CropsController.java

/*
 * Copyright 2018 Global Crop Diversity Trust
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *   http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

package org.genesys.server.api.v1;

import java.util.List;
import java.util.Locale;
import java.util.concurrent.ExecutionException;
import java.util.concurrent.TimeUnit;

import org.genesys.blocks.model.JsonViews;
import org.genesys.blocks.security.serialization.Permissions;
import org.genesys.filerepository.InvalidRepositoryPathException;
import org.genesys.server.api.ApiBaseController;
import org.genesys.server.api.ModelValidationException;
import org.genesys.server.api.v1.facade.CropApiService;
import org.genesys.server.api.v1.mapper.APIv1Mapper;
import org.genesys.server.api.v1.model.Article;
import org.genesys.server.api.v1.model.Crop;
import org.genesys.server.api.v1.model.CropDetails;
import org.genesys.server.exception.NotFoundElement;
import org.genesys.server.service.CRMException;
import org.genesys.spring.CSVMessageConverter;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.i18n.LocaleContextHolder;
import org.springframework.core.task.TaskExecutor;
import org.springframework.http.CacheControl;
import org.springframework.http.MediaType;
import org.springframework.http.ResponseEntity;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RestController;

import com.fasterxml.jackson.annotation.JsonIgnoreType;
import com.fasterxml.jackson.annotation.JsonView;
import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.DeserializationFeature;
import com.fasterxml.jackson.databind.MapperFeature;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.fasterxml.jackson.databind.SerializationFeature;
import com.fasterxml.jackson.databind.json.JsonMapper;
import com.fasterxml.jackson.datatype.hibernate5.Hibernate5Module;
import com.fasterxml.jackson.datatype.hibernate5.Hibernate5Module.Feature;
import com.fasterxml.jackson.datatype.jsr310.JavaTimeModule;

import io.swagger.annotations.Api;
import net.sf.oval.ConstraintViolation;
import net.sf.oval.Validator;

@RestController("cropApi1")
@RequestMapping(value = { CropsController.CONTROLLER_URL })
@Api(tags = { "crop" })
public class CropsController extends ApiBaseController {

	public static final String CONTROLLER_URL = ApiBaseController.APIv1_BASE + "/crops";

	@Autowired
	private CropApiService cropApiService;

	@Autowired
	private TaskExecutor taskExecutor;

	private static ObjectMapper noPermissionsMapper;

	@JsonIgnoreType
	public static final class MixinIgnoreType {}

	static {
		var noPermissionsBuilder = JsonMapper.builder();
		Hibernate5Module hibernateModule = new Hibernate5Module();
		hibernateModule.disable(Feature.FORCE_LAZY_LOADING);
		hibernateModule.disable(Feature.SERIALIZE_IDENTIFIER_FOR_LAZY_NOT_LOADED_OBJECTS);
		noPermissionsBuilder.addModule(hibernateModule);

		// JSR310 java.time
		var javaTimeModule = new JavaTimeModule();
		noPermissionsBuilder.addModule(javaTimeModule);

		// serialization
		noPermissionsBuilder.disable(SerializationFeature.EAGER_SERIALIZER_FETCH);
		// deserialization
		noPermissionsBuilder.enable(DeserializationFeature.ACCEPT_EMPTY_STRING_AS_NULL_OBJECT);
		// // Never ignore stuff we don't understand
		// mapper.enable(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES);
		// ignore stuff we don't understand
		noPermissionsBuilder.disable(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES);
		// explicit JSON views: every fields needs to be annotated, therefore enabled
		noPermissionsBuilder.enable(MapperFeature.DEFAULT_VIEW_INCLUSION);
		// enable upgrading to arrays
		noPermissionsBuilder.enable(DeserializationFeature.ACCEPT_SINGLE_VALUE_AS_ARRAY);

		// Don't do permission checks
		noPermissionsBuilder.addMixIn(Permissions.class, MixinIgnoreType.class);

		// Build
		noPermissionsMapper = noPermissionsBuilder.build();
	}

	/**
	 * List of Crop details
	 *
	 * @return list of crop details
	 * @throws JsonProcessingException 
	 * @throws ExecutionException 
	 */
	@GetMapping(value = "")
	public ResponseEntity<String> listCropDetails() throws JsonProcessingException, ExecutionException {
		LOG.info("Listing crop details");
		var crops = cropApiService.listDetails();
		LOG.debug("Got crops");
		String json = noPermissionsMapper.writeValueAsString(crops);
		LOG.debug("Serialized to JSON");
		return ResponseEntity.ok().cacheControl(CacheControl.maxAge(5, TimeUnit.MINUTES)).body(json);
	}

	/**
	 * List all crops
	 *
	 * @return list of crops
	 */
	@GetMapping(value = "/list", produces = { MediaType.APPLICATION_JSON_VALUE, CSVMessageConverter.TEXT_CSV_VALUE })
	public ResponseEntity<List<Crop>> listCrops() {
		LOG.info("Listing crops");
		return ResponseEntity.ok().cacheControl(CacheControl.maxAge(1, TimeUnit.MINUTES)).body(cropApiService.list(LocaleContextHolder.getLocale()));
	}

	/**
	 * Add a crop
	 *
	 * @return saved crop
	 */
	@PreAuthorize("hasRole('ADMINISTRATOR')")
	@RequestMapping(value = { "/save" }, method = { RequestMethod.PUT, RequestMethod.POST }, produces = { MediaType.APPLICATION_JSON_VALUE })
	public Crop saveCrop(@RequestBody Crop cropJson) {
		LOG.info("Creating crop");
		final Validator validator = new Validator();
		final List<ConstraintViolation> violations = validator.validate(cropJson);
		if (violations.size() > 0) {
			throw new ModelValidationException("Crop does not validate", violations);
		}
		Crop crop = cropApiService.getCrop(cropJson.getShortName());

		if (crop == null) {
			crop = cropApiService.create(cropJson);
		} else {
			crop = cropApiService.update(cropJson);
		}

		return crop;
	}

	/**
	 * Update crop blurb /crops/{shortName}/blurb
	 *
	 * @return updated article
	 * @throws CRMException
	 */
	@PostMapping(value = "/{shortName}/blurb", produces = { MediaType.APPLICATION_JSON_VALUE })
	public Article updateBlurb(@PathVariable("shortName") String shortName, @RequestBody Article article) throws CRMException {
		Crop crop = cropApiService.getCrop(shortName);
		Locale locale = new Locale(article.getLang());

		return cropApiService.updateBlurb(crop, article.getTitle(), article.getSummary(), article.getBody(), locale);
	}

	/**
	 * Get crop /crops/{shortName}
	 *
	 * @return
	 */
	@RequestMapping(value = "/{shortName}", method = RequestMethod.GET, produces = { MediaType.APPLICATION_JSON_VALUE })
	public Crop getCrop(@PathVariable("shortName") String shortName) {
		LOG.info("Getting crop {}", shortName);
		return cropApiService.getCrop(shortName);
	}

	/**
	 * Get crop details /crops/{shortName}/details
	 *
	 * @throws InvalidRepositoryPathException
	 */
	@JsonView(JsonViews.Root.class)
	@RequestMapping(value = "/{shortName}/details", method = RequestMethod.GET, produces = { MediaType.APPLICATION_JSON_VALUE })
	public CropDetails getCropDetails(@PathVariable("shortName") String shortName) throws InvalidRepositoryPathException {
		LOG.info("Getting crop details {}", shortName);
		return cropApiService.getDetails(shortName, LocaleContextHolder.getLocale());
	}

	/**
	 * Delete crop /crops/{shortName}
	 * 
	 * @return
	 */
	@PreAuthorize("hasRole('ADMINISTRATOR')")
	@RequestMapping(value = "/{shortName}", method = RequestMethod.DELETE, produces = { MediaType.APPLICATION_JSON_VALUE })
	public Crop deleteCrop(@PathVariable("shortName") String shortName) {
		LOG.info("Getting crop {}", shortName);
		return cropApiService.remove(cropApiService.getCrop(shortName));
	}

	/**
	 * Link accession#cropName with crop
	 * 
	 * @return
	 */
	@PreAuthorize("hasRole('ADMINISTRATOR')")
	@RequestMapping(value = "{shortName}/relink", params= { "accessions" }, method = RequestMethod.POST, produces = { MediaType.APPLICATION_JSON_VALUE })
	public void relinkAccessions(@PathVariable("shortName") String shortName) {
		LOG.info("Linking accessions to crop {}", shortName);
		final Crop crop = cropApiService.getCrop(shortName);
		if (crop == null)
			throw new NotFoundElement("No crop " + shortName);

		taskExecutor.execute(() -> {
			cropApiService.unlinkAccessionsForCrop(crop);
			cropApiService.linkAccessionsWithCrop(crop);
		});
	}

}