Search in sources :

Example 36 with Secured

use of org.springframework.security.access.annotation.Secured in project Asqatasun by Asqatasun.

the class ContractManagementController method submitDeleteContractConfirmation.

/**
     * 
     * @param request
     * @param response
     * @param model
     * @return 
     */
@RequestMapping(value = TgolKeyStore.DELETE_CONTRACT_URL, method = RequestMethod.POST)
@Secured(TgolKeyStore.ROLE_ADMIN_KEY)
public String submitDeleteContractConfirmation(HttpServletRequest request, HttpServletResponse response, Model model) {
    Object contractId = request.getSession().getAttribute(TgolKeyStore.CONTRACT_ID_TO_DELETE_KEY);
    Long lContractId;
    if (contractId instanceof Long) {
        lContractId = (Long) contractId;
    } else {
        try {
            lContractId = Long.valueOf(contractId.toString());
        } catch (NumberFormatException nfe) {
            throw new ForbiddenUserException();
        }
    }
    Contract contractToDelete = getContractDataService().read(lContractId);
    getContractDataService().delete(contractToDelete.getId());
    // to be updated
    if (getAuthenticatedUsername().equals(contractToDelete.getUser().getEmail1())) {
        updateCurrentUser(getUserDataService().read(contractToDelete.getUser().getId()));
    }
    request.getSession().removeAttribute(TgolKeyStore.CONTRACT_ID_TO_DELETE_KEY);
    request.getSession().setAttribute(TgolKeyStore.DELETED_CONTRACT_NAME_KEY, contractToDelete.getLabel());
    model.addAttribute(TgolKeyStore.USER_ID_KEY, contractToDelete.getUser().getId());
    return TgolKeyStore.MANAGE_CONTRACTS_VIEW_REDIRECT_NAME;
}
Also used : ForbiddenUserException(org.asqatasun.webapp.exception.ForbiddenUserException) Contract(org.asqatasun.webapp.entity.contract.Contract) Secured(org.springframework.security.access.annotation.Secured) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Aggregations

Secured (org.springframework.security.access.annotation.Secured)36 RequestMapping (org.springframework.web.bind.annotation.RequestMapping)29 ForbiddenUserException (org.asqatasun.webapp.exception.ForbiddenUserException)20 Contract (org.asqatasun.webapp.entity.contract.Contract)17 User (org.asqatasun.webapp.entity.user.User)14 ForbiddenPageException (org.asqatasun.webapp.exception.ForbiddenPageException)13 Audit (org.asqatasun.entity.audit.Audit)6 List (java.util.List)4 Scenario (org.asqatasun.webapp.entity.scenario.Scenario)3 Reference (org.asqatasun.entity.reference.Reference)2 Site (org.asqatasun.entity.subject.Site)2 WebResource (org.asqatasun.entity.subject.WebResource)2 Act (org.asqatasun.webapp.entity.contract.Act)2 AuditSetUpFormValidator (org.asqatasun.webapp.validator.AuditSetUpFormValidator)2 IOException (java.io.IOException)1 InputStream (java.io.InputStream)1 SSP (org.asqatasun.entity.audit.SSP)1 Test (org.asqatasun.entity.reference.Test)1 Page (org.asqatasun.entity.subject.Page)1 ScopeEnum (org.asqatasun.webapp.entity.contract.ScopeEnum)1