de.frachtwerk.essencium.backend.controller.AbstractAccessAwareController Maven / Gradle / Ivy
/*
* Copyright (C) 2024 Frachtwerk GmbH, Leopoldstraße 7C, 76133 Karlsruhe.
*
* This file is part of essencium-backend.
*
* essencium-backend is free software: you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* essencium-backend is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with essencium-backend. If not, see Individual methods can have distinct restrictions by overwriting the according method.
* Annotate it with {@link RestrictAccessToOwnedEntities}.
*
* @param The {@link AbstractBaseModel} type that is served by this controller.
* @param The input type used for POST and PUT methods.
* @param The output type serialized as the response body of the GET, POST, PUT and
* PATCH requests.
* @param The {@link Specification} type used for filtering entities.
*/
@AllArgsConstructor
public abstract class AbstractAccessAwareController<
MODEL extends AbstractBaseModel,
ID extends Serializable,
INPUT extends Identifiable,
REPRESENTATION,
SPEC extends Specification> {
protected final AbstractEntityService service;
@GetMapping
@Parameter(
in = ParameterIn.QUERY,
description = "Page you want to retrieve (0..N)",
name = "page",
content = @Content(schema = @Schema(type = "integer", defaultValue = "0")))
@Parameter(
in = ParameterIn.QUERY,
description = "Number of records per page.",
name = "size",
content = @Content(schema = @Schema(type = "integer", defaultValue = "20")))
@Parameter(
in = ParameterIn.QUERY,
description =
"Sorting criteria in the format: property(,asc|desc). "
+ "Default sort order is ascending. "
+ "Multiple sort criteria are supported.",
name = "sort",
content = @Content(array = @ArraySchema(schema = @Schema(type = "string"))))
@Parameter(
in = ParameterIn.QUERY,
name = "ids",
description =
"IDs of the requested entities. can contain multiple values separated by ','"
+ "Multiple criteria are supported.",
content =
@Content(array = @ArraySchema(schema = @Schema(type = "integer", example = "1,2,5"))))
@Parameter(
in = ParameterIn.QUERY,
name = "createdBy",
description = "full username (email)",
content = @Content(schema = @Schema(type = "string", example = "[email protected]")))
@Parameter(
in = ParameterIn.QUERY,
name = "updatedBy",
description = "full username (email)",
content = @Content(schema = @Schema(type = "string", example = "[email protected]")))
@Parameter(
in = ParameterIn.QUERY,
name = "createdAtFrom",
description = "returns entries created after the submitted date and time ",
content =
@Content(
schema =
@Schema(type = "string", format = "date-time", example = "2021-01-01T00:00:01")))
@Parameter(
in = ParameterIn.QUERY,
name = "createdAtTo",
description = "returns entries created before the submitted date and time ",
content =
@Content(
schema =
@Schema(type = "string", format = "date-time", example = "2021-12-31T23:59:59")))
@Parameter(
in = ParameterIn.QUERY,
name = "updatedAtFrom",
description = "returns entries updated after the submitted date and time ",
content =
@Content(
schema =
@Schema(type = "string", format = "date-time", example = "2021-01-01T00:00:01")))
@Parameter(
in = ParameterIn.QUERY,
name = "updatedAtTo",
description = "returns entries updated before the submitted date and time ",
content =
@Content(
schema =
@Schema(type = "string", format = "date-time", example = "2021-12-31T23:59:59")))
public Page findAll(
@Parameter(hidden = true) SPEC specification, @ParameterObject Pageable pageable) {
return toRepresentation(service.getAllFiltered(specification, pageable));
}
@GetMapping("/basic")
@Parameter(
in = ParameterIn.QUERY,
name = "ids",
description =
"IDs of the requested entities. can contain multiple values separated by ','"
+ "Multiple criteria are supported.",
content =
@Content(array = @ArraySchema(schema = @Schema(type = "integer", example = "1,2,5"))))
@Parameter(
in = ParameterIn.QUERY,
name = "createdBy",
description = "full username (email)",
content = @Content(schema = @Schema(type = "string", example = "[email protected]")))
@Parameter(
in = ParameterIn.QUERY,
name = "updatedBy",
description = "full username (email)",
content = @Content(schema = @Schema(type = "string", example = "[email protected]")))
@Parameter(
in = ParameterIn.QUERY,
name = "createdAtFrom",
description = "returns entries created after the submitted date and time ",
content =
@Content(
schema =
@Schema(type = "string", format = "date-time", example = "2021-01-01T00:00:01")))
@Parameter(
in = ParameterIn.QUERY,
name = "createdAtTo",
description = "returns entries created before the submitted date and time ",
content =
@Content(
schema =
@Schema(type = "string", format = "date-time", example = "2021-12-31T23:59:59")))
@Parameter(
in = ParameterIn.QUERY,
name = "updatedAtFrom",
description = "returns entries updated after the submitted date and time ",
content =
@Content(
schema =
@Schema(type = "string", format = "date-time", example = "2021-01-01T00:00:01")))
@Parameter(
in = ParameterIn.QUERY,
name = "updatedAtTo",
description = "returns entries updated before the submitted date and time ",
content =
@Content(
schema =
@Schema(type = "string", format = "date-time", example = "2021-12-31T23:59:59")))
public List findAll(@Parameter(hidden = true) SPEC specification) {
return BasicRepresentation.from(service.getAllFiltered(specification));
}
@GetMapping("/{id}")
@Parameter(
in = ParameterIn.PATH,
name = "id",
description = "ID of the entry to retrieve",
required = true,
content = @Content(schema = @Schema(type = "integer")))
public REPRESENTATION findById(
@Parameter(hidden = true) @Spec(path = "id", pathVars = "id", spec = Equal.class) SPEC spec) {
return toRepresentation(service.getOne(spec).orElseThrow(ResourceNotFoundException::new));
}
@PostMapping
@ResponseStatus(HttpStatus.CREATED)
public REPRESENTATION create(@NotNull @Valid @RequestBody INPUT input) {
input.setId(null); // otherwise existing entities can be overwritten
return toRepresentation(service.create(input));
}
@PutMapping("/{id}")
@Parameter(
in = ParameterIn.PATH,
name = "id",
description = "ID of the entry to update",
required = true,
content = @Content(schema = @Schema(type = "integer")))
@ResponseStatus(HttpStatus.OK)
public REPRESENTATION update(
@PathVariable("id") @NotNull final ID id,
@Valid @RequestBody @NotNull final INPUT input,
@Spec(path = "id", pathVars = "id", spec = Equal.class) @Parameter(hidden = true) SPEC spec) {
return toRepresentation(service.testAccess(spec).update(id, input));
}
@PatchMapping(value = "/{id}")
@Parameter(
in = ParameterIn.PATH,
name = "id",
description = "ID of the entry to update",
required = true,
content = @Content(schema = @Schema(type = "integer")))
@ResponseStatus(HttpStatus.OK)
public REPRESENTATION update(
@PathVariable("id") @NotNull final ID id,
@NotNull @RequestBody final Map userFields,
@Spec(path = "id", pathVars = "id", spec = Equal.class) @Parameter(hidden = true) SPEC spec) {
return toRepresentation(service.testAccess(spec).patch(id, userFields));
}
@DeleteMapping("/{id}")
@Parameter(
in = ParameterIn.PATH,
name = "id",
description = "ID of the entry to delete",
required = true,
content = @Content(schema = @Schema(type = "integer")))
@ResponseStatus(HttpStatus.NO_CONTENT)
public void delete(
@PathVariable("id") @NotNull final ID id,
@Spec(path = "id", pathVars = "id", spec = Equal.class) @Parameter(hidden = true) SPEC spec) {
service.testAccess(spec).deleteById(id);
}
@RequestMapping(value = "/**", method = RequestMethod.OPTIONS)
public final ResponseEntity