Examples with Authorisation no.arkivlab.hioa.nikita.webapp.security.Authorisation used on opensource projects

Example 91 with Authorisation

use of no.arkivlab.hioa.nikita.webapp.security.Authorisation in project nikita-noark5-core by HiOA-ABI.

the class SeriesHateoasController method createCaseFileAssociatedWithSeries.

// Create a new casefile
// POST [contextPath][api]/arkivstruktur/arkivdel/{systemId}/ny-saksmappe/
// This currently is not supported in the standard, but probably will be later
@ApiOperation(value = "Persists a CaseFile object associated with the given Series systemId", notes = "Returns " + "the newly created caseFile object after it was associated with a Series object and persisted to " + "the database", response = CaseFileHateoas.class)
@ApiResponses(value = { @ApiResponse(code = 200, message = "File " + API_MESSAGE_OBJECT_ALREADY_PERSISTED, response = CaseFileHateoas.class), @ApiResponse(code = 201, message = "File " + API_MESSAGE_OBJECT_SUCCESSFULLY_CREATED, response = CaseFileHateoas.class), @ApiResponse(code = 401, message = API_MESSAGE_UNAUTHENTICATED_USER), @ApiResponse(code = 403, message = API_MESSAGE_UNAUTHORISED_FOR_USER), @ApiResponse(code = 404, message = API_MESSAGE_PARENT_DOES_NOT_EXIST + " of type CaseFile"), @ApiResponse(code = 409, message = API_MESSAGE_CONFLICT), @ApiResponse(code = 500, message = API_MESSAGE_INTERNAL_SERVER_ERROR) })
@Counted
@Timed
@RequestMapping(method = RequestMethod.POST, value = SLASH + LEFT_PARENTHESIS + SYSTEM_ID + RIGHT_PARENTHESIS + SLASH + NEW_CASE_FILE, consumes = { NOARK5_V4_CONTENT_TYPE_JSON })
public ResponseEntity<CaseFileHateoas> createCaseFileAssociatedWithSeries(HttpServletRequest request, @ApiParam(name = "systemID", value = "systemId of series to associate the caseFile with", required = true) @PathVariable String systemID, @ApiParam(name = "caseFile", value = "Incoming caseFile object", required = true) @RequestBody CaseFile caseFile) throws NikitaException {
    validateForCreate(caseFile);
    CaseFile createdCaseFile = seriesService.createCaseFileAssociatedWithSeries(systemID, caseFile);
    CaseFileHateoas caseFileHateoas = new CaseFileHateoas(createdCaseFile);
    caseFileHateoasHandler.addLinks(caseFileHateoas, request, new Authorisation());
    applicationEventPublisher.publishEvent(new AfterNoarkEntityCreatedEvent(this, createdCaseFile));
    return ResponseEntity.status(HttpStatus.CREATED).allow(CommonUtils.WebUtils.getMethodsForRequestOrThrow(request.getServletPath())).eTag(createdCaseFile.getVersion().toString()).body(caseFileHateoas);
}

Example 92 with Authorisation

use of no.arkivlab.hioa.nikita.webapp.security.Authorisation in project nikita-noark5-core by HiOA-ABI.

the class AdministrativeUnitController method createAdministrativeUnit.

// API - All POST Requests (CRUD - CREATE)
// Creates a new administrativtenhet
// POST [contextPath][api]/admin/ny-administrativtenhet
@ApiOperation(value = "Persists a new AdministrativeUnit object", notes = "Returns the newly" + " created AdministrativeUnit object after it is persisted to the database", response = AdministrativeUnit.class)
@ApiResponses(value = { @ApiResponse(code = 200, message = "AdministrativeUnit " + API_MESSAGE_OBJECT_ALREADY_PERSISTED, response = AdministrativeUnit.class), @ApiResponse(code = 201, message = "AdministrativeUnit " + API_MESSAGE_OBJECT_SUCCESSFULLY_CREATED, response = AdministrativeUnit.class), @ApiResponse(code = 401, message = API_MESSAGE_UNAUTHENTICATED_USER), @ApiResponse(code = 403, message = API_MESSAGE_UNAUTHORISED_FOR_USER), @ApiResponse(code = 404, message = API_MESSAGE_MALFORMED_PAYLOAD), @ApiResponse(code = 409, message = API_MESSAGE_CONFLICT), @ApiResponse(code = 500, message = API_MESSAGE_INTERNAL_SERVER_ERROR), @ApiResponse(code = 501, message = API_MESSAGE_NOT_IMPLEMENTED) })
@Counted
@Timed
@RequestMapping(method = RequestMethod.POST, value = NEW_ADMINISTRATIVE_UNIT)
public ResponseEntity<AdministrativeUnitHateoas> createAdministrativeUnit(HttpServletRequest request, @RequestBody AdministrativeUnit administrativeUnit) throws NikitaException {
    administrativeUnitService.createNewAdministrativeUnit(administrativeUnit);
    AdministrativeUnitHateoas adminHateoas = new AdministrativeUnitHateoas(administrativeUnit);
    administrativeUnitHateoasHandler.addLinks(adminHateoas, request, new Authorisation());
    return ResponseEntity.status(HttpStatus.CREATED).allow(CommonUtils.WebUtils.getMethodsForRequestOrThrow(request.getServletPath())).eTag(administrativeUnit.getVersion().toString()).body(adminHateoas);
}

Example 93 with Authorisation

use of no.arkivlab.hioa.nikita.webapp.security.Authorisation in project nikita-noark5-core by HiOA-ABI.

the class AdministrativeUnitController method findAll.

// API - All GET Requests (CRUD - READ)
// Retrieves all administrativeUnit
// GET [contextPath][api]/admin/administrativtenhet/
@ApiOperation(value = "Retrieves all AdministrativeUnit ", response = AdministrativeUnit.class)
@ApiResponses(value = { @ApiResponse(code = 200, message = "AdministrativeUnit found", response = AdministrativeUnit.class), @ApiResponse(code = 404, message = "No AdministrativeUnit found"), @ApiResponse(code = 401, message = API_MESSAGE_UNAUTHENTICATED_USER), @ApiResponse(code = 403, message = API_MESSAGE_UNAUTHORISED_FOR_USER), @ApiResponse(code = 500, message = API_MESSAGE_INTERNAL_SERVER_ERROR) })
@Counted
@Timed
@RequestMapping(method = RequestMethod.GET, value = ADMINISTRATIVE_UNIT)
public ResponseEntity<AdministrativeUnitHateoas> findAll(HttpServletRequest request) {
    AdministrativeUnitHateoas adminHateoas = new AdministrativeUnitHateoas((ArrayList<INikitaEntity>) (ArrayList) administrativeUnitService.findAll());
    administrativeUnitHateoasHandler.addLinks(adminHateoas, request, new Authorisation());
    return ResponseEntity.status(HttpStatus.OK).allow(CommonUtils.WebUtils.getMethodsForRequestOrThrow(request.getServletPath())).body(adminHateoas);
}

Example 94 with Authorisation

use of no.arkivlab.hioa.nikita.webapp.security.Authorisation in project nikita-noark5-core by HiOA-ABI.

the class AdministrativeUnitController method updateAdministrativeUnit.

// API - All PUT Requests (CRUD - UPDATE)
// Update a administrativtenhet
// PUT [contextPath][api]/metatdata/administrativtenhet/{systemID}
@ApiOperation(value = "Updates a AdministrativeUnit object", notes = "Returns the newly" + " updated AdministrativeUnit object after it is persisted to the database", response = AdministrativeUnit.class)
@ApiResponses(value = { @ApiResponse(code = 200, message = "AdministrativeUnit " + API_MESSAGE_OBJECT_ALREADY_PERSISTED, response = AdministrativeUnit.class), @ApiResponse(code = 401, message = API_MESSAGE_UNAUTHENTICATED_USER), @ApiResponse(code = 403, message = API_MESSAGE_UNAUTHORISED_FOR_USER), @ApiResponse(code = 404, message = API_MESSAGE_MALFORMED_PAYLOAD), @ApiResponse(code = 409, message = API_MESSAGE_CONFLICT), @ApiResponse(code = 500, message = API_MESSAGE_INTERNAL_SERVER_ERROR) })
@Counted
@Timed
@RequestMapping(method = RequestMethod.PUT, value = ADMINISTRATIVE_UNIT + SLASH + LEFT_PARENTHESIS + SYSTEM_ID + RIGHT_PARENTHESIS)
public ResponseEntity<AdministrativeUnitHateoas> updateAdministrativeUnit(HttpServletRequest request, @ApiParam(name = "systemID", value = "systemID of documentDescription to update.", required = true) @PathVariable("systemID") String systemID, @ApiParam(name = "administrativeUnit", value = "Incoming administrativeUnit object", required = true) @RequestBody AdministrativeUnit administrativeUnit) throws NikitaException {
    AdministrativeUnit newAdministrativeUnit = administrativeUnitService.update(systemID, parseETAG(request.getHeader(ETAG)), administrativeUnit);
    AdministrativeUnitHateoas adminHateoas = new AdministrativeUnitHateoas(administrativeUnit);
    administrativeUnitHateoasHandler.addLinks(adminHateoas, request, new Authorisation());
    return ResponseEntity.status(HttpStatus.OK).allow(CommonUtils.WebUtils.getMethodsForRequestOrThrow(request.getServletPath())).body(adminHateoas);
}

Example 95 with Authorisation

use of no.arkivlab.hioa.nikita.webapp.security.Authorisation in project nikita-noark5-core by HiOA-ABI.

the class CaseFileHateoasController method deleteCaseFileBySystemId.

// Delete a CaseFile identified by systemID
// DELETE [contextPath][api]/casehandling/saksmappe/{systemId}/
@ApiOperation(value = "Deletes a single CaseFile entity identified by systemID", response = HateoasNoarkObject.class)
@ApiResponses(value = { @ApiResponse(code = 200, message = "Parent entity (DocumentDescription or CaseFile) returned", response = HateoasNoarkObject.class), @ApiResponse(code = 401, message = API_MESSAGE_UNAUTHENTICATED_USER), @ApiResponse(code = 403, message = API_MESSAGE_UNAUTHORISED_FOR_USER), @ApiResponse(code = 500, message = API_MESSAGE_INTERNAL_SERVER_ERROR) })
@Counted
@Timed
@RequestMapping(value = SLASH + LEFT_PARENTHESIS + SYSTEM_ID + RIGHT_PARENTHESIS, method = RequestMethod.DELETE)
public ResponseEntity<HateoasNoarkObject> deleteCaseFileBySystemId(final UriComponentsBuilder uriBuilder, HttpServletRequest request, final HttpServletResponse response, @ApiParam(name = "systemID", value = "systemID of the caseFile to delete", required = true) @PathVariable("systemID") final String systemID) {
    CaseFile caseFile = caseFileService.findBySystemIdOrderBySystemId(systemID);
    NoarkEntity parentEntity = caseFile.chooseParent();
    HateoasNoarkObject hateoasNoarkObject;
    if (parentEntity instanceof Series) {
        hateoasNoarkObject = new SeriesHateoas(parentEntity);
        seriesHateoasHandler.addLinks(hateoasNoarkObject, request, new Authorisation());
    } else // TODO: Can a casefile have a Class as parent???
    if (parentEntity instanceof Class) {
        hateoasNoarkObject = new ClassHateoas(parentEntity);
        classHateoasHandler.addLinks(hateoasNoarkObject, request, new Authorisation());
    } else {
        throw new NikitaException("Internal error. Could not process " + request.getRequestURI());
    }
    caseFileService.deleteEntity(systemID);
    applicationEventPublisher.publishEvent(new AfterNoarkEntityDeletedEvent(this, caseFile));
    return ResponseEntity.status(HttpStatus.OK).allow(CommonUtils.WebUtils.getMethodsForRequestOrThrow(request.getServletPath())).body(hateoasNoarkObject);
}