fix(rest): Add license information linking for project releases.

Signed-off-by: Nikesh kumar <[email protected]>

rest/resource-server/src/main/java/org/eclipse/sw360/rest/resourceserver/project/ProjectController.java

@@ -112,6 +112,7 @@
 import org.eclipse.sw360.rest.resourceserver.vulnerability.Sw360VulnerabilityService;
 import org.eclipse.sw360.rest.resourceserver.vulnerability.VulnerabilityController;
 import org.jetbrains.annotations.NotNull;
+import org.jose4j.json.internal.json_simple.JSONObject;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.boot.json.GsonJsonParser;
 import org.springframework.data.domain.Pageable;
@@ -130,6 +131,7 @@
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.util.FileCopyUtils;
 import org.springframework.web.bind.annotation.PathVariable;
+import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestBody;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestMethod;
@@ -203,6 +205,8 @@ public class ProjectController implements RepresentationModelProcessor<Repositor
     private static final List<String> enumMainlineStateValues = Stream.of(MainlineState.values())
             .map(MainlineState::name)
             .collect(Collectors.toList());
+    private static final ImmutableMap<String, String> RESPONSE_BODY_FOR_MODERATION_REQUEST_WITH_COMMIT = ImmutableMap.<String, String>builder()
+            .put("message", "Unauthorized user or empty commit message passed.").build();
 
     @NonNull
     private final Sw360ProjectService projectService;
@@ -3546,4 +3550,69 @@ public ResponseEntity<?> createDuplicateProjectWithDependencyNetwork(
             return true;
         };
     }
+
+    @Operation(
+            summary = "Add licenses to linked releases of a project.",
+            description = "This API adds license information to linked releases of a project by processing the approved CLI attachments for each release. It categorizes releases based on the number of CLI attachments (single, multiple, or none) and updates their main and other licenses accordingly.",
+            tags = {"Project"},
+                    parameters = {
+                            @Parameter(
+                                name = "projectId",
+                                description = "The ID of the project whose linked releases need license updates.",
+                                required = true,
+                                example = "12345",
+                                schema = @Schema(type = "string")
+                            )
+                        },
+            responses = {
+                    @ApiResponse(
+                            responseCode = "200",
+                            description = "License information successfully added to linked releases.",
+                            content = @Content(
+                                mediaType = "application/hal+json",
+                                schema = @Schema(type = "object", implementation = JSONObject.class),
+                                examples = @ExampleObject(
+                                        value = "{\n  \"releasesWithSingleCLI\": [\"Release1\", \"Release2\"],\n  \"releasesWithMultipleCLI\": [\"Release3\"],\n  \"STATUS\": \"SUCCESS\"\n}"
+                                )
+                            )
+                        ),
+                    @ApiResponse(
+                            responseCode = "500",
+                            description = "Error occurred while processing license information for linked releases.",
+                            content = @Content(
+                                mediaType = "application/json",
+                                examples = @ExampleObject(
+                                    value = "{\n  \"error\": \"Error adding license info to linked releases.\"\n}"
+                                )
+                            )
+                        )
+          }
+    )
+    @PostMapping(value = PROJECTS_URL + "/{id}/addLinkedRelesesLicenses")
+    public ResponseEntity<String> addLicenseToLinkedReleases(
+            @Parameter(description = "Project ID", example = "376576")
+            @PathVariable("id") String projectId) {
+        try {
+            User sw360User = restControllerHelper.getSw360UserFromAuthentication();
+            Project project = projectService.getProjectForUserById(projectId, sw360User);
+
+            if (project == null) {
+                return ResponseEntity.status(HttpStatus.NOT_FOUND).body("Project not found.");
+            }
+
+            RequestStatus requestStatus = projectService.addLicenseToLinkedReleases(projectId, sw360User);
+
+            if (requestStatus == RequestStatus.SUCCESS) {
+                return ResponseEntity.ok("License information successfully added to linked releases.");
+            }
+
+            return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR)
+                    .body("Error adding license info to linked releases.");
+
+        } catch (TException e) {
+            return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR).body("Thrift error: " + e.getMessage());
+        } catch (Exception e) {
+            return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR).body("Unexpected error: " + e.getMessage());
+        }
+    }
 }

rest/resource-server/src/main/java/org/eclipse/sw360/rest/resourceserver/project/Sw360ProjectService.java

@@ -1543,4 +1543,100 @@ public List<ReleaseLink> serveLinkedReleasesInDependencyNetworkByIndexPath(Strin
         ProjectService.Iface sw360ProjectClient = getThriftProjectClient();
         return sw360ProjectClient.getReleaseLinksOfProjectNetWorkByIndexPath(projectId, indexPath, sw360User);
     }
+
+    public RequestStatus addLicenseToLinkedReleases(String projectId, User sw360User)
+            throws TTransportException, TException {
+
+        try {
+            ProjectService.Iface projectClient = getThriftProjectClient();
+            LicenseInfoService.Iface licenseInfoClient = new ThriftClients().makeLicenseInfoClient();
+            ComponentService.Iface componentClient = new ThriftClients().makeComponentClient();
+
+            Project project = projectClient.getProjectById(projectId, sw360User);
+            if (project == null) {
+                throw new ResourceNotFoundException("Requested Project Not Found");
+            }
+
+            Set<String> releaseIds = CommonUtils.getNullToEmptyKeyset(project.getReleaseIdToUsage());
+            List<Release> releasesWithSingleCLI = new ArrayList<>();
+            List<Release> releasesWithMultipleCLI = new ArrayList<>();
+            boolean isUpdated = false;
+
+            for (String releaseId : releaseIds) {
+                Release release = componentClient.getReleaseById(releaseId, sw360User);
+                if (release == null) {
+                    throw new ResourceNotFoundException("Release with ID " + releaseId + " not found.");
+                }
+
+                List<Attachment> approvedCliAttachments = SW360Utils.getApprovedClxAttachmentForRelease(release);
+                if (approvedCliAttachments.isEmpty()) {
+                    approvedCliAttachments = SW360Utils.getClxAttachmentForRelease(release);
+                }
+
+                if (approvedCliAttachments.size() == 1) {
+                    processSingleAttachment(approvedCliAttachments.get(0), release, licenseInfoClient, sw360User);
+                    releasesWithSingleCLI.add(release);
+                    isUpdated = true;
+                } else if (approvedCliAttachments.size() > 1) {
+                    releasesWithMultipleCLI.add(release);
+                }
+            }
+
+            if (isUpdated) {
+                for (Release release : releasesWithSingleCLI) {
+                    componentClient.updateRelease(release, sw360User);
+                }
+            }
+
+            return RequestStatus.SUCCESS;
+
+        } catch (SW360Exception sw360Exp) {
+            if (sw360Exp.getErrorCode() == 404) {
+                throw new ResourceNotFoundException("Requested Project Not Found");
+            } else if (sw360Exp.getErrorCode() == 403) {
+                throw new AccessDeniedException("Project or its linked releases are restricted and not accessible.");
+            }
+            throw new RuntimeException("SW360 API error: " + sw360Exp.getMessage(), sw360Exp);
+        } catch (Exception e) {
+            throw new RuntimeException("Error processing linked releases for project: " + projectId, e);
+        }
+    }
+
+    private void processSingleAttachment(Attachment attachment, Release release,
+            LicenseInfoService.Iface licenseInfoClient, User sw360User) throws TTransportException, TException {
+        String attachmentName = attachment.getFilename();
+
+        Set<String> mainLicenses = new HashSet<>();
+        Set<String> otherLicenses = new HashSet<>();
+
+        List<LicenseInfoParsingResult> licenseInfoResults = licenseInfoClient.getLicenseInfoForAttachment(release,
+                attachment.getAttachmentContentId(), true, sw360User);
+
+        if (attachmentName.endsWith(SW360Constants.RDF_FILE_EXTENSION)) {
+            licenseInfoResults.forEach(result -> {
+                if (result.getLicenseInfo() != null) {
+                    mainLicenses.addAll(result.getLicenseInfo().getConcludedLicenseIds());
+                    otherLicenses.addAll(result.getLicenseInfo().getLicenseNamesWithTexts().stream()
+                            .map(LicenseNameWithText::getLicenseName).collect(Collectors.toSet()));
+                }
+            });
+            otherLicenses.removeAll(mainLicenses);
+        } else if (attachmentName.endsWith(SW360Constants.XML_FILE_EXTENSION)) {
+            licenseInfoResults.forEach(result -> {
+                if (result.getLicenseInfo() != null) {
+                    result.getLicenseInfo().getLicenseNamesWithTexts().forEach(license -> {
+                        if (SW360Constants.LICENSE_TYPE_GLOBAL.equals(license.getType())) {
+                            mainLicenses.add(license.getLicenseName());
+                        } else {
+                            otherLicenses.add(license.getLicenseName());
+                        }
+                    });
+                }
+            });
+        }
+
+        release.setMainLicenseIds(mainLicenses);
+        release.setOtherLicenseIds(otherLicenses);
+    }
+
 }

rest/resource-server/src/test/java/org/eclipse/sw360/rest/resourceserver/restdocs/ProjectSpecTest.java

@@ -73,6 +73,8 @@
 import org.eclipse.sw360.rest.resourceserver.user.Sw360UserService;
 import org.eclipse.sw360.rest.resourceserver.vulnerability.Sw360VulnerabilityService;
 import org.hamcrest.Matchers;
+import org.jose4j.json.internal.json_simple.JSONArray;
+import org.jose4j.json.internal.json_simple.JSONObject;
 import org.junit.Before;
 import org.junit.Test;
 import org.junit.runner.RunWith;
@@ -1659,7 +1661,6 @@ public void should_document_update_project_vulnerabilities() throws Exception {
                         responseFields(
                                 subsectionWithPath("_embedded.sw360:vulnerabilityDTOes.[]projectRelevance").description("The relevance of project of the vulnerability, possible values are: " + Arrays.asList(VulnerabilityRatingForProject.values())),
                                 subsectionWithPath("_embedded.sw360:vulnerabilityDTOes.[]intReleaseId").description("The release id"),
-                               // subsectionWithPath("_embedded.sw360:vulnerabilityDTOes.[]packageIds").description("The list of package IDs linked to the vulnerability."),
                                 subsectionWithPath("_embedded.sw360:vulnerabilityDTOes.[]comment").description("Any message to add while updating project vulnerabilities"),
                                 subsectionWithPath("_embedded.sw360:vulnerabilityDTOes.[]projectAction").description("The action of vulnerability"),
                                 subsectionWithPath("_embedded.sw360:vulnerabilityDTOes").description("An array of <<resources-vulnerabilities, Vulnerability resources>>"),
@@ -3282,4 +3283,17 @@ public void should_document_get_package_by_project_id() throws Exception {
                 .header("Authorization", TestHelper.generateAuthHeader(testUserId, testUserPassword))
                 .accept(MediaTypes.HAL_JSON)).andExpect(status().isOk());
     }
+
+    @Test
+    public void should_add_license_to_linked_releases() throws Exception {
+        String projectId = "1234567";
+        String comment = "This is a test comment";
+        when(projectServiceMock.addLicenseToLinkedReleases(eq(projectId), any(User.class))).thenReturn(RequestStatus.SUCCESS);
+
+        MockHttpServletRequestBuilder requestBuilder = post("/api/projects/" + projectId + "/addLinkedRelesesLicenses")
+                .contentType(MediaType.APPLICATION_JSON)
+                .param("comment", comment)
+                .header("Authorization", TestHelper.generateAuthHeader(testUserId, testUserPassword));
+        this.mockMvc.perform(requestBuilder).andExpect(status().isOk()).andDo(this.documentationHandler.document());
+    }
 }