Search in sources :

Example 6 with PostAuthorize

use of org.springframework.security.access.prepost.PostAuthorize in project ArachneCentralAPI by OHDSI.

the class OrganizationServiceImpl method update.

@Override
@Transactional
@PreAuthorize("hasPermission(#organization, 'Organization', " + "T(com.odysseusinc.arachne.portal.security.ArachnePermission).UPDATE_ORGANIZATION)")
@PostAuthorize("@ArachnePermissionEvaluator.addPermissions(principal, returnObject )")
public Organization update(Organization organization) {
    final Organization exist = getByName(organization.getName());
    final String name = organization.getName();
    if (Objects.nonNull(name)) {
        exist.setName(name);
    }
    final Organization saved = organizationRepository.save(exist);
    logger.info("{} updated", saved);
    return saved;
}
Also used : Organization(com.odysseusinc.arachne.portal.model.Organization) PostAuthorize(org.springframework.security.access.prepost.PostAuthorize) PreAuthorize(org.springframework.security.access.prepost.PreAuthorize) Transactional(org.springframework.transaction.annotation.Transactional)

Example 7 with PostAuthorize

use of org.springframework.security.access.prepost.PostAuthorize in project xm-ms-entity by xm-online.

the class XmEntitySpecResource method getTypeSpec.

/**
 * GET  /xm-entity-specs/:key : get the "key" typeSpec.
 *
 * @param key the key of the typeSpec to retrieve
 * @return the ResponseEntity with status 200 (OK) and with body the typeSpec, or with status 404 (Not Found)
 */
@GetMapping("/xm-entity-specs/{key}")
@Timed
@PostAuthorize("hasPermission({'returnObject': returnObject.body}, 'XMENTITY_SPEC.GET_LIST.ITEM')")
public ResponseEntity<TypeSpec> getTypeSpec(@PathVariable String key) {
    log.debug("REST request to get TypeSpec : {}", key);
    TypeSpec typeSpec = xmEntitySpecService.findTypeByKey(key);
    return RespContentUtil.wrapOrNotFound(Optional.ofNullable(typeSpec));
}
Also used : TypeSpec(com.icthh.xm.ms.entity.domain.spec.TypeSpec) GetMapping(org.springframework.web.bind.annotation.GetMapping) Timed(com.codahale.metrics.annotation.Timed) PostAuthorize(org.springframework.security.access.prepost.PostAuthorize)

Aggregations

PostAuthorize (org.springframework.security.access.prepost.PostAuthorize)7 PreAuthorize (org.springframework.security.access.prepost.PreAuthorize)5 Date (java.util.Date)3 NotExistException (com.odysseusinc.arachne.portal.exception.NotExistException)2 ValidationException (com.odysseusinc.arachne.portal.exception.ValidationException)2 ArrayList (java.util.ArrayList)2 List (java.util.List)2 Transactional (org.springframework.transaction.annotation.Transactional)2 Timed (com.codahale.metrics.annotation.Timed)1 EntityGraph (com.cosium.spring.data.jpa.entity.graph.domain.EntityGraph)1 TypeSpec (com.icthh.xm.ms.entity.domain.spec.TypeSpec)1 CommonFileUtils (com.odysseusinc.arachne.commons.utils.CommonFileUtils)1 UUIDGenerator (com.odysseusinc.arachne.commons.utils.UUIDGenerator)1 ApproveDTO (com.odysseusinc.arachne.portal.api.v1.dto.ApproveDTO)1 UpdateNotificationDTO (com.odysseusinc.arachne.portal.api.v1.dto.UpdateNotificationDTO)1 WebSecurityConfig (com.odysseusinc.arachne.portal.config.WebSecurityConfig)1 NoExecutableFileException (com.odysseusinc.arachne.portal.exception.NoExecutableFileException)1 NotUniqueException (com.odysseusinc.arachne.portal.exception.NotUniqueException)1 PermissionDeniedException (com.odysseusinc.arachne.portal.exception.PermissionDeniedException)1 Analysis (com.odysseusinc.arachne.portal.model.Analysis)1