/modules/uoa-admin-tools-library/trunk/src/main/java/eu/dnetlib/uoaadmintoolslibrary/controllers/AdminPortalRelationsController.java - Diff - D-Net - D-Net project tracking tool

« Previous | Next »

Revision 60495

Added by Konstantina Galouni about 3 years ago

[Trunk | Admin Tools Library]:
1. pom.xml: Added in dependency for spring security and and for uoa-authorization-library.
2. UoaAdminToolsLibraryApplication.java: import "AuthorizationConfiguration.class".
3. RolesUtils.java: Added folder handlers/utils and file handlers/utils/RolesUtils.java to get roles and info of user from authorization library.
4. AdminToolsLibraryExceptionsHandler.java: call setStatus of ExceptionResponse in handlers that status was not set | Use log.error instead of log.debug.
5. DivHelpContentService.java: Added checks and throw Exceptions in methods "deleteDivHelpContents()" and "toggleDivHelpContent()".
6. PageHelpContentService.java: Added checks and throw Exceptions in methods "deletePageHelpContents()" and "togglePageHelpContent()".
7. PortalService.java: Added checks and throw Exceptions in method "togglePage()".
8. EntityController.java: Added @PreAuthorize
Portal Admins: methods "insertEntity()" (/entity/save), "updateEntity()" (/entity/update), "deleteEntities()" (/entity/delete).
9. DivIdController.java: Added @PreAuthorize
Portal Admins: methods "insertDivId()" (/div/save), "updateDivId()" (/div/update), "deleteDivIds()" (/div/delete).
10. PageController.java: Added @PreAuthorize
Portal Admins: methods "insertPage()" (/page/save), "updatePage()" (/page/update), "deletePages()" (/page/delete).
11. AdminPortalRelationsController.java:
a. Added checks and throw Exceptions in methods "getEntitiesForCommunity()",
"getDivHelpContent()", "saveDivHelpContent()", "updateDivHelpContent()", "deleteDivHelpContents()", "toggleDivHelpContent()",
"togglePage()",
"getPageHelpContent()", "savePageHelpContent()", "updatePageHelpContent()", "deletePageHelpContents()", "togglePageHelpContent()"
b. Added @PreAuthorize
Portals Admin - Curators - Managers: "toggleEntity()" (/{portalType}/{pid}/entity/toggle),
"saveDivHelpContent()" (/{portalType}/{pid}/divhelpcontent/save), "updateDivHelpContent()" (/{portalType}/{pid}/divhelpcontent/update),
"deleteDivHelpContents()" (/{portalType}/{pid|/divhelpcontent/delete), "toggleDivHelpContent()" (/{portalType}/{pid|/divhelpcontent/toggle),
"togglePage()" (/{portalType}/{pid}/page/toggle),
"savePageHelpContent()" (/{portalType}/{pid}/pagehelpcontent/save), "updatePageHelpContent()" (/{portalType}/{pid}/pagehelpcontent/update),
"deletePageHelpContents()" (/{portalType}/{pid|/pagehelpcontent/delete), "togglePageHelpContent()" (/{portalType}/{pid|/pagehelpcontent/toggle)

     import org.apache.log4j.Logger;
     import org.springframework.beans.factory.annotation.Autowired;
     import org.springframework.web.bind.annotation.*;
     import org.springframework.security.access.prepost.PreAuthorize;
     import java.util.List;
     import java.util.Set;
-...
         public List<PortalEntity> getEntitiesForCommunity(@PathVariable PortalType portalType,
                                                           @PathVariable(value = "pid") String pid) {
             //@RequestParam(value="entity", required=false) String entity) {
             Portal portal = portalService.getPortal(pid);
             portalService.checkPortalInfo(pid, portalType.name(), portal, pid, "pid");
             return portalService.getEntitiesForPortal(pid, null);
+        }
         // cannot handle MismatchingContent
     //    @PreAuthorize("hasAnyAuthority(" +
     //            "@AuthorizationService.SUPER_ADMIN, @AuthorizationService.PORTAL_ADMIN, " +
     //            "@AuthorizationService.curator(#portalType), @AuthorizationService.manager(#portalType, #pid))")
         @PreAuthorize("hasAnyAuthority(" +
                 "@AuthorizationService.PORTAL_ADMIN, " +
                 "@AuthorizationService.curator(#portalType), @AuthorizationService.manager(#portalType, #pid))")
         @RequestMapping(value = {"/{pid}/entity/toggle"}, method = RequestMethod.POST)
         public Portal toggleEntity(@PathVariable PortalType portalType,
                                    @PathVariable(value = "pid") String pid,
-...
+            }
             Portal portal = portalService.getPortalById(divHelpContent.getPortal());
             portalService.checkPortalInfo(pid, portalType.name(), portal, divHelpContent.getPortal());
             portalService.checkPortalInfo(pid, portalType.name(), portal, divHelpContent.getPortal(), "id");
             return divHelpContent;
+        }
     //    @PreAuthorize("hasAnyAuthority(" +
     //            "@AuthorizationService.SUPER_ADMIN, @AuthorizationService.PORTAL_ADMIN, " +
     //            "@AuthorizationService.curator(#portalType), @AuthorizationService.manager(#portalType, #pid))")
         @PreAuthorize("hasAnyAuthority(" +
                 "@AuthorizationService.PORTAL_ADMIN, " +
                 "@AuthorizationService.curator(#portalType), @AuthorizationService.manager(#portalType, #pid))")
         @RequestMapping(value = "/{pid}/divhelpcontent/save", method = RequestMethod.POST)
         public DivHelpContent saveDivHelpContent(@PathVariable PortalType portalType,
                                                  @PathVariable(value = "pid") String pid,
                                                  @RequestBody DivHelpContent divHelpContent) {
             Portal portal = portalService.getPortal(divHelpContent.getPortal());
             portalService.checkPortalInfo(pid, portalType.name(), portal, divHelpContent.getPortal());
             portalService.checkPortalInfo(pid, portalType.name(), portal, divHelpContent.getPortal(), "pid");
             divHelpContent.setPortal(portal.getId());
             return divHelpContentService.insertOrUpdateDivHelpContent(divHelpContent);
+        }
         //    @PreAuthorize("hasAnyAuthority(" +
     //            "@AuthorizationService.SUPER_ADMIN, @AuthorizationService.PORTAL_ADMIN, " +
     //            "@AuthorizationService.curator(#portalType), @AuthorizationService.manager(#portalType, #pid))")
             @PreAuthorize("hasAnyAuthority(" +
                 "@AuthorizationService.PORTAL_ADMIN, " +
                 "@AuthorizationService.curator(#portalType), @AuthorizationService.manager(#portalType, #pid))")
         @RequestMapping(value = "/{pid}/divhelpcontent/update", method = RequestMethod.POST)
         public DivHelpContent updateDivHelpContent(@PathVariable PortalType portalType,
                                                    @PathVariable(value = "pid") String pid,
                                                    @RequestBody DivHelpContent divHelpContent) {
             Portal portal = portalService.getPortalById(divHelpContent.getPortal());
             portalService.checkPortalInfo(pid, portalType.name(), portal, divHelpContent.getPortal());
             portalService.checkPortalInfo(pid, portalType.name(), portal, divHelpContent.getPortal(), "id");
             return divHelpContentService.insertOrUpdateDivHelpContent(divHelpContent);
+        }
         // cannot handle MismatchingContent
     //    @PreAuthorize("hasAnyAuthority(" +
     //            "@AuthorizationService.SUPER_ADMIN, @AuthorizationService.PORTAL_ADMIN, " +
     //            "@AuthorizationService.curator(#portalType), @AuthorizationService.manager(#portalType, #pid))")
         @PreAuthorize("hasAnyAuthority(" +
                 "@AuthorizationService.PORTAL_ADMIN, " +
                 "@AuthorizationService.curator(#portalType), @AuthorizationService.manager(#portalType, #pid))")
         @RequestMapping(value = "/{pid}/divhelpcontent/delete", method = RequestMethod.POST)
         public Boolean deleteDivHelpContents(@PathVariable PortalType portalType,
                                              @PathVariable(value = "pid") String pid,
                                              @RequestBody List<String> divHelpContents) throws Exception {
             return divHelpContentService.deleteDivHelpContents(divHelpContents);
             return divHelpContentService.deleteDivHelpContents(divHelpContents, pid, portalType);
+        }
         // cannot handle MismatchingContent
     //    @PreAuthorize("hasAnyAuthority(" +
     //            "@AuthorizationService.SUPER_ADMIN, @AuthorizationService.PORTAL_ADMIN, " +
     //            "@AuthorizationService.curator(#portalType), @AuthorizationService.manager(#portalType, #pid))")
         @PreAuthorize("hasAnyAuthority(" +
                 "@AuthorizationService.PORTAL_ADMIN, " +
                 "@AuthorizationService.curator(#portalType), @AuthorizationService.manager(#portalType, #pid))")
         @RequestMapping(value = "/{pid}/divhelpcontent/toggle", method = RequestMethod.POST)
         public List<String> toggleDivHelpContent(@PathVariable PortalType portalType,
                                                  @PathVariable(value = "pid") String pid,
                                                  @RequestBody List<String> divHelpContents, @RequestParam String status) throws Exception {
             return divHelpContentService.toggleDivHelpContent(divHelpContents, status);
             return divHelpContentService.toggleDivHelpContent(divHelpContents, status, pid, portalType);
+        }
-...
     //    }
         // used
     //    @PreAuthorize("hasAnyAuthority(" +
     //            "@AuthorizationService.SUPER_ADMIN, @AuthorizationService.PORTAL_ADMIN, " +
     //            "@AuthorizationService.curator(#portalType), @AuthorizationService.manager(#portalType, #pid))")
         @PreAuthorize("hasAnyAuthority(" +
                 "@AuthorizationService.PORTAL_ADMIN, " +
                 "@AuthorizationService.curator(#portalType), @AuthorizationService.manager(#portalType, #pid))")
         @RequestMapping(value = {"/{pid}/page/toggle"}, method = RequestMethod.POST)
         public Portal togglePage(@PathVariable PortalType portalType,
                                  @PathVariable(value = "pid") String pid,
                                  @RequestBody List<String> pageIds, @RequestParam String status) throws Exception {
             return portalService.togglePage(pid, pageIds, status);
             return portalService.togglePage(pid, portalType.name(), pageIds, status);
+        }
         @RequestMapping(value = "/{pid}/page", method = RequestMethod.GET)
-...
+            }
             Portal portal = portalService.getPortalById(pageHelpContent.getPortal());
             portalService.checkPortalInfo(pid, portalType.name(), portal, pageHelpContent.getPortal());
             portalService.checkPortalInfo(pid, portalType.name(), portal, pageHelpContent.getPortal(), "id");
             return pageHelpContent;
+        }
     //    @PreAuthorize("hasAnyAuthority(" +
     //            "@AuthorizationService.SUPER_ADMIN, @AuthorizationService.PORTAL_ADMIN, " +
     //            "@AuthorizationService.curator(#portalType), @AuthorizationService.manager(#portalType, #pid))")
         @PreAuthorize("hasAnyAuthority(" +
                 "@AuthorizationService.PORTAL_ADMIN, " +
                 "@AuthorizationService.curator(#portalType), @AuthorizationService.manager(#portalType, #pid))")
         @RequestMapping(value = "/{pid}/pagehelpcontent/save", method = RequestMethod.POST)
         public PageHelpContent insertPageHelpContent(@PathVariable PortalType portalType,
                                                      @PathVariable(value = "pid") String pid,
                                                      @RequestBody PageHelpContent pageHelpContent) {
             Portal portal = portalService.getPortal(pageHelpContent.getPortal());
             portalService.checkPortalInfo(pid, portalType.name(), portal, pageHelpContent.getPortal());
             portalService.checkPortalInfo(pid, portalType.name(), portal, pageHelpContent.getPortal(), "pid");
             pageHelpContent.setPortal(portal.getId());
             return pageHelpContentService.insertOrUpdatePageHelpContent(pageHelpContent);
+        }
     //    @PreAuthorize("hasAnyAuthority(" +
     //            "@AuthorizationService.SUPER_ADMIN, @AuthorizationService.PORTAL_ADMIN, " +
     //            "@AuthorizationService.curator(#portalType), @AuthorizationService.manager(#portalType, #pid))")
         @PreAuthorize("hasAnyAuthority(" +
                 "@AuthorizationService.PORTAL_ADMIN, " +
                 "@AuthorizationService.curator(#portalType), @AuthorizationService.manager(#portalType, #pid))")
         @RequestMapping(value = "/{pid}/pagehelpcontent/update", method = RequestMethod.POST)
         public PageHelpContent updatePageHelpContent(@PathVariable PortalType portalType,
                                                      @PathVariable(value = "pid") String pid,
                                                      @RequestBody PageHelpContent pageHelpContent) {
             Portal portal = portalService.getPortalById(pageHelpContent.getPortal());
             portalService.checkPortalInfo(pid, portalType.name(), portal, pageHelpContent.getPortal());
             portalService.checkPortalInfo(pid, portalType.name(), portal, pageHelpContent.getPortal(), "id");
             return pageHelpContentService.insertOrUpdatePageHelpContent(pageHelpContent);
+        }
         // cannot handle MismatchingContent
     //    @PreAuthorize("hasAnyAuthority(" +
     //            "@AuthorizationService.SUPER_ADMIN, @AuthorizationService.PORTAL_ADMIN, " +
     //            "@AuthorizationService.curator(#portalType), @AuthorizationService.manager(#portalType, #pid))")
         @PreAuthorize("hasAnyAuthority(" +
                 "@AuthorizationService.PORTAL_ADMIN, " +
                 "@AuthorizationService.curator(#portalType), @AuthorizationService.manager(#portalType, #pid))")
         @RequestMapping(value = "/{pid}/pagehelpcontent/delete", method = RequestMethod.POST)
         public Boolean deletePageHelpContents(@PathVariable PortalType portalType,
                                               @PathVariable(value = "pid") String pid,
                                               @RequestBody List<String> pageHelpContents) throws Exception {
             return pageHelpContentService.deletePageHelpContents(pageHelpContents);
             return pageHelpContentService.deletePageHelpContents(pageHelpContents, pid, portalType);
+        }
         // cannot handle MismatchingContent
     //    @PreAuthorize("hasAnyAuthority(" +
     //            "@AuthorizationService.SUPER_ADMIN, @AuthorizationService.PORTAL_ADMIN, " +
     //            "@AuthorizationService.curator(#portalType), @AuthorizationService.manager(#portalType, #pid))")
         @PreAuthorize("hasAnyAuthority(" +
                 "@AuthorizationService.PORTAL_ADMIN, " +
                 "@AuthorizationService.curator(#portalType), @AuthorizationService.manager(#portalType, #pid))")
         @RequestMapping(value = "/{pid}/pagehelpcontent/toggle", method = RequestMethod.POST)
         public List<String> togglePageHelpContent(@PathVariable PortalType portalType,
                                                   @PathVariable(value = "pid") String pid,
                                                   @RequestBody List<String> pageHelpContents, @RequestParam String status) throws Exception {
             return pageHelpContentService.togglePageHelpContent(pageHelpContents, status);
             return pageHelpContentService.togglePageHelpContent(pageHelpContents, status, pid, portalType);
+        }
+    }

Also available in: Unified diff

Project

General

Profile

D-Net

Revision 60495

Added by Konstantina Galouni about 3 years ago