raimund@478: /* Copyright (C) 2013 by Bundesamt fuer Strahlenschutz
raimund@478:  * Software engineering by Intevation GmbH
raimund@478:  *
rrenkert@629:  * This file is Free Software under the GNU GPL (v>=3)
rrenkert@629:  * and comes with ABSOLUTELY NO WARRANTY! Check out
rrenkert@629:  * the documentation coming with IMIS-Labordaten-Application for details.
raimund@478:  */
raimund@478: package de.intevation.lada.rest;
raimund@478: 
raimund@478: import javax.enterprise.context.RequestScoped;
raimund@478: import javax.inject.Inject;
raimund@582: import javax.servlet.http.HttpServletRequest;
raimund@478: import javax.ws.rs.DELETE;
raimund@478: import javax.ws.rs.GET;
raimund@478: import javax.ws.rs.POST;
raimund@478: import javax.ws.rs.PUT;
raimund@478: import javax.ws.rs.Path;
raimund@478: import javax.ws.rs.PathParam;
raimund@478: import javax.ws.rs.Produces;
raimund@478: import javax.ws.rs.core.Context;
raimund@478: import javax.ws.rs.core.HttpHeaders;
raimund@478: import javax.ws.rs.core.MediaType;
raimund@478: import javax.ws.rs.core.MultivaluedMap;
raimund@478: import javax.ws.rs.core.UriInfo;
raimund@478: 
raimund@478: import de.intevation.lada.model.land.LKommentarM;
raimund@802: import de.intevation.lada.model.land.LMessung;
raimund@478: import de.intevation.lada.util.annotation.AuthorizationConfig;
raimund@478: import de.intevation.lada.util.annotation.RepositoryConfig;
raimund@478: import de.intevation.lada.util.auth.Authorization;
raimund@478: import de.intevation.lada.util.auth.AuthorizationType;
raimund@478: import de.intevation.lada.util.data.QueryBuilder;
raimund@478: import de.intevation.lada.util.data.Repository;
raimund@478: import de.intevation.lada.util.data.RepositoryType;
raimund@582: import de.intevation.lada.util.rest.RequestMethod;
raimund@478: import de.intevation.lada.util.rest.Response;
raimund@478: 
raimund@627: /**
raimund@627:  * REST service for KommentarM objects.
raimund@627:  * <p>
raimund@627:  * The services produce data in the application/json media type.
raimund@627:  * All HTTP methods use the authorization module to determine if the user is
raimund@627:  * allowed to perform the requested action.
raimund@627:  * A typical response holds information about the action performed and the data.
raimund@627:  * <pre>
raimund@627:  * <code>
raimund@627:  * {
raimund@627:  *  "success": [boolean];
raimund@627:  *  "message": [string],
raimund@627:  *  "data":[{
raimund@627:  *      "messungsId": [number],
raimund@627:  *      "datum": [timestamp],
raimund@627:  *      "erzeuger": [string],
raimund@627:  *      "id": [number],
raimund@627:  *      "text": [string],
raimund@627:  *      "owner": [boolean],
raimund@627:  *      "readonly": [boolean]
raimund@627:  *  }],
raimund@627:  *  "errors": [object],
raimund@627:  *  "warnings": [object],
raimund@627:  *  "readonly": [boolean],
raimund@627:  *  "totalCount": [number]
raimund@627:  * }
raimund@627:  * </code>
raimund@627:  * </pre>
raimund@627:  *
raimund@627:  * @author <a href="mailto:rrenkert@intevation.de">Raimund Renkert</a>
raimund@627:  */
raimund@827: @Path("rest/mkommentar")
raimund@478: @RequestScoped
raimund@478: public class KommentarMService {
raimund@478: 
raimund@627:     /**
raimund@627:      * The data repository granting read/write access.
raimund@627:      */
raimund@478:     @Inject
raimund@478:     @RepositoryConfig(type=RepositoryType.RW)
raimund@478:     private Repository defaultRepo;
raimund@478: 
raimund@627:     /**
raimund@627:      * The authorization module.
raimund@627:      */
raimund@478:     @Inject
raimund@722:     @AuthorizationConfig(type=AuthorizationType.HEADER)
raimund@478:     private Authorization authorization;
raimund@478: 
raimund@478:     /**
raimund@627:      * Get all KommentarM objects.
raimund@627:      * <p>
tom@821:      * The requested objects have to be filtered using an URL parameter named
raimund@627:      * messungsId.
raimund@627:      * <p>
raimund@627:      * Example: http://example.com/mkommentar?messungsId=[ID]
raimund@478:      *
tom@821:      * @return Response object containing filtered KommentarM objects.
tom@821:      * Status-Code 699 if parameter is missing or requested objects are
tom@821:      * not authorized.
raimund@478:      */
raimund@478:     @GET
raimund@478:     @Path("/")
raimund@478:     @Produces(MediaType.APPLICATION_JSON)
raimund@478:     public Response get(
raimund@478:         @Context HttpHeaders headers,
raimund@582:         @Context UriInfo info,
raimund@582:         @Context HttpServletRequest request
raimund@478:     ) {
raimund@478:         MultivaluedMap<String, String> params = info.getQueryParameters();
raimund@556:         if (params.isEmpty() || !params.containsKey("messungsId")) {
raimund@802:             return new Response(false, 699, null);
raimund@478:         }
raimund@556:         String messungId = params.getFirst("messungsId");
raimund@802:         int id;
raimund@802:         try {
raimund@802:             id = Integer.valueOf(messungId);
raimund@802:         }
raimund@802:         catch(NumberFormatException nfe) {
raimund@802:             return new Response(false, 699, null);
raimund@802:         }
raimund@802:         LMessung messung = defaultRepo.getByIdPlain(
raimund@802:             LMessung.class,
raimund@802:             id,
raimund@802:             "land");
raimund@833:         if (!authorization.isAuthorized(request, messung, RequestMethod.GET, LMessung.class)) {
raimund@833:             return new Response(false, 699, null);
raimund@802:         }
raimund@802: 
raimund@478:         QueryBuilder<LKommentarM> builder =
raimund@478:             new QueryBuilder<LKommentarM>(
raimund@478:                 defaultRepo.entityManager("land"),
raimund@478:                 LKommentarM.class);
raimund@556:         builder.and("messungsId", messungId);
raimund@582:         return authorization.filter(
raimund@582:             request,
raimund@582:             defaultRepo.filter(builder.getQuery(), "land"),
raimund@582:             LKommentarM.class);
raimund@478:     }
raimund@478: 
raimund@478:     /**
raimund@627:      * Get a single KommentarM object by id.
raimund@627:      * <p>
raimund@627:      * The id is appended to the URL as a path parameter.
raimund@627:      * <p>
raimund@627:      * Example: http://example.com/mkommentar/{id}
raimund@478:      *
raimund@627:      * @return Response object containing a single KommentarM.
raimund@478:      */
raimund@478:     @GET
raimund@478:     @Path("/{id}")
raimund@478:     @Produces(MediaType.APPLICATION_JSON)
raimund@478:     public Response getById(
raimund@478:         @Context HttpHeaders headers,
raimund@582:         @Context HttpServletRequest request,
raimund@478:         @PathParam("id") String id
raimund@478:     ) {
raimund@802:         Response response =
raimund@802:             defaultRepo.getById(LKommentarM.class, Integer.valueOf(id), "land");
raimund@802:         LKommentarM kommentar = (LKommentarM)response.getData();
raimund@802:         LMessung messung = defaultRepo.getByIdPlain(
raimund@802:             LMessung.class,
raimund@802:             kommentar.getMessungsId(),
raimund@802:             "land");
raimund@833:         if (!authorization.isAuthorized(request, messung, RequestMethod.GET, LMessung.class)) {
raimund@833:             return new Response(false, 699, null);
raimund@802:         }
raimund@802: 
raimund@582:         return authorization.filter(
raimund@582:             request,
raimund@802:             response,
raimund@582:             LKommentarM.class);
raimund@478:     }
raimund@478: 
raimund@627:     /**
raimund@627:      * Create a KommentarM object.
raimund@627:      * <p>
raimund@627:      * The new object is embedded in the post data as JSON formatted string.
raimund@627:      * <p>
raimund@627:      * <pre>
raimund@627:      * <code>
raimund@627:      * {
raimund@627:      *  messungsId: [number],
raimund@627:      *  erzeuger: [string],
raimund@627:      *  text: [string],
raimund@627:      *  datum: [date]
raimund@627:      *  owner: [boolean],
raimund@627:      * }
raimund@627:      * </code>
raimund@627:      * </pre>
raimund@627:      * @return A response object containing the created KommentarM.
raimund@627:      */
raimund@478:     @POST
raimund@639:     @Path("/")
raimund@478:     @Produces(MediaType.APPLICATION_JSON)
raimund@478:     public Response create(
raimund@478:         @Context HttpHeaders headers,
raimund@582:         @Context HttpServletRequest request,
raimund@478:         LKommentarM kommentar
raimund@478:     ) {
raimund@582:         if (!authorization.isAuthorized(
raimund@582:                 request,
raimund@582:                 kommentar,
raimund@582:                 RequestMethod.POST,
raimund@582:                 LKommentarM.class)
raimund@582:         ) {
raimund@478:             return new Response(false, 699, null);
raimund@478:         }
raimund@478:         /* Persist the new object*/
raimund@601:         return authorization.filter(
raimund@601:             request,
raimund@601:             defaultRepo.create(kommentar, "land"),
raimund@601:             LKommentarM.class);
raimund@478:     }
raimund@478: 
raimund@478:     /**
raimund@627:      * Update an existing KommentarM object.
raimund@627:      * <p>
raimund@627:      * The object to update should come as JSON formatted string.
raimund@627:      * <pre>
raimund@627:      * <code>
raimund@627:      * {
raimund@627:      *  "id": [number],
raimund@627:      *  "owner": [boolean],
raimund@627:      *  "messungsId": [number],
raimund@627:      *  "erzeuger": [string],
raimund@627:      *  "text": [string],
raimund@627:      *  "datum": [date]
raimund@627:      * }
raimund@627:      * </code>
raimund@627:      * </pre>
raimund@478:      *
raimund@627:      * @return Response object containing the updated KommentarM object.
raimund@478:      */
raimund@478:     @PUT
raimund@557:     @Path("/{id}")
raimund@478:     @Produces(MediaType.APPLICATION_JSON)
raimund@478:     public Response update(
raimund@478:         @Context HttpHeaders headers,
raimund@582:         @Context HttpServletRequest request,
raimund@478:         LKommentarM kommentar
raimund@478:     ) {
raimund@582:         if (!authorization.isAuthorized(
raimund@582:                 request,
raimund@582:                 kommentar,
raimund@582:                 RequestMethod.PUT,
raimund@582:                 LKommentarM.class)
raimund@582:         ) {
raimund@478:             return new Response(false, 699, null);
raimund@478:         }
raimund@601:         return authorization.filter(
raimund@601:             request,
raimund@601:             defaultRepo.update(kommentar, "land"),
raimund@601:             LKommentarM.class);
raimund@478:     }
raimund@478: 
raimund@478:     /**
raimund@627:      * Delete an existing KommentarM object by id.
raimund@627:      * <p>
raimund@627:      * The id is appended to the URL as a path parameter.
raimund@627:      * <p>
raimund@627:      * Example: http://example.com/mkommentar/{id}
raimund@478:      *
raimund@478:      * @return Response object.
raimund@478:      */
raimund@478:     @DELETE
raimund@478:     @Path("/{id}")
raimund@478:     @Produces(MediaType.APPLICATION_JSON)
raimund@478:     public Response delete(
raimund@478:         @Context HttpHeaders headers,
raimund@582:         @Context HttpServletRequest request,
raimund@478:         @PathParam("id") String id
raimund@478:     ) {
raimund@478:         /* Get the object by id*/
raimund@478:         Response kommentar =
raimund@478:             defaultRepo.getById(LKommentarM.class, Integer.valueOf(id), "land");
raimund@478:         LKommentarM kommentarObj = (LKommentarM)kommentar.getData();
raimund@582:         if (!authorization.isAuthorized(
raimund@582:                 request,
raimund@582:                 kommentarObj,
raimund@582:                 RequestMethod.DELETE,
raimund@582:                 LKommentarM.class)
raimund@582:         ) {
raimund@582:             return new Response(false, 699, null);
raimund@582:         }
raimund@478:         return defaultRepo.delete(kommentarObj, "land");
raimund@478:     }
raimund@478: }