Untitled

mail@pastecode.io avatar
unknown
plain_text
a year ago
6.8 kB
1
Indexable
Never
package com.ais.pms.controllers;

import com.ais.pms.dtos.BaseResponse;
import com.ais.pms.dtos.users.PermissionFinalDto;
import com.ais.pms.dtos.users.PositionTypeDto;
import com.ais.pms.dtos.users.ServicePermissionFinalDto;
import com.ais.pms.exceptions.PermissionException;
import com.ais.pms.models.ErrorMessage;
import com.ais.pms.models.ServiceType;
import com.ais.pms.utils.JwtUtils;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.web.context.request.RequestAttributes;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;

import javax.servlet.http.HttpServletRequest;
import java.util.List;

public class BaseWebService {
    public static final String HEADER_X_API_KEY = "X-api-key";

    public static final String HEADER_AUTHORIZATION = "Authorization";
    public static final String JWT_PERMISSIONS_NAME = "permissions";
    public static final String JWT_ROLES_NAME = "roles";
    public static final String JWT_COMPANY_ID_NAME = "companyId";
    public static final String PARAM_ID = "id";
    public static final String PARAM_NAME = "name";
    protected String sub;
    protected Integer companyId;

    public <T> ResponseEntity<T> generateOK(T data) {
        return ResponseEntity.ok().body(data);
    }

    public ResponseEntity<BaseResponse<Integer>> generateOK() {
        return ResponseEntity.status(HttpStatus.OK).body(new BaseResponse<>(ErrorMessage.ErrorCode.OK));
    }

    public ResponseEntity<BaseResponse<ErrorMessage>> generateNOK(int httpCode, ErrorMessage errorCode) {
        return ResponseEntity.status(httpCode).body(new BaseResponse<ErrorMessage>(errorCode));
    }

    public <T> ResponseEntity<T> generateNOK(int httpCode, T data) {
        return ResponseEntity.status(httpCode).body(data);
    }

    protected String getUsername() {
        RequestAttributes requestAttributes = RequestContextHolder.getRequestAttributes();
        HttpServletRequest request = ((ServletRequestAttributes) requestAttributes).getRequest();
        String authorizationHeader = request.getHeader(BaseWebService.HEADER_AUTHORIZATION);
        if (authorizationHeader != null && !authorizationHeader.trim().isEmpty()) {
            authorizationHeader = authorizationHeader.trim();
            String jwtToken;
            if (authorizationHeader.startsWith("Bearer "))
                jwtToken = authorizationHeader.substring(7);
            else
                jwtToken = authorizationHeader;
            sub = JwtUtils.getUsernameFromToken(jwtToken, null);
            return sub;
        } else
            throw new PermissionException(ErrorMessage.PERMISSION_DENIED);
    }

    protected List<PermissionFinalDto> getPermissions() {
        RequestAttributes requestAttributes = RequestContextHolder.getRequestAttributes();
        HttpServletRequest request = ((ServletRequestAttributes) requestAttributes).getRequest();
        String authorizationHeader = request.getHeader(BaseWebService.HEADER_AUTHORIZATION);
        if (authorizationHeader != null && !authorizationHeader.trim().isEmpty()) {
            authorizationHeader = authorizationHeader.trim();
            String jwtToken;
            if (authorizationHeader.startsWith("Bearer "))
                jwtToken = authorizationHeader.substring(7);
            else
                jwtToken = authorizationHeader;
            List<ServicePermissionFinalDto> servicePermissions = JwtUtils.getClaimValueListByKey(jwtToken, JWT_PERMISSIONS_NAME, ServicePermissionFinalDto.class);
            if (servicePermissions != null) {
                for (ServicePermissionFinalDto servicePermission : servicePermissions) {
                    if (servicePermission.getService() != null && servicePermission.getService().getId() != null
                            && servicePermission.getService().getId().equals(ServiceType.PROJECT_MANAGEMENT_SERVICE.getId()))
                        return servicePermission.getPermissions();
                }
            }
            return null;
        } else
            throw new PermissionException(ErrorMessage.INVALID_TOKEN);
    }

    protected List<PositionTypeDto> getPositionTypes(){
        RequestAttributes requestAttributes = RequestContextHolder.getRequestAttributes();
        HttpServletRequest request = ((ServletRequestAttributes) requestAttributes).getRequest();
        String authorizationHeader = request.getHeader(BaseWebService.HEADER_AUTHORIZATION);
        if (authorizationHeader != null && !authorizationHeader.trim().isEmpty()) {
            authorizationHeader = authorizationHeader.trim();
            String jwtToken;
            if (authorizationHeader.startsWith("Bearer "))
                jwtToken = authorizationHeader.substring(7);
            else
                jwtToken = authorizationHeader;
            return JwtUtils.getClaimValueListByKey(jwtToken, JWT_ROLES_NAME, PositionTypeDto.class);
        } else
            throw new PermissionException(ErrorMessage.INVALID_TOKEN);
    }

    protected String getServiceName() {
        RequestAttributes requestAttributes = RequestContextHolder.getRequestAttributes();
        HttpServletRequest request = ((ServletRequestAttributes) requestAttributes).getRequest();
        String authorizationHeader = request.getHeader(BaseWebService.HEADER_X_API_KEY);
        if (authorizationHeader != null && !authorizationHeader.trim().isEmpty()) {
            authorizationHeader = authorizationHeader.trim();
            sub = JwtUtils.getUsernameFromToken(authorizationHeader, null);
            return sub;
        } else
            throw new PermissionException(ErrorMessage.PERMISSION_DENIED);
    }

    protected Integer getCompanyId() {
        RequestAttributes requestAttributes = RequestContextHolder.getRequestAttributes();
        HttpServletRequest request = ((ServletRequestAttributes) requestAttributes).getRequest();
        String authorizationHeader = request.getHeader(BaseWebService.HEADER_AUTHORIZATION);
        if (authorizationHeader != null && !authorizationHeader.trim().isEmpty()) {
            authorizationHeader = authorizationHeader.trim();
            String jwtToken;
            if (authorizationHeader.startsWith("Bearer "))
                jwtToken = authorizationHeader.substring(7);
            else
                jwtToken = authorizationHeader;
            companyId = JwtUtils.getClaimValueByKey(jwtToken, JWT_COMPANY_ID_NAME, Integer.class);
            return companyId;
        } else
            throw new PermissionException(ErrorMessage.PERMISSION_DENIED);
    }
}