Search in sources :

Example 21 with ForbiddenPageException

use of org.asqatasun.webapp.exception.ForbiddenPageException in project Asqatasun by Asqatasun.

the class ManualAuditController method dispatchSubmitManualAuditValues.

/**
     * TO DO : replace this method with an call to the orchestrator 
     * to delegate the writes to the engine.
     * 
     * @param webresourceId
     * @param manualAuditCommand
     * @param result
     * @param model
     * @param request
     * @param isValidating
     * @return
     */
private String dispatchSubmitManualAuditValues(String webresourceId, ManualAuditCommand manualAuditCommand, BindingResult result, Model model, HttpServletRequest request, boolean isValidating) {
    WebResource webResource;
    try {
        webResource = getWebResourceDataService().ligthRead(Long.valueOf(webresourceId));
    } catch (NumberFormatException nfe) {
        throw new ForbiddenPageException();
    }
    if (webResource instanceof Site) {
        throw new ForbiddenPageException();
    }
    Audit audit = getAuditFromWebResource(webResource);
    if (isUserAllowedToDisplayResult(audit)) {
        model.addAttribute(TgolKeyStore.IS_MANUAL_AUDIT_KEY, true);
        List<ProcessResult> processResultList = TestResultFactory.getInstance().getProcessResultListFromTestsResult(manualAuditCommand.getModifiedManualResultMap(), webResource);
        processResultDataService.saveOrUpdate(processResultList);
        /**
             * if save the manual audit for the first time save we set the
             * manual audit start time and status to MANUAL_INITIALIZING
             */
        if (audit.getManualAuditDateOfCreation() == null) {
            audit.setManualAuditDateOfCreation(Calendar.getInstance().getTime());
            audit.setStatus(AuditStatus.MANUAL_INITIALIZING);
            getAuditDataService().update(audit);
        }
        List<ProcessResult> allProcessResultList = TestResultFactory.getInstance().getAllProcessResultListFromTestsResult(manualAuditCommand.getModifiedManualResultMap(), webResource);
        manualAuditCommand.setProcessResultList(allProcessResultList);
        if (isValidating) {
            manualAuditValidator.validate(manualAuditCommand, result);
            if (result.hasErrors()) {
                // ajout message d'erreur.
                model.addAttribute(TgolKeyStore.MANUAL_AUDIT_COMMAND_KEY, manualAuditCommand);
                return dispatchDisplayResultRequest(webResource.getId(), null, model, request, true, manualAuditCommand);
            } else {
                // mettre à jour le statut
                audit.setStatus(AuditStatus.MANUAL_COMPLETED);
                getAuditDataService().update(audit);
                webResourceStatisticsDataService.createWebResourceStatisticsForManualAudit(audit, webResource, allProcessResultList);
                Contract contract = retrieveContractFromAudit(audit);
                model.addAttribute(TgolKeyStore.CONTRACT_ID_KEY, contract.getId());
                return TgolKeyStore.CONTRACT_VIEW_NAME_REDIRECT;
            }
        }
        webResourceStatisticsDataService.createWebResourceStatisticsForManualAudit(audit, webResource, allProcessResultList);
        return dispatchDisplayResultRequest(webResource.getId(), null, model, request, true, manualAuditCommand);
    } else {
        throw new ForbiddenPageException();
    }
}
Also used : Site(org.asqatasun.entity.subject.Site) Audit(org.asqatasun.entity.audit.Audit) ProcessResult(org.asqatasun.entity.audit.ProcessResult) WebResource(org.asqatasun.entity.subject.WebResource) Contract(org.asqatasun.webapp.entity.contract.Contract) ForbiddenPageException(org.asqatasun.webapp.exception.ForbiddenPageException)

Example 22 with ForbiddenPageException

use of org.asqatasun.webapp.exception.ForbiddenPageException in project Asqatasun by Asqatasun.

the class PageListController method displayPageList.

/**
     *
     * @param request
     * @param response
     * @param model
     * @return
     * @throws java.lang.Exception
     */
@RequestMapping(value = TgolKeyStore.PAGE_LIST_CONTRACT_URL, method = RequestMethod.GET)
@Secured({ TgolKeyStore.ROLE_USER_KEY, TgolKeyStore.ROLE_ADMIN_KEY })
public String displayPageList(HttpServletRequest request, HttpServletResponse response, Model model) throws Exception {
    String auditId = ServletRequestUtils.getStringParameter(request, TgolKeyStore.AUDIT_ID_KEY);
    if (auditId == null) {
        throw new AuditParameterMissingException();
    }
    Audit audit;
    try {
        audit = getAuditDataService().read(Long.valueOf(auditId));
    } catch (NumberFormatException e) {
        throw new ForbiddenPageException(e);
    }
    if (isUserAllowedToDisplayResult(audit)) {
        return pageLinkDispatcher(request, audit, model);
    } else {
        // method returns true or throws an exception
        return TgolKeyStore.ACCESS_DENIED_VIEW_NAME;
    }
}
Also used : Audit(org.asqatasun.entity.audit.Audit) AuditParameterMissingException(org.asqatasun.webapp.exception.AuditParameterMissingException) ForbiddenPageException(org.asqatasun.webapp.exception.ForbiddenPageException) Secured(org.springframework.security.access.annotation.Secured) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Example 23 with ForbiddenPageException

use of org.asqatasun.webapp.exception.ForbiddenPageException in project Asqatasun by Asqatasun.

the class AuditResultController method displayTestResult.

/**
     *
     * @param webresourceId
     * @param testId
     * @param model
     * @return the test-result view name
     */
@RequestMapping(value = TgolKeyStore.TEST_RESULT_CONTRACT_URL, method = RequestMethod.GET)
public String displayTestResult(@RequestParam(TgolKeyStore.WEBRESOURCE_ID_KEY) String webresourceId, @RequestParam(TgolKeyStore.TEST_CODE_KEY) String testId, Model model) {
    Long wrId;
    Long tstId;
    try {
        wrId = Long.valueOf(webresourceId);
        tstId = Long.valueOf(testId);
    } catch (NumberFormatException nfe) {
        throw new ForbiddenUserException(getCurrentUser());
    }
    WebResource webResource = getWebResourceDataService().ligthRead(wrId);
    if (webResource == null) {
        throw new ForbiddenPageException();
    }
    Audit audit = getAuditFromWebResource(webResource);
    if (isUserAllowedToDisplayResult(audit)) {
        Contract contract = retrieveContractFromAudit(audit);
        // Attributes for breadcrumb
        model.addAttribute(TgolKeyStore.CONTRACT_ID_KEY, contract.getId());
        model.addAttribute(TgolKeyStore.CONTRACT_NAME_KEY, contract.getLabel());
        model.addAttribute(TgolKeyStore.URL_KEY, webResource.getURL());
        Test test = getTestDataService().read(tstId);
        model.addAttribute(TgolKeyStore.TEST_LABEL_KEY, test.getLabel());
        model.addAttribute(TgolKeyStore.AUDIT_ID_KEY, audit.getId());
        if (!test.getScope().equals(getPageScope())) {
            model.addAttribute(TgolKeyStore.SITE_SCOPE_TEST_DETAILS_KEY, true);
        } else {
            // Add a boolean used to display the breadcrumb.
            model.addAttribute(TgolKeyStore.AUTHORIZED_SCOPE_FOR_PAGE_LIST, isAuthorizedScopeForPageList(audit));
        }
        model.addAttribute(TgolKeyStore.TEST_RESULT_LIST_KEY, TestResultFactory.getInstance().getTestResultListFromTest(webResource, test));
        return TgolKeyStore.TEST_RESULT_VIEW_NAME;
    } else {
        throw new ForbiddenPageException();
    }
}
Also used : Audit(org.asqatasun.entity.audit.Audit) Test(org.asqatasun.entity.reference.Test) WebResource(org.asqatasun.entity.subject.WebResource) ForbiddenUserException(org.asqatasun.webapp.exception.ForbiddenUserException) Contract(org.asqatasun.webapp.entity.contract.Contract) ForbiddenPageException(org.asqatasun.webapp.exception.ForbiddenPageException) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Example 24 with ForbiddenPageException

use of org.asqatasun.webapp.exception.ForbiddenPageException in project Asqatasun by Asqatasun.

the class AuditResultController method displayCriterionResult.

/**
     *
     * @param webresourceId
     * @param criterionId
     * @param model
     * @return the test-result view name
     */
@RequestMapping(value = TgolKeyStore.CRITERION_RESULT_CONTRACT_URL, method = RequestMethod.GET)
public String displayCriterionResult(@RequestParam(TgolKeyStore.WEBRESOURCE_ID_KEY) String webresourceId, @RequestParam(TgolKeyStore.CRITERION_CODE_KEY) String criterionId, Model model) {
    Long wrId;
    Long critId;
    try {
        wrId = Long.valueOf(webresourceId);
        critId = Long.valueOf(criterionId);
    } catch (NumberFormatException nfe) {
        throw new ForbiddenUserException(getCurrentUser());
    }
    WebResource webResource = getWebResourceDataService().ligthRead(wrId);
    if (webResource == null || webResource instanceof Site) {
        throw new ForbiddenPageException();
    }
    Audit audit = getAuditFromWebResource(webResource);
    if (isUserAllowedToDisplayResult(audit)) {
        Contract contract = retrieveContractFromAudit(audit);
        // Attributes for breadcrumb
        model.addAttribute(TgolKeyStore.CONTRACT_ID_KEY, contract.getId());
        model.addAttribute(TgolKeyStore.CONTRACT_NAME_KEY, contract.getLabel());
        model.addAttribute(TgolKeyStore.URL_KEY, webResource.getURL());
        Criterion crit = criterionDataService.read(critId);
        model.addAttribute(TgolKeyStore.CRITERION_LABEL_KEY, crit.getLabel());
        model.addAttribute(TgolKeyStore.AUDIT_ID_KEY, audit.getId());
        // Add a boolean used to display the breadcrumb.
        model.addAttribute(TgolKeyStore.AUTHORIZED_SCOPE_FOR_PAGE_LIST, isAuthorizedScopeForPageList(audit));
        model.addAttribute(TgolKeyStore.TEST_RESULT_LIST_KEY, TestResultFactory.getInstance().getTestResultListFromCriterion(webResource, crit));
        return TgolKeyStore.CRITERION_RESULT_VIEW_NAME;
    } else {
        throw new ForbiddenPageException();
    }
}
Also used : Site(org.asqatasun.entity.subject.Site) Audit(org.asqatasun.entity.audit.Audit) Criterion(org.asqatasun.entity.reference.Criterion) WebResource(org.asqatasun.entity.subject.WebResource) ForbiddenUserException(org.asqatasun.webapp.exception.ForbiddenUserException) Contract(org.asqatasun.webapp.entity.contract.Contract) ForbiddenPageException(org.asqatasun.webapp.exception.ForbiddenPageException) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Example 25 with ForbiddenPageException

use of org.asqatasun.webapp.exception.ForbiddenPageException in project Asqatasun by Asqatasun.

the class AuditResultController method displayAuditResultFromContract.

/**
     * General router when receive audit-result request. Regarding the scope of
     * the audit, the returned page may differ.
     *
     * @param auditId
     * @param request
     * @param model
     * @return
     */
@RequestMapping(value = TgolKeyStore.AUDIT_RESULT_CONTRACT_URL, method = RequestMethod.GET)
@Secured({ TgolKeyStore.ROLE_USER_KEY, TgolKeyStore.ROLE_ADMIN_KEY })
public String displayAuditResultFromContract(@RequestParam(TgolKeyStore.AUDIT_ID_KEY) String auditId, HttpServletRequest request, Model model) {
    try {
        Audit audit = getAuditDataService().read(Long.valueOf(auditId));
        Act act = getActDataService().getActFromAudit(audit);
        switch(act.getScope().getCode()) {
            case FILE:
            case PAGE:
                model.addAttribute(TgolKeyStore.WEBRESOURCE_ID_KEY, audit.getSubject().getId());
                return TgolKeyStore.RESULT_PAGE_VIEW_REDIRECT_NAME;
            case DOMAIN:
            case SCENARIO:
                model.addAttribute(TgolKeyStore.AUDIT_ID_KEY, auditId);
                return TgolKeyStore.SYNTHESIS_SITE_VIEW_REDIRECT_NAME;
            case GROUPOFFILES:
            case GROUPOFPAGES:
                model.addAttribute(TgolKeyStore.AUDIT_ID_KEY, auditId);
                model.addAttribute(TgolKeyStore.STATUS_KEY, HttpStatusCodeFamily.f2xx.name());
                return TgolKeyStore.PAGE_LIST_XXX_VIEW_REDIRECT_NAME;
            default:
                throw new ForbiddenPageException();
        }
    } catch (NumberFormatException nfe) {
        throw new ForbiddenPageException();
    }
}
Also used : Audit(org.asqatasun.entity.audit.Audit) Act(org.asqatasun.webapp.entity.contract.Act) ForbiddenPageException(org.asqatasun.webapp.exception.ForbiddenPageException) Secured(org.springframework.security.access.annotation.Secured) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Aggregations

ForbiddenPageException (org.asqatasun.webapp.exception.ForbiddenPageException)35 RequestMapping (org.springframework.web.bind.annotation.RequestMapping)15 Secured (org.springframework.security.access.annotation.Secured)13 Contract (org.asqatasun.webapp.entity.contract.Contract)12 ExtendedModelMap (org.springframework.ui.ExtendedModelMap)11 Audit (org.asqatasun.entity.audit.Audit)10 ForbiddenUserException (org.asqatasun.webapp.exception.ForbiddenUserException)8 WebResource (org.asqatasun.entity.subject.WebResource)6 User (org.asqatasun.webapp.entity.user.User)5 Site (org.asqatasun.entity.subject.Site)4 HttpServletResponse (javax.servlet.http.HttpServletResponse)3 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)3 MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)3 HttpServletRequest (javax.servlet.http.HttpServletRequest)2 Page (org.asqatasun.entity.subject.Page)2 Act (org.asqatasun.webapp.entity.contract.Act)2 Scenario (org.asqatasun.webapp.entity.scenario.Scenario)2 Model (org.springframework.ui.Model)2 IOException (java.io.IOException)1 InputStream (java.io.InputStream)1