Examples with AccessDeniedException de.symeda.sormas.api.utils.AccessDeniedException used on opensource projects

Search in sources :

Example 1 with AccessDeniedException

use of de.symeda.sormas.api.utils.AccessDeniedException in project SORMAS-Project by hzi-braunschweig.

the class ContactFacadeEjb method save.

@RolesAllowed({ UserRight._CONTACT_CREATE, UserRight._CONTACT_EDIT })
public ContactDto save(ContactDto dto, boolean handleChanges, boolean handleCaseChanges, boolean checkChangeDate, boolean internal) {
    final Contact existingContact = dto.getUuid() != null ? service.getByUuid(dto.getUuid()) : null;
    if (internal && existingContact != null && !service.isContactEditAllowed(existingContact).equals(EditPermissionType.ALLOWED)) {
        throw new AccessDeniedException(I18nProperties.getString(Strings.errorContactNotEditable));
    }
    final ContactDto existingContactDto = toDto(existingContact);
    restorePseudonymizedDto(dto, existingContactDto, existingContact, Pseudonymizer.getDefault(userService::hasRight));
    validateUserRights(dto, existingContactDto);
    validate(dto);
    externalJournalService.handleExternalJournalPersonUpdateAsync(dto.getPerson());
    // taking this out because it may lead to server problems
    // case disease can change over time and there is currently no mechanism that would delete all related contacts
    // in this case the best solution is to only keep this hidden from the UI and still allow it in the backend
    // if (!DiseaseHelper.hasContactFollowUp(entity.getCaze().getDisease(), entity.getCaze().getPlagueType())) {
    // throw new UnsupportedOperationException("Contact creation is not allowed for diseases that don't have contact follow-up.");
    // }
    Contact entity = fillOrBuildEntity(dto, existingContact, checkChangeDate);
    service.ensurePersisted(entity);
    if (existingContact == null && featureConfigurationFacade.isTaskGenerationFeatureEnabled(TaskType.CONTACT_INVESTIGATION)) {
        createInvestigationTask(entity);
    }
    if (handleChanges) {
        entity.setCompleteness(calculateCompleteness(entity));
        updateContactVisitAssociations(existingContactDto, entity);
        final boolean convertedToCase = (existingContactDto == null || existingContactDto.getResultingCase() == null) && entity.getResultingCase() != null;
        final boolean dropped = entity.getContactStatus() == ContactStatus.DROPPED && (existingContactDto == null || existingContactDto.getContactStatus() != ContactStatus.DROPPED);
        if (dropped || convertedToCase) {
            service.cancelFollowUp(entity, I18nProperties.getString(convertedToCase ? Strings.messageSystemFollowUpCanceled : Strings.messageSystemFollowUpCanceledByDropping));
        } else {
            service.updateFollowUpDetails(entity, existingContactDto != null && entity.getFollowUpStatus() != existingContactDto.getFollowUpStatus());
        }
        service.udpateContactStatus(entity);
        if (handleCaseChanges && entity.getCaze() != null) {
            caseFacade.onCaseChanged(caseFacade.toDto(entity.getCaze()), entity.getCaze(), internal);
        }
        onContactChanged(existingContactDto, entity, internal);
    }
    return toDto(entity);
}
Also used : AccessDeniedException(de.symeda.sormas.api.utils.AccessDeniedException) DashboardContactDto(de.symeda.sormas.api.dashboard.DashboardContactDto) SimilarContactDto(de.symeda.sormas.api.contact.SimilarContactDto) MapContactDto(de.symeda.sormas.api.contact.MapContactDto) ContactDto(de.symeda.sormas.api.contact.ContactDto) RolesAllowed(javax.annotation.security.RolesAllowed)

Example 2 with AccessDeniedException

use of de.symeda.sormas.api.utils.AccessDeniedException in project SORMAS-Project by hzi-braunschweig.

the class EventFacadeEjb method save.

@RolesAllowed({ UserRight._EVENT_CREATE, UserRight._EVENT_EDIT })
public EventDto save(@NotNull EventDto dto, boolean checkChangeDate, boolean internal) {
    Event existingEvent = dto.getUuid() != null ? service.getByUuid(dto.getUuid()) : null;
    if (internal && existingEvent != null && !service.isEventEditAllowed(existingEvent).equals(EditPermissionType.ALLOWED)) {
        throw new AccessDeniedException(I18nProperties.getString(Strings.errorEventNotEditable));
    }
    EventDto existingDto = toDto(existingEvent);
    Pseudonymizer pseudonymizer = Pseudonymizer.getDefault(userService::hasRight);
    restorePseudonymizedDto(dto, existingDto, existingEvent, pseudonymizer);
    if (dto.getReportDateTime() == null) {
        throw new ValidationRuntimeException(I18nProperties.getValidationError(Validations.validReportDateTime));
    }
    Event event = fillOrBuildEntity(dto, existingEvent, checkChangeDate);
    service.ensurePersisted(event);
    onEventChange(toDto(event), internal);
    return convertToDto(event, pseudonymizer);
}
Also used : AccessDeniedException(de.symeda.sormas.api.utils.AccessDeniedException) Pseudonymizer(de.symeda.sormas.backend.util.Pseudonymizer) EventDto(de.symeda.sormas.api.event.EventDto) ValidationRuntimeException(de.symeda.sormas.api.utils.ValidationRuntimeException) RolesAllowed(javax.annotation.security.RolesAllowed)

Example 3 with AccessDeniedException

use of de.symeda.sormas.api.utils.AccessDeniedException in project SORMAS-Project by hzi-braunschweig.

the class AbstractCoreFacadeEjb method doSave.

@DenyAll
public DTO doSave(@Valid @NotNull DTO dto) {
    ADO existingAdo = dto.getUuid() != null ? service.getByUuid(dto.getUuid()) : null;
    if (existingAdo != null && !service.getEditPermissionType(existingAdo).equals(EditPermissionType.ALLOWED)) {
        throw new AccessDeniedException(I18nProperties.getString(Strings.errorEntityNotEditable));
    }
    DTO existingDto = toDto(existingAdo);
    Pseudonymizer pseudonymizer = Pseudonymizer.getDefault(userService::hasRight);
    restorePseudonymizedDto(dto, existingDto, existingAdo, pseudonymizer);
    validate(dto);
    existingAdo = fillOrBuildEntity(dto, existingAdo, true);
    service.ensurePersisted(existingAdo);
    return convertToDto(existingAdo, pseudonymizer);
}
Also used : AccessDeniedException(de.symeda.sormas.api.utils.AccessDeniedException) Pseudonymizer(de.symeda.sormas.backend.util.Pseudonymizer) DenyAll(javax.annotation.security.DenyAll)

Example 4 with AccessDeniedException

use of de.symeda.sormas.api.utils.AccessDeniedException in project SORMAS-Project by hzi-braunschweig.

the class ImmunizationFacadeEjb method save.

@RolesAllowed({ UserRight._IMMUNIZATION_CREATE, UserRight._IMMUNIZATION_EDIT })
public ImmunizationDto save(@Valid @NotNull ImmunizationDto dto, boolean checkChangeDate, boolean internal) {
    Immunization existingImmunization = service.getByUuid(dto.getUuid());
    if (internal && existingImmunization != null && !service.isImmunizationEditAllowed(existingImmunization).equals(EditPermissionType.ALLOWED)) {
        throw new AccessDeniedException(I18nProperties.getString(Strings.errorImmunizationNotEditable));
    }
    ImmunizationDto existingDto = toDto(existingImmunization);
    Pseudonymizer pseudonymizer = Pseudonymizer.getDefault(userService::hasRight);
    restorePseudonymizedDto(dto, existingDto, existingImmunization, pseudonymizer);
    validate(dto);
    Immunization immunization = fillOrBuildEntity(dto, existingImmunization, checkChangeDate);
    service.updateImmunizationStatusBasedOnVaccinations(immunization);
    immunization.getVaccinations().forEach(vaccination -> {
        VaccinationDto existingVaccination = null;
        if (existingDto != null) {
            existingVaccination = existingDto.getVaccinations().stream().filter(vaccinationDto -> vaccination.getUuid().equals(vaccinationDto.getUuid())).findAny().orElse(null);
        }
        Date oldVaccinationDate = existingVaccination != null ? existingVaccination.getVaccinationDate() : null;
        vaccinationFacade.updateVaccinationStatuses(vaccination.getVaccinationDate(), oldVaccinationDate, immunization.getPerson().getId(), immunization.getDisease());
    });
    service.ensurePersisted(immunization);
    if (existingImmunization != null && internal && sormasToSormasFacade.isFeatureConfigured()) {
        syncSharesAsync(existingImmunization);
    }
    return convertToDto(immunization, pseudonymizer);
}
Also used : ImmunizationManagementStatus(de.symeda.sormas.api.immunization.ImmunizationManagementStatus) DtoHelper(de.symeda.sormas.backend.util.DtoHelper) RolesAllowed(javax.annotation.security.RolesAllowed) Date(java.util.Date) I18nProperties(de.symeda.sormas.api.i18n.I18nProperties) PathogenTestFacadeEjb(de.symeda.sormas.backend.sample.PathogenTestFacadeEjb) LoggerFactory(org.slf4j.LoggerFactory) ImmunizationFacade(de.symeda.sormas.api.immunization.ImmunizationFacade) Immunization(de.symeda.sormas.backend.immunization.entity.Immunization) CommunityFacadeEjb(de.symeda.sormas.backend.infrastructure.community.CommunityFacadeEjb) MeansOfImmunization(de.symeda.sormas.api.immunization.MeansOfImmunization) AccessDeniedException(de.symeda.sormas.api.utils.AccessDeniedException) DistrictService(de.symeda.sormas.backend.infrastructure.district.DistrictService) PersonDto(de.symeda.sormas.api.person.PersonDto) CountryService(de.symeda.sormas.backend.infrastructure.country.CountryService) Valid(javax.validation.Valid) EntityDto(de.symeda.sormas.api.EntityDto) AbstractCoreFacadeEjb(de.symeda.sormas.backend.common.AbstractCoreFacadeEjb) CaseOutcome(de.symeda.sormas.api.caze.CaseOutcome) Page(de.symeda.sormas.api.common.Page) TransactionAttributeType(javax.ejb.TransactionAttributeType) ImmunizationReferenceDto(de.symeda.sormas.api.immunization.ImmunizationReferenceDto) SormasToSormasCaseFacadeEjb(de.symeda.sormas.backend.sormastosormas.entities.caze.SormasToSormasCaseFacadeEjb) UserFacadeEjb(de.symeda.sormas.backend.user.UserFacadeEjb) CriteriaBuilder(javax.persistence.criteria.CriteriaBuilder) ImmunizationListEntryDto(de.symeda.sormas.api.immunization.ImmunizationListEntryDto) Vaccination(de.symeda.sormas.backend.vaccination.Vaccination) ImmunizationListCriteria(de.symeda.sormas.api.immunization.ImmunizationListCriteria) SormasToSormasOriginInfoFacadeEjb(de.symeda.sormas.backend.sormastosormas.origin.SormasToSormasOriginInfoFacadeEjb) ManagedScheduledExecutorService(javax.enterprise.concurrent.ManagedScheduledExecutorService) Stateless(javax.ejb.Stateless) CriteriaQuery(javax.persistence.criteria.CriteriaQuery) FacilityService(de.symeda.sormas.backend.infrastructure.facility.FacilityService) CaseService(de.symeda.sormas.backend.caze.CaseService) CountryFacadeEjb(de.symeda.sormas.backend.infrastructure.country.CountryFacadeEjb) CaseCriteria(de.symeda.sormas.api.caze.CaseCriteria) CommunityService(de.symeda.sormas.backend.infrastructure.community.CommunityService) Timestamp(java.sql.Timestamp) Collection(java.util.Collection) ShareRequestDataType(de.symeda.sormas.api.sormastosormas.sharerequest.ShareRequestDataType) Resource(javax.annotation.Resource) CaseDataDto(de.symeda.sormas.api.caze.CaseDataDto) NotNull(javax.validation.constraints.NotNull) Pseudonymizer(de.symeda.sormas.backend.util.Pseudonymizer) Collectors(java.util.stream.Collectors) Objects(java.util.Objects) ShareTreeCriteria(de.symeda.sormas.api.sormastosormas.ShareTreeCriteria) List(java.util.List) ImmunizationCriteria(de.symeda.sormas.api.immunization.ImmunizationCriteria) UserService(de.symeda.sormas.backend.user.UserService) DistrictFacadeEjb(de.symeda.sormas.backend.infrastructure.district.DistrictFacadeEjb) User(de.symeda.sormas.backend.user.User) PathogenTestResultType(de.symeda.sormas.api.sample.PathogenTestResultType) EditPermissionType(de.symeda.sormas.api.EditPermissionType) LocalDate(java.time.LocalDate) CoreEntityType(de.symeda.sormas.api.common.CoreEntityType) SormasToSormasContactFacadeEjb(de.symeda.sormas.backend.sormastosormas.entities.contact.SormasToSormasContactFacadeEjb) ImmunizationDto(de.symeda.sormas.api.immunization.ImmunizationDto) ShareRequestInfo(de.symeda.sormas.backend.sormastosormas.share.shareinfo.ShareRequestInfo) ValidationRuntimeException(de.symeda.sormas.api.utils.ValidationRuntimeException) PersonReferenceDto(de.symeda.sormas.api.person.PersonReferenceDto) DateHelper(de.symeda.sormas.api.utils.DateHelper) FacilityFacadeEjb(de.symeda.sormas.backend.infrastructure.facility.FacilityFacadeEjb) CaseFacadeEjb(de.symeda.sormas.backend.caze.CaseFacadeEjb) ArrayList(java.util.ArrayList) CaseReferenceDto(de.symeda.sormas.api.caze.CaseReferenceDto) Inject(javax.inject.Inject) DeletionDetails(de.symeda.sormas.api.common.DeletionDetails) TransactionAttribute(javax.ejb.TransactionAttribute) LocalBean(javax.ejb.LocalBean) SampleFacadeEjb(de.symeda.sormas.backend.sample.SampleFacadeEjb) VaccinationFacadeEjbLocal(de.symeda.sormas.backend.vaccination.VaccinationFacadeEjb.VaccinationFacadeEjbLocal) PathogenTestDto(de.symeda.sormas.api.sample.PathogenTestDto) EJB(javax.ejb.EJB) Root(javax.persistence.criteria.Root) Logger(org.slf4j.Logger) Validations(de.symeda.sormas.api.i18n.Validations) DataHelper(de.symeda.sormas.api.utils.DataHelper) PersonFacadeEjb(de.symeda.sormas.backend.person.PersonFacadeEjb) SormasToSormasFacadeEjb(de.symeda.sormas.backend.sormastosormas.SormasToSormasFacadeEjb) ImmunizationIndexDto(de.symeda.sormas.api.immunization.ImmunizationIndexDto) PersonService(de.symeda.sormas.backend.person.PersonService) SortProperty(de.symeda.sormas.api.utils.SortProperty) RegionFacadeEjb(de.symeda.sormas.backend.infrastructure.region.RegionFacadeEjb) RegionService(de.symeda.sormas.backend.infrastructure.region.RegionService) Captions(de.symeda.sormas.api.i18n.Captions) TimeUnit(java.util.concurrent.TimeUnit) UserRight(de.symeda.sormas.api.user.UserRight) VaccinationDto(de.symeda.sormas.api.vaccination.VaccinationDto) ImmunizationSimilarityCriteria(de.symeda.sormas.api.immunization.ImmunizationSimilarityCriteria) ImmunizationStatus(de.symeda.sormas.api.immunization.ImmunizationStatus) ShareInfoHelper(de.symeda.sormas.backend.sormastosormas.share.shareinfo.ShareInfoHelper) Comparator(java.util.Comparator) Strings(de.symeda.sormas.api.i18n.Strings) Collections(java.util.Collections) SormasToSormasEventFacadeEjb(de.symeda.sormas.backend.sormastosormas.entities.event.SormasToSormasEventFacadeEjb) ImmunizationDto(de.symeda.sormas.api.immunization.ImmunizationDto) Immunization(de.symeda.sormas.backend.immunization.entity.Immunization) MeansOfImmunization(de.symeda.sormas.api.immunization.MeansOfImmunization) AccessDeniedException(de.symeda.sormas.api.utils.AccessDeniedException) Pseudonymizer(de.symeda.sormas.backend.util.Pseudonymizer) VaccinationDto(de.symeda.sormas.api.vaccination.VaccinationDto) Date(java.util.Date) LocalDate(java.time.LocalDate) RolesAllowed(javax.annotation.security.RolesAllowed)

Example 5 with AccessDeniedException

use of de.symeda.sormas.api.utils.AccessDeniedException in project SORMAS-Project by hzi-braunschweig.

the class SampleFacadeEjb method saveSample.

@RolesAllowed({ UserRight._SAMPLE_CREATE, UserRight._SAMPLE_EDIT })
public SampleDto saveSample(@Valid SampleDto dto, boolean handleChanges, boolean checkChangeDate, boolean internal) {
    Sample existingSample = sampleService.getByUuid(dto.getUuid());
    if (internal && existingSample != null && !sampleService.isSampleEditAllowed(existingSample)) {
        throw new AccessDeniedException(I18nProperties.getString(Strings.errorSampleNotEditable));
    }
    SampleDto existingSampleDto = toDto(existingSample);
    restorePseudonymizedDto(dto, existingSample, existingSampleDto);
    Sample sample = fromDto(dto, checkChangeDate);
    // Set defaults for testing requests
    if (sample.getPathogenTestingRequested() == null) {
        sample.setPathogenTestingRequested(false);
    }
    if (sample.getAdditionalTestingRequested() == null) {
        sample.setAdditionalTestingRequested(false);
    }
    sampleService.ensurePersisted(sample);
    if (handleChanges) {
        onSampleChanged(existingSampleDto, sample, internal);
    }
    return toDto(sample);
}
Also used : AccessDeniedException(de.symeda.sormas.api.utils.AccessDeniedException) SampleDto(de.symeda.sormas.api.sample.SampleDto) RolesAllowed(javax.annotation.security.RolesAllowed)

Aggregations

AccessDeniedException (de.symeda.sormas.api.utils.AccessDeniedException)7 RolesAllowed (javax.annotation.security.RolesAllowed)5 Pseudonymizer (de.symeda.sormas.backend.util.Pseudonymizer)4 CaseDataDto (de.symeda.sormas.api.caze.CaseDataDto)2 User (de.symeda.sormas.backend.user.User)2 EditPermissionType (de.symeda.sormas.api.EditPermissionType)1 EntityDto (de.symeda.sormas.api.EntityDto)1 CaseCriteria (de.symeda.sormas.api.caze.CaseCriteria)1 CaseOutcome (de.symeda.sormas.api.caze.CaseOutcome)1 CaseReferenceDto (de.symeda.sormas.api.caze.CaseReferenceDto)1 CoreEntityType (de.symeda.sormas.api.common.CoreEntityType)1 DeletionDetails (de.symeda.sormas.api.common.DeletionDetails)1 Page (de.symeda.sormas.api.common.Page)1 ContactDto (de.symeda.sormas.api.contact.ContactDto)1 MapContactDto (de.symeda.sormas.api.contact.MapContactDto)1 SimilarContactDto (de.symeda.sormas.api.contact.SimilarContactDto)1 DashboardContactDto (de.symeda.sormas.api.dashboard.DashboardContactDto)1 EventDto (de.symeda.sormas.api.event.EventDto)1 EventParticipantDto (de.symeda.sormas.api.event.EventParticipantDto)1 EventReferenceDto (de.symeda.sormas.api.event.EventReferenceDto)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial