Moved permissions at the controller level
This commit is contained in:
parent
dfcd57129f
commit
530aac4540
|
|
@ -5,6 +5,7 @@ import eu.dnetlib.repo.manager.domain.OrderByField;
|
|||
import eu.dnetlib.repo.manager.domain.OrderByType;
|
||||
import eu.dnetlib.repo.manager.domain.Paging;
|
||||
import eu.dnetlib.repo.manager.service.PiWikServiceImpl;
|
||||
import eu.dnetlib.repo.manager.service.RepositoryService;
|
||||
import eu.dnetlib.repo.manager.shared.RepositoryServiceException;
|
||||
import io.swagger.annotations.Api;
|
||||
import io.swagger.annotations.ApiImplicitParam;
|
||||
|
|
@ -14,6 +15,7 @@ import org.springframework.beans.factory.annotation.Autowired;
|
|||
import org.springframework.core.io.FileSystemResource;
|
||||
import org.springframework.http.MediaType;
|
||||
import org.springframework.http.ResponseEntity;
|
||||
import org.springframework.security.access.prepost.PostAuthorize;
|
||||
import org.springframework.security.access.prepost.PreAuthorize;
|
||||
import org.springframework.web.bind.annotation.*;
|
||||
|
||||
|
|
@ -40,16 +42,19 @@ public class PiWikController {
|
|||
@Autowired
|
||||
private PiWikServiceImpl piWikService;
|
||||
|
||||
@Autowired
|
||||
private RepositoryService repositoryService;
|
||||
|
||||
|
||||
@RequestMapping(value = "/getPiwikSiteForRepo/{repositoryId}" , method = RequestMethod.GET,produces = MediaType.APPLICATION_JSON_VALUE)
|
||||
@ResponseBody
|
||||
@PreAuthorize("hasRole('ROLE_ADMIN') or hasRole('ROLE_PROVIDE_ADMIN') or (@repositoryService.getRepositoryById(#repositoryId).registeredBy==authentication.userInfo.email and hasRole('ROLE_USER'))")
|
||||
public PiwikInfo getPiwikSiteForRepo(@PathVariable("repositoryId") String repositoryId) {
|
||||
return piWikService.getPiwikSiteForRepo(repositoryId);
|
||||
}
|
||||
|
||||
@RequestMapping(value = "/savePiwikInfo" , method = RequestMethod.POST,produces = MediaType.APPLICATION_JSON_VALUE)
|
||||
@PreAuthorize("hasRole('ROLE_ADMIN') or hasRole('ROLE_PROVIDE_ADMIN') or (hasRole('ROLE_USER') " +
|
||||
"and #piwikInfo.requestorEmail == authentication.userInfo.email)")
|
||||
@PreAuthorize("hasRole('ROLE_ADMIN') or hasRole('ROLE_PROVIDE_ADMIN') or (@repositoryService.getRepositoryById(#piwikInfo.repositoryId).registeredBy==authentication.userInfo.email and hasRole('ROLE_USER'))")
|
||||
public PiwikInfo savePiwikInfo(@RequestBody PiwikInfo piwikInfo) {
|
||||
return piWikService.savePiwikInfo(piwikInfo);
|
||||
}
|
||||
|
|
@ -158,6 +163,7 @@ public class PiWikController {
|
|||
|
||||
@RequestMapping(value = "/getOpenaireId/{repositoryId}" , method = RequestMethod.GET,produces = MediaType.APPLICATION_JSON_VALUE)
|
||||
@ResponseBody
|
||||
@PreAuthorize("hasRole('ROLE_ADMIN') or hasRole('ROLE_PROVIDE_ADMIN')")
|
||||
public String getOpenaireId(String repositoryid){
|
||||
return piWikService.getOpenaireId(repositoryid);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -11,8 +11,11 @@ import io.swagger.annotations.Api;
|
|||
import org.json.JSONException;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.http.MediaType;
|
||||
import org.springframework.security.access.prepost.PostAuthorize;
|
||||
import org.springframework.security.access.prepost.PostFilter;
|
||||
import org.springframework.security.access.prepost.PreAuthorize;
|
||||
import org.springframework.security.core.Authentication;
|
||||
import org.springframework.security.core.context.SecurityContextHolder;
|
||||
import org.springframework.web.bind.annotation.*;
|
||||
|
||||
import javax.ws.rs.Path;
|
||||
|
|
@ -72,6 +75,7 @@ public class RepositoryController {
|
|||
@RequestMapping(value = "/getRepositoryById/{id}", method = RequestMethod.GET,
|
||||
produces = MediaType.APPLICATION_JSON_VALUE)
|
||||
@ResponseBody
|
||||
@PostAuthorize("hasRole('ROLE_ADMIN') or hasRole('ROLE_PROVIDE_ADMIN') or (returnObject.registeredBy==authentication.userInfo.email and hasRole('ROLE_USER'))")
|
||||
public Repository getRepositoryById(@PathVariable("id") String id) throws JSONException,ResourceNotFoundException {
|
||||
return repositoryService.getRepositoryById(id);
|
||||
}
|
||||
|
|
@ -102,6 +106,7 @@ public class RepositoryController {
|
|||
@RequestMapping(value = "/getRepositoryInterface/{id}", method = RequestMethod.GET,
|
||||
produces = MediaType.APPLICATION_JSON_VALUE)
|
||||
@ResponseBody
|
||||
@PostAuthorize("hasRole('ROLE_ADMIN') or hasRole('ROLE_PROVIDE_ADMIN') or (@repositoryService.getRepositoryById(#id).registeredBy==authentication.userInfo.email and hasRole('ROLE_USER'))")
|
||||
public List<RepositoryInterface> getRepositoryInterface(@PathVariable("id") String id) throws JSONException {
|
||||
return repositoryService.getRepositoryInterface(id);
|
||||
}
|
||||
|
|
@ -109,7 +114,7 @@ public class RepositoryController {
|
|||
@RequestMapping(value = "/addRepository", method = RequestMethod.POST,
|
||||
consumes = MediaType.APPLICATION_JSON_VALUE)
|
||||
@ResponseBody
|
||||
// @PreAuthorize("hasRole('ROLE_USER') and #repository.registeredBy == authentication.userInfo.email")
|
||||
@PreAuthorize("hasRole('ROLE_ADMIN') or hasRole('ROLE_PROVIDE_ADMIN') or (#repository.registeredBy==authentication.userInfo.email and hasRole('ROLE_USER'))")
|
||||
public Repository addRepository(@RequestParam("datatype") String datatype,
|
||||
@RequestBody Repository repository) throws Exception {
|
||||
|
||||
|
|
@ -140,6 +145,7 @@ public class RepositoryController {
|
|||
@RequestMapping(value = "/updateRepository", method = RequestMethod.POST,
|
||||
consumes = MediaType.APPLICATION_JSON_VALUE)
|
||||
@ResponseBody
|
||||
@PreAuthorize("hasRole('ROLE_ADMIN') or hasRole('ROLE_PROVIDE_ADMIN') or (#repository.registeredBy==authentication.userInfo.email and hasRole('ROLE_USER'))")
|
||||
public Repository updateRepository(@RequestBody Repository repository,Authentication authentication) throws Exception {
|
||||
return repositoryService.updateRepository(repository, authentication);
|
||||
}
|
||||
|
|
@ -154,7 +160,7 @@ public class RepositoryController {
|
|||
@RequestMapping(value = "/addInterface", method = RequestMethod.POST,
|
||||
consumes = MediaType.APPLICATION_JSON_VALUE)
|
||||
@ResponseBody
|
||||
@PreAuthorize("hasRole('ROLE_USER') and #registeredBy == authentication.userInfo.email")
|
||||
@PreAuthorize("hasRole('ROLE_ADMIN') or hasRole('ROLE_PROVIDE_ADMIN') or (@repositoryService.getRepositoryById(#repoId).registeredBy==authentication.userInfo.email and hasRole('ROLE_USER'))")
|
||||
public RepositoryInterface addRepositoryInterface(@RequestParam("datatype") String datatype,
|
||||
@RequestParam("repoId") String repoId,
|
||||
@RequestParam("registeredBy") String registeredBy,
|
||||
|
|
@ -211,7 +217,7 @@ public class RepositoryController {
|
|||
@RequestMapping(value = "/updateRepositoryInterface", method = RequestMethod.POST,
|
||||
consumes = MediaType.APPLICATION_JSON_VALUE)
|
||||
@ResponseBody
|
||||
@PreAuthorize("hasRole('ROLE_USER') and #registeredBy == authentication.userInfo.email")
|
||||
@PreAuthorize("hasRole('ROLE_ADMIN') or hasRole('ROLE_PROVIDE_ADMIN') or (@repositoryService.getRepositoryById(#repoId).registeredBy==authentication.userInfo.email and hasRole('ROLE_USER'))")
|
||||
public RepositoryInterface updateRepositoryInterface(@RequestParam("repoId") String repoId,
|
||||
@RequestParam("registeredBy") String registeredBy,
|
||||
@RequestBody RepositoryInterface repositoryInterface) throws Exception {
|
||||
|
|
|
|||
Loading…
Reference in New Issue