Add PreAuthorize annotation on user methods.
This commit is contained in:
parent
4f5cab3a1f
commit
da0136cb4b
|
@ -18,6 +18,7 @@ import org.springframework.http.HttpHeaders;
|
|||
import org.springframework.http.HttpMethod;
|
||||
import org.springframework.http.ResponseEntity;
|
||||
import org.springframework.http.converter.json.MappingJackson2HttpMessageConverter;
|
||||
import org.springframework.security.access.prepost.PreAuthorize;
|
||||
import org.springframework.stereotype.Component;
|
||||
import org.springframework.util.LinkedMultiValueMap;
|
||||
import org.springframework.util.MultiValueMap;
|
||||
|
@ -86,6 +87,7 @@ public class BrokerApiImpl implements BrokerApi {
|
|||
|
||||
|
||||
@Override
|
||||
@PreAuthorize("hasRole('ROLE_USER')")
|
||||
public DatasourcesBroker getDatasourcesOfUser(@RequestParam("user")
|
||||
@ApiParam(value = "User email", required = true) String user,
|
||||
@RequestParam("includeShared")
|
||||
|
@ -135,6 +137,7 @@ public class BrokerApiImpl implements BrokerApi {
|
|||
}
|
||||
|
||||
@Override
|
||||
@PreAuthorize("hasRole('ROLE_USER')")
|
||||
public EventsPage advancedShowEvents(@PathVariable("page") String page,
|
||||
@PathVariable("size") String size,
|
||||
@RequestBody AdvQueryObject advQueryObject) throws BrokerException, JSONException ,IOException {
|
||||
|
@ -216,6 +219,7 @@ public class BrokerApiImpl implements BrokerApi {
|
|||
}
|
||||
|
||||
@Override
|
||||
@PreAuthorize("hasRole('ROLE_USER')")
|
||||
public EventsPage showEvents(@RequestParam("datasourceName") String datasourceName,
|
||||
@RequestParam("topic") String topic,
|
||||
@RequestParam("page") String page,
|
||||
|
@ -243,6 +247,7 @@ public class BrokerApiImpl implements BrokerApi {
|
|||
}
|
||||
|
||||
@Override
|
||||
@PreAuthorize("hasRole('ROLE_USER')")
|
||||
public Map<String, List<SimpleSubscriptionDesc>> getSimpleSubscriptionsOfUser(@PathVariable("userEmail") String userEmail)
|
||||
throws BrokerException {
|
||||
|
||||
|
@ -268,6 +273,7 @@ public class BrokerApiImpl implements BrokerApi {
|
|||
}
|
||||
|
||||
@Override
|
||||
@PreAuthorize("hasRole('ROLE_USER')")
|
||||
public Subscription subscribe(@RequestBody OpenaireSubscription obj) throws BrokerException {
|
||||
final String service = "/subscribe";
|
||||
|
||||
|
@ -296,6 +302,7 @@ public class BrokerApiImpl implements BrokerApi {
|
|||
}
|
||||
|
||||
@Override
|
||||
@PreAuthorize("hasRole('ROLE_USER')")
|
||||
public void unsubscribe(@PathVariable("subscriptionId") String subscriptionId) throws BrokerException {
|
||||
final String service = "/subscriptions/" + subscriptionId;
|
||||
|
||||
|
@ -316,6 +323,7 @@ public class BrokerApiImpl implements BrokerApi {
|
|||
}
|
||||
|
||||
@Override
|
||||
@PreAuthorize("hasRole('ROLE_USER')")
|
||||
public Subscription getSubscription(@PathVariable("subscriptionId") String subscriptionId) throws BrokerException {
|
||||
final String service = "/subscriptions/" + subscriptionId;
|
||||
|
||||
|
@ -343,6 +351,7 @@ public class BrokerApiImpl implements BrokerApi {
|
|||
}
|
||||
|
||||
@Override
|
||||
@PreAuthorize("hasRole('ROLE_USER')")
|
||||
public EventsPage getNotificationsBySubscriptionId(@PathVariable("subscriptionId") String subscriptionId,
|
||||
@PathVariable("page") String page,
|
||||
@PathVariable("size") String size
|
||||
|
|
|
@ -9,6 +9,7 @@ import gr.uoa.di.driver.util.ServiceLocator;
|
|||
import io.swagger.annotations.ApiParam;
|
||||
import org.apache.log4j.Logger;
|
||||
import org.json.JSONException;
|
||||
import org.springframework.security.access.prepost.PreAuthorize;
|
||||
import org.springframework.stereotype.Component;
|
||||
import org.springframework.web.bind.annotation.RequestParam;
|
||||
|
||||
|
@ -37,6 +38,7 @@ public class MonitorApiImpl implements MonitorApi {
|
|||
.getLogger(MonitorApiImpl.class);
|
||||
|
||||
@Override
|
||||
@PreAuthorize("hasRole('ROLE_USER')")
|
||||
public JobsOfUser getJobsOfUser(@RequestParam("user") @ApiParam(value = "User email", required = true) String user,
|
||||
@RequestParam(value = "jobType", required = false)
|
||||
@ApiParam(value = "Equals to filter job type on validation history page") String jobType,
|
||||
|
@ -87,6 +89,7 @@ public class MonitorApiImpl implements MonitorApi {
|
|||
}
|
||||
|
||||
@Override
|
||||
@PreAuthorize("hasRole('ROLE_USER')")
|
||||
public int getJobsOfUserPerValidationStatus(String user,
|
||||
String jobType,
|
||||
String validationStatus) throws JSONException {
|
||||
|
|
|
@ -43,5 +43,5 @@ public interface PiWikApi {
|
|||
|
||||
@RequestMapping(value = "/enableMetricsForRepository", method = RequestMethod.POST,
|
||||
consumes = MediaType.APPLICATION_JSON_VALUE)
|
||||
void enableMetricsForRepository(PiwikInfo piwikInfo) throws RepositoryServiceException;
|
||||
void enableMetricsForRepository(String officialName,String repoWebsite,PiwikInfo piwikInfo) throws RepositoryServiceException;
|
||||
}
|
||||
|
|
|
@ -2,6 +2,7 @@ package eu.dnetlib.repo.manager.service.controllers;
|
|||
|
||||
import com.fasterxml.jackson.databind.ObjectMapper;
|
||||
import eu.dnetlib.domain.data.PiwikInfo;
|
||||
import eu.dnetlib.domain.data.Repository;
|
||||
import eu.dnetlib.repo.manager.shared.RepositoryServiceException;
|
||||
import org.apache.commons.codec.digest.DigestUtils;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
|
@ -10,9 +11,11 @@ import org.springframework.beans.factory.annotation.Value;
|
|||
import org.springframework.dao.EmptyResultDataAccessException;
|
||||
import org.springframework.jdbc.core.JdbcTemplate;
|
||||
import org.springframework.jdbc.core.RowMapper;
|
||||
import org.springframework.security.access.prepost.PreAuthorize;
|
||||
import org.springframework.stereotype.Component;
|
||||
import org.springframework.web.bind.annotation.PathVariable;
|
||||
import org.springframework.web.bind.annotation.RequestBody;
|
||||
import org.springframework.web.bind.annotation.RequestParam;
|
||||
|
||||
import javax.sql.DataSource;
|
||||
import java.io.IOException;
|
||||
|
@ -67,6 +70,7 @@ public class PiWikApiImpl implements PiWikApi{
|
|||
}
|
||||
|
||||
@Override
|
||||
@PreAuthorize("hasRole('ROLE_ADMIN')")
|
||||
public PiwikInfo savePiwikInfo(@RequestBody PiwikInfo piwikInfo) {
|
||||
JdbcTemplate jdbcTemplate = new JdbcTemplate(dataSource);
|
||||
jdbcTemplate.update(INSERT_PIWIK_INFO, new Object[]{piwikInfo.getRepositoryId(), piwikInfo.getSiteId(), piwikInfo.getRequestorName(),
|
||||
|
@ -87,6 +91,7 @@ public class PiWikApiImpl implements PiWikApi{
|
|||
}
|
||||
|
||||
@Override
|
||||
@PreAuthorize("hasRole('ROLE_ADMIN')")
|
||||
public void approvePiwikSite(@PathVariable("repositoryId") String repositoryId) {
|
||||
new JdbcTemplate(dataSource).update(APPROVE_PIWIK_SITE, new Object[] {repositoryId}, new int[] {Types.VARCHAR});
|
||||
}
|
||||
|
@ -99,6 +104,7 @@ public class PiWikApiImpl implements PiWikApi{
|
|||
}
|
||||
|
||||
@Override
|
||||
@PreAuthorize("hasRole('ROLE_ADMIN')")
|
||||
public void markPiwikSiteAsValidated(@PathVariable("repositoryId") String repositoryId) throws RepositoryServiceException {
|
||||
try {
|
||||
approvePiwikSite(repositoryId);
|
||||
|
@ -118,9 +124,22 @@ public class PiWikApiImpl implements PiWikApi{
|
|||
}
|
||||
|
||||
@Override
|
||||
public void enableMetricsForRepository(@RequestBody PiwikInfo piwikInfo) throws RepositoryServiceException {
|
||||
@PreAuthorize("hasRole('ROLE_USER')")
|
||||
public void enableMetricsForRepository(@RequestParam("officialName") String officialName,
|
||||
@RequestParam("repoWebsite") String repoWebsite,
|
||||
@RequestBody PiwikInfo piwikInfo) throws RepositoryServiceException {
|
||||
|
||||
try {
|
||||
|
||||
String URL = analyticsURL + "siteName=" + URLEncoder.encode(officialName, "UTF-8") + "&url="
|
||||
+ URLEncoder.encode(repoWebsite, "UTF-8");
|
||||
Map map = new ObjectMapper().readValue(new URL(URL), Map.class);
|
||||
String siteId = null;
|
||||
if(map.get("value")!=null) {
|
||||
siteId = map.get("value").toString();
|
||||
}
|
||||
piwikInfo.setSiteId(siteId);
|
||||
|
||||
savePiwikInfo(piwikInfo);
|
||||
emailUtils.sendAdministratorRequestToEnableMetrics(piwikInfo);
|
||||
emailUtils.sendUserRequestToEnableMetrics(piwikInfo);
|
||||
|
|
|
@ -20,6 +20,7 @@ import org.springframework.beans.factory.annotation.Value;
|
|||
import org.springframework.core.ParameterizedTypeReference;
|
||||
import org.springframework.http.*;
|
||||
import org.springframework.http.converter.json.MappingJackson2HttpMessageConverter;
|
||||
import org.springframework.security.access.prepost.PreAuthorize;
|
||||
import org.springframework.stereotype.Component;
|
||||
import org.springframework.web.bind.annotation.PathVariable;
|
||||
import org.springframework.web.bind.annotation.RequestBody;
|
||||
|
@ -199,6 +200,7 @@ public class RepositoryApiImpl implements RepositoryApi {
|
|||
}
|
||||
|
||||
@Override
|
||||
@PreAuthorize("hasRole('ROLE_USER')")
|
||||
public List<Repository> getRepositoriesOfUser(@PathVariable("userEmail") String userEmail,
|
||||
@PathVariable("page") String page,
|
||||
@PathVariable("size") String size) throws JSONException {
|
||||
|
@ -289,6 +291,7 @@ public class RepositoryApiImpl implements RepositoryApi {
|
|||
}
|
||||
|
||||
@Override
|
||||
@PreAuthorize("hasRole('ROLE_USER')")
|
||||
public Repository addRepository(@RequestParam("datatype") String datatype,
|
||||
@RequestBody Repository repository) throws Exception {
|
||||
|
||||
|
@ -299,6 +302,7 @@ public class RepositoryApiImpl implements RepositoryApi {
|
|||
}
|
||||
|
||||
@Override
|
||||
@PreAuthorize("hasRole('ROLE_USER')")
|
||||
public Repository updateRepository(@RequestBody Repository repository) throws JSONException {
|
||||
UriComponents uriComponents = UriComponentsBuilder
|
||||
.fromHttpUrl(baseAddress + "/ds/update/")
|
||||
|
@ -383,6 +387,7 @@ public class RepositoryApiImpl implements RepositoryApi {
|
|||
}
|
||||
|
||||
@Override
|
||||
@PreAuthorize("hasRole('ROLE_USER')")
|
||||
public void deleteRepositoryInterface(@RequestParam("id") String id){
|
||||
UriComponents uriComponents = UriComponentsBuilder
|
||||
.fromHttpUrl(baseAddress + "/ds/api/")
|
||||
|
@ -393,6 +398,7 @@ public class RepositoryApiImpl implements RepositoryApi {
|
|||
}
|
||||
|
||||
@Override
|
||||
@PreAuthorize("hasRole('ROLE_USER')")
|
||||
public RepositoryInterface addRepositoryInterface(@RequestParam("datatype") String datatype,
|
||||
@RequestParam("repoId") String repoId,
|
||||
@RequestBody RepositoryInterface repositoryInterface) throws JSONException {
|
||||
|
@ -467,6 +473,7 @@ public class RepositoryApiImpl implements RepositoryApi {
|
|||
}
|
||||
|
||||
@Override
|
||||
@PreAuthorize("hasRole('ROLE_USER')")
|
||||
public List<String> getUrlsOfUserRepos(@PathVariable("user_email") String userEmail,
|
||||
@PathVariable("page") String page,
|
||||
@PathVariable("size") String size) throws JSONException {
|
||||
|
@ -612,6 +619,7 @@ public class RepositoryApiImpl implements RepositoryApi {
|
|||
}
|
||||
|
||||
@Override
|
||||
@PreAuthorize("hasRole('ROLE_USER')")
|
||||
public RepositoryInterface updateRepositoryInterface(@RequestParam("repoId") String repoId,
|
||||
@RequestBody RepositoryInterface repositoryInterface) throws JSONException {
|
||||
|
||||
|
|
|
@ -17,6 +17,7 @@ import io.swagger.annotations.ApiParam;
|
|||
import org.apache.log4j.Logger;
|
||||
import org.json.JSONException;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.security.access.prepost.PreAuthorize;
|
||||
import org.springframework.stereotype.Component;
|
||||
import org.springframework.web.bind.annotation.PathVariable;
|
||||
import org.springframework.web.bind.annotation.RequestBody;
|
||||
|
@ -82,6 +83,7 @@ public class ValidatorApiImpl implements ValidatorApi{
|
|||
}
|
||||
|
||||
@Override
|
||||
@PreAuthorize("hasRole('ROLE_USER')")
|
||||
public void submitJobForValidation(@RequestBody JobForValidation jobForValidation) {
|
||||
LOGGER.debug("Submit job for validation with id : " + jobForValidation.getDatasourceId());
|
||||
try {
|
||||
|
@ -92,6 +94,7 @@ public class ValidatorApiImpl implements ValidatorApi{
|
|||
}
|
||||
|
||||
@Override
|
||||
@PreAuthorize("hasRole('ROLE_USER')")
|
||||
public void reSubmitJobForValidation(@PathVariable("jobId") String jobId) throws JSONException {
|
||||
LOGGER.debug("Resubmit validation job with id : " + jobId);
|
||||
StoredJob job = monitorApi.getJobSummary(jobId,"all");
|
||||
|
@ -168,6 +171,7 @@ public class ValidatorApiImpl implements ValidatorApi{
|
|||
}
|
||||
|
||||
@Override
|
||||
@PreAuthorize("hasRole('ROLE_USER')")
|
||||
public List<StoredJob> getStoredJobsNew(@RequestParam("user") @ApiParam(value = "User email", required = true) String user,
|
||||
@RequestParam(value = "jobType", required = false)
|
||||
@ApiParam(value = "Equals to filter job type on validation history page") String jobType,
|
||||
|
|
|
@ -106,8 +106,11 @@ oidc.issuer = https://aai.openaire.eu/oidc/
|
|||
oidc.id = 767422b9-5461-4807-a80a-f9a2072d3a7d
|
||||
oidc.secret = AMQtGlbTXNjwjhF0st28LmM6V0XypMdaVS7tJmGuYFlmH36iIv4t7tVqYuLYrNPkhnZ_GPUJvhymBhFupdgb6aU
|
||||
|
||||
oidc.dev.home = http://194.177.192.121:8380/repomanager-service-dev/openid_connect_login
|
||||
webapp.dev.front = http://194.177.192.121:3000
|
||||
#oidc.dev.home = http://194.177.192.121:8380/repomanager-service-dev/openid_connect_login
|
||||
#webapp.dev.front = http://194.177.192.121:3000
|
||||
|
||||
oidc.dev.home = http://audrey.athenarc.gr:8380/repomanager-service-dev/openid_connect_login
|
||||
webapp.dev.front = http://audrey.athenarc.gr:3000/dashboard
|
||||
|
||||
|
||||
redis.host = 194.177.192.121
|
||||
|
|
Loading…
Reference in New Issue