Package org.jtalks.jcommune.web.controller

Source Code of org.jtalks.jcommune.web.controller.SecurityController

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
/**
* Copyright (C) 2011  JTalks.org Team
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; either
* version 2.1 of the License, or (at your option) any later version.
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
* Lesser General Public License for more details.
* You should have received a copy of the GNU Lesser General Public
* License along with this library; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
*/
package org.jtalks.jcommune.web.controller;

import org.jtalks.jcommune.service.security.PermissionService;
import org.jtalks.jcommune.web.dto.json.JsonResponse;
import org.jtalks.jcommune.web.dto.json.JsonResponseStatus;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;

/**
* Controller for secuirty related REST methods.
*
* @author Vyacheslav Mishcheryakov
*
*/
@Controller
public class SecurityController {

    private PermissionService permissionService;
   

    /**
     *
     * @param permissionService to check permissions for current user
     */
    @Autowired
    public SecurityController(PermissionService permissionService) {
        this.permissionService = permissionService;
    }

    /**
     * Checks if current user is granted with permission
     * @param targetId the identifier for the object instance
     * @param targetType a String representing the target's type (e.g. 'BRANCH' or 'USER'). Not null.
     * @param permission a representation of the permission object as supplied by the expression system. Not null.
     * @return JSON response with 'status' = 'success' if user is granted and
     *      'status' = 'fail' otherwise. 'result' object is null in both cases
     */
    @RequestMapping(value="/security/haspermission", method=RequestMethod.GET)
    @ResponseBody
    public JsonResponse hasPermission(
            @RequestParam("targetId") long targetId,
            @RequestParam("targetType") String targetType,
            @RequestParam("permission") String permission) {
        if (permissionService.hasPermission(targetId, targetType, permission)) {
            return new JsonResponse(JsonResponseStatus.SUCCESS);
        } else {
            return new JsonResponse(JsonResponseStatus.FAIL);
        }
    }
   
}
TOP

Related Classes of org.jtalks.jcommune.web.controller.SecurityController

  • org.jtalks.jcommune.web.dto.json.JsonResponse
    • TOP
    Copyright © 2018 www.massapi.com. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.