Add unauthorized method in common service and use it instead of ForbiddenException
This commit is contained in:
parent
014ca643d5
commit
0fdb13ae56
2
pom.xml
2
pom.xml
|
@ -30,7 +30,7 @@
|
|||
<dependency> <!-- this dependency includes dependency to uoa-authorization-library -->
|
||||
<groupId>eu.dnetlib</groupId>
|
||||
<artifactId>uoa-admin-tools-library</artifactId>
|
||||
<version>1.0.10</version>
|
||||
<version>1.0.12</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>eu.dnetlib</groupId>
|
||||
|
|
|
@ -8,6 +8,7 @@ import eu.dnetlib.uoamonitorservice.dto.StakeholderFull;
|
|||
import eu.dnetlib.uoamonitorservice.entities.Stakeholder;
|
||||
import eu.dnetlib.uoamonitorservice.generics.StakeholderGeneric;
|
||||
import eu.dnetlib.uoamonitorservice.primitives.Visibility;
|
||||
import eu.dnetlib.uoamonitorservice.service.CommonService;
|
||||
import eu.dnetlib.uoamonitorservice.service.StakeholderService;
|
||||
import org.apache.logging.log4j.LogManager;
|
||||
import org.apache.logging.log4j.Logger;
|
||||
|
@ -25,11 +26,13 @@ public class StakeholderController {
|
|||
|
||||
private final PortalService portalService;
|
||||
private final StakeholderService stakeholderService;
|
||||
private final CommonService commonService;
|
||||
|
||||
@Autowired
|
||||
public StakeholderController(PortalService portalService, StakeholderService stakeholderService) {
|
||||
public StakeholderController(PortalService portalService, StakeholderService stakeholderService, CommonService commonService) {
|
||||
this.portalService = portalService;
|
||||
this.stakeholderService = stakeholderService;
|
||||
this.commonService = commonService;
|
||||
}
|
||||
|
||||
@PreAuthorize("isAuthenticated()")
|
||||
|
@ -89,7 +92,7 @@ public class StakeholderController {
|
|||
public StakeholderFull getStakeholder(@PathVariable("alias") String alias) {
|
||||
StakeholderFull stakeholder = this.stakeholderService.getFullStakeholder(this.stakeholderService.findByAlias(alias));
|
||||
if (stakeholder == null) {
|
||||
throw new ForbiddenException("Get stakeholder: You are not authorized to access stakeholder with alias: " + alias);
|
||||
this.commonService.unauthorized("Get stakeholder: You are not authorized to access stakeholder with alias: " + alias);
|
||||
}
|
||||
return stakeholder;
|
||||
}
|
||||
|
|
|
@ -102,7 +102,7 @@ public class CategoryService {
|
|||
this.updateChildren(category);
|
||||
category = this.save(category);
|
||||
} else {
|
||||
throw new ForbiddenException("You are not authorized to update stakeholder with id: " + stakeholder.getId());
|
||||
this.commonService.unauthorized("You are not authorized to update stakeholder with id: " + stakeholder.getId());
|
||||
}
|
||||
} else {
|
||||
if (this.commonService.hasCreateAuthority(stakeholder.getType())) {
|
||||
|
@ -113,7 +113,7 @@ public class CategoryService {
|
|||
}
|
||||
this.addCategory(topic, category.getId());
|
||||
} else {
|
||||
throw new ForbiddenException("You are not authorized to create a category in stakeholder with id: " + stakeholder.getId());
|
||||
this.commonService.unauthorized("You are not authorized to create a category in stakeholder with id: " + stakeholder.getId());
|
||||
}
|
||||
}
|
||||
return this.getFullCategory(stakeholder.getType(), stakeholder.getAlias(), category);
|
||||
|
@ -145,8 +145,9 @@ public class CategoryService {
|
|||
throw new EntityNotFoundException("Some subCategories dont exist in the category with id " + category.getId());
|
||||
}
|
||||
} else {
|
||||
throw new ForbiddenException("You are not authorized to reorder subCategories in category with id: " + category.getId());
|
||||
this.commonService.unauthorized("You are not authorized to reorder subCategories in category with id: " + category.getId());
|
||||
}
|
||||
return null;
|
||||
}
|
||||
|
||||
public void reorderChildren(Stakeholder defaultStakeholder, Category defaultCategory, List<String> defaultSubCategories) {
|
||||
|
@ -171,7 +172,7 @@ public class CategoryService {
|
|||
}
|
||||
this.dao.delete(category);
|
||||
} else {
|
||||
throw new ForbiddenException("Delete category: You are not authorized to delete category with id: " + category.getId());
|
||||
this.commonService.unauthorized("Delete category: You are not authorized to delete category with id: " + category.getId());
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -205,8 +206,9 @@ public class CategoryService {
|
|||
category.update(this.save(new Category(category)));
|
||||
return category;
|
||||
} else {
|
||||
throw new ForbiddenException("Change category visibility: You are not authorized to update category with id: " + category.getId());
|
||||
this.commonService.unauthorized("Change category visibility: You are not authorized to update category with id: " + category.getId());
|
||||
}
|
||||
return null;
|
||||
}
|
||||
|
||||
public CategoryFull changeVisibility(String type, String alias, Category category, Visibility visibility, Boolean propagate) {
|
||||
|
|
|
@ -1,5 +1,7 @@
|
|||
package eu.dnetlib.uoamonitorservice.service;
|
||||
|
||||
import eu.dnetlib.uoaadmintoolslibrary.handlers.ForbiddenException;
|
||||
import eu.dnetlib.uoaadmintoolslibrary.handlers.UnauthorizedException;
|
||||
import eu.dnetlib.uoaauthorizationlibrary.security.AuthorizationService;
|
||||
import eu.dnetlib.uoamonitorservice.dto.TopicFull;
|
||||
import eu.dnetlib.uoamonitorservice.generics.Common;
|
||||
|
@ -69,4 +71,12 @@ public class CommonService {
|
|||
});
|
||||
return ids;
|
||||
}
|
||||
|
||||
public void unauthorized(String message) {
|
||||
if(authorizationService.getAaiId() != null) {
|
||||
throw new ForbiddenException(message);
|
||||
} else {
|
||||
throw new UnauthorizedException(message);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -1,6 +1,5 @@
|
|||
package eu.dnetlib.uoamonitorservice.service;
|
||||
|
||||
import eu.dnetlib.uoaadmintoolslibrary.handlers.ForbiddenException;
|
||||
import eu.dnetlib.uoamonitorservice.dao.*;
|
||||
import eu.dnetlib.uoamonitorservice.entities.Indicator;
|
||||
import eu.dnetlib.uoamonitorservice.entities.Section;
|
||||
|
@ -82,7 +81,7 @@ public class IndicatorService {
|
|||
this.updateChildren(indicator);
|
||||
indicator = this.save(indicator);
|
||||
} else {
|
||||
throw new ForbiddenException("You are not authorized to update stakeholder with id: " + stakeholder.getId());
|
||||
this.commonService.unauthorized("You are not authorized to update stakeholder with id: " + stakeholder.getId());
|
||||
}
|
||||
} else {
|
||||
if (this.commonService.hasCreateAuthority(stakeholder.getType())) {
|
||||
|
@ -90,7 +89,7 @@ public class IndicatorService {
|
|||
this.createChildren(section, indicator);
|
||||
this.addIndicator(section, indicator.getId());
|
||||
} else {
|
||||
throw new ForbiddenException("You are not authorized to create an indicator in stakeholder with id: " + stakeholder.getId());
|
||||
this.commonService.unauthorized("You are not authorized to create an indicator in stakeholder with id: " + stakeholder.getId());
|
||||
}
|
||||
}
|
||||
return indicator;
|
||||
|
@ -128,7 +127,7 @@ public class IndicatorService {
|
|||
}
|
||||
this.dao.delete(indicator);
|
||||
} else {
|
||||
throw new ForbiddenException("Delete indicator: You are not authorized to delete indicator with id: " + indicator.getId());
|
||||
this.commonService.unauthorized("Delete indicator: You are not authorized to delete indicator with id: " + indicator.getId());
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -157,7 +156,8 @@ public class IndicatorService {
|
|||
indicator.setVisibility(visibility);
|
||||
return this.save(indicator);
|
||||
} else {
|
||||
throw new ForbiddenException("Change section visibility: You are not authorized to update section with id: " + indicator.getId());
|
||||
this.commonService.unauthorized("Change section visibility: You are not authorized to update section with id: " + indicator.getId());
|
||||
}
|
||||
return null;
|
||||
}
|
||||
}
|
||||
|
|
|
@ -103,7 +103,7 @@ public class SectionService {
|
|||
this.createChildren(subCategory, new Section(section), -1);
|
||||
});
|
||||
} else {
|
||||
throw new ForbiddenException("You are not authorized to create sections in stakeholder with id: " + stakeholder.getId());
|
||||
this.commonService.unauthorized("You are not authorized to create sections in stakeholder with id: " + stakeholder.getId());
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -115,7 +115,7 @@ public class SectionService {
|
|||
this.updateChildren(section);
|
||||
section = this.save(section);
|
||||
} else {
|
||||
throw new ForbiddenException("You are not authorized to update stakeholder with id: " + stakeholder.getId());
|
||||
this.commonService.unauthorized("You are not authorized to update stakeholder with id: " + stakeholder.getId());
|
||||
}
|
||||
} else {
|
||||
if (this.commonService.hasCreateAuthority(stakeholder.getType())) {
|
||||
|
@ -123,7 +123,7 @@ public class SectionService {
|
|||
this.createChildren(subCategory, section, index);
|
||||
this.addSection(subCategory, section.getId(), index);
|
||||
} else {
|
||||
throw new ForbiddenException("You are not authorized to create a section in stakeholder with id: " + stakeholder.getId());
|
||||
this.commonService.unauthorized("You are not authorized to create a section in stakeholder with id: " + stakeholder.getId());
|
||||
}
|
||||
}
|
||||
return this.getFullSection(stakeholder.getType(), stakeholder.getAlias(), section);
|
||||
|
@ -168,8 +168,9 @@ public class SectionService {
|
|||
throw new EntityNotFoundException("Some indicators dont exist in the section with id " + section.getId());
|
||||
}
|
||||
} else {
|
||||
throw new ForbiddenException("You are not authorized to reorder indicators in section with id: " + section.getId());
|
||||
this.commonService.unauthorized("You are not authorized to reorder indicators in section with id: " + section.getId());
|
||||
}
|
||||
return null;
|
||||
}
|
||||
|
||||
public void reorderChildren(Stakeholder defaultStakeholder, Section defaultSection, List<String> defaultIndicators) {
|
||||
|
@ -194,7 +195,7 @@ public class SectionService {
|
|||
}
|
||||
this.dao.delete(section);
|
||||
} else {
|
||||
throw new ForbiddenException("Delete section: You are not authorized to delete section with id: " + section.getId());
|
||||
this.commonService.unauthorized("Delete section: You are not authorized to delete section with id: " + section.getId());
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -238,7 +239,8 @@ public class SectionService {
|
|||
section.update(this.save(new Section(section)));
|
||||
return section;
|
||||
} else {
|
||||
throw new ForbiddenException("Change section visibility: You are not authorized to update section with id: " + section.getId());
|
||||
this.commonService.unauthorized("Change section visibility: You are not authorized to update section with id: " + section.getId());
|
||||
}
|
||||
return null;
|
||||
}
|
||||
}
|
||||
|
|
|
@ -158,8 +158,9 @@ public class StakeholderService {
|
|||
throw new EntityNotFoundException("Some topics dont exist in the stakeholder with id " + stakeholder.getId());
|
||||
}
|
||||
} else {
|
||||
throw new ForbiddenException("You are not authorized to reorder topics in stakeholder with id: " + stakeholder.getId());
|
||||
this.commonService.unauthorized("You are not authorized to reorder topics in stakeholder with id: " + stakeholder.getId());
|
||||
}
|
||||
return null;
|
||||
}
|
||||
|
||||
public void reorderChildren(Stakeholder defaultStakeholder, List<String> defaultTopics) {
|
||||
|
@ -181,8 +182,9 @@ public class StakeholderService {
|
|||
this.dao.delete(id);
|
||||
return stakeholder.getAlias();
|
||||
} else {
|
||||
throw new ForbiddenException("Delete stakeholder: You are not authorized to delete stakeholder with id: " + id);
|
||||
this.commonService.unauthorized("Delete stakeholder: You are not authorized to delete stakeholder with id: " + id);
|
||||
}
|
||||
return null;
|
||||
}
|
||||
|
||||
public StakeholderFull changeVisibility(StakeholderFull stakeholder, Visibility visibility, Boolean propagate) {
|
||||
|
@ -196,8 +198,9 @@ public class StakeholderService {
|
|||
stakeholder.update(this.save(new Stakeholder(stakeholder)));
|
||||
return stakeholder;
|
||||
} else {
|
||||
throw new ForbiddenException("Change stakeholder visibility: You are not authorized to update stakeholder with id: " + stakeholder.getId());
|
||||
this.commonService.unauthorized("Change stakeholder visibility: You are not authorized to update stakeholder with id: " + stakeholder.getId());
|
||||
}
|
||||
return null;
|
||||
}
|
||||
|
||||
public StakeholderFull changeVisibility(Stakeholder stakeholder, Visibility visibility, Boolean propagate) {
|
||||
|
|
|
@ -112,7 +112,7 @@ public class SubCategoryService {
|
|||
this.updateChildren(subCategory);
|
||||
subCategory = this.save(subCategory);
|
||||
} else {
|
||||
throw new ForbiddenException("You are not authorized to update stakeholder with id: " + stakeholder.getId());
|
||||
this.commonService.unauthorized("You are not authorized to update stakeholder with id: " + stakeholder.getId());
|
||||
}
|
||||
} else {
|
||||
if (this.commonService.hasCreateAuthority(stakeholder.getType())) {
|
||||
|
@ -120,7 +120,7 @@ public class SubCategoryService {
|
|||
this.createChildren(category, subCategory);
|
||||
this.addSubCategory(category, subCategory.getId());
|
||||
} else {
|
||||
throw new ForbiddenException("You are not authorized to create a subCategory in stakeholder with id: " + stakeholder.getId());
|
||||
this.commonService.unauthorized("You are not authorized to create a subCategory in stakeholder with id: " + stakeholder.getId());
|
||||
}
|
||||
}
|
||||
return this.getFullSubCategory(stakeholder.getType(), stakeholder.getAlias(), subCategory);
|
||||
|
@ -153,8 +153,9 @@ public class SubCategoryService {
|
|||
this.moveIndicatorChildren(stakeholder, subCategory, moveIndicator);
|
||||
return this.getFullSubCategory(stakeholder.getType(), stakeholder.getAlias(), subCategory);
|
||||
} else {
|
||||
throw new ForbiddenException("You are not authorized to move indicators in subCategory with id: " + subCategory.getId());
|
||||
this.commonService.unauthorized("You are not authorized to move indicators in subCategory with id: " + subCategory.getId());
|
||||
}
|
||||
return null;
|
||||
}
|
||||
|
||||
public void moveIndicatorChildren(Stakeholder defaultStakeholder, SubCategory defaultSubCategory, MoveIndicator moveIndicator) {
|
||||
|
@ -191,8 +192,9 @@ public class SubCategoryService {
|
|||
throw new EntityNotFoundException("Some sections dont exist in the subCategory with id " + subCategory.getId());
|
||||
}
|
||||
} else {
|
||||
throw new ForbiddenException("You are not authorized to reorder sections in subCategory with id: " + subCategory.getId());
|
||||
this.commonService.unauthorized("You are not authorized to reorder sections in subCategory with id: " + subCategory.getId());
|
||||
}
|
||||
return null;
|
||||
}
|
||||
|
||||
public SubCategoryFull reorderCharts(Stakeholder stakeholder, SubCategory subCategory, List<String> charts) {
|
||||
|
@ -206,8 +208,9 @@ public class SubCategoryService {
|
|||
throw new EntityNotFoundException("Some sections dont exist in the subCategory with id " + subCategory.getId());
|
||||
}
|
||||
} else {
|
||||
throw new ForbiddenException("You are not authorized to reorder sections in subCategory with id: " + subCategory.getId());
|
||||
this.commonService.unauthorized("You are not authorized to reorder sections in subCategory with id: " + subCategory.getId());
|
||||
}
|
||||
return null;
|
||||
}
|
||||
|
||||
public void reorderChildrenNumbers(Stakeholder defaultStakeholder, SubCategory defaultSubCategory, List<String> defaultSections) {
|
||||
|
@ -245,7 +248,7 @@ public class SubCategoryService {
|
|||
}
|
||||
this.dao.delete(subCategory);
|
||||
} else {
|
||||
throw new ForbiddenException("Delete subCategory: You are not authorized to delete subCategory with id: " + subCategory.getId());
|
||||
this.commonService.unauthorized("Delete subCategory: You are not authorized to delete subCategory with id: " + subCategory.getId());
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -282,8 +285,9 @@ public class SubCategoryService {
|
|||
subCategory.update(this.save(new SubCategory(subCategory)));
|
||||
return subCategory;
|
||||
} else {
|
||||
throw new ForbiddenException("Change subCategory visibility: You are not authorized to update subCategory with id: " + subCategory.getId());
|
||||
this.commonService.unauthorized("Change subCategory visibility: You are not authorized to update subCategory with id: " + subCategory.getId());
|
||||
}
|
||||
return null;
|
||||
}
|
||||
|
||||
public SubCategoryFull changeVisibility(String type, String alias, SubCategory subCategory, Visibility visibility, Boolean propagate) {
|
||||
|
|
|
@ -94,7 +94,7 @@ public class TopicService {
|
|||
this.updateChildren(topic);
|
||||
topic = this.save(topic);
|
||||
} else {
|
||||
throw new ForbiddenException("You are not authorized to update stakeholder with id: " + stakeholder.getId());
|
||||
this.commonService.unauthorized("You are not authorized to update stakeholder with id: " + stakeholder.getId());
|
||||
}
|
||||
} else {
|
||||
if(this.commonService.hasCreateAuthority(stakeholder.getType())) {
|
||||
|
@ -102,7 +102,7 @@ public class TopicService {
|
|||
this.createChildren(stakeholder, topic);
|
||||
this.addTopic(stakeholder, topic.getId());
|
||||
} else {
|
||||
throw new ForbiddenException("You are not authorized to create a topic in stakeholder with id: " + stakeholder.getId());
|
||||
this.commonService.unauthorized("You are not authorized to create a topic in stakeholder with id: " + stakeholder.getId());
|
||||
}
|
||||
}
|
||||
return this.getFullTopic(stakeholder.getType(), stakeholder.getAlias(), topic);
|
||||
|
@ -132,8 +132,9 @@ public class TopicService {
|
|||
throw new EntityNotFoundException("Some categories dont exist in the topic with id " + topic.getId());
|
||||
}
|
||||
} else {
|
||||
throw new ForbiddenException("You are not authorized to reorder categories in topic with id: " + topic.getId());
|
||||
this.commonService.unauthorized("You are not authorized to reorder categories in topic with id: " + topic.getId());
|
||||
}
|
||||
return null;
|
||||
}
|
||||
|
||||
public void reorderChildren(Stakeholder defaultStakeholder, Topic defaultTopic, List<String> defaultCategories) {
|
||||
|
@ -158,7 +159,7 @@ public class TopicService {
|
|||
}
|
||||
this.dao.delete(topic);
|
||||
} else {
|
||||
throw new ForbiddenException("Delete topic: You are not authorized to delete topic with id: " + topic.getId());
|
||||
this.commonService.unauthorized("Delete topic: You are not authorized to delete topic with id: " + topic.getId());
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -192,8 +193,9 @@ public class TopicService {
|
|||
topic.update(this.save(new Topic(topic)));
|
||||
return topic;
|
||||
} else {
|
||||
throw new ForbiddenException("Change topic visibility: You are not authorized to update topic with id: " + topic.getId());
|
||||
this.commonService.unauthorized("Change topic visibility: You are not authorized to update topic with id: " + topic.getId());
|
||||
}
|
||||
return null;
|
||||
}
|
||||
|
||||
public TopicFull changeVisibility(String type, String alias, Topic topic, Visibility visibility, Boolean propagate) {
|
||||
|
|
Loading…
Reference in New Issue