[Trunk | Monitor Service]:
1. StakeholderController.java & TopicController.java & CategoryController.java & SubCategoryController.java && SectionController.java && IndicatorController.java: a. Comment logs for get requests. b. Use "ForbiddenException" instead of "AccessDeniedException" c. On /save, if full entity has id (already in DB), if not found in DB throw EntityNotFoundException. d. Get children (e.g. when saving a Topic, get its categories) from DB. 2. TopicController.java & CategoryController.java & SubCategoryController.java & SectionController.java: In /reorder, if there are in DB, ids that are missing from reordered list, do reordering and add in the end of list the missing ids. 3. ReorderEvent.java: [NEW] Added class ReorderEvent with fields "action" (String), "target" (String), "ids" (List<String>) (used in IndicatorController.java). 4. IndicatorController.java: a. In /reorder, @RequestBody changed from List<String> indicators to ReorderEvent reorderEvent. b. If there are in DB, ids that are missing from reordered list AND missing id is not moved to other section (action = removed and target = missing id), do reordering and add in the end of list the missing ids. 5. ExceptionsHandler.java: exception handler methods "invalidInput()", "nullPointerException()", "notFoundException()" moved to "Admin Tools Library" - "accessDeniedException()" is removed. 6. responses/ExceptionResponse.java: File and folder deleted (moved to "Admin Tools Library"). 7. RolesUtils.java: Added method "isLoggedIn()" (checks if no roles for user, or user has role "ROLE_ANONYMOUS").
This commit is contained in:
parent
479e2c0aeb
commit
38a5a09d8a
|
@ -3,6 +3,7 @@ package eu.dnetlib.uoamonitorservice.controllers;
|
|||
import eu.dnetlib.uoamonitorservice.dao.*;
|
||||
import eu.dnetlib.uoamonitorservice.entities.*;
|
||||
import eu.dnetlib.uoamonitorservice.handlers.EntityNotFoundException;
|
||||
import eu.dnetlib.uoaadmintoolslibrary.handlers.ForbiddenException;
|
||||
import eu.dnetlib.uoamonitorservice.handlers.PathNotValidException;
|
||||
import eu.dnetlib.uoamonitorservice.handlers.utils.RolesUtils;
|
||||
import org.apache.log4j.Logger;
|
||||
|
@ -80,12 +81,16 @@ public class CategoryController {
|
|||
List<String> roles = rolesUtils.getRoles();
|
||||
if(!rolesUtils.hasUpdateAuthority(roles, stakeholder.getType(), stakeholder.getAlias())) {
|
||||
// EXCEPTION - Access denied
|
||||
throw new AccessDeniedException("Save Category: You are not authorized to update stakeholder with id: "+stakeholderId);
|
||||
throw new ForbiddenException("Save Category: You are not authorized to update stakeholder with id: "+stakeholderId);
|
||||
}
|
||||
|
||||
Category<String> oldCategory = null;
|
||||
if(categoryFull.getId() != null) {
|
||||
oldCategory = categoryDAO.findById(categoryFull.getId());
|
||||
if(oldCategory == null) {
|
||||
// EXCEPTION - Category not found
|
||||
throw new EntityNotFoundException("save category: Category with id: " + categoryFull.getId() + " not found");
|
||||
}
|
||||
}
|
||||
|
||||
Topic<String> topic = topicDAO.findById(topicId);
|
||||
|
@ -97,6 +102,8 @@ public class CategoryController {
|
|||
category.setUpdateDate(date);
|
||||
categoryFull.setUpdateDate(date);
|
||||
|
||||
List<String> subCategories = new ArrayList<>();
|
||||
|
||||
// if category not exists (no id), create a new default subcategory, identical to category
|
||||
if(categoryFull.getId() == null) {
|
||||
category.setCreationDate(date);
|
||||
|
@ -106,14 +113,24 @@ public class CategoryController {
|
|||
subCategory.createOverviewSubCategory(categoryFull);
|
||||
|
||||
subCategoryDAO.save(subCategory);
|
||||
List<SubCategory> subCategories = categoryFull.getSubCategories();
|
||||
subCategories.add(subCategory);
|
||||
}
|
||||
|
||||
List<String> subCategories = new ArrayList<>();
|
||||
for(SubCategory subCategory : categoryFull.getSubCategories()) {
|
||||
List<SubCategory> subCategoriesFull = categoryFull.getSubCategories();
|
||||
subCategoriesFull.add(subCategory);
|
||||
|
||||
for(SubCategory oldSubCategory : subCategoriesFull) {
|
||||
subCategories.add(oldSubCategory.getId());
|
||||
}
|
||||
} else {
|
||||
for(String subCategoryId : oldCategory.getSubCategories()) {
|
||||
SubCategory subCategory = subCategoryDAO.findById(subCategoryId);
|
||||
if (subCategory == null) {
|
||||
// EXCEPTION - SubCategory not found
|
||||
throw new EntityNotFoundException("Save category: SubCategory with id: "+subCategoryId+" not found (subcategory exists in category: "+category.getId()+")");
|
||||
}
|
||||
subCategories.add(subCategory.getId());
|
||||
}
|
||||
}
|
||||
|
||||
category.setSubCategories(subCategories);
|
||||
|
||||
if(stakeholder.getDefaultId() == null) {
|
||||
|
@ -223,7 +240,7 @@ public class CategoryController {
|
|||
List<String> roles = rolesUtils.getRoles();
|
||||
if(!rolesUtils.hasUpdateAuthority(roles, stakeholder.getType(), stakeholder.getAlias())) {
|
||||
// EXCEPTION - Access denied
|
||||
throw new AccessDeniedException("Delete category: You are not authorized to update stakeholder with id: "+stakeholderId);
|
||||
throw new ForbiddenException("Delete category: You are not authorized to update stakeholder with id: "+stakeholderId);
|
||||
}
|
||||
|
||||
Topic<String> topic = topicDAO.findById(topicId);
|
||||
|
@ -235,7 +252,7 @@ public class CategoryController {
|
|||
|
||||
if(category.getDefaultId() != null && !rolesUtils.hasCreateAndDeleteAuthority(roles, stakeholder.getType())) {
|
||||
// EXCEPTION - Access denied
|
||||
throw new AccessDeniedException("Delete category: You are not authorized to delete a default Category in stakeholder with id: "+stakeholderId);
|
||||
throw new ForbiddenException("Delete category: You are not authorized to delete a default Category in stakeholder with id: "+stakeholderId);
|
||||
}
|
||||
|
||||
|
||||
|
@ -369,15 +386,27 @@ public class CategoryController {
|
|||
|
||||
Topic<String> topic = checkForExceptions(stakeholderId, topicId);
|
||||
|
||||
List<String> oldCategories = topic.getCategories();
|
||||
for (String categoryId : oldCategories) {
|
||||
if (!categories.contains(categoryId)) {
|
||||
categories.add(categoryId);
|
||||
}
|
||||
}
|
||||
topic.setCategories(categories);
|
||||
|
||||
List<Category> categoriesFull = new ArrayList<>();
|
||||
for(String categoryId : categories) {
|
||||
Category category = categoryDAO.findById(categoryId);
|
||||
if(category == null) {
|
||||
// EXCEPTION - Category not found
|
||||
throw new EntityNotFoundException("Reorder Categories: Category with id: " + categoryId + " not found");
|
||||
}
|
||||
categoriesFull.add(category);
|
||||
}
|
||||
|
||||
topicDAO.save(topic);
|
||||
log.debug("Categories reordered!");
|
||||
|
||||
List<Category> categoriesFull = new ArrayList<>();
|
||||
for(String categoryId : categories) {
|
||||
categoriesFull.add(categoryDAO.findById(categoryId));
|
||||
}
|
||||
return categoriesFull;
|
||||
}
|
||||
|
||||
|
@ -448,7 +477,7 @@ public class CategoryController {
|
|||
List<String> roles = rolesUtils.getRoles();
|
||||
if(!rolesUtils.hasUpdateAuthority(roles, stakeholder.getType(), stakeholder.getAlias())) {
|
||||
// EXCEPTION - Access denied
|
||||
throw new AccessDeniedException("Toggle category: You are not authorized to update stakeholder with id: "+stakeholderId);
|
||||
throw new ForbiddenException("Toggle category: You are not authorized to update stakeholder with id: "+stakeholderId);
|
||||
}
|
||||
|
||||
Topic<String> topic = topicDAO.findById(topicId);
|
||||
|
@ -488,7 +517,7 @@ public class CategoryController {
|
|||
List<String> roles = rolesUtils.getRoles();
|
||||
if(!rolesUtils.hasUpdateAuthority(roles, stakeholder.getType(), stakeholder.getAlias())) {
|
||||
// EXCEPTION - Access denied
|
||||
throw new AccessDeniedException("checkForExceptions category: You are not authorized to update stakeholder with id: "+stakeholderId);
|
||||
throw new ForbiddenException("checkForExceptions category: You are not authorized to update stakeholder with id: "+stakeholderId);
|
||||
}
|
||||
|
||||
Topic<String> topic = topicDAO.findById(topicId);
|
||||
|
|
|
@ -4,6 +4,7 @@ package eu.dnetlib.uoamonitorservice.controllers;
|
|||
import eu.dnetlib.uoamonitorservice.dao.*;
|
||||
import eu.dnetlib.uoamonitorservice.entities.*;
|
||||
import eu.dnetlib.uoamonitorservice.handlers.EntityNotFoundException;
|
||||
import eu.dnetlib.uoaadmintoolslibrary.handlers.ForbiddenException;
|
||||
import eu.dnetlib.uoamonitorservice.handlers.PathNotValidException;
|
||||
import eu.dnetlib.uoamonitorservice.handlers.utils.RolesUtils;
|
||||
import org.apache.log4j.Logger;
|
||||
|
@ -13,6 +14,7 @@ import org.springframework.security.access.prepost.PreAuthorize;
|
|||
import org.springframework.web.bind.annotation.*;
|
||||
|
||||
import java.io.UnsupportedEncodingException;
|
||||
import java.lang.reflect.Field;
|
||||
import java.net.URLEncoder;
|
||||
import java.util.*;
|
||||
|
||||
|
@ -62,6 +64,10 @@ public class IndicatorController {
|
|||
Indicator oldIndicator = null;
|
||||
if(indicator.getId() != null) {
|
||||
oldIndicator = indicatorDAO.findById(indicator.getId());
|
||||
if(oldIndicator == null) {
|
||||
// EXCEPTION - Indicator not found
|
||||
throw new EntityNotFoundException("save indicator: Indicator with id: " + indicator.getId() + " not found");
|
||||
}
|
||||
} else { // indicator does not exist in DB
|
||||
indicator.setCreationDate(date);
|
||||
}
|
||||
|
@ -387,7 +393,7 @@ public class IndicatorController {
|
|||
List<String> roles = rolesUtils.getRoles();
|
||||
if(indicator.getDefaultId() != null && !rolesUtils.hasCreateAndDeleteAuthority(roles, stakeholder.getType())) {
|
||||
// EXCEPTION - Access denied
|
||||
throw new AccessDeniedException("Delete indicator: You are not authorized to delete a default Indicator in stakeholder with id: "+stakeholderId);
|
||||
throw new ForbiddenException("Delete indicator: You are not authorized to delete a default Indicator in stakeholder with id: "+stakeholderId);
|
||||
}
|
||||
|
||||
List<String> indicators = section.getIndicators();
|
||||
|
@ -568,21 +574,37 @@ public class IndicatorController {
|
|||
@PathVariable("subcategoryId") String subcategoryId,
|
||||
@PathVariable("sectionId") String sectionId,
|
||||
@PathVariable("type") String type,
|
||||
@RequestBody List<String> indicators) {
|
||||
@RequestBody ReorderEvent reorderEvent) {
|
||||
log.debug("reorder indicators of type: "+type);
|
||||
log.debug("Stakeholder: "+stakeholderId + " - Topic: "+topicId + " - Category: "+categoryId+ " - SubCategory: "+subcategoryId + " - Section: "+sectionId);
|
||||
|
||||
List<String> indicators = reorderEvent.getIds();
|
||||
String actionType = reorderEvent.getAction();
|
||||
String targetId = reorderEvent.getTarget();
|
||||
|
||||
Section<String> section = checkForExceptions(stakeholderId, topicId, categoryId, subcategoryId, sectionId, type);
|
||||
|
||||
List<String> oldIndicators = section.getIndicators();
|
||||
for (String indicatorId : oldIndicators) {
|
||||
if ((!actionType.equals("removed") || !targetId.equals(indicatorId)) && !indicators.contains(indicatorId)) {
|
||||
indicators.add(indicatorId);
|
||||
}
|
||||
}
|
||||
section.setIndicators(indicators);
|
||||
|
||||
List<Indicator> indicatorsFull = new ArrayList<>();
|
||||
for(String indicatorId : indicators) {
|
||||
Indicator indicator = indicatorDAO.findById(indicatorId);
|
||||
if(indicator == null) {
|
||||
// EXCEPTION - Indicator not found
|
||||
throw new EntityNotFoundException("Reorder indicators: Indicator with id: " + indicatorId + " not found");
|
||||
}
|
||||
indicatorsFull.add(indicator);
|
||||
}
|
||||
|
||||
sectionDAO.save(section);
|
||||
log.debug("Indicators reordered!");
|
||||
|
||||
List<Indicator> indicatorsFull = new ArrayList<>();
|
||||
for(String indicatorId : indicators) {
|
||||
indicatorsFull.add(indicatorDAO.findById(indicatorId));
|
||||
}
|
||||
return indicatorsFull;
|
||||
}
|
||||
|
||||
|
@ -680,7 +702,7 @@ public class IndicatorController {
|
|||
List<String> roles = rolesUtils.getRoles();
|
||||
if(!rolesUtils.hasUpdateAuthority(roles, stakeholder.getType(), stakeholder.getAlias())) {
|
||||
// EXCEPTION - Access denied
|
||||
throw new AccessDeniedException("CheckForExceptions Indicator: You are not authorized to update stakeholder with id: "+stakeholderId);
|
||||
throw new ForbiddenException("CheckForExceptions Indicator: You are not authorized to update stakeholder with id: "+stakeholderId);
|
||||
}
|
||||
|
||||
Topic<String> topic = topicDAO.findById(topicId);
|
||||
|
|
|
@ -3,6 +3,7 @@ package eu.dnetlib.uoamonitorservice.controllers;
|
|||
import eu.dnetlib.uoamonitorservice.dao.*;
|
||||
import eu.dnetlib.uoamonitorservice.entities.*;
|
||||
import eu.dnetlib.uoamonitorservice.handlers.EntityNotFoundException;
|
||||
import eu.dnetlib.uoaadmintoolslibrary.handlers.ForbiddenException;
|
||||
import eu.dnetlib.uoamonitorservice.handlers.PathNotValidException;
|
||||
import eu.dnetlib.uoamonitorservice.handlers.utils.RolesUtils;
|
||||
import org.apache.log4j.Logger;
|
||||
|
@ -91,19 +92,35 @@ public class SectionController {
|
|||
section.setUpdateDate(date);
|
||||
sectionFull.setUpdateDate(date);
|
||||
|
||||
List<String> indicators = new ArrayList<>();
|
||||
|
||||
Section<String> oldSection = null;
|
||||
if(sectionFull.getId() != null) {
|
||||
oldSection = sectionDAO.findById(sectionFull.getId());
|
||||
if(oldSection == null) {
|
||||
// EXCEPTION - Section not found
|
||||
throw new EntityNotFoundException("save section: Section with id: " + sectionFull.getId() + " not found");
|
||||
}
|
||||
|
||||
for(String indicatorId : oldSection.getIndicators()) {
|
||||
Indicator indicator = indicatorDAO.findById(indicatorId);
|
||||
if (indicator == null) {
|
||||
// EXCEPTION - Indicator not found
|
||||
throw new EntityNotFoundException("Save section: Indicator with id: "+indicatorId+" not found (indicator exists in section: "+section.getId()+")");
|
||||
}
|
||||
indicators.add(indicator.getId());
|
||||
}
|
||||
} else { // section does not exist in DB
|
||||
section.setCreationDate(date);
|
||||
sectionFull.setCreationDate(date);
|
||||
}
|
||||
|
||||
String sectionId = sectionFull.getId();
|
||||
List<String> indicators = new ArrayList<>();
|
||||
for(Indicator indicator : sectionFull.getIndicators()) {
|
||||
indicators.add(indicator.getId());
|
||||
}
|
||||
}
|
||||
|
||||
String sectionId = sectionFull.getId();
|
||||
|
||||
section.setIndicators(indicators);
|
||||
|
||||
Stakeholder<String> stakeholder = stakeholderDAO.findById(stakeholderId);
|
||||
|
@ -223,7 +240,7 @@ public class SectionController {
|
|||
List<String> roles = rolesUtils.getRoles();
|
||||
if(section.getDefaultId() != null && !rolesUtils.hasCreateAndDeleteAuthority(roles, stakeholder.getType())) {
|
||||
// EXCEPTION - Access denied
|
||||
throw new AccessDeniedException("Delete section: You are not authorized to delete a default Section in stakeholder with id: "+stakeholderId);
|
||||
throw new ForbiddenException("Delete section: You are not authorized to delete a default Section in stakeholder with id: "+stakeholderId);
|
||||
}
|
||||
|
||||
String type = "";
|
||||
|
@ -321,18 +338,36 @@ public class SectionController {
|
|||
SubCategory<String> subCategory = checkForExceptions(stakeholderId, topicId, categoryId, subcategoryId);
|
||||
|
||||
if (type.equals("chart")) {
|
||||
List<String> oldSections = subCategory.getCharts();
|
||||
for (String sectionId : oldSections) {
|
||||
if (!sections.contains(sectionId)) {
|
||||
sections.add(sectionId);
|
||||
}
|
||||
}
|
||||
subCategory.setCharts(sections);
|
||||
} else if (type.equals("number")) {
|
||||
List<String> oldSections = subCategory.getNumbers();
|
||||
for (String sectionId : oldSections) {
|
||||
if (!sections.contains(sectionId)) {
|
||||
sections.add(sectionId);
|
||||
}
|
||||
}
|
||||
subCategory.setNumbers(sections);
|
||||
}
|
||||
|
||||
List<Section> sectionsFull = new ArrayList<>();
|
||||
for(String sectionId : sections) {
|
||||
Section section = sectionDAO.findById(sectionId);
|
||||
if(section == null) {
|
||||
// EXCEPTION - Section not found
|
||||
throw new EntityNotFoundException("Reorder sections: Section with id: " + sectionId + " not found");
|
||||
}
|
||||
sectionsFull.add(section);
|
||||
}
|
||||
|
||||
subCategoryDAO.save(subCategory);
|
||||
log.debug("Sections reordered!");
|
||||
|
||||
List<Section> sectionsFull = new ArrayList<>();
|
||||
for(String sectionId : sections) {
|
||||
sectionsFull.add(sectionDAO.findById(sectionId));
|
||||
}
|
||||
return sectionsFull;
|
||||
}
|
||||
|
||||
|
@ -411,7 +446,7 @@ public class SectionController {
|
|||
List<String> roles = rolesUtils.getRoles();
|
||||
if(!rolesUtils.hasUpdateAuthority(roles, stakeholder.getType(), stakeholder.getAlias())) {
|
||||
// EXCEPTION - Access denied
|
||||
throw new AccessDeniedException("CheckForExceptions Section: You are not authorized to update stakeholder with id: "+stakeholderId);
|
||||
throw new ForbiddenException("CheckForExceptions Section: You are not authorized to update stakeholder with id: "+stakeholderId);
|
||||
}
|
||||
|
||||
Topic<String> topic = topicDAO.findById(topicId);
|
||||
|
|
|
@ -3,11 +3,13 @@ package eu.dnetlib.uoamonitorservice.controllers;
|
|||
import eu.dnetlib.uoamonitorservice.dao.*;
|
||||
import eu.dnetlib.uoamonitorservice.entities.*;
|
||||
import eu.dnetlib.uoamonitorservice.handlers.EntityNotFoundException;
|
||||
import eu.dnetlib.uoaadmintoolslibrary.handlers.ForbiddenException;
|
||||
import eu.dnetlib.uoamonitorservice.handlers.utils.RolesUtils;
|
||||
import org.apache.log4j.Logger;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
|
||||
import org.springframework.security.access.AccessDeniedException;
|
||||
import org.springframework.security.access.AuthorizationServiceException;
|
||||
import org.springframework.security.access.prepost.PreAuthorize;
|
||||
import org.springframework.web.bind.annotation.*;
|
||||
|
||||
|
@ -45,6 +47,25 @@ public class StakeholderController {
|
|||
@Autowired
|
||||
private TopicController topicController;
|
||||
|
||||
@PreAuthorize("isAuthenticated()")
|
||||
@RequestMapping(value = "/stakeholder/alias", method = RequestMethod.GET)
|
||||
public List<String> getAllReservedStakeholderAlias() {
|
||||
// log.debug("get all stakeholder reserved alias-es");
|
||||
List<String> stakeholderAlias = new ArrayList<>();
|
||||
|
||||
List<Stakeholder> stakeholders = stakeholderDAO.findAll();
|
||||
if(stakeholders != null) {
|
||||
stakeholders.forEach(stakeholder -> {
|
||||
stakeholderAlias.add(stakeholder.getAlias());
|
||||
});
|
||||
}
|
||||
stakeholderAlias.add( "all");
|
||||
stakeholderAlias.add("default");
|
||||
stakeholderAlias.add("alias");
|
||||
|
||||
return stakeholderAlias;
|
||||
}
|
||||
|
||||
// @PreAuthorize("isAuthenticated()")
|
||||
@PreAuthorize("hasAnyAuthority(" +
|
||||
"@AuthorizationService.PORTAL_ADMIN, " +
|
||||
|
@ -202,6 +223,24 @@ public class StakeholderController {
|
|||
return stakeholderFull;
|
||||
}
|
||||
|
||||
// private SubCategory setFullSubcategory(SubCategory subCategory) {
|
||||
// SubCategory subCategoryFull = new SubCategory<Section<Indicator>>(subCategory);
|
||||
//
|
||||
// List<Section> sectionsCharts = new ArrayList<>();
|
||||
//
|
||||
// for(String sectionId : subCategory.getCharts()) {
|
||||
// sectionsCharts.add(getSectionFull(sectionId, subCategoryId, addAll, addPublicAndRestricted));
|
||||
// }
|
||||
// subCategoryFull.setCharts(sectionsCharts);
|
||||
//
|
||||
// List<Section> sectionsNumbers = new ArrayList<>();
|
||||
//
|
||||
// for(String sectionId : subCategory.getNumbers()) {
|
||||
// sectionsNumbers.add(getSectionFull(sectionId, subCategoryId, addAll, addPublicAndRestricted));
|
||||
// }
|
||||
// subCategoryFull.setNumbers(sectionsNumbers);
|
||||
// }
|
||||
|
||||
private Section getSectionFull(String sectionId, String subCategoryId, boolean addAll, boolean addPublicAndRestricted) {
|
||||
Section<String> section = sectionDAO.findById(sectionId);
|
||||
if (section == null) {
|
||||
|
@ -235,7 +274,7 @@ public class StakeholderController {
|
|||
"@AuthorizationService.PORTAL_ADMIN)")
|
||||
@RequestMapping(value = "/stakeholder/all", method = RequestMethod.GET)
|
||||
public List<Stakeholder> getAllStakeholders(@RequestParam(required = false) String type) {
|
||||
log.debug("get all stakeholders" + (type != null ? " with type: "+type : ""));
|
||||
// log.debug("get all stakeholders" + (type != null ? " with type: "+type : ""));
|
||||
|
||||
List<Stakeholder> stakeholders;
|
||||
if(type == null) {
|
||||
|
@ -256,7 +295,7 @@ public class StakeholderController {
|
|||
@PreAuthorize("isAuthenticated()")
|
||||
@RequestMapping(value = "/stakeholder/default", method = RequestMethod.GET)
|
||||
public List<Stakeholder> getAllDefaultStakeholders(@RequestParam(required = false) String type) {
|
||||
log.debug("get all default stakeholders" + (type != null ? " with type: "+type : ""));
|
||||
// log.debug("get all default stakeholders" + (type != null ? " with type: "+type : ""));
|
||||
|
||||
List<Stakeholder> stakeholders;
|
||||
if(type == null) {
|
||||
|
@ -299,7 +338,7 @@ public class StakeholderController {
|
|||
|
||||
@RequestMapping(value = "/stakeholder", method = RequestMethod.GET)
|
||||
public List<Stakeholder> getAllRealStakeholders(@RequestParam(required = false) String type) {
|
||||
log.debug("get all NOT default stakeholders" + (type != null ? " with type: "+type : ""));
|
||||
// log.debug("get all NOT default stakeholders" + (type != null ? " with type: "+type : ""));
|
||||
|
||||
List<Stakeholder> stakeholders;
|
||||
if(type == null) {
|
||||
|
@ -351,7 +390,7 @@ public class StakeholderController {
|
|||
@PreAuthorize("isAuthenticated()")
|
||||
@RequestMapping(value = "/my-stakeholder", method = RequestMethod.GET)
|
||||
public List<Stakeholder> getMyRealStakeholders(@RequestParam(required = false) String type) {
|
||||
log.debug("get my NOT default stakeholders" + (type != null ? " with type: "+type : ""));
|
||||
// log.debug("get my NOT default stakeholders" + (type != null ? " with type: "+type : ""));
|
||||
|
||||
List<Stakeholder> stakeholders;
|
||||
if(type == null) {
|
||||
|
@ -398,7 +437,7 @@ public class StakeholderController {
|
|||
|
||||
@RequestMapping(value = "/stakeholder/{alias}", method = RequestMethod.GET)
|
||||
public Stakeholder getStakeholder(@PathVariable("alias") String alias) {
|
||||
log.debug("get stakeholder: "+alias);
|
||||
// log.debug("get stakeholder: "+alias);
|
||||
|
||||
Stakeholder<String> stakeholder = stakeholderDAO.findByAlias(alias);
|
||||
if(stakeholder == null) {
|
||||
|
@ -409,10 +448,19 @@ public class StakeholderController {
|
|||
// List<String> roles = authorizationService.getRoles();
|
||||
List<String> roles = rolesUtils.getRoles();
|
||||
|
||||
if(stakeholder.getDefaultId() == null && !rolesUtils.isLoggedIn(roles)) {
|
||||
// EXCEPTION - Unauthorized
|
||||
throw new AccessDeniedException("Get stakeholder: You are not authorized (not logged in) to access stakeholder with alias: "+alias);
|
||||
}
|
||||
if(stakeholder.getDefaultId() == null && !rolesUtils.hasCreateAndDeleteAuthority(roles, stakeholder.getType())) {
|
||||
// EXCEPTION - Access denied
|
||||
throw new ForbiddenException("Get stakeholder: You are not authorized to access stakeholder with alias: "+alias);
|
||||
}
|
||||
|
||||
if((stakeholder.getVisibility() == Visibility.PRIVATE && !rolesUtils.hasUpdateAuthority(roles, stakeholder.getType(), stakeholder.getAlias())
|
||||
|| (stakeholder.getVisibility() == Visibility.RESTRICTED && !rolesUtils.hasUpdateAuthority(roles, stakeholder.getType(), stakeholder.getAlias()) && !rolesUtils.isMember(roles, stakeholder.getType(), stakeholder.getAlias())))) {
|
||||
// // EXCEPTION - Access denied
|
||||
// throw new AccessDeniedException("Get stakeholder: You are not authorized to get stakeholder with alias: "+alias);
|
||||
// throw new ForbiddenException("Get stakeholder: You are not authorized to get stakeholder with alias: "+alias);
|
||||
List<String> topicsEmpty = stakeholder.getTopics();
|
||||
topicsEmpty.clear();
|
||||
stakeholder.setTopics(topicsEmpty);
|
||||
|
@ -424,11 +472,11 @@ public class StakeholderController {
|
|||
}
|
||||
|
||||
// @PreAuthorize("isAuthenticated()")
|
||||
@PreAuthorize("hasAnyAuthority(" +
|
||||
"@AuthorizationService.PORTAL_ADMIN, " +
|
||||
"@AuthorizationService.curator(#stakeholderFull.getType()), " +
|
||||
"@AuthorizationService.manager(#stakeholderFull.getType(), #stakeholderFull.getAlias()) " +
|
||||
")")
|
||||
@PreAuthorize("hasAnyAuthority("
|
||||
+ "@AuthorizationService.PORTAL_ADMIN, "
|
||||
+ "@AuthorizationService.curator(#stakeholderFull.getType()), "
|
||||
+ "@AuthorizationService.manager(#stakeholderFull.getType(), #stakeholderFull.getAlias()) "
|
||||
+ ")")
|
||||
@RequestMapping(value = "/save", method = RequestMethod.POST)
|
||||
public Stakeholder<Topic> saveStakeholder(@RequestBody Stakeholder<Topic> stakeholderFull) {
|
||||
log.debug("save stakeholder");
|
||||
|
@ -444,15 +492,33 @@ public class StakeholderController {
|
|||
Date date = new Date();
|
||||
stakeholder.setUpdateDate(date);
|
||||
|
||||
List<String> topics = new ArrayList<>();
|
||||
|
||||
// stakeholder does not exist in DB
|
||||
if(stakeholderFull.getId() == null) {
|
||||
stakeholder.setCreationDate(date);
|
||||
}
|
||||
|
||||
List<String> topics = new ArrayList<>();
|
||||
for(Topic topic : stakeholderFull.getTopics()) {
|
||||
topics.add(topic.getId());
|
||||
}
|
||||
} else {
|
||||
Stakeholder<String> oldStakeholder = stakeholderDAO.findById(stakeholderFull.getId());
|
||||
if(oldStakeholder == null) {
|
||||
// EXCEPTION - Stakeholder not found
|
||||
throw new EntityNotFoundException("save stakeholder: Stakeholder with id: "+stakeholderFull.getId()+" not found");
|
||||
}
|
||||
for(String topicId : oldStakeholder.getTopics()) {
|
||||
Topic topic = topicDAO.findById(topicId);
|
||||
if (topic == null) {
|
||||
// EXCEPTION - Topic not found
|
||||
throw new EntityNotFoundException("Save stakeholder: Topic with id: "+topicId+" not found (topic exists in stakeholder: "+stakeholder.getId()+")");
|
||||
}
|
||||
topics.add(topic.getId());
|
||||
}
|
||||
// stakeholder.setTopics(topics);
|
||||
// stakeholderFull = this.setFullEntities(stakeholder, rolesUtils.getRoles());
|
||||
}
|
||||
|
||||
stakeholder.setTopics(topics);
|
||||
|
||||
Stakeholder<String> stakeholderSaved = stakeholderDAO.save(stakeholder);
|
||||
|
@ -483,7 +549,7 @@ public class StakeholderController {
|
|||
// && !roles.contains(authorizationService.curator(stakeholder.getType()))) {
|
||||
if(!rolesUtils.hasCreateAndDeleteAuthority(roles, stakeholder.getType())) {
|
||||
// EXCEPTION - Access denied
|
||||
throw new AccessDeniedException("Delete stakeholder: You are not authorized to delete stakeholder with id: "+stakeholderId);
|
||||
throw new ForbiddenException("Delete stakeholder: You are not authorized to delete stakeholder with id: "+stakeholderId);
|
||||
}
|
||||
|
||||
// for(String topicId : stakeholder.getTopics()) {
|
||||
|
@ -615,7 +681,7 @@ public class StakeholderController {
|
|||
// && !roles.contains(authorizationService.manager(stakeholder.getType(), stakeholder.getAlias()))) {
|
||||
if(!rolesUtils.hasUpdateAuthority(roles, stakeholder.getType(), stakeholder.getAlias())) {
|
||||
// EXCEPTION - Access denied
|
||||
throw new AccessDeniedException("Change stakeholder visibility: You are not authorized to update stakeholder with id: "+stakeholderId);
|
||||
throw new ForbiddenException("Change stakeholder visibility: You are not authorized to update stakeholder with id: "+stakeholderId);
|
||||
}
|
||||
stakeholder.setVisibility(visibility);
|
||||
|
||||
|
|
|
@ -3,6 +3,7 @@ package eu.dnetlib.uoamonitorservice.controllers;
|
|||
import eu.dnetlib.uoamonitorservice.dao.*;
|
||||
import eu.dnetlib.uoamonitorservice.entities.*;
|
||||
import eu.dnetlib.uoamonitorservice.handlers.EntityNotFoundException;
|
||||
import eu.dnetlib.uoaadmintoolslibrary.handlers.ForbiddenException;
|
||||
import eu.dnetlib.uoamonitorservice.handlers.PathNotValidException;
|
||||
import eu.dnetlib.uoamonitorservice.handlers.utils.RolesUtils;
|
||||
import org.apache.log4j.Logger;
|
||||
|
@ -101,12 +102,45 @@ public class SubCategoryController {
|
|||
subCategory.setUpdateDate(date);
|
||||
subcategoryFull.setUpdateDate(date);
|
||||
|
||||
List<String> chartSections = new ArrayList<>();
|
||||
List<String> numberSections = new ArrayList<>();
|
||||
|
||||
SubCategory<String> oldSubcategory = null;
|
||||
if(subcategoryFull.getId() != null) {
|
||||
oldSubcategory = subCategoryDAO.findById(subcategoryFull.getId());
|
||||
if(oldSubcategory == null) {
|
||||
// EXCEPTION - SubCategory not found
|
||||
throw new EntityNotFoundException("save subcategory: SubCategory with id: " + subcategoryFull.getId() + " not found");
|
||||
}
|
||||
|
||||
for(String chartSectionId : oldSubcategory.getCharts()) {
|
||||
Section section = sectionDAO.findById(chartSectionId);
|
||||
if (section == null) {
|
||||
// EXCEPTION - Section not found
|
||||
throw new EntityNotFoundException("Save subcategory: Chart section with id: "+chartSectionId+" not found (section exists in subcategory: "+subCategory.getId()+")");
|
||||
}
|
||||
chartSections.add(section.getId());
|
||||
}
|
||||
|
||||
for(String numberSectionId : oldSubcategory.getNumbers()) {
|
||||
Section section = sectionDAO.findById(numberSectionId);
|
||||
if (section == null) {
|
||||
// EXCEPTION - Section not found
|
||||
throw new EntityNotFoundException("Save subcategory: Number section with id: "+numberSectionId+" not found (section exists in subcategory: "+subCategory.getId()+")");
|
||||
}
|
||||
numberSections.add(section.getId());
|
||||
}
|
||||
} else { // subcategory does not exist in DB
|
||||
subCategory.setCreationDate(date);
|
||||
subcategoryFull.setCreationDate(date);
|
||||
|
||||
for(Section chartSection : subcategoryFull.getCharts()) {
|
||||
chartSections.add(chartSection.getId());
|
||||
}
|
||||
|
||||
for(Section numberSection : subcategoryFull.getNumbers()) {
|
||||
numberSections.add(numberSection.getId());
|
||||
}
|
||||
}
|
||||
|
||||
// List<String> charts = new ArrayList<>();
|
||||
|
@ -121,16 +155,8 @@ public class SubCategoryController {
|
|||
// }
|
||||
// subCategory.setNumbers(numbers);
|
||||
|
||||
List<String> chartSections = new ArrayList<>();
|
||||
for(Section chartSection : subcategoryFull.getCharts()) {
|
||||
chartSections.add(chartSection.getId());
|
||||
}
|
||||
subCategory.setCharts(chartSections);
|
||||
|
||||
List<String> numberSections = new ArrayList<>();
|
||||
for(Section numberSection : subcategoryFull.getNumbers()) {
|
||||
numberSections.add(numberSection.getId());
|
||||
}
|
||||
subCategory.setCharts(chartSections);
|
||||
subCategory.setNumbers(numberSections);
|
||||
|
||||
Stakeholder<String> stakeholder = stakeholderDAO.findById(stakeholderId);
|
||||
|
@ -231,7 +257,7 @@ public class SubCategoryController {
|
|||
List<String> roles = rolesUtils.getRoles();
|
||||
if(subcategory.getDefaultId() != null && !rolesUtils.hasCreateAndDeleteAuthority(roles, stakeholder.getType())) {
|
||||
// EXCEPTION - Access denied
|
||||
throw new AccessDeniedException("Delete subcategory: You are not authorized to delete a default SubCategory in stakeholder with id: "+stakeholderId);
|
||||
throw new ForbiddenException("Delete subcategory: You are not authorized to delete a default SubCategory in stakeholder with id: "+stakeholderId);
|
||||
}
|
||||
|
||||
List<String> subcategories = category.getSubCategories();
|
||||
|
@ -344,15 +370,27 @@ public class SubCategoryController {
|
|||
|
||||
Category<String> category = checkForExceptions(stakeholderId, topicId, categoryId);
|
||||
|
||||
List<String> oldSubcategories = category.getSubCategories();
|
||||
for (String subcategoryId : oldSubcategories) {
|
||||
if (!subCategories.contains(subcategoryId)) {
|
||||
subCategories.add(subcategoryId);
|
||||
}
|
||||
}
|
||||
category.setSubCategories(subCategories);
|
||||
|
||||
List<SubCategory> subCategoriesFull = new ArrayList<>();
|
||||
for(String subCategoryId : subCategories) {
|
||||
SubCategory subCategory = subCategoryDAO.findById(subCategoryId);
|
||||
if(subCategory == null) {
|
||||
// EXCEPTION - SubCategory not found
|
||||
throw new EntityNotFoundException("Reorder subCategories: subCategory with id: " + subCategoryId + " not found");
|
||||
}
|
||||
subCategoriesFull.add(subCategory);
|
||||
}
|
||||
|
||||
categoryDAO.save(category);
|
||||
log.debug("SubCategories reordered!");
|
||||
|
||||
List<SubCategory> subCategoriesFull = new ArrayList<>();
|
||||
for(String subCategoryId : subCategories) {
|
||||
subCategoriesFull.add(subCategoryDAO.findById(subCategoryId));
|
||||
}
|
||||
return subCategoriesFull;
|
||||
}
|
||||
|
||||
|
@ -443,7 +481,7 @@ public class SubCategoryController {
|
|||
List<String> roles = rolesUtils.getRoles();
|
||||
if(!rolesUtils.hasUpdateAuthority(roles, stakeholder.getType(), stakeholder.getAlias())) {
|
||||
// EXCEPTION - Access denied
|
||||
throw new AccessDeniedException("CheckForExceptions SubCategory: You are not authorized to update stakeholder with id: "+stakeholderId);
|
||||
throw new ForbiddenException("CheckForExceptions SubCategory: You are not authorized to update stakeholder with id: "+stakeholderId);
|
||||
}
|
||||
|
||||
Topic<String> topic = topicDAO.findById(topicId);
|
||||
|
|
|
@ -3,6 +3,7 @@ package eu.dnetlib.uoamonitorservice.controllers;
|
|||
import eu.dnetlib.uoamonitorservice.dao.*;
|
||||
import eu.dnetlib.uoamonitorservice.entities.*;
|
||||
import eu.dnetlib.uoamonitorservice.handlers.EntityNotFoundException;
|
||||
import eu.dnetlib.uoaadmintoolslibrary.handlers.ForbiddenException;
|
||||
import eu.dnetlib.uoamonitorservice.handlers.PathNotValidException;
|
||||
import eu.dnetlib.uoamonitorservice.handlers.utils.RolesUtils;
|
||||
import org.apache.log4j.Logger;
|
||||
|
@ -33,6 +34,9 @@ public class TopicController {
|
|||
@Autowired
|
||||
private CategoryController categoryController;
|
||||
|
||||
@Autowired
|
||||
private CategoryDAO categoryDAO;
|
||||
|
||||
public Topic<Category> buildTopic(Topic<Category> topicFull) {
|
||||
Topic<String> topic = new Topic<>(topicFull);
|
||||
|
||||
|
@ -72,7 +76,7 @@ public class TopicController {
|
|||
List<String> roles = rolesUtils.getRoles();
|
||||
if(!rolesUtils.hasUpdateAuthority(roles, stakeholder.getType(), stakeholder.getAlias())) {
|
||||
// EXCEPTION - Access denied
|
||||
throw new AccessDeniedException("Save Topic: You are not authorized to update stakeholder with id: "+stakeholderId);
|
||||
throw new ForbiddenException("Save Topic: You are not authorized to update stakeholder with id: "+stakeholderId);
|
||||
}
|
||||
|
||||
Topic<String> topic = new Topic<>(topicFull);
|
||||
|
@ -80,18 +84,32 @@ public class TopicController {
|
|||
topic.setUpdateDate(date);
|
||||
topicFull.setUpdateDate(date);
|
||||
|
||||
List<String> categories = new ArrayList<>();
|
||||
|
||||
Topic<String> oldTopic = null;
|
||||
if(topicFull.getId() != null) {
|
||||
oldTopic = topicDAO.findById(topicFull.getId());
|
||||
if(oldTopic == null) {
|
||||
// EXCEPTION - Topic not found
|
||||
throw new EntityNotFoundException("save topic: Topic with id: "+topicFull.getId()+" not found");
|
||||
}
|
||||
for(String categoryId : oldTopic.getCategories()) {
|
||||
Category category = categoryDAO.findById(categoryId);
|
||||
if (category == null) {
|
||||
// EXCEPTION - Category not found
|
||||
throw new EntityNotFoundException("Save topic: Category with id: "+categoryId+" not found (category exists in topic: "+topic.getId()+")");
|
||||
}
|
||||
categories.add(category.getId());
|
||||
}
|
||||
} else { // topic does not exist in DB
|
||||
topic.setCreationDate(date);
|
||||
topicFull.setCreationDate(date);
|
||||
}
|
||||
|
||||
List<String> categories = new ArrayList<>();
|
||||
for(Category category : topicFull.getCategories()) {
|
||||
categories.add(category.getId());
|
||||
}
|
||||
}
|
||||
|
||||
topic.setCategories(categories);
|
||||
|
||||
if(stakeholder.getDefaultId() == null) {
|
||||
|
@ -195,7 +213,7 @@ public class TopicController {
|
|||
List<String> roles = rolesUtils.getRoles();
|
||||
if(!rolesUtils.hasUpdateAuthority(roles, stakeholder.getType(), stakeholder.getAlias())) {
|
||||
// EXCEPTION - Access denied
|
||||
throw new AccessDeniedException("Delete topic: You are not authorized to update stakeholder with id: "+stakeholderId);
|
||||
throw new ForbiddenException("Delete topic: You are not authorized to update stakeholder with id: "+stakeholderId);
|
||||
}
|
||||
|
||||
Topic<String> topic = topicDAO.findById(topicId);
|
||||
|
@ -203,7 +221,7 @@ public class TopicController {
|
|||
|
||||
if(topic.getDefaultId() != null && !rolesUtils.hasCreateAndDeleteAuthority(roles, stakeholder.getType())) {
|
||||
// EXCEPTION - Access denied
|
||||
throw new AccessDeniedException("Delete topic: You are not authorized to delete a default Topic in stakeholder with id: "+stakeholderId);
|
||||
throw new ForbiddenException("Delete topic: You are not authorized to delete a default Topic in stakeholder with id: "+stakeholderId);
|
||||
}
|
||||
|
||||
List<String> topics = stakeholder.getTopics();
|
||||
|
@ -269,7 +287,7 @@ public class TopicController {
|
|||
stakeholderDAO.save(stakeholder);
|
||||
|
||||
topicDAO.delete(topicId);
|
||||
log.debug("Category deleted!");
|
||||
log.debug("Topic deleted!");
|
||||
} else {
|
||||
// EXCEPTION - Topic not found in Stakeholder: stakeholder.getAlias();
|
||||
throw new PathNotValidException("Delete topic: Topic with id: "+topicId+" not found in Stakeholder: "+stakeholderId);
|
||||
|
@ -322,7 +340,7 @@ public class TopicController {
|
|||
topic.setDefaultId(null);
|
||||
topicDAO.save(topic);
|
||||
|
||||
log.debug("DefaultId for Topic with id: "+topic.getId()+" empty!");
|
||||
log.debug("DefaultId for Topic with id: "+topic.getId()+" cleared!");
|
||||
}
|
||||
}
|
||||
return true;
|
||||
|
@ -342,18 +360,30 @@ public class TopicController {
|
|||
List<String> roles = rolesUtils.getRoles();
|
||||
if(!rolesUtils.hasUpdateAuthority(roles, stakeholder.getType(), stakeholder.getAlias())) {
|
||||
// EXCEPTION - Access denied
|
||||
throw new AccessDeniedException("Reorder topics: You are not authorized to update stakeholder with id: "+stakeholderId);
|
||||
throw new ForbiddenException("Reorder topics: You are not authorized to update stakeholder with id: "+stakeholderId);
|
||||
}
|
||||
|
||||
List<String> oldTopics = stakeholder.getTopics();
|
||||
for (String topicId : oldTopics) {
|
||||
if (!topics.contains(topicId)) {
|
||||
topics.add(topicId);
|
||||
}
|
||||
}
|
||||
stakeholder.setTopics(topics);
|
||||
|
||||
List<Topic> topicsFull = new ArrayList<>();
|
||||
for (String topicId : topics) {
|
||||
Topic topic = topicDAO.findById(topicId);
|
||||
if(topic == null) {
|
||||
// EXCEPTION - Topic not found
|
||||
throw new EntityNotFoundException("Reorder Topics: Topic with id: " + topicId + " not found");
|
||||
}
|
||||
topicsFull.add(topic);
|
||||
}
|
||||
|
||||
stakeholderDAO.save(stakeholder);
|
||||
log.debug("Topics reordered!");
|
||||
|
||||
List<Topic> topicsFull = new ArrayList<>();
|
||||
for (String topicId : topics) {
|
||||
topicsFull.add(topicDAO.findById(topicId));
|
||||
}
|
||||
return topicsFull;
|
||||
} else {
|
||||
// EXCEPTION - Stakeholder not found
|
||||
|
@ -425,7 +455,7 @@ public class TopicController {
|
|||
List<String> roles = rolesUtils.getRoles();
|
||||
if(!rolesUtils.hasUpdateAuthority(roles, stakeholder.getType(), stakeholder.getAlias())) {
|
||||
// EXCEPTION - Access denied
|
||||
throw new AccessDeniedException("Toggle topic: You are not authorized to update stakeholder with id: "+stakeholderId);
|
||||
throw new ForbiddenException("Toggle topic: You are not authorized to update stakeholder with id: "+stakeholderId);
|
||||
}
|
||||
|
||||
if (stakeholder.getTopics().contains(topic.getId())) {
|
||||
|
|
|
@ -0,0 +1,42 @@
|
|||
package eu.dnetlib.uoamonitorservice.entities;
|
||||
|
||||
import java.util.List;
|
||||
|
||||
public class ReorderEvent {
|
||||
private String action; // "moved", "added", "removed"
|
||||
private String target;
|
||||
private List<String> ids;
|
||||
|
||||
public String getAction() {
|
||||
return action;
|
||||
}
|
||||
|
||||
public void setAction(String action) {
|
||||
this.action = action;
|
||||
}
|
||||
|
||||
public String getTarget() {
|
||||
return target;
|
||||
}
|
||||
|
||||
public void setTarget(String target) {
|
||||
this.target = target;
|
||||
}
|
||||
|
||||
public List<String> getIds() {
|
||||
return ids;
|
||||
}
|
||||
|
||||
public void setIds(List<String> ids) {
|
||||
this.ids = ids;
|
||||
}
|
||||
|
||||
@Override
|
||||
public String toString() {
|
||||
return "ReorderEvent{" +
|
||||
"action='" + action + '\'' +
|
||||
", target='" + target + '\'' +
|
||||
", ids=" + ids +
|
||||
'}';
|
||||
}
|
||||
}
|
|
@ -1,55 +1,18 @@
|
|||
package eu.dnetlib.uoamonitorservice.handlers;
|
||||
|
||||
import eu.dnetlib.uoamonitorservice.responses.ExceptionResponse;
|
||||
import eu.dnetlib.uoaadmintoolslibrary.responses.ExceptionResponse;
|
||||
import org.apache.log4j.Logger;
|
||||
import org.springframework.data.crossstore.ChangeSetPersister;
|
||||
import org.springframework.http.HttpStatus;
|
||||
import org.springframework.http.ResponseEntity;
|
||||
import org.springframework.security.access.AccessDeniedException;
|
||||
import org.springframework.web.bind.MissingServletRequestParameterException;
|
||||
import org.springframework.web.bind.annotation.ControllerAdvice;
|
||||
import org.springframework.web.bind.annotation.ExceptionHandler;
|
||||
import org.springframework.web.bind.annotation.RestController;
|
||||
import org.springframework.web.multipart.support.MissingServletRequestPartException;
|
||||
|
||||
@ControllerAdvice
|
||||
@RestController
|
||||
public class ExceptionsHandler {
|
||||
private final Logger log = Logger.getLogger(this.getClass());
|
||||
|
||||
@ExceptionHandler(MissingServletRequestParameterException.class)
|
||||
public ResponseEntity<ExceptionResponse> invalidInput(Exception ex) {
|
||||
ExceptionResponse response = new ExceptionResponse();
|
||||
response.setErrorCode("Validation Error");
|
||||
response.setErrorMessage("Invalid inputs");
|
||||
response.setErrors(ex.getMessage());
|
||||
response.setStatus(HttpStatus.BAD_REQUEST);
|
||||
log.error("invalidInput exception : "+ ex.getMessage());
|
||||
return new ResponseEntity<ExceptionResponse>(response, HttpStatus.BAD_REQUEST);
|
||||
}
|
||||
|
||||
@ExceptionHandler(NullPointerException.class)
|
||||
public ResponseEntity<ExceptionResponse> nullPointerException(Exception ex) {
|
||||
ExceptionResponse response = new ExceptionResponse();
|
||||
response.setErrorCode("Null pointer Exception");
|
||||
response.setErrorMessage("Null pointer Exception");
|
||||
response.setErrors(ex.getMessage());
|
||||
response.setStatus(HttpStatus.BAD_REQUEST);
|
||||
log.error("nullPointerException exception : "+ ex.getMessage());
|
||||
return new ResponseEntity<ExceptionResponse>(response, HttpStatus.BAD_REQUEST);
|
||||
}
|
||||
|
||||
@ExceptionHandler(ChangeSetPersister.NotFoundException.class)
|
||||
public ResponseEntity<ExceptionResponse> notFoundException(Exception ex) {
|
||||
ExceptionResponse response = new ExceptionResponse();
|
||||
response.setErrorCode("Not found Exception");
|
||||
response.setErrorMessage("Not found Exception");
|
||||
response.setErrors(ex.getMessage());
|
||||
response.setStatus(HttpStatus.NOT_FOUND);
|
||||
log.error("notFoundException exception : "+ ex.getMessage());
|
||||
return new ResponseEntity<ExceptionResponse>(response, HttpStatus.NOT_FOUND);
|
||||
}
|
||||
|
||||
@ExceptionHandler(EntityNotFoundException.class)
|
||||
public ResponseEntity<ExceptionResponse> entityNotFoundException(Exception ex) {
|
||||
ExceptionResponse response = new ExceptionResponse();
|
||||
|
@ -72,14 +35,4 @@ public class ExceptionsHandler {
|
|||
return new ResponseEntity<ExceptionResponse>(response, HttpStatus.NOT_FOUND);
|
||||
}
|
||||
|
||||
@ExceptionHandler(AccessDeniedException.class)
|
||||
public ResponseEntity<ExceptionResponse> accessDeniedException(Exception ex) {
|
||||
ExceptionResponse response = new ExceptionResponse();
|
||||
response.setErrorCode("Forbidden Exception");
|
||||
response.setErrorMessage("Access Denied Exception");
|
||||
response.setErrors(ex.getMessage());
|
||||
response.setStatus(HttpStatus.FORBIDDEN);
|
||||
log.error("accessDeniedException exception : "+ ex.getMessage());
|
||||
return new ResponseEntity<ExceptionResponse>(response, HttpStatus.FORBIDDEN);
|
||||
}
|
||||
}
|
||||
|
|
|
@ -55,6 +55,13 @@ public class RolesUtils {
|
|||
return roles.contains(authorizationService.member(type, id));
|
||||
}
|
||||
|
||||
public boolean isLoggedIn(List<String> roles) {
|
||||
if(roles == null || roles.contains(authorizationService.ANONYMOUS_USER)) {
|
||||
return false;
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
public boolean hasUpdateAuthority(List<String> roles, String type, String id) {
|
||||
return isPortalAdmin(roles) || isCurator(roles, type) || isManager(roles, type, id);
|
||||
}
|
||||
|
|
|
@ -1,40 +0,0 @@
|
|||
package eu.dnetlib.uoamonitorservice.responses;
|
||||
|
||||
import org.springframework.http.HttpStatus;
|
||||
|
||||
public class ExceptionResponse {
|
||||
private HttpStatus status;
|
||||
private String errorCode;
|
||||
private String errorMessage;
|
||||
private String errors;
|
||||
|
||||
public ExceptionResponse() {}
|
||||
|
||||
public HttpStatus getStatus() { return status; }
|
||||
|
||||
public void setStatus(HttpStatus status) { this.status = status; }
|
||||
|
||||
public String getErrorCode() {
|
||||
return errorCode;
|
||||
}
|
||||
|
||||
public void setErrorCode(String errorCode) {
|
||||
this.errorCode = errorCode;
|
||||
}
|
||||
|
||||
public String getErrorMessage() {
|
||||
return errorMessage;
|
||||
}
|
||||
|
||||
public void setErrorMessage(String errorMessage) {
|
||||
this.errorMessage = errorMessage;
|
||||
}
|
||||
|
||||
public String getErrors() {
|
||||
return errors;
|
||||
}
|
||||
|
||||
public void setErrors(String errors) {
|
||||
this.errors = errors;
|
||||
}
|
||||
}
|
Loading…
Reference in New Issue