diff --git a/rest/taskana-rest-spring-example/src/test/java/pro/taskana/rest/TaskControllerIntTest.java b/rest/taskana-rest-spring-example/src/test/java/pro/taskana/rest/TaskControllerIntTest.java index 3ea2af79d..34b75eb22 100644 --- a/rest/taskana-rest-spring-example/src/test/java/pro/taskana/rest/TaskControllerIntTest.java +++ b/rest/taskana-rest-spring-example/src/test/java/pro/taskana/rest/TaskControllerIntTest.java @@ -4,6 +4,7 @@ import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertNotEquals; import static org.junit.Assert.assertNotNull; import static org.junit.Assert.assertTrue; +import static org.junit.Assert.fail; import java.io.BufferedReader; import java.io.BufferedWriter; @@ -27,11 +28,13 @@ import org.springframework.hateoas.hal.Jackson2HalModule; import org.springframework.http.HttpEntity; import org.springframework.http.HttpHeaders; import org.springframework.http.HttpMethod; +import org.springframework.http.HttpStatus; import org.springframework.http.MediaType; import org.springframework.http.ResponseEntity; import org.springframework.http.converter.HttpMessageConverter; import org.springframework.http.converter.json.MappingJackson2HttpMessageConverter; import org.springframework.test.context.junit4.SpringRunner; +import org.springframework.web.client.HttpClientErrorException; import org.springframework.web.client.RestTemplate; import com.fasterxml.jackson.databind.DeserializationFeature; @@ -93,6 +96,25 @@ public class TaskControllerIntTest { .endsWith("/v1/tasks?por.type=VNR&por.value=22334455&sortBy=por.value&order=desc")); } + @Test + public void testThrowsExceptionIfInvalidFilterIsUsed() { + RestTemplate template = getRestTemplate(); + HttpHeaders headers = new HttpHeaders(); + headers.add("Authorization", "Basic dGVhbWxlYWRfMTp0ZWFtbGVhZF8x"); + HttpEntity request = new HttpEntity(headers); + try { + template.exchange( + "http://127.0.0.1:" + port + "/v1/tasks?invalid=VNR", + HttpMethod.GET, request, + new ParameterizedTypeReference>() { + }); + fail(); + } catch (HttpClientErrorException e) { + assertEquals(HttpStatus.BAD_REQUEST, e.getStatusCode()); + assertTrue(e.getResponseBodyAsString().contains("[invalid]")); + } + } + @Test public void testGetLastPageSortedByDue() { RestTemplate template = getRestTemplate(); @@ -100,7 +122,7 @@ public class TaskControllerIntTest { headers.add("Authorization", "Basic YWRtaW46YWRtaW4="); // Role Admin HttpEntity request = new HttpEntity(headers); ResponseEntity> response = template.exchange( - "http://127.0.0.1:" + port + "/v1/tasks?sortBy=por.value&order=desc&page=15&pageSize=5", HttpMethod.GET, + "http://127.0.0.1:" + port + "/v1/tasks?sortBy=por.value&order=desc&page=15&page-size=5", HttpMethod.GET, request, new ParameterizedTypeReference>() { }); @@ -112,7 +134,7 @@ public class TaskControllerIntTest { assertTrue(response.getBody() .getLink(Link.REL_SELF) .getHref() - .endsWith("/v1/tasks?sortBy=por.value&order=desc&page=15&pageSize=5")); + .endsWith("/v1/tasks?sortBy=por.value&order=desc&page=15&page-size=5")); assertNotNull(response.getBody().getLink("allTasks")); assertTrue(response.getBody() .getLink("allTasks") @@ -138,7 +160,7 @@ public class TaskControllerIntTest { assertEquals(23, response.getBody().getContent().size()); response = template.exchange( - "http://127.0.0.1:" + port + "/v1/tasks?sortBy=por.value&order=desc&page=5&pageSize=5", HttpMethod.GET, + "http://127.0.0.1:" + port + "/v1/tasks?sortBy=por.value&order=desc&page=5&page-size=5", HttpMethod.GET, request, new ParameterizedTypeReference>() { }); @@ -150,7 +172,7 @@ public class TaskControllerIntTest { assertTrue(response.getBody() .getLink(Link.REL_SELF) .getHref() - .endsWith("/v1/tasks?sortBy=por.value&order=desc&page=5&pageSize=5")); + .endsWith("/v1/tasks?sortBy=por.value&order=desc&page=5&page-size=5")); assertNotNull(response.getBody().getLink("allTasks")); assertTrue(response.getBody() .getLink("allTasks") @@ -169,7 +191,7 @@ public class TaskControllerIntTest { HttpEntity request = new HttpEntity(headers); ResponseEntity> response = template.exchange( "http://127.0.0.1:" + port - + "/v1/tasks?por.company=00&por.system=PASystem&por.instance=00&por.type=VNR&por.value=22334455&sortBy=por.type&order=asc&page=2&pageSize=5", + + "/v1/tasks?por.company=00&por.system=PASystem&por.instance=00&por.type=VNR&por.value=22334455&sortBy=por.type&order=asc&page=2&page-size=5", HttpMethod.GET, request, new ParameterizedTypeReference>() { @@ -182,7 +204,7 @@ public class TaskControllerIntTest { .getLink(Link.REL_SELF) .getHref() .endsWith( - "/v1/tasks?por.company=00&por.system=PASystem&por.instance=00&por.type=VNR&por.value=22334455&sortBy=por.type&order=asc&page=2&pageSize=5")); + "/v1/tasks?por.company=00&por.system=PASystem&por.instance=00&por.type=VNR&por.value=22334455&sortBy=por.type&order=asc&page=2&page-size=5")); assertNotNull(response.getBody().getLink("allTasks")); assertTrue(response.getBody() .getLink("allTasks") diff --git a/rest/taskana-rest-spring-example/src/test/java/pro/taskana/rest/WorkbasketControllerIntTest.java b/rest/taskana-rest-spring-example/src/test/java/pro/taskana/rest/WorkbasketControllerIntTest.java index 3b22bf543..ad918bb7b 100644 --- a/rest/taskana-rest-spring-example/src/test/java/pro/taskana/rest/WorkbasketControllerIntTest.java +++ b/rest/taskana-rest-spring-example/src/test/java/pro/taskana/rest/WorkbasketControllerIntTest.java @@ -3,6 +3,7 @@ package pro.taskana.rest; import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertNotNull; import static org.junit.Assert.assertTrue; +import static org.junit.Assert.fail; import java.util.Collections; @@ -19,11 +20,13 @@ import org.springframework.hateoas.hal.Jackson2HalModule; import org.springframework.http.HttpEntity; import org.springframework.http.HttpHeaders; import org.springframework.http.HttpMethod; +import org.springframework.http.HttpStatus; import org.springframework.http.MediaType; import org.springframework.http.ResponseEntity; import org.springframework.http.converter.HttpMessageConverter; import org.springframework.http.converter.json.MappingJackson2HttpMessageConverter; import org.springframework.test.context.junit4.SpringRunner; +import org.springframework.web.client.HttpClientErrorException; import org.springframework.web.client.RestTemplate; import com.fasterxml.jackson.databind.DeserializationFeature; @@ -69,6 +72,24 @@ public class WorkbasketControllerIntTest { .endsWith("/v1/workbaskets?type=PERSONAL&sortBy=key&order=desc")); } + @Test + public void testThrowsExceptionIfInvalidFilterIsUsed() { + RestTemplate template = getRestTemplate(); + HttpHeaders headers = new HttpHeaders(); + headers.add("Authorization", "Basic dGVhbWxlYWRfMTp0ZWFtbGVhZF8x"); + HttpEntity request = new HttpEntity(headers); + try { + template.exchange( + "http://127.0.0.1:" + port + "/v1/workbaskets?invalid=PERSONAL", HttpMethod.GET, request, + new ParameterizedTypeReference>() { + }); + fail(); + } catch (HttpClientErrorException e) { + assertEquals(HttpStatus.BAD_REQUEST, e.getStatusCode()); + assertTrue(e.getResponseBodyAsString().contains("[invalid]")); + } + } + @Test public void testGetSecondPageSortedByKey() { RestTemplate template = getRestTemplate(); @@ -76,7 +97,7 @@ public class WorkbasketControllerIntTest { headers.add("Authorization", "Basic dGVhbWxlYWRfMTp0ZWFtbGVhZF8x"); HttpEntity request = new HttpEntity(headers); ResponseEntity> response = template.exchange( - "http://127.0.0.1:" + port + "/v1/workbaskets?sortBy=key&order=desc&page=2&pagesize=5", HttpMethod.GET, + "http://127.0.0.1:" + port + "/v1/workbaskets?sortBy=key&order=desc&page=2&page-size=5", HttpMethod.GET, request, new ParameterizedTypeReference>() { }); @@ -86,7 +107,7 @@ public class WorkbasketControllerIntTest { assertTrue(response.getBody() .getLink(Link.REL_SELF) .getHref() - .endsWith("/v1/workbaskets?sortBy=key&order=desc&page=2&pagesize=5")); + .endsWith("/v1/workbaskets?sortBy=key&order=desc&page=2&page-size=5")); assertNotNull(response.getBody().getLink("allWorkbaskets")); assertTrue(response.getBody() .getLink("allWorkbaskets") diff --git a/rest/taskana-rest-spring/src/main/java/pro/taskana/rest/AbstractPagingController.java b/rest/taskana-rest-spring/src/main/java/pro/taskana/rest/AbstractPagingController.java index a2802f434..dae803857 100644 --- a/rest/taskana-rest-spring/src/main/java/pro/taskana/rest/AbstractPagingController.java +++ b/rest/taskana-rest-spring/src/main/java/pro/taskana/rest/AbstractPagingController.java @@ -1,6 +1,11 @@ package pro.taskana.rest; +import java.util.ArrayList; +import java.util.Arrays; +import java.util.List; + import org.springframework.hateoas.PagedResources.PageMetadata; +import org.springframework.util.MultiValueMap; import pro.taskana.exceptions.InvalidArgumentException; @@ -27,4 +32,17 @@ public abstract class AbstractPagingController { return pageMetadata; } + protected String[] extractCommaSeparatedFields(List list) { + List values = new ArrayList<>(); + list.forEach(item -> values.addAll(Arrays.asList(item.split(",")))); + return values.toArray(new String[0]); + } + + protected void validateNoInvalidParameterIsLeft(MultiValueMap params) + throws InvalidArgumentException { + if (!params.isEmpty()) { + throw new InvalidArgumentException("Invalid parameter specified: " + params.keySet()); + } + } + } diff --git a/rest/taskana-rest-spring/src/main/java/pro/taskana/rest/TaskController.java b/rest/taskana-rest-spring/src/main/java/pro/taskana/rest/TaskController.java index e9692d22c..a94f90ad8 100644 --- a/rest/taskana-rest-spring/src/main/java/pro/taskana/rest/TaskController.java +++ b/rest/taskana-rest-spring/src/main/java/pro/taskana/rest/TaskController.java @@ -1,7 +1,6 @@ package pro.taskana.rest; import java.util.ArrayList; -import java.util.Arrays; import java.util.List; import org.slf4j.Logger; @@ -66,7 +65,6 @@ public class TaskController extends AbstractPagingController { private static final String OWNER = "owner"; private static final String WORKBASKET_ID = "workbasketId"; private static final String CLASSIFICATION_KEY = "classification.key"; - private static final String POR_PREFIX = "por."; private static final String POR_VALUE = "por.value"; private static final String POR_TYPE = "por.type"; private static final String POR_SYSTEM_INSTANCE = "por.instance"; @@ -79,7 +77,7 @@ public class TaskController extends AbstractPagingController { private static final String SORT_DIRECTION = "order"; private static final String PAGING_PAGE = "page"; - private static final String PAGING_PAGE_SIZE = "pageSize"; + private static final String PAGING_PAGE_SIZE = "page-size"; @Autowired private TaskService taskService; @@ -100,6 +98,9 @@ public class TaskController extends AbstractPagingController { List taskSummaries = null; String page = params.getFirst(PAGING_PAGE); String pageSize = params.getFirst(PAGING_PAGE_SIZE); + params.remove(PAGING_PAGE); + params.remove(PAGING_PAGE_SIZE); + validateNoInvalidParameterIsLeft(params); if (page != null && pageSize != null) { // paging long totalElements = query.count(); @@ -202,49 +203,60 @@ public class TaskController extends AbstractPagingController { // apply filters if (params.containsKey(NAME)) { - String[] names = extractCommaSeperatedFields(params.get(NAME)); + String[] names = extractCommaSeparatedFields(params.get(NAME)); taskQuery.nameIn(names); + params.remove(NAME); } if (params.containsKey(PRIORITY)) { - String[] prioritesInString = extractCommaSeperatedFields(params.get(PRIORITY)); + String[] prioritesInString = extractCommaSeparatedFields(params.get(PRIORITY)); int[] priorites = extractPriorities(prioritesInString); taskQuery.priorityIn(priorites); + params.remove(PRIORITY); } if (params.containsKey(STATE)) { TaskState[] states = extractStates(params); taskQuery.stateIn(states); + params.remove(STATE); } if (params.containsKey(CLASSIFICATION_KEY)) { - String[] classificationKeys = extractCommaSeperatedFields(params.get(CLASSIFICATION_KEY)); + String[] classificationKeys = extractCommaSeparatedFields(params.get(CLASSIFICATION_KEY)); taskQuery.classificationKeyIn(classificationKeys); + params.remove(CLASSIFICATION_KEY); } if (params.containsKey(WORKBASKET_ID)) { - String[] workbaskets = extractCommaSeperatedFields(params.get(WORKBASKET_ID)); + String[] workbaskets = extractCommaSeparatedFields(params.get(WORKBASKET_ID)); taskQuery.workbasketIdIn(workbaskets); + params.remove(WORKBASKET_ID); } if (params.containsKey(OWNER)) { - String[] owners = extractCommaSeperatedFields(params.get(OWNER)); + String[] owners = extractCommaSeparatedFields(params.get(OWNER)); taskQuery.ownerIn(owners); + params.remove(OWNER); } if (params.containsKey(POR_COMPANY)) { - String[] companies = extractCommaSeperatedFields(params.get(POR_COMPANY)); + String[] companies = extractCommaSeparatedFields(params.get(POR_COMPANY)); taskQuery.primaryObjectReferenceCompanyIn(companies); + params.remove(POR_COMPANY); } if (params.containsKey(POR_SYSTEM)) { - String[] systems = extractCommaSeperatedFields(params.get(POR_SYSTEM)); + String[] systems = extractCommaSeparatedFields(params.get(POR_SYSTEM)); taskQuery.primaryObjectReferenceSystemIn(systems); + params.remove(POR_SYSTEM); } if (params.containsKey(POR_SYSTEM_INSTANCE)) { - String[] systemInstances = extractCommaSeperatedFields(params.get(POR_SYSTEM_INSTANCE)); + String[] systemInstances = extractCommaSeparatedFields(params.get(POR_SYSTEM_INSTANCE)); taskQuery.primaryObjectReferenceSystemInstanceIn(systemInstances); + params.remove(POR_SYSTEM_INSTANCE); } if (params.containsKey(POR_TYPE)) { - String[] types = extractCommaSeperatedFields(params.get(POR_TYPE)); + String[] types = extractCommaSeparatedFields(params.get(POR_TYPE)); taskQuery.primaryObjectReferenceTypeIn(types); + params.remove(POR_TYPE); } if (params.containsKey(POR_VALUE)) { - String[] values = extractCommaSeperatedFields(params.get(POR_VALUE)); + String[] values = extractCommaSeparatedFields(params.get(POR_VALUE)); taskQuery.primaryObjectReferenceValueIn(values); + params.remove(POR_VALUE); } return taskQuery; } @@ -290,6 +302,8 @@ public class TaskController extends AbstractPagingController { throw new InvalidArgumentException("Unknown filter attribute: " + sortBy); } } + params.remove(SORT_BY); + params.remove(SORT_DIRECTION); return taskQuery; } @@ -301,12 +315,6 @@ public class TaskController extends AbstractPagingController { return priorites; } - private String[] extractCommaSeperatedFields(List list) { - List values = new ArrayList<>(); - list.forEach(item -> values.addAll(Arrays.asList(item.split(",")))); - return values.toArray(new String[0]); - } - private TaskState[] extractStates(MultiValueMap params) throws InvalidArgumentException { List states = new ArrayList<>(); for (String item : params.get(STATE)) { diff --git a/rest/taskana-rest-spring/src/main/java/pro/taskana/rest/WorkbasketController.java b/rest/taskana-rest-spring/src/main/java/pro/taskana/rest/WorkbasketController.java index 51425692a..1ce35ed49 100644 --- a/rest/taskana-rest-spring/src/main/java/pro/taskana/rest/WorkbasketController.java +++ b/rest/taskana-rest-spring/src/main/java/pro/taskana/rest/WorkbasketController.java @@ -1,5 +1,9 @@ package pro.taskana.rest; +import java.util.ArrayList; +import java.util.Arrays; +import java.util.List; + import org.springframework.beans.factory.annotation.Autowired; import org.springframework.hateoas.PagedResources; import org.springframework.hateoas.PagedResources.PageMetadata; @@ -9,6 +13,7 @@ import org.springframework.hateoas.config.EnableHypermediaSupport.HypermediaType import org.springframework.http.HttpStatus; import org.springframework.http.ResponseEntity; import org.springframework.transaction.annotation.Transactional; +import org.springframework.util.MultiValueMap; import org.springframework.web.bind.annotation.DeleteMapping; import org.springframework.web.bind.annotation.GetMapping; import org.springframework.web.bind.annotation.PathVariable; @@ -18,7 +23,8 @@ import org.springframework.web.bind.annotation.RequestBody; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestParam; import org.springframework.web.bind.annotation.RestController; -import pro.taskana.BaseQuery; + +import pro.taskana.BaseQuery.SortDirection; import pro.taskana.Workbasket; import pro.taskana.WorkbasketAccessItem; import pro.taskana.WorkbasketPermission; @@ -43,10 +49,6 @@ import pro.taskana.rest.resource.mapper.WorkbasketAccessItemMapper; import pro.taskana.rest.resource.mapper.WorkbasketMapper; import pro.taskana.rest.resource.mapper.WorkbasketSummaryResourcesAssembler; -import java.util.ArrayList; -import java.util.Arrays; -import java.util.List; - /** * Controller for all {@link Workbasket} related endpoints. */ @@ -57,11 +59,20 @@ public class WorkbasketController extends AbstractPagingController { private static final String LIKE = "%"; private static final String NAME = "name"; + private static final String NAME_LIKE = "nameLike"; private static final String KEY = "key"; - private static final String DESCRIPTION = "description"; + private static final String KEY_LIKE = "keyLike"; private static final String OWNER = "owner"; + private static final String OWNER_LIKE = "ownerLike"; + private static final String DESCRIPTION_LIKE = "descriptionLike"; + private static final String REQUIRED_PERMISSION = "requiredPermission"; private static final String TYPE = "type"; - private static final String DESC = "desc"; + + private static final String SORT_BY = "sortBy"; + private static final String SORT_DIRECTION = "order"; + + private static final String PAGING_PAGE = "page"; + private static final String PAGING_PAGE_SIZE = "page-size"; @Autowired private WorkbasketService workbasketService; @@ -81,27 +92,19 @@ public class WorkbasketController extends AbstractPagingController { @GetMapping @Transactional(readOnly = true, rollbackFor = Exception.class) public ResponseEntity> getWorkbaskets( - @RequestParam(value = "sortBy", defaultValue = "name", required = false) String sortBy, - @RequestParam(value = "order", defaultValue = "asc", required = false) String order, - @RequestParam(value = "name", required = false) String name, - @RequestParam(value = "nameLike", required = false) String nameLike, - @RequestParam(value = "key", required = false) String key, - @RequestParam(value = "keyLike", required = false) String keyLike, - @RequestParam(value = "descLike", required = false) String descLike, - @RequestParam(value = "owner", required = false) String owner, - @RequestParam(value = "ownerLike", required = false) String ownerLike, - @RequestParam(value = "type", required = false) String type, - @RequestParam(value = "requiredPermission", required = false) String requiredPermission, - @RequestParam(value = "page", required = false) String page, - @RequestParam(value = "pagesize", required = false) String pageSize) throws InvalidArgumentException { + @RequestParam MultiValueMap params) throws InvalidArgumentException { WorkbasketQuery query = workbasketService.createWorkbasketQuery(); - addSortingToQuery(query, sortBy, order); - addAttributeFilter(query, name, nameLike, key, keyLike, descLike, owner, ownerLike, type); - addAuthorizationFilter(query, requiredPermission); + query = applySortingParams(query, params); + query = applyFilterParams(query, params); PageMetadata pageMetadata = null; List workbasketSummaries = null; + String page = params.getFirst(PAGING_PAGE); + String pageSize = params.getFirst(PAGING_PAGE_SIZE); + params.remove(PAGING_PAGE); + params.remove(PAGING_PAGE_SIZE); + validateNoInvalidParameterIsLeft(params); if (page != null && pageSize != null) { // paging long totalElements = query.count(); @@ -236,130 +239,74 @@ public class WorkbasketController extends AbstractPagingController { return new ResponseEntity<>(distributionTargetListResource, HttpStatus.OK); } - private void addAuthorizationFilter(WorkbasketQuery query, String requiredPermission) - throws InvalidArgumentException { - if (requiredPermission == null) { - return; - } - - for (String authorization : Arrays.asList(requiredPermission.split(","))) { - switch (authorization.trim()) { - case "READ": - query.callerHasPermission(WorkbasketPermission.READ); + private WorkbasketQuery applySortingParams(WorkbasketQuery query, MultiValueMap params) + throws IllegalArgumentException { + // sorting + String sortBy = params.getFirst(SORT_BY); + if (sortBy != null) { + SortDirection sortDirection; + if (params.getFirst(SORT_DIRECTION) != null && "desc".equals(params.getFirst(SORT_DIRECTION))) { + sortDirection = SortDirection.DESCENDING; + } else { + sortDirection = SortDirection.ASCENDING; + } + switch (sortBy) { + case (NAME): + query = query.orderByName(sortDirection); break; - case "OPEN": - query.callerHasPermission(WorkbasketPermission.OPEN); + case (KEY): + query = query.orderByKey(sortDirection); break; - case "APPEND": - query.callerHasPermission(WorkbasketPermission.APPEND); + case (OWNER): + query = query.orderByOwner(sortDirection); break; - case "TRANSFER": - query.callerHasPermission(WorkbasketPermission.TRANSFER); - break; - case "DISTRIBUTE": - query.callerHasPermission(WorkbasketPermission.DISTRIBUTE); - break; - case "CUSTOM_1": - query.callerHasPermission(WorkbasketPermission.CUSTOM_1); - break; - case "CUSTOM_2": - query.callerHasPermission(WorkbasketPermission.CUSTOM_2); - break; - case "CUSTOM_3": - query.callerHasPermission(WorkbasketPermission.CUSTOM_3); - break; - case "CUSTOM_4": - query.callerHasPermission(WorkbasketPermission.CUSTOM_4); - break; - case "CUSTOM_5": - query.callerHasPermission(WorkbasketPermission.CUSTOM_5); - break; - case "CUSTOM_6": - query.callerHasPermission(WorkbasketPermission.CUSTOM_6); - break; - case "CUSTOM_7": - query.callerHasPermission(WorkbasketPermission.CUSTOM_7); - break; - case "CUSTOM_8": - query.callerHasPermission(WorkbasketPermission.CUSTOM_8); - break; - case "CUSTOM_9": - query.callerHasPermission(WorkbasketPermission.CUSTOM_9); - break; - case "CUSTOM_10": - query.callerHasPermission(WorkbasketPermission.CUSTOM_10); - break; - case "CUSTOM_11": - query.callerHasPermission(WorkbasketPermission.CUSTOM_11); - break; - case "CUSTOM_12": - query.callerHasPermission(WorkbasketPermission.CUSTOM_12); + case (TYPE): + query = query.orderByType(sortDirection); break; default: - throw new InvalidArgumentException("Unknown authorization '" + authorization + "'"); + throw new IllegalArgumentException("Unknown order '" + sortBy + "'"); } } + params.remove(SORT_BY); + params.remove(SORT_DIRECTION); + return query; } - private void addSortingToQuery(WorkbasketQuery query, String sortBy, String order) throws IllegalArgumentException { - BaseQuery.SortDirection sortDirection = getSortDirection(order); - - switch (sortBy) { - case NAME: - query.orderByName(sortDirection); - break; - case KEY: - query.orderByKey(sortDirection); - break; - case DESCRIPTION: - query.orderByDescription(sortDirection); - break; - case OWNER: - query.orderByOwner(sortDirection); - break; - case TYPE: - query.orderByType(sortDirection); - break; - default: - throw new IllegalArgumentException("Unknown order '" + sortBy + "'"); + private WorkbasketQuery applyFilterParams(WorkbasketQuery query, + MultiValueMap params) throws InvalidArgumentException { + if (params.containsKey(NAME)) { + String[] names = extractCommaSeparatedFields(params.get(NAME)); + query.nameIn(names); + params.remove(NAME); } - } - - private BaseQuery.SortDirection getSortDirection(String order) { - if (order.equals(DESC)) { - return BaseQuery.SortDirection.DESCENDING; + if (params.containsKey(NAME_LIKE)) { + query.nameLike(LIKE + params.get(NAME_LIKE) + LIKE); + params.remove(NAME_LIKE); } - return BaseQuery.SortDirection.ASCENDING; - } - - private void addAttributeFilter(WorkbasketQuery query, - String name, String nameLike, - String key, String keyLike, - String descLike, String owner, - String ownerLike, String type) throws InvalidArgumentException { - if (name != null) { - query.nameIn(name); + if (params.containsKey(KEY)) { + String[] names = extractCommaSeparatedFields(params.get(KEY)); + query.keyIn(names); + params.remove(KEY); } - if (nameLike != null) { - query.nameLike(LIKE + nameLike + LIKE); + if (params.containsKey(KEY_LIKE)) { + query.keyLike(LIKE + params.get(KEY_LIKE) + LIKE); + params.remove(KEY_LIKE); } - if (key != null) { - query.keyIn(key); + if (params.containsKey(OWNER)) { + String[] names = extractCommaSeparatedFields(params.get(OWNER)); + query.ownerIn(names); + params.remove(OWNER); } - if (keyLike != null) { - query.keyLike(LIKE + keyLike + LIKE); + if (params.containsKey(OWNER_LIKE)) { + query.ownerLike(LIKE + params.get(OWNER_LIKE) + LIKE); + params.remove(OWNER_LIKE); } - if (owner != null) { - query.ownerIn(owner); + if (params.containsKey(DESCRIPTION_LIKE)) { + query.descriptionLike(LIKE + params.get(DESCRIPTION_LIKE) + LIKE); + params.remove(DESCRIPTION_LIKE); } - if (ownerLike != null) { - query.ownerLike(LIKE + ownerLike + LIKE); - } - if (descLike != null) { - query.descriptionLike(LIKE + descLike + LIKE); - } - if (type != null) { - switch (type) { + if (params.containsKey(TYPE)) { + switch (params.getFirst(TYPE)) { case "PERSONAL": query.typeIn(WorkbasketType.PERSONAL); break; @@ -373,9 +320,71 @@ public class WorkbasketController extends AbstractPagingController { query.typeIn(WorkbasketType.TOPIC); break; default: - throw new InvalidArgumentException("Unknown Workbaskettype '" + type + "'"); + throw new InvalidArgumentException("Unknown Workbaskettype '" + params.getFirst(TYPE) + "'"); } + params.remove(TYPE); } + if (params.containsKey(REQUIRED_PERMISSION)) { + for (String authorization : Arrays.asList(params.getFirst(REQUIRED_PERMISSION).split(","))) { + switch (authorization.trim()) { + case "READ": + query.callerHasPermission(WorkbasketPermission.READ); + break; + case "OPEN": + query.callerHasPermission(WorkbasketPermission.OPEN); + break; + case "APPEND": + query.callerHasPermission(WorkbasketPermission.APPEND); + break; + case "TRANSFER": + query.callerHasPermission(WorkbasketPermission.TRANSFER); + break; + case "DISTRIBUTE": + query.callerHasPermission(WorkbasketPermission.DISTRIBUTE); + break; + case "CUSTOM_1": + query.callerHasPermission(WorkbasketPermission.CUSTOM_1); + break; + case "CUSTOM_2": + query.callerHasPermission(WorkbasketPermission.CUSTOM_2); + break; + case "CUSTOM_3": + query.callerHasPermission(WorkbasketPermission.CUSTOM_3); + break; + case "CUSTOM_4": + query.callerHasPermission(WorkbasketPermission.CUSTOM_4); + break; + case "CUSTOM_5": + query.callerHasPermission(WorkbasketPermission.CUSTOM_5); + break; + case "CUSTOM_6": + query.callerHasPermission(WorkbasketPermission.CUSTOM_6); + break; + case "CUSTOM_7": + query.callerHasPermission(WorkbasketPermission.CUSTOM_7); + break; + case "CUSTOM_8": + query.callerHasPermission(WorkbasketPermission.CUSTOM_8); + break; + case "CUSTOM_9": + query.callerHasPermission(WorkbasketPermission.CUSTOM_9); + break; + case "CUSTOM_10": + query.callerHasPermission(WorkbasketPermission.CUSTOM_10); + break; + case "CUSTOM_11": + query.callerHasPermission(WorkbasketPermission.CUSTOM_11); + break; + case "CUSTOM_12": + query.callerHasPermission(WorkbasketPermission.CUSTOM_12); + break; + default: + throw new InvalidArgumentException("Unknown authorization '" + authorization + "'"); + } + } + params.remove(REQUIRED_PERMISSION); + } + return query; } }