From e22b66d1677c12af0fedf2e0c77d9889d1d03247 Mon Sep 17 00:00:00 2001 From: Pim van Nierop Date: Mon, 3 Jun 2024 14:28:57 +0200 Subject: [PATCH] Refactor constants and enums --- .../appserver/config/AuthConfig.java | 20 -------- .../appserver/config/AuthEntities.java | 18 +++++++ .../appserver/config/AuthPermission.java | 18 +++++++ .../config/PreAuthPermissionEvaluator.java | 1 - .../controller/FcmDataMessageController.java | 38 +++++++------- .../controller/FcmNotificationController.java | 50 +++++++++---------- .../appserver/controller/GithubEndpoint.java | 7 +-- .../NotificationStateEventController.java | 14 +++--- .../controller/ProtocolEndpoint.java | 12 ++--- .../QuestionnaireScheduleEndpoint.java | 13 +++-- .../controller/RadarProjectController.java | 26 +++++----- .../controller/RadarUserController.java | 40 +++++++-------- .../controller/TaskStateEventController.java | 17 +++---- .../controller/UploadController.java | 10 ++-- 14 files changed, 146 insertions(+), 138 deletions(-) create mode 100644 src/main/java/org/radarbase/appserver/config/AuthEntities.java create mode 100644 src/main/java/org/radarbase/appserver/config/AuthPermission.java diff --git a/src/main/java/org/radarbase/appserver/config/AuthConfig.java b/src/main/java/org/radarbase/appserver/config/AuthConfig.java index 45e9dec7..0674221e 100644 --- a/src/main/java/org/radarbase/appserver/config/AuthConfig.java +++ b/src/main/java/org/radarbase/appserver/config/AuthConfig.java @@ -64,24 +64,4 @@ AuthAspect getAuthAspect( return new AuthAspect<>(authValidator, authorization); } - public interface AuthEntities { - String MEASUREMENT = "MEASUREMENT"; - String PROJECT = "PROJECT"; - String SUBJECT = "SUBJECT"; - String SOURCE = "SOURCE"; - } - - public interface AuthPermissions { - String READ = "READ"; - String CREATE = "CREATE"; - String UPDATE = "UPDATE"; - String UPLOAD = "UPLOAD"; - } - - public enum AuthPermission { - READ, - CREATE, - UPDATE, - UPLOAD - } } \ No newline at end of file diff --git a/src/main/java/org/radarbase/appserver/config/AuthEntities.java b/src/main/java/org/radarbase/appserver/config/AuthEntities.java new file mode 100644 index 00000000..54c00a1b --- /dev/null +++ b/src/main/java/org/radarbase/appserver/config/AuthEntities.java @@ -0,0 +1,18 @@ +package org.radarbase.appserver.config; + +public enum AuthEntities { + MEASUREMENT(Constants.MEASUREMENT), + PROJECT(Constants.PROJECT), + SUBJECT(Constants.SUBJECT), + SOURCE(Constants.SOURCE); + + AuthEntities(String entityValue) { + } + + public static class Constants { + public static final String MEASUREMENT = "MEASUREMENT"; + public static final String PROJECT = "PROJECT"; + public static final String SUBJECT = "SUBJECT"; + public static final String SOURCE = "SOURCE"; + } +} diff --git a/src/main/java/org/radarbase/appserver/config/AuthPermission.java b/src/main/java/org/radarbase/appserver/config/AuthPermission.java new file mode 100644 index 00000000..e8d9ae73 --- /dev/null +++ b/src/main/java/org/radarbase/appserver/config/AuthPermission.java @@ -0,0 +1,18 @@ +package org.radarbase.appserver.config; + +public enum AuthPermission { + READ(Constants.READ), + CREATE(Constants.CREATE), + UPDATE(Constants.UPDATE), + UPLOAD(Constants.UPLOAD); + + AuthPermission(String permissionValue) { + } + + public static class Constants { + public static final String READ = "READ"; + public static final String CREATE = "CREATE"; + public static final String UPDATE = "UPDATE"; + public static final String UPLOAD = "UPLOAD"; + } +} diff --git a/src/main/java/org/radarbase/appserver/config/PreAuthPermissionEvaluator.java b/src/main/java/org/radarbase/appserver/config/PreAuthPermissionEvaluator.java index 8cdf8a32..d6847c56 100644 --- a/src/main/java/org/radarbase/appserver/config/PreAuthPermissionEvaluator.java +++ b/src/main/java/org/radarbase/appserver/config/PreAuthPermissionEvaluator.java @@ -1,6 +1,5 @@ package org.radarbase.appserver.config; -import org.radarbase.appserver.config.AuthConfig.AuthPermission; import org.springframework.security.access.PermissionEvaluator; import org.springframework.security.core.Authentication; diff --git a/src/main/java/org/radarbase/appserver/controller/FcmDataMessageController.java b/src/main/java/org/radarbase/appserver/controller/FcmDataMessageController.java index 57bcad18..386a962f 100644 --- a/src/main/java/org/radarbase/appserver/controller/FcmDataMessageController.java +++ b/src/main/java/org/radarbase/appserver/controller/FcmDataMessageController.java @@ -25,8 +25,8 @@ import java.net.URISyntaxException; import java.time.LocalDateTime; import jakarta.validation.Valid; -import org.radarbase.appserver.config.AuthConfig.AuthEntities; -import org.radarbase.appserver.config.AuthConfig.AuthPermissions; +import org.radarbase.appserver.config.AuthEntities; +import org.radarbase.appserver.config.AuthPermission; import org.radarbase.appserver.dto.fcm.FcmDataMessageDto; import org.radarbase.appserver.dto.fcm.FcmDataMessages; import org.radarbase.appserver.service.FcmDataMessageService; @@ -59,12 +59,12 @@ public FcmDataMessageController(FcmDataMessageService dataMessageService) { } @GetMapping("/" + PathsUtil.MESSAGING_DATA_PATH) - @Authorized(permission = AuthPermissions.READ, entity = AuthEntities.PROJECT) + @Authorized(permission = AuthPermission.Constants.READ, entity = AuthEntities.Constants.PROJECT) public ResponseEntity getAllDataMessages() { return ResponseEntity.ok(this.dataMessageService.getAllDataMessages()); } - @Authorized(permission = AuthPermissions.READ, entity = AuthEntities.SUBJECT) + @Authorized(permission = AuthPermission.Constants.READ, entity = AuthEntities.Constants.SUBJECT) @GetMapping("/" + PathsUtil.MESSAGING_DATA_PATH + "/{id}") public ResponseEntity getDataMessageUsingId(@Valid @PathVariable Long id) { return ResponseEntity.ok(this.dataMessageService.getDataMessageById(id)); @@ -72,7 +72,7 @@ public ResponseEntity getDataMessageUsingId(@Valid @PathVaria // TODO: get notifications/data messages based on other params. Maybe use projections ? @GetMapping("/" + PathsUtil.MESSAGING_DATA_PATH + "/filtered") - @Authorized(permission = AuthPermissions.READ, entity = AuthEntities.PROJECT) + @Authorized(permission = AuthPermission.Constants.READ, entity = AuthEntities.Constants.PROJECT) public ResponseEntity getFilteredDataMessages( @Valid @RequestParam(value = "type", required = false) String type, @Valid @RequestParam(value = "delivered", required = false) boolean delivered, @@ -86,8 +86,8 @@ public ResponseEntity getFilteredDataMessages( } @Authorized( - permission = AuthPermissions.READ, - entity = AuthEntities.SUBJECT, + permission = AuthPermission.Constants.READ, + entity = AuthEntities.Constants.SUBJECT, permissionOn = PermissionOn.SUBJECT) @GetMapping( value = @@ -108,8 +108,8 @@ public ResponseEntity getDataMessagesUsingProjectIdAndSubjectId } @Authorized( - permission = AuthPermissions.READ, - entity = AuthEntities.SUBJECT, + permission = AuthPermission.Constants.READ, + entity = AuthEntities.Constants.SUBJECT, permissionOn = PermissionOn.PROJECT) @GetMapping( "/" @@ -124,8 +124,8 @@ public ResponseEntity getDataMessagesUsingProjectId( } @Authorized( - permission = AuthPermissions.UPDATE, - entity = AuthEntities.SUBJECT, + permission = AuthPermission.Constants.UPDATE, + entity = AuthEntities.Constants.SUBJECT, permissionOn = PermissionOn.SUBJECT) @PostMapping( "/" @@ -151,8 +151,8 @@ public ResponseEntity addSingleDataMessage( } @Authorized( - permission = AuthPermissions.UPDATE, - entity = AuthEntities.SUBJECT, + permission = AuthPermission.Constants.UPDATE, + entity = AuthEntities.Constants.SUBJECT, permissionOn = PermissionOn.SUBJECT) @PostMapping( "/" @@ -175,8 +175,8 @@ public ResponseEntity addBatchDataMessages( } @Authorized( - permission = AuthPermissions.UPDATE, - entity = AuthEntities.SUBJECT, + permission = AuthPermission.Constants.UPDATE, + entity = AuthEntities.Constants.SUBJECT, permissionOn = PermissionOn.SUBJECT) @PutMapping( "/" @@ -199,8 +199,8 @@ public ResponseEntity updateDataMessage( } @Authorized( - permission = AuthPermissions.UPDATE, - entity = AuthEntities.SUBJECT, + permission = AuthPermission.Constants.UPDATE, + entity = AuthEntities.Constants.SUBJECT, permissionOn = PermissionOn.SUBJECT) @DeleteMapping( "/" @@ -223,8 +223,8 @@ public ResponseEntity deleteDataMessagesForUser( } @Authorized( - permission = AuthPermissions.UPDATE, - entity = AuthEntities.SUBJECT, + permission = AuthPermission.Constants.UPDATE, + entity = AuthEntities.Constants.SUBJECT, permissionOn = PermissionOn.SUBJECT) @DeleteMapping( "/" diff --git a/src/main/java/org/radarbase/appserver/controller/FcmNotificationController.java b/src/main/java/org/radarbase/appserver/controller/FcmNotificationController.java index 11f42e87..70cd2b7a 100644 --- a/src/main/java/org/radarbase/appserver/controller/FcmNotificationController.java +++ b/src/main/java/org/radarbase/appserver/controller/FcmNotificationController.java @@ -25,8 +25,8 @@ import java.net.URISyntaxException; import java.time.LocalDateTime; import jakarta.validation.Valid; -import org.radarbase.appserver.config.AuthConfig.AuthEntities; -import org.radarbase.appserver.config.AuthConfig.AuthPermissions; +import org.radarbase.appserver.config.AuthEntities; +import org.radarbase.appserver.config.AuthPermission; import org.radarbase.appserver.dto.fcm.FcmNotificationDto; import org.radarbase.appserver.dto.fcm.FcmNotifications; import org.radarbase.appserver.service.FcmNotificationService; @@ -58,19 +58,19 @@ public FcmNotificationController(FcmNotificationService notificationService) { this.notificationService = notificationService; } - @Authorized(permission = AuthPermissions.READ, entity = AuthEntities.PROJECT) + @Authorized(permission = AuthPermission.Constants.READ, entity = AuthEntities.Constants.PROJECT) @GetMapping("/" + PathsUtil.MESSAGING_NOTIFICATION_PATH) public ResponseEntity getAllNotifications() { return ResponseEntity.ok(this.notificationService.getAllNotifications()); } - @Authorized(permission = AuthPermissions.UPDATE, entity = AuthEntities.SUBJECT) + @Authorized(permission = AuthPermission.Constants.UPDATE, entity = AuthEntities.Constants.SUBJECT) @GetMapping("/" + PathsUtil.MESSAGING_NOTIFICATION_PATH + "/{id}") public ResponseEntity getNotificationUsingId(@Valid @PathVariable Long id) { return ResponseEntity.ok(this.notificationService.getNotificationById(id)); } // TODO: get notifications based on other params. Maybe use projections ? - @Authorized(permission = AuthPermissions.READ, entity = AuthEntities.PROJECT) + @Authorized(permission = AuthPermission.Constants.READ, entity = AuthEntities.Constants.PROJECT) @GetMapping("/" + PathsUtil.MESSAGING_NOTIFICATION_PATH + "/filtered") public ResponseEntity getFilteredNotifications( @Valid @RequestParam(value = "type", required = false) String type, @@ -85,8 +85,8 @@ public ResponseEntity getFilteredNotifications( } @Authorized( - permission = AuthPermissions.READ, - entity = AuthEntities.SUBJECT, + permission = AuthPermission.Constants.READ, + entity = AuthEntities.Constants.SUBJECT, permissionOn = PermissionOn.SUBJECT) @GetMapping( value = @@ -107,8 +107,8 @@ public ResponseEntity getNotificationsUsingProjectIdAndSubject } @Authorized( - permission = AuthPermissions.READ, - entity = AuthEntities.SUBJECT, + permission = AuthPermission.Constants.READ, + entity = AuthEntities.Constants.SUBJECT, permissionOn = PermissionOn.PROJECT) @GetMapping( "/" @@ -123,8 +123,8 @@ public ResponseEntity getNotificationsUsingProjectId( } @Authorized( - permission = AuthPermissions.UPDATE, - entity = AuthEntities.SUBJECT, + permission = AuthPermission.Constants.UPDATE, + entity = AuthEntities.Constants.SUBJECT, permissionOn = PermissionOn.SUBJECT) @PostMapping( "/" @@ -151,8 +151,8 @@ public ResponseEntity addSingleNotification( } @Authorized( - permission = AuthPermissions.UPDATE, - entity = AuthEntities.SUBJECT, + permission = AuthPermission.Constants.UPDATE, + entity = AuthEntities.Constants.SUBJECT, permissionOn = PermissionOn.SUBJECT) @PostMapping( "/" @@ -175,8 +175,8 @@ public ResponseEntity scheduleUserNotifications( } @Authorized( - permission = AuthPermissions.UPDATE, - entity = AuthEntities.SUBJECT, + permission = AuthPermission.Constants.UPDATE, + entity = AuthEntities.Constants.SUBJECT, permissionOn = PermissionOn.SUBJECT) @PostMapping( "/" @@ -202,8 +202,8 @@ public ResponseEntity scheduleUserNotification( } @Authorized( - permission = AuthPermissions.UPDATE, - entity = AuthEntities.SUBJECT, + permission = AuthPermission.Constants.UPDATE, + entity = AuthEntities.Constants.SUBJECT, permissionOn = PermissionOn.SUBJECT) @PostMapping( "/" @@ -227,8 +227,8 @@ public ResponseEntity addBatchNotifications( } @Authorized( - permission = AuthPermissions.UPDATE, - entity = AuthEntities.SUBJECT, + permission = AuthPermission.Constants.UPDATE, + entity = AuthEntities.Constants.SUBJECT, permissionOn = PermissionOn.SUBJECT) @PutMapping( "/" @@ -251,8 +251,8 @@ public ResponseEntity updateNotification( } @Authorized( - permission = AuthPermissions.UPDATE, - entity = AuthEntities.SUBJECT, + permission = AuthPermission.Constants.UPDATE, + entity = AuthEntities.Constants.SUBJECT, permissionOn = PermissionOn.SUBJECT) @DeleteMapping( "/" @@ -275,8 +275,8 @@ public ResponseEntity deleteNotificationsForUser( } @Authorized( - permission = AuthPermissions.UPDATE, - entity = AuthEntities.SUBJECT, + permission = AuthPermission.Constants.UPDATE, + entity = AuthEntities.Constants.SUBJECT, permissionOn = PermissionOn.SUBJECT) @DeleteMapping( "/" @@ -300,8 +300,8 @@ public ResponseEntity deleteNotificationUsingProjectIdAndSubjectIdAndNotificatio } @Authorized( - permission = AuthPermissions.UPDATE, - entity = AuthEntities.SUBJECT, + permission = AuthPermission.Constants.UPDATE, + entity = AuthEntities.Constants.SUBJECT, permissionOn = PermissionOn.SUBJECT) @DeleteMapping( "/" diff --git a/src/main/java/org/radarbase/appserver/controller/GithubEndpoint.java b/src/main/java/org/radarbase/appserver/controller/GithubEndpoint.java index 67bac71d..b40ac292 100644 --- a/src/main/java/org/radarbase/appserver/controller/GithubEndpoint.java +++ b/src/main/java/org/radarbase/appserver/controller/GithubEndpoint.java @@ -21,7 +21,8 @@ package org.radarbase.appserver.controller; -import org.radarbase.appserver.config.AuthConfig; +import org.radarbase.appserver.config.AuthEntities; +import org.radarbase.appserver.config.AuthPermission; import org.radarbase.appserver.service.GithubService; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.http.HttpStatus; @@ -46,8 +47,8 @@ public GithubEndpoint(GithubService githubService) { } @Authorized( - permission = AuthConfig.AuthPermissions.READ, - entity = AuthConfig.AuthEntities.SUBJECT) + permission = AuthPermission.Constants.READ, + entity = AuthEntities.Constants.SUBJECT) @GetMapping("/" + PathsUtil.GITHUB_PATH + "/" + diff --git a/src/main/java/org/radarbase/appserver/controller/NotificationStateEventController.java b/src/main/java/org/radarbase/appserver/controller/NotificationStateEventController.java index 3deb789b..e4452094 100644 --- a/src/main/java/org/radarbase/appserver/controller/NotificationStateEventController.java +++ b/src/main/java/org/radarbase/appserver/controller/NotificationStateEventController.java @@ -23,8 +23,8 @@ import java.util.List; import javax.naming.SizeLimitExceededException; -import org.radarbase.appserver.config.AuthConfig.AuthEntities; -import org.radarbase.appserver.config.AuthConfig.AuthPermissions; +import org.radarbase.appserver.config.AuthEntities; +import org.radarbase.appserver.config.AuthPermission; import org.radarbase.appserver.dto.NotificationStateEventDto; import org.radarbase.appserver.service.NotificationStateEventService; import org.springframework.http.ResponseEntity; @@ -48,7 +48,7 @@ public NotificationStateEventController( this.notificationStateEventService = notificationStateEventService; } - @Authorized(permission = AuthPermissions.READ, entity = AuthEntities.PROJECT) + @Authorized(permission = AuthPermissions.Constants.READ, entity = AuthEntities.Constants.PROJECT) @GetMapping( value = "/" @@ -64,8 +64,8 @@ public ResponseEntity> getNotificationStateEvent } @Authorized( - permission = AuthPermissions.READ, - entity = AuthEntities.SUBJECT, + permission = AuthPermissions.Constants.READ, + entity = AuthEntities.Constants.SUBJECT, permissionOn = PermissionOn.SUBJECT) @GetMapping( value = @@ -93,8 +93,8 @@ public ResponseEntity> getNotificationStateEvent } @Authorized( - permission = AuthPermissions.UPDATE, - entity = AuthEntities.SUBJECT, + permission = AuthPermissions.Constants.UPDATE, + entity = AuthEntities.Constants.SUBJECT, permissionOn = PermissionOn.SUBJECT) @PostMapping( value = diff --git a/src/main/java/org/radarbase/appserver/controller/ProtocolEndpoint.java b/src/main/java/org/radarbase/appserver/controller/ProtocolEndpoint.java index 89d1859e..a33511e0 100644 --- a/src/main/java/org/radarbase/appserver/controller/ProtocolEndpoint.java +++ b/src/main/java/org/radarbase/appserver/controller/ProtocolEndpoint.java @@ -27,8 +27,8 @@ import jakarta.validation.constraints.Size; import org.radarbase.appserver.dto.protocol.Protocol; import org.radarbase.appserver.service.questionnaire.protocol.ProtocolGenerator; -import org.radarbase.appserver.config.AuthConfig.AuthEntities; -import org.radarbase.appserver.config.AuthConfig.AuthPermissions; +import org.radarbase.appserver.config.AuthEntities; +import org.radarbase.appserver.config.AuthPermission; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.web.bind.annotation.CrossOrigin; import org.springframework.web.bind.annotation.GetMapping; @@ -49,7 +49,7 @@ public ProtocolEndpoint(ProtocolGenerator protocolGenerator) { } @GetMapping("/" + PathsUtil.PROTOCOL_PATH) - @Authorized(permission = AuthPermissions.READ, entity = AuthEntities.PROJECT) + @Authorized(permission = AuthPermission.Constants.READ, entity = AuthEntities.Constants.PROJECT) public @Size(max = 100) Map getProtocols() { return this.protocolGenerator.getAllProtocols(); } @@ -67,8 +67,8 @@ public ProtocolEndpoint(ProtocolGenerator protocolGenerator) { + "/" + PathsUtil.PROTOCOL_PATH) @Authorized( - permission = AuthPermissions.READ, - entity = AuthEntities.SUBJECT, + permission = AuthPermission.Constants.READ, + entity = AuthEntities.Constants.SUBJECT, permissionOn = PermissionOn.PROJECT) public Protocol getProtocolUsingProjectIdAndSubjectId( @Valid @PathVariable String projectId, @Valid @PathVariable String subjectId) { @@ -82,7 +82,7 @@ public Protocol getProtocolUsingProjectIdAndSubjectId( + PathsUtil.PROJECT_ID_CONSTANT + "/" + PathsUtil.PROTOCOL_PATH) - @Authorized(permission = AuthPermissions.READ, entity = AuthEntities.PROJECT) + @Authorized(permission = AuthPermission.Constants.READ, entity = AuthEntities.Constants.PROJECT) public Protocol getProtocolUsingProjectId( @Valid @PathVariable String projectId) throws IOException { return this.protocolGenerator.getProtocol(projectId); diff --git a/src/main/java/org/radarbase/appserver/controller/QuestionnaireScheduleEndpoint.java b/src/main/java/org/radarbase/appserver/controller/QuestionnaireScheduleEndpoint.java index 109c6337..ba650d66 100644 --- a/src/main/java/org/radarbase/appserver/controller/QuestionnaireScheduleEndpoint.java +++ b/src/main/java/org/radarbase/appserver/controller/QuestionnaireScheduleEndpoint.java @@ -23,11 +23,10 @@ import org.radarbase.appserver.dto.protocol.Assessment; import org.radarbase.appserver.dto.protocol.AssessmentType; -import org.radarbase.appserver.dto.questionnaire.Schedule; import org.radarbase.appserver.entity.Task; import org.radarbase.appserver.service.QuestionnaireScheduleService; -import org.radarbase.appserver.config.AuthConfig.AuthEntities; -import org.radarbase.appserver.config.AuthConfig.AuthPermissions; +import org.radarbase.appserver.config.AuthEntities; +import org.radarbase.appserver.config.AuthPermission; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.http.HttpStatus; import org.springframework.http.ResponseEntity; @@ -66,7 +65,7 @@ public QuestionnaireScheduleEndpoint(QuestionnaireScheduleService scheduleServic + PathsUtil.SUBJECT_ID_CONSTANT + "/" + PathsUtil.QUESTIONNAIRE_SCHEDULE_PATH) - @Authorized(permission = AuthPermissions.UPDATE, entity = AuthEntities.SUBJECT) + @Authorized(permission = AuthPermission.Constants.UPDATE, entity = AuthEntities.Constants.SUBJECT) public ResponseEntity generateScheduleUsingProjectIdAndSubjectId( @Valid @PathVariable String projectId, @Valid @PathVariable String subjectId) @@ -87,7 +86,7 @@ public ResponseEntity generateScheduleUsingProjectIdAndSubjectId( + PathsUtil.SUBJECT_ID_CONSTANT + "/" + PathsUtil.QUESTIONNAIRE_SCHEDULE_PATH) - @Authorized(permission = AuthPermissions.UPDATE, entity = AuthEntities.SUBJECT) + @Authorized(permission = AuthPermission.Constants.UPDATE, entity = AuthEntities.Constants.SUBJECT) public ResponseEntity generateScheduleUsingProtocol( @PathVariable String projectId, @PathVariable String subjectId, @@ -115,7 +114,7 @@ public ResponseEntity generateScheduleUsingProtocol( + PathsUtil.SUBJECT_ID_CONSTANT + "/" + PathsUtil.QUESTIONNAIRE_SCHEDULE_PATH) - @Authorized(permission = AuthPermissions.READ, entity = AuthEntities.SUBJECT) + @Authorized(permission = AuthPermission.Constants.READ, entity = AuthEntities.Constants.SUBJECT) public List getScheduleUsingProjectIdAndSubjectId( @Valid @PathVariable String projectId, @Valid @PathVariable String subjectId, @@ -145,7 +144,7 @@ public List getScheduleUsingProjectIdAndSubjectId( + PathsUtil.SUBJECT_ID_CONSTANT + "/" + PathsUtil.QUESTIONNAIRE_SCHEDULE_PATH) - @Authorized(permission = AuthPermissions.UPDATE, entity = AuthEntities.SUBJECT) + @Authorized(permission = AuthPermission.Constants.UPDATE, entity = AuthEntities.Constants.SUBJECT) public ResponseEntity deleteScheduleForUser( @PathVariable String projectId, @PathVariable String subjectId, diff --git a/src/main/java/org/radarbase/appserver/controller/RadarProjectController.java b/src/main/java/org/radarbase/appserver/controller/RadarProjectController.java index ba1e321f..c4834f89 100644 --- a/src/main/java/org/radarbase/appserver/controller/RadarProjectController.java +++ b/src/main/java/org/radarbase/appserver/controller/RadarProjectController.java @@ -30,8 +30,8 @@ import jakarta.validation.Valid; import jakarta.websocket.server.PathParam; import lombok.extern.slf4j.Slf4j; -import org.radarbase.appserver.config.AuthConfig.AuthEntities; -import org.radarbase.appserver.config.AuthConfig.AuthPermissions; +import org.radarbase.appserver.config.AuthEntities; +import org.radarbase.appserver.config.AuthPermission; import org.radarbase.appserver.dto.ProjectDto; import org.radarbase.appserver.dto.ProjectDtos; import org.radarbase.appserver.service.ProjectService; @@ -80,7 +80,7 @@ public RadarProjectController( * @return The updated Project DTO. Throws {@link * org.radarbase.appserver.exception.NotFoundException} if project was not found. */ - @Authorized(permission = AuthPermissions.READ, entity = AuthEntities.SUBJECT) + @Authorized(permission = AuthPermission.Constants.READ, entity = AuthEntities.Constants.SUBJECT) @PostMapping( value = "/" + PathsUtil.PROJECT_PATH, consumes = {MediaType.APPLICATION_JSON_VALUE}) @@ -120,8 +120,8 @@ public ResponseEntity addProject( * org.radarbase.appserver.exception.NotFoundException} if project was not found. */ @Authorized( - permission = AuthPermissions.UPDATE, - entity = AuthEntities.SUBJECT, + permission = AuthPermissions.Constants.UPDATE, + entity = AuthEntities.Constants.SUBJECT, permissionOn = PermissionOn.PROJECT) @PutMapping( value = "/" + PathsUtil.PROJECT_PATH + "/" + PathsUtil.PROJECT_ID_CONSTANT, @@ -133,7 +133,7 @@ public ResponseEntity updateProject( return ResponseEntity.ok(projectDto1); } - @Authorized(permission = AuthPermissions.READ, entity = AuthEntities.PROJECT) + @Authorized(permission = AuthPermission.Constants.READ, entity = AuthEntities.Constants.PROJECT) @GetMapping("/" + PathsUtil.PROJECT_PATH) public ResponseEntity getAllProjects(HttpServletRequest request) { @@ -147,8 +147,8 @@ public ResponseEntity getAllProjects(HttpServletRequest request) { project -> authorization.hasPermission( (RadarToken) request.getAttribute(AuthAspect.TOKEN_KEY), - AuthPermissions.READ, - AuthEntities.PROJECT, + AuthPermission.READ.name(), + AuthEntities.PROJECT.name(), PermissionOn.PROJECT, project.getProjectId(), null, @@ -161,7 +161,7 @@ public ResponseEntity getAllProjects(HttpServletRequest request) { } // TODO think about plain authorized - @Authorized(permission = AuthPermissions.READ, entity = AuthEntities.PROJECT) + @Authorized(permission = AuthPermissions.Constants.READ, entity = AuthEntities.Constants.PROJECT) @GetMapping("/" + PathsUtil.PROJECT_PATH + "/project") public ResponseEntity getProjectsUsingId( HttpServletRequest request, @Valid @PathParam("id") Long id) { @@ -170,8 +170,8 @@ public ResponseEntity getProjectsUsingId( RadarToken token = (RadarToken) request.getAttribute(AuthAspect.TOKEN_KEY); if (authorization.hasPermission( token, - AuthPermissions.READ, - AuthEntities.PROJECT, + AuthPermissions.READ.name(), + AuthEntities.PROJECT.name(), PermissionOn.PROJECT, projectDto.getProjectId(), null, @@ -187,8 +187,8 @@ public ResponseEntity getProjectsUsingId( } @Authorized( - permission = AuthPermissions.READ, - entity = AuthEntities.SUBJECT, + permission = AuthPermission.Constants.READ, + entity = AuthEntities.Constants.SUBJECT, permissionOn = PermissionOn.PROJECT) @GetMapping("/" + PathsUtil.PROJECT_PATH + "/" + PathsUtil.PROJECT_ID_CONSTANT) public ResponseEntity getProjectsUsingProjectId( diff --git a/src/main/java/org/radarbase/appserver/controller/RadarUserController.java b/src/main/java/org/radarbase/appserver/controller/RadarUserController.java index 63386502..2a3af855 100644 --- a/src/main/java/org/radarbase/appserver/controller/RadarUserController.java +++ b/src/main/java/org/radarbase/appserver/controller/RadarUserController.java @@ -28,8 +28,8 @@ import jakarta.servlet.http.HttpServletRequest; import jakarta.validation.Valid; import jakarta.websocket.server.PathParam; -import org.radarbase.appserver.config.AuthConfig.AuthEntities; -import org.radarbase.appserver.config.AuthConfig.AuthPermissions; +import org.radarbase.appserver.config.AuthEntities; +import org.radarbase.appserver.config.AuthPermission; import org.radarbase.appserver.dto.fcm.FcmUserDto; import org.radarbase.appserver.dto.fcm.FcmUsers; import org.radarbase.appserver.exception.InvalidUserDetailsException; @@ -72,7 +72,7 @@ public RadarUserController( this.authorization = authorization.orElse(null); } - @Authorized(permission = AuthPermissions.UPDATE, entity = AuthEntities.SUBJECT) + @Authorized(permission = AuthPermission.Constants.UPDATE, entity = AuthEntities.Constants.SUBJECT) @PostMapping( "/" + PathsUtil.PROJECT_PATH @@ -92,8 +92,8 @@ public ResponseEntity addUserToProject( RadarToken token = (RadarToken) request.getAttribute(AuthAspect.TOKEN_KEY); if (authorization.hasPermission( token, - AuthPermissions.UPDATE, - AuthEntities.SUBJECT, + AuthPermission.UPDATE.name(), + AuthEntities.SUBJECT.name(), PermissionOn.SUBJECT, projectId, userDto.getSubjectId(), @@ -116,8 +116,8 @@ public ResponseEntity addUserToProject( } @Authorized( - permission = AuthPermissions.UPDATE, - entity = AuthEntities.SUBJECT, + permission = AuthPermission.Constants.UPDATE, + entity = AuthEntities.Constants.SUBJECT, permissionOn = PermissionOn.SUBJECT) @PutMapping( "/" @@ -140,7 +140,7 @@ public ResponseEntity updateUserInProject( return ResponseEntity.ok(user); } - @Authorized(permission = AuthPermissions.READ, entity = AuthEntities.SUBJECT) + @Authorized(permission = AuthPermission.Constants.READ, entity = AuthEntities.Constants.SUBJECT) @GetMapping("/" + PathsUtil.USER_PATH) public ResponseEntity getAllRadarUsers(HttpServletRequest request) { FcmUsers users = this.userService.getAllRadarUsers(); @@ -154,8 +154,8 @@ public ResponseEntity getAllRadarUsers(HttpServletRequest request) { user -> authorization.hasPermission( (RadarToken) request.getAttribute(AuthAspect.TOKEN_KEY), - AuthPermissions.READ, - AuthEntities.SUBJECT, + AuthPermission.READ.name(), + AuthEntities.SUBJECT.name(), PermissionOn.SUBJECT, user.getProjectId(), user.getSubjectId(), @@ -167,7 +167,7 @@ public ResponseEntity getAllRadarUsers(HttpServletRequest request) { } } - @Authorized(permission = AuthPermissions.READ, entity = AuthEntities.SUBJECT) + @Authorized(permission = AuthPermission.Constants.READ, entity = AuthEntities.Constants.SUBJECT) @GetMapping("/" + PathsUtil.USER_PATH + "/user") public ResponseEntity getRadarUserUsingId( HttpServletRequest request, @PathParam("id") Long id) { @@ -179,7 +179,7 @@ public ResponseEntity getRadarUserUsingId( return getFcmUserDtoResponseEntity(request, userDto); } - @Authorized(permission = AuthPermissions.READ, entity = AuthEntities.SUBJECT) + @Authorized(permission = AuthPermission.Constants.READ, entity = AuthEntities.Constants.SUBJECT) @GetMapping("/" + PathsUtil.USER_PATH + "/" + PathsUtil.SUBJECT_ID_CONSTANT) public ResponseEntity getRadarUserUsingSubjectId( HttpServletRequest request, @PathVariable String subjectId) { @@ -194,8 +194,8 @@ private ResponseEntity getFcmUserDtoResponseEntity( RadarToken token = (RadarToken) request.getAttribute(AuthAspect.TOKEN_KEY); if (authorization.hasPermission( token, - AuthPermissions.READ, - AuthEntities.SUBJECT, + AuthPermission.READ.name(), + AuthEntities.SUBJECT.name(), PermissionOn.SUBJECT, userDto.getProjectId(), userDto.getSubjectId(), @@ -211,8 +211,8 @@ private ResponseEntity getFcmUserDtoResponseEntity( } @Authorized( - permission = AuthPermissions.READ, - entity = AuthEntities.SUBJECT, + permission = AuthPermission.Constants.READ, + entity = AuthEntities.Constants.SUBJECT, permissionOn = PermissionOn.PROJECT) @GetMapping( "/" @@ -226,8 +226,8 @@ public ResponseEntity getUsersUsingProjectId(@Valid @PathVariable Stri } @Authorized( - permission = AuthPermissions.READ, - entity = AuthEntities.SUBJECT, + permission = AuthPermission.Constants.READ, + entity = AuthEntities.Constants.SUBJECT, permissionOn = PermissionOn.SUBJECT) @GetMapping( "/" @@ -246,8 +246,8 @@ public ResponseEntity getUsersUsingProjectIdAndSubjectId( } @Authorized( - permission = AuthPermissions.UPDATE, - entity = AuthEntities.SUBJECT, + permission = AuthPermission.Constants.UPDATE, + entity = AuthEntities.Constants.SUBJECT, permissionOn = PermissionOn.SUBJECT) @DeleteMapping( "/" diff --git a/src/main/java/org/radarbase/appserver/controller/TaskStateEventController.java b/src/main/java/org/radarbase/appserver/controller/TaskStateEventController.java index 48bdda61..e5e43166 100644 --- a/src/main/java/org/radarbase/appserver/controller/TaskStateEventController.java +++ b/src/main/java/org/radarbase/appserver/controller/TaskStateEventController.java @@ -21,19 +21,16 @@ package org.radarbase.appserver.controller; -import org.radarbase.appserver.config.AuthConfig.AuthEntities; -import org.radarbase.appserver.config.AuthConfig.AuthPermissions; +import org.radarbase.appserver.config.AuthEntities; +import org.radarbase.appserver.config.AuthPermission; import org.radarbase.appserver.dto.TaskStateEventDto; import org.radarbase.appserver.service.TaskStateEventService; import org.springframework.http.ResponseEntity; import org.springframework.web.bind.annotation.CrossOrigin; -import org.springframework.web.bind.annotation.DeleteMapping; import org.springframework.web.bind.annotation.GetMapping; import org.springframework.web.bind.annotation.PathVariable; import org.springframework.web.bind.annotation.PostMapping; -import org.springframework.web.bind.annotation.PutMapping; import org.springframework.web.bind.annotation.RequestBody; -import org.springframework.web.bind.annotation.RequestParam; import org.springframework.web.bind.annotation.RestController; import radar.spring.auth.common.Authorized; import radar.spring.auth.common.PermissionOn; @@ -52,7 +49,7 @@ public TaskStateEventController( this.taskStateEventService = taskStateEventService; } - @Authorized(permission = AuthPermissions.UPDATE, entity = AuthEntities.SUBJECT) + @Authorized(permission = AuthPermission.Constants.UPDATE, entity = AuthEntities.Constants.SUBJECT) @GetMapping( value = "/" @@ -67,8 +64,8 @@ public ResponseEntity> getTaskStateEventsByTaskId( } @Authorized( - permission = AuthPermissions.UPDATE, - entity = AuthEntities.SUBJECT, + permission = AuthPermission.Constants.UPDATE, + entity = AuthEntities.Constants.SUBJECT, permissionOn = PermissionOn.SUBJECT) @GetMapping( value = @@ -94,8 +91,8 @@ public ResponseEntity> getTaskStateEvents( } @Authorized( - permission = AuthPermissions.UPDATE, - entity = AuthEntities.SUBJECT, + permission = AuthPermission.Constants.UPDATE, + entity = AuthEntities.Constants.SUBJECT, permissionOn = PermissionOn.SUBJECT) @PostMapping( value = diff --git a/src/main/java/org/radarbase/appserver/controller/UploadController.java b/src/main/java/org/radarbase/appserver/controller/UploadController.java index 5a7afe49..e9a601a3 100644 --- a/src/main/java/org/radarbase/appserver/controller/UploadController.java +++ b/src/main/java/org/radarbase/appserver/controller/UploadController.java @@ -1,10 +1,8 @@ package org.radarbase.appserver.controller; -import jakarta.servlet.http.HttpServletRequest; -import jakarta.validation.Valid; import lombok.extern.slf4j.Slf4j; -import org.radarbase.appserver.config.AuthConfig.AuthEntities; -import org.radarbase.appserver.config.AuthConfig.AuthPermissions; +import org.radarbase.appserver.config.AuthEntities; +import org.radarbase.appserver.config.AuthPermission; import org.radarbase.appserver.dto.FilePathDto; import org.radarbase.appserver.service.StorageService; import org.springframework.beans.factory.annotation.Autowired; @@ -14,11 +12,9 @@ import org.springframework.web.bind.annotation.CrossOrigin; import org.springframework.web.bind.annotation.PathVariable; import org.springframework.web.bind.annotation.PostMapping; -import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestParam; import org.springframework.web.bind.annotation.RestController; import org.springframework.web.multipart.MultipartFile; -import org.springframework.web.servlet.mvc.support.RedirectAttributes; import radar.spring.auth.common.Authorized; /** @@ -35,7 +31,7 @@ public class UploadController { @Autowired private StorageService storageService; - @Authorized(permission = AuthPermissions.CREATE, entity = AuthEntities.MEASUREMENT) + @Authorized(permission = AuthPermission.Constants.CREATE, entity = AuthEntities.Constants.MEASUREMENT) @PostMapping( "/" + PathsUtil.PROJECT_PATH + "/" + PathsUtil.PROJECT_ID_CONSTANT + "/" + PathsUtil.USER_PATH + "/" + PathsUtil.SUBJECT_ID_CONSTANT +