Example 6 with PostAuthorize
use of org.springframework.security.access.prepost.PostAuthorize in project ArachneCentralAPI by OHDSI.
the class OrganizationServiceImpl method update.
@Override
@Transactional
@PreAuthorize("hasPermission(#organization, 'Organization', " + "T(com.odysseusinc.arachne.portal.security.ArachnePermission).UPDATE_ORGANIZATION)")
@PostAuthorize("@ArachnePermissionEvaluator.addPermissions(principal, returnObject )")
public Organization update(Organization organization) {
final Organization exist = getByName(organization.getName());
final String name = organization.getName();
if (Objects.nonNull(name)) {
exist.setName(name);
}
final Organization saved = organizationRepository.save(exist);
logger.info("{} updated", saved);
return saved;
}
Also used :
Organization(com.odysseusinc.arachne.portal.model.Organization)
PostAuthorize(org.springframework.security.access.prepost.PostAuthorize)
PreAuthorize(org.springframework.security.access.prepost.PreAuthorize)
Transactional(org.springframework.transaction.annotation.Transactional)
Example 7 with PostAuthorize
use of org.springframework.security.access.prepost.PostAuthorize in project xm-ms-entity by xm-online.
the class XmEntitySpecResource method getTypeSpec.
/**
* GET /xm-entity-specs/:key : get the "key" typeSpec.
*
* @param key the key of the typeSpec to retrieve
* @return the ResponseEntity with status 200 (OK) and with body the typeSpec, or with status 404 (Not Found)
*/
@GetMapping("/xm-entity-specs/{key}")
@Timed
@PostAuthorize("hasPermission({'returnObject': returnObject.body}, 'XMENTITY_SPEC.GET_LIST.ITEM')")
public ResponseEntity<TypeSpec> getTypeSpec(@PathVariable String key) {
log.debug("REST request to get TypeSpec : {}", key);
TypeSpec typeSpec = xmEntitySpecService.findTypeByKey(key);
return RespContentUtil.wrapOrNotFound(Optional.ofNullable(typeSpec));
}
Also used :
TypeSpec(com.icthh.xm.ms.entity.domain.spec.TypeSpec)
GetMapping(org.springframework.web.bind.annotation.GetMapping)
Timed(com.codahale.metrics.annotation.Timed)
PostAuthorize(org.springframework.security.access.prepost.PostAuthorize)
Aggregations
PostAuthorize (org.springframework.security.access.prepost.PostAuthorize)7
PreAuthorize (org.springframework.security.access.prepost.PreAuthorize)5
Date (java.util.Date)3
NotExistException (com.odysseusinc.arachne.portal.exception.NotExistException)2
ValidationException (com.odysseusinc.arachne.portal.exception.ValidationException)2
ArrayList (java.util.ArrayList)2
List (java.util.List)2
Transactional (org.springframework.transaction.annotation.Transactional)2
Timed (com.codahale.metrics.annotation.Timed)1
EntityGraph (com.cosium.spring.data.jpa.entity.graph.domain.EntityGraph)1
TypeSpec (com.icthh.xm.ms.entity.domain.spec.TypeSpec)1
CommonFileUtils (com.odysseusinc.arachne.commons.utils.CommonFileUtils)1
UUIDGenerator (com.odysseusinc.arachne.commons.utils.UUIDGenerator)1
ApproveDTO (com.odysseusinc.arachne.portal.api.v1.dto.ApproveDTO)1
UpdateNotificationDTO (com.odysseusinc.arachne.portal.api.v1.dto.UpdateNotificationDTO)1
WebSecurityConfig (com.odysseusinc.arachne.portal.config.WebSecurityConfig)1
NoExecutableFileException (com.odysseusinc.arachne.portal.exception.NoExecutableFileException)1
NotUniqueException (com.odysseusinc.arachne.portal.exception.NotUniqueException)1
PermissionDeniedException (com.odysseusinc.arachne.portal.exception.PermissionDeniedException)1
Analysis (com.odysseusinc.arachne.portal.model.Analysis)1
