Revision 60495
Added by Konstantina Galouni about 3 years ago
PageController.java | ||
---|---|---|
7 | 7 |
import org.apache.log4j.Logger; |
8 | 8 |
import org.springframework.beans.factory.annotation.Autowired; |
9 | 9 |
import org.springframework.web.bind.annotation.*; |
10 |
import org.springframework.security.access.prepost.PreAuthorize; |
|
10 | 11 |
|
11 | 12 |
import java.util.*; |
12 | 13 |
|
... | ... | |
40 | 41 |
// } |
41 | 42 |
|
42 | 43 |
// used |
43 |
// @PreAuthorize("hasAnyAuthority(@AuthorizationService.SUPER_ADMIN, @AuthorizationService.PORTAL_ADMIN)")
|
|
44 |
@PreAuthorize("hasAnyAuthority(@AuthorizationService.PORTAL_ADMIN)")
|
|
44 | 45 |
@RequestMapping(value = "/page/update", method = RequestMethod.POST) |
45 | 46 |
public PortalPage updatePage(@RequestBody PortalPage portalPage) { |
46 | 47 |
return pageService.updatePage(portalPage); |
47 | 48 |
} |
48 | 49 |
|
49 | 50 |
// used |
50 |
// @PreAuthorize("hasAnyAuthority(@AuthorizationService.SUPER_ADMIN, @AuthorizationService.PORTAL_ADMIN)")
|
|
51 |
@PreAuthorize("hasAnyAuthority(@AuthorizationService.PORTAL_ADMIN)")
|
|
51 | 52 |
@RequestMapping(value = "/page/save", method = RequestMethod.POST) |
52 | 53 |
public PortalPage insertPage(@RequestBody PortalPage portalPage) { |
53 | 54 |
return pageService.insertPage(portalPage); |
54 | 55 |
} |
55 | 56 |
|
56 | 57 |
// used |
57 |
// @PreAuthorize("hasAnyAuthority(@AuthorizationService.SUPER_ADMIN, @AuthorizationService.PORTAL_ADMIN)")
|
|
58 |
@PreAuthorize("hasAnyAuthority(@AuthorizationService.PORTAL_ADMIN)")
|
|
58 | 59 |
@RequestMapping(value = "/page/delete", method = RequestMethod.POST) |
59 | 60 |
public Boolean deletePages(@RequestBody List<String> pages) throws Exception { |
60 | 61 |
return pageService.deletePages(pages); |
Also available in: Unified diff
[Trunk | Admin Tools Library]:
1. pom.xml: Added in dependency for spring security and and for uoa-authorization-library.
2. UoaAdminToolsLibraryApplication.java: import "AuthorizationConfiguration.class".
3. RolesUtils.java: Added folder handlers/utils and file handlers/utils/RolesUtils.java to get roles and info of user from authorization library.
4. AdminToolsLibraryExceptionsHandler.java: call setStatus of ExceptionResponse in handlers that status was not set | Use log.error instead of log.debug.
5. DivHelpContentService.java: Added checks and throw Exceptions in methods "deleteDivHelpContents()" and "toggleDivHelpContent()".
6. PageHelpContentService.java: Added checks and throw Exceptions in methods "deletePageHelpContents()" and "togglePageHelpContent()".
7. PortalService.java: Added checks and throw Exceptions in method "togglePage()".
8. EntityController.java: Added @PreAuthorize
Portal Admins: methods "insertEntity()" (/entity/save), "updateEntity()" (/entity/update), "deleteEntities()" (/entity/delete).
9. DivIdController.java: Added @PreAuthorize
Portal Admins: methods "insertDivId()" (/div/save), "updateDivId()" (/div/update), "deleteDivIds()" (/div/delete).
10. PageController.java: Added @PreAuthorize
Portal Admins: methods "insertPage()" (/page/save), "updatePage()" (/page/update), "deletePages()" (/page/delete).
11. AdminPortalRelationsController.java:
a. Added checks and throw Exceptions in methods "getEntitiesForCommunity()",
"getDivHelpContent()", "saveDivHelpContent()", "updateDivHelpContent()", "deleteDivHelpContents()", "toggleDivHelpContent()",
"togglePage()",
"getPageHelpContent()", "savePageHelpContent()", "updatePageHelpContent()", "deletePageHelpContents()", "togglePageHelpContent()"
b. Added @PreAuthorize
Portals Admin - Curators - Managers: "toggleEntity()" (/{portalType}/{pid}/entity/toggle),
"saveDivHelpContent()" (/{portalType}/{pid}/divhelpcontent/save), "updateDivHelpContent()" (/{portalType}/{pid}/divhelpcontent/update),
"deleteDivHelpContents()" (/{portalType}/{pid|/divhelpcontent/delete), "toggleDivHelpContent()" (/{portalType}/{pid|/divhelpcontent/toggle),
"togglePage()" (/{portalType}/{pid}/page/toggle),
"savePageHelpContent()" (/{portalType}/{pid}/pagehelpcontent/save), "updatePageHelpContent()" (/{portalType}/{pid}/pagehelpcontent/update),
"deletePageHelpContents()" (/{portalType}/{pid|/pagehelpcontent/delete), "togglePageHelpContent()" (/{portalType}/{pid|/pagehelpcontent/toggle)