Revision 60107
Added by Konstantina Galouni over 3 years ago
TopicController.java | ||
---|---|---|
3 | 3 |
import eu.dnetlib.uoamonitorservice.dao.*; |
4 | 4 |
import eu.dnetlib.uoamonitorservice.entities.*; |
5 | 5 |
import eu.dnetlib.uoamonitorservice.handlers.EntityNotFoundException; |
6 |
import eu.dnetlib.uoaadmintoolslibrary.handlers.ForbiddenException; |
|
6 | 7 |
import eu.dnetlib.uoamonitorservice.handlers.PathNotValidException; |
7 | 8 |
import eu.dnetlib.uoamonitorservice.handlers.utils.RolesUtils; |
8 | 9 |
import org.apache.log4j.Logger; |
... | ... | |
33 | 34 |
@Autowired |
34 | 35 |
private CategoryController categoryController; |
35 | 36 |
|
37 |
@Autowired |
|
38 |
private CategoryDAO categoryDAO; |
|
39 |
|
|
36 | 40 |
public Topic<Category> buildTopic(Topic<Category> topicFull) { |
37 | 41 |
Topic<String> topic = new Topic<>(topicFull); |
38 | 42 |
|
... | ... | |
72 | 76 |
List<String> roles = rolesUtils.getRoles(); |
73 | 77 |
if(!rolesUtils.hasUpdateAuthority(roles, stakeholder.getType(), stakeholder.getAlias())) { |
74 | 78 |
// EXCEPTION - Access denied |
75 |
throw new AccessDeniedException("Save Topic: You are not authorized to update stakeholder with id: "+stakeholderId);
|
|
79 |
throw new ForbiddenException("Save Topic: You are not authorized to update stakeholder with id: "+stakeholderId);
|
|
76 | 80 |
} |
77 | 81 |
|
78 | 82 |
Topic<String> topic = new Topic<>(topicFull); |
... | ... | |
80 | 84 |
topic.setUpdateDate(date); |
81 | 85 |
topicFull.setUpdateDate(date); |
82 | 86 |
|
87 |
List<String> categories = new ArrayList<>(); |
|
88 |
|
|
83 | 89 |
Topic<String> oldTopic = null; |
84 | 90 |
if(topicFull.getId() != null) { |
85 | 91 |
oldTopic = topicDAO.findById(topicFull.getId()); |
92 |
if(oldTopic == null) { |
|
93 |
// EXCEPTION - Topic not found |
|
94 |
throw new EntityNotFoundException("save topic: Topic with id: "+topicFull.getId()+" not found"); |
|
95 |
} |
|
96 |
for(String categoryId : oldTopic.getCategories()) { |
|
97 |
Category category = categoryDAO.findById(categoryId); |
|
98 |
if (category == null) { |
|
99 |
// EXCEPTION - Category not found |
|
100 |
throw new EntityNotFoundException("Save topic: Category with id: "+categoryId+" not found (category exists in topic: "+topic.getId()+")"); |
|
101 |
} |
|
102 |
categories.add(category.getId()); |
|
103 |
} |
|
86 | 104 |
} else { // topic does not exist in DB |
87 | 105 |
topic.setCreationDate(date); |
88 | 106 |
topicFull.setCreationDate(date); |
107 |
|
|
108 |
for(Category category : topicFull.getCategories()) { |
|
109 |
categories.add(category.getId()); |
|
110 |
} |
|
89 | 111 |
} |
90 | 112 |
|
91 |
List<String> categories = new ArrayList<>(); |
|
92 |
for(Category category : topicFull.getCategories()) { |
|
93 |
categories.add(category.getId()); |
|
94 |
} |
|
95 | 113 |
topic.setCategories(categories); |
96 | 114 |
|
97 | 115 |
if(stakeholder.getDefaultId() == null) { |
... | ... | |
195 | 213 |
List<String> roles = rolesUtils.getRoles(); |
196 | 214 |
if(!rolesUtils.hasUpdateAuthority(roles, stakeholder.getType(), stakeholder.getAlias())) { |
197 | 215 |
// EXCEPTION - Access denied |
198 |
throw new AccessDeniedException("Delete topic: You are not authorized to update stakeholder with id: "+stakeholderId);
|
|
216 |
throw new ForbiddenException("Delete topic: You are not authorized to update stakeholder with id: "+stakeholderId);
|
|
199 | 217 |
} |
200 | 218 |
|
201 | 219 |
Topic<String> topic = topicDAO.findById(topicId); |
... | ... | |
203 | 221 |
|
204 | 222 |
if(topic.getDefaultId() != null && !rolesUtils.hasCreateAndDeleteAuthority(roles, stakeholder.getType())) { |
205 | 223 |
// EXCEPTION - Access denied |
206 |
throw new AccessDeniedException("Delete topic: You are not authorized to delete a default Topic in stakeholder with id: "+stakeholderId);
|
|
224 |
throw new ForbiddenException("Delete topic: You are not authorized to delete a default Topic in stakeholder with id: "+stakeholderId);
|
|
207 | 225 |
} |
208 | 226 |
|
209 | 227 |
List<String> topics = stakeholder.getTopics(); |
... | ... | |
269 | 287 |
stakeholderDAO.save(stakeholder); |
270 | 288 |
|
271 | 289 |
topicDAO.delete(topicId); |
272 |
log.debug("Category deleted!");
|
|
290 |
log.debug("Topic deleted!");
|
|
273 | 291 |
} else { |
274 | 292 |
// EXCEPTION - Topic not found in Stakeholder: stakeholder.getAlias(); |
275 | 293 |
throw new PathNotValidException("Delete topic: Topic with id: "+topicId+" not found in Stakeholder: "+stakeholderId); |
... | ... | |
322 | 340 |
topic.setDefaultId(null); |
323 | 341 |
topicDAO.save(topic); |
324 | 342 |
|
325 |
log.debug("DefaultId for Topic with id: "+topic.getId()+" empty!");
|
|
343 |
log.debug("DefaultId for Topic with id: "+topic.getId()+" cleared!");
|
|
326 | 344 |
} |
327 | 345 |
} |
328 | 346 |
return true; |
... | ... | |
342 | 360 |
List<String> roles = rolesUtils.getRoles(); |
343 | 361 |
if(!rolesUtils.hasUpdateAuthority(roles, stakeholder.getType(), stakeholder.getAlias())) { |
344 | 362 |
// EXCEPTION - Access denied |
345 |
throw new AccessDeniedException("Reorder topics: You are not authorized to update stakeholder with id: "+stakeholderId);
|
|
363 |
throw new ForbiddenException("Reorder topics: You are not authorized to update stakeholder with id: "+stakeholderId);
|
|
346 | 364 |
} |
347 | 365 |
|
366 |
List<String> oldTopics = stakeholder.getTopics(); |
|
367 |
for (String topicId : oldTopics) { |
|
368 |
if (!topics.contains(topicId)) { |
|
369 |
topics.add(topicId); |
|
370 |
} |
|
371 |
} |
|
348 | 372 |
stakeholder.setTopics(topics); |
349 | 373 |
|
374 |
List<Topic> topicsFull = new ArrayList<>(); |
|
375 |
for (String topicId : topics) { |
|
376 |
Topic topic = topicDAO.findById(topicId); |
|
377 |
if(topic == null) { |
|
378 |
// EXCEPTION - Topic not found |
|
379 |
throw new EntityNotFoundException("Reorder Topics: Topic with id: " + topicId + " not found"); |
|
380 |
} |
|
381 |
topicsFull.add(topic); |
|
382 |
} |
|
383 |
|
|
350 | 384 |
stakeholderDAO.save(stakeholder); |
351 | 385 |
log.debug("Topics reordered!"); |
352 | 386 |
|
353 |
List<Topic> topicsFull = new ArrayList<>(); |
|
354 |
for (String topicId : topics) { |
|
355 |
topicsFull.add(topicDAO.findById(topicId)); |
|
356 |
} |
|
357 | 387 |
return topicsFull; |
358 | 388 |
} else { |
359 | 389 |
// EXCEPTION - Stakeholder not found |
... | ... | |
425 | 455 |
List<String> roles = rolesUtils.getRoles(); |
426 | 456 |
if(!rolesUtils.hasUpdateAuthority(roles, stakeholder.getType(), stakeholder.getAlias())) { |
427 | 457 |
// EXCEPTION - Access denied |
428 |
throw new AccessDeniedException("Toggle topic: You are not authorized to update stakeholder with id: "+stakeholderId);
|
|
458 |
throw new ForbiddenException("Toggle topic: You are not authorized to update stakeholder with id: "+stakeholderId);
|
|
429 | 459 |
} |
430 | 460 |
|
431 | 461 |
if (stakeholder.getTopics().contains(topic.getId())) { |
Also available in: Unified diff
[Trunk | Monitor Service]:
1. StakeholderController.java & TopicController.java & CategoryController.java & SubCategoryController.java && SectionController.java && IndicatorController.java:
a. Comment logs for get requests.
b. Use "ForbiddenException" instead of "AccessDeniedException"
c. On /save, if full entity has id (already in DB), if not found in DB throw EntityNotFoundException.
d. Get children (e.g. when saving a Topic, get its categories) from DB.
2. TopicController.java & CategoryController.java & SubCategoryController.java & SectionController.java:
In /reorder, if there are in DB, ids that are missing from reordered list, do reordering and add in the end of list the missing ids.
3. ReorderEvent.java: [NEW] Added class ReorderEvent with fields "action" (String), "target" (String), "ids" (List<String>) (used in IndicatorController.java).
4. IndicatorController.java:
a. In /reorder, @RequestBody changed from List<String> indicators to ReorderEvent reorderEvent.
b. If there are in DB, ids that are missing from reordered list AND missing id is not moved to other section (action = removed and target = missing id), do reordering and add in the end of list the missing ids.
5. ExceptionsHandler.java: exception handler methods "invalidInput()", "nullPointerException()", "notFoundException()" moved to "Admin Tools Library" - "accessDeniedException()" is removed.
6. responses/ExceptionResponse.java: File and folder deleted (moved to "Admin Tools Library").
7. RolesUtils.java: Added method "isLoggedIn()" (checks if no roles for user, or user has role "ROLE_ANONYMOUS").