From 89a0646d18da6f3290a883121e38f4086a6fb37e Mon Sep 17 00:00:00 2001
From: rsanchez <rsanchez@curisit.net>
Date: Wed, 07 Jun 2017 16:35:16 +0000
Subject: [PATCH] #3531 fea - Added acces to packs from license type, organizatins and applications listing

---
 securis/src/main/java/net/curisit/securis/services/PackResource.java |   51 ++++++++++++++++++++++++++++++++++++++++++---------
 1 files changed, 42 insertions(+), 9 deletions(-)

diff --git a/securis/src/main/java/net/curisit/securis/services/PackResource.java b/securis/src/main/java/net/curisit/securis/services/PackResource.java
index 6c4db5a..5868d73 100644
--- a/securis/src/main/java/net/curisit/securis/services/PackResource.java
+++ b/securis/src/main/java/net/curisit/securis/services/PackResource.java
@@ -1,6 +1,7 @@
 package net.curisit.securis.services;
 
 import java.security.Principal;
+import java.util.ArrayList;
 import java.util.Date;
 import java.util.HashSet;
 import java.util.List;
@@ -21,8 +22,10 @@
 import javax.ws.rs.Produces;
 import javax.ws.rs.core.Context;
 import javax.ws.rs.core.MediaType;
+import javax.ws.rs.core.MultivaluedMap;
 import javax.ws.rs.core.Response;
 import javax.ws.rs.core.Response.Status;
+import javax.ws.rs.core.UriInfo;
 
 import org.apache.logging.log4j.LogManager;
 import org.apache.logging.log4j.Logger;
@@ -80,33 +83,63 @@
 	@Path("/")
 	@Securable
 	@Produces({ MediaType.APPLICATION_JSON })
-	public Response index(@Context BasicSecurityContext bsc) {
+	public Response index(@Context UriInfo uriInfo, @Context BasicSecurityContext bsc) {
 		LOG.info("Getting packs list ");
+		MultivaluedMap<String, String> queryParams = uriInfo.getQueryParameters();
 
 		// EntityManager em = emProvider.get();
 		em.clear();
 
+		TypedQuery<Pack> q = createQuery(queryParams, bsc);
+		if (q == null) {
+			return Response.ok().build();
+		}
+
+		List<Pack> list = q.getResultList();
+
+		return Response.ok(list).build();
+	}
+
+	private String generateWhereFromParams(boolean addWhere, MultivaluedMap<String, String> queryParams) {
+		List<String> conditions = new ArrayList<>();
+		if (queryParams.containsKey("organizationId")) {
+			conditions.add(String.format("pa.organization.id = %s", queryParams.getFirst("organizationId")));
+		}
+		if (queryParams.containsKey("applicationId")) {
+			conditions.add(String.format("pa.licenseType.application.id = %s", queryParams.getFirst("applicationId")));
+		}
+		if (queryParams.containsKey("licenseTypeId")) {
+			conditions.add(String.format("pa.licenseType.id = %s", queryParams.getFirst("licenseTypeId")));
+		}
+		String connector = addWhere ? " where " : " and ";
+		return (conditions.isEmpty() ? "" : connector) + String.join(" and ", conditions);
+	}
+
+	private TypedQuery<Pack> createQuery(MultivaluedMap<String, String> queryParams, BasicSecurityContext bsc) {
 		TypedQuery<Pack> q;
+		String hql = "SELECT pa FROM Pack pa";
 		if (bsc.isUserInRole(BasicSecurityContext.ROL_ADMIN)) {
-			LOG.info("Getting all packs for user: " + bsc.getUserPrincipal());
-			q = em.createNamedQuery("list-packs", Pack.class);
+			hql += generateWhereFromParams(true, queryParams);
+			q = em.createQuery(hql, Pack.class);
 		} else {
 			if (bsc.getApplicationsIds() == null || bsc.getApplicationsIds().isEmpty()) {
-				return Response.ok().build();
+				return null;
 			}
 			if (bsc.getOrganizationsIds() == null || bsc.getOrganizationsIds().isEmpty()) {
-				q = em.createNamedQuery("list-packs-by-apps", Pack.class);
+				hql += " where pa.licenseType.application.id in :list_ids_app ";
 			} else {
-				q = em.createNamedQuery("list-packs-by-orgs-apps", Pack.class);
+				hql += " where pa.organization.id in :list_ids_org and pa.licenseType.application.id in :list_ids_app ";
+			}
+			hql += generateWhereFromParams(false, queryParams);
+			q = em.createQuery(hql, Pack.class);
+			if (hql.contains("list_ids_org")) {
 				q.setParameter("list_ids_org", bsc.getOrganizationsIds());
 			}
 			q.setParameter("list_ids_app", bsc.getApplicationsIds());
 			LOG.info("Getting packs from orgs: {} and apps: {}", bsc.getOrganizationsIds(), bsc.getApplicationsIds());
 		}
 
-		List<Pack> list = q.getResultList();
-
-		return Response.ok(list).build();
+		return q;
 	}
 
 	private Response generateErrorUnathorizedAccess(Pack pack, Principal user) {

--
Gitblit v1.3.2