use of org.asqatasun.webapp.exception.ForbiddenUserException in project Asqatasun by Asqatasun.
the class UserManagementController method displayEditUserAdminPage.
/**
* @param userId
* @param request
* @param response
* @param model
* @return The pages audit set-up form page
*/
@RequestMapping(value = TgolKeyStore.EDIT_USER_URL, method = RequestMethod.GET)
@Secured(TgolKeyStore.ROLE_ADMIN_KEY)
public String displayEditUserAdminPage(@RequestParam(TgolKeyStore.USER_ID_KEY) String userId, HttpServletRequest request, HttpServletResponse response, Model model) {
Long lUserId;
try {
lUserId = Long.valueOf(userId);
} catch (NumberFormatException nfe) {
throw new ForbiddenUserException();
}
User userToModify = getUserDataService().read(lUserId);
model.addAttribute(TgolKeyStore.USER_NAME_KEY, userToModify.getEmail1());
request.getSession().setAttribute(TgolKeyStore.USER_ID_KEY, lUserId);
return prepateDataAndReturnCreateUserView(model, userToModify, TgolKeyStore.EDIT_USER_VIEW_NAME);
}
use of org.asqatasun.webapp.exception.ForbiddenUserException in project Asqatasun by Asqatasun.
the class UserManagementController method submitEditUserForm.
/**
* This methods controls the validity of the form and launch an audit with
* values populated by the user. In case of audit failure, an appropriate
* message is displayed
*
* @param createUserCommand
* @param result
* @param request
* @param model
* @return
* @throws Exception
*/
@RequestMapping(value = TgolKeyStore.EDIT_USER_URL, method = RequestMethod.POST)
@Secured(TgolKeyStore.ROLE_ADMIN_KEY)
protected String submitEditUserForm(@ModelAttribute(TgolKeyStore.CREATE_USER_COMMAND_KEY) CreateUserCommand createUserCommand, BindingResult result, HttpServletRequest request, Model model) throws Exception {
Long userId;
try {
userId = (Long) (request.getSession().getAttribute(TgolKeyStore.USER_ID_KEY));
} catch (NumberFormatException nfe) {
throw new ForbiddenUserException();
}
boolean updateAllData = true;
if (getCurrentUser().getId().equals(userId)) {
updateAllData = false;
}
return submitUpdateUserForm(createUserCommand, result, request, model, getUserDataService().read(userId), TgolKeyStore.ADMIN_VIEW_NAME, TgolKeyStore.EDIT_USER_VIEW_NAME, updateAllData, true, TgolKeyStore.UPDATED_USER_NAME_KEY);
}
use of org.asqatasun.webapp.exception.ForbiddenUserException in project Asqatasun by Asqatasun.
the class ContractManagementController method deleteContractPage.
/**
* @param contractId
* @param request
* @param response
* @param model
* @return The pages audit set-up form page
*/
@RequestMapping(value = TgolKeyStore.DELETE_CONTRACT_URL, method = RequestMethod.GET)
@Secured(TgolKeyStore.ROLE_ADMIN_KEY)
public String deleteContractPage(@RequestParam(TgolKeyStore.CONTRACT_ID_KEY) String contractId, HttpServletRequest request, HttpServletResponse response, Model model) {
Long lContractId;
try {
lContractId = Long.valueOf(contractId);
} catch (NumberFormatException nfe) {
throw new ForbiddenUserException();
}
Contract contractToDelete = getContractDataService().read(lContractId);
request.getSession().setAttribute(TgolKeyStore.CONTRACT_ID_TO_DELETE_KEY, contractToDelete.getId());
model.addAttribute(TgolKeyStore.CONTRACT_NAME_TO_DELETE_KEY, contractToDelete.getLabel());
model.addAttribute(TgolKeyStore.USER_ID_KEY, contractToDelete.getUser().getId());
model.addAttribute(TgolKeyStore.USER_NAME_KEY, contractToDelete.getUser().getEmail1());
return TgolKeyStore.DELETE_CONTRACT_VIEW_NAME;
}
use of org.asqatasun.webapp.exception.ForbiddenUserException in project Asqatasun by Asqatasun.
the class ContractManagementController method deleteContractAuditsPage.
/**
*
* @param contractId
* @param request
* @param response
* @param model
* @return
*/
@RequestMapping(value = TgolKeyStore.DELETE_CONTRACT_AUDITS_URL, method = RequestMethod.GET)
@Secured(TgolKeyStore.ROLE_ADMIN_KEY)
public String deleteContractAuditsPage(@RequestParam(TgolKeyStore.CONTRACT_ID_KEY) String contractId, HttpServletRequest request, HttpServletResponse response, Model model) {
Long lContractId;
try {
lContractId = Long.valueOf(contractId);
} catch (NumberFormatException nfe) {
throw new ForbiddenUserException();
}
Contract contractToDelete = getContractDataService().read(lContractId);
model.addAttribute(TgolKeyStore.CONTRACT_NAME_TO_DELETE_KEY, contractToDelete.getLabel());
model.addAttribute(TgolKeyStore.USER_ID_KEY, contractToDelete.getUser().getId());
model.addAttribute(TgolKeyStore.USER_NAME_KEY, contractToDelete.getUser().getEmail1());
request.getSession().setAttribute(TgolKeyStore.CONTRACT_ID_TO_DELETE_KEY, contractToDelete.getId());
return TgolKeyStore.DELETE_AUDITS_VIEW_NAME;
}
use of org.asqatasun.webapp.exception.ForbiddenUserException in project Asqatasun by Asqatasun.
the class ContractManagementController method displayManageContractsAdminPage.
/**
* @param userId
* @param request
* @param response
* @param model
* @return The pages audit set-up form page
*/
@RequestMapping(value = TgolKeyStore.MANAGE_CONTRACTS_URL, method = RequestMethod.GET)
@Secured({ TgolKeyStore.ROLE_ADMIN_KEY })
public String displayManageContractsAdminPage(@RequestParam(TgolKeyStore.USER_ID_KEY) String userId, HttpServletRequest request, HttpServletResponse response, Model model) {
Long lUserId;
try {
lUserId = Long.valueOf(userId);
} catch (NumberFormatException nfe) {
throw new ForbiddenUserException();
}
if (request.getSession().getAttribute(TgolKeyStore.DELETED_CONTRACT_NAME_KEY) != null) {
model.addAttribute(TgolKeyStore.DELETED_CONTRACT_NAME_KEY, request.getSession().getAttribute(TgolKeyStore.DELETED_CONTRACT_NAME_KEY));
request.getSession().removeAttribute(TgolKeyStore.DELETED_CONTRACT_NAME_KEY);
}
if (request.getSession().getAttribute(TgolKeyStore.DELETED_CONTRACT_AUDITS_NAME_KEY) != null) {
model.addAttribute(TgolKeyStore.DELETED_CONTRACT_AUDITS_NAME_KEY, request.getSession().getAttribute(TgolKeyStore.DELETED_CONTRACT_AUDITS_NAME_KEY));
request.getSession().removeAttribute(TgolKeyStore.DELETED_CONTRACT_AUDITS_NAME_KEY);
}
if (request.getSession().getAttribute(TgolKeyStore.UPDATED_CONTRACT_NAME_KEY) != null) {
model.addAttribute(TgolKeyStore.UPDATED_CONTRACT_NAME_KEY, request.getSession().getAttribute(TgolKeyStore.UPDATED_CONTRACT_NAME_KEY));
request.getSession().removeAttribute(TgolKeyStore.UPDATED_CONTRACT_NAME_KEY);
}
if (request.getSession().getAttribute(TgolKeyStore.ADDED_CONTRACT_NAME_KEY) != null) {
model.addAttribute(TgolKeyStore.ADDED_CONTRACT_NAME_KEY, request.getSession().getAttribute(TgolKeyStore.ADDED_CONTRACT_NAME_KEY));
request.getSession().removeAttribute(TgolKeyStore.ADDED_CONTRACT_NAME_KEY);
}
User userToManage = getUserDataService().read(lUserId);
model.addAttribute(TgolKeyStore.CONTRACT_LIST_KEY, ContractSortCommandHelper.prepareContract(userToManage, null, displayOptionFieldsBuilderList, model));
model.addAttribute(TgolKeyStore.USER_NAME_KEY, userToManage.getEmail1());
return TgolKeyStore.MANAGE_CONTRACTS_VIEW_NAME;
}
Aggregations