use of org.asqatasun.webapp.exception.ForbiddenPageException in project Asqatasun by Asqatasun.
the class AuditScenarioController method deleteScenarioFile.
@RequestMapping(value = TgolKeyStore.DELETE_SCENARIO_URL_CONTRACT_URL, method = RequestMethod.GET)
@Secured({ TgolKeyStore.ROLE_USER_KEY, TgolKeyStore.ROLE_ADMIN_KEY })
public String deleteScenarioFile(@RequestParam(TgolKeyStore.CONTRACT_ID_KEY) String contractId, @RequestParam(TgolKeyStore.SCENARIO_ID_KEY) String scenarioId, HttpServletRequest request, HttpServletResponse response, Model model) {
Contract contract = getContractDataService().read(Long.valueOf(contractId));
if (contract.getUser().getId().equals(getCurrentUser().getId())) {
for (Scenario scenario : contract.getScenarioSet()) {
if (scenario.getId().equals(Long.valueOf(scenarioId))) {
deleteScenario(scenario, contract);
model.addAttribute(TgolKeyStore.DELETED_SCENARIO_NAME_KEY, scenario.getLabel());
prepareScenarioManagementData(model, contractId);
return TgolKeyStore.SCENARIO_MANAGEMENT_VIEW_NAME;
}
}
throw new ForbiddenPageException(getCurrentUser());
} else {
throw new ForbiddenPageException(getCurrentUser());
}
}
use of org.asqatasun.webapp.exception.ForbiddenPageException in project Asqatasun by Asqatasun.
the class AuditSynthesisController method displayAuditSynthesisFromContract.
/**
*
* @param auditId
* @param request
* @param response
* @param model
* @return
*/
@RequestMapping(value = TgolKeyStore.AUDIT_SYNTHESIS_CONTRACT_URL, method = RequestMethod.GET)
@Secured({ TgolKeyStore.ROLE_USER_KEY, TgolKeyStore.ROLE_ADMIN_KEY })
public String displayAuditSynthesisFromContract(@RequestParam(TgolKeyStore.AUDIT_ID_KEY) String auditId, HttpServletRequest request, HttpServletResponse response, Model model) {
Long aId;
try {
aId = Long.valueOf(auditId);
} catch (NumberFormatException nfe) {
throw new ForbiddenPageException();
}
Audit audit = getAuditDataService().read(aId);
if (isUserAllowedToDisplayResult(audit)) {
if (isAuthorizedScopeForSynthesis(audit)) {
Contract contract = retrieveContractFromAudit(audit);
model.addAttribute(TgolKeyStore.CONTRACT_ID_KEY, contract.getId());
model.addAttribute(TgolKeyStore.CONTRACT_NAME_KEY, contract.getLabel());
model.addAttribute(TgolKeyStore.AUDIT_ID_KEY, auditId);
model.addAttribute(TgolKeyStore.WEBRESOURCE_ID_KEY, audit.getSubject().getId());
return prepareSynthesisSiteData(audit, model);
} else {
throw new ForbiddenPageException();
}
} else {
throw new ForbiddenUserException();
}
}
use of org.asqatasun.webapp.exception.ForbiddenPageException in project Asqatasun by Asqatasun.
the class PageListControllerTest method testDisplayPageListWithPageAudit.
/**
* The PageList cannot be displayed when the webResource is a Page
* instance. The returned view is an access denied in this case.
*
* @throws Exception
*/
public void testDisplayPageListWithPageAudit() throws Exception {
System.out.println("testDisplayPageListWithPageAudit");
// The audit with Id 1 is associated with a Page instance
setUpMockAuditDataService(PAGE_AUDIT_ID);
setUpMockUserDataService();
setUpActDataService(false);
setUpMockAuthenticationContext();
HttpServletResponse response = new MockHttpServletResponse();
MockHttpServletRequest request = new MockHttpServletRequest();
request.addParameter(TgolKeyStore.AUDIT_ID_KEY, String.valueOf(PAGE_AUDIT_ID));
try {
instance.displayPageList(request, response, new ExtendedModelMap());
assertTrue(false);
} catch (ForbiddenPageException fbe) {
// The exception is caught when testing if audit.getSubject() is
// an instance of Page
assertTrue(true);
}
}
use of org.asqatasun.webapp.exception.ForbiddenPageException in project Asqatasun by Asqatasun.
the class PageListControllerTest method testDisplayPageListWithWrongAuditId.
/**
* if the id cannot be converted as Long, the ForbiddenPageException is
* caught.
*
* @throws Exception
*/
public void testDisplayPageListWithWrongAuditId() throws Exception {
System.out.println("testDisplayPageListWithWrongAuditId");
MockHttpServletRequest request = new MockHttpServletRequest();
request.addParameter(TgolKeyStore.AUDIT_ID_KEY, "wrongId");
try {
instance.displayPageList(request, new MockHttpServletResponse(), new ExtendedModelMap());
assertTrue(false);
} catch (ForbiddenPageException fbe) {
assertTrue(StringUtils.equals("java.lang.NumberFormatException: For input string: \"wrongId\"", fbe.getCause().toString()));
}
}
use of org.asqatasun.webapp.exception.ForbiddenPageException in project Asqatasun by Asqatasun.
the class AuditSetUpControllerTest method testDisplayPageAuditPageSetUpWithUnauthorisedFunctionality.
public void testDisplayPageAuditPageSetUpWithUnauthorisedFunctionality() {
System.out.println("testDisplayPageAuditPageSetUpWithUnauthorisedFunctionality");
setUpMockUserDataServiceAndUser();
setUpMockAuthenticationContext();
setUpMockContractDataService(2, "Contract1");
setUpEmptyViewFunctionalityBindingMap();
// regarding the viewFunctionalityBindingMap. An exception is caught
try {
instance.displayPageAuditSetUp("2", null, null, new ExtendedModelMap());
assertTrue(false);
} catch (ForbiddenPageException fue) {
assertTrue(true);
}
}
Aggregations