Revision 61329
Added by Konstantinos Spyrou almost 3 years ago
RepositoryController.java | ||
---|---|---|
11 | 11 |
import org.mitre.openid.connect.model.OIDCAuthenticationToken; |
12 | 12 |
import org.springframework.beans.factory.annotation.Autowired; |
13 | 13 |
import org.springframework.http.MediaType; |
14 |
import org.springframework.security.access.prepost.PostAuthorize; |
|
14 | 15 |
import org.springframework.security.access.prepost.PreAuthorize; |
15 | 16 |
import org.springframework.security.core.Authentication; |
16 | 17 |
import org.springframework.security.core.context.SecurityContextHolder; |
... | ... | |
82 | 83 |
return repositoryService.searchRegisteredRepositories(country, typology, englishName, officialName, requestSortBy, order, page, pageSize); |
83 | 84 |
} |
84 | 85 |
|
85 |
// TODO: Antonis K - Replace here the registeredBy |
|
86 | 86 |
|
87 | 87 |
@RequestMapping(value = "/getRepositoryById/{id}", method = RequestMethod.GET, |
88 | 88 |
produces = MediaType.APPLICATION_JSON_VALUE) |
89 | 89 |
@ResponseBody |
90 |
@PreAuthorize("hasRole('ROLE_ADMIN') or hasRole('ROLE_PROVIDE_ADMIN') or @aaiUserRoleService.isMemberOf(#id)")
|
|
90 |
@PostAuthorize("hasAnyRole('ROLE_ADMIN', 'ROLE_PROVIDE_ADMIN') or @aaiUserRoleService.isMemberOf(#id) or (returnObject.registeredBy=='null' and hasRole('ROLE_USER'))")
|
|
91 | 91 |
public Repository getRepositoryById(@PathVariable("id") String id) throws JSONException, ResourceNotFoundException { |
92 | 92 |
Repository repo = repositoryService.getRepositoryById(id); |
93 | 93 |
|
... | ... | |
137 | 137 |
public Repository addRepository(@RequestParam("datatype") String datatype, |
138 | 138 |
@RequestBody Repository repository) throws Exception { |
139 | 139 |
|
140 |
// TODO: |
|
141 |
// 1) add repository |
|
142 |
// 2) get repository id and create new role |
|
143 |
// 3) assign new role to authenticated user |
|
144 | 140 |
return repositoryService.addRepository(datatype, repository); |
145 | 141 |
} |
146 | 142 |
|
Also available in: Unified diff
1. update user authorities when adding/removing repositories
2. fixed some authorization expressions
3. refactoring