Example 96 with PreAuthorize
use of org.springframework.security.access.prepost.PreAuthorize in project uPortal by Jasig.
the class PermissionsRESTController method getAssignmentsForPrincipal.
@PreAuthorize("hasPermission('string', 'ALL', new org.apereo.portal.spring.security.evaluator.AuthorizableActivity('UP_PERMISSIONS', 'VIEW_PERMISSIONS'))")
@RequestMapping("/assignments/principal/{principal}.json")
public ModelAndView getAssignmentsForPrincipal(@PathVariable("principal") String principal, @RequestParam(value = "includeInherited", required = false) boolean includeInherited, HttpServletRequest request, HttpServletResponse response) {
JsonEntityBean entity = groupListHelper.getEntityForPrincipal(principal);
List<JsonPermission> permissions = getPermissionsForEntity(entity, includeInherited);
ModelAndView mv = new ModelAndView();
mv.addObject("assignments", permissions);
mv.setViewName("json");
return mv;
}
Also used :
JsonEntityBean(org.apereo.portal.layout.dlm.remoting.JsonEntityBean)
ModelAndView(org.springframework.web.servlet.ModelAndView)
PreAuthorize(org.springframework.security.access.prepost.PreAuthorize)
RequestMapping(org.springframework.web.bind.annotation.RequestMapping)
Example 97 with PreAuthorize
use of org.springframework.security.access.prepost.PreAuthorize in project uPortal by Jasig.
the class PermissionsRESTController method getOwners.
/**
* Provide a detailed view of the specified IPermissionOwner. This view should contain a list of
* the owner's defined activities.
*
* @param ownerParam
* @param req
* @param response
* @return
* @throws Exception
*/
@PreAuthorize("hasPermission('string', 'ALL', new org.apereo.portal.spring.security.evaluator.AuthorizableActivity('UP_PERMISSIONS', 'VIEW_PERMISSIONS'))")
@RequestMapping(value = "/permissions/owners/{owner}.json", method = RequestMethod.GET)
public ModelAndView getOwners(@PathVariable("owner") String ownerParam, HttpServletRequest req, HttpServletResponse response) throws Exception {
IPermissionOwner owner = null;
if (StringUtils.isNumeric(ownerParam)) {
Long id = Long.valueOf(ownerParam);
owner = permissionOwnerDao.getPermissionOwner(id);
} else {
owner = permissionOwnerDao.getPermissionOwner(ownerParam);
}
// if the IPermissionOwner was found, add it to the JSON model
if (owner != null) {
ModelAndView mv = new ModelAndView();
mv.addObject("owner", owner);
mv.setViewName("json");
return mv;
} else // otherwise return a 404 not found error code
{
response.setStatus(HttpServletResponse.SC_NOT_FOUND);
return null;
}
}
Also used :
ModelAndView(org.springframework.web.servlet.ModelAndView)
IPermissionOwner(org.apereo.portal.permission.IPermissionOwner)
PreAuthorize(org.springframework.security.access.prepost.PreAuthorize)
RequestMapping(org.springframework.web.bind.annotation.RequestMapping)
Example 98 with PreAuthorize
use of org.springframework.security.access.prepost.PreAuthorize in project nhin-d by DirectProject.
the class BundlesController method addMoreBundlesForm.
@PreAuthorize("hasRole('ROLE_ADMIN')")
@RequestMapping(value = "/addMoreBundlesForm", method = RequestMethod.GET)
public ModelAndView addMoreBundlesForm(@RequestHeader(value = "X-Requested-With", required = false) String requestedWith, HttpSession session, @ModelAttribute BundleForm simpleForm, @RequestParam(value = "domainName") String domainName, Model model) {
ModelAndView mav = new ModelAndView();
if (log.isDebugEnabled()) {
log.debug("Enter bundles/addMoreBundlesForm");
}
// Process data for Trust Bundle View
try {
// Get Trust Bundles
final Collection<TrustBundle> trustBundles = new ArrayList<TrustBundle>();
Collection<TrustBundle> newBundles = new ArrayList<TrustBundle>();
final Collection<TrustBundleDomainReltn> bundleRelationships = bundleService.getTrustBundlesByDomain(domainName, false);
final Collection<TrustBundle> allBundles = bundleService.getTrustBundles(false);
boolean bundleMatch = false;
if (bundleRelationships != null && !bundleRelationships.isEmpty()) {
for (TrustBundleDomainReltn relationship : bundleRelationships) {
trustBundles.add(relationship.getTrustBundle());
}
for (TrustBundle bundle : allBundles) {
bundleMatch = false;
for (TrustBundle subBundle : trustBundles) {
if (subBundle.getId() == bundle.getId()) {
bundleMatch = true;
}
}
if (!bundleMatch) {
newBundles.add(bundle);
}
}
} else {
newBundles = bundleService.getTrustBundles(false);
}
//if(trustBundles != null) {
model.addAttribute("trustBundles", newBundles);
//}
} catch (ServiceException e1) {
}
model.addAttribute("domainName", domainName);
BundleForm bform = new BundleForm();
bform.setId(0);
bform.setDomainName((String) session.getAttribute("currentDomainName"));
model.addAttribute("bundleForm", bform);
mav.setViewName("addMoreBundlesForm");
return mav;
}
Also used :
ServiceException(org.nhindirect.common.rest.exceptions.ServiceException)
BundleForm(org.nhindirect.config.ui.form.BundleForm)
ModelAndView(org.springframework.web.servlet.ModelAndView)
ArrayList(java.util.ArrayList)
TrustBundle(org.nhindirect.config.model.TrustBundle)
TrustBundleDomainReltn(org.nhindirect.config.model.TrustBundleDomainReltn)
PreAuthorize(org.springframework.security.access.prepost.PreAuthorize)
RequestMapping(org.springframework.web.bind.annotation.RequestMapping)
Example 99 with PreAuthorize
use of org.springframework.security.access.prepost.PreAuthorize in project nhin-d by DirectProject.
the class BundlesController method newBundleForm.
@PreAuthorize("hasRole('ROLE_ADMIN')")
@RequestMapping(value = "/newBundleForm", method = RequestMethod.GET)
public ModelAndView newBundleForm(@RequestHeader(value = "X-Requested-With", required = false) String requestedWith, HttpSession session, @ModelAttribute BundleForm simpleForm, Model model) {
ModelAndView mav = new ModelAndView();
if (log.isDebugEnabled()) {
log.debug("Enter bundles/newBundles");
}
BundleForm bform = new BundleForm();
bform.setId(0);
model.addAttribute("bundleForm", bform);
mav.setViewName("newBundleForm");
return mav;
}
Also used :
BundleForm(org.nhindirect.config.ui.form.BundleForm)
ModelAndView(org.springframework.web.servlet.ModelAndView)
PreAuthorize(org.springframework.security.access.prepost.PreAuthorize)
RequestMapping(org.springframework.web.bind.annotation.RequestMapping)
Example 100 with PreAuthorize
use of org.springframework.security.access.prepost.PreAuthorize in project nhin-d by DirectProject.
the class BundlesController method refreshBundles.
@PreAuthorize("hasRole('ROLE_ADMIN')")
@RequestMapping(value = "/refreshBundles", method = RequestMethod.POST)
public ModelAndView refreshBundles(@RequestHeader(value = "X-Requested-With", required = false) String requestedWith, HttpSession session, @ModelAttribute BundleForm simpleForm, Model model) {
final ModelAndView mav = new ModelAndView();
if (log.isDebugEnabled()) {
log.debug("Enter bundles/refreshbundles");
}
if (simpleForm.getBundlesSelected() != null) {
if (log.isDebugEnabled()) {
log.debug("Bundles marked for refresh: " + simpleForm.getBundlesSelected().toString());
}
}
if (bundleService != null && simpleForm != null && simpleForm.getBundlesSelected() != null) {
int bundleCount = simpleForm.getBundlesSelected().size();
if (log.isDebugEnabled()) {
log.debug("Refreshing Bundles");
}
for (int i = 0; i < bundleCount; i++) {
final String bundleName = simpleForm.getBundlesSelected().get(i);
log.debug("Refreshing Bundle #" + bundleName);
// Refresh Trust Bundle(s)
try {
bundleService.refreshTrustBundle(bundleName);
} catch (ServiceException cse) {
log.error("Could not refresh bundle: #" + bundleName);
}
}
}
model.addAttribute("ajaxRequest", AjaxUtils.isAjaxRequest(requestedWith));
final BundleForm bform = new BundleForm();
bform.setId(0);
model.addAttribute("bundleForm", bform);
mav.setViewName("bundles");
// Process data for Trust Bundle View
try {
// Get Trust Bundles
final Collection<TrustBundle> trustBundles = bundleService.getTrustBundles(false);
if (trustBundles != null) {
model.addAttribute("trustBundles", trustBundles);
}
} catch (ServiceException e1) {
}
return new ModelAndView("redirect:/config/main/search?domainName=&submitType=ManageTrustBundles");
}
Also used :
ServiceException(org.nhindirect.common.rest.exceptions.ServiceException)
BundleForm(org.nhindirect.config.ui.form.BundleForm)
ModelAndView(org.springframework.web.servlet.ModelAndView)
TrustBundle(org.nhindirect.config.model.TrustBundle)
PreAuthorize(org.springframework.security.access.prepost.PreAuthorize)
RequestMapping(org.springframework.web.bind.annotation.RequestMapping)
Aggregations
PreAuthorize (org.springframework.security.access.prepost.PreAuthorize)188
RequestMapping (org.springframework.web.bind.annotation.RequestMapping)174
ModelAndView (org.springframework.web.servlet.ModelAndView)51
ResponseStatus (org.springframework.web.bind.annotation.ResponseStatus)39
WebMessageException (org.hisp.dhis.dxf2.webmessage.WebMessageException)36
ServiceException (org.nhindirect.common.rest.exceptions.ServiceException)34
ResponseBody (org.springframework.web.bind.annotation.ResponseBody)32
IOException (java.io.IOException)29
InputStream (java.io.InputStream)23
ArrayList (java.util.ArrayList)23
ImportSummary (org.hisp.dhis.dxf2.importsummary.ImportSummary)23
ConfigurationServiceException (org.nhindirect.config.service.ConfigurationServiceException)21
Date (java.util.Date)15
Grid (org.hisp.dhis.common.Grid)14
SearchDomainForm (org.nhindirect.config.ui.form.SearchDomainForm)14
ApiOperation (io.swagger.annotations.ApiOperation)13
ApiResponses (io.swagger.annotations.ApiResponses)13
Configuration (org.hisp.dhis.configuration.Configuration)13
HttpHeaders (org.springframework.http.HttpHeaders)13
List (java.util.List)12
