Création d'annotations pour les permissions couramment utilisées.

src/main/kotlin/dev/fyloz/colorrecipesexplorer/config/annotations/PermissionAnnotations.kt

@@ -0,0 +1,45 @@
+package dev.fyloz.colorrecipesexplorer.config.annotations
+
+import org.springframework.security.access.prepost.PreAuthorize
+
+@Target(AnnotationTarget.FUNCTION, AnnotationTarget.CLASS)
+@Retention(AnnotationRetention.RUNTIME)
+@MustBeDocumented
+@PreAuthorize("hasAuthority('VIEW_RECIPES')")
+annotation class PreAuthorizeViewRecipes
+
+@Target(AnnotationTarget.FUNCTION, AnnotationTarget.CLASS)
+@Retention(AnnotationRetention.RUNTIME)
+@MustBeDocumented
+@PreAuthorize("hasAuthority('EDIT_RECIPES')")
+annotation class PreAuthorizeEditRecipes
+
+@Target(AnnotationTarget.FUNCTION, AnnotationTarget.CLASS)
+@Retention(AnnotationRetention.RUNTIME)
+@MustBeDocumented
+@PreAuthorize("hasAuthority('REMOVE_RECIPES')")
+annotation class PreAuthorizeRemoveRecipes
+
+@Target(AnnotationTarget.FUNCTION, AnnotationTarget.CLASS)
+@Retention(AnnotationRetention.RUNTIME)
+@MustBeDocumented
+@PreAuthorize("hasAuthority('VIEW_CATALOG')")
+annotation class PreAuthorizeViewCatalog
+
+@Target(AnnotationTarget.FUNCTION, AnnotationTarget.CLASS)
+@Retention(AnnotationRetention.RUNTIME)
+@MustBeDocumented
+@PreAuthorize("hasAuthority('VIEW_USERS')")
+annotation class PreAuthorizeViewUsers
+
+@Target(AnnotationTarget.FUNCTION, AnnotationTarget.CLASS)
+@Retention(AnnotationRetention.RUNTIME)
+@MustBeDocumented
+@PreAuthorize("hasAuthority('EDIT_USERS')")
+annotation class PreAuthorizeEditUsers
+
+@Target(AnnotationTarget.FUNCTION, AnnotationTarget.CLASS)
+@Retention(AnnotationRetention.RUNTIME)
+@MustBeDocumented
+@PreAuthorize("hasAuthority('REMOVE_USERS')")
+annotation class PreAuthorizeRemoveUsers

src/main/kotlin/dev/fyloz/colorrecipesexplorer/rest/AccountControllers.kt

@@ -1,5 +1,8 @@
 package dev.fyloz.colorrecipesexplorer.rest
 
+import dev.fyloz.colorrecipesexplorer.config.annotations.PreAuthorizeEditUsers
+import dev.fyloz.colorrecipesexplorer.config.annotations.PreAuthorizeRemoveUsers
+import dev.fyloz.colorrecipesexplorer.config.annotations.PreAuthorizeViewUsers
 import dev.fyloz.colorrecipesexplorer.model.*
 import dev.fyloz.colorrecipesexplorer.service.EmployeeGroupServiceImpl
 import dev.fyloz.colorrecipesexplorer.service.EmployeeService
@@ -16,13 +19,14 @@ private const val EMPLOYEE_GROUP_CONTROLLER_PATH = "api/employee/group"
 
 @RestController
 @RequestMapping(EMPLOYEE_CONTROLLER_PATH)
-@PreAuthorize("hasAuthority('VIEW_USERS')")
 class EmployeeController(private val employeeService: EmployeeService) {
     @GetMapping
+    @PreAuthorizeViewUsers
     fun getAll() =
         ok(employeeService.getAll())
 
     @GetMapping("{id}")
+    @PreAuthorizeViewUsers
     fun getById(@PathVariable id: Long) =
         ok(employeeService.getById(id))
 
@@ -40,28 +44,28 @@ class EmployeeController(private val employeeService: EmployeeService) {
             forbidden()
 
     @PostMapping
-    @PreAuthorize("hasAuthority('EDIT_USERS')")
+    @PreAuthorizeEditUsers
     fun save(@Valid @RequestBody employee: EmployeeSaveDto) =
         created<Employee>(EMPLOYEE_CONTROLLER_PATH) {
             employeeService.save(employee)
         }
 
     @PutMapping
-    @PreAuthorize("hasAuthority('EDIT_USERS')")
+    @PreAuthorizeEditUsers
     fun update(@Valid @RequestBody employee: EmployeeUpdateDto) =
         noContent {
             employeeService.update(employee)
         }
 
     @PutMapping("{id}/password", consumes = [MediaType.TEXT_PLAIN_VALUE])
-    @PreAuthorize("hasAuthority('EDIT_USERS')")
+    @PreAuthorizeEditUsers
     fun updatePassword(@PathVariable id: Long, @RequestBody password: String) =
         noContent {
             employeeService.updatePassword(id, password)
         }
 
     @PutMapping("{employeeId}/permissions/{permission}")
-    @PreAuthorize("hasAuthority('EDIT_USERS')")
+    @PreAuthorizeEditUsers
     fun addPermission(
         @PathVariable employeeId: Long,
         @PathVariable permission: EmployeePermission
@@ -70,7 +74,7 @@ class EmployeeController(private val employeeService: EmployeeService) {
     }
 
     @DeleteMapping("{employeeId}/permissions/{permission}")
-    @PreAuthorize("hasAuthority('EDIT_USERS')")
+    @PreAuthorizeEditUsers
     fun removePermission(
         @PathVariable employeeId: Long,
         @PathVariable permission: EmployeePermission
@@ -79,14 +83,14 @@ class EmployeeController(private val employeeService: EmployeeService) {
     }
 
     @DeleteMapping("{id}")
-    @PreAuthorize("hasAuthority('REMOVE_USERS')")
+    @PreAuthorizeRemoveUsers
     fun deleteById(@PathVariable id: Long) =
         employeeService.deleteById(id)
 }
 
 @RestController
 @RequestMapping(EMPLOYEE_GROUP_CONTROLLER_PATH)
-@PreAuthorize("hasAuthority('VIEW_USERS')")
+@PreAuthorizeViewUsers
 class GroupsController(private val groupService: EmployeeGroupServiceImpl) {
     @GetMapping
     fun getAll() =
@@ -111,21 +115,21 @@ class GroupsController(private val groupService: EmployeeGroupServiceImpl) {
         ok(groupService.getRequestDefaultGroup(request))
 
     @PostMapping
-    @PreAuthorize("hasAuthority('EDIT_USERS')")
+    @PreAuthorizeEditUsers
     fun save(@Valid @RequestBody group: EmployeeGroupSaveDto) =
         created<EmployeeGroup>(EMPLOYEE_GROUP_CONTROLLER_PATH) {
             groupService.save(group)
         }
 
     @PutMapping
-    @PreAuthorize("hasAuthority('EDIT_USERS')")
+    @PreAuthorizeEditUsers
     fun update(@Valid @RequestBody group: EmployeeGroupUpdateDto) =
         noContent {
             groupService.update(group)
         }
 
     @DeleteMapping("{id}")
-    @PreAuthorize("hasAuthority('REMOVE_USERS')")
+    @PreAuthorizeRemoveUsers
     fun deleteById(@PathVariable id: Long) =
         noContent {
             groupService.deleteById(id)

src/main/kotlin/dev/fyloz/colorrecipesexplorer/rest/CompanyController.kt

@@ -1,5 +1,6 @@
 package dev.fyloz.colorrecipesexplorer.rest
 
+import dev.fyloz.colorrecipesexplorer.config.annotations.PreAuthorizeViewCatalog
 import dev.fyloz.colorrecipesexplorer.model.Company
 import dev.fyloz.colorrecipesexplorer.model.CompanySaveDto
 import dev.fyloz.colorrecipesexplorer.model.CompanyUpdateDto
@@ -12,7 +13,7 @@ private const val COMPANY_CONTROLLER_PATH = "api/company"
 
 @RestController
 @RequestMapping(COMPANY_CONTROLLER_PATH)
-@PreAuthorize("hasAuthority('VIEW_CATALOG')")
+@PreAuthorizeViewCatalog
 class CompanyController(private val companyService: CompanyService) {
     @GetMapping
     fun getAll() =

src/main/kotlin/dev/fyloz/colorrecipesexplorer/rest/MaterialController.kt

@@ -1,5 +1,6 @@
 package dev.fyloz.colorrecipesexplorer.rest
 
+import dev.fyloz.colorrecipesexplorer.config.annotations.PreAuthorizeViewCatalog
 import dev.fyloz.colorrecipesexplorer.model.*
 import dev.fyloz.colorrecipesexplorer.service.MaterialService
 import org.springframework.http.MediaType
@@ -13,7 +14,7 @@ private const val MATERIAL_CONTROLLER_PATH = "api/material"
 
 @RestController
 @RequestMapping(MATERIAL_CONTROLLER_PATH)
-@PreAuthorize("hasAuthority('VIEW_CATALOG')")
+@PreAuthorizeViewCatalog
 class MaterialController(private val materialService: MaterialService) {
     @GetMapping
     fun getAll() =

src/main/kotlin/dev/fyloz/colorrecipesexplorer/rest/MaterialTypeController.kt

@@ -1,5 +1,6 @@
 package dev.fyloz.colorrecipesexplorer.rest
 
+import dev.fyloz.colorrecipesexplorer.config.annotations.PreAuthorizeViewCatalog
 import dev.fyloz.colorrecipesexplorer.model.MaterialType
 import dev.fyloz.colorrecipesexplorer.model.MaterialTypeSaveDto
 import dev.fyloz.colorrecipesexplorer.model.MaterialTypeUpdateDto
@@ -12,7 +13,7 @@ private const val MATERIAL_TYPE_CONTROLLER_PATH = "api/materialtype"
 
 @RestController
 @RequestMapping(MATERIAL_TYPE_CONTROLLER_PATH)
-@PreAuthorize("hasAuthority('VIEW_CATALOG')")
+@PreAuthorizeViewCatalog
 class MaterialTypeController(private val materialTypeService: MaterialTypeService) {
     @GetMapping
     fun getAll() =

src/main/kotlin/dev/fyloz/colorrecipesexplorer/rest/RecipeController.kt

@@ -1,5 +1,8 @@
 package dev.fyloz.colorrecipesexplorer.rest
 
+import dev.fyloz.colorrecipesexplorer.config.annotations.PreAuthorizeEditRecipes
+import dev.fyloz.colorrecipesexplorer.config.annotations.PreAuthorizeRemoveRecipes
+import dev.fyloz.colorrecipesexplorer.config.annotations.PreAuthorizeViewRecipes
 import dev.fyloz.colorrecipesexplorer.model.*
 import dev.fyloz.colorrecipesexplorer.service.MixService
 import dev.fyloz.colorrecipesexplorer.service.RecipeImageService
@@ -18,7 +21,7 @@ private const val MIX_CONTROLLER_PATH = "api/recipe/mix"
 
 @RestController
 @RequestMapping(RECIPE_CONTROLLER_PATH)
-@PreAuthorize("hasAuthority('VIEW_RECIPE')")
+@PreAuthorizeViewRecipes
 class RecipeController(private val recipeService: RecipeService) {
     @GetMapping
     fun getAll() =
@@ -29,14 +32,14 @@ class RecipeController(private val recipeService: RecipeService) {
         ok(recipeService.getById(id))
 
     @PostMapping
-    @PreAuthorize("hasAuthority('EDIT_RECIPES')")
+    @PreAuthorizeEditRecipes
     fun save(@Valid @RequestBody recipe: RecipeSaveDto) =
         created<Recipe>(RECIPE_CONTROLLER_PATH) {
             recipeService.save(recipe)
         }
 
     @PutMapping
-    @PreAuthorize("hasAuthority('EDIT_RECIPES')")
+    @PreAuthorizeEditRecipes
     fun update(@Valid @RequestBody recipe: RecipeUpdateDto) =
         noContent {
             recipeService.update(recipe)
@@ -50,7 +53,7 @@ class RecipeController(private val recipeService: RecipeService) {
         }
 
     @DeleteMapping("{id}")
-    @PreAuthorize("hasAuthority('REMOVE_RECIPES')")
+    @PreAuthorizeRemoveRecipes
     fun deleteById(@PathVariable id: Long) =
         noContent {
             recipeService.deleteById(id)
@@ -59,7 +62,7 @@ class RecipeController(private val recipeService: RecipeService) {
 
 @RestController
 @RequestMapping(RECIPE_CONTROLLER_PATH)
-@PreAuthorize("hasAuthority('VIEW_RECIPE')")
+@PreAuthorizeViewRecipes
 class RecipeImageController(val recipeImageService: RecipeImageService) {
     @GetMapping("{recipeId}/image")
     fun getAllIdsForRecipe(@PathVariable recipeId: Long) =
@@ -70,14 +73,14 @@ class RecipeImageController(val recipeImageService: RecipeImageService) {
         ok(recipeImageService.getByIdForRecipe(id, recipeId))
 
     @PostMapping("{recipeId}/image", consumes = [MediaType.MULTIPART_FORM_DATA_VALUE])
-    @PreAuthorize("hasAuthority('EDIT_RECIPES')")
+    @PreAuthorizeEditRecipes
     fun save(@PathVariable recipeId: Long, image: MultipartFile): ResponseEntity<Void> {
         val id = recipeImageService.save(image, recipeId)
         return ResponseEntity.created(URI.create("/$RECIPE_CONTROLLER_PATH/$recipeId/image/$id")).build()
     }
 
     @DeleteMapping("{recipeId}/image/{id}")
-    @PreAuthorize("hasAuthority('REMOVE_RECIPES')")
+    @PreAuthorizeRemoveRecipes
     fun delete(@PathVariable recipeId: Long, @PathVariable id: Long) =
         noContent {
             recipeImageService.delete(id, recipeId)
@@ -86,28 +89,28 @@ class RecipeImageController(val recipeImageService: RecipeImageService) {
 
 @RestController
 @RequestMapping(MIX_CONTROLLER_PATH)
-@PreAuthorize("hasAuthority('VIEW_RECIPE')")
+@PreAuthorizeViewRecipes
 class MixController(private val mixService: MixService) {
     @GetMapping("{id}")
     fun getById(@PathVariable id: Long) =
         ok(mixService.getById(id))
 
     @PostMapping
-    @PreAuthorize("hasAuthority('EDIT_RECIPES')")
+    @PreAuthorizeEditRecipes
     fun save(@Valid @RequestBody mix: MixSaveDto) =
         created<Mix>(MIX_CONTROLLER_PATH) {
             mixService.save(mix)
         }
 
     @PutMapping
-    @PreAuthorize("hasAuthority('EDIT_RECIPES')")
+    @PreAuthorizeEditRecipes
     fun update(@Valid @RequestBody mix: MixUpdateDto) =
         noContent {
             mixService.update(mix)
         }
 
     @DeleteMapping("{id}")
-    @PreAuthorize("hasAuthority('REMOVE_RECIPES')")
+    @PreAuthorizeRemoveRecipes
     fun deleteById(@PathVariable id: Long) =
         noContent {
             mixService.deleteById(id)