Package com.skava.auth.web

Class ClientRoleController

java.lang.Object
org.springframework.web.servlet.mvc.method.annotation.ResponseEntityExceptionHandler
com.skava.core.security.CommonExceptionHandler
com.skava.core.errorhandler.ExceptionResponseProcessor
com.skava.auth.helper.AuthExceptionHandler
com.skava.auth.web.ClientRoleController
All Implemented Interfaces:
org.springframework.beans.factory.Aware, org.springframework.context.MessageSourceAware
@RestController public class ClientRoleController extends AuthExceptionHandler
This class act as a controller to handle the client's role manipulation. List of operations are,
  • Retrieve roles of the clients
  • Add roles to the client
  • Remove roles of the client
.
Version:
$Id: $Id
Author:
Infosys Equinox

  • Field Summary

    Fields inherited from class com.skava.auth.helper.AuthExceptionHandler

    CONST_API_VERSION_DEFAULT, DEFAULT_LIMIT, X_TOTAL_COUNT

    Fields inherited from class org.springframework.web.servlet.mvc.method.annotation.ResponseEntityExceptionHandler

    logger, PAGE_NOT_FOUND_LOG_CATEGORY, pageNotFoundLogger

  • Constructor Summary

    Constructors
    Constructor
    Description
    ClientRoleController()
    Construct ClientRoleController object with members.

  • Method Summary

    Modifier and Type
    Method
    Description
    org.springframework.http.ResponseEntity<Object>
    addRolesToClients(String version, String authToken, long storeId, Long collectionId, List<ClientRolesVO> clientRoles)
    This service is used to add multiple roles to the multiple clients.
    org.springframework.http.ResponseEntity<Object>
    deleteClientRoles(String version, String authToken, long storeId, Long collectionId, Long businessId, String clientId, String locale)
    This service is used to add roles to the client and also validate already existing client's roles.
    org.springframework.http.ResponseEntity<Object>
    getClientRoles(String version, String authToken, long storeId, Long collectionId, Long businessId, String clientId, String locale)
    This service is used to add roles to the client and also validate already existing client's roles.
    org.springframework.http.ResponseEntity<Object>
    getRolesOfClients(String version, String authToken, long storeId, Long collectionId, String filter, String sort, Long businessId, int size, int page)
    This service is used to get all client's and their roles based on given client's identifiers.
    org.springframework.http.ResponseEntity<Object>
    updateClientRoles(String version, String authToken, long storeId, Long collectionId, String clientId, Long businessId, Set<ClientRoleVO> clientRoleAttributes, String locale)
    This service is used to add roles to the client and also validate already existing client's roles.

    Methods inherited from class com.skava.auth.helper.AuthExceptionHandler

    getValidationResponse, handleAccessDeniedException, handleResourceNotFoundException, handleRunTimeException

    Methods inherited from class com.skava.core.errorhandler.ExceptionResponseProcessor

    getExceptionResponse, handleExceptionInternal, handleMethodArgumentNotValid

    Methods inherited from class com.skava.core.security.CommonExceptionHandler

    handleExceptionInternal, handleInternalException

    Methods inherited from class org.springframework.web.servlet.mvc.method.annotation.ResponseEntityExceptionHandler

    createProblemDetail, createResponseEntity, getMessageSource, handleAsyncRequestNotUsableException, handleAsyncRequestTimeoutException, handleConversionNotSupported, handleErrorResponseException, handleException, handleHandlerMethodValidationException, handleHttpMediaTypeNotAcceptable, handleHttpMediaTypeNotSupported, handleHttpMessageNotReadable, handleHttpMessageNotWritable, handleHttpRequestMethodNotSupported, handleMaxUploadSizeExceededException, handleMethodValidationException, handleMissingPathVariable, handleMissingServletRequestParameter, handleMissingServletRequestPart, handleNoHandlerFoundException, handleNoResourceFoundException, handleServletRequestBindingException, handleTypeMismatch, setMessageSource

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

  • Constructor Details

    • ClientRoleController

      public ClientRoleController()
      Construct ClientRoleController object with members.

  • Method Details

    • addRolesToClients

      @PostMapping("/clientRoles") @Audit(action="addRolesToClients", repository="clientRoleRepository") public org.springframework.http.ResponseEntity<Object> addRolesToClients(@RequestHeader(value="x-version",required=false,defaultValue="8.19.7") @AuditField(field="VERSION") String version, @RequestHeader(value="x-auth-token",required=false) @AuditField(field="AUTH_TOKEN") String authToken, @RequestHeader(value="x-store-id",required=false,defaultValue="0") @AuditField(field="STORE_ID") long storeId, @RequestHeader("x-collection-id") @AuditField(field="COLLECTION_ID") Long collectionId, @RequestBody @AuditField(field="CLIENTS_ROLES") List<ClientRolesVO> clientRoles)
      This service is used to add multiple roles to the multiple clients.
      Parameters:
      version - It hold the value of version number of API. Using this parameter we can access the different version of the API. It is currently unused.
      authToken - a String object. This field holds a valid authorization token generated using the Authorization microservice for an client. Auth token (JWT format) represents claims containing roles and privileges of the client accessing this API. JSON Web Token (JWT) is an open standard (RFC 7519) that defines a compact and self-contained way for securely transmitting information between parties as a JSON object. Since the token is a required field for this API it has to be generated before hand by invoking the /auth/sessions API provided by Authorization microservice. The output is three Base64 strings separated by dots that can be easily passed in HTML and HTTP environments, while being more compact when compared to XML-based standards such as SAML. Thus generated token has to be passed to this service and the request will be processed only if the following conditions are met:
      • Token validation against the secret key
      • Expiry time should be in the future
      • Necessary privileges are available for the client to perform the action on the subjected resource
      .
      storeId - Refers to the unique identifier of the store.
      collectionId - a Long object. This field holds a valid collection identifier of this microservice and requested operation will be performed on this collection identifier. Collection is the top most entity of a microservice under which all the other entities/resources reside. Each collection represents an instance of the microservice with configured properties and these properties can be modified to bring in a different behavior per collection of the same microservice. Store association is the process of associating a microservice collection to a store along with its respective sub-entity. This way storefront can fetch/store the required information from that respective association.
      clientRoles - a List of ClientRoleVO objects. This will hold the client identifiers and their new role's identifiers.
      Returns:
      a OutputModel objects.

    • getClientRoles

      @GetMapping("/clients/{clientId}/roles") @Audit(action="getRolesOfClient", repository="clientRoleRepository") public org.springframework.http.ResponseEntity<Object> getClientRoles(@RequestHeader(value="x-version",required=false,defaultValue="8.19.7") @AuditField(field="VERSION") String version, @RequestHeader("x-auth-token") @AuditField(field="AUTH_TOKEN") String authToken, @RequestHeader(value="x-store-id",required=false,defaultValue="0") @AuditField(field="STORE_ID") long storeId, @RequestHeader(value="X-Collection-Id",defaultValue="0") @AuditField(field="COLLECTION_ID") Long collectionId, @RequestParam(value="businessId",required=false) Long businessId, @PathVariable(name="clientId") @AuditField(field="CLIENT_ID") String clientId, @RequestHeader(value="locale",required=false,defaultValue="en_US") @AuditField(field="LOCALE") String locale)
      This service is used to add roles to the client and also validate already existing client's roles. In Authorization client can have any number of roles from different collection. This service only handle direct client and role association.
      Parameters:
      version - It hold the value of version number of API. Using this parameter we can access the different version of the API. It is currently unused.
      authToken - a String object. This field holds a valid authorization token generated using the Authorization microservice for an client. Auth token (JWT format) represents claims containing roles and privileges of the client accessing this API. JSON Web Token (JWT) is an open standard (RFC 7519) that defines a compact and self-contained way for securely transmitting information between parties as a JSON object. Since the token is a required field for this API it has to be generated before hand by invoking the /auth/sessions API provided by Authorization microservice. The output is three Base64 strings separated by dots that can be easily passed in HTML and HTTP environments, while being more compact when compared to XML-based standards such as SAML. Thus generated token has to be passed to this service and the request will be processed only if the following conditions are met:
      • Token validation against the secret key
      • Expiry time should be in the future
      • Necessary privileges are available for the client to perform the action on the subjected resource
      .
      storeId - Refers to the unique identifier of the store.
      collectionId - a Long object. This field holds a valid collection identifier of this microservice and requested operation will be performed on this collection identifier. Collection is the top most entity of a microservice under which all the other entities/resources reside. Each collection represents an instance of the microservice with configured properties and these properties can be modified to bring in a different behavior per collection of the same microservice. Store association is the process of associating a microservice collection to a store along with its respective sub-entity. This way storefront can fetch/store the required information from that respective association.
      businessId - a Long object. Holds a valid business identifier. A Business is typically a customer who has signed up with Infosys Equinox to launch a commerce store or a digital experience. An Infosys Equinox Commerce Instance can have multiple Businesses under which there can be multiple stores - Logical entity which binds all the services together to bring in an storefront experience.
      clientId - a Long object. This field holds a client identifier from the client microservice for client's role manipulation. Client the entity/resource of the client microservice. Each client can have any number of roles.
      locale - a String object. API Response and error messages will be responded in the locale mentioned in this parameter. Locale needs to be mentioned in Java standard locale format.
      Returns:
      a ResponseModel object. Returns response code and response message.

    • getRolesOfClients

      @GetMapping("/clientRoles") @Audit(action="getRolesOfClients", repository="clientRoleRepository") public org.springframework.http.ResponseEntity<Object> getRolesOfClients(@RequestHeader(value="x-version",required=false,defaultValue="8.19.7") @AuditField(field="VERSION") String version, @RequestHeader("x-auth-token") @AuditField(field="AUTH_TOKEN") String authToken, @RequestHeader(value="x-store-id",required=false,defaultValue="0") @AuditField(field="STORE_ID") long storeId, @RequestHeader("x-collection-id") @AuditField(field="COLLECTION_ID") Long collectionId, @RequestParam(value="filter",required=false) @AuditField(field="FILTER") String filter, @RequestParam(value="sort",required=false,defaultValue="clientId,ASC") @AuditField(field="SORT") String sort, @RequestParam(value="businessId",required=false,defaultValue="0") @AuditField(field="BUSINESS_ID") Long businessId, @RequestParam(value="size",required=false,defaultValue="100") @AuditField(field="SIZE") int size, @RequestParam(value="page",required=false,defaultValue="1") @AuditField(field="PAGE") int page)
      This service is used to get all client's and their roles based on given client's identifiers. Client is the entity/resource of the client microservice. Role is the entity of this microservice to hold set of privilege sets. Each client can have any no of roles and Each role can be associated to any no of clients.
      Parameters:
      version - It hold the value of version number of API. Using this parameter we can access the different version of the API. It is currently unused.
      authToken - a String object. This field holds a valid authorization token generated using the Authorization microservice for an client. Auth token (JWT format) represents claims containing roles and privileges of the client accessing this API. JSON Web Token (JWT) is an open standard (RFC 7519) that defines a compact and self-contained way for securely transmitting information between parties as a JSON object. Since the token is a required field for this API it has to be generated before hand by invoking the /auth/sessions API provided by Authorization microservice. The output is three Base64 strings separated by dots that can be easily passed in HTML and HTTP environments, while being more compact when compared to XML-based standards such as SAML. Thus generated token has to be passed to this service and the request will be processed only if the following conditions are met:
      • Token validation against the secret key
      • Expiry time should be in the future
      • Necessary privileges are available for the client to perform the action on the subjected resource
      .
      storeId - Refers to the unique identifier of the store.
      collectionId - a Long object. This field holds a valid collection identifier of this microservice and requested operation will be performed on this collection identifier. Collection is the top most entity of a microservice under which all the other entities/resources reside. Each collection represents an instance of the microservice with configured properties and these properties can be modified to bring in a different behavior per collection of the same microservice. Store association is the process of associating a microservice collection to a store along with its respective sub-entity. This way storefront can fetch/store the required information from that respective association.
      filter - a String object. This field holds the simple query criteria (can be multiple) based on the available fields to limit returned results. Syntax of this parameter is FIELDNAME OP VALUE
      Example 1: field1:value, field2:value
      Example 2: field1>value
      where:
      • FIELDNAME is the entity's attribute name as represented in the response object
      • OP is the operation - Possible values includes
        • LIKE (:) - Loads everything similar (like operation) to the given value.
        • GREATERTHAN (>) - for integer values - loads rows whose column(field) value is greater than the given value
        • LESSTHAN (<) - for integer values - loads rows whose column value is lesser than the given value
      • VALUE is the value against which the operation has to be performed on the field
      Kindly note:
      • filters parameter can have multiple objects.
      • When multiple attributes are used in filter AND behavior is applied.
      businessId - a Long object. Holds a valid business identifier. A Business is typically a customer who has signed up with Infosys Equinox to launch a commerce store or a digital experience. An Infosys Equinox Commerce Instance can have multiple Businesses under which there can be multiple stores - Logical entity which binds all the services together to bring in an storefront experience.
      sort - a String object. It refers to the sort parameter using which the response will be sorted according to the given requirement.For Example,
      id,ASC - Sorts the response in ascending order of the id. id,DESC - Sorts the response in descending order of the id.
      example = id,DESC
      size - a Integer object. The number of records being retrieved on the corresponding result limit specified by limit parameter.
      page - a Integer object. The offset value to be retrieved where the offset of the result must be specified by the offset parameter. First offset starts with value "0".
      Returns:
      a List of ClientRoleVO objects. Returns list of clients and their roles.

    • deleteClientRoles

      @DeleteMapping("/clients/{clientId}/roles") @Audit(action="deleteRolesOfClient", repository="clientRoleRepository") public org.springframework.http.ResponseEntity<Object> deleteClientRoles(@RequestHeader(value="x-version",required=false,defaultValue="8.19.7") @AuditField(field="VERSION") String version, @RequestHeader("x-auth-token") @AuditField(field="AUTH_TOKEN") String authToken, @RequestHeader(value="x-store-id",required=false,defaultValue="0") @AuditField(field="STORE_ID") long storeId, @RequestHeader(value="X-Collection-Id",defaultValue="0") @AuditField(field="COLLECTION_ID") Long collectionId, @RequestParam(value="businessId",required=false) @AuditField(field="BUSINESS_ID") Long businessId, @PathVariable(name="clientId") @AuditField(field="CLIENT_ID") String clientId, @RequestHeader(value="locale",required=false,defaultValue="en_US") @AuditField(field="LOCALE") String locale)
      This service is used to add roles to the client and also validate already existing client's roles. In Authorization client can have any number of roles from different collection. This service only handle direct client and role association.
      Parameters:
      version - It hold the value of version number of API. Using this parameter we can access the different version of the API. It is currently unused.
      authToken - a String object. This field holds a valid authorization token generated using the Authorization microservice for an client. Auth token (JWT format) represents claims containing roles and privileges of the client accessing this API. JSON Web Token (JWT) is an open standard (RFC 7519) that defines a compact and self-contained way for securely transmitting information between parties as a JSON object. Since the token is a required field for this API it has to be generated before hand by invoking the /auth/sessions API provided by Authorization microservice. The output is three Base64 strings separated by dots that can be easily passed in HTML and HTTP environments, while being more compact when compared to XML-based standards such as SAML. Thus generated token has to be passed to this service and the request will be processed only if the following conditions are met:
      • Token validation against the secret key
      • Expiry time should be in the future
      • Necessary privileges are available for the client to perform the action on the subjected resource
      .
      storeId - Refers to the unique identifier of the store.
      collectionId - a Long object. This field holds a valid collection identifier of this microservice and requested operation will be performed on this collection identifier. Collection is the top most entity of a microservice under which all the other entities/resources reside. Each collection represents an instance of the microservice with configured properties and these properties can be modified to bring in a different behavior per collection of the same microservice. Store association is the process of associating a microservice collection to a store along with its respective sub-entity. This way storefront can fetch/store the required information from that respective association.
      businessId - a Long object. Holds a valid business identifier. A Business is typically a customer who has signed up with Infosys Equinox to launch a commerce store or a digital experience. An Infosys Equinox Commerce Instance can have multiple Businesses under which there can be multiple stores - Logical entity which binds all the services together to bring in an storefront experience.
      clientId - a String object. This field holds a client identifier from the client microservice for client's role manipulation. Client the entity/resource of the client microservice. Each client can have any number of roles.
      locale - a String object. API Response and error messages will be responded in the locale mentioned in this parameter. Locale needs to be mentioned in Java standard locale format.
      Returns:
      a ResponseModel object. Returns response code and response message.

    • updateClientRoles

      @PutMapping("/clients/{clientId}/roles") @ResponseStatus(CREATED) @Audit(action="replaceRolesOfClient", repository="clientRoleRepository") public org.springframework.http.ResponseEntity<Object> updateClientRoles(@RequestHeader(value="x-version",required=false,defaultValue="8.19.7") @AuditField(field="VERSION") String version, @RequestHeader("x-auth-token") @AuditField(field="AUTH_TOKEN") String authToken, @RequestHeader(value="x-store-id",required=false,defaultValue="0") @AuditField(field="STORE_ID") long storeId, @RequestHeader(value="X-Collection-Id",defaultValue="0") @AuditField(field="COLLECTION_ID") Long collectionId, @PathVariable(name="clientId") @AuditField(field="CLIENT_ID") String clientId, @RequestParam(value="businessId",required=false) @AuditField(field="BUSINESS_ID") Long businessId, @RequestBody @AuditField(field="CLIENT\'S_ROLES") Set<ClientRoleVO> clientRoleAttributes, @RequestHeader(value="locale",required=false,defaultValue="en_US") @AuditField(field="LOCALE") String locale)
      This service is used to add roles to the client and also validate already existing client's roles. In Authorization client can have any number of roles from different collection. This service only handle direct client and role association.
      Parameters:
      version - It hold the value of version number of API. Using this parameter we can access the different version of the API. It is currently unused.
      authToken - a String object. This field holds a valid authorization token generated using the Authorization microservice for an client. Auth token (JWT format) represents claims containing roles and privileges of the client accessing this API. JSON Web Token (JWT) is an open standard (RFC 7519) that defines a compact and self-contained way for securely transmitting information between parties as a JSON object. Since the token is a required field for this API it has to be generated before hand by invoking the /auth/sessions API provided by Authorization microservice. The output is three Base64 strings separated by dots that can be easily passed in HTML and HTTP environments, while being more compact when compared to XML-based standards such as SAML. Thus generated token has to be passed to this service and the request will be processed only if the following conditions are met:
      • Token validation against the secret key
      • Expiry time should be in the future
      • Necessary privileges are available for the client to perform the action on the subjected resource
      .
      storeId - Refers to the unique identifier of the store.
      collectionId - a Long object. This field holds a valid collection identifier of this microservice and requested operation will be performed on this collection identifier. Collection is the top most entity of a microservice under which all the other entities/resources reside. Each collection represents an instance of the microservice with configured properties and these properties can be modified to bring in a different behavior per collection of the same microservice. Store association is the process of associating a microservice collection to a store along with its respective sub-entity. This way storefront can fetch/store the required information from that respective association.
      clientId - a String object. This field holds a client identifier from the client microservice for ,client's role manipulation. Client the entity/resource of the user microservice. Each client can have any number of roles.
      businessId - a Long object. Holds a valid business identifier. A Business is typically a customer who has signed up with Infosys Equinox to launch a commerce store or a digital experience. An Infosys Equinox Commerce Instance can have multiple Businesses under which there can be multiple stores - Logical entity which binds all the services together to bring in an storefront experience.
      clientRoleAttributes - a List object. This field holds a valid role identifiers of this microservice for role inclusion/exclusion for client. Role is the entity of this microservice to handle set of privilegesets. Each role can have a any number of privilegesets.
      locale - a String object. API Response and error messages will be responded in the locale mentioned in this parameter. Locale needs to be mentioned in Java standard locale format.
      Returns:
      a ResponseModel object. Returns response code and response message.