abstractj/PushApplicationEndpoint.java Secret

## PushApplicationEndpoint.java
/**
 * JBoss, Home of Professional Open Source
 * Copyright Red Hat, Inc., and individual contributors.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 * 	http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package org.jboss.aerogear.unifiedpush.rest.registry.applications;

import java.util.Map;
import java.util.UUID;
import java.util.logging.Logger;

import javax.ejb.Stateless;
import javax.ejb.TransactionAttribute;
import javax.inject.Inject;
import javax.servlet.http.HttpServletRequest;
import javax.validation.ConstraintViolationException;
import javax.ws.rs.Consumes;
import javax.ws.rs.DELETE;
import javax.ws.rs.GET;
import javax.ws.rs.POST;
import javax.ws.rs.PUT;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.Response.ResponseBuilder;
import javax.ws.rs.core.Response.Status;
import javax.ws.rs.core.SecurityContext;
import javax.ws.rs.core.UriBuilder;

import org.jboss.aerogear.unifiedpush.api.PushApplication;
import org.jboss.aerogear.unifiedpush.rest.AbstractBaseEndpoint;
import org.jboss.aerogear.unifiedpush.service.PushApplicationService;

import static org.jboss.aerogear.unifiedpush.rest.util.HttpRequestUtil.extractUsername;

@Stateless
@TransactionAttribute
@Path("/applications")
public class PushApplicationEndpoint extends AbstractBaseEndpoint {

    @Inject
    private PushApplicationService pushAppService;

    @Context
    private SecurityContext securityContext;

    private static final String ROLE_ADMIN = "admin";

    private static final Logger LOGGER = Logger.getLogger(PushApplicationEndpoint.class.getSimpleName());

    // CREATE
    @POST
    @Consumes(MediaType.APPLICATION_JSON)
    @Produces(MediaType.APPLICATION_JSON)
    public Response registerPushApplication(@Context HttpServletRequest request, PushApplication pushApp) {

         // some validation
        try {
            validateModelClass(pushApp);
        } catch (ConstraintViolationException cve) {

            // Build and return the 400 (Bad Request) response
            ResponseBuilder builder = createBadRequestResponse(cve.getConstraintViolations());

            return builder.build();
        }

        // store the "developer:
        pushApp.setDeveloper(extractUsername(request));
        pushAppService.addPushApplication(pushApp);

        return Response.created(UriBuilder.fromResource(PushApplicationEndpoint.class).path(String.valueOf(pushApp.getPushApplicationID())).build()).entity(pushApp)
                .build();
    }

    // READ
    @GET
    @Produces(MediaType.APPLICATION_JSON)
    public Response listAllPushApplications(@Context HttpServletRequest request) {

        if(securityContext.isUserInRole(ROLE_ADMIN)) {
            return Response.ok("Admin query goes here").build();
        }

        return Response.ok(pushAppService.findAllPushApplicationsForDeveloper(extractUsername(request))).build();
    }

    @GET
    @Path("/{pushAppID}")
    @Produces(MediaType.APPLICATION_JSON)
    public Response findById(@Context HttpServletRequest request, @PathParam("pushAppID") String pushApplicationID) {

        PushApplication pushApp;

        if(securityContext.isUserInRole(ROLE_ADMIN)) {
            //admin query goes here
            pushApp = null;
        } else {
            pushApp = pushAppService.findByPushApplicationIDForDeveloper(pushApplicationID, extractUsername(request));
        }

        if (pushApp != null) {
            return Response.ok(pushApp).build();
        }

        return Response.status(Status.NOT_FOUND).entity("Could not find requested PushApplicationEntity").build();
    }

    // UPDATE
    @PUT
    @Path("/{pushAppID}")
    @Consumes(MediaType.APPLICATION_JSON)
    @Produces(MediaType.APPLICATION_JSON)
    public Response updatePushApplication(@Context HttpServletRequest request, @PathParam("pushAppID") String pushApplicationID, PushApplication updatedPushApp) {

        PushApplication pushApp;

        if(securityContext.isUserInRole(ROLE_ADMIN)) {
            //admin query goes here
            pushApp = null;
        } else {
            pushApp = pushAppService.findByPushApplicationIDForDeveloper(pushApplicationID, extractUsername(request));
        }

        if (pushApp != null) {

            // some validation
            try {
                validateModelClass(updatedPushApp);
            } catch (ConstraintViolationException cve) {

                // Build and return the 400 (Bad Request) response
                ResponseBuilder builder = createBadRequestResponse(cve.getConstraintViolations());

                return builder.build();
            }

            // update name/desc:
            pushApp.setDescription(updatedPushApp.getDescription());
            pushApp.setName(updatedPushApp.getName());
            pushAppService.updatePushApplication(pushApp);

            return Response.noContent().build();
        }

        return Response.status(Status.NOT_FOUND).entity("Could not find requested PushApplicationEntity").build();
    }

    // UPDATE (MasterSecret Reset)
    @PUT
    @Path("/{pushAppID}/reset")
    @Consumes(MediaType.APPLICATION_JSON)
    @Produces(MediaType.APPLICATION_JSON)
    public Response resetMasterSecret(@Context HttpServletRequest request, @PathParam("pushAppID") String pushApplicationID) {

        PushApplication pushApp;

        if(securityContext.isUserInRole(ROLE_ADMIN)) {
            //admin query goes here
            pushApp = null;
        } else {
            pushApp = pushAppService.findByPushApplicationIDForDeveloper(pushApplicationID, extractUsername(request));
        }

        if (pushApp != null) {
            // generate the new 'masterSecret' and apply it:
            String newMasterSecret = UUID.randomUUID().toString();
            pushApp.setMasterSecret(newMasterSecret);
            pushAppService.updatePushApplication(pushApp);

            return Response.ok(pushApp).build();
        }

        return Response.status(Status.NOT_FOUND).entity("Could not find requested PushApplicationEntity").build();
    }

    // DELETE
    @DELETE
    @Path("/{pushAppID}")
    @Produces(MediaType.APPLICATION_JSON)
    public Response deletePushApplication(@Context HttpServletRequest request, @PathParam("pushAppID") String pushApplicationID) {

        PushApplication pushApp;

        if(securityContext.isUserInRole(ROLE_ADMIN)) {
            //admin query goes here
            pushApp = null;
        } else {
            pushApp = pushAppService.findByPushApplicationIDForDeveloper(pushApplicationID, extractUsername(request));
        }

        if (pushApp != null) {
            pushAppService.removePushApplication(pushApp);
            return Response.noContent().build();
        }
        return Response.status(Status.NOT_FOUND).entity("Could not find requested PushApplicationEntity").build();
    }

    @GET
    @Path("/{pushAppID}/count")
    public Response countInstallations(@PathParam("pushAppID") String pushApplicationID) {

        Map<String, Long> result = pushAppService.countInstallationsByType(pushApplicationID);

        return Response.ok(result).build();
    }
}
	/**
	* JBoss, Home of Professional Open Source
	* Copyright Red Hat, Inc., and individual contributors.
	*
	* Licensed under the Apache License, Version 2.0 (the "License");
	* you may not use this file except in compliance with the License.
	* You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing, software
	* distributed under the License is distributed on an "AS IS" BASIS,
	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	* See the License for the specific language governing permissions and
	* limitations under the License.
	*/
	package org.jboss.aerogear.unifiedpush.rest.registry.applications;

	import java.util.Map;
	import java.util.UUID;
	import java.util.logging.Logger;

	import javax.ejb.Stateless;
	import javax.ejb.TransactionAttribute;
	import javax.inject.Inject;
	import javax.servlet.http.HttpServletRequest;
	import javax.validation.ConstraintViolationException;
	import javax.ws.rs.Consumes;
	import javax.ws.rs.DELETE;
	import javax.ws.rs.GET;
	import javax.ws.rs.POST;
	import javax.ws.rs.PUT;
	import javax.ws.rs.Path;
	import javax.ws.rs.PathParam;
	import javax.ws.rs.Produces;
	import javax.ws.rs.core.Context;
	import javax.ws.rs.core.MediaType;
	import javax.ws.rs.core.Response;
	import javax.ws.rs.core.Response.ResponseBuilder;
	import javax.ws.rs.core.Response.Status;
	import javax.ws.rs.core.SecurityContext;
	import javax.ws.rs.core.UriBuilder;

	import org.jboss.aerogear.unifiedpush.api.PushApplication;
	import org.jboss.aerogear.unifiedpush.rest.AbstractBaseEndpoint;
	import org.jboss.aerogear.unifiedpush.service.PushApplicationService;

	import static org.jboss.aerogear.unifiedpush.rest.util.HttpRequestUtil.extractUsername;

	@Stateless
	@TransactionAttribute
	@Path("/applications")
	public class PushApplicationEndpoint extends AbstractBaseEndpoint {

	@Inject
	private PushApplicationService pushAppService;

	@Context
	private SecurityContext securityContext;

	private static final String ROLE_ADMIN = "admin";

	private static final Logger LOGGER = Logger.getLogger(PushApplicationEndpoint.class.getSimpleName());

	// CREATE
	@POST
	@Consumes(MediaType.APPLICATION_JSON)
	@Produces(MediaType.APPLICATION_JSON)
	public Response registerPushApplication(@Context HttpServletRequest request, PushApplication pushApp) {

	// some validation
	try {
	validateModelClass(pushApp);
	} catch (ConstraintViolationException cve) {

	// Build and return the 400 (Bad Request) response
	ResponseBuilder builder = createBadRequestResponse(cve.getConstraintViolations());

	return builder.build();
	}

	// store the "developer:
	pushApp.setDeveloper(extractUsername(request));
	pushAppService.addPushApplication(pushApp);

	return Response.created(UriBuilder.fromResource(PushApplicationEndpoint.class).path(String.valueOf(pushApp.getPushApplicationID())).build()).entity(pushApp)
	.build();
	}

	// READ
	@GET
	@Produces(MediaType.APPLICATION_JSON)
	public Response listAllPushApplications(@Context HttpServletRequest request) {

	if(securityContext.isUserInRole(ROLE_ADMIN)) {
	return Response.ok("Admin query goes here").build();
	}

	return Response.ok(pushAppService.findAllPushApplicationsForDeveloper(extractUsername(request))).build();
	}

	@GET
	@Path("/{pushAppID}")
	@Produces(MediaType.APPLICATION_JSON)
	public Response findById(@Context HttpServletRequest request, @PathParam("pushAppID") String pushApplicationID) {

	PushApplication pushApp;

	if(securityContext.isUserInRole(ROLE_ADMIN)) {
	//admin query goes here
	pushApp = null;
	} else {
	pushApp = pushAppService.findByPushApplicationIDForDeveloper(pushApplicationID, extractUsername(request));
	}

	if (pushApp != null) {
	return Response.ok(pushApp).build();
	}

	return Response.status(Status.NOT_FOUND).entity("Could not find requested PushApplicationEntity").build();
	}

	// UPDATE
	@PUT
	@Path("/{pushAppID}")
	@Consumes(MediaType.APPLICATION_JSON)
	@Produces(MediaType.APPLICATION_JSON)
	public Response updatePushApplication(@Context HttpServletRequest request, @PathParam("pushAppID") String pushApplicationID, PushApplication updatedPushApp) {

	PushApplication pushApp;

	if(securityContext.isUserInRole(ROLE_ADMIN)) {
	//admin query goes here
	pushApp = null;
	} else {
	pushApp = pushAppService.findByPushApplicationIDForDeveloper(pushApplicationID, extractUsername(request));
	}

	if (pushApp != null) {

	// some validation
	try {
	validateModelClass(updatedPushApp);
	} catch (ConstraintViolationException cve) {

	// Build and return the 400 (Bad Request) response
	ResponseBuilder builder = createBadRequestResponse(cve.getConstraintViolations());

	return builder.build();
	}

	// update name/desc:
	pushApp.setDescription(updatedPushApp.getDescription());
	pushApp.setName(updatedPushApp.getName());
	pushAppService.updatePushApplication(pushApp);

	return Response.noContent().build();
	}

	return Response.status(Status.NOT_FOUND).entity("Could not find requested PushApplicationEntity").build();
	}

	// UPDATE (MasterSecret Reset)
	@PUT
	@Path("/{pushAppID}/reset")
	@Consumes(MediaType.APPLICATION_JSON)
	@Produces(MediaType.APPLICATION_JSON)
	public Response resetMasterSecret(@Context HttpServletRequest request, @PathParam("pushAppID") String pushApplicationID) {

	PushApplication pushApp;

	if(securityContext.isUserInRole(ROLE_ADMIN)) {
	//admin query goes here
	pushApp = null;
	} else {
	pushApp = pushAppService.findByPushApplicationIDForDeveloper(pushApplicationID, extractUsername(request));
	}

	if (pushApp != null) {
	// generate the new 'masterSecret' and apply it:
	String newMasterSecret = UUID.randomUUID().toString();
	pushApp.setMasterSecret(newMasterSecret);
	pushAppService.updatePushApplication(pushApp);

	return Response.ok(pushApp).build();
	}

	return Response.status(Status.NOT_FOUND).entity("Could not find requested PushApplicationEntity").build();
	}

	// DELETE
	@DELETE
	@Path("/{pushAppID}")
	@Produces(MediaType.APPLICATION_JSON)
	public Response deletePushApplication(@Context HttpServletRequest request, @PathParam("pushAppID") String pushApplicationID) {

	PushApplication pushApp;

	if(securityContext.isUserInRole(ROLE_ADMIN)) {
	//admin query goes here
	pushApp = null;
	} else {
	pushApp = pushAppService.findByPushApplicationIDForDeveloper(pushApplicationID, extractUsername(request));
	}

	if (pushApp != null) {
	pushAppService.removePushApplication(pushApp);
	return Response.noContent().build();
	}
	return Response.status(Status.NOT_FOUND).entity("Could not find requested PushApplicationEntity").build();
	}

	@GET
	@Path("/{pushAppID}/count")
	public Response countInstallations(@PathParam("pushAppID") String pushApplicationID) {

	Map<String, Long> result = pushAppService.countInstallationsByType(pushApplicationID);

	return Response.ok(result).build();
	}
	}