Example 1 with WebApplicationException
use of org.rembx.jeeshop.rest.WebApplicationException in project jeeshop by remibantos.
the class Orders method find.
@GET
@Path("/{orderId}")
@Produces(MediaType.APPLICATION_JSON)
@RolesAllowed({ ADMIN, ADMIN_READONLY, USER })
public Order find(@PathParam("orderId") @NotNull Long orderId, @QueryParam("enhanced") Boolean enhanced) {
Order order = entityManager.find(Order.class, orderId);
if (sessionContext.isCallerInRole(USER) && !sessionContext.isCallerInRole(ADMIN)) {
User authenticatedUser = userFinder.findByLogin(sessionContext.getCallerPrincipal().getName());
if (!order.getUser().equals(authenticatedUser)) {
throw new WebApplicationException(Response.Status.UNAUTHORIZED);
}
}
if (enhanced != null && enhanced) {
orderFinder.enhanceOrder(order);
}
checkNotNull(order);
return order;
}
Also used :
Order(org.rembx.jeeshop.order.model.Order)
User(org.rembx.jeeshop.user.model.User)
WebApplicationException(org.rembx.jeeshop.rest.WebApplicationException)
RolesAllowed(javax.annotation.security.RolesAllowed)
Example 2 with WebApplicationException
use of org.rembx.jeeshop.rest.WebApplicationException in project jeeshop by remibantos.
the class Catalogs method findPresentationsLocales.
@GET
@Path("/{catalogId}/presentationslocales")
@Produces(MediaType.APPLICATION_JSON)
@RolesAllowed({ ADMIN, STORE_ADMIN, ADMIN_READONLY })
public Set<String> findPresentationsLocales(@Context SecurityContext securityContext, @PathParam("catalogId") @NotNull Long catalogId) {
Catalog catalog = entityManager.find(Catalog.class, catalogId);
checkNotNull(catalog);
if (!isAdminUser(securityContext) && !isOwner(securityContext, catalog.getOwner()))
throw new WebApplicationException(Response.Status.FORBIDDEN);
return catalog.getPresentationByLocale().keySet();
}
Also used :
WebApplicationException(org.rembx.jeeshop.rest.WebApplicationException)
Catalog(org.rembx.jeeshop.catalog.model.Catalog)
RolesAllowed(javax.annotation.security.RolesAllowed)
Example 3 with WebApplicationException
use of org.rembx.jeeshop.rest.WebApplicationException in project jeeshop by remibantos.
the class Catalogs method modify.
@PUT
@Consumes(MediaType.APPLICATION_JSON)
@Produces(MediaType.APPLICATION_JSON)
@Transactional
@RolesAllowed({ ADMIN, STORE_ADMIN })
public Catalog modify(@Context SecurityContext securityContext, Catalog catalogToModify) {
Catalog originalCatalog = entityManager.find(Catalog.class, catalogToModify.getId());
checkNotNull(originalCatalog);
if (!isAdminUser(securityContext) && !isOwner(securityContext, originalCatalog.getOwner()))
throw new WebApplicationException(Response.Status.FORBIDDEN);
if (catalogToModify.getRootCategoriesIds() != null) {
List<Category> newCategories = new ArrayList<>();
catalogToModify.getRootCategoriesIds().forEach(categoryId -> newCategories.add(entityManager.find(Category.class, categoryId)));
catalogToModify.setRootCategories(newCategories);
} else {
catalogToModify.setRootCategories(originalCatalog.getRootCategories());
}
catalogToModify.setPresentationByLocale(originalCatalog.getPresentationByLocale());
return entityManager.merge(catalogToModify);
}
Also used :
Category(org.rembx.jeeshop.catalog.model.Category)
WebApplicationException(org.rembx.jeeshop.rest.WebApplicationException)
ArrayList(java.util.ArrayList)
Catalog(org.rembx.jeeshop.catalog.model.Catalog)
RolesAllowed(javax.annotation.security.RolesAllowed)
Transactional(javax.transaction.Transactional)
Example 4 with WebApplicationException
use of org.rembx.jeeshop.rest.WebApplicationException in project jeeshop by remibantos.
the class Products method findPresentationsLocales.
@GET
@Path("/{productId}/presentationslocales")
@Produces(MediaType.APPLICATION_JSON)
@RolesAllowed({ ADMIN, STORE_ADMIN, ADMIN_READONLY })
public Set<String> findPresentationsLocales(@Context SecurityContext securityContext, @PathParam("productId") @NotNull Long productId) {
Product product = entityManager.find(Product.class, productId);
checkNotNull(product);
if (!isAdminUser(securityContext) && !isOwner(securityContext, product.getOwner()))
throw new WebApplicationException(Response.Status.FORBIDDEN);
return product.getPresentationByLocale().keySet();
}
Also used :
WebApplicationException(org.rembx.jeeshop.rest.WebApplicationException)
RolesAllowed(javax.annotation.security.RolesAllowed)
Example 5 with WebApplicationException
use of org.rembx.jeeshop.rest.WebApplicationException in project jeeshop by remibantos.
the class CatalogItemFinderTest method find_NotVisibleCatalogItem_ShouldThrowForbiddenException.
@Test
public void find_NotVisibleCatalogItem_ShouldThrowForbiddenException() {
try {
instance.filterVisible(new Catalog(), null);
fail("should have thrown ex");
} catch (WebApplicationException e) {
assertEquals(Response.Status.FORBIDDEN, e.getResponse().getStatusInfo());
}
}
Also used :
WebApplicationException(org.rembx.jeeshop.rest.WebApplicationException)
Catalog(org.rembx.jeeshop.catalog.model.Catalog)
Test(org.junit.jupiter.api.Test)
Aggregations
WebApplicationException (org.rembx.jeeshop.rest.WebApplicationException)55
Test (org.junit.jupiter.api.Test)34
RolesAllowed (javax.annotation.security.RolesAllowed)19
Transactional (javax.transaction.Transactional)9
Catalog (org.rembx.jeeshop.catalog.model.Catalog)9
User (org.rembx.jeeshop.user.model.User)9
Store (org.rembx.jeeshop.catalog.model.Store)7
TestUser (org.rembx.jeeshop.user.test.TestUser)7
MailTemplate (org.rembx.jeeshop.user.model.MailTemplate)5
Category (org.rembx.jeeshop.catalog.model.Category)4
SKU (org.rembx.jeeshop.catalog.model.SKU)4
TestCatalog (org.rembx.jeeshop.catalog.test.TestCatalog)4
Order (org.rembx.jeeshop.order.model.Order)4
BasicUserPrincipal (org.apache.http.auth.BasicUserPrincipal)3
Product (org.rembx.jeeshop.catalog.model.Product)3
Address (org.rembx.jeeshop.user.model.Address)3
TestMailTemplate (org.rembx.jeeshop.user.test.TestMailTemplate)3
ArrayList (java.util.ArrayList)2
Date (java.util.Date)2
PermitAll (javax.annotation.security.PermitAll)2
