Revision 60501
Added by Konstantina Galouni about 3 years ago
NotificationsController.java | ||
---|---|---|
2 | 2 |
|
3 | 3 |
import eu.dnetlib.uoaadmintools.dao.NotificationsDAO; |
4 | 4 |
import eu.dnetlib.uoaadmintools.entities.Notifications; |
5 |
import eu.dnetlib.uoaadmintoolslibrary.entities.Portal; |
|
6 |
import eu.dnetlib.uoaadmintoolslibrary.entities.PortalType; |
|
5 | 7 |
import eu.dnetlib.uoaadmintoolslibrary.handlers.ContentNotFoundException; |
6 | 8 |
import eu.dnetlib.uoaadmintoolslibrary.dao.PortalDAO; |
9 |
import eu.dnetlib.uoaadmintoolslibrary.handlers.MismatchingContentException; |
|
10 |
import eu.dnetlib.uoaadmintoolslibrary.handlers.utils.RolesUtils; |
|
7 | 11 |
import org.apache.log4j.Logger; |
8 | 12 |
import org.springframework.beans.factory.annotation.Autowired; |
13 |
import org.springframework.security.access.prepost.PreAuthorize; |
|
9 | 14 |
import org.springframework.web.bind.annotation.*; |
10 | 15 |
|
11 | 16 |
import java.util.List; |
... | ... | |
22 | 27 |
private NotificationsDAO notificationsDAO; |
23 | 28 |
@Autowired |
24 | 29 |
private PortalDAO portalDAO; |
30 |
@Autowired |
|
31 |
private RolesUtils rolesUtils; |
|
25 | 32 |
|
26 |
@RequestMapping(value = "/community/{pid}/notifications", method = RequestMethod.GET) |
|
33 |
@PreAuthorize("hasAnyAuthority(@AuthorizationService.PORTAL_ADMIN)") |
|
34 |
@RequestMapping(value = "/community/{pid}/notifications/all", method = RequestMethod.GET) |
|
27 | 35 |
public List<Notifications> getNotifications(@PathVariable(value = "pid") String pid ) throws ContentNotFoundException { |
28 |
if(portalDAO.findByPid(pid) == null){ |
|
29 |
throw new ContentNotFoundException("Portal not found"); |
|
36 |
Portal portal = portalDAO.findByPid(pid); |
|
37 |
if(portal == null){ |
|
38 |
throw new ContentNotFoundException("Portal with pid: "+pid+" not found"); |
|
30 | 39 |
} |
40 |
if(!portal.getType().equals("community")) { |
|
41 |
// EXCEPTION - MismatchingContent |
|
42 |
throw new MismatchingContentException("Get Notifications: Portal with id: "+portal.getId()+" has type: "+portal.getType()+" instead of community"); |
|
43 |
} |
|
44 |
|
|
31 | 45 |
List<Notifications> notifications = notificationsDAO.findByPortalPid(pid); |
32 | 46 |
if(notifications == null || notifications.size() == 0){ |
33 |
throw new ContentNotFoundException("Notifications settings not found"); |
|
47 |
throw new ContentNotFoundException("Notifications settings for community with pid: "+pid+" not found");
|
|
34 | 48 |
} |
35 | 49 |
return notifications; |
36 | 50 |
} |
51 |
|
|
52 |
@PreAuthorize("hasAnyAuthority(" + |
|
53 |
"@AuthorizationService.PORTAL_ADMIN, " + |
|
54 |
"@AuthorizationService.curator('community'), @AuthorizationService.manager('community', #pid))") |
|
55 |
@RequestMapping(value = "/community/{pid}/notifications", method = RequestMethod.GET) |
|
56 |
public Notifications getNotificationsForUser(@PathVariable(value = "pid") String pid) throws ContentNotFoundException { |
|
57 |
Portal portal = portalDAO.findByPid(pid); |
|
58 |
if(portal == null){ |
|
59 |
throw new ContentNotFoundException("Portal with pid: "+pid+" not found"); |
|
60 |
} |
|
61 |
if(!portal.getType().equals("community")) { |
|
62 |
// EXCEPTION - MismatchingContent |
|
63 |
throw new MismatchingContentException("Get Notifications: Portal with id: "+portal.getId()+" has type: "+portal.getType()+" instead of community"); |
|
64 |
} |
|
65 |
|
|
66 |
String email = rolesUtils.getEmail(); |
|
67 |
|
|
68 |
Notifications notifications = notificationsDAO.findByManagerEmailAndPortalPid(email, pid); |
|
69 |
if(notifications == null){ |
|
70 |
throw new ContentNotFoundException("Notifications settings for community with pid: "+pid+" and user email: "+email+" not found"); |
|
71 |
} |
|
72 |
return notifications; |
|
73 |
} |
|
74 |
|
|
75 |
@PreAuthorize("hasAnyAuthority(" + |
|
76 |
"@AuthorizationService.PORTAL_ADMIN, " + |
|
77 |
"@AuthorizationService.curator('community'), @AuthorizationService.manager('community', #pid))") |
|
37 | 78 |
@RequestMapping(value = "/community/{pid}/notifications", method = RequestMethod.DELETE) |
38 |
public void deleteEntity(@PathVariable(value = "pid") String pid, @RequestBody String email) throws ContentNotFoundException { |
|
79 |
public void deleteNotification(@PathVariable(value = "pid") String pid) throws ContentNotFoundException { |
|
80 |
Portal portal = portalDAO.findByPid(pid); |
|
81 |
if(portal == null){ |
|
82 |
throw new ContentNotFoundException("Portal with pid: "+pid+" not found"); |
|
83 |
} |
|
84 |
if(!portal.getType().equals("community")) { |
|
85 |
// EXCEPTION - MismatchingContent |
|
86 |
throw new MismatchingContentException("Delete Notifications: Portal with id: "+portal.getId()+" has type: "+portal.getType()+" instead of community"); |
|
87 |
} |
|
88 |
String email = rolesUtils.getEmail(); |
|
39 | 89 |
Notifications notifications = notificationsDAO.findByManagerEmailAndPortalPid(email,pid); |
40 | 90 |
if(notifications!= null){ |
41 | 91 |
notificationsDAO.delete(notifications.getId()); |
42 | 92 |
}else{ |
43 |
throw new ContentNotFoundException("Notifications not found"); |
|
93 |
throw new ContentNotFoundException("Notifications settings for community with pid: "+pid+" and user email: "+email+" not found");
|
|
44 | 94 |
} |
45 | 95 |
|
46 | 96 |
} |
47 | 97 |
|
98 |
@PreAuthorize("hasAnyAuthority(" + |
|
99 |
"@AuthorizationService.PORTAL_ADMIN, " + |
|
100 |
"@AuthorizationService.curator('community'), @AuthorizationService.manager('community', #pid))") |
|
48 | 101 |
@RequestMapping(value = "/community/{pid}/notifications", method = RequestMethod.POST) |
49 |
public Notifications saveEntity(@PathVariable(value = "pid") String pid, @RequestBody Notifications notifications) throws ContentNotFoundException { |
|
50 |
if(portalDAO.findByPid(pid) == null){ |
|
51 |
throw new ContentNotFoundException("Portal not found"); |
|
102 |
public Notifications saveNotification(@PathVariable(value = "pid") String pid, @RequestBody Notifications notifications) throws ContentNotFoundException { |
|
103 |
Portal portal = portalDAO.findByPid(pid); |
|
104 |
if(portal == null){ |
|
105 |
throw new ContentNotFoundException("Portal with pid: "+pid+" not found"); |
|
52 | 106 |
} |
107 |
if(!portal.getType().equals("community")) { |
|
108 |
// EXCEPTION - MismatchingContent |
|
109 |
throw new MismatchingContentException("Save Notifications: Portal with id: "+portal.getId()+" has type: "+portal.getType()+" instead of community"); |
|
110 |
} |
|
53 | 111 |
|
54 |
if(notifications.getManagerEmail() != null && !notifications.getManagerEmail().isEmpty()){ |
|
112 |
notifications.setManagerEmail(rolesUtils.getEmail()); |
|
113 |
notifications.setAaiId(rolesUtils.getAaiId()); |
|
114 |
|
|
115 |
// if(notifications.getManagerEmail() != null && !notifications.getManagerEmail().isEmpty()){ |
|
55 | 116 |
Notifications saved = notificationsDAO.findByManagerEmailAndPortalPid(notifications.getManagerEmail(),pid); |
56 | 117 |
log.debug(saved); |
57 | 118 |
if(saved!= null){ |
... | ... | |
62 | 123 |
log.debug(notifications); |
63 | 124 |
Notifications savedNotifications = notificationsDAO.save(notifications); |
64 | 125 |
return savedNotifications; |
65 |
}else{
|
|
66 |
log.error("No user e-mail specified");
|
|
67 |
return null; |
|
68 |
} |
|
126 |
// } else{
|
|
127 |
// log.error("Save notifications: No user e-mail specified");
|
|
128 |
// return null;
|
|
129 |
// }
|
|
69 | 130 |
|
70 | 131 |
|
71 | 132 |
} |
Also available in: Unified diff
[Trunk | Admin Tools]:
1. pom.xml: Added dependency for spring security.
2. UoaAdminToolsApplication.java: Import AuthorizationConfiguration.class | Remove SecurityConfig.class from @EnableConfigurationProperties.
3. UoaAdminToolsConfiguration.java: Comment "addInterceptors()" method calling AuthorizationHandler with SecurityConfig.
4. SecurityConfig.java & AuthorizationHandler.java & AuthorizationUtils.java & CommunityInfo.java & UserInfo.java: Commented all contents of these files (files will be deleted in coming commit).
5. PortalSubscribersController.java: Comment imports from commeted files.
6. Notifications.java: Added field "aaiId" get getters and setters.
7. NotificationsController.java:
a. Method "getNotifications()" is replaced by "getNotificationsForUser()" (/community/{pid}/notifications) - returns notification settings only for user who made the request (uoa-authorization-li$
b. Path changed for method "getNotifications()": /community/{pid}/notifications/all
c. Remove "@RequestBody String email" parameter from method "deleteNotification()" - get email from user who made the request (uoa-authorization-library).
d. In method "saveNotification()" get aaiId and email from user who made the request (uoa-authorization-library).
e. Added checks and throw Exceptions in all methods.
f. Added @PreAuthorize
Portal Admins: "getNotifications()" (/community/{pid}/notifications/all)
Portal Admins - Curators - Managers: "getNotificationsForUser()" (/community/{pid}/notifications), "deleteNotification()" (/community/{pid}/notifications), "saveNotification()" (/communit$
8. ExploreController.java:
a. Added checks and throw Exceptions in all methods.
b. Added @PreAuthorize
Portal Admins: "updateExplore()" (/explore/update), "insertExplore()" (/explore/save), "deleteExplore()" (/explore/delete).
9. ConnectController.java:
a. Added checks and throw Exceptions in all methods.
b. Added @PreAuthorize
Portal Admins: "updateConnect()" (/connect/update), "insertConnect()" (/connect/save), "deleteConnect()" (/connect/delete).
c. Commented methods "getLayoutForConnect()" and "updateLayoutForConnect()" (/connect/{pid}/layout).
10. CommunityController.java:
a. Added checks and throw Exceptions in all methods.
b. Added @PreAuthorize
Portal Admins: "updateCommunity()" (/community/update), "insertCommunity()" (/community/save), "deleteCommunity()" (/community/delete).
Portal Admin - Curators - Managers: "updateLayoutForCommunity()" (/community/{pid}/layout).
11. CuratorController.java:
a. In "insertCurator() (/curator) set _id field with aaiId from user who made the request (uoa-authorization-library).
b. Added @PreAuthorize
Authenticated users: "getCuratorById()" (/curator/{id}), "insertCurator()" (/curator).
Portal Admins: "deleteCurators()" (/curator).