use of org.springframework.security.access.annotation.Secured in project cia by Hack23.
the class DocumentActivityPageModContentFactoryImpl method createContent.
@Secured({ "ROLE_ANONYMOUS", "ROLE_USER", "ROLE_ADMIN" })
@Override
public Layout createContent(final String parameters, final MenuBar menuBar, final Panel panel) {
final VerticalLayout panelContent = createPanelContent();
final String pageId = getPageId(parameters);
final DataContainer<DocumentElement, String> documentElementDataContainer = getApplicationManager().getDataContainer(DocumentElement.class);
final DataContainer<DocumentStatusContainer, String> documentStatusContainerDataContainer = getApplicationManager().getDataContainer(DocumentStatusContainer.class);
getApplicationManager().getDataContainer(CommitteeProposalComponentData.class);
final DocumentElement documentElement = documentElementDataContainer.load(pageId);
if (documentElement != null) {
getDocumentMenuItemFactory().createDocumentMenuBar(menuBar, pageId);
final DocumentStatusContainer documentStatusContainer = documentStatusContainerDataContainer.findByQueryProperty(DocumentStatusContainer.class, DocumentStatusContainer_.document, DocumentData.class, DocumentData_.id, pageId);
LabelFactory.createHeader2Label(panelContent, DOCUMENT_ACTIVITY);
if (documentStatusContainer != null && documentStatusContainer.getDocumentActivityContainer() != null && documentStatusContainer.getDocumentActivityContainer().getDocumentActivities() != null) {
getGridFactory().createBasicBeanItemGrid(panelContent, DocumentActivityData.class, documentStatusContainer.getDocumentActivityContainer().getDocumentActivities(), DOCUMENT_ACTIVITIES, COLUMN_ORDER, HIDE_COLUMNS, null, null, null);
}
panel.setContent(panelContent);
getPageActionEventHelper().createPageEvent(ViewAction.VISIT_DOCUMENT_VIEW, ApplicationEventGroup.USER, NAME, parameters, pageId);
}
return panelContent;
}
use of org.springframework.security.access.annotation.Secured in project cia by Hack23.
the class LogoutService method processService.
@Override
@Secured({ "ROLE_USER", "ROLE_ADMIN" })
public LogoutResponse processService(final LogoutRequest serviceRequest) {
final LogoutResponse inputValidation = inputValidation(serviceRequest);
if (inputValidation != null) {
return inputValidation;
}
final CreateApplicationEventRequest eventRequest = createApplicationEventForService(serviceRequest);
final UserAccount userAccount = getUserAccountFromSecurityContext();
LogoutResponse response;
if (userAccount != null) {
eventRequest.setElementId(userAccount.getEmail());
eventRequest.setUserId(userAccount.getUserId());
final Collection<SimpleGrantedAuthority> authorities = new ArrayList<>();
authorities.add(new SimpleGrantedAuthority("ROLE_ANONYMOUS"));
final AnonymousAuthenticationToken anonymousAuthenticationToken = new AnonymousAuthenticationToken(serviceRequest.getSessionId(), "ROLE_ANONYMOUS", authorities);
SecurityContextHolder.getContext().setAuthentication(anonymousAuthenticationToken);
response = new LogoutResponse(ServiceResult.SUCCESS);
} else {
response = new LogoutResponse(ServiceResult.FAILURE);
}
eventRequest.setApplicationMessage(response.getResult().toString());
createApplicationEventService.processService(eventRequest);
LOGGER.info("Event: {}", eventRequest);
return response;
}
use of org.springframework.security.access.annotation.Secured in project cia by Hack23.
the class ComplianceCheckServiceImpl method processService.
@Override
@Secured({ "ROLE_USER", "ROLE_ADMIN", "ROLE_ANONYMOUS" })
public ComplianceCheckResponse processService(final ComplianceCheckRequest serviceRequest) {
final ComplianceCheckResponse inputValidation = inputValidation(serviceRequest);
if (inputValidation != null) {
return inputValidation;
}
LOGGER.info("{}", serviceRequest.getClass().getSimpleName());
final CreateApplicationEventRequest eventRequest = createApplicationEventForService(serviceRequest);
final UserAccount userAccount = getUserAccountFromSecurityContext();
if (userAccount != null) {
eventRequest.setUserId(userAccount.getUserId());
}
final ComplianceCheckResponse response;
final Set<ConstraintViolation<ComplianceCheckRequest>> requestConstraintViolations = validateRequest(serviceRequest);
if (!requestConstraintViolations.isEmpty()) {
response = handleInputViolations(eventRequest, requestConstraintViolations, new ComplianceCheckResponse(ServiceResult.FAILURE));
} else {
final List<ComplianceCheck> complianceList = rulesEngine.checkRulesCompliance();
final List<RuleViolation> ruleViolations = new ArrayList<>();
for (final ComplianceCheck check : complianceList) {
ruleViolations.addAll(check.getRuleViolations());
}
Collections.sort(complianceList, new Comparator<ComplianceCheck>() {
@Override
public int compare(final ComplianceCheck o1, final ComplianceCheck o2) {
return Integer.compare(o2.getRuleViolations().size(), o1.getRuleViolations().size());
}
});
response = new ComplianceCheckResponse(ServiceResult.SUCCESS);
response.setList(complianceList);
response.setStatusMap(ruleViolations.stream().collect(Collectors.groupingBy(RuleViolation::getStatus)));
response.setResourceTypeMap(ruleViolations.stream().collect(Collectors.groupingBy(RuleViolation::getResourceType)));
eventRequest.setApplicationMessage(response.getResult().toString());
}
getCreateApplicationEventService().processService(eventRequest);
return response;
}
use of org.springframework.security.access.annotation.Secured in project cia by Hack23.
the class RemoveDataService method processService.
@Override
@Secured({ "ROLE_ADMIN" })
public RemoveDataResponse processService(final RemoveDataRequest serviceRequest) {
final RemoveDataResponse inputValidation = inputValidation(serviceRequest);
if (inputValidation != null) {
return inputValidation;
}
final CreateApplicationEventRequest eventRequest = createApplicationEventForService(serviceRequest);
final UserAccount userAccount = getUserAccountFromSecurityContext();
if (userAccount != null) {
eventRequest.setUserId(userAccount.getUserId());
}
final RemoveDataResponse response = new RemoveDataResponse(ServiceResult.SUCCESS);
switch(serviceRequest.getDataType()) {
case POLITICIAN:
removeDataManager.removePersonData();
break;
case DOCUMENTS:
removeDataManager.removeDocuments();
removeDataManager.removeCommitteeProposals();
removeDataManager.removeDocumentStatus();
break;
case APPLICATION_HISTORY:
removeDataManager.removeApplicationHistory();
break;
}
eventRequest.setApplicationMessage(response.getResult().toString());
createApplicationEventService.processService(eventRequest);
return response;
}
use of org.springframework.security.access.annotation.Secured in project cia by Hack23.
the class ApplicationManagerImpl method service.
@Secured({ "ROLE_ANONYMOUS", "ROLE_USER", "ROLE_ADMIN" })
@Override
public ServiceResponse service(final ServiceRequest serviceRequest) {
final BusinessService businessService = serviceRequestBusinessServiceMap.get(serviceRequest.getClass());
ServiceResponse serviceResponse = null;
if (businessService != null) {
serviceResponse = businessService.processService(serviceRequest);
}
return serviceResponse;
}
Aggregations