Search in sources :

Example 16 with PreAuthorize

use of org.springframework.security.access.prepost.PreAuthorize in project nhin-d by DirectProject.

the class SettingsController method addSetting.

@PreAuthorize("hasRole('ROLE_ADMIN')")
@RequestMapping(value = "/addsetting", method = RequestMethod.POST)
public ModelAndView addSetting(@RequestHeader(value = "X-Requested-With", required = false) String requestedWith, HttpSession session, @ModelAttribute SettingsForm settingsForm, Model model, @RequestParam(value = "submitType") String actionPath) {
    final ModelAndView mav = new ModelAndView();
    String strid = "";
    String key = "";
    String value = "";
    if (log.isDebugEnabled())
        log.debug("Enter domain/addsetting");
    if (actionPath.equalsIgnoreCase("cancel")) {
        if (log.isDebugEnabled())
            log.debug("trying to cancel from saveupdate");
        SearchDomainForm form2 = (SearchDomainForm) session.getAttribute("searchDomainForm");
        model.addAttribute(form2 != null ? form2 : new SearchDomainForm());
        model.addAttribute("ajaxRequest", AjaxUtils.isAjaxRequest(requestedWith));
        mav.setViewName("main");
        mav.addObject("privKeyTypeList", PrivateKeyType.getPrivKeyTypeList());
        mav.addObject("statusList", EntityStatus.getEntityStatusList());
        return mav;
    }
    if (actionPath.equalsIgnoreCase("newsetting") || actionPath.equalsIgnoreCase("add setting")) {
        if (log.isDebugEnabled())
            log.debug("trying to get/set settings");
        strid = "" + settingsForm.getId();
        key = "" + settingsForm.getKey();
        value = "" + settingsForm.getValue();
        try {
            if (log.isDebugEnabled())
                log.debug("trying set settings services");
            settingsService.addSetting(key, value);
            if (log.isDebugEnabled())
                log.debug("PAST trying set settings services");
        } catch (ServiceException e) {
            e.printStackTrace();
        }
        model.addAttribute("ajaxRequest", AjaxUtils.isAjaxRequest(requestedWith));
        SimpleForm simple = new SimpleForm();
        simple.setId(Long.parseLong(strid));
        model.addAttribute("simpleForm", simple);
        try {
            model.addAttribute("settingsResults", settingsService.getSettings());
        } catch (ServiceException e) {
            e.printStackTrace();
        }
        mav.setViewName("settings");
        // the Form's default button action
        String action = "Update";
        model.addAttribute("settingsForm", settingsForm);
        model.addAttribute("action", action);
        model.addAttribute("ajaxRequest", AjaxUtils.isAjaxRequest(requestedWith));
    }
    return mav;
}
Also used : SearchDomainForm(org.nhindirect.config.ui.form.SearchDomainForm) SimpleForm(org.nhindirect.config.ui.form.SimpleForm) ServiceException(org.nhindirect.common.rest.exceptions.ServiceException) ModelAndView(org.springframework.web.servlet.ModelAndView) PreAuthorize(org.springframework.security.access.prepost.PreAuthorize) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Example 17 with PreAuthorize

use of org.springframework.security.access.prepost.PreAuthorize in project nhin-d by DirectProject.

the class CertificatesController method removeCertificates.

@PreAuthorize("hasRole('ROLE_ADMIN')")
@RequestMapping(value = "/removecertifcates", method = RequestMethod.POST)
public ModelAndView removeCertificates(@RequestHeader(value = "X-Requested-With", required = false) String requestedWith, HttpSession session, @ModelAttribute CertificateForm simpleForm, Model model, @RequestParam(value = "submitType") String actionPath) {
    final ModelAndView mav = new ModelAndView();
    if (log.isDebugEnabled())
        log.debug("Enter domain/removecertificates");
    if (simpleForm.getRemove() != null) {
        if (log.isDebugEnabled())
            log.debug("the list of checkboxes checked or not is: " + simpleForm.getRemove().toString());
    }
    if (certService != null && simpleForm != null && actionPath != null && (actionPath.equalsIgnoreCase("deletecertificate") || actionPath.equalsIgnoreCase("Remove Selected")) && simpleForm.getRemove() != null) {
        int cnt = simpleForm.getRemove().size();
        if (log.isDebugEnabled())
            log.debug("removing certificates");
        try {
            // get list of certificates for this domain
            final Collection<Certificate> certs = certService.getAllCertificates();
            final ArrayList<Long> certtoberemovedlist = new ArrayList<Long>();
            // now iterate over each one and remove the appropriate ones
            for (int x = 0; x < cnt; x++) {
                final String removeid = simpleForm.getRemove().get(x);
                for (Certificate t : certs) {
                    //rest of the code block removed
                    if (t.getId() == Long.parseLong(removeid)) {
                        if (log.isDebugEnabled()) {
                            log.debug(" ");
                            log.debug("domain address id: " + t.getId());
                            log.debug(" ");
                        }
                        // create a collection of matching anchor ids
                        certtoberemovedlist.add(t.getId());
                        break;
                    }
                }
            }
            // with the collection of anchor ids now remove them from the anchorService
            if (log.isDebugEnabled())
                log.debug(" Trying to remove certificates from database");
            certService.deleteCertificatesByIds(certtoberemovedlist);
            if (log.isDebugEnabled())
                log.debug(" SUCCESS Trying to update certificates");
        } catch (ServiceException e) {
            if (log.isDebugEnabled())
                log.error(e);
        }
    }
    model.addAttribute("ajaxRequest", AjaxUtils.isAjaxRequest(requestedWith));
    // BEGIN: temporary code for mocking purposes
    final CertificateForm cform = new CertificateForm();
    cform.setId(0);
    model.addAttribute("certificateForm", cform);
    mav.setViewName("certificates");
    // the Form's default button action
    final String action = "Update";
    model.addAttribute("action", action);
    model.addAttribute("ajaxRequest", AjaxUtils.isAjaxRequest(requestedWith));
    mav.addObject("action", action);
    Collection<Certificate> certlist = null;
    try {
        certlist = certService.getAllCertificates();
        if (this.keyManager != null && this.keyManager instanceof MutableKeyStoreProtectionManager) {
            final KeyStore keyStore = ((MutableKeyStoreProtectionManager) keyManager).getKS();
            // the key store manager to see if they have private keys
            for (Certificate cert : certlist) {
                if (!cert.isPrivateKey()) {
                    try {
                        final X509Certificate checkCert = CertUtils.toX509Certificate(cert.getData());
                        final String alias = keyStore.getCertificateAlias(checkCert);
                        if (!StringUtils.isEmpty(alias)) {
                            // check if this entry has a private key associated with
                            // it
                            final PrivateKey privKey = (PrivateKey) keyStore.getKey(alias, "".toCharArray());
                            if (privKey != null)
                                cert.setPrivateKey(true);
                        }
                    } catch (Exception e) {
                    }
                }
            }
        }
    } catch (ServiceException e) {
        e.printStackTrace();
    }
    model.addAttribute("certificatesResults", certlist);
    // END: temporary code for mocking purposes		
    mav.addObject("privKeyTypeList", PrivateKeyType.getPrivKeyTypeList());
    mav.addObject("statusList", EntityStatus.getEntityStatusList());
    model.addAttribute("simpleForm", simpleForm);
    final String strid = "" + simpleForm.getId();
    if (log.isDebugEnabled())
        log.debug(" the value of id of simpleform is: " + strid);
    return mav;
}
Also used : CertificateForm(org.nhindirect.config.ui.form.CertificateForm) PrivateKey(java.security.PrivateKey) ModelAndView(org.springframework.web.servlet.ModelAndView) ArrayList(java.util.ArrayList) KeyStore(java.security.KeyStore) X509Certificate(java.security.cert.X509Certificate) ServiceException(org.nhindirect.common.rest.exceptions.ServiceException) IOException(java.io.IOException) CryptoException(org.nhindirect.common.crypto.exceptions.CryptoException) ServiceException(org.nhindirect.common.rest.exceptions.ServiceException) MutableKeyStoreProtectionManager(org.nhindirect.common.crypto.MutableKeyStoreProtectionManager) X509Certificate(java.security.cert.X509Certificate) Certificate(org.nhindirect.config.model.Certificate) PreAuthorize(org.springframework.security.access.prepost.PreAuthorize) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Example 18 with PreAuthorize

use of org.springframework.security.access.prepost.PreAuthorize in project nhin-d by DirectProject.

the class DNSController method showDNSEntries.

@PreAuthorize("hasRole('ROLE_ADMIN')")
@RequestMapping(method = RequestMethod.GET)
public ModelAndView showDNSEntries(@RequestHeader(value = "X-Requested-With", required = false) String requestedWith, HttpSession session, @ModelAttribute DNSEntryForm entryForm, Model model, @RequestParam(value = "submitType") String actionPath) {
    if (log.isDebugEnabled())
        log.debug("Enter");
    final ModelAndView mav = new ModelAndView("dns");
    model.addAttribute("dnsEntryForm", new DNSEntryForm());
    if (dnsService != null) {
        refreshModelFromService(model);
    }
    return mav;
}
Also used : ModelAndView(org.springframework.web.servlet.ModelAndView) DNSEntryForm(org.nhindirect.config.ui.form.DNSEntryForm) PreAuthorize(org.springframework.security.access.prepost.PreAuthorize) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Example 19 with PreAuthorize

use of org.springframework.security.access.prepost.PreAuthorize in project nhin-d by DirectProject.

the class DNSController method addNSSetting.

@PreAuthorize("hasRole('ROLE_ADMIN')")
@RequestMapping(value = "/addNSDNSRecord", method = RequestMethod.POST)
public ModelAndView addNSSetting(@RequestHeader(value = "X-Requested-With", required = false) String requestedWith, HttpSession session, @ModelAttribute("NSdnsForm") DNSEntryForm NSdnsForm, Model model, @RequestParam(value = "submitType") String actionPath) {
    if (log.isDebugEnabled())
        log.debug("Enter");
    // NS records
    if (NSdnsForm != null && !NSdnsForm.getName().equalsIgnoreCase("") && NSdnsForm.getTtl() != 0L && !NSdnsForm.getDest().equalsIgnoreCase("")) {
        try {
            dnsService.addDNSRecord(DNSEntryForm.createNSRecord(NSdnsForm.getName(), NSdnsForm.getTtl(), NSdnsForm.getDest()));
        } catch (ServiceException e) {
            e.printStackTrace();
        }
    }
    ModelAndView mav = new ModelAndView("dns");
    refreshModelFromService(model);
    if (log.isDebugEnabled())
        log.debug("Exit");
    return mav;
}
Also used : ServiceException(org.nhindirect.common.rest.exceptions.ServiceException) ConfigurationServiceException(org.nhindirect.config.service.ConfigurationServiceException) ModelAndView(org.springframework.web.servlet.ModelAndView) PreAuthorize(org.springframework.security.access.prepost.PreAuthorize) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Example 20 with PreAuthorize

use of org.springframework.security.access.prepost.PreAuthorize in project nhin-d by DirectProject.

the class DomainController method removeAddresses.

@PreAuthorize("hasRole('ROLE_ADMIN')")
@RequestMapping(value = "/removeaddresses", method = RequestMethod.POST)
public ModelAndView removeAddresses(@RequestHeader(value = "X-Requested-With", required = false) String requestedWith, HttpSession session, @ModelAttribute SimpleForm simpleForm, Model model, @RequestParam(value = "submitType") String actionPath) {
    final String domAttr = (String) session.getAttribute("currentDomainName");
    ModelAndView mav = new ModelAndView();
    if (log.isDebugEnabled())
        log.debug("Enter domain/removeaddresses");
    if (simpleForm.getRemove() != null) {
        if (log.isDebugEnabled())
            log.debug("the list of checkboxes checked or not is: " + simpleForm.getRemove().toString());
    }
    Domain dom = null;
    try {
        dom = domainService.getDomain(domAttr);
    } catch (ServiceException e) {
        e.printStackTrace();
    }
    //+simpleForm.getId();
    String strid = "" + dom.getDomainName();
    String domname = "";
    if (dom != null) {
        domname = dom.getDomainName();
        if (addressService != null && simpleForm != null && actionPath != null && (actionPath.equalsIgnoreCase("delete") || actionPath.equalsIgnoreCase("remove selected Addresses")) && simpleForm.getRemove() != null) {
            int cnt = simpleForm.getRemove().size();
            if (log.isDebugEnabled())
                log.debug("removing addresses for domain with name: " + domname);
            try {
                for (int x = 0; x < cnt; x++) {
                    String removeid = simpleForm.getRemove().get(x);
                    Collection<Address> t = dom.getAddresses();
                    for (Iterator<Address> iter = t.iterator(); iter.hasNext(); ) {
                        Address ts = (Address) iter.next();
                        if (ts.getId() == Long.parseLong(removeid)) {
                            dom.getAddresses().remove(ts);
                            if (addressService != null) {
                                addressService.deleteAddress(ts.getEmailAddress());
                                try {
                                    dom = domainService.getDomain(strid);
                                } catch (ServiceException e) {
                                    e.printStackTrace();
                                }
                                break;
                            }
                        }
                    }
                }
                if (log.isDebugEnabled())
                    log.debug(" Trying to update the domain with removed addresses");
                domainService.updateDomain(dom);
                try {
                    dom = domainService.getDomain(strid);
                } catch (ServiceException e) {
                    e.printStackTrace();
                }
                if (log.isDebugEnabled())
                    log.debug(" SUCCESS Trying to update the domain with removed addresses");
                final AddressForm addrform = new AddressForm();
                addrform.setId(dom.getId());
                addrform.setDomainName(dom.getDomainName());
                model.addAttribute("addressForm", addrform);
                // BEGIN: temporary code for mocking purposes
                String owner = "";
                model.addAttribute("addressesResults", dom.getAddresses());
                Collection<Certificate> certlist = null;
                try {
                    certlist = certService.getCertificatesByOwner(owner);
                } catch (ServiceException e) {
                    e.printStackTrace();
                }
                Collection<Anchor> anchorlist = null;
                try {
                    anchorlist = anchorService.getAnchorsForOwner(owner, false, false, "");
                } catch (Exception e) {
                }
                model.addAttribute("certificatesResults", certlist);
                // convert Anchor to AnchorForm
                Collection<AnchorForm> convertedanchors = convertAnchors(anchorlist);
                // now set anchorsResults
                model.addAttribute("anchorsResults", convertedanchors);
            // END: temporary code for mocking purposes
            } catch (ServiceException e) {
                if (log.isDebugEnabled())
                    log.error(e);
            }
        } else if (domainService != null && (actionPath.equalsIgnoreCase("newaddress") || actionPath.equalsIgnoreCase("add address"))) {
            // insert the new address into the Domain list of Addresses
            final String anEmail = simpleForm.getPostmasterEmail();
            if (log.isDebugEnabled())
                log.debug(" Trying to add address: " + anEmail);
            final Address e = new Address();
            e.setEmailAddress(anEmail);
            dom.getAddresses().add(e);
            simpleForm.setPostmasterEmail("");
            try {
                domainService.updateDomain(dom);
                if (log.isDebugEnabled())
                    log.debug(" After attempt to insert new email address ");
            } catch (ServiceException ed) {
                if (log.isDebugEnabled())
                    log.error(ed);
            }
        }
    }
    model.addAttribute("ajaxRequest", AjaxUtils.isAjaxRequest(requestedWith));
    mav.addObject("privKeyTypeList", PrivateKeyType.getPrivKeyTypeList());
    mav.addObject("statusList", EntityStatus.getEntityStatusList());
    final String action = "Update";
    model.addAttribute("action", action);
    DomainForm form = (DomainForm) session.getAttribute("domainForm");
    if (form == null) {
        form = new DomainForm();
        form.populate(dom);
    }
    model.addAttribute("domainForm", form);
    mav.setViewName("domain");
    String owner = "";
    // certificate and anchor forms and results
    try {
        if (owner != null && !owner.equalsIgnoreCase("")) {
            final Collection<Certificate> certs = certService.getCertificatesByOwner(owner);
            model.addAttribute("certificatesResults", certs);
            final Collection<Anchor> anchors = anchorService.getAnchorsForOwner(owner, false, false, "");
            // convert Anchor to AnchorForm
            final Collection<AnchorForm> convertedanchors = convertAnchors(anchors);
            // now set anchorsResults
            model.addAttribute("anchorsResults", convertedanchors);
        }
        final CertificateForm cform = new CertificateForm();
        model.addAttribute("certificateForm", cform);
        final AnchorForm aform = new AnchorForm();
        //aform.setId(dom.getId());
        aform.setDomainName(dom.getDomainName());
        model.addAttribute("anchorForm", aform);
    } catch (ServiceException e1) {
        e1.printStackTrace();
    }
    model.addAttribute("simpleForm", simpleForm);
    //simpleForm.getId();
    strid = "" + dom.getDomainName();
    if (log.isDebugEnabled())
        log.debug(" the value of id of simpleform is: " + strid);
    return new ModelAndView("redirect:/config/domain?id=" + dom.getDomainName() + "#tab1");
//return mav;
}
Also used : CertificateForm(org.nhindirect.config.ui.form.CertificateForm) AnchorForm(org.nhindirect.config.ui.form.AnchorForm) Address(org.nhindirect.config.model.Address) ModelAndView(org.springframework.web.servlet.ModelAndView) ServiceException(org.nhindirect.common.rest.exceptions.ServiceException) IOException(java.io.IOException) ConfigurationServiceException(org.nhindirect.config.service.ConfigurationServiceException) DomainForm(org.nhindirect.config.ui.form.DomainForm) SearchDomainForm(org.nhindirect.config.ui.form.SearchDomainForm) Anchor(org.nhindirect.config.model.Anchor) TrustBundleAnchor(org.nhindirect.config.model.TrustBundleAnchor) AddressForm(org.nhindirect.config.ui.form.AddressForm) ServiceException(org.nhindirect.common.rest.exceptions.ServiceException) ConfigurationServiceException(org.nhindirect.config.service.ConfigurationServiceException) Domain(org.nhindirect.config.model.Domain) X509Certificate(java.security.cert.X509Certificate) Certificate(org.nhindirect.config.model.Certificate) PreAuthorize(org.springframework.security.access.prepost.PreAuthorize) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Aggregations

PreAuthorize (org.springframework.security.access.prepost.PreAuthorize)188 RequestMapping (org.springframework.web.bind.annotation.RequestMapping)174 ModelAndView (org.springframework.web.servlet.ModelAndView)51 ResponseStatus (org.springframework.web.bind.annotation.ResponseStatus)39 WebMessageException (org.hisp.dhis.dxf2.webmessage.WebMessageException)36 ServiceException (org.nhindirect.common.rest.exceptions.ServiceException)34 ResponseBody (org.springframework.web.bind.annotation.ResponseBody)32 IOException (java.io.IOException)29 InputStream (java.io.InputStream)23 ArrayList (java.util.ArrayList)23 ImportSummary (org.hisp.dhis.dxf2.importsummary.ImportSummary)23 ConfigurationServiceException (org.nhindirect.config.service.ConfigurationServiceException)21 Date (java.util.Date)15 Grid (org.hisp.dhis.common.Grid)14 SearchDomainForm (org.nhindirect.config.ui.form.SearchDomainForm)14 ApiOperation (io.swagger.annotations.ApiOperation)13 ApiResponses (io.swagger.annotations.ApiResponses)13 Configuration (org.hisp.dhis.configuration.Configuration)13 HttpHeaders (org.springframework.http.HttpHeaders)13 List (java.util.List)12