gcat/src/main/java/org/gcube/gcat/rest/Item.java

package org.gcube.gcat.rest;

import javax.ws.rs.Consumes;
import javax.ws.rs.DELETE;
import javax.ws.rs.DefaultValue;
import javax.ws.rs.GET;
//import javax.ws.rs.NotAuthorizedException;
import javax.ws.rs.POST;
import javax.ws.rs.PUT;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
import javax.ws.rs.QueryParam;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.Response.ResponseBuilder;
import javax.ws.rs.core.Response.Status;
import javax.xml.ws.WebServiceException;

//import org.gcube.common.authorization.control.annotations.AuthorizationControl;
import org.gcube.gcat.annotation.PATCH;
import org.gcube.gcat.annotation.PURGE;
import org.gcube.gcat.api.GCatConstants;
//import org.gcube.gcat.api.moderation.Moderated;
//import org.gcube.gcat.api.roles.Role;
import org.gcube.gcat.persistence.ckan.CKANPackage;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/**
 * @author Luca Frosini (ISTI - CNR)
 */
@Path(Item.ITEMS)
public class Item extends REST<CKANPackage> implements org.gcube.gcat.api.interfaces.Item<Response,Response> {
	
	private final Logger logger = LoggerFactory.getLogger(Item.class);
	
	public static final String ITEM_ID_PARAMETER = "ITEM_ID";
	
	protected String moderationMessage;
	
	public Item() {
		super(ITEMS, ITEM_ID_PARAMETER, CKANPackage.class);
	}
	
	/**
	 * <p>
	 * 	The listing API provides paginated results by using the query parameters limit and offset.<br/>
	 * 	It returns an array list of string containing the ids (i.e. names) of the items.<br/>
	 * 	Each name can be used as <code>{ITEM_ID_PARAMETER}</code> path parameter to manage such item.
	 * </p>
	 * 
	 * <h4>Filtering options</h4>
	 * <p>
	 * 	The listing method offers options to filter the results, thus enacting to search for items including spatial search (see ext_bbox below).<br/>
	 * 	It accepts the following query parameters (a subset of Solr search query parameters, see Solr Query Syntax):
	 * </p>
	 * 
	 * <dl>
	 * 	<dt>q (string)</dt>
	 * 	<dd>
	 * 		<em>Optional</em>.<em>Default:"*:*"</em><br/>
	 * 		The solr query. see Solr Query Syntax<br/>
	 *  	E.g. <code>/items?q=title:foo</code> returns the items with word "foo" in the title.<br/>
	 *  	E.g. <code>/items?q=extras_systemtype:MyProfile</code> returns the items having the profile <em>MyProfile</em> 
	 *  </dd>
	 * 
	 *  <dt>fq (string)</dt>
	 *  <dd>
	 *  	<em>Optional</em>.<em>Default:null</em>.<br/>
	 *  	Filter query. A query string that limits the query results without influencing their scores.<br/>
	 *  	E.g. <code>/items?q=title:foo&fq=notes:bar</code> returns with word "foo" in the 'title' and the word "bar" in the 'notes'.
	 * 	</dd>
	 * 
	 * 	<dt>fq_list (list of strings)</dt>
	 * 	<dd>
	 * 		<em>Optional</em>.<em>Default:null</em>.<br/>
	 * 		Additional filter queries to apply.<br/>
	 * 		E.g. <code>/items?q=title:foo&fq_list=...</code> returns the items with word "foo" in the 'title'.
	 * 	</dd> 
	 * 
	 * 	<dt>sort (string)</dt>
	 * 	<dd>
	 * 		<em>Optional</em>.<em>Default:"relevance asc, metadata_modified desc"</em>.<br/>
	 * 		Sorting of the search results.<br/> 
	 * 		As per the solr documentation, this is a comma-separated string of field names and sort-orderings.<br/>
	 * 		E.g. <code>/items?q=title:foo&sort=name+asc</code> returns the items with word "foo" in the 'title' 
	 * 		sorting the results by name ascending.
	 * 	</dd>
	 * 
	 * 	<dt>include_private (bool)</dt>
	 * 	<dd>
	 * 		<em>Optional</em>.<em>Default:false</em>.<br/>
	 * 		If True, private datasets will be included in the results.<br/>
	 * 		Only private datasets from the user’s organizations will be returned. For the sysadmins will be returned all private datasets. 
	 * 		Optional, the default is False.<br/>
	 * 		E.g. <code>/items?include_private=true</code>
	 * 	</dd>
	 * 
	 * 	<dt>ext_bbox</dt>
	 * 	<dd>
	 * 		<em>Optional</em>.<em>Default:null</em>.<br/>
	 * 		The coordinates of the upper-right and bottom-left angle of a rectangular to query for.
	 * 		The form is <code>Lat,Long,Lat,Long</code><br/>
	 * 		E.g. <code>/items?limit=10&offset=0&q=Pollution&ext_bbox=-7.535093,49.208494,3.890688,57.372349</code> 
	 * 		returns the first 10 items with 'Pollution' having a spatial coverage in the specified bounding box.
	 * 	</dd>
	 * 
	 * 	<dt>own_only  (bool)</dt>
	 * 	<dd>
	 * 		<em>Optional</em>.<em>Default:false</em>.<br/>
	 * 		If True, only the items of the requester user will be included in the result.<br/>
	 * 		E.g. <code>/items?limit=10&offset=0&own_only=true>
	 * 	</dd>
	 * 
	 * 	<dt>all_fields</dt>
	 * 	<dd>
	 * 		<em>Optional</em>.<em>Default:false</em>.
	 * 		If True, the returned array list contains the whole item representation and not only the id (i.e. the name).
	 * 		E.g. <code>/items?limit=10&offset=0&all_fields=true</code>
	 * 	</dd>
	 * 	
	 * </dl>
	 * 
	 * <h4>Moderated Catalogues options</h4>
	 * <dl>
	 * 	<dt>status (enum)</dt>
	 * 	<dd>
	 * 		<em>Optional</em>.<em>Default:null</em>.<br/>
	 * 		It has sense only for moderated catalogs.
	 * 		It can assume the following values: <code>pending</code>; <code>rejected</code>; <code>approved</code>.
	 * 		If null return both approved items and items which have been published before the activation of the moderation.
	 * 	</dd>
	 * </dl>
	 * 
	 * 
	 * @param limit To get unlimited results the limit query parameters must be set to -1. 
	 * 	If the results are too much the operation could fail. 
	 * 	It is recommended to request no more than 1000 results. 
	 * @param offset The offset parameter indicates the starting position of the result.
	 * @param count It indicate that the result must contains only the total number of items of the query.
	 * @return It returns an array list of string containing the ids (i.e. names) of the items.
	 * 	E.g.<pre>["item0","items1",...,"item10"]</pre>
	 * 	
	 * 	In the case the query parameter <code>count=true</code> it returns the total number of items of the query.
	 *  E.g. <pre>{"count":148}</pre>
	 */
	@GET
	@Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
	/* Catalogue-Member is not added to VRE members and is assumed as the default role in the catalogue for the VRE members. So we can't enforce
	 * @AuthorizationControl(allowedRoles={Role.CATALOGUE_MEMBER, Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
	 */
	public String list(@QueryParam(GCatConstants.LIMIT_QUERY_PARAMETER) @DefaultValue("10") int limit,
			@QueryParam(GCatConstants.OFFSET_QUERY_PARAMETER) @DefaultValue("0") int offset, 
			@QueryParam(GCatConstants.COUNT_QUERY_PARAMETER) @DefaultValue("false") Boolean count) {
		if(count) {
			CKANPackage ckan = getInstance();
			int size = ckan.count();
			return createCountJson(size);
		}else {
			return list(limit, offset);
		}
	}
	
	/*
	 * Not used as REST method, implemented to respect {@link org.gcube.gcat.api.interfaces.Item} interface
	 */
	@Override
	public String list(@QueryParam(GCatConstants.LIMIT_QUERY_PARAMETER) @DefaultValue("10") int limit,
			@QueryParam(GCatConstants.OFFSET_QUERY_PARAMETER) @DefaultValue("0") int offset) {
		return super.list(limit, offset);
	}
	
	@POST
	@Consumes(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
	@Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
	@Override
//	@AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
	public Response create(String json) {
		return super.create(json);
	}
	
	@GET
	@Path("/{" + ITEM_ID_PARAMETER + "}")
	@Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
	@Override
	/* Catalogue-Member is not added to VRE members and is assumed as the default role in the catalogue for the VRE members. So we can't enforce
	 * @AuthorizationControl(allowedRoles={Role.CATALOGUE_MEMBER, Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
	 */
	public String read(@PathParam(ITEM_ID_PARAMETER) String id) {
		return super.read(id);
	}
	
	@PUT
	@Path("/{" + ITEM_ID_PARAMETER + "}")
	@Consumes(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
	@Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
	@Override
//	@AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
	public String update(@PathParam(ITEM_ID_PARAMETER) String id, String json) {
		return super.update(id, json);
	}
	
	@PATCH
	@Path("/{" + ITEM_ID_PARAMETER + "}")
	@Consumes(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
	@Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
	@Override
//	@AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
	public String patch(@PathParam(ITEM_ID_PARAMETER) String id, String json) {
		return super.patch(id, json);
	}
	
	@DELETE
	@Path("/{" + ITEM_ID_PARAMETER + "}")
	@Override
//	@AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
	public Response delete(@PathParam(ITEM_ID_PARAMETER) String id,
			@QueryParam(GCatConstants.PURGE_QUERY_PARAMETER) @DefaultValue("false") Boolean purge) {
		return super.delete(id, purge);
	}
	
	@PURGE
	@Path("/{" + ITEM_ID_PARAMETER + "}")
	@Override
//	@AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
	public Response purge(@PathParam(ITEM_ID_PARAMETER) String id) {
		return super.purge(id);
	}
	
	@Override
	public Response delete(String name, boolean purge) throws WebServiceException {
		return delete(name, new Boolean(purge));
	}

	protected void deleteAll(boolean purge) {
		Thread thread = new Thread(new Runnable() {
		    @Override
		    public void run() {
		    	CKANPackage ckan = getInstance();
				String ret = ckan.deleteAll(purge);
				logger.info("Result of delete all is {}", ret);
		    }
		});  
		thread.start();
	}
	
	@DELETE
	@Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
	@Override
//	@AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
	public Response bulkDelete(@QueryParam(GCatConstants.PURGE_QUERY_PARAMETER) @DefaultValue("false") boolean purge) {
		deleteAll(purge);
		return Response.status(Status.ACCEPTED).build();
	}
	
	@PURGE
	@Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
	@Override
//	@AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
	public Response bulkPurge() {
		return bulkDelete(true);
	}
	
	@POST
	@Path("/{" + ITEM_ID_PARAMETER + "}")
	@Consumes(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
	@Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
//	@AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER, Moderated.CATALOGUE_MODERATOR}, exception=NotAuthorizedException.class)
	public Response moderate(@PathParam(ITEM_ID_PARAMETER) String id, String json) {
		setCalledMethod("POST /" + COLLECTION_PARAMETER + "/{" + ID_PARAMETER + "}");
		CKANPackage ckanPackage = getInstance();
		ckanPackage.setName(id);
		String ret = ckanPackage.moderate(json);
		ResponseBuilder responseBuilder = Response.status(Status.ACCEPTED);
		if(ret!=null) {
			responseBuilder.entity(ret).type(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8);
		}
		return responseBuilder.build();
	}

}