Examples with PreAuthorize org.springframework.security.access.prepost.PreAuthorize used on opensource projects

Search in sources :

Example 11 with PreAuthorize

use of org.springframework.security.access.prepost.PreAuthorize in project nhin-d by DirectProject.

the class BundlesController method assignBundlesForm.

@PreAuthorize("hasRole('ROLE_ADMIN')")
@RequestMapping(value = "/assignBundlesForm", method = RequestMethod.GET)
public ModelAndView assignBundlesForm(@RequestHeader(value = "X-Requested-With", required = false) String requestedWith, HttpSession session, @ModelAttribute BundleForm simpleForm, Model model) {
    ModelAndView mav = new ModelAndView();
    if (log.isDebugEnabled()) {
        log.debug("Enter bundles/assignBundles");
    }
    // Process data for Trust Bundle View
    try {
        // Get Trust Bundles
        final Collection<TrustBundle> trustBundles = bundleService.getTrustBundles(false);
        if (trustBundles != null) {
            model.addAttribute("trustBundles", trustBundles);
        }
    } catch (ServiceException e1) {
    }
    BundleForm bform = new BundleForm();
    bform.setId(0);
    bform.setDomainName((String) session.getAttribute("currentDomainName"));
    model.addAttribute("bundleForm", bform);
    mav.setViewName("assignBundlesForm");
    return mav;
}
Also used : ServiceException(org.nhindirect.common.rest.exceptions.ServiceException) BundleForm(org.nhindirect.config.ui.form.BundleForm) ModelAndView(org.springframework.web.servlet.ModelAndView) TrustBundle(org.nhindirect.config.model.TrustBundle) PreAuthorize(org.springframework.security.access.prepost.PreAuthorize) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Example 12 with PreAuthorize

use of org.springframework.security.access.prepost.PreAuthorize in project nhin-d by DirectProject.

the class DomainController method removeBundles.

@PreAuthorize("hasRole('ROLE_ADMIN')")
@RequestMapping(value = "/removeBundles", method = RequestMethod.POST)
public ModelAndView removeBundles(@RequestHeader(value = "X-Requested-With", required = false) String requestedWith, HttpSession session, @ModelAttribute AnchorForm anchorForm, Model model, @RequestParam(value = "domainId") String domainId, @RequestParam(value = "bundles") String bundles) {
    ModelAndView mav = new ModelAndView();
    // DEBUG
    if (log.isDebugEnabled()) {
        log.debug("Enter domain/removeBundles");
    }
    String[] bundleIds = bundles.split(":");
    for (String bundle : bundleIds) {
        try {
            configSvc.disassociateTrustBundleFromDomain(Long.parseLong(domainId), Long.parseLong(bundle));
        } catch (ConfigurationServiceException cse) {
        }
    }
    return new ModelAndView("redirect:/config/domain?id=" + domainId + "&action=update#tab3");
}
Also used : ModelAndView(org.springframework.web.servlet.ModelAndView) ConfigurationServiceException(org.nhindirect.config.service.ConfigurationServiceException) PreAuthorize(org.springframework.security.access.prepost.PreAuthorize) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Example 13 with PreAuthorize

use of org.springframework.security.access.prepost.PreAuthorize in project nhin-d by DirectProject.

the class PoliciesController method checkPolicyContent.

@PreAuthorize("hasRole('ROLE_ADMIN')")
@RequestMapping(value = "/checkPolicyContent", method = { RequestMethod.GET, RequestMethod.POST })
@ResponseBody
public String checkPolicyContent(@RequestHeader(value = "X-Requested-With", required = false) String requestedWith, HttpServletResponse response, HttpServletRequest request, Object command) throws Exception {
    final org.nhindirect.policy.PolicyLexicon parseLexicon;
    String jsonResponse = "";
    String content = request.getParameter("content");
    String lexicon = "";
    if (log.isDebugEnabled()) {
        log.debug("Checking policy content for format and validation");
    }
    lexicon = request.getParameter("lexicon");
    org.nhind.config.PolicyLexicon lex = null;
    // Check the file for three types of policies
    if (lexicon.isEmpty()) {
        lex = org.nhind.config.PolicyLexicon.SIMPLE_TEXT_V1;
    } else {
        try {
            // Convert string of file contents to lexicon object
            lex = org.nhind.config.PolicyLexicon.fromString(lexicon);
        } catch (Exception e) {
            log.error("Invalid lexicon name.");
        }
    }
    // Determine lexicon type
    if (lex.equals(org.nhind.config.PolicyLexicon.JAVA_SER)) {
        parseLexicon = org.nhindirect.policy.PolicyLexicon.JAVA_SER;
    } else if (lex.equals(org.nhind.config.PolicyLexicon.SIMPLE_TEXT_V1)) {
        parseLexicon = org.nhindirect.policy.PolicyLexicon.SIMPLE_TEXT_V1;
    } else {
        parseLexicon = org.nhindirect.policy.PolicyLexicon.XML;
    }
    InputStream inStr = null;
    try {
        // Convert policy file upload to byte stream
        inStr = new ByteArrayInputStream(content.getBytes());
        // Initialize parser engine
        final PolicyLexiconParser parser = PolicyLexiconParserFactory.getInstance(parseLexicon);
        // Attempt to parse the lexicon file for validity
        parser.parse(inStr);
    } catch (PolicyParseException e) {
        log.error("Syntax error in policy content " + " : " + e.getMessage());
        jsonResponse = "{\"Status\":\"Policy content was not valid.\",\"Error\":\"" + e.getMessage() + "\"}";
    } finally {
        IOUtils.closeQuietly(inStr);
    }
    if (jsonResponse.isEmpty()) {
        jsonResponse = "{\"Status\":\"Success\"}";
    }
    return jsonResponse;
}
Also used : ByteArrayInputStream(java.io.ByteArrayInputStream) PolicyLexicon(org.nhindirect.policy.PolicyLexicon) ByteArrayInputStream(java.io.ByteArrayInputStream) InputStream(java.io.InputStream) PolicyLexiconParser(org.nhindirect.policy.PolicyLexiconParser) URISyntaxException(java.net.URISyntaxException) UnsupportedEncodingException(java.io.UnsupportedEncodingException) PolicyParseException(org.nhindirect.policy.PolicyParseException) MalformedURLException(java.net.MalformedURLException) ServiceException(org.nhindirect.common.rest.exceptions.ServiceException) IOException(java.io.IOException) CertificateException(java.security.cert.CertificateException) FileUploadException(org.apache.commons.fileupload.FileUploadException) PolicyParseException(org.nhindirect.policy.PolicyParseException) PreAuthorize(org.springframework.security.access.prepost.PreAuthorize) RequestMapping(org.springframework.web.bind.annotation.RequestMapping) ResponseBody(org.springframework.web.bind.annotation.ResponseBody)

Example 14 with PreAuthorize

use of org.springframework.security.access.prepost.PreAuthorize in project nhin-d by DirectProject.

the class PoliciesController method newPolicyForm.

/*********************************
     *
     * New Policy Form Method
     *
     *********************************/
@PreAuthorize("hasRole('ROLE_ADMIN')")
@RequestMapping(value = "/newPolicyForm", method = RequestMethod.GET)
public ModelAndView newPolicyForm(@RequestHeader(value = "X-Requested-With", required = false) String requestedWith, HttpSession session, @ModelAttribute PolicyForm policyForm, Model model) {
    ModelAndView mav = new ModelAndView();
    if (log.isDebugEnabled()) {
        log.debug("Enter policies");
    }
    PolicyForm pform = new PolicyForm();
    pform.setId(0);
    model.addAttribute("policyForm", pform);
    model.addAttribute("lexiconNames", pform.getLexiconNames());
    mav.setViewName("newPolicyForm");
    return mav;
}
Also used : PolicyForm(org.nhindirect.config.ui.form.PolicyForm) ModelAndView(org.springframework.web.servlet.ModelAndView) PreAuthorize(org.springframework.security.access.prepost.PreAuthorize) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Example 15 with PreAuthorize

use of org.springframework.security.access.prepost.PreAuthorize in project nhin-d by DirectProject.

the class PoliciesController method checkLexiconFile.

/*********************************
     *
     * Check Lexicon File Method
     *
     *********************************/
@PreAuthorize("hasRole('ROLE_ADMIN')")
@RequestMapping(value = "/checkLexiconFile", method = { RequestMethod.GET, RequestMethod.POST })
@ResponseBody
public String checkLexiconFile(@RequestHeader(value = "X-Requested-With", required = false) String requestedWith, HttpServletResponse response, Object command, @RequestHeader(value = "lexicon", required = false) String lexicon, MultipartHttpServletRequest request) throws FileUploadException, IOException, Exception {
    final org.nhindirect.policy.PolicyLexicon parseLexicon;
    String jsonResponse = "";
    String uploadToString = "";
    if (log.isDebugEnabled()) {
        log.debug("Checking uploaded lexicon file for format and validation");
    }
    // Grab uploaded file from the post submission
    UploadedFile ufile = new UploadedFile();
    Iterator<String> itr = request.getFileNames();
    MultipartFile mpf = request.getFile(itr.next());
    try {
        ufile.length = mpf.getBytes().length;
        ufile.bytes = mpf.getBytes();
        ufile.type = mpf.getContentType();
        ufile.name = mpf.getOriginalFilename();
    } catch (IOException e) {
    }
    // Convert upload content to string
    uploadToString = new String(ufile.bytes);
    uploadToString = JSONObject.escape(uploadToString);
    lexicon = request.getParameter("lexicon");
    org.nhind.config.PolicyLexicon lex = null;
    // Check the file for three types of policies
    if (lexicon.isEmpty()) {
        lex = org.nhind.config.PolicyLexicon.SIMPLE_TEXT_V1;
    } else {
        try {
            // Convert string of file contents to lexicon object
            lex = org.nhind.config.PolicyLexicon.fromString(lexicon);
        } catch (Exception e) {
            log.error("Invalid lexicon name.");
        }
    }
    // Determine lexicon type
    if (lex.equals(org.nhind.config.PolicyLexicon.JAVA_SER)) {
        parseLexicon = org.nhindirect.policy.PolicyLexicon.JAVA_SER;
    } else if (lex.equals(org.nhind.config.PolicyLexicon.SIMPLE_TEXT_V1)) {
        parseLexicon = org.nhindirect.policy.PolicyLexicon.SIMPLE_TEXT_V1;
    } else {
        parseLexicon = org.nhindirect.policy.PolicyLexicon.XML;
    }
    InputStream inStr = null;
    try {
        // Convert policy file upload to byte stream
        inStr = new ByteArrayInputStream(ufile.bytes);
        // Initialize parser engine
        final PolicyLexiconParser parser = PolicyLexiconParserFactory.getInstance(parseLexicon);
        // Attempt to parse the lexicon file for validity
        parser.parse(inStr);
    } catch (PolicyParseException e) {
        log.error("Syntax error in policy file " + " : " + e.getMessage());
        jsonResponse = "{\"Status\":\"File was not a valid file.\",\"Content\":\"" + uploadToString + "\"}";
    } finally {
        IOUtils.closeQuietly(inStr);
    }
    if (jsonResponse.isEmpty()) {
        jsonResponse = "{\"Status\":\"Success\",\"Content\":\"" + uploadToString + "\"}";
    }
    return jsonResponse;
}
Also used : PolicyLexicon(org.nhindirect.policy.PolicyLexicon) ByteArrayInputStream(java.io.ByteArrayInputStream) InputStream(java.io.InputStream) IOException(java.io.IOException) URISyntaxException(java.net.URISyntaxException) UnsupportedEncodingException(java.io.UnsupportedEncodingException) PolicyParseException(org.nhindirect.policy.PolicyParseException) MalformedURLException(java.net.MalformedURLException) ServiceException(org.nhindirect.common.rest.exceptions.ServiceException) IOException(java.io.IOException) CertificateException(java.security.cert.CertificateException) FileUploadException(org.apache.commons.fileupload.FileUploadException) CommonsMultipartFile(org.springframework.web.multipart.commons.CommonsMultipartFile) MultipartFile(org.springframework.web.multipart.MultipartFile) ByteArrayInputStream(java.io.ByteArrayInputStream) PolicyLexiconParser(org.nhindirect.policy.PolicyLexiconParser) PolicyParseException(org.nhindirect.policy.PolicyParseException) PreAuthorize(org.springframework.security.access.prepost.PreAuthorize) RequestMapping(org.springframework.web.bind.annotation.RequestMapping) ResponseBody(org.springframework.web.bind.annotation.ResponseBody)

Aggregations

PreAuthorize (org.springframework.security.access.prepost.PreAuthorize)188 RequestMapping (org.springframework.web.bind.annotation.RequestMapping)174 ModelAndView (org.springframework.web.servlet.ModelAndView)51 ResponseStatus (org.springframework.web.bind.annotation.ResponseStatus)39 WebMessageException (org.hisp.dhis.dxf2.webmessage.WebMessageException)36 ServiceException (org.nhindirect.common.rest.exceptions.ServiceException)34 ResponseBody (org.springframework.web.bind.annotation.ResponseBody)32 IOException (java.io.IOException)29 InputStream (java.io.InputStream)23 ArrayList (java.util.ArrayList)23 ImportSummary (org.hisp.dhis.dxf2.importsummary.ImportSummary)23 ConfigurationServiceException (org.nhindirect.config.service.ConfigurationServiceException)21 Date (java.util.Date)15 Grid (org.hisp.dhis.common.Grid)14 SearchDomainForm (org.nhindirect.config.ui.form.SearchDomainForm)14 ApiOperation (io.swagger.annotations.ApiOperation)13 ApiResponses (io.swagger.annotations.ApiResponses)13 Configuration (org.hisp.dhis.configuration.Configuration)13 HttpHeaders (org.springframework.http.HttpHeaders)13 List (java.util.List)12
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial