From 7a129fff3d3cc91231d73653f65de9240720b1b8 Mon Sep 17 00:00:00 2001 From: Anatol Sialitski Date: Fri, 27 Sep 2024 18:19:22 +0200 Subject: [PATCH] Implement /admin/widget API #10706 --- .../admin/impl/portal/WidgetApiHandler.java | 218 ++++++++++++++++-- .../impl/portal/WidgetApiHandlerTest.java | 6 +- 2 files changed, 201 insertions(+), 23 deletions(-) diff --git a/modules/admin/admin-impl/src/main/java/com/enonic/xp/admin/impl/portal/WidgetApiHandler.java b/modules/admin/admin-impl/src/main/java/com/enonic/xp/admin/impl/portal/WidgetApiHandler.java index 3d4c6152027..de468319bf6 100644 --- a/modules/admin/admin-impl/src/main/java/com/enonic/xp/admin/impl/portal/WidgetApiHandler.java +++ b/modules/admin/admin-impl/src/main/java/com/enonic/xp/admin/impl/portal/WidgetApiHandler.java @@ -1,12 +1,27 @@ package com.enonic.xp.admin.impl.portal; +import java.util.ArrayList; +import java.util.Collection; +import java.util.Collections; +import java.util.List; +import java.util.Locale; import java.util.Objects; import java.util.regex.Matcher; import java.util.regex.Pattern; +import javax.servlet.http.HttpServletRequest; + import org.osgi.service.component.annotations.Activate; import org.osgi.service.component.annotations.Component; import org.osgi.service.component.annotations.Reference; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import com.fasterxml.jackson.databind.node.ArrayNode; +import com.fasterxml.jackson.databind.node.JsonNodeFactory; +import com.fasterxml.jackson.databind.node.ObjectNode; +import com.google.common.net.MediaType; +import com.google.common.net.UrlEscapers; import com.enonic.xp.admin.tool.AdminToolDescriptor; import com.enonic.xp.admin.tool.AdminToolDescriptorService; @@ -14,22 +29,34 @@ import com.enonic.xp.admin.widget.WidgetDescriptorService; import com.enonic.xp.app.ApplicationKey; import com.enonic.xp.context.ContextAccessor; +import com.enonic.xp.descriptor.Descriptors; +import com.enonic.xp.i18n.LocaleService; +import com.enonic.xp.i18n.MessageBundle; import com.enonic.xp.page.DescriptorKey; import com.enonic.xp.portal.PortalRequest; import com.enonic.xp.portal.controller.ControllerScriptFactory; +import com.enonic.xp.portal.url.ApiUrlParams; +import com.enonic.xp.portal.url.PortalUrlService; +import com.enonic.xp.portal.url.UrlTypeConstants; import com.enonic.xp.resource.ResourceKey; import com.enonic.xp.security.PrincipalKeys; import com.enonic.xp.web.WebException; import com.enonic.xp.web.WebRequest; import com.enonic.xp.web.WebResponse; +import com.enonic.xp.web.servlet.ServletRequestHolder; import com.enonic.xp.web.universalapi.UniversalApiHandler; +import static com.google.common.base.Strings.isNullOrEmpty; + @Component(immediate = true, service = UniversalApiHandler.class, property = {"applicationKey=admin", "apiKey=widget", "allowedPrincipals=role:system.admin.login", "allowedPrincipals=role:system.admin"}) public class WidgetApiHandler implements UniversalApiHandler { + private static final Logger LOG = LoggerFactory.getLogger( WidgetApiHandler.class ); + private static final Pattern WIDGET_API_PATTERN = Pattern.compile( "^/(_|api)/admin/widget/(?[^/]+)/(?[^/]+)" ); + private static final Pattern LIST_WIDGETS_API_PATTERN = Pattern.compile( "^/(_|api)/admin/widget/?$" ); private static final Pattern TOOL_PREFIX_PATTERN = Pattern.compile( "^/admin/(?[^/]+)/(?[^/]+)" ); @@ -41,49 +68,140 @@ public class WidgetApiHandler private final AdminToolDescriptorService adminToolDescriptorService; + private final LocaleService localeService; + + private final PortalUrlService portalUrlService; + @Activate public WidgetApiHandler( @Reference final ControllerScriptFactory controllerScriptFactory, @Reference final WidgetDescriptorService widgetDescriptorService, - @Reference final AdminToolDescriptorService adminToolDescriptorService ) + @Reference final AdminToolDescriptorService adminToolDescriptorService, + @Reference final LocaleService localeService, + @Reference final PortalUrlService portalUrlService) { this.controllerScriptFactory = controllerScriptFactory; this.widgetDescriptorService = widgetDescriptorService; this.adminToolDescriptorService = adminToolDescriptorService; + this.localeService = localeService; + this.portalUrlService = portalUrlService; } @Override public WebResponse handle( final WebRequest webRequest ) { final String path = Objects.requireNonNullElse( webRequest.getEndpointPath(), webRequest.getRawPath() ); - final Matcher matcher = WIDGET_API_PATTERN.matcher( path ); - if ( !matcher.find() ) - { - throw new IllegalArgumentException( "Invalid Widget API path: " + path ); - } - final DescriptorKey descriptorKey = - DescriptorKey.from( resolveApplicationKey( matcher.group( "appKey" ) ), matcher.group( "widgetKey" ) ); + Matcher matcher = LIST_WIDGETS_API_PATTERN.matcher( path ); - final WidgetDescriptor widgetDescriptor = widgetDescriptorService.getByKey( descriptorKey ); - if ( widgetDescriptor == null ) + if ( matcher.matches() ) { - throw WebException.notFound( String.format( "Widget [%s] not found", descriptorKey ) ); - } +// /api/admin/widget?appKey=app&widgetName=widgetName&icon +// /api/admin/widget?&widgetInterfaces=i1&widgetInterfaces=i2 + final Collection values = webRequest.getParams().get( "widgetInterfaces" ); + final Descriptors widgetDescriptors = + widgetDescriptorService.getAllowedByInterfaces( values.toArray( new String[0] ) ); - final PrincipalKeys principals = ContextAccessor.current().getAuthInfo().getPrincipals(); - if ( !widgetDescriptor.isAccessAllowed( principals ) ) - { - throw WebException.forbidden( String.format( "You don't have permission to access [%s]", descriptorKey ) ); + final List result = new ArrayList<>(); + if ( widgetDescriptors.isNotEmpty() ) + { + final String widgetBaseUrl = portalUrlService.apiUrl( new ApiUrlParams().portalRequest( new PortalRequest( webRequest ) ) + .application( "admin" ) + .api( "widget" ) + .type( UrlTypeConstants.ABSOLUTE ) ); + + widgetDescriptors.forEach( widgetDescriptor -> { + + final ObjectNode json = JsonNodeFactory.instance.objectNode(); + + json.put( "key", widgetDescriptor.getKeyString() ); + json.put( "displayName", widgetDescriptor.getDisplayName() ); + json.put( "description", widgetDescriptor.getDescription() ); + + if ( widgetDescriptor.getIcon() != null ) + { + final StringBuilder iconUrl = new StringBuilder( widgetBaseUrl ); + + iconUrl.append( "?" ); + appendParam( iconUrl, "app", widgetDescriptor.getApplicationKey().toString() ); + iconUrl.append( "&" ); + appendParam( iconUrl, "widget", widgetDescriptor.getName() ); + iconUrl.append( "&" ); + appendParam( iconUrl, "hash", "hash" ); + iconUrl.append( "&" ); + appendParam( iconUrl, "icon", null ); + + json.put( "iconUrl", iconUrl.toString() ); + } + + json.put( "url", + widgetBaseUrl + "/" + widgetDescriptor.getApplicationKey().toString() + "/" + widgetDescriptor.getName() ); + + if ( !isNullOrEmpty( widgetDescriptor.getDisplayNameI18nKey() ) || + !isNullOrEmpty( widgetDescriptor.getDescriptionI18nKey() ) ) + { + final MessageBundle bundle = + localeService.getBundle( widgetDescriptor.getApplicationKey(), getLocale( widgetDescriptor.getApplicationKey() ) ); + + addLocalizedJson( json, bundle, "displayName", widgetDescriptor.getDisplayNameI18nKey(), + widgetDescriptor.getDisplayName() ); + addLocalizedJson( json, bundle, "description", widgetDescriptor.getDescriptionI18nKey(), + widgetDescriptor.getDescription() ); + } + + if ( widgetDescriptor.getConfig() != null ) + { + final ObjectNode config = JsonNodeFactory.instance.objectNode(); + widgetDescriptor.getConfig().forEach( config::put ); + + json.set( "config", config ); + } + + if ( widgetDescriptor.getInterfaces() != null ) + { + final ArrayNode interfaces = JsonNodeFactory.instance.arrayNode(); + widgetDescriptor.getInterfaces().forEach( interfaces::add ); + json.set( "interfaces", interfaces ); + } + result.add( json ); + } ); + } + + return WebResponse.create().contentType( MediaType.JSON_UTF_8 ).body( result ).build(); } + else + { + matcher = WIDGET_API_PATTERN.matcher( path ); + + if ( !matcher.find() ) + { + throw new IllegalArgumentException( "Invalid Widget API path: " + path ); + } + + final DescriptorKey descriptorKey = + DescriptorKey.from( resolveApplicationKey( matcher.group( "appKey" ) ), matcher.group( "widgetKey" ) ); + + final WidgetDescriptor widgetDescriptor = widgetDescriptorService.getByKey( descriptorKey ); + if ( widgetDescriptor == null ) + { + throw WebException.notFound( String.format( "Widget [%s] not found", descriptorKey ) ); + } + + final PrincipalKeys principals = ContextAccessor.current().getAuthInfo().getPrincipals(); + if ( !widgetDescriptor.isAccessAllowed( principals ) ) + { + throw WebException.forbidden( String.format( "You don't have permission to access [%s]", descriptorKey ) ); + } - verifyMounts( widgetDescriptor, webRequest ); + verifyMounts( widgetDescriptor, webRequest ); - final PortalRequest portalRequest = createPortalRequest( webRequest, descriptorKey ); + final PortalRequest portalRequest = createPortalRequest( webRequest, descriptorKey ); - final ResourceKey script = ResourceKey.from( descriptorKey.getApplicationKey(), - "admin/widgets/" + descriptorKey.getName() + "/" + descriptorKey.getName() + ".js" ); + final ResourceKey script = ResourceKey.from( descriptorKey.getApplicationKey(), + "admin/widgets/" + descriptorKey.getName() + "/" + descriptorKey.getName() + + ".js" ); - return controllerScriptFactory.fromScript( script ).execute( portalRequest ); + return controllerScriptFactory.fromScript( script ).execute( portalRequest ); + } } private void verifyMounts( final WidgetDescriptor widgetDescriptor, final WebRequest webRequest ) @@ -127,4 +245,62 @@ private ApplicationKey resolveApplicationKey( final String value ) throw new IllegalArgumentException( "Invalid application key: " + value, e ); } } + + private void addLocalizedJson( ObjectNode json, MessageBundle bundle, String fieldName, String i18nKey, String value ) + { + if ( !isNullOrEmpty( i18nKey ) ) + { + json.put( fieldName, localizeMessage( bundle, i18nKey, value ) ); + } + } + + private String localizeMessage( final MessageBundle bundle, final String key, final String defaultValue ) + { + if ( bundle == null ) + { + return defaultValue; + } + if ( key == null ) + { + return defaultValue; + } + + final String localizedValue; + try + { + localizedValue = bundle.localize( key ); + } + catch ( IllegalArgumentException e ) + { + LOG.error( "Error on localization of message with key [{}].", key, e ); + return bundle.getMessage( key ); + } + + return localizedValue != null ? localizedValue : defaultValue; + } + + private void appendParam( final StringBuilder url, final String name, final String value ) + { + url.append( urlEncode( name ) ); + if ( value != null ) + { + url.append( "=" ).append( urlEncode( value ) ); + } + } + + private String urlEncode( final String value ) + { + return UrlEscapers.urlFormParameterEscaper().escape( value ); + } + + private Locale getLocale( final ApplicationKey applicationKey ) + { + final HttpServletRequest req = ServletRequestHolder.getRequest(); + if ( req == null ) + { + return null; + } + + return localeService.getSupportedLocale( Collections.list( req.getLocales() ), applicationKey ); + } } diff --git a/modules/admin/admin-impl/src/test/java/com/enonic/xp/admin/impl/portal/WidgetApiHandlerTest.java b/modules/admin/admin-impl/src/test/java/com/enonic/xp/admin/impl/portal/WidgetApiHandlerTest.java index dd2e36590aa..6541ff2844d 100644 --- a/modules/admin/admin-impl/src/test/java/com/enonic/xp/admin/impl/portal/WidgetApiHandlerTest.java +++ b/modules/admin/admin-impl/src/test/java/com/enonic/xp/admin/impl/portal/WidgetApiHandlerTest.java @@ -47,7 +47,8 @@ public void setUp() this.widgetDescriptorService = mock( WidgetDescriptorService.class ); this.adminToolDescriptorService = mock( AdminToolDescriptorService.class ); - this.handler = new WidgetApiHandler( this.controllerScriptFactory, this.widgetDescriptorService, this.adminToolDescriptorService ); + this.handler = + new WidgetApiHandler( this.controllerScriptFactory, this.widgetDescriptorService, this.adminToolDescriptorService, null, null ); } @@ -80,7 +81,8 @@ void testInvalidApplicationKey() @Test void testNoWidgetDescriptor() { - when( widgetDescriptorService.getByKey( eq( DescriptorKey.from( ApplicationKey.from( "app" ), "widgetName" ) ) ) ).thenReturn( null ); + when( widgetDescriptorService.getByKey( eq( DescriptorKey.from( ApplicationKey.from( "app" ), "widgetName" ) ) ) ).thenReturn( + null ); final WebRequest webRequest = mock( WebRequest.class ); when( webRequest.getMethod() ).thenReturn( HttpMethod.GET );