Servizio REST per missioni

README.md

@@ -1,19 +1,26 @@
-SIGLA
+# SIGLA
 
-# SERVIZIO REST PER CREARE UNA MISSIONE
+------------------------------------------------------------
 
-## HEADER HTTP 
-PUT /SIGLA/restapi/missioni HTTP/1.1
-Host: localhost:8080
-Authorization: Basic ????????????
-Content-Type: application/json
-X-sigla-esercizio: 2016
-X-sigla-cd-unita-organizzativa: 084.000
-X-sigla-cd-cds: 084
-X-sigla-cd-cdr: 084.000.000
-Cache-Control: no-cache
 
-## BODY JSON
+## SERVIZIO REST PER CREARE UNA MISSIONE
+
+### HEADER HTTP 
+
+* PUT /SIGLA/restapi/missioni HTTP/1.1
+* Host: localhost:8080
+* Authorization: Basic ????????????
+* Content-Type: application/json
+* X-sigla-esercizio: 2016
+* X-sigla-cd-unita-organizzativa: 084.000
+* X-sigla-cd-cds: 084
+* X-sigla-cd-cdr: 084.000.000
+* Cache-Control: no-cache
+
+### BODY JSON
+
+> 
+
 {
 		"esercizio" : 2016,
 		"cd_cds": "084",
@@ -103,4 +110,6 @@ Cache-Control: no-cache
 			}
 
 		]
-}
+}
+
+> 

sigla-ejb/src/main/java/it/cnr/contab/utenze00/bp/CNRUserContext.java

@@ -1,6 +1,7 @@
 package it.cnr.contab.utenze00.bp;
 
 import java.io.Serializable;
+import java.security.Principal;
 import java.util.Dictionary;
 import java.util.Hashtable;
 
@@ -9,7 +10,7 @@
  * sessione e di scrivania corrente
  */
 
-public class CNRUserContext implements it.cnr.jada.UserContext {
+public class CNRUserContext implements it.cnr.jada.UserContext, Principal {
 	private static final long serialVersionUID = 1L;
 	private Hashtable<String, Serializable> attributes;
 
@@ -191,8 +192,13 @@ public static String getCd_cdr(it.cnr.jada.UserContext userContext) {
 	public Hashtable<String, Serializable> getAttributes() {
 		return attributes;
 	}
-
-	public String toString() {
-		return "USER: " + getUser();
+
+	@Override
+	public String getName() {
+		return getUser();
 	}
+	@Override
+	public String toString() {
+		return "CNRUserContext [attributes=" + attributes + "]";
+	}	
 }

sigla-web/pom.xml

@@ -150,12 +150,6 @@
 			<scope>provided</scope>
 		</dependency>
 
-		<dependency>
-		    <groupId>org.jboss.resteasy</groupId>
-		    <artifactId>resteasy-jaxrs</artifactId>
-		    <version>3.0.14.Final</version>
-			<scope>provided</scope>
-		</dependency>
 
 	</dependencies>
 </project>

sigla-web/src/main/java/it/cnr/contab/web/rest/FatturaAttivaResource.java

@@ -20,6 +20,7 @@
 import javax.ws.rs.core.MediaType;
 import javax.ws.rs.core.Response;
 import javax.ws.rs.core.Response.Status;
+import javax.ws.rs.core.SecurityContext;
 
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -31,14 +32,15 @@
 public class FatturaAttivaResource {
     private static final String FATTURA_ATTIVA_NON_PRESENTE = "Fattura attiva non presente.";
 	private final Logger LOGGER = LoggerFactory.getLogger(FatturaAttivaResource.class);
-
+	@Context SecurityContext securityContext;
     /**
      * POST  /restapi/fatturaattiva/ricerca -> return Fattura attiva
      */
     @POST
     @Path(value = "/ricerca")
-    public Response ricercaFattura(@Context HttpServletRequest request, CNRUserContext userContext, @QueryParam ("pg") Long pg) throws Exception {
+    public Response ricercaFattura(@Context HttpServletRequest request, @QueryParam ("pg") Long pg) throws Exception {
         LOGGER.debug("REST request per ricercare una fattura attiva." );
+        CNRUserContext userContext = (CNRUserContext) securityContext.getUserPrincipal();        
         try {
             Fattura_attivaBulk fatturaAttiva = fatturaComponent().ricercaFattura(userContext, userContext.getEsercizio().longValue(), 
             		userContext.getCd_cds(), userContext.getCd_unita_organizzativa(), pg);		

sigla-web/src/main/java/it/cnr/contab/web/rest/MissioneResource.java

@@ -6,10 +6,10 @@
 import it.cnr.contab.missioni00.ejb.MissioneComponentSession;
 import it.cnr.contab.missioni00.tabrif.bulk.Missione_tipo_pastoBulk;
 import it.cnr.contab.missioni00.tabrif.bulk.Missione_tipo_spesaBulk;
-import it.cnr.contab.web.rest.config.MassimaleSpesaBulk;
+import it.cnr.contab.utenze00.bp.CNRUserContext;
 import it.cnr.contab.web.rest.config.RestException;
 import it.cnr.contab.web.rest.config.SIGLARoles;
-import it.cnr.contab.web.rest.model.UserContextBulk;
+import it.cnr.contab.web.rest.model.MassimaleSpesaBulk;
 import it.cnr.jada.UserContext;
 import it.cnr.jada.bulk.ValidationException;
 import it.cnr.jada.comp.ComponentException;
@@ -37,6 +37,7 @@
 import javax.ws.rs.core.Response;
 import javax.ws.rs.core.Response.ResponseBuilder;
 import javax.ws.rs.core.Response.Status;
+import javax.ws.rs.core.SecurityContext;
 
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -47,15 +48,15 @@
 @RolesAllowed(SIGLARoles.MISSIONI)
 public class MissioneResource {
     private final Logger LOGGER = LoggerFactory.getLogger(MissioneResource.class);
+	@Context SecurityContext securityContext;
 
     @POST
     @Path(value = "/validaMassimaleSpesa")
-    public Response validaMassimaleSpesa(@Context HttpServletRequest request, UserContextBulk<MassimaleSpesaBulk> massimaleSpesa) throws Exception {
+    public Response validaMassimaleSpesa(@Context HttpServletRequest request, MassimaleSpesaBulk massimaleSpesaBulk) throws Exception {
 		ResponseBuilder rb;
     	try{
             LOGGER.debug("REST request per visualizzare la divisa per nazione" );
-        	MassimaleSpesaBulk massimaleSpesaBulk = massimaleSpesa.getOggettoBulk();
-        	UserContext userContext = massimaleSpesa.getUserContext();
+        	UserContext userContext = (CNRUserContext) securityContext.getUserPrincipal();
     		Optional.ofNullable(massimaleSpesaBulk.getData()).orElseThrow(() -> new RestException(Status.BAD_REQUEST, "Errore, data dettaglio spesa obbligatoria."));
     		Optional.ofNullable(massimaleSpesaBulk.getImportoSpesa()).orElseThrow(() -> new RestException(Status.BAD_REQUEST, "Errore, importo dettaglio spesa obbligatorio."));
     		Optional.ofNullable(massimaleSpesaBulk.getDivisa()).orElseThrow(() -> new RestException(Status.BAD_REQUEST, "Errore, divisa dettaglio spesa obbligatoria."));
@@ -83,7 +84,6 @@ public Response validaMassimaleSpesa(@Context HttpServletRequest request, UserCo
     			}
     			Optional.ofNullable(tipoPasto).orElseThrow(() -> new RestException(Status.BAD_REQUEST,  "Tipo Pasto non trovato in SIGLA."));
     		}
-
     		MissioneBulk missioneBulk = new MissioneBulk();
     		Missione_dettaglioBulk dettaglio = new Missione_dettaglioBulk();
     		dettaglio.setTipo_pasto(tipoPasto);
@@ -107,10 +107,11 @@ public Response validaMassimaleSpesa(@Context HttpServletRequest request, UserCo
 	}
 
     @PUT
-    public Response insert(@Context HttpServletRequest request, UserContextBulk<MissioneBulk> userContextMissione) throws Exception {
+    public Response insert(@Context HttpServletRequest request, MissioneBulk missioneBulk) throws Exception {
+    	UserContext userContext = (CNRUserContext) securityContext.getUserPrincipal();
     	final MissioneBulk missione = (MissioneBulk) missioneComponent().inizializzaBulkPerInserimento(
-    			userContextMissione.getUserContext(), 
-    			userContextMissione.getOggettoBulk());
+    			userContext, 
+    			missioneBulk);
     	missione.setToBeCreated();
     	missione.getTappeMissioneColl().stream().forEach(x -> {
     		x.setToBeCreated();
@@ -125,17 +126,13 @@ public Response insert(@Context HttpServletRequest request, UserContextBulk<Miss
     		x.setToBeCreated();
     		x.setMissione(missione);
     	}));
-    	MissioneBulk missioneCreated = (MissioneBulk) missioneComponent().creaConBulk(userContextMissione.getUserContext(), missione);
+    	MissioneBulk missioneCreated = (MissioneBulk) missioneComponent().creaConBulk(userContext, missione);
     	missioneCreated.setToBeUpdated();
     	missioneCreated.setMissioneIniziale(missioneCreated);
-    	missioneCreated = (MissioneBulk) missioneComponent().creaConBulk(userContextMissione.getUserContext(), missioneCreated);
+    	missioneCreated = (MissioneBulk) missioneComponent().creaConBulk(userContext, missioneCreated);
     	return Response.status(Status.CREATED).entity(missioneCreated).build();
     }
 
-    public BigDecimal recuperoCambio(UserContext userContext, String divisa, Timestamp dataInizioMissione) throws ComponentException{
-		return BigDecimal.ZERO;		
-    }
-
 	private MissioneComponentSession missioneComponent() throws javax.ejb.EJBException, java.rmi.RemoteException {
 		return (MissioneComponentSession)it.cnr.jada.util.ejb.EJBCommonServices.createEJB("CNRMISSIONI00_EJB_MissioneComponentSession");
 	}

sigla-web/src/main/java/it/cnr/contab/web/rest/config/BasicAuthentication.java

@@ -12,13 +12,13 @@
 
 import java.io.IOException;
 import java.rmi.RemoteException;
+import java.util.Base64;
 import java.util.List;
 import java.util.StringTokenizer;
 
 import javax.ejb.EJBException;
 import javax.xml.bind.DatatypeConverter;
 
-import org.jboss.resteasy.util.Base64;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
@@ -127,7 +127,7 @@ private static StringTokenizer getUsernameAndPassword(List<String> authorization
 
 		// Decode username and password
 		String usernameAndPassword = null;
-		usernameAndPassword = new String(Base64.decode(encodedUserPassword));
+		usernameAndPassword = new String(Base64.getDecoder().decode(encodedUserPassword));
 
 		// Split username and password tokens
 		final StringTokenizer tokenizer = new StringTokenizer(

sigla-web/src/main/java/it/cnr/contab/web/rest/config/RESTSecurityInterceptor.java

@@ -44,8 +44,7 @@ public class RESTSecurityInterceptor implements ContainerRequestFilter, Exceptio
 	public void filter(ContainerRequestContext requestContext) {	
 
 		final Method method = resourceInfo.getResourceMethod();
-		final Class<?> declaring = resourceInfo.getResourceClass();
-
+		final Class<?> declaring = resourceInfo.getResourceClass();		
 		String[] rolesAllowed = null;
 		boolean denyAll;
 		boolean permitAll;
@@ -81,6 +80,7 @@ public void filter(ContainerRequestContext requestContext) {
 						requestContext.abortWith(Response.status(Status.UNAUTHORIZED).entity(UNAUTHORIZED_MAP).build());
 						return;
 					}
+			    	requestContext.setSecurityContext(new SIGLASecurityContext(requestContext, utenteBulk.getCd_utente()));
 				} catch (Exception e) {
 					LOGGER.error("ERROR for REST SERVICE", e);
 					requestContext.abortWith(Response.status(Status.INTERNAL_SERVER_ERROR).entity(e).build());

sigla-web/src/main/java/it/cnr/contab/web/rest/config/SIGLASecurityContext.java

@@ -0,0 +1,49 @@
+package it.cnr.contab.web.rest.config;
+
+import it.cnr.contab.utenze00.bp.CNRUserContext;
+
+import java.security.Principal;
+
+import javax.ws.rs.container.ContainerRequestContext;
+import javax.ws.rs.core.SecurityContext;
+
+public class SIGLASecurityContext implements SecurityContext {
+
+	private static final String X_SIGLA_CD_CDR = "X-sigla-cd-cdr";
+	private static final String X_SIGLA_CD_CDS = "X-sigla-cd-cds";
+	private static final String X_SIGLA_CD_UNITA_ORGANIZZATIVA = "X-sigla-cd_unita-organizzativa";
+	private static final String X_SIGLA_ESERCIZIO = "X-sigla-esercizio";
+	private final CNRUserContext userContext;
+
+	public SIGLASecurityContext(ContainerRequestContext requestContext, String userName)
+	{
+		this.userContext = new CNRUserContext(
+				userName,
+				null,
+				Integer.valueOf(requestContext.getHeaderString(X_SIGLA_ESERCIZIO)),
+				requestContext.getHeaderString(X_SIGLA_CD_UNITA_ORGANIZZATIVA),
+				requestContext.getHeaderString(X_SIGLA_CD_CDS),
+				requestContext.getHeaderString(X_SIGLA_CD_CDR)
+		);
+	}
+
+	public Principal getUserPrincipal()
+	{
+		return userContext;
+	}
+
+	public boolean isUserInRole(String role)
+	{
+		return true;
+	}
+
+	public boolean isSecure()
+	{
+		return true;
+	}
+
+	public String getAuthenticationScheme()
+	{
+		return "SIGLA Security Context";
+	}
+}

sigla-web/src/main/java/it/cnr/contab/web/rest/config/MassimaleSpesaBulk.java → sigla-web/src/main/java/it/cnr/contab/web/rest/model/MassimaleSpesaBulk.java

@@ -1,4 +1,4 @@
-package it.cnr.contab.web.rest.config;
+package it.cnr.contab.web.rest.model;
 
 import java.math.BigDecimal;
 import java.util.Date;