Example 16 with PreAuthorize
use of org.springframework.security.access.prepost.PreAuthorize in project nhin-d by DirectProject.
the class SettingsController method addSetting.
@PreAuthorize("hasRole('ROLE_ADMIN')")
@RequestMapping(value = "/addsetting", method = RequestMethod.POST)
public ModelAndView addSetting(@RequestHeader(value = "X-Requested-With", required = false) String requestedWith, HttpSession session, @ModelAttribute SettingsForm settingsForm, Model model, @RequestParam(value = "submitType") String actionPath) {
final ModelAndView mav = new ModelAndView();
String strid = "";
String key = "";
String value = "";
if (log.isDebugEnabled())
log.debug("Enter domain/addsetting");
if (actionPath.equalsIgnoreCase("cancel")) {
if (log.isDebugEnabled())
log.debug("trying to cancel from saveupdate");
SearchDomainForm form2 = (SearchDomainForm) session.getAttribute("searchDomainForm");
model.addAttribute(form2 != null ? form2 : new SearchDomainForm());
model.addAttribute("ajaxRequest", AjaxUtils.isAjaxRequest(requestedWith));
mav.setViewName("main");
mav.addObject("privKeyTypeList", PrivateKeyType.getPrivKeyTypeList());
mav.addObject("statusList", EntityStatus.getEntityStatusList());
return mav;
}
if (actionPath.equalsIgnoreCase("newsetting") || actionPath.equalsIgnoreCase("add setting")) {
if (log.isDebugEnabled())
log.debug("trying to get/set settings");
strid = "" + settingsForm.getId();
key = "" + settingsForm.getKey();
value = "" + settingsForm.getValue();
try {
if (log.isDebugEnabled())
log.debug("trying set settings services");
settingsService.addSetting(key, value);
if (log.isDebugEnabled())
log.debug("PAST trying set settings services");
} catch (ServiceException e) {
e.printStackTrace();
}
model.addAttribute("ajaxRequest", AjaxUtils.isAjaxRequest(requestedWith));
SimpleForm simple = new SimpleForm();
simple.setId(Long.parseLong(strid));
model.addAttribute("simpleForm", simple);
try {
model.addAttribute("settingsResults", settingsService.getSettings());
} catch (ServiceException e) {
e.printStackTrace();
}
mav.setViewName("settings");
// the Form's default button action
String action = "Update";
model.addAttribute("settingsForm", settingsForm);
model.addAttribute("action", action);
model.addAttribute("ajaxRequest", AjaxUtils.isAjaxRequest(requestedWith));
}
return mav;
}
Also used :
SearchDomainForm(org.nhindirect.config.ui.form.SearchDomainForm)
SimpleForm(org.nhindirect.config.ui.form.SimpleForm)
ServiceException(org.nhindirect.common.rest.exceptions.ServiceException)
ModelAndView(org.springframework.web.servlet.ModelAndView)
PreAuthorize(org.springframework.security.access.prepost.PreAuthorize)
RequestMapping(org.springframework.web.bind.annotation.RequestMapping)
Example 17 with PreAuthorize
use of org.springframework.security.access.prepost.PreAuthorize in project nhin-d by DirectProject.
the class CertificatesController method removeCertificates.
@PreAuthorize("hasRole('ROLE_ADMIN')")
@RequestMapping(value = "/removecertifcates", method = RequestMethod.POST)
public ModelAndView removeCertificates(@RequestHeader(value = "X-Requested-With", required = false) String requestedWith, HttpSession session, @ModelAttribute CertificateForm simpleForm, Model model, @RequestParam(value = "submitType") String actionPath) {
final ModelAndView mav = new ModelAndView();
if (log.isDebugEnabled())
log.debug("Enter domain/removecertificates");
if (simpleForm.getRemove() != null) {
if (log.isDebugEnabled())
log.debug("the list of checkboxes checked or not is: " + simpleForm.getRemove().toString());
}
if (certService != null && simpleForm != null && actionPath != null && (actionPath.equalsIgnoreCase("deletecertificate") || actionPath.equalsIgnoreCase("Remove Selected")) && simpleForm.getRemove() != null) {
int cnt = simpleForm.getRemove().size();
if (log.isDebugEnabled())
log.debug("removing certificates");
try {
// get list of certificates for this domain
final Collection<Certificate> certs = certService.getAllCertificates();
final ArrayList<Long> certtoberemovedlist = new ArrayList<Long>();
// now iterate over each one and remove the appropriate ones
for (int x = 0; x < cnt; x++) {
final String removeid = simpleForm.getRemove().get(x);
for (Certificate t : certs) {
//rest of the code block removed
if (t.getId() == Long.parseLong(removeid)) {
if (log.isDebugEnabled()) {
log.debug(" ");
log.debug("domain address id: " + t.getId());
log.debug(" ");
}
// create a collection of matching anchor ids
certtoberemovedlist.add(t.getId());
break;
}
}
}
// with the collection of anchor ids now remove them from the anchorService
if (log.isDebugEnabled())
log.debug(" Trying to remove certificates from database");
certService.deleteCertificatesByIds(certtoberemovedlist);
if (log.isDebugEnabled())
log.debug(" SUCCESS Trying to update certificates");
} catch (ServiceException e) {
if (log.isDebugEnabled())
log.error(e);
}
}
model.addAttribute("ajaxRequest", AjaxUtils.isAjaxRequest(requestedWith));
// BEGIN: temporary code for mocking purposes
final CertificateForm cform = new CertificateForm();
cform.setId(0);
model.addAttribute("certificateForm", cform);
mav.setViewName("certificates");
// the Form's default button action
final String action = "Update";
model.addAttribute("action", action);
model.addAttribute("ajaxRequest", AjaxUtils.isAjaxRequest(requestedWith));
mav.addObject("action", action);
Collection<Certificate> certlist = null;
try {
certlist = certService.getAllCertificates();
if (this.keyManager != null && this.keyManager instanceof MutableKeyStoreProtectionManager) {
final KeyStore keyStore = ((MutableKeyStoreProtectionManager) keyManager).getKS();
// the key store manager to see if they have private keys
for (Certificate cert : certlist) {
if (!cert.isPrivateKey()) {
try {
final X509Certificate checkCert = CertUtils.toX509Certificate(cert.getData());
final String alias = keyStore.getCertificateAlias(checkCert);
if (!StringUtils.isEmpty(alias)) {
// check if this entry has a private key associated with
// it
final PrivateKey privKey = (PrivateKey) keyStore.getKey(alias, "".toCharArray());
if (privKey != null)
cert.setPrivateKey(true);
}
} catch (Exception e) {
}
}
}
}
} catch (ServiceException e) {
e.printStackTrace();
}
model.addAttribute("certificatesResults", certlist);
// END: temporary code for mocking purposes
mav.addObject("privKeyTypeList", PrivateKeyType.getPrivKeyTypeList());
mav.addObject("statusList", EntityStatus.getEntityStatusList());
model.addAttribute("simpleForm", simpleForm);
final String strid = "" + simpleForm.getId();
if (log.isDebugEnabled())
log.debug(" the value of id of simpleform is: " + strid);
return mav;
}
Also used :
CertificateForm(org.nhindirect.config.ui.form.CertificateForm)
PrivateKey(java.security.PrivateKey)
ModelAndView(org.springframework.web.servlet.ModelAndView)
ArrayList(java.util.ArrayList)
KeyStore(java.security.KeyStore)
X509Certificate(java.security.cert.X509Certificate)
ServiceException(org.nhindirect.common.rest.exceptions.ServiceException)
IOException(java.io.IOException)
CryptoException(org.nhindirect.common.crypto.exceptions.CryptoException)
ServiceException(org.nhindirect.common.rest.exceptions.ServiceException)
MutableKeyStoreProtectionManager(org.nhindirect.common.crypto.MutableKeyStoreProtectionManager)
X509Certificate(java.security.cert.X509Certificate)
Certificate(org.nhindirect.config.model.Certificate)
PreAuthorize(org.springframework.security.access.prepost.PreAuthorize)
RequestMapping(org.springframework.web.bind.annotation.RequestMapping)
Example 18 with PreAuthorize
use of org.springframework.security.access.prepost.PreAuthorize in project nhin-d by DirectProject.
the class DNSController method showDNSEntries.
@PreAuthorize("hasRole('ROLE_ADMIN')")
@RequestMapping(method = RequestMethod.GET)
public ModelAndView showDNSEntries(@RequestHeader(value = "X-Requested-With", required = false) String requestedWith, HttpSession session, @ModelAttribute DNSEntryForm entryForm, Model model, @RequestParam(value = "submitType") String actionPath) {
if (log.isDebugEnabled())
log.debug("Enter");
final ModelAndView mav = new ModelAndView("dns");
model.addAttribute("dnsEntryForm", new DNSEntryForm());
if (dnsService != null) {
refreshModelFromService(model);
}
return mav;
}
Also used :
ModelAndView(org.springframework.web.servlet.ModelAndView)
DNSEntryForm(org.nhindirect.config.ui.form.DNSEntryForm)
PreAuthorize(org.springframework.security.access.prepost.PreAuthorize)
RequestMapping(org.springframework.web.bind.annotation.RequestMapping)
Example 19 with PreAuthorize
use of org.springframework.security.access.prepost.PreAuthorize in project nhin-d by DirectProject.
the class DNSController method addNSSetting.
@PreAuthorize("hasRole('ROLE_ADMIN')")
@RequestMapping(value = "/addNSDNSRecord", method = RequestMethod.POST)
public ModelAndView addNSSetting(@RequestHeader(value = "X-Requested-With", required = false) String requestedWith, HttpSession session, @ModelAttribute("NSdnsForm") DNSEntryForm NSdnsForm, Model model, @RequestParam(value = "submitType") String actionPath) {
if (log.isDebugEnabled())
log.debug("Enter");
// NS records
if (NSdnsForm != null && !NSdnsForm.getName().equalsIgnoreCase("") && NSdnsForm.getTtl() != 0L && !NSdnsForm.getDest().equalsIgnoreCase("")) {
try {
dnsService.addDNSRecord(DNSEntryForm.createNSRecord(NSdnsForm.getName(), NSdnsForm.getTtl(), NSdnsForm.getDest()));
} catch (ServiceException e) {
e.printStackTrace();
}
}
ModelAndView mav = new ModelAndView("dns");
refreshModelFromService(model);
if (log.isDebugEnabled())
log.debug("Exit");
return mav;
}
Also used :
ServiceException(org.nhindirect.common.rest.exceptions.ServiceException)
ConfigurationServiceException(org.nhindirect.config.service.ConfigurationServiceException)
ModelAndView(org.springframework.web.servlet.ModelAndView)
PreAuthorize(org.springframework.security.access.prepost.PreAuthorize)
RequestMapping(org.springframework.web.bind.annotation.RequestMapping)
Example 20 with PreAuthorize
use of org.springframework.security.access.prepost.PreAuthorize in project nhin-d by DirectProject.
the class DomainController method removeAddresses.
@PreAuthorize("hasRole('ROLE_ADMIN')")
@RequestMapping(value = "/removeaddresses", method = RequestMethod.POST)
public ModelAndView removeAddresses(@RequestHeader(value = "X-Requested-With", required = false) String requestedWith, HttpSession session, @ModelAttribute SimpleForm simpleForm, Model model, @RequestParam(value = "submitType") String actionPath) {
final String domAttr = (String) session.getAttribute("currentDomainName");
ModelAndView mav = new ModelAndView();
if (log.isDebugEnabled())
log.debug("Enter domain/removeaddresses");
if (simpleForm.getRemove() != null) {
if (log.isDebugEnabled())
log.debug("the list of checkboxes checked or not is: " + simpleForm.getRemove().toString());
}
Domain dom = null;
try {
dom = domainService.getDomain(domAttr);
} catch (ServiceException e) {
e.printStackTrace();
}
//+simpleForm.getId();
String strid = "" + dom.getDomainName();
String domname = "";
if (dom != null) {
domname = dom.getDomainName();
if (addressService != null && simpleForm != null && actionPath != null && (actionPath.equalsIgnoreCase("delete") || actionPath.equalsIgnoreCase("remove selected Addresses")) && simpleForm.getRemove() != null) {
int cnt = simpleForm.getRemove().size();
if (log.isDebugEnabled())
log.debug("removing addresses for domain with name: " + domname);
try {
for (int x = 0; x < cnt; x++) {
String removeid = simpleForm.getRemove().get(x);
Collection<Address> t = dom.getAddresses();
for (Iterator<Address> iter = t.iterator(); iter.hasNext(); ) {
Address ts = (Address) iter.next();
if (ts.getId() == Long.parseLong(removeid)) {
dom.getAddresses().remove(ts);
if (addressService != null) {
addressService.deleteAddress(ts.getEmailAddress());
try {
dom = domainService.getDomain(strid);
} catch (ServiceException e) {
e.printStackTrace();
}
break;
}
}
}
}
if (log.isDebugEnabled())
log.debug(" Trying to update the domain with removed addresses");
domainService.updateDomain(dom);
try {
dom = domainService.getDomain(strid);
} catch (ServiceException e) {
e.printStackTrace();
}
if (log.isDebugEnabled())
log.debug(" SUCCESS Trying to update the domain with removed addresses");
final AddressForm addrform = new AddressForm();
addrform.setId(dom.getId());
addrform.setDomainName(dom.getDomainName());
model.addAttribute("addressForm", addrform);
// BEGIN: temporary code for mocking purposes
String owner = "";
model.addAttribute("addressesResults", dom.getAddresses());
Collection<Certificate> certlist = null;
try {
certlist = certService.getCertificatesByOwner(owner);
} catch (ServiceException e) {
e.printStackTrace();
}
Collection<Anchor> anchorlist = null;
try {
anchorlist = anchorService.getAnchorsForOwner(owner, false, false, "");
} catch (Exception e) {
}
model.addAttribute("certificatesResults", certlist);
// convert Anchor to AnchorForm
Collection<AnchorForm> convertedanchors = convertAnchors(anchorlist);
// now set anchorsResults
model.addAttribute("anchorsResults", convertedanchors);
// END: temporary code for mocking purposes
} catch (ServiceException e) {
if (log.isDebugEnabled())
log.error(e);
}
} else if (domainService != null && (actionPath.equalsIgnoreCase("newaddress") || actionPath.equalsIgnoreCase("add address"))) {
// insert the new address into the Domain list of Addresses
final String anEmail = simpleForm.getPostmasterEmail();
if (log.isDebugEnabled())
log.debug(" Trying to add address: " + anEmail);
final Address e = new Address();
e.setEmailAddress(anEmail);
dom.getAddresses().add(e);
simpleForm.setPostmasterEmail("");
try {
domainService.updateDomain(dom);
if (log.isDebugEnabled())
log.debug(" After attempt to insert new email address ");
} catch (ServiceException ed) {
if (log.isDebugEnabled())
log.error(ed);
}
}
}
model.addAttribute("ajaxRequest", AjaxUtils.isAjaxRequest(requestedWith));
mav.addObject("privKeyTypeList", PrivateKeyType.getPrivKeyTypeList());
mav.addObject("statusList", EntityStatus.getEntityStatusList());
final String action = "Update";
model.addAttribute("action", action);
DomainForm form = (DomainForm) session.getAttribute("domainForm");
if (form == null) {
form = new DomainForm();
form.populate(dom);
}
model.addAttribute("domainForm", form);
mav.setViewName("domain");
String owner = "";
// certificate and anchor forms and results
try {
if (owner != null && !owner.equalsIgnoreCase("")) {
final Collection<Certificate> certs = certService.getCertificatesByOwner(owner);
model.addAttribute("certificatesResults", certs);
final Collection<Anchor> anchors = anchorService.getAnchorsForOwner(owner, false, false, "");
// convert Anchor to AnchorForm
final Collection<AnchorForm> convertedanchors = convertAnchors(anchors);
// now set anchorsResults
model.addAttribute("anchorsResults", convertedanchors);
}
final CertificateForm cform = new CertificateForm();
model.addAttribute("certificateForm", cform);
final AnchorForm aform = new AnchorForm();
//aform.setId(dom.getId());
aform.setDomainName(dom.getDomainName());
model.addAttribute("anchorForm", aform);
} catch (ServiceException e1) {
e1.printStackTrace();
}
model.addAttribute("simpleForm", simpleForm);
//simpleForm.getId();
strid = "" + dom.getDomainName();
if (log.isDebugEnabled())
log.debug(" the value of id of simpleform is: " + strid);
return new ModelAndView("redirect:/config/domain?id=" + dom.getDomainName() + "#tab1");
//return mav;
}
Also used :
CertificateForm(org.nhindirect.config.ui.form.CertificateForm)
AnchorForm(org.nhindirect.config.ui.form.AnchorForm)
Address(org.nhindirect.config.model.Address)
ModelAndView(org.springframework.web.servlet.ModelAndView)
ServiceException(org.nhindirect.common.rest.exceptions.ServiceException)
IOException(java.io.IOException)
ConfigurationServiceException(org.nhindirect.config.service.ConfigurationServiceException)
DomainForm(org.nhindirect.config.ui.form.DomainForm)
SearchDomainForm(org.nhindirect.config.ui.form.SearchDomainForm)
Anchor(org.nhindirect.config.model.Anchor)
TrustBundleAnchor(org.nhindirect.config.model.TrustBundleAnchor)
AddressForm(org.nhindirect.config.ui.form.AddressForm)
ServiceException(org.nhindirect.common.rest.exceptions.ServiceException)
ConfigurationServiceException(org.nhindirect.config.service.ConfigurationServiceException)
Domain(org.nhindirect.config.model.Domain)
X509Certificate(java.security.cert.X509Certificate)
Certificate(org.nhindirect.config.model.Certificate)
PreAuthorize(org.springframework.security.access.prepost.PreAuthorize)
RequestMapping(org.springframework.web.bind.annotation.RequestMapping)
Aggregations
PreAuthorize (org.springframework.security.access.prepost.PreAuthorize)188
RequestMapping (org.springframework.web.bind.annotation.RequestMapping)174
ModelAndView (org.springframework.web.servlet.ModelAndView)51
ResponseStatus (org.springframework.web.bind.annotation.ResponseStatus)39
WebMessageException (org.hisp.dhis.dxf2.webmessage.WebMessageException)36
ServiceException (org.nhindirect.common.rest.exceptions.ServiceException)34
ResponseBody (org.springframework.web.bind.annotation.ResponseBody)32
IOException (java.io.IOException)29
InputStream (java.io.InputStream)23
ArrayList (java.util.ArrayList)23
ImportSummary (org.hisp.dhis.dxf2.importsummary.ImportSummary)23
ConfigurationServiceException (org.nhindirect.config.service.ConfigurationServiceException)21
Date (java.util.Date)15
Grid (org.hisp.dhis.common.Grid)14
SearchDomainForm (org.nhindirect.config.ui.form.SearchDomainForm)14
ApiOperation (io.swagger.annotations.ApiOperation)13
ApiResponses (io.swagger.annotations.ApiResponses)13
Configuration (org.hisp.dhis.configuration.Configuration)13
HttpHeaders (org.springframework.http.HttpHeaders)13
List (java.util.List)12
