Search in sources :

Example 61 with Authorisation

use of nikita.webapp.security.Authorisation in project nikita-noark5-core by HiOA-ABI.

the class DocumentDescriptionHateoasController method findAllDocumentDescriptionAssociatedWithRecord.

// Retrieve all DocumentObjects associated with a DocumentDescription identified by systemId
// GET [contextPath][api]/arkivstruktur/dokumentbeskrivelse/{systemId}/dokumentobjekt
@ApiOperation(value = "Retrieves a list of DocumentObjects associated with a DocumentDescription", response = DocumentObjectHateoas.class)
@ApiResponses(value = { @ApiResponse(code = 200, message = "DocumentObject returned", response = DocumentObjectHateoas.class), @ApiResponse(code = 401, message = API_MESSAGE_UNAUTHENTICATED_USER), @ApiResponse(code = 403, message = API_MESSAGE_UNAUTHORISED_FOR_USER), @ApiResponse(code = 500, message = API_MESSAGE_INTERNAL_SERVER_ERROR) })
@Counted
@RequestMapping(value = SLASH + LEFT_PARENTHESIS + SYSTEM_ID + RIGHT_PARENTHESIS + SLASH + DOCUMENT_OBJECT, method = RequestMethod.GET)
public ResponseEntity<DocumentObjectHateoas> findAllDocumentDescriptionAssociatedWithRecord(final UriComponentsBuilder uriBuilder, HttpServletRequest request, final HttpServletResponse response, @ApiParam(name = "systemID", value = "systemID of the file to retrieve associated Record", required = true) @PathVariable("systemID") final String systemID) {
    DocumentDescription documentDescription = documentDescriptionService.findBySystemId(systemID);
    if (documentDescription == null) {
        throw new NoarkEntityNotFoundException("Could not find DocumentDescription object with systemID " + systemID);
    }
    DocumentObjectHateoas documentObjectHateoas = new DocumentObjectHateoas((List<INikitaEntity>) (List) documentDescription.getReferenceDocumentObject());
    documentObjectHateoasHandler.addLinks(documentObjectHateoas, new Authorisation());
    return ResponseEntity.status(HttpStatus.OK).allow(CommonUtils.WebUtils.getMethodsForRequestOrThrow(request.getServletPath())).body(documentObjectHateoas);
}
Also used : DocumentDescription(nikita.common.model.noark5.v4.DocumentDescription) DocumentObjectHateoas(nikita.common.model.noark5.v4.hateoas.DocumentObjectHateoas) INikitaEntity(nikita.common.model.noark5.v4.interfaces.entities.INikitaEntity) Authorisation(nikita.webapp.security.Authorisation) NoarkEntityNotFoundException(nikita.common.util.exceptions.NoarkEntityNotFoundException) ArrayList(java.util.ArrayList) List(java.util.List) Counted(com.codahale.metrics.annotation.Counted) ApiOperation(io.swagger.annotations.ApiOperation) ApiResponses(io.swagger.annotations.ApiResponses)

Example 62 with Authorisation

use of nikita.webapp.security.Authorisation in project nikita-noark5-core by HiOA-ABI.

the class DocumentDescriptionHateoasController method findAllDocumentDescription.

@ApiOperation(value = "Retrieves multiple DocumentDescription entities limited by ownership rights", notes = "The field skip" + "tells how many DocumentDescription rows of the result set to ignore (starting at 0), while  top tells how many rows" + " after skip to return. Note if the value of top is greater than system value " + " nikita-noark5-core.pagination.maxPageSize, then nikita-noark5-core.pagination.maxPageSize is used. ", response = DocumentDescriptionHateoas.class)
@ApiResponses(value = { @ApiResponse(code = 200, message = "DocumentDescription list found", response = DocumentDescriptionHateoas.class), @ApiResponse(code = 401, message = API_MESSAGE_UNAUTHENTICATED_USER), @ApiResponse(code = 403, message = API_MESSAGE_UNAUTHORISED_FOR_USER), @ApiResponse(code = 500, message = API_MESSAGE_INTERNAL_SERVER_ERROR) })
@Counted
@RequestMapping(method = RequestMethod.GET)
public ResponseEntity<DocumentDescriptionHateoas> findAllDocumentDescription(final UriComponentsBuilder uriBuilder, HttpServletRequest request, final HttpServletResponse response, @RequestParam(name = "top", required = false) Integer top, @RequestParam(name = "skip", required = false) Integer skip) {
    String ownedBy = SecurityContextHolder.getContext().getAuthentication().getName();
    DocumentDescriptionHateoas documentDescriptionHateoas = new DocumentDescriptionHateoas((List<INikitaEntity>) (List) documentDescriptionService.findByOwnedBy(ownedBy));
    documentDescriptionHateoasHandler.addLinks(documentDescriptionHateoas, new Authorisation());
    return ResponseEntity.status(HttpStatus.OK).allow(CommonUtils.WebUtils.getMethodsForRequestOrThrow(request.getServletPath())).body(documentDescriptionHateoas);
}
Also used : INikitaEntity(nikita.common.model.noark5.v4.interfaces.entities.INikitaEntity) Authorisation(nikita.webapp.security.Authorisation) DocumentDescriptionHateoas(nikita.common.model.noark5.v4.hateoas.DocumentDescriptionHateoas) ArrayList(java.util.ArrayList) List(java.util.List) Counted(com.codahale.metrics.annotation.Counted) ApiOperation(io.swagger.annotations.ApiOperation) ApiResponses(io.swagger.annotations.ApiResponses)

Example 63 with Authorisation

use of nikita.webapp.security.Authorisation in project nikita-noark5-core by HiOA-ABI.

the class DocumentObjectHateoasController method findOneDocumentObjectBySystemId.

// API - All GET Requests (CRUD - READ)
// Get a documentObject identified by systemID
// GET [contextPath][api]/arkivstruktur/dokumentobjekt/{systemID}
@ApiOperation(value = "Retrieves a single DocumentObject entity given a systemId", response = DocumentObject.class)
@ApiResponses(value = { @ApiResponse(code = 200, message = "DocumentObject returned", response = DocumentObject.class), @ApiResponse(code = 401, message = API_MESSAGE_UNAUTHENTICATED_USER), @ApiResponse(code = 403, message = API_MESSAGE_UNAUTHORISED_FOR_USER), @ApiResponse(code = 500, message = API_MESSAGE_INTERNAL_SERVER_ERROR) })
@Counted
@RequestMapping(value = SLASH + LEFT_PARENTHESIS + SYSTEM_ID + RIGHT_PARENTHESIS, method = RequestMethod.GET, produces = { NOARK5_V4_CONTENT_TYPE_JSON, NOARK5_V4_CONTENT_TYPE_JSON_XML })
public ResponseEntity<DocumentObjectHateoas> findOneDocumentObjectBySystemId(final UriComponentsBuilder uriBuilder, HttpServletRequest request, final HttpServletResponse response, @ApiParam(name = "systemID", value = "systemID of the documentObject to retrieve", required = true) @PathVariable("systemID") final String documentObjectSystemId) {
    DocumentObject createdDocumentObject = documentObjectService.findBySystemId(documentObjectSystemId);
    if (createdDocumentObject == null) {
        throw new NoarkEntityNotFoundException(documentObjectSystemId);
    }
    DocumentObjectHateoas documentObjectHateoas = new DocumentObjectHateoas(createdDocumentObject);
    documentObjectHateoasHandler.addLinks(documentObjectHateoas, new Authorisation());
    return ResponseEntity.status(HttpStatus.CREATED).allow(CommonUtils.WebUtils.getMethodsForRequestOrThrow(request.getServletPath())).eTag(createdDocumentObject.getVersion().toString()).body(documentObjectHateoas);
}
Also used : DocumentObjectHateoas(nikita.common.model.noark5.v4.hateoas.DocumentObjectHateoas) Authorisation(nikita.webapp.security.Authorisation) DocumentObject(nikita.common.model.noark5.v4.DocumentObject) NoarkEntityNotFoundException(nikita.common.util.exceptions.NoarkEntityNotFoundException) Counted(com.codahale.metrics.annotation.Counted) ApiOperation(io.swagger.annotations.ApiOperation) ApiResponses(io.swagger.annotations.ApiResponses)

Example 64 with Authorisation

use of nikita.webapp.security.Authorisation in project nikita-noark5-core by HiOA-ABI.

the class DocumentObjectHateoasController method deleteDocumentObjectBySystemId.

// Delete a DocumentObject identified by systemID
// DELETE [contextPath][api]/arkivstruktur/dokumentobjekt/{systemId}/
@ApiOperation(value = "Deletes a single DocumentObject entity identified by systemID", response = HateoasNoarkObject.class)
@ApiResponses(value = { @ApiResponse(code = 200, message = "Parent entity (DocumentDescription or Record) returned", response = HateoasNoarkObject.class), @ApiResponse(code = 401, message = API_MESSAGE_UNAUTHENTICATED_USER), @ApiResponse(code = 403, message = API_MESSAGE_UNAUTHORISED_FOR_USER), @ApiResponse(code = 500, message = API_MESSAGE_INTERNAL_SERVER_ERROR) })
@Counted
@RequestMapping(value = SLASH + LEFT_PARENTHESIS + SYSTEM_ID + RIGHT_PARENTHESIS, method = RequestMethod.DELETE)
public ResponseEntity<HateoasNoarkObject> deleteDocumentObjectBySystemId(final UriComponentsBuilder uriBuilder, HttpServletRequest request, final HttpServletResponse response, @ApiParam(name = "systemID", value = "systemID of the documentObject to delete", required = true) @PathVariable("systemID") final String systemID) {
    DocumentObject documentObject = documentObjectService.findBySystemId(systemID);
    NoarkEntity parentEntity = documentObject.chooseParent();
    documentObjectService.deleteEntity(systemID);
    HateoasNoarkObject hateoasNoarkObject;
    if (parentEntity instanceof DocumentDescription) {
        hateoasNoarkObject = new DocumentDescriptionHateoas(parentEntity);
        documentDescriptionHateoasHandler.addLinks(hateoasNoarkObject, new Authorisation());
    } else if (parentEntity instanceof Record) {
        hateoasNoarkObject = new RecordHateoas(parentEntity);
        recordHateoasHandler.addLinks(hateoasNoarkObject, new Authorisation());
    } else {
        throw new NikitaException("Internal error. Could process" + request.getRequestURI());
    }
    applicationEventPublisher.publishEvent(new AfterNoarkEntityDeletedEvent(this, documentObject));
    return ResponseEntity.status(HttpStatus.OK).allow(CommonUtils.WebUtils.getMethodsForRequestOrThrow(request.getServletPath())).body(hateoasNoarkObject);
}
Also used : NikitaException(nikita.common.util.exceptions.NikitaException) NoarkEntity(nikita.common.model.noark5.v4.NoarkEntity) DocumentDescription(nikita.common.model.noark5.v4.DocumentDescription) HateoasNoarkObject(nikita.common.model.noark5.v4.hateoas.HateoasNoarkObject) Authorisation(nikita.webapp.security.Authorisation) DocumentDescriptionHateoas(nikita.common.model.noark5.v4.hateoas.DocumentDescriptionHateoas) RecordHateoas(nikita.common.model.noark5.v4.hateoas.RecordHateoas) DocumentObject(nikita.common.model.noark5.v4.DocumentObject) Record(nikita.common.model.noark5.v4.Record) AfterNoarkEntityDeletedEvent(nikita.webapp.web.events.AfterNoarkEntityDeletedEvent) Counted(com.codahale.metrics.annotation.Counted) ApiOperation(io.swagger.annotations.ApiOperation) ApiResponses(io.swagger.annotations.ApiResponses)

Example 65 with Authorisation

use of nikita.webapp.security.Authorisation in project nikita-noark5-core by HiOA-ABI.

the class DocumentObjectHateoasController method updateDocumentObject.

// API - All PUT Requests (CRUD - UPDATE)
// Update a DocumentObject
// PUT [contextPath][api]/arkivstruktur/dokumentobjekt/{systemID}
@ApiOperation(value = "Updates a DocumentObject object", notes = "Returns the newly" + " update DocumentObject object after it is persisted to the database", response = DocumentObjectHateoas.class)
@ApiResponses(value = { @ApiResponse(code = 200, message = "DocumentObject " + API_MESSAGE_OBJECT_ALREADY_PERSISTED, response = DocumentObjectHateoas.class), @ApiResponse(code = 201, message = "DocumentObject " + API_MESSAGE_OBJECT_SUCCESSFULLY_CREATED, response = DocumentObjectHateoas.class), @ApiResponse(code = 401, message = API_MESSAGE_UNAUTHENTICATED_USER), @ApiResponse(code = 403, message = API_MESSAGE_UNAUTHORISED_FOR_USER), @ApiResponse(code = 404, message = API_MESSAGE_PARENT_DOES_NOT_EXIST + " of type DocumentObject"), @ApiResponse(code = 409, message = API_MESSAGE_CONFLICT), @ApiResponse(code = 500, message = API_MESSAGE_INTERNAL_SERVER_ERROR) })
@Counted
@RequestMapping(method = RequestMethod.PUT, value = SLASH + LEFT_PARENTHESIS + SYSTEM_ID + RIGHT_PARENTHESIS, consumes = { NOARK5_V4_CONTENT_TYPE_JSON })
public ResponseEntity<DocumentObjectHateoas> updateDocumentObject(final UriComponentsBuilder uriBuilder, HttpServletRequest request, final HttpServletResponse response, @ApiParam(name = "systemID", value = "systemId of documentObject to update.", required = true) @PathVariable("systemID") String systemID, @ApiParam(name = "documentObject", value = "Incoming documentObject object", required = true) @RequestBody DocumentObject documentObject) throws NikitaException {
    validateForUpdate(documentObject);
    DocumentObject updatedDocumentObject = documentObjectService.handleUpdate(systemID, parseETAG(request.getHeader(ETAG)), documentObject);
    DocumentObjectHateoas documentObjectHateoas = new DocumentObjectHateoas(updatedDocumentObject);
    documentObjectHateoasHandler.addLinks(documentObjectHateoas, new Authorisation());
    applicationEventPublisher.publishEvent(new AfterNoarkEntityUpdatedEvent(this, updatedDocumentObject));
    return ResponseEntity.status(HttpStatus.CREATED).allow(CommonUtils.WebUtils.getMethodsForRequestOrThrow(request.getServletPath())).eTag(updatedDocumentObject.getVersion().toString()).body(documentObjectHateoas);
}
Also used : DocumentObjectHateoas(nikita.common.model.noark5.v4.hateoas.DocumentObjectHateoas) Authorisation(nikita.webapp.security.Authorisation) DocumentObject(nikita.common.model.noark5.v4.DocumentObject) AfterNoarkEntityUpdatedEvent(nikita.webapp.web.events.AfterNoarkEntityUpdatedEvent) Counted(com.codahale.metrics.annotation.Counted) ApiOperation(io.swagger.annotations.ApiOperation) ApiResponses(io.swagger.annotations.ApiResponses)

Aggregations

Authorisation (nikita.webapp.security.Authorisation)212 MetadataHateoas (nikita.common.model.noark5.v4.hateoas.metadata.MetadataHateoas)121 Counted (com.codahale.metrics.annotation.Counted)98 ApiOperation (io.swagger.annotations.ApiOperation)87 ApiResponses (io.swagger.annotations.ApiResponses)87 List (java.util.List)76 INikitaEntity (nikita.common.model.noark5.v4.interfaces.entities.INikitaEntity)75 AfterNoarkEntityUpdatedEvent (nikita.webapp.web.events.AfterNoarkEntityUpdatedEvent)34 CaseFileHateoas (nikita.common.model.noark5.v4.hateoas.casehandling.CaseFileHateoas)13 NoarkEntityNotFoundException (nikita.common.util.exceptions.NoarkEntityNotFoundException)13 AfterNoarkEntityCreatedEvent (nikita.webapp.web.events.AfterNoarkEntityCreatedEvent)13 Class (nikita.common.model.noark5.v4.Class)8 Fonds (nikita.common.model.noark5.v4.Fonds)8 CaseFile (nikita.common.model.noark5.v4.casehandling.CaseFile)8 NikitaException (nikita.common.util.exceptions.NikitaException)8 DocumentDescription (nikita.common.model.noark5.v4.DocumentDescription)7 DocumentObject (nikita.common.model.noark5.v4.DocumentObject)7 ClassHateoas (nikita.common.model.noark5.v4.hateoas.ClassHateoas)7 DocumentObjectHateoas (nikita.common.model.noark5.v4.hateoas.DocumentObjectHateoas)7 FondsCreatorHateoas (nikita.common.model.noark5.v4.hateoas.FondsCreatorHateoas)7