From bc2cedc83f6353259ea1364f98ce60bf11d7ecf4 Mon Sep 17 00:00:00 2001
From: rsanchez <rsanchez@curisit.net>
Date: Thu, 23 Oct 2014 12:06:14 +0000
Subject: [PATCH] #2021 feature - Upgtaded Jackson annotations version and added request data hash management
---
securis/src/main/java/net/curisit/securis/services/LicenseResource.java | 46 +++++++++++++++++++++++++++++++---------------
1 files changed, 31 insertions(+), 15 deletions(-)
diff --git a/securis/src/main/java/net/curisit/securis/services/LicenseResource.java b/securis/src/main/java/net/curisit/securis/services/LicenseResource.java
index 2930626..93192c7 100644
--- a/securis/src/main/java/net/curisit/securis/services/LicenseResource.java
+++ b/securis/src/main/java/net/curisit/securis/services/LicenseResource.java
@@ -31,9 +31,7 @@
import javax.ws.rs.core.Response;
import javax.ws.rs.core.Response.Status;
-import net.curisit.integrity.commons.JsonUtils;
import net.curisit.integrity.commons.Utils;
-import net.curisit.integrity.exception.CurisException;
import net.curisit.securis.DefaultExceptionHandler;
import net.curisit.securis.LicenseGenerator;
import net.curisit.securis.SeCurisException;
@@ -41,6 +39,7 @@
import net.curisit.securis.beans.RequestBean;
import net.curisit.securis.beans.SignedLicenseBean;
import net.curisit.securis.db.Application;
+import net.curisit.securis.db.BlockedRequest;
import net.curisit.securis.db.License;
import net.curisit.securis.db.LicenseHistory;
import net.curisit.securis.db.LicenseStatus;
@@ -52,6 +51,7 @@
import net.curisit.securis.services.exception.SeCurisServiceException;
import net.curisit.securis.services.exception.SeCurisServiceException.ErrorCodes;
import net.curisit.securis.utils.EmailManager;
+import net.curisit.securis.utils.JsonUtils;
import net.curisit.securis.utils.Params;
import net.curisit.securis.utils.TokenHelper;
@@ -331,8 +331,12 @@
// directly to ACTIVE
lic.setStatus(LicenseStatus.ACTIVE);
try {
+ lic.setRequestData(JsonUtils.toJSON((RequestBean) signedLicense));
+ if (BlockedRequest.isRequestBlocked(lic.getRequestData(), em)) {
+ throw new SeCurisServiceException(ErrorCodes.BLOCKED_REQUEST_DATA, "Given request data is blocked and cannot be activate");
+ }
lic.setLicenseData(JsonUtils.toJSON(signedLicense));
- } catch (CurisException e) {
+ } catch (SeCurisException e) {
LOG.error("Error generaing license JSON", e);
throw new SeCurisServiceException(ErrorCodes.INVALID_FORMAT, "Error generaing license JSON");
}
@@ -386,7 +390,7 @@
RequestBean rb = null;
try {
rb = JsonUtils.json2object(requestData, RequestBean.class);
- } catch (CurisException e) {
+ } catch (SeCurisException e) {
throw new SeCurisServiceException(ErrorCodes.INVALID_REQUEST_DATA_FORMAT, "Request data has not a valid format");
}
@@ -422,14 +426,18 @@
currentLicense.setCode(lic.getCode());
currentLicense.setFullName(lic.getFullName());
currentLicense.setEmail(lic.getEmail());
- if (lic.getRequestData() != null) {
+ if (lic.getRequestData() != null && currentLicense.getStatus() == LicenseStatus.CREATED) {
SignedLicenseBean signedLicense = generateLicense(lic, em);
- // If user provide a request data the license status is passed
- // directly to ACTIVE
lic.setStatus(LicenseStatus.ACTIVE);
try {
+ // Next line is necessary to normalize the String that contains
+ // the request.
+ lic.setRequestData(JsonUtils.toJSON((RequestBean) signedLicense));
+ if (BlockedRequest.isRequestBlocked(lic.getRequestData(), em)) {
+ throw new SeCurisServiceException(ErrorCodes.BLOCKED_REQUEST_DATA, "Given request data is blocked and cannot be activate");
+ }
lic.setLicenseData(JsonUtils.toJSON(signedLicense));
- } catch (CurisException e) {
+ } catch (SeCurisException e) {
LOG.error("Error generaing license JSON", e);
throw new SeCurisServiceException(ErrorCodes.INVALID_FORMAT, "Error generaing license JSON");
}
@@ -465,24 +473,32 @@
}
@DELETE
- @Path("/{licId}")
+ @Path("/{licId}/block")
@Transactional
@Securable
@Produces({
MediaType.APPLICATION_JSON
})
public Response block(@PathParam("licId") Integer licId, @Context BasicSecurityContext bsc) throws SeCurisServiceException {
- LOG.info("Deleting license with id: {}", licId);
+ LOG.info("Blocking license with id: {}", licId);
EntityManager em = emProvider.get();
License lic = getCurrentLicense(licId, bsc, em);
- if (lic.getStatus() != LicenseStatus.CANCELLED || lic.getStatus() != LicenseStatus.CREATED) {
- LOG.error("License {} can not be deleted with status {}", lic.getCode(), lic.getStatus());
- return Response.status(Status.FORBIDDEN)
- .header(DefaultExceptionHandler.ERROR_MESSAGE_HEADER, "License can not be deleted in current status").build();
+ if (lic.getStatus() != LicenseStatus.CANCELLED) {
+ LOG.error("License can only be blocked in CANCELLED status, current: {}", lic.getStatus().name());
+ throw new SeCurisServiceException(ErrorCodes.WRONG_STATUS, "License can only be blocked in CANCELLED status");
}
+ if (BlockedRequest.isRequestBlocked(lic.getRequestData(), em)) {
+ throw new SeCurisServiceException(ErrorCodes.BLOCKED_REQUEST_DATA, "Given request data is already blocked");
+ }
+ BlockedRequest blockedReq = new BlockedRequest();
+ blockedReq.setCreationTimestamp(new Date());
+ blockedReq.setBlockedBy(getUser(bsc, em));
+ blockedReq.setRequestData(lic.getRequestData());
- em.remove(lic);
+ em.persist(blockedReq);
+
+ em.persist(createLicenseHistoryAction(lic, getUser(bsc, em), LicenseHistory.Actions.BLOCK));
return Response.ok(Utils.createMap("success", true, "id", licId)).build();
}
--
Gitblit v1.3.2