Skip to content

Commit

Permalink
Merge pull request #136 from kbss-cvut/fix/135-add-method-level-security
Browse files Browse the repository at this point in the history
Add method level security
  • Loading branch information
kostobog authored Jul 6, 2024
2 parents 09ad988 + b52f390 commit 0b24de0
Show file tree
Hide file tree
Showing 11 changed files with 34 additions and 4 deletions.
Original file line number Diff line number Diff line change
@@ -1,19 +1,19 @@
package cz.cvut.kbss.analysis.controller;


import cz.cvut.kbss.analysis.model.Document;
import cz.cvut.kbss.analysis.security.SecurityConstants;
import cz.cvut.kbss.analysis.service.external.AnnotatorService;
import cz.cvut.kbss.jsonld.JsonLd;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.MediaType;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

import java.util.List;

@RequestMapping("/documents")
@RestController
@PreAuthorize("hasRole('" + SecurityConstants.ROLE_USER + "')")
public class AnnotatorController {

private final AnnotatorService annotatorService;
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@
import cz.cvut.kbss.analysis.model.Component;
import cz.cvut.kbss.analysis.model.FailureMode;
import cz.cvut.kbss.analysis.model.Function;
import cz.cvut.kbss.analysis.security.SecurityConstants;
import cz.cvut.kbss.analysis.service.ComponentRepositoryService;
import cz.cvut.kbss.analysis.service.IdentifierService;
import cz.cvut.kbss.analysis.util.Vocabulary;
Expand All @@ -13,6 +14,7 @@
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpStatus;
import org.springframework.http.MediaType;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.*;

import java.net.URI;
Expand All @@ -21,6 +23,7 @@

@RestController
@RequestMapping("/components")
@PreAuthorize("hasRole('" + SecurityConstants.ROLE_USER + "')")
@RequiredArgsConstructor(onConstructor = @__(@Autowired))
@Slf4j
public class ComponentController {
Expand Down
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
package cz.cvut.kbss.analysis.controller;

import cz.cvut.kbss.analysis.model.FailureMode;
import cz.cvut.kbss.analysis.security.SecurityConstants;
import cz.cvut.kbss.analysis.service.FailureModeRepositoryService;
import cz.cvut.kbss.analysis.service.IdentifierService;
import cz.cvut.kbss.analysis.util.Vocabulary;
Expand All @@ -10,6 +11,7 @@
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpStatus;
import org.springframework.http.MediaType;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.*;

import java.net.URI;
Expand All @@ -18,6 +20,7 @@

@RestController
@RequestMapping("/failureModes")
@PreAuthorize("hasRole('" + SecurityConstants.ROLE_USER + "')")
@RequiredArgsConstructor(onConstructor = @__(@Autowired))
@Slf4j
public class FailureModeController {
Expand Down
Original file line number Diff line number Diff line change
@@ -1,19 +1,22 @@
package cz.cvut.kbss.analysis.controller;

import cz.cvut.kbss.analysis.dto.update.FailureModesRowRpnUpdateDTO;
import cz.cvut.kbss.analysis.security.SecurityConstants;
import cz.cvut.kbss.analysis.service.FailureModesRowRepositoryService;
import cz.cvut.kbss.jsonld.JsonLd;
import lombok.RequiredArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.MediaType;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.PutMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

@RestController
@RequestMapping("/failureModesRow")
@PreAuthorize("hasRole('" + SecurityConstants.ROLE_USER + "')")
@RequiredArgsConstructor(onConstructor = @__(@Autowired))
@Slf4j
public class FailureModesRowController {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@
import cz.cvut.kbss.analysis.dto.table.FailureModesTableDataDTO;
import cz.cvut.kbss.analysis.dto.update.FailureModesTableUpdateDTO;
import cz.cvut.kbss.analysis.model.FailureModesTable;
import cz.cvut.kbss.analysis.security.SecurityConstants;
import cz.cvut.kbss.analysis.service.FailureModesTableRepositoryService;
import cz.cvut.kbss.analysis.service.IdentifierService;
import cz.cvut.kbss.analysis.util.Vocabulary;
Expand All @@ -12,6 +13,7 @@
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpStatus;
import org.springframework.http.MediaType;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.*;

import jakarta.servlet.http.HttpServletResponse;
Expand All @@ -20,6 +22,7 @@

@RestController
@RequestMapping("/failureModesTable")
@PreAuthorize("hasRole('" + SecurityConstants.ROLE_USER + "')")
@RequiredArgsConstructor(onConstructor = @__(@Autowired))
@Slf4j
public class FailureModesTableController {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@
import cz.cvut.kbss.analysis.model.FaultEvent;
import cz.cvut.kbss.analysis.model.FaultEventType;
import cz.cvut.kbss.analysis.model.diagram.Rectangle;
import cz.cvut.kbss.analysis.security.SecurityConstants;
import cz.cvut.kbss.analysis.service.FaultEventRepositoryService;
import cz.cvut.kbss.analysis.service.IdentifierService;
import cz.cvut.kbss.analysis.util.Vocabulary;
Expand All @@ -13,13 +14,15 @@
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpStatus;
import org.springframework.http.MediaType;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.*;

import java.net.URI;
import java.util.List;

@RestController
@RequestMapping("/faultEvents")
@PreAuthorize("hasRole('" + SecurityConstants.ROLE_USER + "')")
@RequiredArgsConstructor(onConstructor = @__(@Autowired))
@Slf4j
public class FaultEventController {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,8 @@

import cz.cvut.kbss.analysis.model.*;
import cz.cvut.kbss.analysis.model.opdata.OperationalDataFilter;
import cz.cvut.kbss.analysis.service.FaultTreeEvaluationService;
import cz.cvut.kbss.analysis.security.SecurityConstants;
import cz.cvut.kbss.analysis.service.FaultTreeEvaluationService;
import cz.cvut.kbss.analysis.service.FaultTreeRepositoryService;
import cz.cvut.kbss.analysis.service.FaultTreeService;
import cz.cvut.kbss.analysis.service.IdentifierService;
Expand All @@ -13,6 +14,7 @@
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpStatus;
import org.springframework.http.MediaType;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.*;

import java.net.URI;
Expand All @@ -21,6 +23,7 @@

@RestController
@RequestMapping("/faultTrees")
@PreAuthorize("hasRole('" + SecurityConstants.ROLE_USER + "')")
@RequiredArgsConstructor(onConstructor = @__(@Autowired))
@Slf4j
public class FaultTreeController {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@
import cz.cvut.kbss.analysis.model.Behavior;
import cz.cvut.kbss.analysis.model.Component;
import cz.cvut.kbss.analysis.model.Function;
import cz.cvut.kbss.analysis.security.SecurityConstants;
import cz.cvut.kbss.analysis.service.FunctionRepositoryService;
import cz.cvut.kbss.analysis.service.IdentifierService;
import cz.cvut.kbss.analysis.util.Vocabulary;
Expand All @@ -12,6 +13,7 @@
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpStatus;
import org.springframework.http.MediaType;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.*;

import java.net.URI;
Expand All @@ -20,6 +22,7 @@

@RestController
@RequestMapping("/functions")
@PreAuthorize("hasRole('" + SecurityConstants.ROLE_USER + "')")
@RequiredArgsConstructor(onConstructor = @__(@Autowired))
@Slf4j
public class FunctionController {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -2,17 +2,20 @@

import cz.cvut.kbss.analysis.dto.update.MitigationUpdateDTO;
import cz.cvut.kbss.analysis.model.Mitigation;
import cz.cvut.kbss.analysis.security.SecurityConstants;
import cz.cvut.kbss.analysis.service.MitigationRepositoryService;
import cz.cvut.kbss.jsonld.JsonLd;
import lombok.RequiredArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpStatus;
import org.springframework.http.MediaType;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.*;

@RestController
@RequestMapping("/mitigations")
@PreAuthorize("hasRole('" + SecurityConstants.ROLE_USER + "')")
@RequiredArgsConstructor(onConstructor = @__(@Autowired))
@Slf4j
public class MitigationController {
Expand Down
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
package cz.cvut.kbss.analysis.controller;

import cz.cvut.kbss.analysis.model.opdata.OperationalDataFilter;
import cz.cvut.kbss.analysis.security.SecurityConstants;
import cz.cvut.kbss.analysis.service.FaultTreeService;
import cz.cvut.kbss.analysis.service.IdentifierService;
import cz.cvut.kbss.analysis.service.OperationalDataFilterService;
Expand All @@ -10,13 +11,15 @@
import lombok.extern.slf4j.Slf4j;
import org.springframework.http.HttpStatus;
import org.springframework.http.MediaType;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.*;

import java.net.URI;

@Controller
@RequestMapping("/operational-data-filter")
@PreAuthorize("hasRole('" + SecurityConstants.ROLE_USER + "')")
@Slf4j
public class OperationalDataFilterController {

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@

import cz.cvut.kbss.analysis.model.FailureMode;
import cz.cvut.kbss.analysis.model.System;
import cz.cvut.kbss.analysis.security.SecurityConstants;
import cz.cvut.kbss.analysis.service.IdentifierService;
import cz.cvut.kbss.analysis.service.SystemRepositoryService;
import cz.cvut.kbss.analysis.service.external.AnnotatorService;
Expand All @@ -12,6 +13,7 @@
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpStatus;
import org.springframework.http.MediaType;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.*;

import java.io.UnsupportedEncodingException;
Expand All @@ -21,6 +23,7 @@

@RestController
@RequestMapping("/systems")
@PreAuthorize("hasRole('" + SecurityConstants.ROLE_USER + "')")
@RequiredArgsConstructor(onConstructor = @__(@Autowired))
@Slf4j
public class SystemController {
Expand Down

0 comments on commit 0b24de0

Please sign in to comment.