Revision 60501
Added by Konstantina Galouni about 3 years ago
| CommunityController.java | ||
|---|---|---|
| 7 | 7 |
import eu.dnetlib.uoaadmintools.services.SubscriberService; |
| 8 | 8 |
import eu.dnetlib.uoaadmintoolslibrary.entities.Portal; |
| 9 | 9 |
import eu.dnetlib.uoaadmintoolslibrary.entities.fullEntities.*; |
| 10 |
import eu.dnetlib.uoaadmintoolslibrary.handlers.ContentNotFoundException; |
|
| 11 |
import eu.dnetlib.uoaadmintoolslibrary.handlers.ForbiddenException; |
|
| 12 |
import eu.dnetlib.uoaadmintoolslibrary.handlers.MismatchingContentException; |
|
| 13 |
import eu.dnetlib.uoaadmintoolslibrary.handlers.utils.RolesUtils; |
|
| 10 | 14 |
import eu.dnetlib.uoaadmintoolslibrary.services.PortalService; |
| 11 | 15 |
import org.apache.log4j.Logger; |
| 12 | 16 |
import org.springframework.web.bind.annotation.*; |
| 13 | 17 |
import org.springframework.beans.factory.annotation.Autowired; |
| 14 | 18 |
|
| 15 | 19 |
import java.util.*; |
| 20 |
import org.springframework.security.access.prepost.PreAuthorize; |
|
| 16 | 21 |
|
| 17 | 22 |
@RestController |
| 18 | 23 |
@RequestMapping("/community")
|
| ... | ... | |
| 21 | 26 |
private final Logger log = Logger.getLogger(this.getClass()); |
| 22 | 27 |
|
| 23 | 28 |
@Autowired |
| 29 |
private RolesUtils rolesUtils; |
|
| 30 |
|
|
| 31 |
@Autowired |
|
| 24 | 32 |
private LayoutService layoutService; |
| 25 | 33 |
|
| 26 | 34 |
@Autowired |
| ... | ... | |
| 45 | 53 |
return portalService.getAllPortalsFullByType("community");
|
| 46 | 54 |
} |
| 47 | 55 |
|
| 48 |
// @PreAuthorize("hasAnyAuthority(@AuthorizationService.SUPER_ADMIN, @AuthorizationService.PORTAL_ADMIN)")
|
|
| 56 |
@PreAuthorize("hasAnyAuthority(@AuthorizationService.PORTAL_ADMIN)")
|
|
| 49 | 57 |
@RequestMapping(value = "/update", method = RequestMethod.POST) |
| 50 | 58 |
public PortalResponse updateCommunity(@RequestBody Portal portal) {
|
| 59 |
if(!portal.getType().equals("community")) {
|
|
| 60 |
// EXCEPTION - MismatchingContent |
|
| 61 |
throw new MismatchingContentException("Update Community: Portal with id: "+portal.getId()+" has type: "+portal.getType()+" instead of community");
|
|
| 62 |
} |
|
| 63 |
|
|
| 51 | 64 |
String old_pid = portalService.getPortalById(portal.getId()).getPid(); |
| 52 | 65 |
String new_pid = portal.getPid(); |
| 53 | 66 |
|
| ... | ... | |
| 64 | 77 |
return portalResponse; |
| 65 | 78 |
} |
| 66 | 79 |
|
| 67 |
// @PreAuthorize("hasAnyAuthority(@AuthorizationService.SUPER_ADMIN, @AuthorizationService.PORTAL_ADMIN)")
|
|
| 80 |
@PreAuthorize("hasAnyAuthority(@AuthorizationService.PORTAL_ADMIN)")
|
|
| 68 | 81 |
@RequestMapping(value = "/save", method = RequestMethod.POST) |
| 69 | 82 |
public PortalResponse insertCommunity(@RequestBody Portal portal) {
|
| 83 |
if(!portal.getType().equals("community")) {
|
|
| 84 |
// EXCEPTION - MismatchingContent |
|
| 85 |
throw new MismatchingContentException("Save Community: Portal with id: "+portal.getId()+" has type: "+portal.getType()+" instead of community");
|
|
| 86 |
} |
|
| 87 |
|
|
| 70 | 88 |
PortalResponse portalResponse = portalService.insertPortal(portal); |
| 71 | 89 |
|
| 72 | 90 |
statisticsService.createPortalStatistics(portal.getPid()); |
| ... | ... | |
| 75 | 93 |
return portalResponse; |
| 76 | 94 |
} |
| 77 | 95 |
|
| 78 |
// cannot handle MismatchingContent |
|
| 79 |
// @PreAuthorize("hasAnyAuthority(@AuthorizationService.SUPER_ADMIN, @AuthorizationService.PORTAL_ADMIN)")
|
|
| 96 |
@PreAuthorize("hasAnyAuthority(@AuthorizationService.PORTAL_ADMIN)")
|
|
| 80 | 97 |
@RequestMapping(value = "/delete", method = RequestMethod.POST) |
| 81 | 98 |
public Boolean deleteCommunities(@RequestBody List<String> portals) {
|
| 99 |
List<String> roles = rolesUtils.getRoles(); |
|
| 100 |
|
|
| 82 | 101 |
for (String id: portals) {
|
| 102 |
Portal portal = portalService.getPortalById(id); |
|
| 103 |
if(portal == null) {
|
|
| 104 |
// EXCEPTION - Entity Not Found |
|
| 105 |
throw new ContentNotFoundException("Delete community: Portal with id: " + id + " not found");
|
|
| 106 |
} |
|
| 107 |
if(!portal.getType().equals("community")) {
|
|
| 108 |
// EXCEPTION - MismatchingContent |
|
| 109 |
throw new MismatchingContentException("Delete Community: Portal with id: "+id+" has type: "+portal.getType()+" instead of community");
|
|
| 110 |
} |
|
| 111 |
|
|
| 83 | 112 |
String pid = portalService.deletePortal(id); |
| 84 | 113 |
|
| 85 | 114 |
statisticsService.deleteByPid(pid); |
| ... | ... | |
| 93 | 122 |
|
| 94 | 123 |
@RequestMapping(value = "/{pid}/layout", method = RequestMethod.GET)
|
| 95 | 124 |
public Layout getLayoutForCommunity(@PathVariable(value = "pid") String pid) {
|
| 125 |
Portal portal = portalService.getPortal(pid); |
|
| 126 |
if(portal == null) {
|
|
| 127 |
// EXCEPTION - Entity Not Found |
|
| 128 |
throw new ContentNotFoundException("CommunityController - Get layout: Portal with pid: " + pid + " not found");
|
|
| 129 |
} |
|
| 130 |
if(!portal.getType().equals("community")) {
|
|
| 131 |
// EXCEPTION - MismatchingContent |
|
| 132 |
throw new MismatchingContentException("CommunityController - Get layout: Portal with pid: "+pid+" has type: "+portal.getType()+" instead of community");
|
|
| 133 |
} |
|
| 96 | 134 |
return layoutService.findByPid(pid); |
| 97 | 135 |
} |
| 98 | 136 |
|
| 99 |
// @PreAuthorize("hasAnyAuthority(" +
|
|
| 100 |
// "@AuthorizationService.SUPER_ADMIN, @AuthorizationService.PORTAL_ADMIN, " +
|
|
| 101 |
// "@AuthorizationService.curator(#portalType), @AuthorizationService.manager(#portalType, #pid))")
|
|
| 137 |
@PreAuthorize("hasAnyAuthority(" +
|
|
| 138 |
"@AuthorizationService.PORTAL_ADMIN, " +
|
|
| 139 |
"@AuthorizationService.curator('community'), @AuthorizationService.manager('community', #pid))")
|
|
| 102 | 140 |
@RequestMapping(value = "/{pid}/layout", method = RequestMethod.POST)
|
| 103 | 141 |
public Layout updateLayoutForCommunity(@PathVariable(value = "pid") String pid, @RequestBody Layout layout) {
|
| 142 |
Portal portal = portalService.getPortal(pid); |
|
| 143 |
if(portal == null) {
|
|
| 144 |
// EXCEPTION - Entity Not Found |
|
| 145 |
throw new ContentNotFoundException("CommunityController - Update layout: Portal with pid: " + pid + " not found");
|
|
| 146 |
} |
|
| 147 |
if(!portal.getType().equals("community")) {
|
|
| 148 |
// EXCEPTION - MismatchingContent |
|
| 149 |
throw new MismatchingContentException("CommunityController - Update layout: Portal with pid: "+pid+" has type: "+portal.getType()+" instead of community");
|
|
| 150 |
} |
|
| 151 |
if(!pid.equals(layout.getPortalPid())) {
|
|
| 152 |
// EXCEPTION - MismatchingContent |
|
| 153 |
throw new MismatchingContentException("CommunityController - Update layout: Portal has pid: "+pid+" while layout has portalPid: "+layout.getPortalPid());
|
|
| 154 |
} |
|
| 104 | 155 |
return layoutService.save(layout); |
| 105 | 156 |
} |
| 106 | 157 |
} |
Also available in: Unified diff
[Trunk | Admin Tools]:
1. pom.xml: Added dependency for spring security.
2. UoaAdminToolsApplication.java: Import AuthorizationConfiguration.class | Remove SecurityConfig.class from @EnableConfigurationProperties.
3. UoaAdminToolsConfiguration.java: Comment "addInterceptors()" method calling AuthorizationHandler with SecurityConfig.
4. SecurityConfig.java & AuthorizationHandler.java & AuthorizationUtils.java & CommunityInfo.java & UserInfo.java: Commented all contents of these files (files will be deleted in coming commit).
5. PortalSubscribersController.java: Comment imports from commeted files.
6. Notifications.java: Added field "aaiId" get getters and setters.
7. NotificationsController.java:
a. Method "getNotifications()" is replaced by "getNotificationsForUser()" (/community/{pid}/notifications) - returns notification settings only for user who made the request (uoa-authorization-li$
b. Path changed for method "getNotifications()": /community/{pid}/notifications/all
c. Remove "@RequestBody String email" parameter from method "deleteNotification()" - get email from user who made the request (uoa-authorization-library).
d. In method "saveNotification()" get aaiId and email from user who made the request (uoa-authorization-library).
e. Added checks and throw Exceptions in all methods.
f. Added @PreAuthorize
Portal Admins: "getNotifications()" (/community/{pid}/notifications/all)
Portal Admins - Curators - Managers: "getNotificationsForUser()" (/community/{pid}/notifications), "deleteNotification()" (/community/{pid}/notifications), "saveNotification()" (/communit$
8. ExploreController.java:
a. Added checks and throw Exceptions in all methods.
b. Added @PreAuthorize
Portal Admins: "updateExplore()" (/explore/update), "insertExplore()" (/explore/save), "deleteExplore()" (/explore/delete).
9. ConnectController.java:
a. Added checks and throw Exceptions in all methods.
b. Added @PreAuthorize
Portal Admins: "updateConnect()" (/connect/update), "insertConnect()" (/connect/save), "deleteConnect()" (/connect/delete).
c. Commented methods "getLayoutForConnect()" and "updateLayoutForConnect()" (/connect/{pid}/layout).
10. CommunityController.java:
a. Added checks and throw Exceptions in all methods.
b. Added @PreAuthorize
Portal Admins: "updateCommunity()" (/community/update), "insertCommunity()" (/community/save), "deleteCommunity()" (/community/delete).
Portal Admin - Curators - Managers: "updateLayoutForCommunity()" (/community/{pid}/layout).
11. CuratorController.java:
a. In "insertCurator() (/curator) set _id field with aaiId from user who made the request (uoa-authorization-library).
b. Added @PreAuthorize
Authenticated users: "getCuratorById()" (/curator/{id}), "insertCurator()" (/curator).
Portal Admins: "deleteCurators()" (/curator).