Example 71 with AccessDeniedException
use of org.springframework.security.access.AccessDeniedException in project zhcet-web by zhcet-amu.
the class ProfileController method profile.
@GetMapping
public String profile(Model model) {
User user = userService.getLoggedInUser().orElseThrow(() -> new AccessDeniedException("403"));
model.addAttribute("user", user);
model.addAttribute("page_title", "Profile");
if (user.getType().equals(UserType.STUDENT)) {
studentService.getLoggedInStudent().ifPresent(student -> model.addAttribute("student", student));
} else {
facultyService.getLoggedInMember().ifPresent(facultyMember -> model.addAttribute("faculty", facultyMember));
}
return "user/profile";
}
Also used :
AccessDeniedException(org.springframework.security.access.AccessDeniedException)
User(amu.zhcet.data.user.User)
GetMapping(org.springframework.web.bind.annotation.GetMapping)
Example 72 with AccessDeniedException
use of org.springframework.security.access.AccessDeniedException in project zhcet-web by zhcet-amu.
the class ProfileController method saveProfile.
@PostMapping("/details")
@PreAuthorize("@authService.isFullyAuthenticated(principal)")
public String saveProfile(@ModelAttribute @Valid UserDetail userDetail, BindingResult result, RedirectAttributes redirectAttributes) {
User user = userService.getLoggedInUser().orElseThrow(() -> new AccessDeniedException("403"));
if (result.hasErrors()) {
redirectAttributes.addFlashAttribute("org.springframework.validation.BindingResult.user_details", result);
redirectAttributes.addFlashAttribute("user_details", userDetail);
} else {
userService.updateDetails(user, userDetail);
redirectAttributes.addFlashAttribute("success", true);
}
return "redirect:/profile/settings";
}
Also used :
AccessDeniedException(org.springframework.security.access.AccessDeniedException)
User(amu.zhcet.data.user.User)
PostMapping(org.springframework.web.bind.annotation.PostMapping)
PreAuthorize(org.springframework.security.access.prepost.PreAuthorize)
Example 73 with AccessDeniedException
use of org.springframework.security.access.AccessDeniedException in project zhcet-web by zhcet-amu.
the class NotificationSendingController method handleSentNotification.
@PostMapping
public String handleSentNotification(@Valid Notification notification, BindingResult bindingResult, RedirectAttributes redirectAttribute) {
User user = userService.getLoggedInUser().orElseThrow(() -> new AccessDeniedException("403"));
if (bindingResult.hasErrors()) {
redirectAttribute.addFlashAttribute("notification", notification);
redirectAttribute.addFlashAttribute("org.springframework.validation.BindingResult.notification", bindingResult);
} else {
notification.setSender(user);
notificationSendingService.sendNotification(notification);
redirectAttribute.addFlashAttribute("notification_success", "Notification sending in background");
}
return "redirect:/management/notification/send";
}
Also used :
AccessDeniedException(org.springframework.security.access.AccessDeniedException)
User(amu.zhcet.data.user.User)
PostMapping(org.springframework.web.bind.annotation.PostMapping)
Example 74 with AccessDeniedException
use of org.springframework.security.access.AccessDeniedException in project zhcet-web by zhcet-amu.
the class NotificationSendingController method sendNotification.
@GetMapping
public String sendNotification(Model model) {
User user = userService.getLoggedInUser().orElseThrow(() -> new AccessDeniedException("403"));
model.addAttribute("page_title", "Send Notifications");
model.addAttribute("page_subtitle", "Notification Manager");
model.addAttribute("page_description", "Send notifications to students, sections or departments");
model.addAttribute("channel_types", Arrays.asList(ChannelType.STUDENT, ChannelType.COURSE, ChannelType.TAUGHT_COURSE, ChannelType.SECTION, ChannelType.FACULTY));
if (!model.containsAttribute("notification")) {
Notification notification = new Notification();
notification.setSender(user);
model.addAttribute("notification", notification);
}
return "management/send_notification";
}
Also used :
AccessDeniedException(org.springframework.security.access.AccessDeniedException)
User(amu.zhcet.data.user.User)
Notification(amu.zhcet.notification.Notification)
GetMapping(org.springframework.web.bind.annotation.GetMapping)
Aggregations
AccessDeniedException (org.springframework.security.access.AccessDeniedException)74
Test (org.junit.Test)21
Authentication (org.springframework.security.core.Authentication)14
ConfigAttribute (org.springframework.security.access.ConfigAttribute)13
UsernamePasswordAuthenticationToken (org.springframework.security.authentication.UsernamePasswordAuthenticationToken)8
User (amu.zhcet.data.user.User)7
RequestMapping (org.springframework.web.bind.annotation.RequestMapping)7
HttpServletRequest (javax.servlet.http.HttpServletRequest)6
HttpServletResponse (javax.servlet.http.HttpServletResponse)6
WebMessageException (org.hisp.dhis.dxf2.webmessage.WebMessageException)6
ArrayList (java.util.ArrayList)5
AuthorizationFailureEvent (org.springframework.security.access.event.AuthorizationFailureEvent)5
InsufficientAuthenticationException (org.springframework.security.authentication.InsufficientAuthenticationException)5
TestingAuthenticationToken (org.springframework.security.authentication.TestingAuthenticationToken)5
MethodInvocation (org.aopalliance.intercept.MethodInvocation)4
Interpretation (org.hisp.dhis.interpretation.Interpretation)4
User (org.hisp.dhis.user.User)4
SecurityConfig (org.springframework.security.access.SecurityConfig)4
GetMapping (org.springframework.web.bind.annotation.GetMapping)4
IOException (java.io.IOException)3
