use of org.asqatasun.webapp.exception.ForbiddenUserException in project Asqatasun by Asqatasun.
the class AuditResultController method displayTestResult.
/**
*
* @param webresourceId
* @param testId
* @param model
* @return the test-result view name
*/
@RequestMapping(value = TgolKeyStore.TEST_RESULT_CONTRACT_URL, method = RequestMethod.GET)
public String displayTestResult(@RequestParam(TgolKeyStore.WEBRESOURCE_ID_KEY) String webresourceId, @RequestParam(TgolKeyStore.TEST_CODE_KEY) String testId, Model model) {
Long wrId;
Long tstId;
try {
wrId = Long.valueOf(webresourceId);
tstId = Long.valueOf(testId);
} catch (NumberFormatException nfe) {
throw new ForbiddenUserException(getCurrentUser());
}
WebResource webResource = getWebResourceDataService().ligthRead(wrId);
if (webResource == null) {
throw new ForbiddenPageException();
}
Audit audit = getAuditFromWebResource(webResource);
if (isUserAllowedToDisplayResult(audit)) {
Contract contract = retrieveContractFromAudit(audit);
// Attributes for breadcrumb
model.addAttribute(TgolKeyStore.CONTRACT_ID_KEY, contract.getId());
model.addAttribute(TgolKeyStore.CONTRACT_NAME_KEY, contract.getLabel());
model.addAttribute(TgolKeyStore.URL_KEY, webResource.getURL());
Test test = getTestDataService().read(tstId);
model.addAttribute(TgolKeyStore.TEST_LABEL_KEY, test.getLabel());
model.addAttribute(TgolKeyStore.AUDIT_ID_KEY, audit.getId());
if (!test.getScope().equals(getPageScope())) {
model.addAttribute(TgolKeyStore.SITE_SCOPE_TEST_DETAILS_KEY, true);
} else {
// Add a boolean used to display the breadcrumb.
model.addAttribute(TgolKeyStore.AUTHORIZED_SCOPE_FOR_PAGE_LIST, isAuthorizedScopeForPageList(audit));
}
model.addAttribute(TgolKeyStore.TEST_RESULT_LIST_KEY, TestResultFactory.getInstance().getTestResultListFromTest(webResource, test));
return TgolKeyStore.TEST_RESULT_VIEW_NAME;
} else {
throw new ForbiddenPageException();
}
}
use of org.asqatasun.webapp.exception.ForbiddenUserException in project Asqatasun by Asqatasun.
the class AuditResultController method displayCriterionResult.
/**
*
* @param webresourceId
* @param criterionId
* @param model
* @return the test-result view name
*/
@RequestMapping(value = TgolKeyStore.CRITERION_RESULT_CONTRACT_URL, method = RequestMethod.GET)
public String displayCriterionResult(@RequestParam(TgolKeyStore.WEBRESOURCE_ID_KEY) String webresourceId, @RequestParam(TgolKeyStore.CRITERION_CODE_KEY) String criterionId, Model model) {
Long wrId;
Long critId;
try {
wrId = Long.valueOf(webresourceId);
critId = Long.valueOf(criterionId);
} catch (NumberFormatException nfe) {
throw new ForbiddenUserException(getCurrentUser());
}
WebResource webResource = getWebResourceDataService().ligthRead(wrId);
if (webResource == null || webResource instanceof Site) {
throw new ForbiddenPageException();
}
Audit audit = getAuditFromWebResource(webResource);
if (isUserAllowedToDisplayResult(audit)) {
Contract contract = retrieveContractFromAudit(audit);
// Attributes for breadcrumb
model.addAttribute(TgolKeyStore.CONTRACT_ID_KEY, contract.getId());
model.addAttribute(TgolKeyStore.CONTRACT_NAME_KEY, contract.getLabel());
model.addAttribute(TgolKeyStore.URL_KEY, webResource.getURL());
Criterion crit = criterionDataService.read(critId);
model.addAttribute(TgolKeyStore.CRITERION_LABEL_KEY, crit.getLabel());
model.addAttribute(TgolKeyStore.AUDIT_ID_KEY, audit.getId());
// Add a boolean used to display the breadcrumb.
model.addAttribute(TgolKeyStore.AUTHORIZED_SCOPE_FOR_PAGE_LIST, isAuthorizedScopeForPageList(audit));
model.addAttribute(TgolKeyStore.TEST_RESULT_LIST_KEY, TestResultFactory.getInstance().getTestResultListFromCriterion(webResource, crit));
return TgolKeyStore.CRITERION_RESULT_VIEW_NAME;
} else {
throw new ForbiddenPageException();
}
}
use of org.asqatasun.webapp.exception.ForbiddenUserException in project Asqatasun by Asqatasun.
the class AuditSynthesisController method displayAuditSynthesisFromContract.
/**
*
* @param auditId
* @param request
* @param response
* @param model
* @return
*/
@RequestMapping(value = TgolKeyStore.AUDIT_SYNTHESIS_CONTRACT_URL, method = RequestMethod.GET)
@Secured({ TgolKeyStore.ROLE_USER_KEY, TgolKeyStore.ROLE_ADMIN_KEY })
public String displayAuditSynthesisFromContract(@RequestParam(TgolKeyStore.AUDIT_ID_KEY) String auditId, HttpServletRequest request, HttpServletResponse response, Model model) {
Long aId;
try {
aId = Long.valueOf(auditId);
} catch (NumberFormatException nfe) {
throw new ForbiddenPageException();
}
Audit audit = getAuditDataService().read(aId);
if (isUserAllowedToDisplayResult(audit)) {
if (isAuthorizedScopeForSynthesis(audit)) {
Contract contract = retrieveContractFromAudit(audit);
model.addAttribute(TgolKeyStore.CONTRACT_ID_KEY, contract.getId());
model.addAttribute(TgolKeyStore.CONTRACT_NAME_KEY, contract.getLabel());
model.addAttribute(TgolKeyStore.AUDIT_ID_KEY, auditId);
model.addAttribute(TgolKeyStore.WEBRESOURCE_ID_KEY, audit.getSubject().getId());
return prepareSynthesisSiteData(audit, model);
} else {
throw new ForbiddenPageException();
}
} else {
throw new ForbiddenUserException();
}
}
use of org.asqatasun.webapp.exception.ForbiddenUserException in project Asqatasun by Asqatasun.
the class ContractController method displayContractPage.
/**
*
* @param request
* @param model
* @param contractId
* @return
*/
private String displayContractPage(HttpServletRequest request, Model model, Long contractId) {
model.addAttribute(TgolKeyStore.LOCALE_KEY, localeResolver.resolveLocale(request));
Contract contract = getContractDataService().read(contractId);
if (isContractExpired(contract)) {
throw new ForbiddenUserException(getCurrentUser());
}
// model.addAttribute(TgolKeyStore.CONTRACT_ACTION_LIST_KEY, actionHandler.getActionList(contract));
if (isContractHasFunctionalityAllowingTrend(contract)) {
model.addAttribute(TgolKeyStore.DISPLAY_RESULT_TREND_KEY, true);
}
if (isContractHasFunctionalityAllowingManualAudit(contract)) {
model.addAttribute(TgolKeyStore.CONTRACT_WITH_MANUAL_AUDIT_KEY, true);
}
return displayContractView(contract, model);
}
use of org.asqatasun.webapp.exception.ForbiddenUserException in project Asqatasun by Asqatasun.
the class UserManagementController method displayDeleteUserAuditsConfirmationPage.
/**
* @param request
* @param response
* @param model
* @return the name of the view that displays the confirmation page
* when trying to delete all the audits of a user
*/
@RequestMapping(value = TgolKeyStore.DELETE_USER_AUDITS_URL, method = RequestMethod.POST)
@Secured(TgolKeyStore.ROLE_ADMIN_KEY)
public String displayDeleteUserAuditsConfirmationPage(HttpServletRequest request, HttpServletResponse response, Model model) {
Object userId = request.getSession().getAttribute(TgolKeyStore.USER_ID_TO_DELETE_KEY);
Long lUserId;
if (userId instanceof Long) {
lUserId = (Long) userId;
} else {
try {
lUserId = Long.valueOf(userId.toString());
} catch (NumberFormatException nfe) {
throw new ForbiddenUserException();
}
}
User userToDelete = getUserDataService().read(lUserId);
for (Contract contract : userToDelete.getContractSet()) {
deleteAllAuditsFromContract(contract);
}
request.getSession().removeAttribute(TgolKeyStore.USER_ID_TO_DELETE_KEY);
request.getSession().setAttribute(TgolKeyStore.DELETED_USER_AUDITS_KEY, userToDelete.getEmail1());
return TgolKeyStore.ADMIN_VIEW_REDIRECT_NAME;
}
Aggregations