Revision 60107
Added by Konstantina Galouni over 3 years ago
| CategoryController.java | ||
|---|---|---|
| 3 | 3 |
import eu.dnetlib.uoamonitorservice.dao.*; |
| 4 | 4 |
import eu.dnetlib.uoamonitorservice.entities.*; |
| 5 | 5 |
import eu.dnetlib.uoamonitorservice.handlers.EntityNotFoundException; |
| 6 |
import eu.dnetlib.uoaadmintoolslibrary.handlers.ForbiddenException; |
|
| 6 | 7 |
import eu.dnetlib.uoamonitorservice.handlers.PathNotValidException; |
| 7 | 8 |
import eu.dnetlib.uoamonitorservice.handlers.utils.RolesUtils; |
| 8 | 9 |
import org.apache.log4j.Logger; |
| ... | ... | |
| 80 | 81 |
List<String> roles = rolesUtils.getRoles(); |
| 81 | 82 |
if(!rolesUtils.hasUpdateAuthority(roles, stakeholder.getType(), stakeholder.getAlias())) {
|
| 82 | 83 |
// EXCEPTION - Access denied |
| 83 |
throw new AccessDeniedException("Save Category: You are not authorized to update stakeholder with id: "+stakeholderId);
|
|
| 84 |
throw new ForbiddenException("Save Category: You are not authorized to update stakeholder with id: "+stakeholderId);
|
|
| 84 | 85 |
} |
| 85 | 86 |
|
| 86 | 87 |
Category<String> oldCategory = null; |
| 87 | 88 |
if(categoryFull.getId() != null) {
|
| 88 | 89 |
oldCategory = categoryDAO.findById(categoryFull.getId()); |
| 90 |
if(oldCategory == null) {
|
|
| 91 |
// EXCEPTION - Category not found |
|
| 92 |
throw new EntityNotFoundException("save category: Category with id: " + categoryFull.getId() + " not found");
|
|
| 93 |
} |
|
| 89 | 94 |
} |
| 90 | 95 |
|
| 91 | 96 |
Topic<String> topic = topicDAO.findById(topicId); |
| ... | ... | |
| 97 | 102 |
category.setUpdateDate(date); |
| 98 | 103 |
categoryFull.setUpdateDate(date); |
| 99 | 104 |
|
| 105 |
List<String> subCategories = new ArrayList<>(); |
|
| 106 |
|
|
| 100 | 107 |
// if category not exists (no id), create a new default subcategory, identical to category |
| 101 | 108 |
if(categoryFull.getId() == null) {
|
| 102 | 109 |
category.setCreationDate(date); |
| ... | ... | |
| 106 | 113 |
subCategory.createOverviewSubCategory(categoryFull); |
| 107 | 114 |
|
| 108 | 115 |
subCategoryDAO.save(subCategory); |
| 109 |
List<SubCategory> subCategories = categoryFull.getSubCategories(); |
|
| 110 |
subCategories.add(subCategory); |
|
| 116 |
|
|
| 117 |
List<SubCategory> subCategoriesFull = categoryFull.getSubCategories(); |
|
| 118 |
subCategoriesFull.add(subCategory); |
|
| 119 |
|
|
| 120 |
for(SubCategory oldSubCategory : subCategoriesFull) {
|
|
| 121 |
subCategories.add(oldSubCategory.getId()); |
|
| 122 |
} |
|
| 123 |
} else {
|
|
| 124 |
for(String subCategoryId : oldCategory.getSubCategories()) {
|
|
| 125 |
SubCategory subCategory = subCategoryDAO.findById(subCategoryId); |
|
| 126 |
if (subCategory == null) {
|
|
| 127 |
// EXCEPTION - SubCategory not found |
|
| 128 |
throw new EntityNotFoundException("Save category: SubCategory with id: "+subCategoryId+" not found (subcategory exists in category: "+category.getId()+")");
|
|
| 129 |
} |
|
| 130 |
subCategories.add(subCategory.getId()); |
|
| 131 |
} |
|
| 111 | 132 |
} |
| 112 | 133 |
|
| 113 |
List<String> subCategories = new ArrayList<>(); |
|
| 114 |
for(SubCategory subCategory : categoryFull.getSubCategories()) {
|
|
| 115 |
subCategories.add(subCategory.getId()); |
|
| 116 |
} |
|
| 117 | 134 |
category.setSubCategories(subCategories); |
| 118 | 135 |
|
| 119 | 136 |
if(stakeholder.getDefaultId() == null) {
|
| ... | ... | |
| 223 | 240 |
List<String> roles = rolesUtils.getRoles(); |
| 224 | 241 |
if(!rolesUtils.hasUpdateAuthority(roles, stakeholder.getType(), stakeholder.getAlias())) {
|
| 225 | 242 |
// EXCEPTION - Access denied |
| 226 |
throw new AccessDeniedException("Delete category: You are not authorized to update stakeholder with id: "+stakeholderId);
|
|
| 243 |
throw new ForbiddenException("Delete category: You are not authorized to update stakeholder with id: "+stakeholderId);
|
|
| 227 | 244 |
} |
| 228 | 245 |
|
| 229 | 246 |
Topic<String> topic = topicDAO.findById(topicId); |
| ... | ... | |
| 235 | 252 |
|
| 236 | 253 |
if(category.getDefaultId() != null && !rolesUtils.hasCreateAndDeleteAuthority(roles, stakeholder.getType())) {
|
| 237 | 254 |
// EXCEPTION - Access denied |
| 238 |
throw new AccessDeniedException("Delete category: You are not authorized to delete a default Category in stakeholder with id: "+stakeholderId);
|
|
| 255 |
throw new ForbiddenException("Delete category: You are not authorized to delete a default Category in stakeholder with id: "+stakeholderId);
|
|
| 239 | 256 |
} |
| 240 | 257 |
|
| 241 | 258 |
|
| ... | ... | |
| 369 | 386 |
|
| 370 | 387 |
Topic<String> topic = checkForExceptions(stakeholderId, topicId); |
| 371 | 388 |
|
| 389 |
List<String> oldCategories = topic.getCategories(); |
|
| 390 |
for (String categoryId : oldCategories) {
|
|
| 391 |
if (!categories.contains(categoryId)) {
|
|
| 392 |
categories.add(categoryId); |
|
| 393 |
} |
|
| 394 |
} |
|
| 372 | 395 |
topic.setCategories(categories); |
| 373 | 396 |
|
| 397 |
List<Category> categoriesFull = new ArrayList<>(); |
|
| 398 |
for(String categoryId : categories) {
|
|
| 399 |
Category category = categoryDAO.findById(categoryId); |
|
| 400 |
if(category == null) {
|
|
| 401 |
// EXCEPTION - Category not found |
|
| 402 |
throw new EntityNotFoundException("Reorder Categories: Category with id: " + categoryId + " not found");
|
|
| 403 |
} |
|
| 404 |
categoriesFull.add(category); |
|
| 405 |
} |
|
| 406 |
|
|
| 374 | 407 |
topicDAO.save(topic); |
| 375 | 408 |
log.debug("Categories reordered!");
|
| 376 | 409 |
|
| 377 |
List<Category> categoriesFull = new ArrayList<>(); |
|
| 378 |
for(String categoryId : categories) {
|
|
| 379 |
categoriesFull.add(categoryDAO.findById(categoryId)); |
|
| 380 |
} |
|
| 381 | 410 |
return categoriesFull; |
| 382 | 411 |
} |
| 383 | 412 |
|
| ... | ... | |
| 448 | 477 |
List<String> roles = rolesUtils.getRoles(); |
| 449 | 478 |
if(!rolesUtils.hasUpdateAuthority(roles, stakeholder.getType(), stakeholder.getAlias())) {
|
| 450 | 479 |
// EXCEPTION - Access denied |
| 451 |
throw new AccessDeniedException("Toggle category: You are not authorized to update stakeholder with id: "+stakeholderId);
|
|
| 480 |
throw new ForbiddenException("Toggle category: You are not authorized to update stakeholder with id: "+stakeholderId);
|
|
| 452 | 481 |
} |
| 453 | 482 |
|
| 454 | 483 |
Topic<String> topic = topicDAO.findById(topicId); |
| ... | ... | |
| 488 | 517 |
List<String> roles = rolesUtils.getRoles(); |
| 489 | 518 |
if(!rolesUtils.hasUpdateAuthority(roles, stakeholder.getType(), stakeholder.getAlias())) {
|
| 490 | 519 |
// EXCEPTION - Access denied |
| 491 |
throw new AccessDeniedException("checkForExceptions category: You are not authorized to update stakeholder with id: "+stakeholderId);
|
|
| 520 |
throw new ForbiddenException("checkForExceptions category: You are not authorized to update stakeholder with id: "+stakeholderId);
|
|
| 492 | 521 |
} |
| 493 | 522 |
|
| 494 | 523 |
Topic<String> topic = topicDAO.findById(topicId); |
Also available in: Unified diff
[Trunk | Monitor Service]:
1. StakeholderController.java & TopicController.java & CategoryController.java & SubCategoryController.java && SectionController.java && IndicatorController.java:
a. Comment logs for get requests.
b. Use "ForbiddenException" instead of "AccessDeniedException"
c. On /save, if full entity has id (already in DB), if not found in DB throw EntityNotFoundException.
d. Get children (e.g. when saving a Topic, get its categories) from DB.
2. TopicController.java & CategoryController.java & SubCategoryController.java & SectionController.java:
In /reorder, if there are in DB, ids that are missing from reordered list, do reordering and add in the end of list the missing ids.
3. ReorderEvent.java: [NEW] Added class ReorderEvent with fields "action" (String), "target" (String), "ids" (List<String>) (used in IndicatorController.java).
4. IndicatorController.java:
a. In /reorder, @RequestBody changed from List<String> indicators to ReorderEvent reorderEvent.
b. If there are in DB, ids that are missing from reordered list AND missing id is not moved to other section (action = removed and target = missing id), do reordering and add in the end of list the missing ids.
5. ExceptionsHandler.java: exception handler methods "invalidInput()", "nullPointerException()", "notFoundException()" moved to "Admin Tools Library" - "accessDeniedException()" is removed.
6. responses/ExceptionResponse.java: File and folder deleted (moved to "Admin Tools Library").
7. RolesUtils.java: Added method "isLoggedIn()" (checks if no roles for user, or user has role "ROLE_ANONYMOUS").