Skip to content

Commit

Permalink
[kbss-cvut/record-manager-ui#202] Rename security constants
Browse files Browse the repository at this point in the history
  • Loading branch information
palagdan committed Sep 30, 2024
1 parent 190203c commit 209b438
Show file tree
Hide file tree
Showing 14 changed files with 66 additions and 67 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -79,7 +79,7 @@ private Converter<Jwt, AbstractAuthenticationToken> grantedAuthoritiesExtractor(
assert extractedRoles != null;
final Set<SimpleGrantedAuthority> authorities = new HashSet<>(extractedRoles);
// Add default role if it is not present
authorities.add(new SimpleGrantedAuthority(SecurityConstants.user));
authorities.add(new SimpleGrantedAuthority(SecurityConstants.ROLE_USER));
return new JwtAuthenticationToken(source, authorities);
};
}
Expand Down
4 changes: 2 additions & 2 deletions src/main/java/cz/cvut/kbss/study/model/Role.java
Original file line number Diff line number Diff line change
Expand Up @@ -8,10 +8,10 @@ public enum Role {

// TODO deprecated -- should be removed.
@Individual(iri=Vocabulary.s_i_RM_ADMIN)
administrator(SecurityConstants.administrator, Vocabulary.s_i_RM_ADMIN),
administrator(SecurityConstants.ROLE_ADMIN, Vocabulary.s_i_RM_ADMIN),
// TODO deprecated -- should be removed.
@Individual(iri = Vocabulary.s_i_RM_USER)
user(SecurityConstants.user, Vocabulary.s_i_RM_USER),
user(SecurityConstants.ROLE_USER, Vocabulary.s_i_RM_USER),

@Individual(iri = Vocabulary.s_i_impersonate_role)
impersonate(SecurityConstants.impersonate, Vocabulary.s_i_impersonate_role),
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -54,7 +54,7 @@ public void create(@RequestBody ActionHistory actionHistory) {
}
}

@PreAuthorize("hasAuthority('" + SecurityConstants.administrator + "')")
@PreAuthorize("hasAuthority('" + SecurityConstants.ROLE_ADMIN + "')")
@GetMapping(produces = MediaType.APPLICATION_JSON_VALUE)
public List<ActionHistory> getActions(@RequestParam(value = "author", required = false) String authorUsername,
@RequestParam(value = "type", required = false) String type,
Expand All @@ -73,7 +73,7 @@ public List<ActionHistory> getActions(@RequestParam(value = "author", required =
return result.getContent();
}

@PreAuthorize("hasAuthority('" + SecurityConstants.administrator + "')")
@PreAuthorize("hasAuthority('" + SecurityConstants.ROLE_ADMIN + "')")
@GetMapping(value = "/{key}", produces = MediaType.APPLICATION_JSON_VALUE)
public ActionHistory getByKey(@PathVariable("key") String key) {
final ActionHistory action = actionHistoryService.findByKey(key);
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@
import org.springframework.web.bind.annotation.*;

@RestController
@PreAuthorize("hasAuthority('" + SecurityConstants.user + "')")
@PreAuthorize("hasAuthority('" + SecurityConstants.ROLE_USER + "')")
@RequestMapping("/formGen")
public class FormGenController extends BaseController {

Expand Down
16 changes: 8 additions & 8 deletions src/main/java/cz/cvut/kbss/study/rest/InstitutionController.java
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@
import static cz.cvut.kbss.study.rest.util.RecordFilterMapper.constructRecordFilter;

@RestController
@PreAuthorize("hasAuthority('" + SecurityConstants.user + "')")
@PreAuthorize("hasAuthority('" + SecurityConstants.ROLE_USER + "')")
@RequestMapping("/institutions")
public class InstitutionController extends BaseController {

Expand All @@ -44,16 +44,16 @@ public InstitutionController(InstitutionService institutionService,
this.recordService = recordService;
}

@PreAuthorize("hasAuthority('" + SecurityConstants.administrator + "')")
@PreAuthorize("hasAuthority('" + SecurityConstants.ROLE_ADMIN + "')")
@GetMapping(produces = MediaType.APPLICATION_JSON_VALUE)
public List<Institution> getAllInstitutions() {
final List<Institution> institutions = institutionService.findAll();
institutions.sort(Comparator.comparing(Institution::getName));
return institutions;
}

@PreAuthorize("hasAuthority('" + SecurityConstants.administrator + "') " +
"or hasAuthority('" + SecurityConstants.user + "') and @securityUtils.isMemberOfInstitution(#key)")
@PreAuthorize("hasAuthority('" + SecurityConstants.ROLE_ADMIN + "') " +
"or hasAuthority('" + SecurityConstants.ROLE_USER + "') and @securityUtils.isMemberOfInstitution(#key)")
@GetMapping(value = "/{key}", produces = MediaType.APPLICATION_JSON_VALUE)
public Institution findByKey(@PathVariable("key") String key) {
return findInternal(key);
Expand All @@ -67,15 +67,15 @@ private Institution findInternal(String key) {
return result;
}

@PreAuthorize("hasAuthority('" + SecurityConstants.administrator + "') or @securityUtils.isRecordInUsersInstitution(#key)")
@PreAuthorize("hasAuthority('" + SecurityConstants.ROLE_ADMIN + "') or @securityUtils.isRecordInUsersInstitution(#key)")
@GetMapping(value = "/{key}/patients", produces = MediaType.APPLICATION_JSON_VALUE)
public List<PatientRecordDto> getTreatedPatientRecords(@PathVariable("key") String key) {
final Institution inst = findInternal(key);
assert inst != null;
return recordService.findAll(constructRecordFilter("institution", key), Pageable.unpaged()).getContent();
}

@PreAuthorize("hasAuthority('" + SecurityConstants.administrator + "')")
@PreAuthorize("hasAuthority('" + SecurityConstants.ROLE_ADMIN + "')")
@PostMapping(consumes = MediaType.APPLICATION_JSON_VALUE)
@ResponseStatus(HttpStatus.CREATED)
public ResponseEntity<Void> createInstitution(@RequestBody Institution institution) {
Expand All @@ -88,7 +88,7 @@ public ResponseEntity<Void> createInstitution(@RequestBody Institution instituti
return new ResponseEntity<>(headers, HttpStatus.CREATED);
}

@PreAuthorize("hasAuthority('" + SecurityConstants.administrator + "')")
@PreAuthorize("hasAuthority('" + SecurityConstants.ROLE_ADMIN + "')")
@PutMapping(value = "/{key}", consumes = MediaType.APPLICATION_JSON_VALUE)
@ResponseStatus(HttpStatus.NO_CONTENT)
public void updateInstitution(@PathVariable("key") String key, @RequestBody Institution institution) {
Expand All @@ -104,7 +104,7 @@ public void updateInstitution(@PathVariable("key") String key, @RequestBody Inst
}
}

@PreAuthorize("hasAuthority('" + SecurityConstants.administrator + "')")
@PreAuthorize("hasAuthority('" + SecurityConstants.ROLE_ADMIN + "')")
@DeleteMapping(value = "/{key}")
@ResponseStatus(HttpStatus.NO_CONTENT)
public void deleteInstitution(@PathVariable("key") String key) {
Expand Down
12 changes: 6 additions & 6 deletions src/main/java/cz/cvut/kbss/study/rest/OidcUserController.java
Original file line number Diff line number Diff line change
Expand Up @@ -38,14 +38,14 @@ public OidcUserController(UserService userService, InstitutionService institutio
this.institutionService = institutionService;
}

@PreAuthorize("hasAuthority('" + SecurityConstants.user + "')")
@PreAuthorize("hasAuthority('" + SecurityConstants.ROLE_USER + "')")
@GetMapping(value = "/current", produces = MediaType.APPLICATION_JSON_VALUE)
public User getCurrent() {
return userService.getCurrentUser();
}

@PreAuthorize("hasAuthority('" + SecurityConstants.administrator + "') or #username == authentication.name or " +
"hasAuthority('" + SecurityConstants.user + "') and @securityUtils.areFromSameInstitution(#username)")
@PreAuthorize("hasAuthority('" + SecurityConstants.ROLE_ADMIN + "') or #username == authentication.name or " +
"hasAuthority('" + SecurityConstants.ROLE_USER + "') and @securityUtils.areFromSameInstitution(#username)")
@GetMapping(value = "/{username}", produces = MediaType.APPLICATION_JSON_VALUE)
public User getByUsername(@PathVariable("username") String username) {
final User user = userService.findByUsername(username);
Expand All @@ -56,14 +56,14 @@ public User getByUsername(@PathVariable("username") String username) {
}

@PreAuthorize(
"hasAuthority('" + SecurityConstants.administrator + "') " +
"or hasAuthority('" + SecurityConstants.administrator + "') and @securityUtils.isMemberOfInstitution(#institutionKey)")
"hasAuthority('" + SecurityConstants.ROLE_ADMIN + "') " +
"or hasAuthority('" + SecurityConstants.ROLE_ADMIN + "') and @securityUtils.isMemberOfInstitution(#institutionKey)")
@GetMapping(produces = MediaType.APPLICATION_JSON_VALUE)
public List<User> getUsers(@RequestParam(value = "institution", required = false) String institutionKey) {
return institutionKey != null ? getByInstitution(institutionKey) : userService.findAll();
}

@PreAuthorize("hasAuthority('" + SecurityConstants.administrator + "') or #username == authentication.name")
@PreAuthorize("hasAuthority('" + SecurityConstants.ROLE_ADMIN + "') or #username == authentication.name")
@PutMapping(value = "/{username}", consumes = MediaType.APPLICATION_JSON_VALUE)
@ResponseStatus(HttpStatus.NO_CONTENT)
public void updateUser(@PathVariable("username") String username, @RequestBody User user,
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -42,7 +42,7 @@
import java.util.stream.Stream;

@RestController
@PreAuthorize("hasAuthority('" + SecurityConstants.user + "')")
@PreAuthorize("hasAuthority('" + SecurityConstants.ROLE_USER + "')")
@RequestMapping("/records")
public class PatientRecordController extends BaseController {

Expand Down Expand Up @@ -70,7 +70,7 @@ public PatientRecordController(PatientRecordService recordService, ApplicationEv
this.publishRecordsService = publishRecordsService;
}

@PreAuthorize("hasAuthority('" + SecurityConstants.administrator + "') or #institutionKey==null or @securityUtils.isMemberOfInstitution(#institutionKey)")
@PreAuthorize("hasAuthority('" + SecurityConstants.ROLE_ADMIN + "') or #institutionKey==null or @securityUtils.isMemberOfInstitution(#institutionKey)")
@GetMapping(produces = MediaType.APPLICATION_JSON_VALUE)
public List<PatientRecordDto> getRecords(
@RequestParam(value = "institution", required = false) String institutionKey,
Expand All @@ -79,7 +79,7 @@ public List<PatientRecordDto> getRecords(

Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
boolean hasAdminRole = authentication.getAuthorities().stream()
.anyMatch(authority -> authority.getAuthority().equals(SecurityConstants.administrator));
.anyMatch(authority -> authority.getAuthority().equals(SecurityConstants.ROLE_ADMIN));

if (!hasAdminRole && institutionKey == null) {
throw new ValidationException("record.save-error.user-not-assigned-to-institution",
Expand All @@ -91,15 +91,15 @@ public List<PatientRecordDto> getRecords(
return result.getContent();
}

@PreAuthorize("hasAuthority('" + SecurityConstants.administrator + "') or @securityUtils.isMemberOfInstitution(#institutionKey)")
@PreAuthorize("hasAuthority('" + SecurityConstants.ROLE_ADMIN + "') or @securityUtils.isMemberOfInstitution(#institutionKey)")
@GetMapping(value="used-record-phases", produces = MediaType.APPLICATION_JSON_VALUE)
public Set<RecordPhase> getUsedRecordPhases(@RequestParam(value = "institution", required = false) String institutionKey){
return recordService.findUsedRecordPhases();
}


@PreAuthorize(
"hasAuthority('" + SecurityConstants.administrator + "') or @securityUtils.isMemberOfInstitution(#institutionKey)")
"hasAuthority('" + SecurityConstants.ROLE_ADMIN + "') or @securityUtils.isMemberOfInstitution(#institutionKey)")
@GetMapping(value = "/export", produces = {MediaType.APPLICATION_JSON_VALUE, Constants.MEDIA_TYPE_EXCEL})
public ResponseEntity<?> exportRecords(
@RequestParam(name = "institution", required = false) String institutionKey,
Expand Down Expand Up @@ -158,7 +158,7 @@ public ResponseEntity<InputStreamResource> exportRecordsExcel(MultiValueMap<Stri
.body(new InputStreamResource(stream));
}

@PreAuthorize("hasAuthority('" + SecurityConstants.administrator + "') or @securityUtils.isRecordInUsersInstitution(#key)")
@PreAuthorize("hasAuthority('" + SecurityConstants.ROLE_ADMIN + "') or @securityUtils.isRecordInUsersInstitution(#key)")
@GetMapping(value = "/{key}", produces = MediaType.APPLICATION_JSON_VALUE)
public PatientRecord getRecord(@PathVariable("key") String key) {
return findInternal(key);
Expand Down Expand Up @@ -190,7 +190,7 @@ public ResponseEntity<String> createRecord(@RequestBody PatientRecord record) {
}

@PreAuthorize(
"hasAuthority('" + SecurityConstants.administrator + "') or @securityUtils.isMemberOfInstitution(#institutionKey)")
"hasAuthority('" + SecurityConstants.ROLE_ADMIN + "') or @securityUtils.isMemberOfInstitution(#institutionKey)")
@PostMapping(value = "/publish", produces = {MediaType.APPLICATION_JSON_VALUE})
public RecordImportResult publishRecords(
@RequestParam(name = "institution", required = false) String institutionKey,
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -29,13 +29,13 @@ public RoleGroupController(RoleGroupService roleGroupService) {
this.roleGroupService = roleGroupService;
}

@PreAuthorize("hasAuthority('" + SecurityConstants.administrator + "')")
@PreAuthorize("hasAuthority('" + SecurityConstants.ROLE_ADMIN + "')")
@GetMapping(produces = MediaType.APPLICATION_JSON_VALUE)
public List<RoleGroup> getRoleGroups() {
return roleGroupService.findAll();
}

@PreAuthorize("hasAuthority('" + SecurityConstants.administrator + "')")
@PreAuthorize("hasAuthority('" + SecurityConstants.ROLE_ADMIN + "')")
@GetMapping(value = "/{name}",produces = MediaType.APPLICATION_JSON_VALUE)
public RoleGroup findByName(@PathVariable("name") String name) {
RoleGroup result = roleGroupService.findByName(name);
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@
import java.util.HashMap;
import java.util.Map;

@PreAuthorize("hasAuthority('" + SecurityConstants.administrator + "')")
@PreAuthorize("hasAuthority('" + SecurityConstants.ROLE_ADMIN + "')")
@RestController
@RequestMapping("/statistics")
public class StatisticsController extends BaseController {
Expand All @@ -22,7 +22,7 @@ public StatisticsController(StatisticsService statisticsService) {
this.statisticsService = statisticsService;
}

@PreAuthorize("hasAuthority('" + SecurityConstants.administrator + "')")
@PreAuthorize("hasAuthority('" + SecurityConstants.ROLE_ADMIN + "')")
@GetMapping(produces = MediaType.APPLICATION_JSON_VALUE)
public Map<String, Integer> getStatistics() {
Map<String, Integer> data = new HashMap<>();
Expand Down
24 changes: 12 additions & 12 deletions src/main/java/cz/cvut/kbss/study/rest/UserController.java
Original file line number Diff line number Diff line change
Expand Up @@ -47,8 +47,8 @@ public UserController(UserService userService, InstitutionService institutionSer
this.institutionService = institutionService;
}

@PreAuthorize("hasAuthority('" + SecurityConstants.administrator + "') or #username == authentication.name or " +
"hasAuthority('" + SecurityConstants.user + "') and @securityUtils.areFromSameInstitution(#username)")
@PreAuthorize("hasAuthority('" + SecurityConstants.ROLE_ADMIN + "') or #username == authentication.name or " +
"hasAuthority('" + SecurityConstants.ROLE_USER + "') and @securityUtils.areFromSameInstitution(#username)")
@GetMapping(value = "/{username}", produces = MediaType.APPLICATION_JSON_VALUE)
public User getByUsername(@PathVariable("username") String username) {
final User user = userService.findByUsername(username);
Expand All @@ -58,13 +58,13 @@ public User getByUsername(@PathVariable("username") String username) {
return user;
}

@PreAuthorize("hasAuthority('" + SecurityConstants.user + "')")
@PreAuthorize("hasAuthority('" + SecurityConstants.ROLE_USER + "')")
@GetMapping(value = "/current", produces = MediaType.APPLICATION_JSON_VALUE)
public User getCurrent() {
return userService.getCurrentUser();
}

@PreAuthorize("hasAuthority('" + SecurityConstants.administrator + "')")
@PreAuthorize("hasAuthority('" + SecurityConstants.ROLE_ADMIN + "')")
@PostMapping(consumes = MediaType.APPLICATION_JSON_VALUE)
public ResponseEntity<Void> create(@RequestBody User user) {
userService.persist(user);
Expand All @@ -77,8 +77,8 @@ public ResponseEntity<Void> create(@RequestBody User user) {
}

@PreAuthorize(
"hasAuthority('" + SecurityConstants.administrator + "') " +
"or hasAuthority('" + SecurityConstants.user + "') and @securityUtils.isMemberOfInstitution(#institutionKey)")
"hasAuthority('" + SecurityConstants.ROLE_ADMIN + "') " +
"or hasAuthority('" + SecurityConstants.ROLE_USER + "') and @securityUtils.isMemberOfInstitution(#institutionKey)")
@GetMapping(produces = MediaType.APPLICATION_JSON_VALUE)
public List<User> getUsers(@RequestParam(value = "institution", required = false) String institutionKey) {
return institutionKey != null ? getByInstitution(institutionKey) : userService.findAll();
Expand All @@ -90,7 +90,7 @@ private List<User> getByInstitution(String institutionKey) {
return userService.findByInstitution(institution);
}

@PreAuthorize("hasAuthority('" + SecurityConstants.administrator + "')")
@PreAuthorize("hasAuthority('" + SecurityConstants.ROLE_ADMIN + "')")
@DeleteMapping(value = "/{username}")
@ResponseStatus(HttpStatus.NO_CONTENT)
public void removeUser(@PathVariable("username") String username) {
Expand All @@ -101,7 +101,7 @@ public void removeUser(@PathVariable("username") String username) {
}
}

@PreAuthorize("hasAuthority('" + SecurityConstants.administrator + "') or #username == authentication.name")
@PreAuthorize("hasAuthority('" + SecurityConstants.ROLE_ADMIN + "') or #username == authentication.name")
@PutMapping(value = "/{username}", consumes = MediaType.APPLICATION_JSON_VALUE)
@ResponseStatus(HttpStatus.NO_CONTENT)
public void updateUser(@PathVariable("username") String username, @RequestBody User user,
Expand All @@ -117,7 +117,7 @@ public void updateUser(@PathVariable("username") String username, @RequestBody U
}
}

@PreAuthorize("hasAuthority('" + SecurityConstants.administrator + "') or #username == authentication.name")
@PreAuthorize("hasAuthority('" + SecurityConstants.ROLE_ADMIN + "') or #username == authentication.name")
@PutMapping(value = "/{username}/password-change", consumes = MediaType.APPLICATION_JSON_VALUE)
@ResponseStatus(HttpStatus.NO_CONTENT)
public void updatePassword(@PathVariable("username") String username, @RequestBody Map<String, String> password,
Expand Down Expand Up @@ -147,7 +147,7 @@ public void resetPassword(@RequestBody String emailAddress) {
}
}

@PreAuthorize("hasAuthority('" + SecurityConstants.administrator + "')")
@PreAuthorize("hasAuthority('" + SecurityConstants.ROLE_ADMIN + "')")
@GetMapping(value = "/generate-username/{usernamePrefix}", produces = MediaType.TEXT_PLAIN_VALUE)
public String generateUsername(@PathVariable(value = "usernamePrefix") String usernamePrefix) {
return userService.generateUsername(usernamePrefix);
Expand All @@ -173,7 +173,7 @@ public void changePasswordByToken(@RequestBody Map<String, String> data) {
}
}

@PreAuthorize("hasAuthority('" + SecurityConstants.administrator + "')")
@PreAuthorize("hasAuthority('" + SecurityConstants.ROLE_ADMIN + "')")
@PutMapping(value = "/send-invitation/{username}")
@ResponseStatus(HttpStatus.NO_CONTENT)
public void sendInvitation(@PathVariable(value = "username") String username) {
Expand All @@ -188,7 +188,7 @@ public void sendInvitation(@PathVariable(value = "username") String username) {
}
}

@PreAuthorize("hasAuthority('" + SecurityConstants.administrator + "')")
@PreAuthorize("hasAuthority('" + SecurityConstants.ROLE_ADMIN + "')")
@PostMapping(value = "/send-invitation/delete", consumes = MediaType.TEXT_PLAIN_VALUE)
@ResponseStatus(HttpStatus.NO_CONTENT)
public void deleteInvitationOption(@RequestBody String username) {
Expand Down
Loading

0 comments on commit 209b438

Please sign in to comment.