use of nikita.webapp.security.Authorisation in project nikita-noark5-core by HiOA-ABI.
the class DocumentDescriptionHateoasController method findAllDocumentDescriptionAssociatedWithRecord.
// Retrieve all DocumentObjects associated with a DocumentDescription identified by systemId
// GET [contextPath][api]/arkivstruktur/dokumentbeskrivelse/{systemId}/dokumentobjekt
@ApiOperation(value = "Retrieves a list of DocumentObjects associated with a DocumentDescription", response = DocumentObjectHateoas.class)
@ApiResponses(value = { @ApiResponse(code = 200, message = "DocumentObject returned", response = DocumentObjectHateoas.class), @ApiResponse(code = 401, message = API_MESSAGE_UNAUTHENTICATED_USER), @ApiResponse(code = 403, message = API_MESSAGE_UNAUTHORISED_FOR_USER), @ApiResponse(code = 500, message = API_MESSAGE_INTERNAL_SERVER_ERROR) })
@Counted
@RequestMapping(value = SLASH + LEFT_PARENTHESIS + SYSTEM_ID + RIGHT_PARENTHESIS + SLASH + DOCUMENT_OBJECT, method = RequestMethod.GET)
public ResponseEntity<DocumentObjectHateoas> findAllDocumentDescriptionAssociatedWithRecord(final UriComponentsBuilder uriBuilder, HttpServletRequest request, final HttpServletResponse response, @ApiParam(name = "systemID", value = "systemID of the file to retrieve associated Record", required = true) @PathVariable("systemID") final String systemID) {
DocumentDescription documentDescription = documentDescriptionService.findBySystemId(systemID);
if (documentDescription == null) {
throw new NoarkEntityNotFoundException("Could not find DocumentDescription object with systemID " + systemID);
}
DocumentObjectHateoas documentObjectHateoas = new DocumentObjectHateoas((List<INikitaEntity>) (List) documentDescription.getReferenceDocumentObject());
documentObjectHateoasHandler.addLinks(documentObjectHateoas, new Authorisation());
return ResponseEntity.status(HttpStatus.OK).allow(CommonUtils.WebUtils.getMethodsForRequestOrThrow(request.getServletPath())).body(documentObjectHateoas);
}
use of nikita.webapp.security.Authorisation in project nikita-noark5-core by HiOA-ABI.
the class DocumentDescriptionHateoasController method findAllDocumentDescription.
@ApiOperation(value = "Retrieves multiple DocumentDescription entities limited by ownership rights", notes = "The field skip" + "tells how many DocumentDescription rows of the result set to ignore (starting at 0), while top tells how many rows" + " after skip to return. Note if the value of top is greater than system value " + " nikita-noark5-core.pagination.maxPageSize, then nikita-noark5-core.pagination.maxPageSize is used. ", response = DocumentDescriptionHateoas.class)
@ApiResponses(value = { @ApiResponse(code = 200, message = "DocumentDescription list found", response = DocumentDescriptionHateoas.class), @ApiResponse(code = 401, message = API_MESSAGE_UNAUTHENTICATED_USER), @ApiResponse(code = 403, message = API_MESSAGE_UNAUTHORISED_FOR_USER), @ApiResponse(code = 500, message = API_MESSAGE_INTERNAL_SERVER_ERROR) })
@Counted
@RequestMapping(method = RequestMethod.GET)
public ResponseEntity<DocumentDescriptionHateoas> findAllDocumentDescription(final UriComponentsBuilder uriBuilder, HttpServletRequest request, final HttpServletResponse response, @RequestParam(name = "top", required = false) Integer top, @RequestParam(name = "skip", required = false) Integer skip) {
String ownedBy = SecurityContextHolder.getContext().getAuthentication().getName();
DocumentDescriptionHateoas documentDescriptionHateoas = new DocumentDescriptionHateoas((List<INikitaEntity>) (List) documentDescriptionService.findByOwnedBy(ownedBy));
documentDescriptionHateoasHandler.addLinks(documentDescriptionHateoas, new Authorisation());
return ResponseEntity.status(HttpStatus.OK).allow(CommonUtils.WebUtils.getMethodsForRequestOrThrow(request.getServletPath())).body(documentDescriptionHateoas);
}
use of nikita.webapp.security.Authorisation in project nikita-noark5-core by HiOA-ABI.
the class DocumentObjectHateoasController method findOneDocumentObjectBySystemId.
// API - All GET Requests (CRUD - READ)
// Get a documentObject identified by systemID
// GET [contextPath][api]/arkivstruktur/dokumentobjekt/{systemID}
@ApiOperation(value = "Retrieves a single DocumentObject entity given a systemId", response = DocumentObject.class)
@ApiResponses(value = { @ApiResponse(code = 200, message = "DocumentObject returned", response = DocumentObject.class), @ApiResponse(code = 401, message = API_MESSAGE_UNAUTHENTICATED_USER), @ApiResponse(code = 403, message = API_MESSAGE_UNAUTHORISED_FOR_USER), @ApiResponse(code = 500, message = API_MESSAGE_INTERNAL_SERVER_ERROR) })
@Counted
@RequestMapping(value = SLASH + LEFT_PARENTHESIS + SYSTEM_ID + RIGHT_PARENTHESIS, method = RequestMethod.GET, produces = { NOARK5_V4_CONTENT_TYPE_JSON, NOARK5_V4_CONTENT_TYPE_JSON_XML })
public ResponseEntity<DocumentObjectHateoas> findOneDocumentObjectBySystemId(final UriComponentsBuilder uriBuilder, HttpServletRequest request, final HttpServletResponse response, @ApiParam(name = "systemID", value = "systemID of the documentObject to retrieve", required = true) @PathVariable("systemID") final String documentObjectSystemId) {
DocumentObject createdDocumentObject = documentObjectService.findBySystemId(documentObjectSystemId);
if (createdDocumentObject == null) {
throw new NoarkEntityNotFoundException(documentObjectSystemId);
}
DocumentObjectHateoas documentObjectHateoas = new DocumentObjectHateoas(createdDocumentObject);
documentObjectHateoasHandler.addLinks(documentObjectHateoas, new Authorisation());
return ResponseEntity.status(HttpStatus.CREATED).allow(CommonUtils.WebUtils.getMethodsForRequestOrThrow(request.getServletPath())).eTag(createdDocumentObject.getVersion().toString()).body(documentObjectHateoas);
}
use of nikita.webapp.security.Authorisation in project nikita-noark5-core by HiOA-ABI.
the class DocumentObjectHateoasController method deleteDocumentObjectBySystemId.
// Delete a DocumentObject identified by systemID
// DELETE [contextPath][api]/arkivstruktur/dokumentobjekt/{systemId}/
@ApiOperation(value = "Deletes a single DocumentObject entity identified by systemID", response = HateoasNoarkObject.class)
@ApiResponses(value = { @ApiResponse(code = 200, message = "Parent entity (DocumentDescription or Record) returned", response = HateoasNoarkObject.class), @ApiResponse(code = 401, message = API_MESSAGE_UNAUTHENTICATED_USER), @ApiResponse(code = 403, message = API_MESSAGE_UNAUTHORISED_FOR_USER), @ApiResponse(code = 500, message = API_MESSAGE_INTERNAL_SERVER_ERROR) })
@Counted
@RequestMapping(value = SLASH + LEFT_PARENTHESIS + SYSTEM_ID + RIGHT_PARENTHESIS, method = RequestMethod.DELETE)
public ResponseEntity<HateoasNoarkObject> deleteDocumentObjectBySystemId(final UriComponentsBuilder uriBuilder, HttpServletRequest request, final HttpServletResponse response, @ApiParam(name = "systemID", value = "systemID of the documentObject to delete", required = true) @PathVariable("systemID") final String systemID) {
DocumentObject documentObject = documentObjectService.findBySystemId(systemID);
NoarkEntity parentEntity = documentObject.chooseParent();
documentObjectService.deleteEntity(systemID);
HateoasNoarkObject hateoasNoarkObject;
if (parentEntity instanceof DocumentDescription) {
hateoasNoarkObject = new DocumentDescriptionHateoas(parentEntity);
documentDescriptionHateoasHandler.addLinks(hateoasNoarkObject, new Authorisation());
} else if (parentEntity instanceof Record) {
hateoasNoarkObject = new RecordHateoas(parentEntity);
recordHateoasHandler.addLinks(hateoasNoarkObject, new Authorisation());
} else {
throw new NikitaException("Internal error. Could process" + request.getRequestURI());
}
applicationEventPublisher.publishEvent(new AfterNoarkEntityDeletedEvent(this, documentObject));
return ResponseEntity.status(HttpStatus.OK).allow(CommonUtils.WebUtils.getMethodsForRequestOrThrow(request.getServletPath())).body(hateoasNoarkObject);
}
use of nikita.webapp.security.Authorisation in project nikita-noark5-core by HiOA-ABI.
the class DocumentObjectHateoasController method updateDocumentObject.
// API - All PUT Requests (CRUD - UPDATE)
// Update a DocumentObject
// PUT [contextPath][api]/arkivstruktur/dokumentobjekt/{systemID}
@ApiOperation(value = "Updates a DocumentObject object", notes = "Returns the newly" + " update DocumentObject object after it is persisted to the database", response = DocumentObjectHateoas.class)
@ApiResponses(value = { @ApiResponse(code = 200, message = "DocumentObject " + API_MESSAGE_OBJECT_ALREADY_PERSISTED, response = DocumentObjectHateoas.class), @ApiResponse(code = 201, message = "DocumentObject " + API_MESSAGE_OBJECT_SUCCESSFULLY_CREATED, response = DocumentObjectHateoas.class), @ApiResponse(code = 401, message = API_MESSAGE_UNAUTHENTICATED_USER), @ApiResponse(code = 403, message = API_MESSAGE_UNAUTHORISED_FOR_USER), @ApiResponse(code = 404, message = API_MESSAGE_PARENT_DOES_NOT_EXIST + " of type DocumentObject"), @ApiResponse(code = 409, message = API_MESSAGE_CONFLICT), @ApiResponse(code = 500, message = API_MESSAGE_INTERNAL_SERVER_ERROR) })
@Counted
@RequestMapping(method = RequestMethod.PUT, value = SLASH + LEFT_PARENTHESIS + SYSTEM_ID + RIGHT_PARENTHESIS, consumes = { NOARK5_V4_CONTENT_TYPE_JSON })
public ResponseEntity<DocumentObjectHateoas> updateDocumentObject(final UriComponentsBuilder uriBuilder, HttpServletRequest request, final HttpServletResponse response, @ApiParam(name = "systemID", value = "systemId of documentObject to update.", required = true) @PathVariable("systemID") String systemID, @ApiParam(name = "documentObject", value = "Incoming documentObject object", required = true) @RequestBody DocumentObject documentObject) throws NikitaException {
validateForUpdate(documentObject);
DocumentObject updatedDocumentObject = documentObjectService.handleUpdate(systemID, parseETAG(request.getHeader(ETAG)), documentObject);
DocumentObjectHateoas documentObjectHateoas = new DocumentObjectHateoas(updatedDocumentObject);
documentObjectHateoasHandler.addLinks(documentObjectHateoas, new Authorisation());
applicationEventPublisher.publishEvent(new AfterNoarkEntityUpdatedEvent(this, updatedDocumentObject));
return ResponseEntity.status(HttpStatus.CREATED).allow(CommonUtils.WebUtils.getMethodsForRequestOrThrow(request.getServletPath())).eTag(updatedDocumentObject.getVersion().toString()).body(documentObjectHateoas);
}
Aggregations