Examples with PreAuthorize org.springframework.security.access.prepost.PreAuthorize used on opensource projects

Example 66 with PreAuthorize

use of org.springframework.security.access.prepost.PreAuthorize in project dhis2-core by dhis2.

the class SmsGatewayController method getGatewayConfiguration.

@PreAuthorize("hasRole('ALL') or hasRole('F_MOBILE_SENDSMS')")
@RequestMapping(value = "/{uid}", method = RequestMethod.GET, produces = "application/json")
public void getGatewayConfiguration(@PathVariable String uid, HttpServletRequest request, HttpServletResponse response) throws WebMessageException, IOException {
    SmsGatewayConfig gateway = gatewayAdminService.getGatewayConfigurationByUid(uid);
    if (gateway == null) {
        throw new WebMessageException(WebMessageUtils.notFound("No gateway found"));
    }
    renderService.toJson(response.getOutputStream(), gateway);
}

Example 67 with PreAuthorize

use of org.springframework.security.access.prepost.PreAuthorize in project dhis2-core by dhis2.

the class SystemSettingController method setSystemSetting.

@RequestMapping(value = "/{key}", method = RequestMethod.POST, consumes = { ContextUtils.CONTENT_TYPE_TEXT, ContextUtils.CONTENT_TYPE_HTML })
@PreAuthorize("hasRole('ALL') or hasRole('F_SYSTEM_SETTING')")
public void setSystemSetting(@PathVariable(value = "key") String key, @RequestParam(value = "value", required = false) String value, @RequestBody(required = false) String valuePayload, HttpServletResponse response, HttpServletRequest request) throws WebMessageException {
    if (key == null) {
        throw new WebMessageException(WebMessageUtils.conflict("Key must be specified"));
    }
    if (value == null && valuePayload == null) {
        throw new WebMessageException(WebMessageUtils.conflict("Value must be specified as query param or as payload"));
    }
    value = ObjectUtils.firstNonNull(value, valuePayload);
    Serializable valueObject = SettingKey.getAsRealClass(key, value);
    systemSettingManager.saveSystemSetting(key, valueObject);
    webMessageService.send(WebMessageUtils.ok("System setting " + key + " set to value '" + valueObject + "'."), response, request);
}

Example 68 with PreAuthorize

use of org.springframework.security.access.prepost.PreAuthorize in project dhis2-core by dhis2.

the class ResourceTableController method resourceTables.

@RequestMapping(method = { RequestMethod.PUT, RequestMethod.POST })
@PreAuthorize("hasRole('ALL') or hasRole('F_PERFORM_MAINTENANCE')")
public void resourceTables(HttpServletResponse response, HttpServletRequest request) {
    TaskId taskId = new TaskId(TaskCategory.RESOURCETABLE_UPDATE, currentUserService.getCurrentUser());
    scheduler.executeTask(() -> analyticsTableGenerator.generateResourceTables(taskId));
    webMessageService.send(WebMessageUtils.ok("Initiated resource table update"), response, request);
}

Example 69 with PreAuthorize

use of org.springframework.security.access.prepost.PreAuthorize in project dhis2-core by dhis2.

the class PredictorController method runPredictor.

@RequestMapping(value = "/{uid}/run", method = { RequestMethod.POST, RequestMethod.PUT })
@PreAuthorize("hasRole('ALL') or hasRole('F_PREDICTOR_RUN')")
public void runPredictor(@PathVariable("uid") String uid, @RequestParam Date startDate, @RequestParam Date endDate, TranslateParams translateParams, HttpServletRequest request, HttpServletResponse response) throws Exception {
    Predictor predictor = predictorService.getPredictor(uid);
    try {
        int count = predictorService.predict(predictor, startDate, endDate);
        webMessageService.send(WebMessageUtils.ok("Generated " + count + " predictions"), response, request);
    } catch (Exception ex) {
        log.error("Unable to predict " + predictor.getName(), ex);
        webMessageService.send(WebMessageUtils.conflict("Unable to predict " + predictor.getName(), ex.getMessage()), response, request);
    }
}

Example 70 with PreAuthorize

use of org.springframework.security.access.prepost.PreAuthorize in project dhis2-core by dhis2.

the class PredictorController method runPredictors.

@RequestMapping(value = "/run", method = { RequestMethod.POST, RequestMethod.PUT })
@PreAuthorize("hasRole('ALL') or hasRole('F_PREDICTOR_RUN')")
public void runPredictors(@RequestParam Date startDate, @RequestParam Date endDate, TranslateParams translateParams, HttpServletRequest request, HttpServletResponse response) throws Exception {
    int count = 0;
    List<Predictor> allPredictors = predictorService.getAllPredictors();
    for (Predictor predictor : allPredictors) {
        try {
            count += predictorService.predict(predictor, startDate, endDate);
        } catch (Exception ex) {
            log.error("Unable to predict " + predictor.getName(), ex);
            webMessageService.send(WebMessageUtils.conflict("Unable to predict " + predictor.getName(), ex.getMessage()), response, request);
            return;
        }
    }
    webMessageService.send(WebMessageUtils.ok("Generated " + count + " predictions"), response, request);
}