Java tutorial
/******************************************************************************* * Educational Online Test Delivery System * Copyright (c) 2013 American Institutes for Research * * Distributed under the AIR Open Source License, Version 1.0 * See accompanying file AIR-License-1_0.txt or at * http://www.smarterapp.org/documents/American_Institutes_for_Research_Open_Source_Software_License.pdf ******************************************************************************/ package org.opentestsystem.authoring.testauth.rest; import java.util.List; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.validation.Valid; import org.apache.commons.lang.StringUtils; import org.opentestsystem.authoring.testauth.domain.Publication; import org.opentestsystem.authoring.testauth.domain.Subject; import org.opentestsystem.authoring.testauth.domain.search.PublicationSearchRequest; import org.opentestsystem.authoring.testauth.service.AssessmentService; import org.opentestsystem.authoring.testauth.service.PublicationService; import org.opentestsystem.authoring.testauth.validation.PublicationValidator; import org.opentestsystem.shared.exception.LocalizedException; import org.opentestsystem.shared.exception.RestException; import org.opentestsystem.shared.search.domain.SearchResponse; import org.opentestsystem.shared.web.AbstractRestController; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.http.HttpStatus; import org.springframework.http.MediaType; import org.springframework.security.access.annotation.Secured; import org.springframework.security.access.prepost.PostAuthorize; import org.springframework.stereotype.Controller; import org.springframework.web.bind.WebDataBinder; import org.springframework.web.bind.annotation.InitBinder; import org.springframework.web.bind.annotation.PathVariable; import org.springframework.web.bind.annotation.RequestBody; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMethod; import org.springframework.web.bind.annotation.RequestParam; import org.springframework.web.bind.annotation.ResponseBody; import org.springframework.web.bind.annotation.ResponseStatus; /** * Used to retrieve publications */ @Controller public class PublicationController extends AbstractRestController { private static final Logger LOGGER = LoggerFactory.getLogger(PublicationController.class); @Autowired private PublicationService publicationService; @Autowired private AssessmentService assessmentService; @Autowired private PublicationValidator publicationValidator; @InitBinder("publication") public void initBinder(final WebDataBinder binder) { binder.setValidator(this.publicationValidator); } /** * Gets publicationService by publicationId. * * @param publication id. * @return publication object. */ @RequestMapping(value = "/publication/{publicationId}", method = RequestMethod.GET, produces = { MediaType.APPLICATION_JSON_VALUE }) @Secured({ "ROLE_Setup Read" }) @PostAuthorize("hasRole('ROLE_Setup Modify') or hasPermission(returnObject, 'ROLE_Setup Read')") @ResponseBody public Publication findPublicationById(@PathVariable final String publicationId) { LOGGER.debug("Finding publication for Id: " + publicationId); return this.publicationService.getPublication(publicationId); } /** * Creates publication. * * @param publication to be saved. * @param response HttpServletResponse. * @return publication newly created publication object. */ @ResponseStatus(HttpStatus.CREATED) @RequestMapping(value = "/publication", method = RequestMethod.POST, consumes = MediaType.APPLICATION_JSON_VALUE, produces = { MediaType.APPLICATION_JSON_VALUE }) @Secured({ "ROLE_Setup Modify" }) // NOTE: there is intentionally no @PreAuthorize annotation...ability to modify setup is non-tenanted @ResponseBody public Publication savePublication(@RequestBody @Valid final Publication publication, final HttpServletResponse response) { LOGGER.debug("Saving publication"); return this.publicationService.savePublication(publication); } /** * Updates publication. * * @param publication to be saved. * @param response HttpServletResponse. * @return publication updated publication object. */ @ResponseStatus(HttpStatus.OK) @RequestMapping(value = "/publication/{publicationId}", method = RequestMethod.PUT, consumes = MediaType.APPLICATION_JSON_VALUE, produces = { MediaType.APPLICATION_JSON_VALUE }) @Secured({ "ROLE_Setup Modify" }) // NOTE: there is intentionally no @PreAuthorize annotation...ability to modify setup is non-tenanted @ResponseBody public Publication updatePublication(@PathVariable final String publicationId, @RequestBody @Valid final Publication publication, final HttpServletResponse response) { if (publication == null || StringUtils.isEmpty(publication.getId()) || !publicationId.equals(publication.getId())) { throw new LocalizedException("publication.invalid.id"); } return this.publicationService.savePublication(publication); } /** * Removes publication. * * @param publicationId publication Id. */ @ResponseStatus(HttpStatus.NO_CONTENT) @RequestMapping(value = "/publication/{publicationId}", method = RequestMethod.DELETE) @Secured({ "ROLE_Setup Modify" }) // NOTE: there is intentionally no @PreAuthorize annotation...ability to modify setup is non-tenanted public void removePublicationById(@PathVariable final String publicationId) { if (LOGGER.isDebugEnabled()) { LOGGER.debug("Removing publication with Id:" + publicationId); } this.publicationService.removePublication(publicationId); } @RequestMapping(value = "/publication", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_VALUE) @Secured({ "ROLE_Setup Read" }) @PostAuthorize("hasRole('ROLE_Setup Modify') or hasPermission(returnObject, 'ROLE_Setup Read')") @ResponseBody public SearchResponse<Publication> searchPublications(final HttpServletRequest request, final HttpServletResponse response) { final PublicationSearchRequest searchRequest = new PublicationSearchRequest(request.getParameterMap()); SearchResponse<Publication> searchResponse; if (searchRequest.isValid()) { searchResponse = publicationService.searchPublications(searchRequest); } else { throw new RestException("publication.search.invalidSearchCriteria"); } return searchResponse; } /** * Returns a list of active subjects which have been assigned to any publication in the given tenant * * @param tenant id. * @return list of active subjects assigned to publications in the tenant. */ @RequestMapping(value = "/publication/assignedSubjects", method = RequestMethod.GET, produces = { MediaType.APPLICATION_JSON_VALUE }) @Secured({ "ROLE_Setup Read" }) @PostAuthorize("hasRole('ROLE_Setup Modify') or hasPermission(returnObject, 'ROLE_Setup Read')") @ResponseBody public List<Subject> getSubjectsAssignedToPublications( @RequestParam(required = true, value = "tenantId") final String tenantId) { return this.publicationService.getSubjectsAssignedToPublications(tenantId); } }