Revision 60501
Added by Konstantina Galouni about 3 years ago
ConnectController.java | ||
---|---|---|
4 | 4 |
import eu.dnetlib.uoaadmintools.services.LayoutService; |
5 | 5 |
import eu.dnetlib.uoaadmintoolslibrary.entities.Portal; |
6 | 6 |
import eu.dnetlib.uoaadmintoolslibrary.entities.fullEntities.*; |
7 |
import eu.dnetlib.uoaadmintoolslibrary.handlers.ContentNotFoundException; |
|
8 |
import eu.dnetlib.uoaadmintoolslibrary.handlers.MismatchingContentException; |
|
7 | 9 |
import eu.dnetlib.uoaadmintoolslibrary.services.PortalService; |
8 | 10 |
import org.apache.log4j.Logger; |
11 |
import org.springframework.security.access.prepost.PreAuthorize; |
|
9 | 12 |
import org.springframework.web.bind.annotation.*; |
10 | 13 |
import org.springframework.beans.factory.annotation.Autowired; |
11 | 14 |
|
... | ... | |
14 | 17 |
@RestController |
15 | 18 |
@RequestMapping("/connect") |
16 | 19 |
@CrossOrigin(origins = "*") |
20 |
@PreAuthorize("hasAnyAuthority(@AuthorizationService.PORTAL_ADMIN)") |
|
17 | 21 |
public class ConnectController { |
18 | 22 |
private final Logger log = Logger.getLogger(this.getClass()); |
19 | 23 |
|
... | ... | |
23 | 27 |
@Autowired |
24 | 28 |
private PortalService portalService; |
25 | 29 |
|
26 |
// @PreAuthorize("hasAnyAuthority(@AuthorizationService.SUPER_ADMIN, @AuthorizationService.PORTAL_ADMIN)") |
|
27 | 30 |
@RequestMapping(value = "/update", method = RequestMethod.POST) |
28 |
public PortalResponse updateCommunity(@RequestBody Portal portal) { |
|
31 |
public PortalResponse updateConnect(@RequestBody Portal portal) { |
|
32 |
if(!portal.getType().equals("connect")) { |
|
33 |
// EXCEPTION - MismatchingContent |
|
34 |
throw new MismatchingContentException("Update Connect: Portal with id: "+portal.getId()+" has type: "+portal.getType()+" instead of connect"); |
|
35 |
} |
|
36 |
|
|
29 | 37 |
PortalResponse portalResponse = portalService.updatePortal(portal); |
30 | 38 |
|
31 | 39 |
String old_pid = portalResponse.getPid(); |
... | ... | |
37 | 45 |
return portalResponse; |
38 | 46 |
} |
39 | 47 |
|
40 |
// @PreAuthorize("hasAnyAuthority(@AuthorizationService.SUPER_ADMIN, @AuthorizationService.PORTAL_ADMIN)") |
|
41 | 48 |
@RequestMapping(value = "/save", method = RequestMethod.POST) |
42 |
public PortalResponse insertCommunity(@RequestBody Portal portal) { |
|
49 |
public PortalResponse insertConnect(@RequestBody Portal portal) { |
|
50 |
if(!portal.getType().equals("connect")) { |
|
51 |
// EXCEPTION - MismatchingContent |
|
52 |
throw new MismatchingContentException("Save Connect: Portal with id: "+portal.getId()+" has type: "+portal.getType()+" instead of connect"); |
|
53 |
} |
|
54 |
|
|
43 | 55 |
PortalResponse portalResponse = portalService.insertPortal(portal); |
44 | 56 |
return portalResponse; |
45 | 57 |
} |
46 | 58 |
|
47 |
// cannot handle MismatchingContent |
|
48 |
// @PreAuthorize("hasAnyAuthority(@AuthorizationService.SUPER_ADMIN, @AuthorizationService.PORTAL_ADMIN)") |
|
49 | 59 |
@RequestMapping(value = "/delete", method = RequestMethod.POST) |
50 |
public Boolean deleteCommunities(@RequestBody List<String> portals) {
|
|
60 |
public Boolean deleteConnect(@RequestBody List<String> portals) {
|
|
51 | 61 |
for (String id: portals) { |
62 |
Portal portal = portalService.getPortalById(id); |
|
63 |
if(portal == null) { |
|
64 |
// EXCEPTION - Entity Not Found |
|
65 |
throw new ContentNotFoundException("Delete connect: Portal with id: " + id + " not found"); |
|
66 |
} |
|
67 |
if(!portal.getType().equals("connect")) { |
|
68 |
// EXCEPTION - MismatchingContent |
|
69 |
throw new MismatchingContentException("Delete Connect: Portal with id: "+id+" has type: "+portal.getType()+" instead of connect"); |
|
70 |
} |
|
71 |
|
|
52 | 72 |
String pid = portalService.deletePortal(id); |
53 | 73 |
layoutService.deleteByPid(pid); |
54 | 74 |
} |
... | ... | |
56 | 76 |
return true; |
57 | 77 |
} |
58 | 78 |
|
59 |
@RequestMapping(value = "/{pid}/layout", method = RequestMethod.GET) |
|
60 |
public Layout getLayoutForCommunity(@PathVariable(value = "pid") String pid) { |
|
61 |
return layoutService.findByPid(pid); |
|
62 |
} |
|
63 |
|
|
64 |
// @PreAuthorize("hasAnyAuthority(" + |
|
65 |
// "@AuthorizationService.SUPER_ADMIN, @AuthorizationService.PORTAL_ADMIN, " + |
|
66 |
// "@AuthorizationService.curator(#portalType), @AuthorizationService.manager(#portalType, #pid))") |
|
67 |
@RequestMapping(value = "/{pid}/layout", method = RequestMethod.POST) |
|
68 |
public Layout updateLayoutForCommunity(@PathVariable(value = "pid") String pid, @RequestBody Layout layout) { |
|
69 |
return layoutService.save(layout); |
|
70 |
} |
|
79 |
// @RequestMapping(value = "/{pid}/layout", method = RequestMethod.GET) |
|
80 |
// public Layout getLayoutForConnect(@PathVariable(value = "pid") String pid) { |
|
81 |
// return layoutService.findByPid(pid); |
|
82 |
// } |
|
83 |
// |
|
84 |
// @PreAuthorize("hasAnyAuthority(@AuthorizationService.PORTAL_ADMIN)") |
|
85 |
// @RequestMapping(value = "/{pid}/layout", method = RequestMethod.POST) |
|
86 |
// public Layout updateLayoutForConnect(@PathVariable(value = "pid") String pid, @RequestBody Layout layout) { |
|
87 |
// return layoutService.save(layout); |
|
88 |
// } |
|
71 | 89 |
} |
72 | 90 |
|
Also available in: Unified diff
[Trunk | Admin Tools]:
1. pom.xml: Added dependency for spring security.
2. UoaAdminToolsApplication.java: Import AuthorizationConfiguration.class | Remove SecurityConfig.class from @EnableConfigurationProperties.
3. UoaAdminToolsConfiguration.java: Comment "addInterceptors()" method calling AuthorizationHandler with SecurityConfig.
4. SecurityConfig.java & AuthorizationHandler.java & AuthorizationUtils.java & CommunityInfo.java & UserInfo.java: Commented all contents of these files (files will be deleted in coming commit).
5. PortalSubscribersController.java: Comment imports from commeted files.
6. Notifications.java: Added field "aaiId" get getters and setters.
7. NotificationsController.java:
a. Method "getNotifications()" is replaced by "getNotificationsForUser()" (/community/{pid}/notifications) - returns notification settings only for user who made the request (uoa-authorization-li$
b. Path changed for method "getNotifications()": /community/{pid}/notifications/all
c. Remove "@RequestBody String email" parameter from method "deleteNotification()" - get email from user who made the request (uoa-authorization-library).
d. In method "saveNotification()" get aaiId and email from user who made the request (uoa-authorization-library).
e. Added checks and throw Exceptions in all methods.
f. Added @PreAuthorize
Portal Admins: "getNotifications()" (/community/{pid}/notifications/all)
Portal Admins - Curators - Managers: "getNotificationsForUser()" (/community/{pid}/notifications), "deleteNotification()" (/community/{pid}/notifications), "saveNotification()" (/communit$
8. ExploreController.java:
a. Added checks and throw Exceptions in all methods.
b. Added @PreAuthorize
Portal Admins: "updateExplore()" (/explore/update), "insertExplore()" (/explore/save), "deleteExplore()" (/explore/delete).
9. ConnectController.java:
a. Added checks and throw Exceptions in all methods.
b. Added @PreAuthorize
Portal Admins: "updateConnect()" (/connect/update), "insertConnect()" (/connect/save), "deleteConnect()" (/connect/delete).
c. Commented methods "getLayoutForConnect()" and "updateLayoutForConnect()" (/connect/{pid}/layout).
10. CommunityController.java:
a. Added checks and throw Exceptions in all methods.
b. Added @PreAuthorize
Portal Admins: "updateCommunity()" (/community/update), "insertCommunity()" (/community/save), "deleteCommunity()" (/community/delete).
Portal Admin - Curators - Managers: "updateLayoutForCommunity()" (/community/{pid}/layout).
11. CuratorController.java:
a. In "insertCurator() (/curator) set _id field with aaiId from user who made the request (uoa-authorization-library).
b. Added @PreAuthorize
Authenticated users: "getCuratorById()" (/curator/{id}), "insertCurator()" (/curator).
Portal Admins: "deleteCurators()" (/curator).