Commit ee79457c authored by Matija Obreza's avatar Matija Obreza
Browse files

Image galleries with ACL support

parent 0df9094c
...@@ -30,8 +30,8 @@ import javax.persistence.OrderColumn; ...@@ -30,8 +30,8 @@ import javax.persistence.OrderColumn;
import org.genesys.blocks.model.AuditedVersionedModel; import org.genesys.blocks.model.AuditedVersionedModel;
import org.genesys.blocks.model.Copyable; import org.genesys.blocks.model.Copyable;
import org.genesys.blocks.security.model.AclAwareModel;
// TODO: Auto-generated Javadoc
/** /**
* {@link ImageGallery} is a collection of ordered {@link RepositoryImage} * {@link ImageGallery} is a collection of ordered {@link RepositoryImage}
* instances. * instances.
...@@ -44,7 +44,7 @@ import org.genesys.blocks.model.Copyable; ...@@ -44,7 +44,7 @@ import org.genesys.blocks.model.Copyable;
* @author mobreza * @author mobreza
*/ */
@Entity(name = "repositorygallery") @Entity(name = "repositorygallery")
public class ImageGallery extends AuditedVersionedModel implements Copyable<ImageGallery> { public class ImageGallery extends AuditedVersionedModel implements AclAwareModel, Copyable<ImageGallery> {
/** The Constant serialVersionUID. */ /** The Constant serialVersionUID. */
private static final long serialVersionUID = 6043583851401365284L; private static final long serialVersionUID = 6043583851401365284L;
......
...@@ -20,6 +20,9 @@ import org.genesys.filerepository.InvalidRepositoryPathException; ...@@ -20,6 +20,9 @@ import org.genesys.filerepository.InvalidRepositoryPathException;
import org.genesys.filerepository.model.ImageGallery; import org.genesys.filerepository.model.ImageGallery;
import org.springframework.data.domain.Page; import org.springframework.data.domain.Page;
import org.springframework.data.domain.Pageable; import org.springframework.data.domain.Pageable;
import org.springframework.security.access.prepost.PostAuthorize;
import org.springframework.security.access.prepost.PostFilter;
import org.springframework.security.access.prepost.PreAuthorize;
// TODO: Auto-generated Javadoc // TODO: Auto-generated Javadoc
/** /**
...@@ -40,6 +43,7 @@ public interface ImageGalleryService { ...@@ -40,6 +43,7 @@ public interface ImageGalleryService {
* @return the ImageGallery or <code>null</code> if no gallery exists at the * @return the ImageGallery or <code>null</code> if no gallery exists at the
* specified path. * specified path.
*/ */
@PostAuthorize("returnObject == null or hasRole('ADMINISTRATOR') or hasPermission(returnObject, 'read')")
ImageGallery loadImageGallery(String path); ImageGallery loadImageGallery(String path);
/** /**
...@@ -51,6 +55,7 @@ public interface ImageGalleryService { ...@@ -51,6 +55,7 @@ public interface ImageGalleryService {
* @param description Image gallery description in English. * @param description Image gallery description in English.
* @return the new ImageGallery or existing gallery at the specified path. * @return the new ImageGallery or existing gallery at the specified path.
*/ */
@PreAuthorize("isAuthenticated()")
ImageGallery createImageGallery(String path, String title, String description); ImageGallery createImageGallery(String path, String title, String description);
/** /**
...@@ -59,6 +64,7 @@ public interface ImageGalleryService { ...@@ -59,6 +64,7 @@ public interface ImageGalleryService {
* @param imageGallery the image gallery * @param imageGallery the image gallery
* @throws InvalidRepositoryPathException the invalid repository path exception * @throws InvalidRepositoryPathException the invalid repository path exception
*/ */
@PreAuthorize("hasRole('ADMINISTRATOR') or hasPermission(#imageGallery, 'delete')")
void removeGallery(ImageGallery imageGallery) throws InvalidRepositoryPathException; void removeGallery(ImageGallery imageGallery) throws InvalidRepositoryPathException;
/** /**
...@@ -69,6 +75,7 @@ public interface ImageGalleryService { ...@@ -69,6 +75,7 @@ public interface ImageGalleryService {
* @param description the description * @param description the description
* @return the image gallery * @return the image gallery
*/ */
@PreAuthorize("hasRole('ADMINISTRATOR') or hasPermission(#imageGallery, 'write')")
ImageGallery updateImageGalery(ImageGallery imageGallery, String title, String description); ImageGallery updateImageGalery(ImageGallery imageGallery, String title, String description);
/** /**
...@@ -78,6 +85,7 @@ public interface ImageGalleryService { ...@@ -78,6 +85,7 @@ public interface ImageGalleryService {
* @param imageGallery the image gallery * @param imageGallery the image gallery
* @return the image gallery * @return the image gallery
*/ */
@PreAuthorize("hasRole('ADMINISTRATOR') or hasPermission(#imageGallery, 'write')")
ImageGallery saveImageOrder(ImageGallery imageGallery); ImageGallery saveImageOrder(ImageGallery imageGallery);
/** /**
...@@ -97,6 +105,7 @@ public interface ImageGalleryService { ...@@ -97,6 +105,7 @@ public interface ImageGalleryService {
* @param pageable the pageable * @param pageable the pageable
* @return paginated image gallery data * @return paginated image gallery data
*/ */
@PostFilter("hasRole('ADMINISTRATOR') or hasPermission(returnObject, 'read')")
Page<ImageGallery> listImageGalleries(Pageable pageable); Page<ImageGallery> listImageGalleries(Pageable pageable);
/** /**
...@@ -106,6 +115,7 @@ public interface ImageGalleryService { ...@@ -106,6 +115,7 @@ public interface ImageGalleryService {
* @param pageable the pageable * @param pageable the pageable
* @return paginated image gallery data * @return paginated image gallery data
*/ */
@PostFilter("hasRole('ADMINISTRATOR') or hasPermission(returnObject, 'read')")
Page<ImageGallery> listImageGalleries(String prefix, Pageable pageable); Page<ImageGallery> listImageGalleries(String prefix, Pageable pageable);
} }
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment