Search in sources :

Example 76 with PreAuthorize

use of org.springframework.security.access.prepost.PreAuthorize in project dhis2-core by dhis2.

the class EventController method getCsvEvents.

@RequestMapping(value = "", method = RequestMethod.GET, produces = { "application/csv", "application/csv+gzip", "text/csv" })
@PreAuthorize("hasRole('ALL') or hasRole('F_TRACKED_ENTITY_DATAVALUE_ADD') or hasRole('F_TRACKED_ENTITY_DATAVALUE_READ')")
public void getCsvEvents(@RequestParam(required = false) String program, @RequestParam(required = false) String programStage, @RequestParam(required = false) ProgramStatus programStatus, @RequestParam(required = false) Boolean followUp, @RequestParam(required = false) String trackedEntityInstance, @RequestParam(required = false) String orgUnit, @RequestParam(required = false) OrganisationUnitSelectionMode ouMode, @RequestParam(required = false) Date startDate, @RequestParam(required = false) Date endDate, @RequestParam(required = false) Date dueDateStart, @RequestParam(required = false) Date dueDateEnd, @RequestParam(required = false) Date lastUpdated, @RequestParam(required = false) Date lastUpdatedStartDate, @RequestParam(required = false) Date lastUpdatedEndDate, @RequestParam(required = false) EventStatus status, @RequestParam(required = false) String attributeCc, @RequestParam(required = false) String attributeCos, @RequestParam(required = false) Integer page, @RequestParam(required = false) Integer pageSize, @RequestParam(required = false) boolean totalPages, @RequestParam(required = false) boolean skipPaging, @RequestParam(required = false) String order, @RequestParam(required = false) String attachment, @RequestParam(required = false, defaultValue = "false") boolean includeDeleted, @RequestParam(required = false, defaultValue = "false") boolean skipHeader, IdSchemes idSchemes, HttpServletResponse response, HttpServletRequest request) throws IOException, WebMessageException {
    boolean allowNoAttrOptionCombo = trackedEntityInstance != null && entityInstanceService.getTrackedEntityInstance(trackedEntityInstance) != null;
    DataElementCategoryOptionCombo attributeOptionCombo = inputUtils.getAttributeOptionCombo(attributeCc, attributeCos, allowNoAttrOptionCombo);
    if (attributeOptionCombo == null && !allowNoAttrOptionCombo) {
        throw new WebMessageException(WebMessageUtils.conflict("Illegal attribute option combo identifier: " + attributeCc + " " + attributeCos));
    }
    lastUpdatedStartDate = lastUpdatedStartDate != null ? lastUpdatedStartDate : lastUpdated;
    EventSearchParams params = eventService.getFromUrl(program, programStage, programStatus, followUp, orgUnit, ouMode, trackedEntityInstance, startDate, endDate, dueDateStart, dueDateEnd, lastUpdatedStartDate, lastUpdatedEndDate, status, attributeOptionCombo, idSchemes, page, pageSize, totalPages, skipPaging, getOrderParams(order), null, false, null, null, null, includeDeleted);
    Events events = eventService.getEvents(params);
    OutputStream outputStream = response.getOutputStream();
    response.setContentType("application/csv");
    if (ContextUtils.isAcceptCsvGzip(request)) {
        response.addHeader(ContextUtils.HEADER_CONTENT_TRANSFER_ENCODING, "binary");
        outputStream = new GZIPOutputStream(outputStream);
        response.setContentType("application/csv+gzip");
    }
    if (!StringUtils.isEmpty(attachment)) {
        response.addHeader("Content-Disposition", "attachment; filename=" + attachment);
    }
    csvEventService.writeEvents(outputStream, events, !skipHeader);
}
Also used : WebMessageException(org.hisp.dhis.dxf2.webmessage.WebMessageException) Events(org.hisp.dhis.dxf2.events.event.Events) GZIPOutputStream(java.util.zip.GZIPOutputStream) EventSearchParams(org.hisp.dhis.dxf2.events.event.EventSearchParams) GZIPOutputStream(java.util.zip.GZIPOutputStream) OutputStream(java.io.OutputStream) DataElementCategoryOptionCombo(org.hisp.dhis.dataelement.DataElementCategoryOptionCombo) PreAuthorize(org.springframework.security.access.prepost.PreAuthorize) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Example 77 with PreAuthorize

use of org.springframework.security.access.prepost.PreAuthorize in project dhis2-core by dhis2.

the class EnrollmentController method postEnrollmentXml.

@RequestMapping(value = "", method = RequestMethod.POST, consumes = MediaType.APPLICATION_XML_VALUE, produces = MediaType.APPLICATION_XML_VALUE)
@PreAuthorize("hasRole('ALL') or hasRole('F_PROGRAM_ENROLLMENT')")
public void postEnrollmentXml(@RequestParam(defaultValue = "CREATE") ImportStrategy strategy, ImportOptions importOptions, HttpServletRequest request, HttpServletResponse response) throws IOException {
    importOptions.setStrategy(strategy);
    InputStream inputStream = StreamUtils.wrapAndCheckCompressionFormat(request.getInputStream());
    ImportSummaries importSummaries = enrollmentService.addEnrollmentsXml(inputStream, importOptions);
    importSummaries.setImportOptions(importOptions);
    response.setContentType(MediaType.APPLICATION_XML_VALUE);
    if (importSummaries.getImportSummaries().size() == 1) {
        ImportSummary importSummary = importSummaries.getImportSummaries().get(0);
        importSummary.setImportOptions(importOptions);
        if (!importSummary.getStatus().equals(ImportStatus.ERROR)) {
            response.setHeader("Location", getResourcePath(request, importSummary));
        }
    }
    response.setStatus(HttpServletResponse.SC_CREATED);
    webMessageService.send(WebMessageUtils.importSummaries(importSummaries), response, request);
}
Also used : InputStream(java.io.InputStream) ImportSummary(org.hisp.dhis.dxf2.importsummary.ImportSummary) ImportSummaries(org.hisp.dhis.dxf2.importsummary.ImportSummaries) PreAuthorize(org.springframework.security.access.prepost.PreAuthorize) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Example 78 with PreAuthorize

use of org.springframework.security.access.prepost.PreAuthorize in project dhis2-core by dhis2.

the class ProgramMessageController method saveMessages.

// -------------------------------------------------------------------------
// POST
// -------------------------------------------------------------------------
@PreAuthorize("hasRole('ALL') or hasRole('F_MOBILE_SENDSMS')")
@RequestMapping(method = RequestMethod.POST, consumes = { "application/json" }, produces = { "application/json" })
public void saveMessages(HttpServletRequest request, HttpServletResponse response) throws IOException, WebMessageException {
    ProgramMessageBatch batch = renderService.fromJson(request.getInputStream(), ProgramMessageBatch.class);
    for (ProgramMessage programMessage : batch.getProgramMessages()) {
        programMessageService.validatePayload(programMessage);
    }
    BatchResponseStatus status = programMessageService.sendMessages(batch.getProgramMessages());
    response.setContentType(MediaType.APPLICATION_JSON_VALUE);
    renderService.toJson(response.getOutputStream(), status);
}
Also used : ProgramMessageBatch(org.hisp.dhis.program.message.ProgramMessageBatch) BatchResponseStatus(org.hisp.dhis.outboundmessage.BatchResponseStatus) ProgramMessage(org.hisp.dhis.program.message.ProgramMessage) PreAuthorize(org.springframework.security.access.prepost.PreAuthorize) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Example 79 with PreAuthorize

use of org.springframework.security.access.prepost.PreAuthorize in project dhis2-core by dhis2.

the class ProgramMessageController method getProgramMessages.

// -------------------------------------------------------------------------
// GET
// -------------------------------------------------------------------------
@PreAuthorize("hasRole('ALL') or hasRole('F_MOBILE_SENDSMS')")
@RequestMapping(method = RequestMethod.GET, produces = { "application/json" })
public void getProgramMessages(@RequestParam(required = false) Set<String> ou, @RequestParam(required = false) String programInstance, @RequestParam(required = false) String programStageInstance, @RequestParam(required = false) ProgramMessageStatus messageStatus, @RequestParam(required = false) Date afterDate, @RequestParam(required = false) Date beforeDate, @RequestParam(required = false) Integer page, @RequestParam(required = false) Integer pageSize, HttpServletRequest request, HttpServletResponse response) throws IOException, WebMessageException {
    ProgramMessageQueryParams params = programMessageService.getFromUrl(ou, programInstance, programStageInstance, messageStatus, page, pageSize, afterDate, beforeDate);
    if (programInstance == null && programStageInstance == null) {
        throw new WebMessageException(WebMessageUtils.conflict("ProgramInstance or ProgramStageInstance must be specified."));
    }
    List<ProgramMessage> programMessages = programMessageService.getProgramMessages(params);
    renderService.toJson(response.getOutputStream(), programMessages);
}
Also used : WebMessageException(org.hisp.dhis.dxf2.webmessage.WebMessageException) ProgramMessageQueryParams(org.hisp.dhis.program.message.ProgramMessageQueryParams) ProgramMessage(org.hisp.dhis.program.message.ProgramMessage) PreAuthorize(org.springframework.security.access.prepost.PreAuthorize) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Example 80 with PreAuthorize

use of org.springframework.security.access.prepost.PreAuthorize in project dhis2-core by dhis2.

the class TrackedEntityInstanceController method updateTrackedEntityInstanceXml.

// -------------------------------------------------------------------------
// UPDATE
// -------------------------------------------------------------------------
@RequestMapping(value = "/{id}", method = RequestMethod.PUT, consumes = MediaType.APPLICATION_XML_VALUE)
@PreAuthorize("hasRole('ALL') or hasRole('F_TRACKED_ENTITY_INSTANCE_ADD')")
public void updateTrackedEntityInstanceXml(@PathVariable String id, ImportOptions importOptions, HttpServletRequest request, HttpServletResponse response) throws IOException {
    InputStream inputStream = StreamUtils.wrapAndCheckCompressionFormat(request.getInputStream());
    ImportSummary importSummary = trackedEntityInstanceService.updateTrackedEntityInstanceXml(id, inputStream, importOptions);
    importSummary.setImportOptions(importOptions);
    webMessageService.send(WebMessageUtils.importSummary(importSummary), response, request);
}
Also used : InputStream(java.io.InputStream) ImportSummary(org.hisp.dhis.dxf2.importsummary.ImportSummary) PreAuthorize(org.springframework.security.access.prepost.PreAuthorize) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Aggregations

PreAuthorize (org.springframework.security.access.prepost.PreAuthorize)289 RequestMapping (org.springframework.web.bind.annotation.RequestMapping)234 ResponseBody (org.springframework.web.bind.annotation.ResponseBody)88 ApiOperation (io.swagger.annotations.ApiOperation)70 ModelAndView (org.springframework.web.servlet.ModelAndView)51 ResultCodeException (eu.bcvsolutions.idm.core.api.exception.ResultCodeException)44 ResponseEntity (org.springframework.http.ResponseEntity)41 ResponseStatus (org.springframework.web.bind.annotation.ResponseStatus)40 WebMessageException (org.hisp.dhis.dxf2.webmessage.WebMessageException)36 IOException (java.io.IOException)35 ServiceException (org.nhindirect.common.rest.exceptions.ServiceException)34 InputStream (java.io.InputStream)26 Date (java.util.Date)26 ArrayList (java.util.ArrayList)25 ImportSummary (org.hisp.dhis.dxf2.importsummary.ImportSummary)23 ConfigurationServiceException (org.nhindirect.config.service.ConfigurationServiceException)21 List (java.util.List)17 HttpHeaders (org.springframework.http.HttpHeaders)16 Grid (org.hisp.dhis.common.Grid)14 SearchDomainForm (org.nhindirect.config.ui.form.SearchDomainForm)14