use of org.springframework.security.access.prepost.PreAuthorize in project CzechIdMng by bcvsolutions.
the class IdmIdentityController method getGrantedAuthotrities.
/**
* Returns given identity's granted authorities
*
* @param backendId
* @return list of granted authorities
*/
@ResponseBody
@RequestMapping(value = "/{backendId}/authorities", method = RequestMethod.GET)
@PreAuthorize("hasAuthority('" + CoreGroupPermission.IDENTITY_READ + "')")
@ApiOperation(value = "Identity granted authorities", nickname = "getIdentityAuthorities", tags = { IdmIdentityController.TAG }, authorizations = { @Authorization(value = SwaggerConfig.AUTHENTICATION_BASIC, scopes = { @AuthorizationScope(scope = CoreGroupPermission.IDENTITY_READ, description = "") }), @Authorization(value = SwaggerConfig.AUTHENTICATION_CIDMST, scopes = { @AuthorizationScope(scope = CoreGroupPermission.IDENTITY_READ, description = "") }) })
public List<? extends GrantedAuthority> getGrantedAuthotrities(@ApiParam(value = "Identity's uuid identifier or username.", required = true) @PathVariable String backendId) {
IdmIdentityDto identity = getDto(backendId);
if (identity == null) {
throw new ResultCodeException(CoreResultCode.NOT_FOUND, ImmutableMap.of("entity", backendId));
}
checkAccess(identity, IdmBasePermission.READ);
//
return grantedAuthoritiesFactory.getGrantedAuthorities(identity.getUsername());
}
use of org.springframework.security.access.prepost.PreAuthorize in project CzechIdMng by bcvsolutions.
the class IdmScriptController method backup.
@ResponseBody
@RequestMapping(value = "/{backendId}/backup", method = RequestMethod.GET)
@PreAuthorize("hasAuthority('" + CoreGroupPermission.SCRIPT_READ + "')")
@ApiOperation(value = "Backup script", nickname = "backupScript", response = IdmScriptDto.class, tags = { IdmScriptController.TAG }, authorizations = { @Authorization(value = SwaggerConfig.AUTHENTICATION_BASIC, scopes = { @AuthorizationScope(scope = CoreGroupPermission.SCRIPT_READ, description = "") }), @Authorization(value = SwaggerConfig.AUTHENTICATION_CIDMST, scopes = { @AuthorizationScope(scope = CoreGroupPermission.SCRIPT_READ, description = "") }) }, notes = "Backup template to directory given in application properties.")
public ResponseEntity<?> backup(@ApiParam(value = "Script's uuid identifier or code.", required = true) @PathVariable @NotNull String backendId) {
IdmScriptDto script = service.get(backendId);
if (script == null) {
throw new ResultCodeException(CoreResultCode.NOT_FOUND, backendId);
}
service.backup(script);
return new ResponseEntity<>(toResource(script), HttpStatus.OK);
}
use of org.springframework.security.access.prepost.PreAuthorize in project CzechIdMng by bcvsolutions.
the class IdmTreeNodeController method saveFormValues.
/**
* Saves entity's form values
*
* @param backendId
* @param formValues
* @return
*/
@ResponseBody
@PreAuthorize("hasAuthority('" + CoreGroupPermission.TREENODE_UPDATE + "')")
@RequestMapping(value = "/{backendId}/form-values", method = RequestMethod.POST)
@ApiOperation(value = "Tree node form definition - save values", nickname = "postTreeNodeFormValues", tags = { IdmTreeNodeController.TAG })
public Resource<?> saveFormValues(@ApiParam(value = "Node's uuid identifier.", required = true) @PathVariable @NotNull String backendId, @ApiParam(value = "Code of form definition (default will be used if no code is given).", required = false, defaultValue = FormService.DEFAULT_DEFINITION_CODE) @RequestParam(name = "definitionCode", required = false) String definitionCode, @RequestBody @Valid List<IdmFormValueDto> formValues) {
IdmTreeNodeDto dto = getDto(backendId);
if (dto == null) {
throw new ResultCodeException(CoreResultCode.NOT_FOUND, ImmutableMap.of("entity", backendId));
}
//
IdmFormDefinitionDto formDefinition = formDefinitionController.getDefinition(IdmTreeNode.class, definitionCode);
//
return formDefinitionController.saveFormValues(dto, formDefinition, formValues);
}
use of org.springframework.security.access.prepost.PreAuthorize in project CzechIdMng by bcvsolutions.
the class IdmTreeNodeController method findRevision.
@ResponseBody
@RequestMapping(value = "{backendId}/revisions/{revId}", method = RequestMethod.GET)
@PreAuthorize("hasAuthority('" + CoreGroupPermission.AUDIT_READ + "')")
@ApiOperation(value = "Tree node audit - read revision detail", nickname = "getTreeNodeRevision", tags = { IdmTreeNodeController.TAG }, authorizations = { @Authorization(value = SwaggerConfig.AUTHENTICATION_BASIC, scopes = { @AuthorizationScope(scope = CoreGroupPermission.AUDIT_READ, description = "") }), @Authorization(value = SwaggerConfig.AUTHENTICATION_CIDMST, scopes = { @AuthorizationScope(scope = CoreGroupPermission.AUDIT_READ, description = "") }) })
public ResponseEntity<?> findRevision(@ApiParam(value = "Node's uuid identifier.", required = true) @PathVariable("backendId") String backendId, @ApiParam(value = "Revision identifier.", required = true) @PathVariable("revId") Long revId) {
IdmTreeNodeDto treeNode = getDto(backendId);
if (treeNode == null) {
throw new ResultCodeException(CoreResultCode.NOT_FOUND, ImmutableMap.of("treeNode", backendId));
}
IdmTreeNode revision;
try {
revision = this.auditService.findRevision(IdmTreeNode.class, treeNode.getId(), revId);
} catch (RevisionDoesNotExistException ex) {
throw new ResultCodeException(CoreResultCode.NOT_FOUND, ImmutableMap.of("revision", revId), ex);
}
// TODO: dto
return new ResponseEntity<>(revision, HttpStatus.OK);
}
use of org.springframework.security.access.prepost.PreAuthorize in project CzechIdMng by bcvsolutions.
the class IdmTreeNodeController method findRevisions.
@ResponseBody
@RequestMapping(value = "{backendId}/revisions", method = RequestMethod.GET)
@PreAuthorize("hasAuthority('" + CoreGroupPermission.AUDIT_READ + "')")
@ApiOperation(value = "Tree node audit - read all revisions", nickname = "getTreeNodeRevisions", tags = { IdmTreeNodeController.TAG }, authorizations = { @Authorization(value = SwaggerConfig.AUTHENTICATION_BASIC, scopes = { @AuthorizationScope(scope = CoreGroupPermission.AUDIT_READ, description = "") }), @Authorization(value = SwaggerConfig.AUTHENTICATION_CIDMST, scopes = { @AuthorizationScope(scope = CoreGroupPermission.AUDIT_READ, description = "") }) })
public Resources<?> findRevisions(@ApiParam(value = "Node's uuid identifier.", required = true) @PathVariable("backendId") String backendId, Pageable pageable) {
IdmTreeNodeDto treeNode = getDto(backendId);
if (treeNode == null) {
throw new ResultCodeException(CoreResultCode.NOT_FOUND, ImmutableMap.of("treeNode", backendId));
}
Page<IdmAuditDto> results = this.auditService.findRevisionsForEntity(IdmTreeNode.class.getSimpleName(), UUID.fromString(backendId), pageable);
return toResources(results, IdmTreeNode.class);
}
Aggregations