Search in sources :

Example 91 with Secured

use of org.springframework.security.access.annotation.Secured in project cia by Hack23.

the class PartyRoleGhantPageModContentFactoryImpl method createContent.

@Secured({ "ROLE_ANONYMOUS", "ROLE_USER", "ROLE_ADMIN" })
@Override
public Layout createContent(final String parameters, final MenuBar menuBar, final Panel panel) {
    final VerticalLayout panelContent = createPanelContent();
    final String pageId = getPageId(parameters);
    final DataContainer<ViewRiksdagenParty, String> dataContainer = getApplicationManager().getDataContainer(ViewRiksdagenParty.class);
    final ViewRiksdagenParty viewRiksdagenParty = dataContainer.load(pageId);
    if (viewRiksdagenParty != null) {
        getPartyMenuItemFactory().createPartyMenuBar(menuBar, pageId);
        LabelFactory.createHeader2Label(panelContent, ROLE_GHANT);
        final DataContainer<ViewRiksdagenPartyRoleMember, String> partyRoleMemberDataContainer = getApplicationManager().getDataContainer(ViewRiksdagenPartyRoleMember.class);
        final List<ViewRiksdagenPartyRoleMember> allMembers = partyRoleMemberDataContainer.getAllBy(ViewRiksdagenPartyRoleMember_.party, viewRiksdagenParty.getPartyId());
        partyGhantChartManager.createRoleGhant(panelContent, allMembers);
        pageCompleted(parameters, panel, pageId, viewRiksdagenParty);
    }
    return panelContent;
}
Also used : ViewRiksdagenParty(com.hack23.cia.model.internal.application.data.party.impl.ViewRiksdagenParty) ViewRiksdagenPartyRoleMember(com.hack23.cia.model.internal.application.data.party.impl.ViewRiksdagenPartyRoleMember) VerticalLayout(com.vaadin.ui.VerticalLayout) Secured(org.springframework.security.access.annotation.Secured)

Example 92 with Secured

use of org.springframework.security.access.annotation.Secured in project cia by Hack23.

the class PartyVoteHistoryPageModContentFactoryImpl method createContent.

@Secured({ "ROLE_ANONYMOUS", "ROLE_USER", "ROLE_ADMIN" })
@Override
public Layout createContent(final String parameters, final MenuBar menuBar, final Panel panel) {
    final VerticalLayout panelContent = createPanelContent();
    final String pageId = getPageId(parameters);
    final DataContainer<ViewRiksdagenParty, String> dataContainer = getApplicationManager().getDataContainer(ViewRiksdagenParty.class);
    final ViewRiksdagenParty viewRiksdagenParty = dataContainer.load(pageId);
    if (viewRiksdagenParty != null) {
        getPartyMenuItemFactory().createPartyMenuBar(menuBar, pageId);
        LabelFactory.createHeader2Label(panelContent, VOTE_HISTORY);
        getGridFactory().createBasicBeanItemNestedPropertiesGrid(panelContent, ViewRiksdagenVoteDataBallotPartySummary.class, viewRiksdagenVoteDataBallotPartySummaryChartDataManager.findByValue(pageId), BALLOTS, NESTED_PROPERTIES, COLUMN_ORDER, HIDE_COLUMNS, LISTENER, EMBEDDED_ID_BALLOT_ID, null);
        pageCompleted(parameters, panel, pageId, viewRiksdagenParty);
    }
    return panelContent;
}
Also used : ViewRiksdagenParty(com.hack23.cia.model.internal.application.data.party.impl.ViewRiksdagenParty) VerticalLayout(com.vaadin.ui.VerticalLayout) Secured(org.springframework.security.access.annotation.Secured)

Example 93 with Secured

use of org.springframework.security.access.annotation.Secured in project Gemma by PavlidisLab.

the class UserManagerImpl method changePassword.

@Override
@Secured({ "GROUP_USER" })
@Transactional
public void changePassword(String oldPassword, String newPassword) throws AuthenticationException {
    Authentication currentAuthentication = SecurityContextHolder.getContext().getAuthentication();
    if (currentAuthentication == null) {
        // This would indicate bad coding somewhere
        throw new AccessDeniedException("Can't change password as no Authentication object found in context " + "for current user.");
    }
    String username = currentAuthentication.getName();
    logger.debug("Changing password for user '" + username + "'");
    User u = this.loadUser(username);
    u.setPassword(newPassword);
    userService.update(u);
    SecurityContextHolder.getContext().setAuthentication(this.createNewAuthentication(currentAuthentication, newPassword));
    userCache.removeUserFromCache(username);
}
Also used : AccessDeniedException(org.springframework.security.access.AccessDeniedException) User(gemma.gsec.model.User) Authentication(org.springframework.security.core.Authentication) Secured(org.springframework.security.access.annotation.Secured) Transactional(org.springframework.transaction.annotation.Transactional)

Example 94 with Secured

use of org.springframework.security.access.annotation.Secured in project Gemma by PavlidisLab.

the class UserManagerImpl method createUser.

@Override
@Secured({ "IS_AUTHENTICATED_ANONYMOUSLY", "RUN_AS_ADMIN" })
@Transactional
public void createUser(UserDetails user) {
    /*
         * UserDetails is not an entity, so this method is not directly managed by the Audit or ACL advice. However, it
         * runs in a transaction and calls two service methods which are intercepted. This means it is intercepted
         * before the transaction is flushed.
         */
    this.validateUserName(user.getUsername());
    User u = ubic.gemma.model.common.auditAndSecurity.User.Factory.newInstance();
    u.setUserName(user.getUsername());
    u.setPassword(user.getPassword());
    u.setEnabled(user.isEnabled());
    if (user instanceof UserDetailsImpl) {
        u.setSignupToken(((UserDetailsImpl) user).getSignupToken());
        u.setSignupTokenDatestamp(((UserDetailsImpl) user).getSignupTokenDatestamp());
    }
    if (user instanceof UserDetailsImpl) {
        u.setEmail(((UserDetailsImpl) user).getEmail());
    }
    try {
        u = userService.create(u);
    } catch (UserExistsException e) {
        throw new RuntimeException(e);
    }
    // Add the user to the default user group.
    UserGroup g = this.loadGroup(AuthorityConstants.USER_GROUP_NAME);
    userService.addUserToGroup(g, u);
/*
         * We don't log the user in automatically, because we require that new users click a confirmation link in an
         * email.
         */
}
Also used : UserDetailsImpl(gemma.gsec.authentication.UserDetailsImpl) UserExistsException(gemma.gsec.authentication.UserExistsException) User(gemma.gsec.model.User) UserGroup(gemma.gsec.model.UserGroup) Secured(org.springframework.security.access.annotation.Secured) Transactional(org.springframework.transaction.annotation.Transactional)

Example 95 with Secured

use of org.springframework.security.access.annotation.Secured in project Gemma by PavlidisLab.

the class TwitterOutboundImpl method sendManualTweet.

@Override
@Secured({ "GROUP_ADMIN" })
public void sendManualTweet(String feed) {
    TwitterOutboundImpl.log.debug("Checking if Twitter is enabled");
    if (!Settings.getBoolean("gemma.twitter.enabled")) {
        TwitterOutboundImpl.log.info("Twitter is disabled.");
        return;
    }
    if (StringUtils.isNotBlank(feed)) {
        TwitterOutboundImpl.log.info("Sending out tweet: '" + feed + "'");
        String consumerKey = Settings.getString("twitter.consumer-key");
        String consumerSecret = Settings.getString("twitter.consumer-secret");
        String accessToken = Settings.getString("twitter.access-token");
        String accessTokenSecret = Settings.getString("twitter.access-token-secret");
        Twitter twitter = new TwitterTemplate(consumerKey, consumerSecret, accessToken, accessTokenSecret);
        StatusDetails metadata = new StatusDetails();
        metadata.setWrapLinks(true);
        try {
            Tweet tweet = twitter.timelineOperations().updateStatus(feed, metadata);
            TwitterOutboundImpl.log.info("tweet info:" + tweet.toString());
        } catch (Exception e) {
            TwitterOutboundImpl.log.info(e.toString());
            e.printStackTrace();
        }
    }
}
Also used : TwitterTemplate(org.springframework.social.twitter.api.impl.TwitterTemplate) Tweet(org.springframework.social.twitter.api.Tweet) StatusDetails(org.springframework.social.twitter.api.StatusDetails) Twitter(org.springframework.social.twitter.api.Twitter) Secured(org.springframework.security.access.annotation.Secured)

Aggregations

Secured (org.springframework.security.access.annotation.Secured)260 VerticalLayout (com.vaadin.ui.VerticalLayout)117 RequestMapping (org.springframework.web.bind.annotation.RequestMapping)52 ForbiddenUserException (org.asqatasun.webapp.exception.ForbiddenUserException)23 HorizontalLayout (com.vaadin.ui.HorizontalLayout)20 CollectSurvey (org.openforis.collect.model.CollectSurvey)20 UserAccount (com.hack23.cia.model.internal.application.user.impl.UserAccount)18 Contract (org.asqatasun.entity.contract.Contract)17 ForbiddenPageException (org.asqatasun.webapp.exception.ForbiddenPageException)16 Timed (com.codahale.metrics.annotation.Timed)14 ViewRiksdagenParty (com.hack23.cia.model.internal.application.data.party.impl.ViewRiksdagenParty)14 CreateApplicationEventRequest (com.hack23.cia.service.api.action.application.CreateApplicationEventRequest)14 URI (java.net.URI)14 User (org.asqatasun.entity.user.User)14 ViewRiksdagenCommittee (com.hack23.cia.model.internal.application.data.committee.impl.ViewRiksdagenCommittee)13 ViewRiksdagenPolitician (com.hack23.cia.model.internal.application.data.politician.impl.ViewRiksdagenPolitician)13 SessionState (org.openforis.collect.web.session.SessionState)13 CollectRecord (org.openforis.collect.model.CollectRecord)12 DocumentElement (com.hack23.cia.model.external.riksdagen.dokumentlista.impl.DocumentElement)11 ArrayList (java.util.ArrayList)11