Skip to content
Normal view History Permalink
PermissionsController.java 2.9 KiB
Newer Older
Sonia Zorba's avatar
Added PermissionsController and search user functionality
Sonia Zorba committed
1 2 3 
package it.inaf.ia2.gms.controller;

import it.inaf.ia2.gms.authn.SessionData;
Sonia Zorba's avatar
Implemented Add Permission modal and controller  
Sonia Zorba committed
4 5 6 
import it.inaf.ia2.gms.exception.UnauthorizedException;
import it.inaf.ia2.gms.model.PermissionRequest;
import it.inaf.ia2.gms.model.PaginatedData;
Sonia Zorba's avatar
Added PermissionsController and search user functionality
Sonia Zorba committed
7 
import it.inaf.ia2.gms.model.Permission;
Sonia Zorba's avatar
Implemented Add Permission modal and controller  
Sonia Zorba committed
8 9 10 
import it.inaf.ia2.gms.model.UserPermission;
import it.inaf.ia2.gms.persistence.model.GroupEntity;
import it.inaf.ia2.gms.service.GroupsService;
Sonia Zorba's avatar
Added PermissionsController and search user functionality
Sonia Zorba committed
11 
import it.inaf.ia2.gms.service.PermissionsService;
Sonia Zorba's avatar
Implemented Add Permission modal and controller  
Sonia Zorba committed
12 13 
import java.util.List;
import javax.validation.Valid;
Sonia Zorba's avatar
Added PermissionsController and search user functionality
Sonia Zorba committed
14 
import org.springframework.beans.factory.annotation.Autowired;
Sonia Zorba's avatar
Implemented Add Permission modal and controller  
Sonia Zorba committed
15 
import org.springframework.http.HttpStatus;
Sonia Zorba's avatar
Added PermissionsController and search user functionality
Sonia Zorba committed
16 17 18 
import org.springframework.http.MediaType;
import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.DeleteMapping;
Sonia Zorba's avatar
Implemented Add Permission modal and controller  
Sonia Zorba committed
19 20 
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
Sonia Zorba's avatar
Added PermissionsController and search user functionality
Sonia Zorba committed
21 22 23 24 25 26 27 28 
import org.springframework.web.bind.annotation.RestController;

@RestController
public class PermissionsController {

    @Autowired
    private SessionData session;
Sonia Zorba's avatar
Implemented Add Permission modal and controller  
Sonia Zorba committed
29 30 31 
    @Autowired
    private GroupsService groupsService;
Sonia Zorba's avatar
Added PermissionsController and search user functionality
Sonia Zorba committed
32 33 34 
    @Autowired
    private PermissionsService permissionsService;
Sonia Zorba's avatar
Implemented Add Permission modal and controller  
Sonia Zorba committed
35 36 37 38 
    @PostMapping(value = "/permission", consumes = MediaType.APPLICATION_JSON_UTF8_VALUE, produces = MediaType.APPLICATION_JSON_UTF8_VALUE)
    public ResponseEntity<PaginatedData<UserPermission>> addPermission(@Valid @RequestBody PermissionRequest request) {

        GroupEntity group = groupsService.getGroupById(request.getGroupId());
Sonia Zorba's avatar
Added MembersController and tests  
Sonia Zorba committed
39 
        verifyCurrentUserCanManagePermissions(group);
Sonia Zorba's avatar
Implemented Add Permission modal and controller  
Sonia Zorba committed
40 41 42 43 44 45 46 47 48 49 

        permissionsService.addPermission(group, request.getUserId(), request.getPermission());

        return new ResponseEntity<>(getPermissionsPanel(group, request), HttpStatus.CREATED);
    }

    @DeleteMapping(value = "/permission", produces = MediaType.APPLICATION_JSON_UTF8_VALUE)
    public ResponseEntity<PaginatedData<UserPermission>> deletePermission(@Valid PermissionRequest request) {

        GroupEntity group = groupsService.getGroupById(request.getGroupId());
Sonia Zorba's avatar
Added MembersController and tests  
Sonia Zorba committed
50 
        verifyCurrentUserCanManagePermissions(group);
Sonia Zorba's avatar
Implemented Add Permission modal and controller  
Sonia Zorba committed
51 52 53 54 55 56 

        permissionsService.deletePermission(group, request.getUserId(), request.getPermission());

        return ResponseEntity.ok(getPermissionsPanel(group, request));
    }
Sonia Zorba's avatar
Added MembersController and tests  
Sonia Zorba committed
57 
    private void verifyCurrentUserCanManagePermissions(GroupEntity group) {
Sonia Zorba's avatar
Implemented Add Permission modal and controller  
Sonia Zorba committed
58 59 60 61 62 63 64 65 66 
        Permission currentNodePermissions = permissionsService.getUserPermissionForGroup(group, session.getUserId());
        if (currentNodePermissions != Permission.ADMIN) {
            throw new UnauthorizedException("Only admin users can handle permissions");
        }
    }

    private PaginatedData<UserPermission> getPermissionsPanel(GroupEntity group, PermissionRequest request) {
        List<UserPermission> permissions = permissionsService.getAllPermissions(group);
        return new PaginatedData<>(permissions, request.getPaginatorPage(), request.getPaginatorPageSize());
Sonia Zorba's avatar
Added PermissionsController and search user functionality
Sonia Zorba committed
67 68 
    }
}