UserControllerAdvice.java

/*
 * Copyright 2017 Global Crop Diversity Trust
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *   http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 **/

package org.genesys.server.mvc;

import java.util.HashMap;
import java.util.List;
import java.util.Map;

import javax.servlet.http.HttpServletRequest;

import org.genesys.filerepository.NoSuchRepositoryFileException;
import org.genesys.server.exception.InvalidApiUsageException;
import org.genesys.server.exception.MaxPageLimitException;
import org.genesys.server.exception.NotFoundElement;
import org.springframework.core.task.TaskRejectedException;
import org.springframework.http.HttpStatus;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.firewall.RequestRejectedException;
import org.springframework.validation.Errors;
import org.springframework.validation.FieldError;
import org.springframework.validation.ObjectError;
import org.springframework.web.HttpRequestMethodNotSupportedException;
import org.springframework.web.bind.MethodArgumentNotValidException;
import org.springframework.web.bind.annotation.ControllerAdvice;
import org.springframework.web.bind.annotation.ExceptionHandler;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.bind.annotation.ResponseStatus;
import org.springframework.web.method.annotation.MethodArgumentTypeMismatchException;
import org.springframework.web.servlet.ModelAndView;
import org.springframework.web.servlet.NoHandlerFoundException;

import com.fasterxml.jackson.core.JsonProcessingException;

import io.swagger.v3.oas.annotations.Hidden;

@Hidden
@ControllerAdvice(basePackages = { "org.genesys.server.mvc" })
public class UserControllerAdvice extends BaseController {

	@ResponseStatus(code = HttpStatus.FORBIDDEN)
	@ExceptionHandler(value = { AccessDeniedException.class })
	public ModelAndView handleAccessDeniedException(final AccessDeniedException e) {
		final ModelAndView mav = new ModelAndView("/errors/error");
		mav.addObject("exception", e);
		return mav;
	}

	@ResponseStatus(HttpStatus.NOT_FOUND)
	@ExceptionHandler(value = { NoHandlerFoundException.class, NotFoundElement.class, NoSuchRepositoryFileException.class })
	public ModelAndView handleResourceNotFoundException(final Exception e) {
		final ModelAndView mav = new ModelAndView("/errors/error");
		mav.addObject("exception", e);
		return mav;
	}

	@ResponseStatus(HttpStatus.UNAUTHORIZED)
	@ExceptionHandler(value = { AuthenticationException.class })
	@ResponseBody
	public String handleAuthenticationException(final AuthenticationException e) {
		return simpleExceptionHandler(e);
	}

	@ResponseStatus(HttpStatus.METHOD_NOT_ALLOWED)
	@ExceptionHandler(value = { HttpRequestMethodNotSupportedException.class })
	public ModelAndView handleRequestMethodFail(final HttpServletRequest req, final HttpRequestMethodNotSupportedException e) {
		LOG.error("Request method {} not supported for URL {}", e.getMethod(), req.getRequestURL());
		final ModelAndView mav = new ModelAndView("/errors/error");
		mav.addObject("exception", e);
		return mav;
	}

	@ResponseStatus(HttpStatus.BAD_REQUEST)
	@ExceptionHandler(value = { MaxPageLimitException.class, InvalidApiUsageException.class, RequestRejectedException.class, IllegalArgumentException.class })
	public ModelAndView handleMaxPageLimitException(final Throwable e, final HttpServletRequest request) {
		LOG.warn("Bad request {} {}: {}", request.getMethod(), request.getRequestURL(), e.getMessage());
		final ModelAndView mav = new ModelAndView("/errors/error");
		mav.addObject("exception", e);
		return mav;
	}

	@ResponseStatus(HttpStatus.BAD_REQUEST)
	@ExceptionHandler(value = { JsonProcessingException.class })
	public ModelAndView handleJsonParseExceptions(final JsonProcessingException e, final HttpServletRequest request) {
		LOG.warn("JSON processing error {} {}: {}", request.getMethod(), request.getRequestURL(), e.getMessage());
		final ModelAndView mav = new ModelAndView("/errors/error");
		mav.addObject("exception", e);
		return mav;
	}

	@ResponseStatus(HttpStatus.INTERNAL_SERVER_ERROR)
	@ExceptionHandler(value = { Throwable.class })
	public ModelAndView handleAll(final HttpServletRequest req, final Throwable e) {
		LOG.error("{} on {} {}", e.getMessage(), req.getMethod(), req.getRequestURL(), e);
		final ModelAndView mav = new ModelAndView("/errors/error");
		mav.addObject("exception", e);
		return mav;
	}

	@ResponseStatus(HttpStatus.TOO_MANY_REQUESTS)
	@ExceptionHandler(value = { TaskRejectedException.class })
	public ModelAndView handleExecutorTaskRejected(final HttpServletRequest req, final Throwable e) {
		LOG.error("{} on {} {}", e.getMessage(), req.getMethod(), req.getRequestURL());
		final ModelAndView mav = new ModelAndView("/errors/error");
		mav.addObject("exception", e);
		return mav;
	}

	// do not pass validation
	@ResponseStatus(HttpStatus.BAD_REQUEST)
	@ExceptionHandler(value = { MethodArgumentNotValidException.class, MethodArgumentTypeMismatchException.class })
	@ResponseBody
	public Object handleMethodArgumentNotValidException(final MethodArgumentNotValidException e, final HttpServletRequest request) {
		LOG.error("Argument not valid for {} {}: {}", request.getMethod(), request.getRequestURL(), e.getMessage());
		return transformErrors(e.getBindingResult());
	}

	private Map<String, String> transformErrors(final Errors errors) {
		final Map<String, String> errorsMap = new HashMap<>();

		final List<ObjectError> allErrors = errors.getAllErrors();

		// todo probably handle and values
		for (final ObjectError error : allErrors) {
			final String objectName = error instanceof FieldError ? ((FieldError) error).getField() : error.getObjectName();
			errorsMap.put(objectName, messageSource.getMessage(error.getDefaultMessage(), new Object[] { objectName }, getLocale()));
		}

		return errorsMap;
	}
}