Project

General

Profile

« Previous | Next » 

Revision 61329

Added by Konstantinos Spyrou almost 3 years ago

1. update user authorities when adding/removing repositories
2. fixed some authorization expressions
3. refactoring

View differences:

RepositoryController.java
11 11 
import org.mitre.openid.connect.model.OIDCAuthenticationToken;
12 12 
import org.springframework.beans.factory.annotation.Autowired;
13 13 
import org.springframework.http.MediaType;
14 
import org.springframework.security.access.prepost.PostAuthorize;
14 15 
import org.springframework.security.access.prepost.PreAuthorize;
15 16 
import org.springframework.security.core.Authentication;
16 17 
import org.springframework.security.core.context.SecurityContextHolder;
......
82 83 
        return repositoryService.searchRegisteredRepositories(country, typology, englishName, officialName, requestSortBy, order, page, pageSize);
83 84 
    }
84 85 

  		




  85
  
  
    
    // TODO: Antonis K - Replace here the registeredBy


  		




  86
  86
  
    

  		




  87
  87
  
    
    @RequestMapping(value = "/getRepositoryById/{id}", method = RequestMethod.GET,


  		




  88
  88
  
    
            produces = MediaType.APPLICATION_JSON_VALUE)


  		




  89
  89
  
    
    @ResponseBody


  		




  90
  
  
    
    @PreAuthorize("hasRole('ROLE_ADMIN') or hasRole('ROLE_PROVIDE_ADMIN') or @aaiUserRoleService.isMemberOf(#id)")


  		




  
  90
  
    
    @PostAuthorize("hasAnyRole('ROLE_ADMIN', 'ROLE_PROVIDE_ADMIN') or @aaiUserRoleService.isMemberOf(#id) or (returnObject.registeredBy=='null' and hasRole('ROLE_USER'))")


  		




  91
  91
  
    
    public Repository getRepositoryById(@PathVariable("id") String id) throws JSONException, ResourceNotFoundException {


  		




  92
  92
  
    
        Repository repo = repositoryService.getRepositoryById(id);


  		




  93
  93
  
    

  		




  ......




  137
  137
  
    
    public Repository addRepository(@RequestParam("datatype") String datatype,


  		




  138
  138
  
    
                                    @RequestBody Repository repository) throws Exception {


  		




  139
  139
  
    

  		




  140
  
  
    
        // TODO:


  		




  141
  
  
    
        //  1) add repository


  		




  142
  
  
    
        //  2) get repository id and create new role


  		




  143
  
  
    
        //  3) assign new role to authenticated user


  		




  144
  140
  
    
        return repositoryService.addRepository(datatype, repository);


  		




  145
  141
  
    
    }


  		




  146
  142
  
    

  		












Also available in:  Unified diff