diff --git a/set-web/src/main/java/eu/europeana/set/web/config/WebMvcConfig.java b/set-web/src/main/java/eu/europeana/set/web/config/WebMvcConfig.java index 105688b6..7a9b7cf8 100644 --- a/set-web/src/main/java/eu/europeana/set/web/config/WebMvcConfig.java +++ b/set-web/src/main/java/eu/europeana/set/web/config/WebMvcConfig.java @@ -13,7 +13,7 @@ import org.springframework.web.servlet.config.annotation.ContentNegotiationConfigurer; import org.springframework.web.servlet.config.annotation.CorsRegistry; import org.springframework.web.servlet.config.annotation.WebMvcConfigurer; -import eu.europeana.api.commons.web.http.HttpHeaders; +import static eu.europeana.api.commons.web.http.HttpHeaders.*; /** * Setup CORS for all requests and setup default Content-type @@ -21,6 +21,7 @@ @Configuration public class WebMvcConfig implements WebMvcConfigurer { + private static final long MAX_AGE = 600L; List supportedMediaTypes = new ArrayList(); Map mediaTypesMaping = new HashMap(); @@ -34,64 +35,64 @@ public class WebMvcConfig implements WebMvcConfigurer { @Override public void addCorsMappings(CorsRegistry registry) { registry.addMapping("/v3/api-docs").allowedOrigins("*").allowedMethods("GET") - .exposedHeaders(HttpHeaders.ACCESS_CONTROL_ALLOW_ORIGIN, - HttpHeaders.ACCESS_CONTROL_ALLOW_HEADERS) + .exposedHeaders(ACCESS_CONTROL_ALLOW_ORIGIN, + ACCESS_CONTROL_ALLOW_HEADERS) .allowCredentials(false).maxAge(600L); // in seconds registry.addMapping("/v3/api-docs/**").allowedOrigins("*").allowedMethods("GET") - .exposedHeaders(HttpHeaders.ACCESS_CONTROL_ALLOW_ORIGIN, - HttpHeaders.ACCESS_CONTROL_ALLOW_HEADERS) + .exposedHeaders(ACCESS_CONTROL_ALLOW_ORIGIN, + ACCESS_CONTROL_ALLOW_HEADERS) .allowCredentials(false).maxAge(600L); // in seconds registry.addMapping("/actuator/**").allowedOrigins("*").allowedMethods("GET") - .exposedHeaders(HttpHeaders.ACCESS_CONTROL_ALLOW_ORIGIN, - HttpHeaders.ACCESS_CONTROL_ALLOW_HEADERS) + .exposedHeaders(ACCESS_CONTROL_ALLOW_ORIGIN, + ACCESS_CONTROL_ALLOW_HEADERS) .allowCredentials(false).maxAge(600L); // in seconds // create method // delete user's sets by admin, delete by user's sets by registry.addMapping("/set/").allowedOrigins("*").allowedMethods("POST", "DELETE") - .exposedHeaders(HttpHeaders.ACCESS_CONTROL_ALLOW_HEADERS, - HttpHeaders.ACCESS_CONTROL_ALLOW_ORIGIN, HttpHeaders.ALLOW, HttpHeaders.LINK, - HttpHeaders.ETAG, HttpHeaders.VARY, HttpHeaders.CACHE_CONTROL, - HttpHeaders.PREFERENCE_APPLIED) + .exposedHeaders(ACCESS_CONTROL_ALLOW_HEADERS, + ACCESS_CONTROL_ALLOW_ORIGIN, ALLOW, LINK, + ETAG, VARY, CACHE_CONTROL, + PREFERENCE_APPLIED) .allowCredentials(false).maxAge(600L); // in seconds // get, delete, update registry.addMapping("/set/*").allowedOrigins("*").allowedMethods("GET", "PUT", "DELETE") - .exposedHeaders(HttpHeaders.ACCESS_CONTROL_ALLOW_ORIGIN, - HttpHeaders.ACCESS_CONTROL_ALLOW_HEADERS, HttpHeaders.ALLOW, HttpHeaders.LINK, - HttpHeaders.ETAG, HttpHeaders.VARY, HttpHeaders.PREFERENCE_APPLIED) + .exposedHeaders(ACCESS_CONTROL_ALLOW_ORIGIN, + ACCESS_CONTROL_ALLOW_HEADERS, ALLOW, LINK, + ETAG, VARY, PREFERENCE_APPLIED) .allowCredentials(false).maxAge(600L); // in seconds // lock/unlock registry.addMapping("/set/admin/lock").allowedOrigins("*").allowedMethods("POST", "DELETE") - .exposedHeaders(HttpHeaders.ACCESS_CONTROL_ALLOW_ORIGIN, - HttpHeaders.ACCESS_CONTROL_ALLOW_HEADERS, HttpHeaders.ALLOW) - .allowCredentials(false).maxAge(600L); // in seconds + .exposedHeaders(ACCESS_CONTROL_ALLOW_ORIGIN, + ACCESS_CONTROL_ALLOW_HEADERS, ALLOW) + .allowCredentials(false).maxAge(MAX_AGE); // in seconds // insert/remove multiple items registry.addMapping("/set/*/items").allowedOrigins("*").allowedMethods("PUT", "DELETE") - .exposedHeaders(HttpHeaders.ACCESS_CONTROL_ALLOW_ORIGIN, - HttpHeaders.ACCESS_CONTROL_ALLOW_HEADERS, HttpHeaders.ALLOW, HttpHeaders.ETAG, - HttpHeaders.VARY, HttpHeaders.PREFERENCE_APPLIED) + .exposedHeaders(ACCESS_CONTROL_ALLOW_ORIGIN, + ACCESS_CONTROL_ALLOW_HEADERS, ALLOW, ETAG, + VARY, PREFERENCE_APPLIED) .allowCredentials(false).maxAge(600L); // in seconds // publish/unpublish registry.addMapping("/set/*/*").allowedOrigins("*").allowedMethods("PUT") - .exposedHeaders(HttpHeaders.ACCESS_CONTROL_ALLOW_ORIGIN, - HttpHeaders.ACCESS_CONTROL_ALLOW_HEADERS, HttpHeaders.ALLOW, HttpHeaders.ETAG, - HttpHeaders.VARY, HttpHeaders.PREFERENCE_APPLIED) + .exposedHeaders(ACCESS_CONTROL_ALLOW_ORIGIN, + ACCESS_CONTROL_ALLOW_HEADERS, ALLOW, ETAG, + VARY, PREFERENCE_APPLIED) .allowCredentials(false).maxAge(600L); // in seconds // add,remove,exists item in set registry.addMapping("/set/*/*/*").allowedOrigins("*") .allowedMethods("GET", "HEAD", "PUT", "DELETE") - .exposedHeaders(HttpHeaders.ACCESS_CONTROL_ALLOW_ORIGIN, - HttpHeaders.ACCESS_CONTROL_ALLOW_HEADERS, HttpHeaders.ALLOW, - HttpHeaders.PREFERENCE_APPLIED) + .exposedHeaders(ACCESS_CONTROL_ALLOW_ORIGIN, + ACCESS_CONTROL_ALLOW_HEADERS, ALLOW, + PREFERENCE_APPLIED) .allowCredentials(false).maxAge(600L); // in seconds } diff --git a/set-web/src/main/java/eu/europeana/set/web/service/controller/jsonld/SearchUserSetRest.java b/set-web/src/main/java/eu/europeana/set/web/service/controller/jsonld/SearchUserSetRest.java index d327a12d..bc57f238 100644 --- a/set-web/src/main/java/eu/europeana/set/web/service/controller/jsonld/SearchUserSetRest.java +++ b/set-web/src/main/java/eu/europeana/set/web/service/controller/jsonld/SearchUserSetRest.java @@ -92,12 +92,12 @@ public ResponseEntity searchUserSet( facetQuery = getQueryBuilder().buildUserSetFacetQuery(facet, facetLimit); } - Integer pageNr = WeUserSetRequestUtils.parsePageNumber(page, -1); + Integer pageNr = WebUserSetRequestUtils.parsePageNumber(page, -1); int maxPageSize = getConfiguration().getMaxPageSize(serializationProfile.getProfileParamValue()); - Integer pageItems = WeUserSetRequestUtils.getPageSizeOrDefault(pageSize, maxPageSize, UserSetConfigurationImpl.DEFAULT_ITEMS_PER_PAGE); + Integer pageItems = WebUserSetRequestUtils.getPageSizeOrDefault(pageSize, maxPageSize, UserSetConfigurationImpl.DEFAULT_ITEMS_PER_PAGE); //validate the search params and build the search query @@ -204,12 +204,12 @@ public ResponseEntity searchItemsInSet( filtered = Collections.emptyList(); } - Integer pageNr = WeUserSetRequestUtils.parsePageNumber(page, -1); + Integer pageNr = WebUserSetRequestUtils.parsePageNumber(page, -1); int maxPageSize = getConfiguration().getMaxPageSize(profile.getProfileParamValue()); - Integer pageItems = WeUserSetRequestUtils.getPageSizeOrDefault(pageSize, maxPageSize, UserSetConfigurationImpl.DEFAULT_ITEMS_PER_PAGE); + Integer pageItems = WebUserSetRequestUtils.getPageSizeOrDefault(pageSize, maxPageSize, UserSetConfigurationImpl.DEFAULT_ITEMS_PER_PAGE); BaseUserSetResultPage resultPage = getUserSetService().buildRecodsResultsPage(identifier, filtered, pageNr, pageItems, profile, request); diff --git a/set-web/src/main/java/eu/europeana/set/web/service/controller/jsonld/WeUserSetRequestUtils.java b/set-web/src/main/java/eu/europeana/set/web/service/controller/jsonld/WebUserSetRequestUtils.java similarity index 58% rename from set-web/src/main/java/eu/europeana/set/web/service/controller/jsonld/WeUserSetRequestUtils.java rename to set-web/src/main/java/eu/europeana/set/web/service/controller/jsonld/WebUserSetRequestUtils.java index 9f0cff3f..0a4bb5a9 100644 --- a/set-web/src/main/java/eu/europeana/set/web/service/controller/jsonld/WeUserSetRequestUtils.java +++ b/set-web/src/main/java/eu/europeana/set/web/service/controller/jsonld/WebUserSetRequestUtils.java @@ -7,12 +7,26 @@ import eu.europeana.set.definitions.model.vocabulary.WebUserSetFields; import eu.europeana.set.definitions.model.vocabulary.WebUserSetModelFields; -public class WeUserSetRequestUtils { +public class WebUserSetRequestUtils { + /** + * Verify if the position is the pin keyword + * @param position request parameter value + * @return true if equals "pin" + */ public static boolean isPinnRequest(String position) { return WebUserSetModelFields.PINNED_POSITION.equals(position); } + /** + * Parses the request parameter and verifies if the value is in the expected range + * @param paramName the name of the request parameter (e.g. page, pageSize) + * @param paramValue the request paramter value + * @param maxValue max allowed value + * @param minValue min allowed value (negative value will be ignored) + * @return the parsed value or null + * @throws ParamValidationException is the value is not in the expected range + */ public static Integer parseIntegerParam(String paramName, String paramValue, int maxValue, int minValue) throws ParamValidationException { if (paramValue != null) { @@ -31,24 +45,36 @@ public static Integer parseIntegerParam(String paramName, String paramValue, int return null; } + /** + * Parse the value of the request parameter page + * @param page the value of the request param + * @param maxPageNumber the mx value for the page number, negative value is ignored + * @return + * @throws ParamValidationException + */ public static Integer parsePageNumber(String page, int maxPageNumber) throws ParamValidationException { Integer pageNr; // pageNr = parseIntegerParam(CommonApiConstants.QUERY_PARAM_PAGE, page, maxPageNumber, WebUserSetFields.DEFAULT_PAGE); - pageNr = (pageNr == null) ? Integer.valueOf(WebUserSetFields.DEFAULT_PAGE) : pageNr; - return pageNr; + return (pageNr == null) ? Integer.valueOf(WebUserSetFields.DEFAULT_PAGE) : pageNr; } + /** + * Parses the page size, if not provided the default will be returned + * @param pageSize request param value + * @param maxPageSize maximum pageSize value (depends on requested profile) + * @param defaultItemsPerPage default value to return if the param value is empty + * @return the value parsed from the param or the default + * @throws ParamValidationException if ti is out of range + */ public static Integer getPageSizeOrDefault(String pageSize, int maxPageSize, final int defaultItemsPerPage) throws ParamValidationException { Integer pageItems; pageItems = parseIntegerParam(CommonApiConstants.QUERY_PARAM_PAGE_SIZE, pageSize, maxPageSize, UserSetConfigurationImpl.MIN_ITEMS_PER_PAGE); - pageItems = - (pageItems == null) ? Integer.valueOf(defaultItemsPerPage) + return (pageItems == null) ? Integer.valueOf(defaultItemsPerPage) : pageItems; - return pageItems; } } diff --git a/set-web/src/main/java/eu/europeana/set/web/service/controller/jsonld/WebUserSetRest.java b/set-web/src/main/java/eu/europeana/set/web/service/controller/jsonld/WebUserSetRest.java index f27c7b08..804ddc8a 100644 --- a/set-web/src/main/java/eu/europeana/set/web/service/controller/jsonld/WebUserSetRest.java +++ b/set-web/src/main/java/eu/europeana/set/web/service/controller/jsonld/WebUserSetRest.java @@ -186,12 +186,12 @@ private ResponseEntity processRetrieveSetPageRequest(String identifier, validateMultipleProfiles(profiles, profile); SetPageProfile searializationProfile = getUserSetService().getProfileForPagination(profiles); - pageNr = WeUserSetRequestUtils.parsePageNumber(page, -1); + pageNr = WebUserSetRequestUtils.parsePageNumber(page, -1); int maxPageSize = getConfiguration().getMaxPageSize(searializationProfile.getProfileParamValue()); - pageItems = WeUserSetRequestUtils.getPageSizeOrDefault(pageSize, maxPageSize, UserSetConfigurationImpl.DEFAULT_ITEMS_PER_PAGE); + pageItems = WebUserSetRequestUtils.getPageSizeOrDefault(pageSize, maxPageSize, UserSetConfigurationImpl.DEFAULT_ITEMS_PER_PAGE); return getUserSetPage(profiles, identifier, sortField, sortOrderField, pageNr, pageItems, authentication, request); @@ -563,7 +563,7 @@ protected ResponseEntity insertMultipleItemsIntoUserSet(HttpServletReque } // 9. verify if position is higher than pinned - if (!WeUserSetRequestUtils.isPinnRequest(position) && itemsPosition > -1 + if (!WebUserSetRequestUtils.isPinnRequest(position) && itemsPosition > -1 && itemsPosition < existingUserSet.getPinned()) { throw new RequestValidationException(UserSetI18nConstants.USER_SET_OPERATION_NOT_ALLOWED, new String[] {"Position smaller than pinned is not allowed for non pin request!", diff --git a/set-web/src/main/java/eu/europeana/set/web/service/impl/UserSetServiceImpl.java b/set-web/src/main/java/eu/europeana/set/web/service/impl/UserSetServiceImpl.java index a9ecdbdb..10604137 100644 --- a/set-web/src/main/java/eu/europeana/set/web/service/impl/UserSetServiceImpl.java +++ b/set-web/src/main/java/eu/europeana/set/web/service/impl/UserSetServiceImpl.java @@ -59,7 +59,7 @@ import eu.europeana.set.web.model.search.SearchApiUtils; import eu.europeana.set.web.model.search.UserSetIdsResultPage; import eu.europeana.set.web.model.search.UserSetResultPage; -import eu.europeana.set.web.service.controller.jsonld.WeUserSetRequestUtils; +import eu.europeana.set.web.service.controller.jsonld.WebUserSetRequestUtils; import ioinformarics.oss.jackson.module.jsonld.JsonldModule; public class UserSetServiceImpl extends BaseUserSetServiceImpl { @@ -327,7 +327,7 @@ public UserSet insertMultipleItems(List items, String position, int item List fullUriItems = validateItemsStrings(items); List duplicatedItems = computeDuplicateList(existingUserSet, fullUriItems); - boolean isPinnRequest = WeUserSetRequestUtils.isPinnRequest(position); + boolean isPinnRequest = WebUserSetRequestUtils.isPinnRequest(position); if (duplicatedItems != null) { processDuplicates(existingUserSet, fullUriItems, duplicatedItems, isPinnRequest); @@ -460,7 +460,7 @@ public UserSet insertItem(String datasetId, String localId, String position, // insert the item at the 0 position UserSet userSet; - if (WeUserSetRequestUtils.isPinnRequest(position) && existingUserSet.isEntityBestItemsSet()) { + if (WebUserSetRequestUtils.isPinnRequest(position) && existingUserSet.isEntityBestItemsSet()) { userSet = insertItem(existingUserSet, newItem, 0, true); } else { // validate position