Revision 59814
Added by Konstantina Galouni over 3 years ago
StakeholderController.java | ||
---|---|---|
1 | 1 |
package eu.dnetlib.uoamonitorservice.controllers; |
2 | 2 |
|
3 |
//import com.fasterxml.jackson.core.type.TypeReference; |
|
4 |
//import com.fasterxml.jackson.databind.ObjectMapper; |
|
5 | 3 |
import eu.dnetlib.uoamonitorservice.dao.*; |
6 | 4 |
import eu.dnetlib.uoamonitorservice.entities.*; |
7 | 5 |
import eu.dnetlib.uoamonitorservice.handlers.EntityNotFoundException; |
8 |
import eu.dnetlib.uoamonitorservice.handlers.PathNotValidException;
|
|
6 |
import eu.dnetlib.uoamonitorservice.handlers.utils.RolesUtils;
|
|
9 | 7 |
import org.apache.log4j.Logger; |
10 | 8 |
import org.springframework.beans.factory.annotation.Autowired; |
9 |
|
|
10 |
import org.springframework.security.access.AccessDeniedException; |
|
11 |
import org.springframework.security.access.prepost.PreAuthorize; |
|
11 | 12 |
import org.springframework.web.bind.annotation.*; |
12 | 13 |
|
13 | 14 |
import java.util.ArrayList; |
14 | 15 |
import java.util.Date; |
16 |
import java.util.Iterator; |
|
15 | 17 |
import java.util.List; |
16 | 18 |
|
17 | 19 |
@RestController |
... | ... | |
20 | 22 |
private final Logger log = Logger.getLogger(this.getClass()); |
21 | 23 |
|
22 | 24 |
@Autowired |
25 |
private RolesUtils rolesUtils; |
|
26 |
|
|
27 |
@Autowired |
|
23 | 28 |
private StakeholderDAO stakeholderDAO; |
24 | 29 |
|
25 | 30 |
@Autowired |
... | ... | |
40 | 45 |
@Autowired |
41 | 46 |
private TopicController topicController; |
42 | 47 |
|
48 |
// @PreAuthorize("isAuthenticated()") |
|
49 |
@PreAuthorize("hasAnyAuthority(" + |
|
50 |
"@AuthorizationService.PORTAL_ADMIN, " + |
|
51 |
"@AuthorizationService.curator(#stakeholderFull.getType()))") |
|
43 | 52 |
@RequestMapping(value = "/build-stakeholder", method = RequestMethod.POST) |
44 | 53 |
public Stakeholder<Topic<Category<SubCategory<Section<Indicator>>>>> buildFullStakeholder(@RequestBody Stakeholder<Topic<Category<SubCategory<Section<Indicator>>>>> stakeholderFull) { |
45 | 54 |
log.debug("build stakeholder"); |
... | ... | |
70 | 79 |
//return null; |
71 | 80 |
} |
72 | 81 |
|
73 |
public Stakeholder setFullEntities(Stakeholder<String> stakeholder) { |
|
82 |
public Stakeholder setFullEntities(Stakeholder<String> stakeholder, List<String> roles) { |
|
83 |
boolean addAll = false; |
|
84 |
boolean addPublicAndRestricted = false; |
|
85 |
|
|
86 |
// if(roles == null |
|
87 |
// || roles.contains(authorizationService.PORTAL_ADMIN) |
|
88 |
// || roles.contains(authorizationService.curator(stakeholder.getType())) |
|
89 |
// || roles.contains(authorizationService.manager(stakeholder.getType(), stakeholder.getAlias()))) { |
|
90 |
if(rolesUtils.hasUpdateAuthority(roles, stakeholder.getType(), stakeholder.getAlias())) { |
|
91 |
//if(visibility == null || visibility == (Visibility.PRIVATE)) { |
|
92 |
addAll = true; |
|
93 |
//} |
|
94 |
//if(visibility == null || visibility == (Visibility.PRIVATE) || visibility == (Visibility.RESTRICTED)) { |
|
95 |
addPublicAndRestricted = true; |
|
96 |
//} |
|
97 |
// } else if(roles != null && roles.contains(authorizationService.member(stakeholder.getType(), stakeholder.getAlias()))) { |
|
98 |
} else if(rolesUtils.isMember(roles, stakeholder.getType(), stakeholder.getAlias())) { |
|
99 |
//if(visibility == null || visibility == (Visibility.PRIVATE) || visibility == (Visibility.RESTRICTED)) { |
|
100 |
addPublicAndRestricted = true; |
|
101 |
//} |
|
102 |
} |
|
103 |
|
|
74 | 104 |
Stakeholder<Topic> stakeholderFull = new Stakeholder<>(stakeholder); |
75 | 105 |
|
76 | 106 |
List<Topic> topics = new ArrayList<>(); |
... | ... | |
81 | 111 |
// EXCEPTION - Topic not found |
82 | 112 |
throw new EntityNotFoundException("Get stakeholder: Topic with id: "+topicId+" not found (topic exists in stakeholder: "+stakeholder.getId()+")"); |
83 | 113 |
} |
114 |
|
|
115 |
if((!addAll && topic.getVisibility() == Visibility.PRIVATE) |
|
116 |
|| (!addPublicAndRestricted && topic.getVisibility() == Visibility.RESTRICTED)) { |
|
117 |
continue; |
|
118 |
} |
|
119 |
|
|
84 | 120 |
Topic<Category> topicFull = new Topic<Category>(topic); |
85 | 121 |
|
86 | 122 |
List<Category> categories = new ArrayList<>(); |
... | ... | |
91 | 127 |
// EXCEPTION - Category not found |
92 | 128 |
throw new EntityNotFoundException("Get stakeholder: Category with id: "+categoryId+" not found (category exists in topic: "+topicId+")"); |
93 | 129 |
} |
130 |
|
|
131 |
if((!addAll && category.getVisibility() == Visibility.PRIVATE) |
|
132 |
|| (!addPublicAndRestricted && category.getVisibility() == Visibility.RESTRICTED)) { |
|
133 |
continue; |
|
134 |
} |
|
135 |
|
|
94 | 136 |
Category<SubCategory> categoryFull = new Category<SubCategory>(category); |
95 | 137 |
|
96 | 138 |
List<SubCategory> subCategories = new ArrayList<>(); |
... | ... | |
101 | 143 |
// EXCEPTION - SubCategory not found |
102 | 144 |
throw new EntityNotFoundException("Get stakeholder: SubCategory with id: "+subCategoryId+" not found (subCategory exists in category: "+categoryId+")"); |
103 | 145 |
} |
146 |
|
|
147 |
if((!addAll && subCategory.getVisibility() == Visibility.PRIVATE) |
|
148 |
|| (!addPublicAndRestricted && subCategory.getVisibility() == Visibility.RESTRICTED)) { |
|
149 |
continue; |
|
150 |
} |
|
151 |
|
|
104 | 152 |
SubCategory subCategoryFull = new SubCategory<Section<Indicator>>(subCategory); |
105 | 153 |
|
106 | 154 |
List<Section> sectionsCharts = new ArrayList<>(); |
107 | 155 |
|
108 | 156 |
for(String sectionId : subCategory.getCharts()) { |
109 |
sectionsCharts.add(getSectionFull(sectionId, subCategoryId)); |
|
157 |
sectionsCharts.add(getSectionFull(sectionId, subCategoryId, addAll, addPublicAndRestricted));
|
|
110 | 158 |
} |
111 | 159 |
subCategoryFull.setCharts(sectionsCharts); |
112 | 160 |
|
113 | 161 |
List<Section> sectionsNumbers = new ArrayList<>(); |
114 | 162 |
|
115 | 163 |
for(String sectionId : subCategory.getNumbers()) { |
116 |
sectionsNumbers.add(getSectionFull(sectionId, subCategoryId)); |
|
164 |
sectionsNumbers.add(getSectionFull(sectionId, subCategoryId, addAll, addPublicAndRestricted));
|
|
117 | 165 |
} |
118 | 166 |
subCategoryFull.setNumbers(sectionsNumbers); |
119 | 167 |
|
... | ... | |
154 | 202 |
return stakeholderFull; |
155 | 203 |
} |
156 | 204 |
|
157 |
private Section getSectionFull(String sectionId, String subCategoryId) { |
|
205 |
private Section getSectionFull(String sectionId, String subCategoryId, boolean addAll, boolean addPublicAndRestricted) {
|
|
158 | 206 |
Section<String> section = sectionDAO.findById(sectionId); |
159 | 207 |
if (section == null) { |
160 | 208 |
// EXCEPTION - Section not found |
161 | 209 |
throw new EntityNotFoundException("Get stakeholder: Section with id: " + sectionId + " not found (section exists in subCategory: " + subCategoryId + ")"); |
162 | 210 |
} |
211 |
|
|
163 | 212 |
Section sectionFull = new Section<Indicator>(section); |
164 | 213 |
|
165 | 214 |
List<Indicator> indicators = new ArrayList<>(); |
... | ... | |
169 | 218 |
// EXCEPTION - Indicator not found |
170 | 219 |
throw new EntityNotFoundException("Get stakeholder: Indicator with id: " + indicatorId + " not found (indicator exists in section: " + sectionId + ")"); |
171 | 220 |
} |
221 |
|
|
222 |
if((!addAll && indicator.getVisibility() == Visibility.PRIVATE) |
|
223 |
|| (!addPublicAndRestricted && indicator.getVisibility() == Visibility.RESTRICTED)) { |
|
224 |
continue; |
|
225 |
} |
|
226 |
|
|
172 | 227 |
indicators.add(indicator); |
173 | 228 |
} |
174 | 229 |
sectionFull.setIndicators(indicators); |
... | ... | |
176 | 231 |
return sectionFull; |
177 | 232 |
} |
178 | 233 |
|
234 |
@PreAuthorize("hasAnyAuthority(" + |
|
235 |
"@AuthorizationService.PORTAL_ADMIN)") |
|
179 | 236 |
@RequestMapping(value = "/stakeholder/all", method = RequestMethod.GET) |
180 | 237 |
public List<Stakeholder> getAllStakeholders(@RequestParam(required = false) String type) { |
181 | 238 |
log.debug("get all stakeholders" + (type != null ? " with type: "+type : "")); |
... | ... | |
189 | 246 |
|
190 | 247 |
List<Stakeholder> stakeholdersFull = new ArrayList<>(); |
191 | 248 |
for(Stakeholder stakeholder : stakeholders) { |
192 |
stakeholdersFull.add(this.setFullEntities(stakeholder)); |
|
249 |
List<String> roles = rolesUtils.getRoles(); |
|
250 |
stakeholdersFull.add(this.setFullEntities(stakeholder, roles)); |
|
193 | 251 |
} |
194 | 252 |
|
195 | 253 |
return stakeholdersFull; |
196 | 254 |
} |
197 | 255 |
|
256 |
@PreAuthorize("isAuthenticated()") |
|
198 | 257 |
@RequestMapping(value = "/stakeholder/default", method = RequestMethod.GET) |
199 | 258 |
public List<Stakeholder> getAllDefaultStakeholders(@RequestParam(required = false) String type) { |
200 | 259 |
log.debug("get all default stakeholders" + (type != null ? " with type: "+type : "")); |
... | ... | |
207 | 266 |
} |
208 | 267 |
|
209 | 268 |
List<Stakeholder> stakeholdersFull = new ArrayList<>(); |
210 |
for(Stakeholder stakeholder : stakeholders) { |
|
211 |
stakeholdersFull.add(this.setFullEntities(stakeholder)); |
|
269 |
|
|
270 |
// Remove stakeholders for which i do not have authority |
|
271 |
if(stakeholders != null && stakeholders.size() > 0) { |
|
272 |
List<String> roles = rolesUtils.getRoles(); |
|
273 |
// log.debug("ROLES: "); |
|
274 |
// roles.forEach(role -> log.debug(role)); |
|
275 |
// |
|
276 |
// if (roles.contains(authorizationService.PORTAL_ADMIN)) { |
|
277 |
if (rolesUtils.isPortalAdmin(roles)) { |
|
278 |
for(Stakeholder stakeholder : stakeholders) { |
|
279 |
stakeholdersFull.add(this.setFullEntities(stakeholder, roles)); |
|
280 |
} |
|
281 |
return stakeholdersFull; |
|
282 |
} |
|
283 |
|
|
284 |
Iterator<Stakeholder> stakeholderIterator = stakeholders.iterator(); |
|
285 |
while(stakeholderIterator.hasNext()) { |
|
286 |
Stakeholder stakeholder = stakeholderIterator.next(); |
|
287 |
|
|
288 |
// if(roles.contains(authorizationService.curator(stakeholder.getType()))) { |
|
289 |
if(rolesUtils.isCurator(roles, stakeholder.getType())) { |
|
290 |
stakeholdersFull.add(this.setFullEntities(stakeholder, roles)); |
|
291 |
continue; |
|
292 |
} |
|
293 |
stakeholderIterator.remove(); |
|
294 |
} |
|
212 | 295 |
} |
296 |
|
|
213 | 297 |
return stakeholdersFull; |
214 | 298 |
} |
215 | 299 |
|
... | ... | |
224 | 308 |
stakeholders = stakeholderDAO.findByDefaultIdNotAndType(null, type); |
225 | 309 |
} |
226 | 310 |
|
311 |
//List<Stakeholder> stakeholdersFull = new ArrayList<>(); |
|
312 |
|
|
313 |
if(stakeholders != null && stakeholders.size() > 0) { |
|
314 |
// List<String> roles = authorizationService.getRoles(); |
|
315 |
List<String> roles = rolesUtils.getRoles(); |
|
316 |
|
|
317 |
// if (roles.contains(authorizationService.PORTAL_ADMIN)) { |
|
318 |
if (rolesUtils.isPortalAdmin(roles)) { |
|
319 |
// for(Stakeholder stakeholder : stakeholders) { |
|
320 |
// stakeholdersFull.add(this.setFullEntities(stakeholder)); |
|
321 |
// } |
|
322 |
// return stakeholdersFull; |
|
323 |
return stakeholders; |
|
324 |
} |
|
325 |
|
|
326 |
Iterator<Stakeholder> stakeholderIterator = stakeholders.iterator(); |
|
327 |
while(stakeholderIterator.hasNext()) { |
|
328 |
Stakeholder stakeholder = stakeholderIterator.next(); |
|
329 |
|
|
330 |
// if(roles.contains(authorizationService.curator(stakeholder.getType())) |
|
331 |
// || roles.contains(authorizationService.manager(stakeholder.getType(), stakeholder.getAlias())) |
|
332 |
// || stakeholder.getVisibility() == Visibility.PUBLIC |
|
333 |
// || (stakeholder.getVisibility() == Visibility.RESTRICTED && roles.contains(authorizationService.member(stakeholder.getType(), stakeholder.getAlias())))) { |
|
334 |
if(rolesUtils.isCurator(roles, stakeholder.getType()) |
|
335 |
|| rolesUtils.isManager(roles, stakeholder.getType(), stakeholder.getAlias()) |
|
336 |
|| stakeholder.getVisibility() == Visibility.PUBLIC |
|
337 |
|| (stakeholder.getVisibility() == Visibility.RESTRICTED && rolesUtils.isMember(roles, stakeholder.getType(), stakeholder.getAlias()))) { |
|
338 |
//stakeholdersFull.add(this.setFullEntities(stakeholder)); |
|
339 |
continue; |
|
340 |
} |
|
341 |
stakeholderIterator.remove(); |
|
342 |
} |
|
343 |
} |
|
344 |
|
|
345 |
// log.debug(new Date()); |
|
346 |
|
|
347 |
// return stakeholdersFull; |
|
348 |
return stakeholders; |
|
349 |
} |
|
350 |
|
|
351 |
@PreAuthorize("isAuthenticated()") |
|
352 |
@RequestMapping(value = "/my-stakeholder", method = RequestMethod.GET) |
|
353 |
public List<Stakeholder> getMyRealStakeholders(@RequestParam(required = false) String type) { |
|
354 |
log.debug("get my NOT default stakeholders" + (type != null ? " with type: "+type : "")); |
|
355 |
|
|
356 |
List<Stakeholder> stakeholders; |
|
357 |
if(type == null) { |
|
358 |
stakeholders = stakeholderDAO.findByDefaultIdNot(null); |
|
359 |
} else { |
|
360 |
stakeholders = stakeholderDAO.findByDefaultIdNotAndType(null, type); |
|
361 |
} |
|
362 |
|
|
227 | 363 |
List<Stakeholder> stakeholdersFull = new ArrayList<>(); |
228 |
for(Stakeholder stakeholder : stakeholders) { |
|
229 |
stakeholdersFull.add(this.setFullEntities(stakeholder)); |
|
364 |
|
|
365 |
if(stakeholders != null && stakeholders.size() > 0) { |
|
366 |
// List<String> roles = authorizationService.getRoles(); |
|
367 |
List<String> roles = rolesUtils.getRoles(); |
|
368 |
// log.debug("ROLES: "); |
|
369 |
// roles.forEach(role -> log.debug(role)); |
|
370 |
|
|
371 |
// if (roles.contains(authorizationService.PORTAL_ADMIN)) { |
|
372 |
if (rolesUtils.isPortalAdmin(roles)) { |
|
373 |
for(Stakeholder stakeholder : stakeholders) { |
|
374 |
stakeholdersFull.add(this.setFullEntities(stakeholder, roles)); |
|
375 |
} |
|
376 |
return stakeholdersFull; |
|
377 |
} |
|
378 |
|
|
379 |
Iterator<Stakeholder> stakeholderIterator = stakeholders.iterator(); |
|
380 |
while(stakeholderIterator.hasNext()) { |
|
381 |
Stakeholder stakeholder = stakeholderIterator.next(); |
|
382 |
|
|
383 |
// if(roles.contains(authorizationService.curator(stakeholder.getType())) |
|
384 |
// || roles.contains(authorizationService.manager(stakeholder.getType(), stakeholder.getAlias()))) { |
|
385 |
if(rolesUtils.isCurator(roles, stakeholder.getType()) |
|
386 |
|| rolesUtils.isManager(roles, stakeholder.getType(), stakeholder.getAlias())) { |
|
387 |
stakeholdersFull.add(this.setFullEntities(stakeholder, roles)); |
|
388 |
continue; |
|
389 |
} |
|
390 |
stakeholderIterator.remove(); |
|
391 |
} |
|
230 | 392 |
} |
231 |
log.debug(new Date()); |
|
232 | 393 |
|
394 |
// log.debug(new Date()); |
|
395 |
|
|
233 | 396 |
return stakeholdersFull; |
234 | 397 |
} |
235 | 398 |
|
... | ... | |
242 | 405 |
// EXCEPTION - Stakeholder not found |
243 | 406 |
throw new EntityNotFoundException("Get stakeholder: Stakeholder with alias: "+alias+" not found"); |
244 | 407 |
} |
245 |
return this.setFullEntities(stakeholder); |
|
408 |
|
|
409 |
// List<String> roles = authorizationService.getRoles(); |
|
410 |
List<String> roles = rolesUtils.getRoles(); |
|
411 |
|
|
412 |
if((stakeholder.getVisibility() == Visibility.PRIVATE && !rolesUtils.hasUpdateAuthority(roles, stakeholder.getType(), stakeholder.getAlias()) |
|
413 |
|| (stakeholder.getVisibility() == Visibility.RESTRICTED && !rolesUtils.hasUpdateAuthority(roles, stakeholder.getType(), stakeholder.getAlias()) && !rolesUtils.isMember(roles, stakeholder.getType(), stakeholder.getAlias())))) { |
|
414 |
// // EXCEPTION - Access denied |
|
415 |
// throw new AccessDeniedException("Get stakeholder: You are not authorized to get stakeholder with alias: "+alias); |
|
416 |
List<String> topicsEmpty = stakeholder.getTopics(); |
|
417 |
topicsEmpty.clear(); |
|
418 |
stakeholder.setTopics(topicsEmpty); |
|
419 |
stakeholder.setVisibility(Visibility.PRIVATE); |
|
420 |
return stakeholder; |
|
421 |
} |
|
422 |
|
|
423 |
return this.setFullEntities(stakeholder, roles); |
|
246 | 424 |
} |
247 | 425 |
|
426 |
// @PreAuthorize("isAuthenticated()") |
|
427 |
@PreAuthorize("hasAnyAuthority(" + |
|
428 |
"@AuthorizationService.PORTAL_ADMIN, " + |
|
429 |
"@AuthorizationService.curator(#stakeholderFull.getType()), " + |
|
430 |
"@AuthorizationService.manager(#stakeholderFull.getType(), #stakeholderFull.getAlias()) " + |
|
431 |
")") |
|
248 | 432 |
@RequestMapping(value = "/save", method = RequestMethod.POST) |
249 | 433 |
public Stakeholder<Topic> saveStakeholder(@RequestBody Stakeholder<Topic> stakeholderFull) { |
250 | 434 |
log.debug("save stakeholder"); |
... | ... | |
283 | 467 |
return stakeholderFull; |
284 | 468 |
} |
285 | 469 |
|
286 |
|
|
470 |
@PreAuthorize("isAuthenticated()") |
|
287 | 471 |
@RequestMapping(value = "/{stakeholderId}/delete", method = RequestMethod.DELETE) |
288 | 472 |
public boolean deleteStakeholder(@PathVariable("stakeholderId") String stakeholderId) { |
289 | 473 |
log.debug("delete stakeholder"); |
... | ... | |
292 | 476 |
Stakeholder<String> stakeholder = stakeholderDAO.findById(stakeholderId); |
293 | 477 |
|
294 | 478 |
if(stakeholder != null) { |
479 |
// List<String> roles = authorizationService.getRoles(); |
|
480 |
List<String> roles = rolesUtils.getRoles(); |
|
295 | 481 |
|
482 |
// if(!roles.contains(authorizationService.PORTAL_ADMIN) |
|
483 |
// && !roles.contains(authorizationService.curator(stakeholder.getType()))) { |
|
484 |
if(!rolesUtils.hasCreateAndDeleteAuthority(roles, stakeholder.getType())) { |
|
485 |
// EXCEPTION - Access denied |
|
486 |
throw new AccessDeniedException("Delete stakeholder: You are not authorized to delete stakeholder with id: "+stakeholderId); |
|
487 |
} |
|
488 |
|
|
296 | 489 |
// for(String topicId : stakeholder.getTopics()) { |
297 | 490 |
// Topic<String> topic = topicDAO.findById(topicId); |
298 | 491 |
// if (topic == null) { |
... | ... | |
364 | 557 |
} |
365 | 558 |
|
366 | 559 |
|
367 |
@RequestMapping(value = "/{stakeholderId}/toggle-status", method = RequestMethod.POST) |
|
368 |
public Boolean toggleStakeholderStatus(@PathVariable("stakeholderId") String stakeholderId) { |
|
369 |
log.debug("toggle stakeholder status (isActive)"); |
|
560 |
// @RequestMapping(value = "/{stakeholderId}/toggle-status", method = RequestMethod.POST) |
|
561 |
// public Boolean toggleStakeholderStatus(@PathVariable("stakeholderId") String stakeholderId) { |
|
562 |
// log.debug("toggle stakeholder status (isActive)"); |
|
563 |
// log.debug("Stakeholder: "+stakeholderId); |
|
564 |
// |
|
565 |
// Stakeholder stakeholder = stakeholderDAO.findById(stakeholderId); |
|
566 |
// if (stakeholder == null) { |
|
567 |
// // EXCEPTION - Stakeholder not found |
|
568 |
// throw new EntityNotFoundException("Toggle stakeholder status: Stakeholder with id: "+stakeholderId+" not found"); |
|
569 |
// } |
|
570 |
// stakeholder.setIsActive(!stakeholder.getIsActive()); |
|
571 |
// |
|
572 |
// stakeholderDAO.save(stakeholder); |
|
573 |
// log.debug("Stakeholder toggled!"); |
|
574 |
// |
|
575 |
// return stakeholder.getIsActive(); |
|
576 |
// } |
|
577 |
// |
|
578 |
// @RequestMapping(value = "/{stakeholderId}/toggle-access", method = RequestMethod.POST) |
|
579 |
// public Boolean toggleStakeholderAccess(@PathVariable("stakeholderId") String stakeholderId) { |
|
580 |
// log.debug("toggle stakeholder access (isPublic)"); |
|
581 |
// log.debug("Stakeholder: "+stakeholderId); |
|
582 |
// |
|
583 |
// Stakeholder stakeholder = stakeholderDAO.findById(stakeholderId); |
|
584 |
// if (stakeholder == null) { |
|
585 |
// // EXCEPTION - Stakeholder not found |
|
586 |
// throw new EntityNotFoundException("Toggle stakeholder access: Stakeholder with id: "+stakeholderId+" not found"); |
|
587 |
// } |
|
588 |
// stakeholder.setIsPublic(!stakeholder.getIsPublic()); |
|
589 |
// |
|
590 |
// stakeholderDAO.save(stakeholder); |
|
591 |
// log.debug("Stakeholder toggled!"); |
|
592 |
// |
|
593 |
// return stakeholder.getIsPublic(); |
|
594 |
// } |
|
595 |
|
|
596 |
|
|
597 |
@PreAuthorize("isAuthenticated()") |
|
598 |
@RequestMapping(value = "/{stakeholderId}/change-visibility", method = RequestMethod.POST) |
|
599 |
public Visibility toggleStakeholderAccess(@PathVariable("stakeholderId") String stakeholderId, |
|
600 |
@RequestParam("visibility") Visibility visibility) { |
|
601 |
log.debug("change stakeholder visibility: "+visibility); |
|
370 | 602 |
log.debug("Stakeholder: "+stakeholderId); |
371 | 603 |
|
372 | 604 |
Stakeholder stakeholder = stakeholderDAO.findById(stakeholderId); |
373 | 605 |
if (stakeholder == null) { |
374 | 606 |
// EXCEPTION - Stakeholder not found |
375 |
throw new EntityNotFoundException("Toggle stakeholder status: Stakeholder with id: "+stakeholderId+" not found");
|
|
607 |
throw new EntityNotFoundException("Change stakeholder visibility: Stakeholder with id: "+stakeholderId+" not found");
|
|
376 | 608 |
} |
377 |
stakeholder.setIsActive(!stakeholder.getIsActive()); |
|
378 | 609 |
|
379 |
stakeholderDAO.save(stakeholder);
|
|
380 |
log.debug("Stakeholder toggled!");
|
|
610 |
// List<String> roles = authorizationService.getRoles();
|
|
611 |
List<String> roles = rolesUtils.getRoles();
|
|
381 | 612 |
|
382 |
return stakeholder.getIsActive(); |
|
383 |
} |
|
384 |
|
|
385 |
@RequestMapping(value = "/{stakeholderId}/toggle-access", method = RequestMethod.POST) |
|
386 |
public Boolean toggleStakeholderAccess(@PathVariable("stakeholderId") String stakeholderId) { |
|
387 |
log.debug("toggle stakeholder access (isPublic)"); |
|
388 |
log.debug("Stakeholder: "+stakeholderId); |
|
389 |
|
|
390 |
Stakeholder stakeholder = stakeholderDAO.findById(stakeholderId); |
|
391 |
if (stakeholder == null) { |
|
392 |
// EXCEPTION - Stakeholder not found |
|
393 |
throw new EntityNotFoundException("Toggle stakeholder access: Stakeholder with id: "+stakeholderId+" not found"); |
|
613 |
// if(!roles.contains(authorizationService.PORTAL_ADMIN) |
|
614 |
// && !roles.contains(authorizationService.curator(stakeholder.getType())) |
|
615 |
// && !roles.contains(authorizationService.manager(stakeholder.getType(), stakeholder.getAlias()))) { |
|
616 |
if(!rolesUtils.hasUpdateAuthority(roles, stakeholder.getType(), stakeholder.getAlias())) { |
|
617 |
// EXCEPTION - Access denied |
|
618 |
throw new AccessDeniedException("Change stakeholder visibility: You are not authorized to update stakeholder with id: "+stakeholderId); |
|
394 | 619 |
} |
395 |
stakeholder.setIsPublic(!stakeholder.getIsPublic());
|
|
620 |
stakeholder.setVisibility(visibility);
|
|
396 | 621 |
|
397 | 622 |
stakeholderDAO.save(stakeholder); |
398 | 623 |
log.debug("Stakeholder toggled!"); |
399 | 624 |
|
400 |
return stakeholder.getIsPublic();
|
|
625 |
return stakeholder.getVisibility();
|
|
401 | 626 |
} |
402 | 627 |
|
403 |
|
|
404 | 628 |
// The following are not supposed to be used |
405 | 629 |
// @RequestMapping(value = "/stakeholder/dates", method = RequestMethod.GET) |
406 | 630 |
// public List<Date> getAllStakeholderDates() { |
Also available in: Unified diff
[Trunk | Monitor Service]:
1. RolesUtils.java: New class connected to "AuthorizationService" and returns helper methods for roles and authorities.
2. StakeholderController.java & TopicController.java & CategoryController.java & SubCategoryController.java & SectionController.java & IndicatorController.java:
a. Add authorization checks according to user roles (authorization library).
b. Handle new fields "createDate" and "updateDate" (StakeholderController.java already had these fields).
c. [Bug fix] On save method, if it is default entity, add it before "onSaveDefault...()" or after "onUpdateDefault...()".
d. (not in SectionController) Comment methods for toggling status and access and add method for changing visibility.
e.g. "changeIndicatorVisibility()" (/{stakeholderId}/{topicId}/{categoryId}/{subcategoryId}/{sectionId}/{indicatorId}/change-visibility).
3. StakeholderController.java: Method "getAllRealStakeholders()" (/stakeholder) returns now basic Stakeholder info (topicIds, not full entities).
4. IndicatorController.java:
a. [Bug fix] On "onUpdateDefaultIndicator()", "changed" is set to false for each indicatorBasedOnDefault.
b. On "onUpdateDefaultIndicator()" handle update policy for "description" and "additionalDescription".
c. [Bug fix] On "onUpdateDefaultIndicator()", bug fixes when updating "jsonPath".