package etunicorn.controller; import etunicorn.RestrictedTo; import etunicorn.entity.Permission; import etunicorn.entity.Role; import etunicorn.generated.model.UpdateRoleByIdRequest; import etunicorn.generated.model.UpdateRoleRequest; import etunicorn.repository.PermissionRepository; import etunicorn.repository.RoleRepository; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.dao.DataIntegrityViolationException; import org.springframework.http.HttpStatus; import org.springframework.http.ResponseEntity; import org.springframework.web.bind.annotation.PathVariable; import org.springframework.web.bind.annotation.RequestBody; import org.springframework.web.bind.annotation.RestController; import javax.validation.Valid; import java.util.List; /** * etunicorn-server * Copyright © 2017 Le Club Info Polytech Lille * Tous droits réservés */ @RestController public class RoleController extends BaseController implements etunicorn.generated.RoleController { @Autowired private RoleRepository roleRepository; @Autowired private PermissionRepository permissionRepository; @Override public ResponseEntity getRole() { return new ResponseEntity((List) roleRepository.findAll(), HttpStatus.OK); } @Override @RestrictedTo("ROLE_ADD") public ResponseEntity updateRole(@Valid @RequestBody UpdateRoleRequest updateRoleRequest) { Role oldRole = roleRepository.findByNom(updateRoleRequest.getNom()); if (oldRole != null) { return generateError(HttpStatus.CONFLICT, "Un rôle avec le même nom existe déjà"); } Role role = new Role(); role.setNom(updateRoleRequest.getNom()); try { roleRepository.save(role); } catch (DataIntegrityViolationException e) { return generateError(HttpStatus.CONFLICT, "Un rôle avec le même nom existe déjà"); } return new ResponseEntity(role, HttpStatus.CREATED); } @Override @RestrictedTo("ROLE_DELETE") public ResponseEntity deleteRoleById(@PathVariable String nomRole) { Role role = roleRepository.findByNom(nomRole); if (role == null) { return generateError(HttpStatus.NOT_FOUND, "Rôle introuvable"); } roleRepository.delete(role); return new ResponseEntity(HttpStatus.NO_CONTENT); } @Override @RestrictedTo("ROLE_PERMISSION_ADD") public ResponseEntity updateRoleById(@PathVariable String nomRole, @Valid @RequestBody UpdateRoleByIdRequest updateRoleByIdRequest) { Role role = roleRepository.findByNom(nomRole); if (role == null) { return generateError(HttpStatus.NOT_FOUND, "Rôle introuvable"); } Permission permission = permissionRepository.findByNom(updateRoleByIdRequest.getNom()); if (permission == null) { return generateError(HttpStatus.NOT_FOUND, "Permission introuvable"); } role.addPermission(permission); try { roleRepository.save(role); } catch (DataIntegrityViolationException e) { // Si la permission était déjà là, on fait rien } return new ResponseEntity(role, HttpStatus.ACCEPTED); } @Override @RestrictedTo("ROLE_PERMISSION_REMOVE") public ResponseEntity deleteRoleByNomPermission(@PathVariable String nomPermission, @PathVariable String nomRole) { Role role = roleRepository.findByNom(nomRole); if (role == null) { return generateError(HttpStatus.NOT_FOUND, "Rôle introuvable"); } Permission permission = permissionRepository.findByNom(nomPermission); if (permission == null) { return new ResponseEntity("Permission inconnue", HttpStatus.NOT_FOUND); } role.delPermission(permission); roleRepository.save(role); return new ResponseEntity(role, HttpStatus.ACCEPTED); } @Override @RestrictedTo("ROLE_PERMISSION_LIST") public ResponseEntity getPermission() { return new ResponseEntity((List) permissionRepository.findAll(), HttpStatus.OK); } }