Spring Framework 4.0.6 was released on July 8, 2014

I see couple of case where path parameter starts with uppercase letter. I think convention is lowercase letter.

public static final String DATA_CUSTODIAN_AUTHORIZATION = "/espi/1_1/resource/Authorization/{AuthorizationID}";
public static final String DATA_CUSTODIAN_REST_USAGE_POINT_COLLECTION = "/espi/1_1/resource/RetailCustomer/{retailCustomerId}/UsagePoint";
public static final String DATA_CUSTODIAN_REST_USAGE_POINT_CREATE = "/espi/1_1/resource/RetailCustomer/{retailCustomerId}/UsagePoint";
public static final String DATA_CUSTODIAN_REST_USAGE_POINT_GET = "/espi/1_1/resource/RetailCustomer/{RetailCustomerID}/UsagePoint/{UsagePointID}";

intervalReadings in IntervalBlock needs to be order by time.
e.g. @orderby("timePeriod.start, timePeriod.duration asc")

There are couple of classes where there are no setter for some attributes. Though jetty and tomcat can workwit it but google appengine needs setter for autowire attributes.

The seed files for thirdparty.authorizations should have a NULL for subscriptionId

datacustodian base URl in token enhancer is injected though properties. Hence it needs to be provided in application during build time. Can this be used from application information corresponds to data-custodian.

Make sure the minimal authentication and authorization actions occur during these patterns.

Is it possible to manage relationship with IntervalBlock and MeterReading problematically not thorugh JPA. Having JPA relationship, lots of data is being loaded for Interval Block which is not always necessary.

It is now necessary to have all db rows completely loaded during the seed of the databases. This is especially needed for the dynamic registration issues in the DataCustodian and ThirdParty projects, but also needed in the SFTP and Bulk implementations. Following completion, any residual NULL entries should have documentation as to why they are still NULL for clarity.

making sure read-only transactions are the default across the board and that non-read-only are specifically initiated when needed. (with focus on the controller/service/repository layers).

1. applicationInformation attribute in Subscription class need to be XMLtransient.
2. lastUpdate attribute may private as there are setter/getter

for all attributes of application information have - minOccurs=0 in schema definition and table column definition is Null. Is it intended? or some constraint can be defined for this.

To facilitate use of the common library, implement JavaDoc for all classes and methods.

The download my data function puts double // in some of the hrefs for the atom links. Also, there is a / in front of the stylesheet declaration which prevents browser from finding stylesheet in the same directory as the file download.

For example:

1 - clientId is Read-Only
2 - Secret is allowed to change
3 - GrantType is Read-Only

etc.

The ServiceDeliveryPoint in the UsagePoint resource, when present, should not include the id which links this table to the UsagePoint.

Must make this attribute XMLTransient

Current implementation of merge in IntervalBlock class, replace interval reading with new Interval reading data. Merge needs be based on the changes in new block.

Currently filter is applied in application side which means data (interval block & Interval reading) to be fetched from the database. This could cause performance issue when historical data volume is high.

Input query parameter is parsed every time matches method is called. Input query parameter needs to be parsed once for performance improvement.

The ThirdParty.authorizations table, as created during the .sql seed process, needs to have a new row to represent that third-party-admin clientId and the client-access-token (along with all additional relevant seed information so that the ThirdParty.NotificationController may successfully issue a GET on Batch/Bulk/{bulkId} and /Authorization/{authorizationId}

Though status is numeric (values 0,1). Datatype is used as string. There are other places where string is used.

Currently RetailCustomer act as an user. It would be better to have User entity and single customer can be accessed by one or more user.

the subscriptionURI is not used within the implementation

It is assumed that id with value 1 in application information will be datacustodian. Constant to be used for that.

Support the Pattern:

GET /espi/1_1/resource/Batch/Bulk/{bulkId}

Will effect supporting the Services Interface:
List resourceService.findByBulkId{Long bulkId};

Make sure the scope strings used agree with those in the implementation agreements and exemplify the breadth of use-cases needed for the sandbox. (batch/bulk and batch/sftp in particular)

When an authorization is linked to multiple usage point, common resources(e.g. ReadingType, LocalTimeParameters) gets duplicated in XML. Also, XML validation is failed when parsed thorugh online greenbutton XML validation tool.

The OpenESPI-Common-java repository POM.xml file contains a version reference for the Postgres Database, however, there are no references to the version nor is the Postgres Database currently supported

While exporting data from Datacustodian, self or related link is formed using entity id in generate XML irrespective of what value is used in import XML. So link value differ in import xml and export xml.

Full support for the UsageSummary Resource

Spring Framework 4.0 replaced XML based configuration files with Java Configuration files. This enhancement brings the OpenESPI-Common-java repository up-to-date with the current Spring Framework configuration technology

The following (baddly formed) curl commands results in a string out of bound error:

curl -H "Authorization: Bearer 688b026c-665f-4994-9139-6b21b13fbeee" http://localhost:8080/DataCustodian/foo bar

===== error =====

java.lang.StringIndexOutOfBoundsException: String index out of range: -1
at java.lang.String.substring(String.java:1871)
at org.energyos.espi.datacustodian.web.filter.ResourceValidationFilter.doFilter(ResourceValidationFilter.java:145)
at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:344)

The POM file contains profiles that are no longer available. These should be removed to simplify the POM file.

An usage point can be linked to multiple subscription which is managed by subscriptions relationship. A review is required whether OneToOne reference to subscription is required or not.

Currently, the system keeps the subscription uri value in the "resource" table and assigns "batchlist" as a foreign key. The only element of the "batchlist" table is the key field. The ESPI standard defines the contents of the current "resource" table as being the contents of the "batchlist" entity. Making this merge brings the current implementation into alignment with the ESPI standard.

Since this change impacts the database files, it should be coordinated with the update for bulk processing.

The current Third Party Scope Selection screen displays "Third Party Admin Access" as a selectable SCOPE value to non-Administrative users.

Currently the Third Party application SCOPE selection entries are dynamically defined and presented based on the ApplicationInformation ID contained within the ApplicationInformationScope table entry. The current ThirdParty ApplicationInformationScope table contains an entry indicating "ThirdParty_Admin_Access" is a valid SCOPE selection for any Retail Customer authorizing the ThirdParty application access to their data. However, since the DataCustodian OAuth2 implementation contains a different client ID value for the Third Party Admin function, as it should, the OAuth Access Token is rejected.

The proper correction is to assign the "ThirdParty_Admin_Access" SCOPE to a new ApplicationInformation structure, similar to the manner in which the "Upload_Admin_Access" Scope is currently assigned.

There was a new repository interface added in the solution provided to issue #110. This issue is to make the Repository API available through the service level and to include it within the services javadoc documentation.

the following form:

curl http://localhost:8080/DataCustodian/espi/1_1/resource/ReadServiceStatus

results in a null pointer error:

java.lang.NullPointerException
at org.energyos.espi.datacustodian.web.filter.ResourceValidationFilter.doFilter(ResourceValidationFilter.java:73)
at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:344)

Current code produces new authorizations using the OAuth flow. However, the authorization records do not populate the authorizationUri with the value for the autorization. Instead, it places the authorizationUri template:
'http://localhost:8080/DataCustodian/espi/1_1/resource/Authorization/{authorizationId}'
instead of:
'http://localhost:8080/DataCustodian/espi/1_1/resource/Authorization/5' (assuming this is 5th authorization added to the DC.

To create:

1. Run SOAPUI script resetDb
2. Use mysql to view authorizations table records in database -- 1..4
3. Run SOAPUI script UploadTestFileAndAuthorize which will add a new UsagePoint and Subscription for the ThirdParty.
4. Use mysql to view authorizations table records in database -- 1..5

the 5th record is new and has the authorizationUri of 'http://localhost:8080/DataCustodian/espi/1_1/resource/Authorization/{authorizationId}' instead of 'http://localhost:8080/DataCustodian/espi/1_1/resource/Authorization/5' as expected.

@OverRide
public List getEntries() {
List result = entries;
entries = null;
return result;
}

why entries is set to null in getter?

Needed to stay in sync with new espiDerived.xsd

Generally, application server/web server maintain session object in memory. Google app-engine maintains session objects in datastore. This means that objects those are stored in session needs to be serialized e.g. IdentifiableObjects, LinkType

There may be a need to allow NULL as a retailCustomerId field of the authorization table and the subscription table.

dstEndRule/dstStartRule marshal/unmarshal using HexBinaryAdapter. Hence hex representation is in output XML. Here output value needs to be in string representation. Due to incorrected start.end rule XML validation failed at www.greenbuttondata.org/greentest.aspx. I have changed as below
-- in TimeConfiguration .java
@XmlJavaTypeAdapter(StringBinaryAdapter.class)
protected byte [] dstEndRule;

public final class StringBinaryAdapter extends XmlAdapter<String,byte[]> {
public byte[] unmarshal(String s) {
if(s==null) return null;
return s.getBytes();
}

public String marshal(byte[] bytes) {
    if(bytes==null)     return null;
    return new String(bytes);
}

}

Currently Export filter includes Entity which meets the provided criteria. For data-transfer request, based on the time parameter, XML will have desire interval blocks. But third-party may always need ReadingType, LocalTimeParameter etc master data in same XML for ease of their processing .

Based on OpenADE Helpdesk item #85, we need to add these columns/definitions to IntervalReading.java and datacustodianmysql.sql. This enhancement enables the tagging of interval data with specific tou/cpp/etc... values.

The seed files for thirdparty.application_information table has a duplicated UUID - they must be unique.