Commit ee79457c authored by Matija Obreza's avatar Matija Obreza

Image galleries with ACL support

parent 0df9094c
......@@ -30,8 +30,8 @@ import javax.persistence.OrderColumn;
import org.genesys.blocks.model.AuditedVersionedModel;
import org.genesys.blocks.model.Copyable;
import org.genesys.blocks.security.model.AclAwareModel;
// TODO: Auto-generated Javadoc
/**
* {@link ImageGallery} is a collection of ordered {@link RepositoryImage}
* instances.
......@@ -44,7 +44,7 @@ import org.genesys.blocks.model.Copyable;
* @author mobreza
*/
@Entity(name = "repositorygallery")
public class ImageGallery extends AuditedVersionedModel implements Copyable<ImageGallery> {
public class ImageGallery extends AuditedVersionedModel implements AclAwareModel, Copyable<ImageGallery> {
/** The Constant serialVersionUID. */
private static final long serialVersionUID = 6043583851401365284L;
......
......@@ -20,6 +20,9 @@ import org.genesys.filerepository.InvalidRepositoryPathException;
import org.genesys.filerepository.model.ImageGallery;
import org.springframework.data.domain.Page;
import org.springframework.data.domain.Pageable;
import org.springframework.security.access.prepost.PostAuthorize;
import org.springframework.security.access.prepost.PostFilter;
import org.springframework.security.access.prepost.PreAuthorize;
// TODO: Auto-generated Javadoc
/**
......@@ -40,6 +43,7 @@ public interface ImageGalleryService {
* @return the ImageGallery or <code>null</code> if no gallery exists at the
* specified path.
*/
@PostAuthorize("returnObject == null or hasRole('ADMINISTRATOR') or hasPermission(returnObject, 'read')")
ImageGallery loadImageGallery(String path);
/**
......@@ -51,6 +55,7 @@ public interface ImageGalleryService {
* @param description Image gallery description in English.
* @return the new ImageGallery or existing gallery at the specified path.
*/
@PreAuthorize("isAuthenticated()")
ImageGallery createImageGallery(String path, String title, String description);
/**
......@@ -59,6 +64,7 @@ public interface ImageGalleryService {
* @param imageGallery the image gallery
* @throws InvalidRepositoryPathException the invalid repository path exception
*/
@PreAuthorize("hasRole('ADMINISTRATOR') or hasPermission(#imageGallery, 'delete')")
void removeGallery(ImageGallery imageGallery) throws InvalidRepositoryPathException;
/**
......@@ -69,6 +75,7 @@ public interface ImageGalleryService {
* @param description the description
* @return the image gallery
*/
@PreAuthorize("hasRole('ADMINISTRATOR') or hasPermission(#imageGallery, 'write')")
ImageGallery updateImageGalery(ImageGallery imageGallery, String title, String description);
/**
......@@ -78,6 +85,7 @@ public interface ImageGalleryService {
* @param imageGallery the image gallery
* @return the image gallery
*/
@PreAuthorize("hasRole('ADMINISTRATOR') or hasPermission(#imageGallery, 'write')")
ImageGallery saveImageOrder(ImageGallery imageGallery);
/**
......@@ -97,6 +105,7 @@ public interface ImageGalleryService {
* @param pageable the pageable
* @return paginated image gallery data
*/
@PostFilter("hasRole('ADMINISTRATOR') or hasPermission(returnObject, 'read')")
Page<ImageGallery> listImageGalleries(Pageable pageable);
/**
......@@ -106,6 +115,7 @@ public interface ImageGalleryService {
* @param pageable the pageable
* @return paginated image gallery data
*/
@PostFilter("hasRole('ADMINISTRATOR') or hasPermission(returnObject, 'read')")
Page<ImageGallery> listImageGalleries(String prefix, Pageable pageable);
}
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment