zervo/seb-server
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

SEBSERV-81 fixed

Browse source
This commit is contained in:
anhefti 2019-08-08 15:10:22 +02:00
parent bd700bd581
commit 981ee1dbfa
2 changed files with 7 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
src/main/java/ch/ethz/seb/sebserver/webservice/weblayer/api/ConfigurationController.java
View file

@ -64,7 +64,7 @@ public class ConfigurationController extends ReadonlyEntityController<Configurat
public Configuration saveToHistory(@PathVariable final String modelId) { public Configuration saveToHistory(@PathVariable final String modelId) {
return this.entityDAO.byModelId(modelId) return this.entityDAO.byModelId(modelId)
.flatMap(this::checkModifyAccess) .flatMap(this.authorization::checkModify)
.flatMap(config -> this.configurationDAO.saveToHistory(config.configurationNodeId)) .flatMap(config -> this.configurationDAO.saveToHistory(config.configurationNodeId))
.flatMap(this.userActivityLogDAO::logSaveToHistory) .flatMap(this.userActivityLogDAO::logSaveToHistory)
.getOrThrow(); .getOrThrow();
@ -78,7 +78,7 @@ public class ConfigurationController extends ReadonlyEntityController<Configurat
public Configuration undo(@PathVariable final String modelId) { public Configuration undo(@PathVariable final String modelId) {
return this.entityDAO.byModelId(modelId) return this.entityDAO.byModelId(modelId)
.flatMap(this::checkModifyAccess) .flatMap(this.authorization::checkModify)
.flatMap(config -> this.configurationDAO.undo(config.configurationNodeId)) .flatMap(config -> this.configurationDAO.undo(config.configurationNodeId))
.flatMap(this.userActivityLogDAO::logUndo) .flatMap(this.userActivityLogDAO::logUndo)
.getOrThrow(); .getOrThrow();
@ -94,7 +94,7 @@ public class ConfigurationController extends ReadonlyEntityController<Configurat
@RequestParam(name = API.PARAM_PARENT_MODEL_ID, required = true) final Long configurationNodeId) { @RequestParam(name = API.PARAM_PARENT_MODEL_ID, required = true) final Long configurationNodeId) {
return this.entityDAO.byModelId(modelId) return this.entityDAO.byModelId(modelId)
.flatMap(this::checkModifyAccess) .flatMap(this.authorization::checkModify)
.flatMap(config -> this.configurationDAO.restoreToVersion(configurationNodeId, config.getId())) .flatMap(config -> this.configurationDAO.restoreToVersion(configurationNodeId, config.getId()))
.getOrThrow(); .getOrThrow();
} }

9
src/main/java/ch/ethz/seb/sebserver/webservice/weblayer/api/ReadonlyEntityController.java
View file

@ -12,7 +12,6 @@ import javax.validation.Valid;
import org.springframework.util.MultiValueMap; import org.springframework.util.MultiValueMap;
import ch.ethz.seb.sebserver.gbl.api.EntityType;
import ch.ethz.seb.sebserver.gbl.api.POSTMapper; import ch.ethz.seb.sebserver.gbl.api.POSTMapper;
import ch.ethz.seb.sebserver.gbl.api.authorization.PrivilegeType; import ch.ethz.seb.sebserver.gbl.api.authorization.PrivilegeType;
import ch.ethz.seb.sebserver.gbl.model.Entity; import ch.ethz.seb.sebserver.gbl.model.Entity;
@ -70,7 +69,7 @@ public abstract class ReadonlyEntityController<T extends Entity, M extends Entit
@Override @Override
protected void checkModifyPrivilege(final Long institutionId) { protected void checkModifyPrivilege(final Long institutionId) {
throw new PermissionDeniedException( throw new PermissionDeniedException(
EntityType.CLIENT_EVENT, getGrantEntityType(),
PrivilegeType.MODIFY, PrivilegeType.MODIFY,
this.authorization.getUserService().getCurrentUser().uuid()); this.authorization.getUserService().getCurrentUser().uuid());
} }
@ -78,7 +77,7 @@ public abstract class ReadonlyEntityController<T extends Entity, M extends Entit
@Override @Override
protected Result<T> checkModifyAccess(final T entity) { protected Result<T> checkModifyAccess(final T entity) {
throw new PermissionDeniedException( throw new PermissionDeniedException(
EntityType.CLIENT_EVENT, getGrantEntityType(),
PrivilegeType.MODIFY, PrivilegeType.MODIFY,
this.authorization.getUserService().getCurrentUser().uuid()); this.authorization.getUserService().getCurrentUser().uuid());
} }
@ -86,7 +85,7 @@ public abstract class ReadonlyEntityController<T extends Entity, M extends Entit
@Override @Override
protected Result<T> checkWriteAccess(final T entity) { protected Result<T> checkWriteAccess(final T entity) {
throw new PermissionDeniedException( throw new PermissionDeniedException(
EntityType.CLIENT_EVENT, getGrantEntityType(),
PrivilegeType.WRITE, PrivilegeType.WRITE,
this.authorization.getUserService().getCurrentUser().uuid()); this.authorization.getUserService().getCurrentUser().uuid());
} }
@ -94,7 +93,7 @@ public abstract class ReadonlyEntityController<T extends Entity, M extends Entit
@Override @Override
protected Result<M> checkCreateAccess(final M entity) { protected Result<M> checkCreateAccess(final M entity) {
throw new PermissionDeniedException( throw new PermissionDeniedException(
EntityType.CLIENT_EVENT, getGrantEntityType(),
PrivilegeType.WRITE, PrivilegeType.WRITE,
this.authorization.getUserService().getCurrentUser().uuid()); this.authorization.getUserService().getCurrentUser().uuid());
} }