException {
	224	+ public Response send(@PathParam("licId") Integer licId, @DefaultValue("false") @FormParam("add_cc") Boolean addCC,
	225	+ @Context BasicSecurityContext bsc) throws SeCurisServiceException, SeCurisException {
196	226
197	227	EntityManager em = emProvider.get();
198	228	License lic = getCurrentLicense(licId, bsc, em);
	229	+ Application app = lic.getPack().getLicenseType().getApplication();
	230	+ File licFile = null;
	231	+ if (lic.getLicenseData() == null) {
	232	+ throw new SeCurisServiceException(Status.NOT_FOUND.getStatusCode(), "There is no license file available");
	233	+ }
199	234
200	235	User user = getUser(bsc.getUserPrincipal().getName(), em);
201		- // TODO: Send mail with lic file
	236	+ try {
	237	+ String subject = MessageFormat.format(Params.get(Params.KEYS.EMAIL_LIC_DEFAULT_SUBJECT), lic.getPack().getAppName());
	238	+ String email_tpl = IOUtils.toString(this.getClass().getResourceAsStream("/lic_email_template.en"));
	239	+ String body = MessageFormat.format(email_tpl, lic.getFullName(), app.getName());
	240	+ licFile = createTemporaryLicenseFile(lic, app.getLicenseFilename());
	241	+
	242	+ emailManager.sendEmail(subject, body, lic.getEmail(), addCC ? user.getEmail() : null, licFile);
	243	+ } catch (IOException e) {
	244	+ LOG.error("Error creating temporary license file", e);
	245	+ throw new SeCurisServiceException(Status.NOT_FOUND.getStatusCode(), "There is no license file available");
	246	+ } finally {
	247	+ if (licFile != null) {
	248	+ licFile.delete();
	249	+ }
	250	+ }
	251	+
202	252	lic.setModificationTimestamp(new Date());
203	253	em.persist(lic);
204	254	em.persist(createLicenseHistoryAction(lic, user, LicenseHistory.Actions.SEND, "Email sent to: " + lic.getEmail()));
..	..	@@ -207,6 +257,7 @@
207	257
208	258	/**
209	259	* Cancel given license
	260	+ *
210	261	* @param licId
211	262	* @param bsc
212	263	* @return
..	..	@@ -221,7 +272,8 @@
221	272	@Produces({
222	273	MediaType.APPLICATION_JSON
223	274	})
224		- public Response cancel(@PathParam("licId") Integer licId, @Context BasicSecurityContext bsc) throws SeCurisServiceException {
	275	+ public Response cancel(@PathParam("licId") Integer licId, @FormParam("reason") String reason, @Context BasicSecurityContext bsc)
	276	+ throws SeCurisServiceException {
225	277
226	278	EntityManager em = emProvider.get();
227	279	License lic = getCurrentLicense(licId, bsc, em);
..	..	@@ -232,12 +284,17 @@
232	284	+ " can not be canceled from the current license status");
233	285	}
234	286
235		- lic.setStatus(License.Status.CANCELED);
	287	+ if (reason == null && (lic.getStatus() == LicenseStatus.ACTIVE \|\| lic.getStatus() == LicenseStatus.PRE_ACTIVE)) {
	288	+ LOG.error("To cancel an active License we need a reason, lic ID: {}, user: {}", lic.getId(), bsc.getUserPrincipal().getName());
	289	+ throw new SeCurisServiceException(Status.FORBIDDEN.getStatusCode(), "Active license with id " + licId
	290	+ + " can not be canceled without a reason");
	291	+ }
	292	+
	293	+ lic.setStatus(LicenseStatus.CANCELLED);
236	294	lic.setModificationTimestamp(new Date());
237	295	em.persist(lic);
238	296
239		- User user = getUser(bsc.getUserPrincipal().getName(), em);
240		- em.persist(createLicenseHistoryAction(lic, user, LicenseHistory.Actions.CANCEL));
	297	+ em.persist(createLicenseHistoryAction(lic, getUser(bsc, em), LicenseHistory.Actions.CANCEL, "Cancelation reason: " + reason));
241	298	return Response.ok(lic).build();
242	299	}
243	300
..	..	@@ -250,39 +307,102 @@
250	307	})
251	308	@Transactional
252	309	public Response create(License lic, @Context BasicSecurityContext bsc) throws SeCurisServiceException {
253		- LOG.info("Creating new license from create()");
254	310	EntityManager em = emProvider.get();
255	311	Pack pack = null;
256	312	if (lic.getPackId() != null) {
257	313	pack = em.find(Pack.class, lic.getPackId());
258		- if (pack == null) {
259		- LOG.error("License pack with id {} not found in DB", lic.getPackId());
260		- return Response.status(Status.NOT_FOUND)
261		- .header(DefaultExceptionHandler.ERROR_MESSAGE_HEADER, "License's pack not found with ID: " + lic.getPackId()).build();
262		- } else {
263		- if (!bsc.isUserInRole(BasicSecurityContext.ROL_ADMIN) && !bsc.getOrganizationsIds().contains(pack.getOrganization().getId())) {
264		- LOG.error("License for pack with id {} can not be created by user {}", pack.getId(), bsc.getUserPrincipal());
265		- return Response.status(Status.UNAUTHORIZED)
266		- .header(DefaultExceptionHandler.ERROR_MESSAGE_HEADER, "Unathorized action on pack license").build();
267		- }
	314	+ }
	315	+
	316	+ if (pack == null) {
	317	+ LOG.error("License pack with id {} not found in DB", lic.getPackId());
	318	+ throw new SeCurisServiceException(ErrorCodes.NOT_FOUND, "License's pack not found with ID: " + lic.getPackId());
	319	+ } else {
	320	+ if (!bsc.isUserInRole(BasicSecurityContext.ROL_ADMIN) && !bsc.getOrganizationsIds().contains(pack.getOrganization().getId())) {
	321	+ LOG.error("License for pack with id {} can not be created by user {}", pack.getId(), bsc.getUserPrincipal());
	322	+ throw new SeCurisServiceException(ErrorCodes.UNAUTHORIZED_ACCESS, "Unathorized action on pack license");
268	323	}
269	324	}
270	325
271	326	User createdBy = getUser(bsc.getUserPrincipal().getName(), em);
272	327
273		- // TODO: Manage status if request data is set
	328	+ if (lic.getRequestData() != null) {
	329	+ SignedLicenseBean signedLicense = generateLicense(lic, em);
	330	+ // If user provide a request data the license status is passed
	331	+ // directly to ACTIVE
	332	+ lic.setStatus(LicenseStatus.ACTIVE);
	333	+ try {
	334	+ lic.setLicenseData(JsonUtils.toJSON(signedLicense));
	335	+ } catch (CurisException e) {
	336	+ LOG.error("Error generaing license JSON", e);
	337	+ throw new SeCurisServiceException(ErrorCodes.INVALID_FORMAT, "Error generaing license JSON");
	338	+ }
	339	+ } else {
	340	+ lic.setStatus(LicenseStatus.CREATED);
	341	+ }
274	342	lic.setCreatedBy(createdBy);
275		- lic.setStatus(License.Status.CREATED);
276	343	lic.setCreationTimestamp(new Date());
277	344	lic.setModificationTimestamp(lic.getCreationTimestamp());
278	345	em.persist(lic);
279	346	em.persist(createLicenseHistoryAction(lic, createdBy, LicenseHistory.Actions.CREATE));
	347	+ if (lic.getStatus() == LicenseStatus.ACTIVE) {
	348	+ em.persist(createLicenseHistoryAction(lic, createdBy, LicenseHistory.Actions.CREATE, "Activated on creation"));
	349	+ }
280	350
281	351	return Response.ok(lic).build();
282	352	}
283		-
284	353
285		-
	354	+ private SignedLicenseBean generateLicense(License license, EntityManager em) throws SeCurisServiceException {
	355	+ SignedLicenseBean sl = null;
	356	+ Pack pack = em.find(Pack.class, license.getPackId());
	357	+ RequestBean rb = validateRequestData(pack, license.getRequestData());
	358	+ try {
	359	+ LicenseBean lb = licenseGenerator.generateLicense(rb, extractPackMetadata(pack.getMetadata()), license.getExpirationDate(),
	360	+ pack.getLicenseTypeCode(), license.getCode());
	361	+ sl = new SignedLicenseBean(lb);
	362	+ } catch (SeCurisException e) {
	363	+ throw new SeCurisServiceException(ErrorCodes.INVALID_LICENSE_REQUEST_DATA, "Error generating license: " + e.toString());
	364	+ }
	365	+ return sl;
	366	+ }
	367	+
	368	+ private Map<String, Object> extractPackMetadata(Set<PackMetadata> packMetadata) {
	369	+ Map<String, Object> metadata = new HashMap<>();
	370	+ for (PackMetadata md : packMetadata) {
	371	+ metadata.put(md.getKey(), md.getValue());
	372	+ }
	373	+
	374	+ return metadata;
	375	+ }
	376	+
	377	+ /**
	378	+ * We check if the given request data is valid for the current Pack and has
	379	+ * a valid format
	380	+ *
	381	+ * @param pack
	382	+ * @param requestData
	383	+ * @throws SeCurisServiceException
	384	+ */
	385	+ private RequestBean validateRequestData(Pack pack, String requestData) throws SeCurisServiceException {
	386	+ RequestBean rb = null;
	387	+ try {
	388	+ rb = JsonUtils.json2object(requestData, RequestBean.class);
	389	+ } catch (CurisException e) {
	390	+ throw new SeCurisServiceException(ErrorCodes.INVALID_REQUEST_DATA_FORMAT, "Request data has not a valid format");
	391	+ }
	392	+
	393	+ if (!rb.getCustomerCode().equals(pack.getOrganization().getCode())) {
	394	+ throw new SeCurisServiceException(ErrorCodes.INVALID_REQUEST_DATA_FORMAT, "Request data not valid, wrong Organization code");
	395	+ }
	396	+ if (!rb.getLicenseTypeCode().equals(pack.getLicenseTypeCode())) {
	397	+ throw new SeCurisServiceException(ErrorCodes.INVALID_REQUEST_DATA_FORMAT, "Request data not valid, wrong License type code");
	398	+ }
	399	+ // TODO: [rsanchez] Verify that if pack code is null we ignore it
	400	+ if (rb.getPackCode() != null && !rb.getPackCode().equals(pack.getCode())) {
	401	+ throw new SeCurisServiceException(ErrorCodes.INVALID_REQUEST_DATA_FORMAT, "Request data not valid, wrong Pack code");
	402	+ }
	403	+ return rb;
	404	+ }
	405	+
286	406	@PUT
287	407	@POST
288	408	@Path("/{licId}")
..	..	@@ -302,9 +422,22 @@
302	422	currentLicense.setCode(lic.getCode());
303	423	currentLicense.setFullName(lic.getFullName());
304	424	currentLicense.setEmail(lic.getEmail());
305		- currentLicense.setRequestData(lic.getRequestData());
	425	+ if (lic.getRequestData() != null) {
	426	+ SignedLicenseBean signedLicense = generateLicense(lic, em);
	427	+ // If user provide a request data the license status is passed
	428	+ // directly to ACTIVE
	429	+ lic.setStatus(LicenseStatus.ACTIVE);
	430	+ try {
	431	+ lic.setLicenseData(JsonUtils.toJSON(signedLicense));
	432	+ } catch (CurisException e) {
	433	+ LOG.error("Error generaing license JSON", e);
	434	+ throw new SeCurisServiceException(ErrorCodes.INVALID_FORMAT, "Error generaing license JSON");
	435	+ }
	436	+ currentLicense.setRequestData(lic.getRequestData());
	437	+ }
306	438	currentLicense.setModificationTimestamp(new Date());
307	439	em.persist(currentLicense);
	440	+ em.persist(createLicenseHistoryAction(lic, getUser(bsc, em), LicenseHistory.Actions.MODIFY));
308	441
309	442	return Response.ok(currentLicense).build();
310	443	}
..	..	@@ -321,7 +454,29 @@
321	454	EntityManager em = emProvider.get();
322	455	License lic = getCurrentLicense(licId, bsc, em);
323	456
324		- if (lic.getStatus() != License.Status.CANCELED \|\| lic.getStatus() != License.Status.CREATED) {
	457	+ if (lic.getStatus() != LicenseStatus.CANCELLED \|\| lic.getStatus() != LicenseStatus.CREATED) {
	458	+ LOG.error("License {} can not be deleted with status {}", lic.getCode(), lic.getStatus());
	459	+ return Response.status(Status.FORBIDDEN)
	460	+ .header(DefaultExceptionHandler.ERROR_MESSAGE_HEADER, "License can not be deleted in current status").build();
	461	+ }
	462	+
	463	+ em.remove(lic);
	464	+ return Response.ok(Utils.createMap("success", true, "id", licId)).build();
	465	+ }
	466	+
	467	+ @DELETE
	468	+ @Path("/{licId}")
	469	+ @Transactional
	470	+ @Securable
	471	+ @Produces({
	472	+ MediaType.APPLICATION_JSON
	473	+ })
	474	+ public Response block(@PathParam("licId") Integer licId, @Context BasicSecurityContext bsc) throws SeCurisServiceException {
	475	+ LOG.info("Deleting license with id: {}", licId);
	476	+ EntityManager em = emProvider.get();
	477	+ License lic = getCurrentLicense(licId, bsc, em);
	478	+
	479	+ if (lic.getStatus() != LicenseStatus.CANCELLED \|\| lic.getStatus() != LicenseStatus.CREATED) {
325	480	LOG.error("License {} can not be deleted with status {}", lic.getCode(), lic.getStatus());
326	481	return Response.status(Status.FORBIDDEN)
327	482	.header(DefaultExceptionHandler.ERROR_MESSAGE_HEADER, "License can not be deleted in current status").build();
..	..	@@ -349,6 +504,11 @@
349	504	return lic;
350	505	}
351	506
	507	+ private User getUser(BasicSecurityContext bsc, EntityManager em) throws SeCurisServiceException {
	508	+ String username = bsc.getUserPrincipal().getName();
	509	+ return getUser(username, em);
	510	+ }
	511	+
352	512	private User getUser(String username, EntityManager em) throws SeCurisServiceException {
353	513	User user = null;
354	514	if (username != null) {
..	..	@@ -358,6 +518,13 @@
358	518	}
359	519	}
360	520	return user;
	521	+ }
	522	+
	523	+ private File createTemporaryLicenseFile(License lic, String licFileName) throws IOException {
	524	+ File f = Files.createTempDirectory("securis-server").toFile();
	525	+ f = new File(f, licFileName);
	526	+ IOUtils.write(lic.getLicenseData(), new FileWriter(f));
	527	+ return f;
361	528	}
362	529
363	530	private LicenseHistory createLicenseHistoryAction(License lic, User user, String action, String comments) {
..	..	@@ -373,4 +540,12 @@
373	540	private LicenseHistory createLicenseHistoryAction(License lic, User user, String action) {
374	541	return createLicenseHistoryAction(lic, user, action, null);
375	542	}
	543	+
	544	+ public static void main(String[] args) throws IOException {
	545	+ File f = Files.createTempDirectory("securis-server").toFile();
	546	+
	547	+ LOG.info("f: {}", f);
	548	+ f = new File(f, "config-server.lic");
	549	+ LOG.info("f: {}", f);
	550	+ }
376	551	}