Merged WEBAPP-API (5.2.1) to 5.2.N (5.2.1)

135229 jkaabimofrad: APPSREPO-136: Updated the API framework so that WebApiNoAuth annotation can be used with operations. git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/BRANCHES/DEV/5.2.N/root@135565 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
2025-08-14 17:58:59 +00:00 · 2017-03-03 11:41:52 +00:00
parent 7ea9dee0b1
commit c149e56623
6 changed files with 154 additions and 88 deletions
--- a/source/java/org/alfresco/rest/api/PublicApiDeclarativeRegistry.java
+++ b/source/java/org/alfresco/rest/api/PublicApiDeclarativeRegistry.java
@@ -2,7 +2,7 @@
 * #%L
 * Alfresco Remote API
 * %%
- * Copyright (C) 2005 - 2016 Alfresco Software Limited
+ * Copyright (C) 2005 - 2017 Alfresco Software Limited
 * %%
 * This file is part of the Alfresco software. 
 * If the software was purchased under a paid Alfresco license, the terms of 
@@ -23,14 +23,16 @@
 * along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
 * #L%
 */
-package org.alfresco.rest.api;
-
+package org.alfresco.rest.api;
+
 import java.io.IOException;
 import java.io.InputStream;
 import java.io.Serializable;
-import java.util.*;
-
-import org.alfresco.rest.api.authentications.AuthenticationTicketsEntityResource;
+import java.util.HashMap;
+import java.util.Map;
+import java.util.ResourceBundle;
+import java.util.Set;
+
 import org.alfresco.rest.framework.Api;
 import org.alfresco.rest.framework.core.ResourceLocator;
 import org.alfresco.rest.framework.core.ResourceWithMetadata;
@@ -43,24 +45,25 @@ import org.alfresco.rest.framework.resource.actions.interfaces.ResourceAction;
 import org.alfresco.rest.framework.tools.ApiAssistant;
 import org.apache.commons.lang.StringUtils;
 import org.springframework.extensions.webscripts.*;
-import org.springframework.extensions.webscripts.Description.FormatStyle;
-import org.springframework.extensions.webscripts.Description.RequiredAuthentication;
-import org.springframework.extensions.webscripts.Description.RequiredTransaction;
-import org.springframework.extensions.webscripts.Description.TransactionCapability;
+import org.springframework.extensions.webscripts.Description.FormatStyle;
+import org.springframework.extensions.webscripts.Description.RequiredAuthentication;
+import org.springframework.extensions.webscripts.Description.RequiredTransaction;
+import org.springframework.extensions.webscripts.Description.TransactionCapability;
 import org.springframework.http.HttpMethod;
-
+
 /**
 *
 * @author steveglover
 * @author janv
+ * @author Jamal Kaabi-Mofrad
 * @since PublicApi1.0
 */
-public class PublicApiDeclarativeRegistry extends DeclarativeRegistry
-{
-	private WebScript getNetworksWebScript;
-	private WebScript getNetworkWebScript;
-	private Container container;
-
+public class PublicApiDeclarativeRegistry extends DeclarativeRegistry
+{
+    private WebScript getNetworksWebScript;
+    private WebScript getNetworkWebScript;
+    private Container container;
+
    private ResourceLocator locator;

    public void setLocator(ResourceLocator locator)
@@ -68,27 +71,27 @@ public class PublicApiDeclarativeRegistry extends DeclarativeRegistry
        this.locator = locator;
    }

-    public void setGetNetworksWebScript(WebScript getNetworksWebScript)
-    {
-		this.getNetworksWebScript = getNetworksWebScript;
-	}
-
-	public void setGetNetworkWebScript(WebScript getNetworkWebScript)
-	{
-		this.getNetworkWebScript = getNetworkWebScript;
-	}
-
-	public void setContainer(Container container)
-    {
-    	super.setContainer(container);
-        this.container = container;
-    }
-    
-	/* (non-Javadoc)
-     * @see org.alfresco.web.scripts.Registry#findWebScript(java.lang.String, java.lang.String)
-     */
-    public Match findWebScript(String method, String uri)
-    {
+    public void setGetNetworksWebScript(WebScript getNetworksWebScript)
+    {
+        this.getNetworksWebScript = getNetworksWebScript;
+    }
+
+    public void setGetNetworkWebScript(WebScript getNetworkWebScript)
+    {
+        this.getNetworkWebScript = getNetworkWebScript;
+    }
+
+    public void setContainer(Container container)
+    {
+        super.setContainer(container);
+        this.container = container;
+    }
+    
+    /* (non-Javadoc)
+     * @see org.alfresco.web.scripts.Registry#findWebScript(java.lang.String, java.lang.String)
+     */
+    public Match findWebScript(String method, String uri)
+    {
        Match match;

        HttpMethod httpMethod = HttpMethod.valueOf(method);
@@ -189,17 +192,46 @@ public class PublicApiDeclarativeRegistry extends DeclarativeRegistry
        else if (HttpMethod.POST.equals(httpMethod))
        {
            match = super.findWebScript(method, uri);
-            if (match != null && uri.endsWith(AuthenticationTicketsEntityResource.COLLECTION_RESOURCE_NAME))
+            if (match != null)
            {
                ResourceWithMetadata rwm = getResourceWithMetadataOrNull(match.getTemplateVars(), httpMethod);
-                if (rwm != null && AuthenticationTicketsEntityResource.class.equals(rwm.getResource().getClass()))
+                if (rwm != null)
                {
                    Class<? extends ResourceAction> resAction = null;
-                    if (EntityResourceAction.Create.class.isAssignableFrom(rwm.getResource().getClass()))
+                    Boolean noAuth = null;
+                    switch (rwm.getMetaData().getType())
                    {
-                        resAction = EntityResourceAction.Create.class;
+                        case ENTITY:
+                            if (EntityResourceAction.Create.class.isAssignableFrom(rwm.getResource().getClass()))
+                            {
+                                resAction = EntityResourceAction.Create.class;
+                            }
+                            else if (EntityResourceAction.CreateWithResponse.class.isAssignableFrom(rwm.getResource().getClass()))
+                            {
+                                resAction = EntityResourceAction.CreateWithResponse.class;
+                            }
+                            break;
+                        case RELATIONSHIP:
+                            if (RelationshipResourceAction.Create.class.isAssignableFrom(rwm.getResource().getClass()))
+                            {
+                                resAction = RelationshipResourceAction.Create.class;
+                            }
+                            else if (RelationshipResourceAction.CreateWithResponse.class.isAssignableFrom(rwm.getResource().getClass()))
+                            {
+                                resAction = RelationshipResourceAction.CreateWithResponse.class;
+                            }
+                            break;
+                        case OPERATION:
+                            noAuth = rwm.getMetaData().isNoAuth(null);
+                            break;
+                        default:
+                            break;
+                    }
+
+                    if (noAuth == null)
+                    {
+                        noAuth = (resAction != null && rwm.getMetaData().isNoAuth(resAction));
                    }
-                    final boolean noAuth = (resAction != null && rwm.getMetaData().isNoAuth(resAction));
                    if (noAuth)
                    {
                        // override match with noAuth
@@ -224,7 +256,7 @@ public class PublicApiDeclarativeRegistry extends DeclarativeRegistry
    {
        if (templateVars.get("apiName") != null)
        {
-            // NOTE: noAuth currently only exposed for GET or Create Ticket (login)
+            // NOTE: noAuth currently only exposed for GET or POST
            Api api = ApiAssistant.determineApi(templateVars);

            // TODO can we avoid locating resource more than once (or at least provide a common code to determine the GET resourceAction) ?
@@ -435,27 +467,27 @@ public class PublicApiDeclarativeRegistry extends DeclarativeRegistry

        // override match with noAuth
        return new Match(match.getTemplate(), match.getTemplateVars(), match.getPath(), noAuthWebScriptWrapper);
-    }
+    }

-    private void initWebScript(WebScript webScript, String name)
-    {
-    	DescriptionImpl serviceDesc = new DescriptionImpl(name, name, name, name);
-    	serviceDesc.setRequiredAuthentication(RequiredAuthentication.user);
-    	TransactionParameters transactionParameters = new TransactionParameters();
-    	transactionParameters.setRequired(RequiredTransaction.required);
-    	transactionParameters.setCapability(TransactionCapability.readonly);
-    	serviceDesc.setRequiredTransactionParameters(transactionParameters);
-    	serviceDesc.setFormatStyle(FormatStyle.argument);
-    	serviceDesc.setDefaultFormat("json");
-    	serviceDesc.setUris(new String[] { name });
-        webScript.init(container, serviceDesc);
-    }
-
-    public void reset()
-    {
-    	super.reset();
-    	initWebScript(getNetworksWebScript, "networks");
-    	initWebScript(getNetworkWebScript, "network");
-    }
-}
+    private void initWebScript(WebScript webScript, String name)
+    {
+        DescriptionImpl serviceDesc = new DescriptionImpl(name, name, name, name);
+        serviceDesc.setRequiredAuthentication(RequiredAuthentication.user);
+        TransactionParameters transactionParameters = new TransactionParameters();
+        transactionParameters.setRequired(RequiredTransaction.required);
+        transactionParameters.setCapability(TransactionCapability.readonly);
+        serviceDesc.setRequiredTransactionParameters(transactionParameters);
+        serviceDesc.setFormatStyle(FormatStyle.argument);
+        serviceDesc.setDefaultFormat("json");
+        serviceDesc.setUris(new String[] { name });
+        webScript.init(container, serviceDesc);
+    }
+
+    public void reset()
+    {
+        super.reset();
+        initWebScript(getNetworksWebScript, "networks");
+        initWebScript(getNetworkWebScript, "network");
+    }
+}