本文整理汇总了Java中org.springframework.security.access.prepost.PreAuthorize类的典型用法代码示例。如果您正苦于以下问题:Java PreAuthorize类的具体用法?Java PreAuthorize怎么用?Java PreAuthorize使用的例子?那么, 这里精选的类代码示例或许可以为您提供帮助。
PreAuthorize类属于org.springframework.security.access.prepost包,在下文中一共展示了PreAuthorize类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: globalsettingsHolidaysYearPost
import org.springframework.security.access.prepost.PreAuthorize; //导入依赖的package包/类
@Override
@PreAuthorize("hasAuthority('admin')")
public ResponseEntity<Object> globalsettingsHolidaysYearPost( @Min(2000) @Max(2100)@ApiParam(value = "",required=true ) @PathVariable("year") Integer year,
@ApiParam(value = "The holidays to set" ,required=true ) @Valid @RequestBody Holidays holidays) throws ApiException {
try {
globalsettingsService.setHolidays(year, holidays);
return new ResponseEntity<>(HttpStatus.NO_CONTENT);
} catch (OptimisticLockException ex) {
try {
Holidays lastHolidays = globalsettingsService.getHolidays(year);
throw new ConcurrentModificationException(409, "Concurrent modification error.", lastHolidays);
} catch (ApiException ex1) {
Logger.getLogger(SettingsApiController.class.getName()).log(Level.SEVERE, null, ex1);
throw new ApiException(500, "Concurrent modification exception: internal error");
}
}
}
示例2: findInfoByFrom
import org.springframework.security.access.prepost.PreAuthorize; //导入依赖的package包/类
@PreAuthorize("hasAnyAuthority('SYS_ADMIN', 'TENANT_ADMIN', 'CUSTOMER_USER')")
@RequestMapping(value = "/relations/info", method = RequestMethod.GET, params = { "fromId", "fromType" })
@ResponseBody
public List<EntityRelationInfo> findInfoByFrom(@RequestParam("fromId") String strFromId,
@RequestParam("fromType") String strFromType,
@RequestParam(value = "relationTypeGroup", required = false) String strRelationTypeGroup) throws IoTPException {
checkParameter("fromId", strFromId);
checkParameter("fromType", strFromType);
EntityId entityId = EntityIdFactory.getByTypeAndId(strFromType, strFromId);
checkEntityId(entityId);
RelationTypeGroup typeGroup = parseRelationTypeGroup(strRelationTypeGroup, RelationTypeGroup.COMMON);
try {
return checkNotNull(relationService.findInfoByFrom(entityId, typeGroup).get());
} catch (Exception e) {
throw handleException(e);
}
}
示例3: deleteImage
import org.springframework.security.access.prepost.PreAuthorize; //导入依赖的package包/类
@PreAuthorize("hasRole('ADMIN') or " +
"@imageRepository.findByName(#filename).owner " +
"== authentication.name")
public Mono<Void> deleteImage(String filename) {
// end::delete[]
Mono<Void> deleteDatabaseImage = imageRepository
.findByName(filename)
.log("deleteImage-find")
.flatMap(imageRepository::delete)
.log("deleteImage-record");
Mono<Object> deleteFile = Mono.fromRunnable(() -> {
try {
Files.deleteIfExists(Paths.get(UPLOAD_ROOT, filename));
} catch (IOException e) {
throw new RuntimeException(e);
}
})
.log("deleteImage-file");
return Mono.when(deleteDatabaseImage, deleteFile)
.log("deleteImage-when")
.then()
.log("deleteImage-done");
}
示例4: cartToMetalink
import org.springframework.security.access.prepost.PreAuthorize; //导入依赖的package包/类
@PreAuthorize ("hasRole('ROLE_DOWNLOAD')")
@RequestMapping (value = "/cart")
public void cartToMetalink (Principal principal, HttpServletResponse res)
throws UserNotExistingException, IOException,
ParserConfigurationException, TransformerException
{
User user = (User)((UsernamePasswordAuthenticationToken)principal).
getPrincipal ();
if (!productCartService.hasProducts(user.getUUID()))
return;
res.setContentType ("application/metalink+xml");
res.setHeader ("Content-Disposition",
"inline; filename=products"+MetalinkBuilder.FILE_EXTENSION);
res.getWriter ().println(makeMetalinkDocument (
productCartService.getProductsOfCart(user.getUUID(), -1, -1)));
}
示例5: save
import org.springframework.security.access.prepost.PreAuthorize; //导入依赖的package包/类
@Override
@PreAuthorize("checkPermission('EventDateMappingEdit')")
public void save(Record record, SessionContext context, Session hibSession) {
try {
Formats.Format<Date> dateFormat = Formats.getDateFormat(Formats.Pattern.DATE_EVENT);
EventDateMapping mapping = new EventDateMapping();
mapping.setSession(SessionDAO.getInstance().get(context.getUser().getCurrentAcademicSessionId()));
mapping.setClassDate(dateFormat.parse(record.getField(0)));
mapping.setEventDate(dateFormat.parse(record.getField(1)));
mapping.setNote(record.getField(2));
record.setUniqueId((Long)hibSession.save(mapping));
ChangeLog.addChange(hibSession,
context,
mapping,
dateFormat.format(mapping.getClassDate()) + " → " + dateFormat.format(mapping.getEventDate()),
Source.SIMPLE_EDIT,
Operation.CREATE,
null,
null);
} catch (ParseException e) {
throw new GwtRpcException(e.getMessage(), e);
}
}
示例6: updateReleaseDateContribution
import org.springframework.security.access.prepost.PreAuthorize; //导入依赖的package包/类
@ApiOperation(value = "Update the contribution of release dates")
@ApiResponses(value = {
@ApiResponse(code = 400, message = "Incorrect data in the DTO"),
@ApiResponse(code = 404, message = "No movie found or no user found"),
@ApiResponse(code = 409, message = "An ID conflict or element exists"),
})
@PreAuthorize("hasRole('ROLE_USER')")
@PutMapping(value = "/contributions/{id}/releasedates", consumes = MediaType.APPLICATION_JSON_VALUE)
@ResponseStatus(HttpStatus.NO_CONTENT)
public
void updateReleaseDateContribution(
@ApiParam(value = "The contribution ID", required = true)
@PathVariable("id") final Long id,
@ApiParam(value = "The contribution", required = true)
@RequestBody @Valid final ContributionUpdate<ReleaseDate> contribution
) {
log.info("Called with id {}, contribution {}", id, contribution);
this.movieContributionPersistenceService.updateReleaseDateContribution(contribution, id, this.authorizationService.getUserId());
}
示例7: updateStorylineContribution
import org.springframework.security.access.prepost.PreAuthorize; //导入依赖的package包/类
@ApiOperation(value = "Update the contribution of storylines")
@ApiResponses(value = {
@ApiResponse(code = 400, message = "Incorrect data in the DTO"),
@ApiResponse(code = 404, message = "No movie found or no user found"),
@ApiResponse(code = 409, message = "An ID conflict or element exists"),
})
@PreAuthorize("hasRole('ROLE_USER')")
@PutMapping(value = "/contributions/{id}/storylines", consumes = MediaType.APPLICATION_JSON_VALUE)
@ResponseStatus(HttpStatus.NO_CONTENT)
public
void updateStorylineContribution(
@ApiParam(value = "The contribution ID", required = true)
@PathVariable("id") final Long id,
@ApiParam(value = "The contribution", required = true)
@RequestBody @Valid final ContributionUpdate<Storyline> contribution
) {
log.info("Called with id {}, contribution {}", id, contribution);
this.movieContributionPersistenceService.updateStorylineContribution(contribution, id, this.authorizationService.getUserId());
}
示例8: updateBoxOfficeContribution
import org.springframework.security.access.prepost.PreAuthorize; //导入依赖的package包/类
@ApiOperation(value = "Update the contribution of box offices")
@ApiResponses(value = {
@ApiResponse(code = 400, message = "Incorrect data in the DTO"),
@ApiResponse(code = 404, message = "No movie found or no user found"),
@ApiResponse(code = 409, message = "An ID conflict or element exists"),
})
@PreAuthorize("hasRole('ROLE_USER')")
@PutMapping(value = "/contributions/{id}/boxoffices", consumes = MediaType.APPLICATION_JSON_VALUE)
@ResponseStatus(HttpStatus.NO_CONTENT)
public
void updateBoxOfficeContribution(
@ApiParam(value = "The contribution ID", required = true)
@PathVariable("id") final Long id,
@ApiParam(value = "The contribution", required = true)
@RequestBody @Valid final ContributionUpdate<BoxOffice> contribution
) {
log.info("Called with id {}, contribution {}", id, contribution);
this.movieContributionPersistenceService.updateBoxOfficeContribution(contribution, id, this.authorizationService.getUserId());
}
示例9: getCustomerAssets
import org.springframework.security.access.prepost.PreAuthorize; //导入依赖的package包/类
@PreAuthorize("hasAnyAuthority('TENANT_ADMIN', 'CUSTOMER_USER')")
@RequestMapping(value = "/customer/{customerId}/assets", params = { "limit" }, method = RequestMethod.GET)
@ResponseBody
public TextPageData<Asset> getCustomerAssets(@PathVariable("customerId") String strCustomerId,
@RequestParam int limit, @RequestParam(required = false) String type,
@RequestParam(required = false) String textSearch, @RequestParam(required = false) String idOffset,
@RequestParam(required = false) String textOffset) throws IoTPException {
checkParameter("customerId", strCustomerId);
try {
TenantId tenantId = getCurrentUser().getTenantId();
CustomerId customerId = new CustomerId(toUUID(strCustomerId));
checkCustomerId(customerId);
TextPageLink pageLink = createPageLink(limit, textSearch, idOffset, textOffset);
if (type != null && type.trim().length() > 0) {
return checkNotNull(
assetService.findAssetsByTenantIdAndCustomerIdAndType(tenantId, customerId, type, pageLink));
} else {
return checkNotNull(assetService.findAssetsByTenantIdAndCustomerId(tenantId, customerId, pageLink));
}
} catch (Exception e) {
throw handleException(e);
}
}
示例10: addShoppingListToUserByName
import org.springframework.security.access.prepost.PreAuthorize; //导入依赖的package包/类
/**
* Add new shopping list for a given user
*
* @param userName
* name of the user for which to create the new list
* @param newListName
* name of the new list
* @return newly created list
* @throws UserNotFoundException
* if user with given name doesn't exist
* @throws ListTooLongException if size of the list containing ShoppingLists would exceed limit of Short type after adding new ShoppingList
*/
@PreAuthorize("hasRole('USER')")
@Transactional(readOnly = false)
public ShoppingList addShoppingListToUserByName(String userName, String newListName) {
LOGGER.debug("addShoppingListToUserByName: user: {}, listName: {}", userName, newListName);
AppUser user = getUser(userName); //throws UserNotFoundException
// get count of user lists
short count = shoppingListRepository.countByOwnerName(userName);
if (count == Short.MAX_VALUE)
throw new ListTooLongException(ListTooLongException.listType.SHOPPING_LIST, user.getId());
count++;
ShoppingList list = user.addShoppingList(newListName, count);
list = shoppingListRepository.save(list);
LOGGER.info("addShoppingListToUserByName: Created new list: {}", list);
return list;
}
示例11: getAssetsByIds
import org.springframework.security.access.prepost.PreAuthorize; //导入依赖的package包/类
@PreAuthorize("hasAnyAuthority('TENANT_ADMIN', 'CUSTOMER_USER')")
@RequestMapping(value = "/assets", params = { "assetIds" }, method = RequestMethod.GET)
@ResponseBody
public List<Asset> getAssetsByIds(@RequestParam("assetIds") String[] strAssetIds) throws IoTPException {
checkArrayParameter("assetIds", strAssetIds);
try {
SecurityUser user = getCurrentUser();
TenantId tenantId = user.getTenantId();
CustomerId customerId = user.getCustomerId();
List<AssetId> assetIds = new ArrayList<>();
for (String strAssetId : strAssetIds) {
assetIds.add(new AssetId(toUUID(strAssetId)));
}
ListenableFuture<List<Asset>> assets;
if (customerId == null || customerId.isNullUid()) {
assets = assetService.findAssetsByTenantIdAndIdsAsync(tenantId, assetIds);
} else {
assets = assetService.findAssetsByTenantIdCustomerIdAndIdsAsync(tenantId, customerId, assetIds);
}
return checkNotNull(assets.get());
} catch (Exception e) {
throw handleException(e);
}
}
示例12: getDevicesByIds
import org.springframework.security.access.prepost.PreAuthorize; //导入依赖的package包/类
@PreAuthorize("hasAnyAuthority('TENANT_ADMIN', 'CUSTOMER_USER')")
@RequestMapping(value = "/devicetypes", params = {"devicetypeIds"}, method = RequestMethod.GET)
@ResponseBody
public List<DeviceType> getDevicesByIds(
@RequestParam("devicetypeIds") String[] strDeviceIds) throws IoTPException {
checkArrayParameter("devicetypeIds", strDeviceIds);
try {
SecurityUser user = getCurrentUser();
TenantId tenantId = user.getTenantId();
CustomerId customerId = user.getCustomerId();
List<DeviceTypeId> deviceIds = new ArrayList<>();
for (String strDeviceId : strDeviceIds) {
deviceIds.add(new DeviceTypeId(toUUID(strDeviceId)));
}
ListenableFuture<List<DeviceType>> devices;
if (customerId == null || customerId.isNullUid()) {
devices = deviceTypeService.findDevicesByTenantIdAndIdsAsync(tenantId, deviceIds);
} else {
devices = deviceTypeService.findDevicesByTenantIdCustomerIdAndIdsAsync(tenantId, customerId, deviceIds);
}
return checkNotNull(devices.get());
} catch (Exception e) {
throw handleException(e);
}
}
示例13: load
import org.springframework.security.access.prepost.PreAuthorize; //导入依赖的package包/类
@Override
@PreAuthorize("checkPermission('Roles')")
public SimpleEditInterface load(SessionContext context, Session hibSession) {
SimpleEditInterface data = new SimpleEditInterface(
new Field(MESSAGES.fieldReference(), FieldType.text, 160, 20, Flag.UNIQUE),
new Field(MESSAGES.fieldName(), FieldType.text, 250, 40, Flag.UNIQUE),
new Field(MESSAGES.fieldInstructor(), FieldType.toggle, 40),
new Field(MESSAGES.fieldEnabled(), FieldType.toggle, 40),
new Field(MESSAGES.fieldSortOrder(), FieldType.text, 80, 10, Flag.READ_ONLY, Flag.HIDDEN)
);
data.setSortBy(4);
int idx = 0;
for (Roles role: Roles.findAll(false)) {
Record r = data.addRecord(role.getRoleId(), (role.isManager() || role.isInstructor()) && !role.isUsed());
r.setField(0, role.getReference(), role.isManager() || role.isInstructor());
r.setField(1, role.getAbbv());
r.setField(2, role.isInstructor() ? "true" : "false");
r.setField(3, role.isEnabled() ? "true" : "false");
r.setField(4, String.valueOf(idx++));
}
data.setEditable(context.hasPermission(Right.RoleEdit));
return data;
}
示例14: signUp
import org.springframework.security.access.prepost.PreAuthorize; //导入依赖的package包/类
@RequestMapping(value = "/registration", method = RequestMethod.POST)
@PreAuthorize("permitAll")
public ResponseEntity<User> signUp(@Valid User user, BindingResult result) {
RestVerifier.verifyModelResult(result);
User newUser = registrationService.startRegistration(user);
if (registrationService.isRegistrationCompleted(newUser)) {
return new ResponseEntity<User>(newUser, HttpStatus.CREATED);
} else {
return new ResponseEntity<User>(newUser, HttpStatus.OK);
}
}
示例15: updateStrategy
import org.springframework.security.access.prepost.PreAuthorize; //导入依赖的package包/类
/**
* Updates a given Strategy configuration.
*
* @param user the authenticated user.
* @param botId the id of the Bot to update the Strategy config for.
* @param strategyId id of the Strategy config to update.
* @param strategyConfig the updated Strategy config.
* @return 200 'Ok' and the updated Strategy config if successful, some other HTTP status code otherwise.
*/
@PreAuthorize("hasRole('ADMIN')")
@RequestMapping(value = "/{botId}" + STRATEGIES_RESOURCE_PATH + "/{strategyId}", method = RequestMethod.PUT)
public ResponseEntity<?> updateStrategy(@AuthenticationPrincipal User user, @PathVariable String botId,
@PathVariable String strategyId, @RequestBody StrategyConfig strategyConfig) {
if (strategyConfig.getId() == null || !strategyId.equals(strategyConfig.getId())) {
return new ResponseEntity<>(HttpStatus.BAD_REQUEST);
}
LOG.info("PUT " + CONFIG_ENDPOINT_BASE_URI + botId + STRATEGIES_RESOURCE_PATH + "/" + strategyId + " - updateStrategy() "); //- caller: " + user.getUsername());
LOG.info("Request: " + strategyConfig);
final StrategyConfig updatedConfig = strategyConfigService.updateStrategyConfig(botId, strategyConfig);
return updatedConfig == null
? new ResponseEntity<>(HttpStatus.NOT_FOUND)
: buildResponseEntity(updatedConfig, HttpStatus.OK);
}