[Trunk | Admin Tools Library]:
1. pom.xml: Added in dependency for spring security and and for uoa-authorization-library.
2. UoaAdminToolsLibraryApplication.java: import "AuthorizationConfiguration.class".
3. RolesUtils.java: Added folder handlers/utils and file handlers/utils/RolesUtils.java to get roles and info of user from authorization library.
4. AdminToolsLibraryExceptionsHandler.java: call setStatus of ExceptionResponse in handlers that status was not set | Use log.error instead of log.debug.
5. DivHelpContentService.java: Added checks and throw Exceptions in methods "deleteDivHelpContents()" and "toggleDivHelpContent()".
6. PageHelpContentService.java: Added checks and throw Exceptions in methods "deletePageHelpContents()" and "togglePageHelpContent()".
7. PortalService.java: Added checks and throw Exceptions in method "togglePage()".
8. EntityController.java: Added @PreAuthorize
Portal Admins: methods "insertEntity()" (/entity/save), "updateEntity()" (/entity/update), "deleteEntities()" (/entity/delete).
9. DivIdController.java: Added @PreAuthorize
Portal Admins: methods "insertDivId()" (/div/save), "updateDivId()" (/div/update), "deleteDivIds()" (/div/delete).
10. PageController.java: Added @PreAuthorize
Portal Admins: methods "insertPage()" (/page/save), "updatePage()" (/page/update), "deletePages()" (/page/delete).
11. AdminPortalRelationsController.java:
a. Added checks and throw Exceptions in methods "getEntitiesForCommunity()",
"getDivHelpContent()", "saveDivHelpContent()", "updateDivHelpContent()", "deleteDivHelpContents()", "toggleDivHelpContent()",
"togglePage()",
"getPageHelpContent()", "savePageHelpContent()", "updatePageHelpContent()", "deletePageHelpContents()", "togglePageHelpContent()"
b. Added @PreAuthorize
Portals Admin - Curators - Managers: "toggleEntity()" (/{portalType}/{pid}/entity/toggle),
"saveDivHelpContent()" (/{portalType}/{pid}/divhelpcontent/save), "updateDivHelpContent()" (/{portalType}/{pid}/divhelpcontent/update),
"deleteDivHelpContents()" (/{portalType}/{pid|/divhelpcontent/delete), "toggleDivHelpContent()" (/{portalType}/{pid|/divhelpcontent/toggle),
"togglePage()" (/{portalType}/{pid}/page/toggle),
"savePageHelpContent()" (/{portalType}/{pid}/pagehelpcontent/save), "updatePageHelpContent()" (/{portalType}/{pid}/pagehelpcontent/update),
"deletePageHelpContents()" (/{portalType}/{pid|/pagehelpcontent/delete), "togglePageHelpContent()" (/{portalType}/{pid|/pagehelpcontent/toggle)
This commit is contained in:
parent
e98cf88a13
commit
3b563eb5c2
18
pom.xml
18
pom.xml
|
|
@ -51,10 +51,10 @@
|
|||
<scope>test</scope>
|
||||
</dependency>
|
||||
|
||||
<!-- <dependency>-->
|
||||
<!-- <groupId>org.springframework.boot</groupId>-->
|
||||
<!-- <artifactId>spring-boot-starter-security</artifactId>-->
|
||||
<!-- </dependency>-->
|
||||
<dependency>
|
||||
<groupId>org.springframework.boot</groupId>
|
||||
<artifactId>spring-boot-starter-security</artifactId>
|
||||
</dependency>
|
||||
|
||||
<dependency>
|
||||
<groupId>log4j</groupId>
|
||||
|
|
@ -77,11 +77,11 @@
|
|||
<version>20030203.000550</version>
|
||||
</dependency>
|
||||
|
||||
<!-- <dependency>-->
|
||||
<!-- <groupId>eu.dnetlib</groupId>-->
|
||||
<!-- <artifactId>uoa-authorization-library</artifactId>-->
|
||||
<!-- <version>1.0.0-SNAPSHOT</version>-->
|
||||
<!-- </dependency>-->
|
||||
<dependency>
|
||||
<groupId>eu.dnetlib</groupId>
|
||||
<artifactId>uoa-authorization-library</artifactId>
|
||||
<version>1.0.0-SNAPSHOT</version>
|
||||
</dependency>
|
||||
</dependencies>
|
||||
|
||||
<build>
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
package eu.dnetlib.uoaadmintoolslibrary;
|
||||
|
||||
//import eu.dnetlib.uoaauthorizationlibrary.configuration.AuthorizationConfiguration;
|
||||
import eu.dnetlib.uoaauthorizationlibrary.configuration.AuthorizationConfiguration;
|
||||
import org.springframework.boot.autoconfigure.SpringBootApplication;
|
||||
import org.springframework.boot.context.properties.EnableConfigurationProperties;
|
||||
import eu.dnetlib.uoaadmintoolslibrary.configuration.properties.GoogleConfig;
|
||||
|
|
@ -9,5 +9,5 @@ import org.springframework.context.annotation.Import;
|
|||
|
||||
@SpringBootApplication//(scanBasePackages = {"eu.dnetlib.uoaauthorizationlibrary"})
|
||||
@EnableConfigurationProperties({MailConfig.class, GoogleConfig.class})
|
||||
//@Import(AuthorizationConfiguration.class)
|
||||
@Import(AuthorizationConfiguration.class)
|
||||
public class UoaAdminToolsLibraryApplication {}
|
||||
|
|
|
|||
|
|
@ -8,6 +8,7 @@ import eu.dnetlib.uoaadmintoolslibrary.services.*;
|
|||
import org.apache.log4j.Logger;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.web.bind.annotation.*;
|
||||
import org.springframework.security.access.prepost.PreAuthorize;
|
||||
|
||||
import java.util.List;
|
||||
import java.util.Set;
|
||||
|
|
@ -39,13 +40,14 @@ public class AdminPortalRelationsController {
|
|||
public List<PortalEntity> getEntitiesForCommunity(@PathVariable PortalType portalType,
|
||||
@PathVariable(value = "pid") String pid) {
|
||||
//@RequestParam(value="entity", required=false) String entity) {
|
||||
Portal portal = portalService.getPortal(pid);
|
||||
portalService.checkPortalInfo(pid, portalType.name(), portal, pid, "pid");
|
||||
return portalService.getEntitiesForPortal(pid, null);
|
||||
}
|
||||
|
||||
// cannot handle MismatchingContent
|
||||
// @PreAuthorize("hasAnyAuthority(" +
|
||||
// "@AuthorizationService.SUPER_ADMIN, @AuthorizationService.PORTAL_ADMIN, " +
|
||||
// "@AuthorizationService.curator(#portalType), @AuthorizationService.manager(#portalType, #pid))")
|
||||
@PreAuthorize("hasAnyAuthority(" +
|
||||
"@AuthorizationService.PORTAL_ADMIN, " +
|
||||
"@AuthorizationService.curator(#portalType), @AuthorizationService.manager(#portalType, #pid))")
|
||||
@RequestMapping(value = {"/{pid}/entity/toggle"}, method = RequestMethod.POST)
|
||||
public Portal toggleEntity(@PathVariable PortalType portalType,
|
||||
@PathVariable(value = "pid") String pid,
|
||||
|
|
@ -81,55 +83,55 @@ public class AdminPortalRelationsController {
|
|||
}
|
||||
|
||||
Portal portal = portalService.getPortalById(divHelpContent.getPortal());
|
||||
portalService.checkPortalInfo(pid, portalType.name(), portal, divHelpContent.getPortal());
|
||||
portalService.checkPortalInfo(pid, portalType.name(), portal, divHelpContent.getPortal(), "id");
|
||||
return divHelpContent;
|
||||
}
|
||||
|
||||
// @PreAuthorize("hasAnyAuthority(" +
|
||||
// "@AuthorizationService.SUPER_ADMIN, @AuthorizationService.PORTAL_ADMIN, " +
|
||||
// "@AuthorizationService.curator(#portalType), @AuthorizationService.manager(#portalType, #pid))")
|
||||
@PreAuthorize("hasAnyAuthority(" +
|
||||
"@AuthorizationService.PORTAL_ADMIN, " +
|
||||
"@AuthorizationService.curator(#portalType), @AuthorizationService.manager(#portalType, #pid))")
|
||||
@RequestMapping(value = "/{pid}/divhelpcontent/save", method = RequestMethod.POST)
|
||||
public DivHelpContent saveDivHelpContent(@PathVariable PortalType portalType,
|
||||
@PathVariable(value = "pid") String pid,
|
||||
@RequestBody DivHelpContent divHelpContent) {
|
||||
Portal portal = portalService.getPortal(divHelpContent.getPortal());
|
||||
portalService.checkPortalInfo(pid, portalType.name(), portal, divHelpContent.getPortal());
|
||||
portalService.checkPortalInfo(pid, portalType.name(), portal, divHelpContent.getPortal(), "pid");
|
||||
divHelpContent.setPortal(portal.getId());
|
||||
return divHelpContentService.insertOrUpdateDivHelpContent(divHelpContent);
|
||||
}
|
||||
|
||||
// @PreAuthorize("hasAnyAuthority(" +
|
||||
// "@AuthorizationService.SUPER_ADMIN, @AuthorizationService.PORTAL_ADMIN, " +
|
||||
// "@AuthorizationService.curator(#portalType), @AuthorizationService.manager(#portalType, #pid))")
|
||||
@PreAuthorize("hasAnyAuthority(" +
|
||||
"@AuthorizationService.PORTAL_ADMIN, " +
|
||||
"@AuthorizationService.curator(#portalType), @AuthorizationService.manager(#portalType, #pid))")
|
||||
@RequestMapping(value = "/{pid}/divhelpcontent/update", method = RequestMethod.POST)
|
||||
public DivHelpContent updateDivHelpContent(@PathVariable PortalType portalType,
|
||||
@PathVariable(value = "pid") String pid,
|
||||
@RequestBody DivHelpContent divHelpContent) {
|
||||
Portal portal = portalService.getPortalById(divHelpContent.getPortal());
|
||||
portalService.checkPortalInfo(pid, portalType.name(), portal, divHelpContent.getPortal());
|
||||
portalService.checkPortalInfo(pid, portalType.name(), portal, divHelpContent.getPortal(), "id");
|
||||
return divHelpContentService.insertOrUpdateDivHelpContent(divHelpContent);
|
||||
}
|
||||
|
||||
// cannot handle MismatchingContent
|
||||
// @PreAuthorize("hasAnyAuthority(" +
|
||||
// "@AuthorizationService.SUPER_ADMIN, @AuthorizationService.PORTAL_ADMIN, " +
|
||||
// "@AuthorizationService.curator(#portalType), @AuthorizationService.manager(#portalType, #pid))")
|
||||
@PreAuthorize("hasAnyAuthority(" +
|
||||
"@AuthorizationService.PORTAL_ADMIN, " +
|
||||
"@AuthorizationService.curator(#portalType), @AuthorizationService.manager(#portalType, #pid))")
|
||||
@RequestMapping(value = "/{pid}/divhelpcontent/delete", method = RequestMethod.POST)
|
||||
public Boolean deleteDivHelpContents(@PathVariable PortalType portalType,
|
||||
@PathVariable(value = "pid") String pid,
|
||||
@RequestBody List<String> divHelpContents) throws Exception {
|
||||
return divHelpContentService.deleteDivHelpContents(divHelpContents);
|
||||
return divHelpContentService.deleteDivHelpContents(divHelpContents, pid, portalType);
|
||||
}
|
||||
|
||||
// cannot handle MismatchingContent
|
||||
// @PreAuthorize("hasAnyAuthority(" +
|
||||
// "@AuthorizationService.SUPER_ADMIN, @AuthorizationService.PORTAL_ADMIN, " +
|
||||
// "@AuthorizationService.curator(#portalType), @AuthorizationService.manager(#portalType, #pid))")
|
||||
@PreAuthorize("hasAnyAuthority(" +
|
||||
"@AuthorizationService.PORTAL_ADMIN, " +
|
||||
"@AuthorizationService.curator(#portalType), @AuthorizationService.manager(#portalType, #pid))")
|
||||
@RequestMapping(value = "/{pid}/divhelpcontent/toggle", method = RequestMethod.POST)
|
||||
public List<String> toggleDivHelpContent(@PathVariable PortalType portalType,
|
||||
@PathVariable(value = "pid") String pid,
|
||||
@RequestBody List<String> divHelpContents, @RequestParam String status) throws Exception {
|
||||
return divHelpContentService.toggleDivHelpContent(divHelpContents, status);
|
||||
return divHelpContentService.toggleDivHelpContent(divHelpContents, status, pid, portalType);
|
||||
}
|
||||
|
||||
|
||||
|
|
@ -192,14 +194,14 @@ public class AdminPortalRelationsController {
|
|||
// }
|
||||
|
||||
// used
|
||||
// @PreAuthorize("hasAnyAuthority(" +
|
||||
// "@AuthorizationService.SUPER_ADMIN, @AuthorizationService.PORTAL_ADMIN, " +
|
||||
// "@AuthorizationService.curator(#portalType), @AuthorizationService.manager(#portalType, #pid))")
|
||||
@PreAuthorize("hasAnyAuthority(" +
|
||||
"@AuthorizationService.PORTAL_ADMIN, " +
|
||||
"@AuthorizationService.curator(#portalType), @AuthorizationService.manager(#portalType, #pid))")
|
||||
@RequestMapping(value = {"/{pid}/page/toggle"}, method = RequestMethod.POST)
|
||||
public Portal togglePage(@PathVariable PortalType portalType,
|
||||
@PathVariable(value = "pid") String pid,
|
||||
@RequestBody List<String> pageIds, @RequestParam String status) throws Exception {
|
||||
return portalService.togglePage(pid, pageIds, status);
|
||||
return portalService.togglePage(pid, portalType.name(), pageIds, status);
|
||||
}
|
||||
|
||||
@RequestMapping(value = "/{pid}/page", method = RequestMethod.GET)
|
||||
|
|
@ -254,55 +256,55 @@ public class AdminPortalRelationsController {
|
|||
}
|
||||
|
||||
Portal portal = portalService.getPortalById(pageHelpContent.getPortal());
|
||||
portalService.checkPortalInfo(pid, portalType.name(), portal, pageHelpContent.getPortal());
|
||||
portalService.checkPortalInfo(pid, portalType.name(), portal, pageHelpContent.getPortal(), "id");
|
||||
return pageHelpContent;
|
||||
}
|
||||
|
||||
// @PreAuthorize("hasAnyAuthority(" +
|
||||
// "@AuthorizationService.SUPER_ADMIN, @AuthorizationService.PORTAL_ADMIN, " +
|
||||
// "@AuthorizationService.curator(#portalType), @AuthorizationService.manager(#portalType, #pid))")
|
||||
@PreAuthorize("hasAnyAuthority(" +
|
||||
"@AuthorizationService.PORTAL_ADMIN, " +
|
||||
"@AuthorizationService.curator(#portalType), @AuthorizationService.manager(#portalType, #pid))")
|
||||
@RequestMapping(value = "/{pid}/pagehelpcontent/save", method = RequestMethod.POST)
|
||||
public PageHelpContent insertPageHelpContent(@PathVariable PortalType portalType,
|
||||
@PathVariable(value = "pid") String pid,
|
||||
@RequestBody PageHelpContent pageHelpContent) {
|
||||
Portal portal = portalService.getPortal(pageHelpContent.getPortal());
|
||||
portalService.checkPortalInfo(pid, portalType.name(), portal, pageHelpContent.getPortal());
|
||||
portalService.checkPortalInfo(pid, portalType.name(), portal, pageHelpContent.getPortal(), "pid");
|
||||
pageHelpContent.setPortal(portal.getId());
|
||||
return pageHelpContentService.insertOrUpdatePageHelpContent(pageHelpContent);
|
||||
}
|
||||
|
||||
// @PreAuthorize("hasAnyAuthority(" +
|
||||
// "@AuthorizationService.SUPER_ADMIN, @AuthorizationService.PORTAL_ADMIN, " +
|
||||
// "@AuthorizationService.curator(#portalType), @AuthorizationService.manager(#portalType, #pid))")
|
||||
@PreAuthorize("hasAnyAuthority(" +
|
||||
"@AuthorizationService.PORTAL_ADMIN, " +
|
||||
"@AuthorizationService.curator(#portalType), @AuthorizationService.manager(#portalType, #pid))")
|
||||
@RequestMapping(value = "/{pid}/pagehelpcontent/update", method = RequestMethod.POST)
|
||||
public PageHelpContent updatePageHelpContent(@PathVariable PortalType portalType,
|
||||
@PathVariable(value = "pid") String pid,
|
||||
@RequestBody PageHelpContent pageHelpContent) {
|
||||
Portal portal = portalService.getPortalById(pageHelpContent.getPortal());
|
||||
portalService.checkPortalInfo(pid, portalType.name(), portal, pageHelpContent.getPortal());
|
||||
portalService.checkPortalInfo(pid, portalType.name(), portal, pageHelpContent.getPortal(), "id");
|
||||
return pageHelpContentService.insertOrUpdatePageHelpContent(pageHelpContent);
|
||||
}
|
||||
|
||||
// cannot handle MismatchingContent
|
||||
// @PreAuthorize("hasAnyAuthority(" +
|
||||
// "@AuthorizationService.SUPER_ADMIN, @AuthorizationService.PORTAL_ADMIN, " +
|
||||
// "@AuthorizationService.curator(#portalType), @AuthorizationService.manager(#portalType, #pid))")
|
||||
@PreAuthorize("hasAnyAuthority(" +
|
||||
"@AuthorizationService.PORTAL_ADMIN, " +
|
||||
"@AuthorizationService.curator(#portalType), @AuthorizationService.manager(#portalType, #pid))")
|
||||
@RequestMapping(value = "/{pid}/pagehelpcontent/delete", method = RequestMethod.POST)
|
||||
public Boolean deletePageHelpContents(@PathVariable PortalType portalType,
|
||||
@PathVariable(value = "pid") String pid,
|
||||
@RequestBody List<String> pageHelpContents) throws Exception {
|
||||
return pageHelpContentService.deletePageHelpContents(pageHelpContents);
|
||||
return pageHelpContentService.deletePageHelpContents(pageHelpContents, pid, portalType);
|
||||
}
|
||||
|
||||
// cannot handle MismatchingContent
|
||||
// @PreAuthorize("hasAnyAuthority(" +
|
||||
// "@AuthorizationService.SUPER_ADMIN, @AuthorizationService.PORTAL_ADMIN, " +
|
||||
// "@AuthorizationService.curator(#portalType), @AuthorizationService.manager(#portalType, #pid))")
|
||||
@PreAuthorize("hasAnyAuthority(" +
|
||||
"@AuthorizationService.PORTAL_ADMIN, " +
|
||||
"@AuthorizationService.curator(#portalType), @AuthorizationService.manager(#portalType, #pid))")
|
||||
@RequestMapping(value = "/{pid}/pagehelpcontent/toggle", method = RequestMethod.POST)
|
||||
public List<String> togglePageHelpContent(@PathVariable PortalType portalType,
|
||||
@PathVariable(value = "pid") String pid,
|
||||
@RequestBody List<String> pageHelpContents, @RequestParam String status) throws Exception {
|
||||
return pageHelpContentService.togglePageHelpContent(pageHelpContents, status);
|
||||
return pageHelpContentService.togglePageHelpContent(pageHelpContents, status, pid, portalType);
|
||||
}
|
||||
|
||||
}
|
||||
|
|
@ -9,6 +9,7 @@ import java.util.*;
|
|||
import org.apache.log4j.Logger;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.web.bind.annotation.*;
|
||||
import org.springframework.security.access.prepost.PreAuthorize;
|
||||
|
||||
@RestController
|
||||
@CrossOrigin(origins = "*")
|
||||
|
|
@ -53,21 +54,21 @@ public class DivIdController {
|
|||
}
|
||||
|
||||
// used
|
||||
// @PreAuthorize("hasAnyAuthority(@AuthorizationService.SUPER_ADMIN, @AuthorizationService.PORTAL_ADMIN)")
|
||||
@PreAuthorize("hasAnyAuthority(@AuthorizationService.PORTAL_ADMIN)")
|
||||
@RequestMapping(value = "/div/save", method = RequestMethod.POST)
|
||||
public DivIdResponse insertDivId(@RequestBody DivIdResponse divIdResponse) {
|
||||
return divIdService.insertDivId(divIdResponse);
|
||||
}
|
||||
|
||||
// used
|
||||
// @PreAuthorize("hasAnyAuthority(@AuthorizationService.SUPER_ADMIN, @AuthorizationService.PORTAL_ADMIN)")
|
||||
@PreAuthorize("hasAnyAuthority(@AuthorizationService.PORTAL_ADMIN)")
|
||||
@RequestMapping(value = "/div/update", method = RequestMethod.POST)
|
||||
public DivIdResponse updateDivId(@RequestBody DivIdResponse divIdResponse) {
|
||||
return divIdService.updateDivId(divIdResponse);
|
||||
}
|
||||
|
||||
// used
|
||||
// @PreAuthorize("hasAnyAuthority(@AuthorizationService.SUPER_ADMIN, @AuthorizationService.PORTAL_ADMIN)")
|
||||
@PreAuthorize("hasAnyAuthority(@AuthorizationService.PORTAL_ADMIN)")
|
||||
@RequestMapping(value = "/div/delete", method = RequestMethod.POST)
|
||||
public Boolean deleteDivIds(@RequestBody List<String> divIds) throws Exception {
|
||||
return divIdService.deleteDivIds(divIds);
|
||||
|
|
|
|||
|
|
@ -7,6 +7,7 @@ import eu.dnetlib.uoaadmintoolslibrary.services.EntityService;
|
|||
import org.apache.log4j.Logger;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.web.bind.annotation.*;
|
||||
import org.springframework.security.access.prepost.PreAuthorize;
|
||||
|
||||
import java.util.List;
|
||||
|
||||
|
|
@ -25,21 +26,21 @@ public class EntityController {
|
|||
}
|
||||
|
||||
// used
|
||||
// @PreAuthorize("hasAnyAuthority(@AuthorizationService.SUPER_ADMIN, @AuthorizationService.PORTAL_ADMIN)")
|
||||
@PreAuthorize("hasAnyAuthority(@AuthorizationService.PORTAL_ADMIN)")
|
||||
@RequestMapping(value = "/entity/save", method = RequestMethod.POST)
|
||||
public PortalEntity insertEntity(@RequestBody Entity entity) {
|
||||
return entityService.insertEntity(entity);
|
||||
}
|
||||
|
||||
// used
|
||||
// @PreAuthorize("hasAnyAuthority(@AuthorizationService.SUPER_ADMIN, @AuthorizationService.PORTAL_ADMIN)")
|
||||
@PreAuthorize("hasAnyAuthority(@AuthorizationService.PORTAL_ADMIN)")
|
||||
@RequestMapping(value = "/entity/update", method = RequestMethod.POST)
|
||||
public PortalEntity updateEntity(@RequestBody PortalEntity portalEntity) {
|
||||
return entityService.updateEntity(portalEntity);
|
||||
}
|
||||
|
||||
// used
|
||||
// @PreAuthorize("hasAnyAuthority(@AuthorizationService.SUPER_ADMIN, @AuthorizationService.PORTAL_ADMIN)")
|
||||
@PreAuthorize("hasAnyAuthority(@AuthorizationService.PORTAL_ADMIN)")
|
||||
@RequestMapping(value = "/entity/delete", method = RequestMethod.POST)
|
||||
public Boolean deleteEntities(@RequestBody List<String> entities) throws Exception {
|
||||
return entityService.deleteEntities(entities);
|
||||
|
|
|
|||
|
|
@ -7,6 +7,7 @@ import eu.dnetlib.uoaadmintoolslibrary.services.PageService;
|
|||
import org.apache.log4j.Logger;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.web.bind.annotation.*;
|
||||
import org.springframework.security.access.prepost.PreAuthorize;
|
||||
|
||||
import java.util.*;
|
||||
|
||||
|
|
@ -40,21 +41,21 @@ public class PageController {
|
|||
// }
|
||||
|
||||
// used
|
||||
// @PreAuthorize("hasAnyAuthority(@AuthorizationService.SUPER_ADMIN, @AuthorizationService.PORTAL_ADMIN)")
|
||||
@PreAuthorize("hasAnyAuthority(@AuthorizationService.PORTAL_ADMIN)")
|
||||
@RequestMapping(value = "/page/update", method = RequestMethod.POST)
|
||||
public PortalPage updatePage(@RequestBody PortalPage portalPage) {
|
||||
return pageService.updatePage(portalPage);
|
||||
}
|
||||
|
||||
// used
|
||||
// @PreAuthorize("hasAnyAuthority(@AuthorizationService.SUPER_ADMIN, @AuthorizationService.PORTAL_ADMIN)")
|
||||
@PreAuthorize("hasAnyAuthority(@AuthorizationService.PORTAL_ADMIN)")
|
||||
@RequestMapping(value = "/page/save", method = RequestMethod.POST)
|
||||
public PortalPage insertPage(@RequestBody PortalPage portalPage) {
|
||||
return pageService.insertPage(portalPage);
|
||||
}
|
||||
|
||||
// used
|
||||
// @PreAuthorize("hasAnyAuthority(@AuthorizationService.SUPER_ADMIN, @AuthorizationService.PORTAL_ADMIN)")
|
||||
@PreAuthorize("hasAnyAuthority(@AuthorizationService.PORTAL_ADMIN)")
|
||||
@RequestMapping(value = "/page/delete", method = RequestMethod.POST)
|
||||
public Boolean deletePages(@RequestBody List<String> pages) throws Exception {
|
||||
return pageService.deletePages(pages);
|
||||
|
|
|
|||
|
|
@ -20,7 +20,8 @@ public class AdminToolsLibraryExceptionsHandler {
|
|||
response.setErrorCode("Validation Error");
|
||||
response.setErrorMessage("Invalid inputs.");
|
||||
response.setErrors(ex.getMessage());
|
||||
log.debug("invalidInput exception");
|
||||
response.setStatus(HttpStatus.BAD_REQUEST);
|
||||
log.error("invalidInput exception");
|
||||
|
||||
return new ResponseEntity<ExceptionResponse>(response, HttpStatus.BAD_REQUEST);
|
||||
}
|
||||
|
|
@ -31,7 +32,8 @@ public class AdminToolsLibraryExceptionsHandler {
|
|||
response.setErrorCode("Conflicting content given");
|
||||
response.setErrorMessage(ex.getMessage());
|
||||
response.setErrors(ex.getMessage());
|
||||
log.debug("mismatchingContent exception" + response.getErrorCode()+ " "+response.getErrorMessage());
|
||||
response.setStatus(HttpStatus.BAD_REQUEST);
|
||||
log.error("mismatchingContent exception" + response.getErrorCode()+ " "+response.getErrorMessage());
|
||||
return new ResponseEntity<ExceptionResponse>(response, HttpStatus.BAD_REQUEST);
|
||||
}
|
||||
|
||||
|
|
@ -41,7 +43,8 @@ public class AdminToolsLibraryExceptionsHandler {
|
|||
response.setErrorCode("No content found");
|
||||
response.setErrorMessage(ex.getMessage());
|
||||
response.setErrors(ex.getMessage());
|
||||
log.debug("contentNotFound exception" + response.getErrorCode()+ " "+response.getErrorMessage());
|
||||
response.setStatus(HttpStatus.NOT_FOUND);
|
||||
log.error("contentNotFound exception" + response.getErrorCode()+ " "+response.getErrorMessage());
|
||||
return new ResponseEntity<ExceptionResponse>(response, HttpStatus.NOT_FOUND);
|
||||
}
|
||||
|
||||
|
|
@ -51,7 +54,8 @@ public class AdminToolsLibraryExceptionsHandler {
|
|||
response.setErrorCode("Null pointer Exception");
|
||||
response.setErrorMessage("Null pointer Exception");
|
||||
response.setErrors(ex.getMessage());
|
||||
log.debug("nullPointerException exception");
|
||||
response.setStatus(HttpStatus.BAD_REQUEST);
|
||||
log.error("nullPointerException exception");
|
||||
return new ResponseEntity<ExceptionResponse>(response, HttpStatus.BAD_REQUEST);
|
||||
}
|
||||
|
||||
|
|
@ -61,7 +65,8 @@ public class AdminToolsLibraryExceptionsHandler {
|
|||
response.setErrorCode("Invalid ReCaptcha Exception");
|
||||
response.setErrorMessage("Invalid ReCaptcha Exception");
|
||||
response.setErrors(ex.getMessage());
|
||||
log.debug("invalidReCaptchaException exception");
|
||||
response.setStatus(HttpStatus.BAD_REQUEST);
|
||||
log.error("invalidReCaptchaException exception");
|
||||
return new ResponseEntity<ExceptionResponse>(response, HttpStatus.BAD_REQUEST);
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -0,0 +1,80 @@
|
|||
package eu.dnetlib.uoaadmintoolslibrary.handlers.utils;
|
||||
|
||||
import eu.dnetlib.uoaauthorizationlibrary.security.AuthorizationService;
|
||||
import org.apache.log4j.Logger;
|
||||
|
||||
import java.util.List;
|
||||
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.stereotype.Component;
|
||||
|
||||
@Component
|
||||
public class RolesUtils {
|
||||
@Autowired
|
||||
private AuthorizationService authorizationService;
|
||||
|
||||
private final Logger log = Logger.getLogger(this.getClass());
|
||||
|
||||
public List<String> getRoles() {
|
||||
return authorizationService.getRoles();
|
||||
}
|
||||
|
||||
public String getEmail() {
|
||||
return authorizationService.getAaiId();
|
||||
}
|
||||
|
||||
public String getAaiId() {
|
||||
return authorizationService.getAaiId();
|
||||
}
|
||||
|
||||
public boolean isPortalAdmin(List<String> roles) {
|
||||
if(roles == null) {
|
||||
return false;
|
||||
}
|
||||
// log.debug(authorizationService.PORTAL_ADMIN);
|
||||
// log.debug("PortalAdmin: "+roles.contains(authorizationService.PORTAL_ADMIN));
|
||||
return roles.contains(authorizationService.PORTAL_ADMIN);
|
||||
}
|
||||
|
||||
public boolean isCurator(List<String> roles, String type) {
|
||||
if(roles == null) {
|
||||
return false;
|
||||
}
|
||||
// log.debug(authorizationService.curator(type));
|
||||
// log.debug("Curator in "+type+": "+roles.contains(authorizationService.curator(type)));
|
||||
return roles.contains(authorizationService.curator(type));
|
||||
}
|
||||
|
||||
public boolean isManager(List<String> roles, String type, String id) {
|
||||
if(roles == null) {
|
||||
return false;
|
||||
}
|
||||
// log.debug(authorizationService.manager(type, id));
|
||||
// log.debug("Manager in "+type+" - "+id+": "+roles.contains(authorizationService.manager(type, id)));
|
||||
return roles.contains(authorizationService.manager(type, id));
|
||||
}
|
||||
|
||||
public boolean isMember(List<String> roles, String type, String id) {
|
||||
if(roles == null) {
|
||||
return false;
|
||||
}
|
||||
// log.debug(authorizationService.member(type, id));
|
||||
// log.debug("Member in "+type+" - "+id+": "+roles.contains(authorizationService.member(type, id)));
|
||||
return roles.contains(authorizationService.member(type, id));
|
||||
}
|
||||
|
||||
public boolean isLoggedIn(List<String> roles) {
|
||||
if(roles == null || roles.contains(authorizationService.ANONYMOUS_USER)) {
|
||||
return false;
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
public boolean hasUpdateAuthority(List<String> roles, String type, String id) {
|
||||
return isPortalAdmin(roles) || isCurator(roles, type) || isManager(roles, type, id);
|
||||
}
|
||||
|
||||
public boolean hasCreateAndDeleteAuthority(List<String> roles, String type) {
|
||||
return isPortalAdmin(roles) || isCurator(roles, type);
|
||||
}
|
||||
}
|
||||
|
|
@ -1,13 +1,12 @@
|
|||
package eu.dnetlib.uoaadmintoolslibrary.services;
|
||||
|
||||
import eu.dnetlib.uoaadmintoolslibrary.dao.DivHelpContentDAO;
|
||||
import eu.dnetlib.uoaadmintoolslibrary.entities.DivHelpContent;
|
||||
import eu.dnetlib.uoaadmintoolslibrary.entities.DivId;
|
||||
import eu.dnetlib.uoaadmintoolslibrary.entities.Page;
|
||||
import eu.dnetlib.uoaadmintoolslibrary.entities.Portal;
|
||||
import eu.dnetlib.uoaadmintoolslibrary.entities.*;
|
||||
import eu.dnetlib.uoaadmintoolslibrary.entities.fullEntities.DivHelpContentResponse;
|
||||
import eu.dnetlib.uoaadmintoolslibrary.entities.fullEntities.DivIdResponse;
|
||||
|
||||
import eu.dnetlib.uoaadmintoolslibrary.handlers.ContentNotFoundException;
|
||||
import eu.dnetlib.uoaadmintoolslibrary.handlers.MismatchingContentException;
|
||||
import org.apache.log4j.Logger;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.stereotype.Service;
|
||||
|
|
@ -103,17 +102,38 @@ public class DivHelpContentService {
|
|||
divHelpContentDAO.delete(id);
|
||||
}
|
||||
|
||||
public Boolean deleteDivHelpContents(List<String> divHelpContents) throws Exception {
|
||||
public Boolean deleteDivHelpContents(List<String> divHelpContents, String pid, PortalType portalType) throws Exception {
|
||||
Portal portal = portalService.getPortal(pid);
|
||||
portalService.checkPortalInfo(pid, portalType.name(), portal, pid, "pid");
|
||||
|
||||
for (String id: divHelpContents) {
|
||||
DivHelpContent divHelpContent = getDivHelpContent(id);
|
||||
if(divHelpContent == null) {
|
||||
throw new ContentNotFoundException("Div help content with id: " + id + " not found");
|
||||
}
|
||||
if(!divHelpContent.getPortal().equals(portal.getId())) {
|
||||
throw new MismatchingContentException("["+portalType+ " - "+ pid+"] Conflicting div help content: portal id: "+divHelpContent.getPortal());
|
||||
}
|
||||
|
||||
divHelpContentDAO.delete(id);
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
public List<String> toggleDivHelpContent(List<String> divHelpContents, String status) throws Exception {
|
||||
public List<String> toggleDivHelpContent(List<String> divHelpContents, String status, String pid, PortalType portalType) throws Exception {
|
||||
Portal portal = portalService.getPortal(pid);
|
||||
portalService.checkPortalInfo(pid, portalType.name(), portal, pid, "pid");
|
||||
|
||||
for (String id: divHelpContents) {
|
||||
log.debug("Id of divHelpContent: "+id);
|
||||
DivHelpContent divHelpContent = divHelpContentDAO.findById(id);
|
||||
DivHelpContent divHelpContent = getDivHelpContent(id);
|
||||
if(divHelpContent == null) {
|
||||
throw new ContentNotFoundException("Div help content with id: " + id + " not found");
|
||||
}
|
||||
if(!divHelpContent.getPortal().equals(portal.getId())) {
|
||||
throw new MismatchingContentException("["+portalType+ " - "+ pid+"] Conflicting div help content: portal id: "+divHelpContent.getPortal());
|
||||
}
|
||||
|
||||
divHelpContent.setIsActive(Boolean.parseBoolean(status));
|
||||
divHelpContentDAO.save(divHelpContent);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -4,8 +4,11 @@ import eu.dnetlib.uoaadmintoolslibrary.dao.PageHelpContentDAO;
|
|||
import eu.dnetlib.uoaadmintoolslibrary.entities.Page;
|
||||
import eu.dnetlib.uoaadmintoolslibrary.entities.PageHelpContent;
|
||||
import eu.dnetlib.uoaadmintoolslibrary.entities.Portal;
|
||||
import eu.dnetlib.uoaadmintoolslibrary.entities.PortalType;
|
||||
import eu.dnetlib.uoaadmintoolslibrary.entities.fullEntities.PageHelpContentResponse;
|
||||
|
||||
import eu.dnetlib.uoaadmintoolslibrary.handlers.ContentNotFoundException;
|
||||
import eu.dnetlib.uoaadmintoolslibrary.handlers.MismatchingContentException;
|
||||
import org.apache.log4j.Logger;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.stereotype.Service;
|
||||
|
|
@ -108,10 +111,19 @@ public class PageHelpContentService {
|
|||
return pageHelpContentDAO.findById(id);
|
||||
}
|
||||
|
||||
public List<String> togglePageHelpContent(List<String> pageHelpContents, String status) throws Exception {
|
||||
public List<String> togglePageHelpContent(List<String> pageHelpContents, String status, String pid, PortalType portalType) throws Exception {
|
||||
Portal portal = portalService.getPortal(pid);
|
||||
portalService.checkPortalInfo(pid, portalType.name(), portal, pid, "pid");
|
||||
|
||||
for (String id: pageHelpContents) {
|
||||
log.debug("Id of pageHelpContent: "+id);
|
||||
// log.debug("Id of pageHelpContent: "+id);
|
||||
PageHelpContent pageHelpContent = pageHelpContentDAO.findById(id);
|
||||
if(pageHelpContent == null) {
|
||||
throw new ContentNotFoundException("Page help content with id: " + id + " not found");
|
||||
}
|
||||
if(!pageHelpContent.getPortal().equals(portal.getId())) {
|
||||
throw new MismatchingContentException("["+portalType+ " - "+ pid+"] Conflicting page help content: portal id: "+pageHelpContent.getPortal());
|
||||
}
|
||||
pageHelpContent.setIsActive(Boolean.parseBoolean(status));
|
||||
pageHelpContentDAO.save(pageHelpContent);
|
||||
}
|
||||
|
|
@ -122,8 +134,18 @@ public class PageHelpContentService {
|
|||
pageHelpContentDAO.delete(id);
|
||||
}
|
||||
|
||||
public Boolean deletePageHelpContents(List<String> pageHelpContents) throws Exception {
|
||||
public Boolean deletePageHelpContents(List<String> pageHelpContents, String pid, PortalType portalType) throws Exception {
|
||||
Portal portal = portalService.getPortal(pid);
|
||||
portalService.checkPortalInfo(pid, portalType.name(), portal, pid, "pid");
|
||||
|
||||
for (String id: pageHelpContents) {
|
||||
PageHelpContent pageHelpContent = getPageHelpContent(id);
|
||||
if(pageHelpContent == null) {
|
||||
throw new ContentNotFoundException("Page help content with id: " + id + " not found");
|
||||
}
|
||||
if(!pageHelpContent.getPortal().equals(portal.getId())) {
|
||||
throw new MismatchingContentException("["+portalType+ " - "+ pid+"] Conflicting page help content: portal id: "+pageHelpContent.getPortal());
|
||||
}
|
||||
pageHelpContentDAO.delete(id);
|
||||
}
|
||||
return true;
|
||||
|
|
|
|||
|
|
@ -77,7 +77,7 @@ public class PortalService {
|
|||
|
||||
private void setEnabledPagesForPortalByType(Portal portal, PortalResponse portalResponse) {
|
||||
List<PortalPage> pages = this.getPagesForPortalByType(portal.getPid(), null, null, null, null);
|
||||
log.debug("PAGES number="+pages.size());
|
||||
// log.debug("PAGES number="+pages.size());
|
||||
Iterator<PortalPage> iteratorPages = pages.iterator();
|
||||
while(iteratorPages.hasNext()) {
|
||||
PortalPage page = iteratorPages.next();
|
||||
|
|
@ -86,12 +86,12 @@ public class PortalService {
|
|||
}
|
||||
}
|
||||
portalResponse.setPages(pages);
|
||||
log.debug("PAGES set");
|
||||
// log.debug("PAGES set");
|
||||
}
|
||||
|
||||
private void setEnabledEntitiesForPortalByType(Portal portal, PortalResponse portalResponse) {
|
||||
List<PortalEntity> entities = this.getEntitiesForPortal(portal.getPid(), null);
|
||||
log.debug("ENTITIES number="+entities.size());
|
||||
// log.debug("ENTITIES number="+entities.size());
|
||||
Iterator<PortalEntity> iteratorEntities = entities.iterator();
|
||||
while(iteratorEntities.hasNext()) {
|
||||
PortalEntity entity = iteratorEntities.next();
|
||||
|
|
@ -100,7 +100,7 @@ public class PortalService {
|
|||
}
|
||||
}
|
||||
portalResponse.setEntities(entities);
|
||||
log.debug("ENTITIES set");
|
||||
// log.debug("ENTITIES set");
|
||||
}
|
||||
|
||||
public PortalResponse getPortalFull(String pid) {
|
||||
|
|
@ -176,7 +176,7 @@ public class PortalService {
|
|||
Portal savedPortal = portalDAO.save(portal);
|
||||
PortalResponse portalResponse = this.getPortalFull(savedPortal.getPid());
|
||||
|
||||
log.debug("pid of saved portal: "+ savedPortal.getPid());
|
||||
// log.debug("pid of saved portal: "+ savedPortal.getPid());
|
||||
|
||||
String id = savedPortal.getId();
|
||||
|
||||
|
|
@ -298,12 +298,12 @@ public class PortalService {
|
|||
}
|
||||
|
||||
public Portal getPortalById(String id) {
|
||||
log.debug("ID: "+ id);
|
||||
// log.debug("ID: "+ id);
|
||||
return portalDAO.findById(id);
|
||||
}
|
||||
|
||||
public Portal getPortal(String pid) {
|
||||
log.debug("PID: "+ pid);
|
||||
// log.debug("PID: "+ pid);
|
||||
return portalDAO.findByPid(pid);
|
||||
}
|
||||
|
||||
|
|
@ -391,12 +391,20 @@ public class PortalService {
|
|||
return portalDAO.save(portal);
|
||||
}
|
||||
|
||||
public Portal togglePage(String pid, List<String> pageIds, String status) throws Exception {
|
||||
public Portal togglePage(String pid, String portalType, List<String> pageIds, String status) throws Exception {
|
||||
Portal portal = portalDAO.findByPid(pid);
|
||||
checkPortalInfo(pid, portalType, portal, pid, "pid");
|
||||
Map<String, Boolean> pages = portal.getPages();
|
||||
|
||||
for (String pageId: pageIds) {
|
||||
log.debug("Toggle portal page: " + pageId + " of portal: " + pid + " to " + status);
|
||||
Page page = pageService.getPage(pageId);
|
||||
if(page == null) {
|
||||
throw new ContentNotFoundException("Page with id: " + pageId + " not found");
|
||||
}
|
||||
if(!page.getPortalType().equals(portalType)) {
|
||||
throw new MismatchingContentException("["+portalType+ " - "+ pid+"] Conflicting page type: "+page.getPortalType());
|
||||
}
|
||||
// log.debug("Toggle portal page: " + pageId + " of portal: " + pid + " to " + status);
|
||||
pages.put(pageId, Boolean.parseBoolean(status));
|
||||
}
|
||||
|
||||
|
|
@ -410,7 +418,7 @@ public class PortalService {
|
|||
Map<String, Boolean> pages = portal.getPages();
|
||||
|
||||
for (String entityId: entityIds) {
|
||||
log.debug("Toggle portal entity: " + entityId + " of portal: " + pid + " to " + status);
|
||||
// log.debug("Toggle portal entity: " + entityId + " of portal: " + pid + " to " + status);
|
||||
|
||||
entities.put(entityId, Boolean.parseBoolean(status));
|
||||
|
||||
|
|
@ -512,9 +520,11 @@ public class PortalService {
|
|||
return divHelpContentResponses;
|
||||
}
|
||||
|
||||
public void checkPortalInfo(String pid, String portalType, Portal portal, String portalId) {
|
||||
public void checkPortalInfo(String pid, String portalType, Portal portal, String portalId, String getBy) {
|
||||
if(portal == null) {
|
||||
throw new ContentNotFoundException("Portal with id: "+portalId+" not found");
|
||||
if(portalId != null) {
|
||||
throw new ContentNotFoundException("Portal with "+getBy+": " + portalId + " not found");
|
||||
}
|
||||
}
|
||||
if(!portal.getType().equals(portalType)) {
|
||||
throw new MismatchingContentException("["+portalType+ " - "+ pid+"] Conflicting portal info: type: "+portal.getType());
|
||||
|
|
|
|||
Loading…
Reference in New Issue