From 6cad19b699d7fc83dbf14631e3d88cbdc642f461 Mon Sep 17 00:00:00 2001 From: FyloZ Date: Sun, 4 Apr 2021 22:38:28 -0400 Subject: [PATCH] =?UTF-8?q?Cr=C3=A9ation=20d'annotations=20pour=20les=20pe?= =?UTF-8?q?rmissions=20couramment=20utilis=C3=A9es.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../annotations/PermissionAnnotations.kt | 45 +++++++++++++++++++ .../rest/AccountControllers.kt | 26 ++++++----- .../rest/CompanyController.kt | 3 +- .../rest/MaterialController.kt | 3 +- .../rest/MaterialTypeController.kt | 3 +- .../rest/RecipeController.kt | 25 ++++++----- 6 files changed, 80 insertions(+), 25 deletions(-) create mode 100644 src/main/kotlin/dev/fyloz/colorrecipesexplorer/config/annotations/PermissionAnnotations.kt diff --git a/src/main/kotlin/dev/fyloz/colorrecipesexplorer/config/annotations/PermissionAnnotations.kt b/src/main/kotlin/dev/fyloz/colorrecipesexplorer/config/annotations/PermissionAnnotations.kt new file mode 100644 index 0000000..04ff417 --- /dev/null +++ b/src/main/kotlin/dev/fyloz/colorrecipesexplorer/config/annotations/PermissionAnnotations.kt @@ -0,0 +1,45 @@ +package dev.fyloz.colorrecipesexplorer.config.annotations + +import org.springframework.security.access.prepost.PreAuthorize + +@Target(AnnotationTarget.FUNCTION, AnnotationTarget.CLASS) +@Retention(AnnotationRetention.RUNTIME) +@MustBeDocumented +@PreAuthorize("hasAuthority('VIEW_RECIPES')") +annotation class PreAuthorizeViewRecipes + +@Target(AnnotationTarget.FUNCTION, AnnotationTarget.CLASS) +@Retention(AnnotationRetention.RUNTIME) +@MustBeDocumented +@PreAuthorize("hasAuthority('EDIT_RECIPES')") +annotation class PreAuthorizeEditRecipes + +@Target(AnnotationTarget.FUNCTION, AnnotationTarget.CLASS) +@Retention(AnnotationRetention.RUNTIME) +@MustBeDocumented +@PreAuthorize("hasAuthority('REMOVE_RECIPES')") +annotation class PreAuthorizeRemoveRecipes + +@Target(AnnotationTarget.FUNCTION, AnnotationTarget.CLASS) +@Retention(AnnotationRetention.RUNTIME) +@MustBeDocumented +@PreAuthorize("hasAuthority('VIEW_CATALOG')") +annotation class PreAuthorizeViewCatalog + +@Target(AnnotationTarget.FUNCTION, AnnotationTarget.CLASS) +@Retention(AnnotationRetention.RUNTIME) +@MustBeDocumented +@PreAuthorize("hasAuthority('VIEW_USERS')") +annotation class PreAuthorizeViewUsers + +@Target(AnnotationTarget.FUNCTION, AnnotationTarget.CLASS) +@Retention(AnnotationRetention.RUNTIME) +@MustBeDocumented +@PreAuthorize("hasAuthority('EDIT_USERS')") +annotation class PreAuthorizeEditUsers + +@Target(AnnotationTarget.FUNCTION, AnnotationTarget.CLASS) +@Retention(AnnotationRetention.RUNTIME) +@MustBeDocumented +@PreAuthorize("hasAuthority('REMOVE_USERS')") +annotation class PreAuthorizeRemoveUsers diff --git a/src/main/kotlin/dev/fyloz/colorrecipesexplorer/rest/AccountControllers.kt b/src/main/kotlin/dev/fyloz/colorrecipesexplorer/rest/AccountControllers.kt index 0ea008a..8ea1417 100644 --- a/src/main/kotlin/dev/fyloz/colorrecipesexplorer/rest/AccountControllers.kt +++ b/src/main/kotlin/dev/fyloz/colorrecipesexplorer/rest/AccountControllers.kt @@ -1,5 +1,8 @@ package dev.fyloz.colorrecipesexplorer.rest +import dev.fyloz.colorrecipesexplorer.config.annotations.PreAuthorizeEditUsers +import dev.fyloz.colorrecipesexplorer.config.annotations.PreAuthorizeRemoveUsers +import dev.fyloz.colorrecipesexplorer.config.annotations.PreAuthorizeViewUsers import dev.fyloz.colorrecipesexplorer.model.* import dev.fyloz.colorrecipesexplorer.service.EmployeeGroupServiceImpl import dev.fyloz.colorrecipesexplorer.service.EmployeeService @@ -16,13 +19,14 @@ private const val EMPLOYEE_GROUP_CONTROLLER_PATH = "api/employee/group" @RestController @RequestMapping(EMPLOYEE_CONTROLLER_PATH) -@PreAuthorize("hasAuthority('VIEW_USERS')") class EmployeeController(private val employeeService: EmployeeService) { @GetMapping + @PreAuthorizeViewUsers fun getAll() = ok(employeeService.getAll()) @GetMapping("{id}") + @PreAuthorizeViewUsers fun getById(@PathVariable id: Long) = ok(employeeService.getById(id)) @@ -40,28 +44,28 @@ class EmployeeController(private val employeeService: EmployeeService) { forbidden() @PostMapping - @PreAuthorize("hasAuthority('EDIT_USERS')") + @PreAuthorizeEditUsers fun save(@Valid @RequestBody employee: EmployeeSaveDto) = created(EMPLOYEE_CONTROLLER_PATH) { employeeService.save(employee) } @PutMapping - @PreAuthorize("hasAuthority('EDIT_USERS')") + @PreAuthorizeEditUsers fun update(@Valid @RequestBody employee: EmployeeUpdateDto) = noContent { employeeService.update(employee) } @PutMapping("{id}/password", consumes = [MediaType.TEXT_PLAIN_VALUE]) - @PreAuthorize("hasAuthority('EDIT_USERS')") + @PreAuthorizeEditUsers fun updatePassword(@PathVariable id: Long, @RequestBody password: String) = noContent { employeeService.updatePassword(id, password) } @PutMapping("{employeeId}/permissions/{permission}") - @PreAuthorize("hasAuthority('EDIT_USERS')") + @PreAuthorizeEditUsers fun addPermission( @PathVariable employeeId: Long, @PathVariable permission: EmployeePermission @@ -70,7 +74,7 @@ class EmployeeController(private val employeeService: EmployeeService) { } @DeleteMapping("{employeeId}/permissions/{permission}") - @PreAuthorize("hasAuthority('EDIT_USERS')") + @PreAuthorizeEditUsers fun removePermission( @PathVariable employeeId: Long, @PathVariable permission: EmployeePermission @@ -79,14 +83,14 @@ class EmployeeController(private val employeeService: EmployeeService) { } @DeleteMapping("{id}") - @PreAuthorize("hasAuthority('REMOVE_USERS')") + @PreAuthorizeRemoveUsers fun deleteById(@PathVariable id: Long) = employeeService.deleteById(id) } @RestController @RequestMapping(EMPLOYEE_GROUP_CONTROLLER_PATH) -@PreAuthorize("hasAuthority('VIEW_USERS')") +@PreAuthorizeViewUsers class GroupsController(private val groupService: EmployeeGroupServiceImpl) { @GetMapping fun getAll() = @@ -111,21 +115,21 @@ class GroupsController(private val groupService: EmployeeGroupServiceImpl) { ok(groupService.getRequestDefaultGroup(request)) @PostMapping - @PreAuthorize("hasAuthority('EDIT_USERS')") + @PreAuthorizeEditUsers fun save(@Valid @RequestBody group: EmployeeGroupSaveDto) = created(EMPLOYEE_GROUP_CONTROLLER_PATH) { groupService.save(group) } @PutMapping - @PreAuthorize("hasAuthority('EDIT_USERS')") + @PreAuthorizeEditUsers fun update(@Valid @RequestBody group: EmployeeGroupUpdateDto) = noContent { groupService.update(group) } @DeleteMapping("{id}") - @PreAuthorize("hasAuthority('REMOVE_USERS')") + @PreAuthorizeRemoveUsers fun deleteById(@PathVariable id: Long) = noContent { groupService.deleteById(id) diff --git a/src/main/kotlin/dev/fyloz/colorrecipesexplorer/rest/CompanyController.kt b/src/main/kotlin/dev/fyloz/colorrecipesexplorer/rest/CompanyController.kt index de76240..bf690b4 100644 --- a/src/main/kotlin/dev/fyloz/colorrecipesexplorer/rest/CompanyController.kt +++ b/src/main/kotlin/dev/fyloz/colorrecipesexplorer/rest/CompanyController.kt @@ -1,5 +1,6 @@ package dev.fyloz.colorrecipesexplorer.rest +import dev.fyloz.colorrecipesexplorer.config.annotations.PreAuthorizeViewCatalog import dev.fyloz.colorrecipesexplorer.model.Company import dev.fyloz.colorrecipesexplorer.model.CompanySaveDto import dev.fyloz.colorrecipesexplorer.model.CompanyUpdateDto @@ -12,7 +13,7 @@ private const val COMPANY_CONTROLLER_PATH = "api/company" @RestController @RequestMapping(COMPANY_CONTROLLER_PATH) -@PreAuthorize("hasAuthority('VIEW_CATALOG')") +@PreAuthorizeViewCatalog class CompanyController(private val companyService: CompanyService) { @GetMapping fun getAll() = diff --git a/src/main/kotlin/dev/fyloz/colorrecipesexplorer/rest/MaterialController.kt b/src/main/kotlin/dev/fyloz/colorrecipesexplorer/rest/MaterialController.kt index 64a5e10..b4b2745 100644 --- a/src/main/kotlin/dev/fyloz/colorrecipesexplorer/rest/MaterialController.kt +++ b/src/main/kotlin/dev/fyloz/colorrecipesexplorer/rest/MaterialController.kt @@ -1,5 +1,6 @@ package dev.fyloz.colorrecipesexplorer.rest +import dev.fyloz.colorrecipesexplorer.config.annotations.PreAuthorizeViewCatalog import dev.fyloz.colorrecipesexplorer.model.* import dev.fyloz.colorrecipesexplorer.service.MaterialService import org.springframework.http.MediaType @@ -13,7 +14,7 @@ private const val MATERIAL_CONTROLLER_PATH = "api/material" @RestController @RequestMapping(MATERIAL_CONTROLLER_PATH) -@PreAuthorize("hasAuthority('VIEW_CATALOG')") +@PreAuthorizeViewCatalog class MaterialController(private val materialService: MaterialService) { @GetMapping fun getAll() = diff --git a/src/main/kotlin/dev/fyloz/colorrecipesexplorer/rest/MaterialTypeController.kt b/src/main/kotlin/dev/fyloz/colorrecipesexplorer/rest/MaterialTypeController.kt index 03cc9fe..fb239a4 100644 --- a/src/main/kotlin/dev/fyloz/colorrecipesexplorer/rest/MaterialTypeController.kt +++ b/src/main/kotlin/dev/fyloz/colorrecipesexplorer/rest/MaterialTypeController.kt @@ -1,5 +1,6 @@ package dev.fyloz.colorrecipesexplorer.rest +import dev.fyloz.colorrecipesexplorer.config.annotations.PreAuthorizeViewCatalog import dev.fyloz.colorrecipesexplorer.model.MaterialType import dev.fyloz.colorrecipesexplorer.model.MaterialTypeSaveDto import dev.fyloz.colorrecipesexplorer.model.MaterialTypeUpdateDto @@ -12,7 +13,7 @@ private const val MATERIAL_TYPE_CONTROLLER_PATH = "api/materialtype" @RestController @RequestMapping(MATERIAL_TYPE_CONTROLLER_PATH) -@PreAuthorize("hasAuthority('VIEW_CATALOG')") +@PreAuthorizeViewCatalog class MaterialTypeController(private val materialTypeService: MaterialTypeService) { @GetMapping fun getAll() = diff --git a/src/main/kotlin/dev/fyloz/colorrecipesexplorer/rest/RecipeController.kt b/src/main/kotlin/dev/fyloz/colorrecipesexplorer/rest/RecipeController.kt index cb6bf29..0d81d5d 100644 --- a/src/main/kotlin/dev/fyloz/colorrecipesexplorer/rest/RecipeController.kt +++ b/src/main/kotlin/dev/fyloz/colorrecipesexplorer/rest/RecipeController.kt @@ -1,5 +1,8 @@ package dev.fyloz.colorrecipesexplorer.rest +import dev.fyloz.colorrecipesexplorer.config.annotations.PreAuthorizeEditRecipes +import dev.fyloz.colorrecipesexplorer.config.annotations.PreAuthorizeRemoveRecipes +import dev.fyloz.colorrecipesexplorer.config.annotations.PreAuthorizeViewRecipes import dev.fyloz.colorrecipesexplorer.model.* import dev.fyloz.colorrecipesexplorer.service.MixService import dev.fyloz.colorrecipesexplorer.service.RecipeImageService @@ -18,7 +21,7 @@ private const val MIX_CONTROLLER_PATH = "api/recipe/mix" @RestController @RequestMapping(RECIPE_CONTROLLER_PATH) -@PreAuthorize("hasAuthority('VIEW_RECIPE')") +@PreAuthorizeViewRecipes class RecipeController(private val recipeService: RecipeService) { @GetMapping fun getAll() = @@ -29,14 +32,14 @@ class RecipeController(private val recipeService: RecipeService) { ok(recipeService.getById(id)) @PostMapping - @PreAuthorize("hasAuthority('EDIT_RECIPES')") + @PreAuthorizeEditRecipes fun save(@Valid @RequestBody recipe: RecipeSaveDto) = created(RECIPE_CONTROLLER_PATH) { recipeService.save(recipe) } @PutMapping - @PreAuthorize("hasAuthority('EDIT_RECIPES')") + @PreAuthorizeEditRecipes fun update(@Valid @RequestBody recipe: RecipeUpdateDto) = noContent { recipeService.update(recipe) @@ -50,7 +53,7 @@ class RecipeController(private val recipeService: RecipeService) { } @DeleteMapping("{id}") - @PreAuthorize("hasAuthority('REMOVE_RECIPES')") + @PreAuthorizeRemoveRecipes fun deleteById(@PathVariable id: Long) = noContent { recipeService.deleteById(id) @@ -59,7 +62,7 @@ class RecipeController(private val recipeService: RecipeService) { @RestController @RequestMapping(RECIPE_CONTROLLER_PATH) -@PreAuthorize("hasAuthority('VIEW_RECIPE')") +@PreAuthorizeViewRecipes class RecipeImageController(val recipeImageService: RecipeImageService) { @GetMapping("{recipeId}/image") fun getAllIdsForRecipe(@PathVariable recipeId: Long) = @@ -70,14 +73,14 @@ class RecipeImageController(val recipeImageService: RecipeImageService) { ok(recipeImageService.getByIdForRecipe(id, recipeId)) @PostMapping("{recipeId}/image", consumes = [MediaType.MULTIPART_FORM_DATA_VALUE]) - @PreAuthorize("hasAuthority('EDIT_RECIPES')") + @PreAuthorizeEditRecipes fun save(@PathVariable recipeId: Long, image: MultipartFile): ResponseEntity { val id = recipeImageService.save(image, recipeId) return ResponseEntity.created(URI.create("/$RECIPE_CONTROLLER_PATH/$recipeId/image/$id")).build() } @DeleteMapping("{recipeId}/image/{id}") - @PreAuthorize("hasAuthority('REMOVE_RECIPES')") + @PreAuthorizeRemoveRecipes fun delete(@PathVariable recipeId: Long, @PathVariable id: Long) = noContent { recipeImageService.delete(id, recipeId) @@ -86,28 +89,28 @@ class RecipeImageController(val recipeImageService: RecipeImageService) { @RestController @RequestMapping(MIX_CONTROLLER_PATH) -@PreAuthorize("hasAuthority('VIEW_RECIPE')") +@PreAuthorizeViewRecipes class MixController(private val mixService: MixService) { @GetMapping("{id}") fun getById(@PathVariable id: Long) = ok(mixService.getById(id)) @PostMapping - @PreAuthorize("hasAuthority('EDIT_RECIPES')") + @PreAuthorizeEditRecipes fun save(@Valid @RequestBody mix: MixSaveDto) = created(MIX_CONTROLLER_PATH) { mixService.save(mix) } @PutMapping - @PreAuthorize("hasAuthority('EDIT_RECIPES')") + @PreAuthorizeEditRecipes fun update(@Valid @RequestBody mix: MixUpdateDto) = noContent { mixService.update(mix) } @DeleteMapping("{id}") - @PreAuthorize("hasAuthority('REMOVE_RECIPES')") + @PreAuthorizeRemoveRecipes fun deleteById(@PathVariable id: Long) = noContent { mixService.deleteById(id)