Crop is AclAware

a86bd449 · Matija Obreza · ffec74c0 · a86bd449 · a86bd449 · a86bd449
Commit a86bd449 authored Jul 24, 2014 by Matija Obreza
6 changed files
--- a/src/main/java/org/genesys2/server/model/impl/Crop.java
+++ b/src/main/java/org/genesys2/server/model/impl/Crop.java
@@ -35,6 +35,7 @@ import javax.persistence.Transient;
 import org.apache.commons.lang.StringUtils;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
+import org.genesys2.server.model.AclAwareModel;
 import org.genesys2.server.model.GlobalVersionedAuditedModel;
 import org.genesys2.server.servlet.controller.rest.serialization.CropSerializer;
 import org.hibernate.annotations.Type;
@@ -50,7 +51,7 @@ import com.fasterxml.jackson.databind.annotation.JsonSerialize;
 @Table(name = "crop")
 @Indexed
 @JsonSerialize(using = CropSerializer.class)
-public class Crop extends GlobalVersionedAuditedModel {
+public class Crop extends GlobalVersionedAuditedModel implements AclAwareModel {

 	private static final long serialVersionUID = -2686341831839109257L;


--- a/src/main/java/org/genesys2/server/model/impl/CropRule.java
+++ b/src/main/java/org/genesys2/server/model/impl/CropRule.java
@@ -95,4 +95,9 @@ public class CropRule extends BusinessModel {
 	public void setCrop(Crop crop) {
 		this.crop = crop;
 	}
+	
+	@Override
+	public String toString() {
+		return "CropRule included=" + included + " genus=" + genus + " species=" + species + " crop=" + crop.getShortName();
+	}
 }
--- a/src/main/java/org/genesys2/server/service/impl/CropServiceImpl.java
+++ b/src/main/java/org/genesys2/server/service/impl/CropServiceImpl.java
@@ -234,7 +234,7 @@ public class CropServiceImpl implements CropService {
 	 * Update a crop record in Genesys
 	 */
 	@Override
-	@PreAuthorize("hasRole('ADMINISTRATOR')")
+	@PreAuthorize("hasRole('ADMINISTRATOR') or hasPermission(#crop, 'ADMINISTRATION')")
 	@Transactional(readOnly = false)
 	public Crop updateCrop(Crop crop, String name, String description, String i18n) {
 		LOG.info("Updating crop " + crop);
@@ -264,7 +264,7 @@ public class CropServiceImpl implements CropService {
 	}

 	@Override
-	@PreAuthorize("hasRole('ADMINISTRATOR')")
+	@PreAuthorize("hasRole('ADMINISTRATOR') or hasPermission(#crop, 'ADMINISTRATION')")
 	@Transactional(readOnly = false)
 	public CropRule addCropRule(Crop crop, String genus, String species, boolean included) {
 		if (crop == null || StringUtils.isBlank(genus)) {
@@ -274,7 +274,7 @@ public class CropServiceImpl implements CropService {
 		final CropRule rule = new CropRule();
 		rule.setCrop(crop);
 		rule.setGenus(genus);
-		rule.setSpecies(species);
+		rule.setSpecies(StringUtils.defaultIfBlank(species, null));
 		rule.setIncluded(included);
 		cropRuleRepository.save(rule);
 		return rule;

--- a/src/main/java/org/genesys2/server/servlet/controller/rest/CropsController.java
+++ b/src/main/java/org/genesys2/server/servlet/controller/rest/CropsController.java
@@ -47,7 +47,7 @@ import org.springframework.web.bind.annotation.ResponseBody;

 @Controller
 @PreAuthorize("isAuthenticated()")
-@RequestMapping(value = { "/api/v0", "/json/v0" })
+@RequestMapping(value = { "/api/v0/crops", "/json/v0/crops" })
 public class CropsController extends RestController {

 	@Autowired
@@ -65,7 +65,7 @@ public class CropsController extends RestController {
 	 * @return
 	 * @throws AuthorizationException
 	 */
-	@RequestMapping(value = "/crops", method = RequestMethod.GET, produces = { MediaType.APPLICATION_JSON_VALUE })
+	@RequestMapping(value = "", method = RequestMethod.GET, produces = { MediaType.APPLICATION_JSON_VALUE })
 	public @ResponseBody
 	Object listCrops() {
 		LOG.info("Listing crops");
@@ -79,7 +79,7 @@ public class CropsController extends RestController {
 	 * @return
 	 * @throws ValidationException
 	 */
-	@RequestMapping(value = "/crops", method = RequestMethod.PUT, produces = { MediaType.APPLICATION_JSON_VALUE })
+	@RequestMapping(value = "", method = { RequestMethod.PUT, RequestMethod.POST }, produces = { MediaType.APPLICATION_JSON_VALUE })
 	public @ResponseBody
 	Object createCrop(@RequestBody CropJson cropJson) throws ValidationException {
 		LOG.info("Creating crop");
@@ -114,7 +114,7 @@ public class CropsController extends RestController {
 	 * @return
 	 * @throws AuthorizationException
 	 */
-	@RequestMapping(value = "/crops/{shortName}", method = RequestMethod.GET, produces = { MediaType.APPLICATION_JSON_VALUE })
+	@RequestMapping(value = "/{shortName}", method = RequestMethod.GET, produces = { MediaType.APPLICATION_JSON_VALUE })
 	public @ResponseBody
 	Object getCrop(@PathVariable("shortName") String shortName) throws AuthorizationException {
 		LOG.info("Getting crop " + shortName);
@@ -127,7 +127,7 @@ public class CropsController extends RestController {
 	 * @return
 	 * @throws AuthorizationException
 	 */
-	@RequestMapping(value = "/crops/{shortName}/descriptors", method = RequestMethod.GET, produces = { MediaType.APPLICATION_JSON_VALUE })
+	@RequestMapping(value = "/{shortName}/descriptors", method = RequestMethod.GET, produces = { MediaType.APPLICATION_JSON_VALUE })
 	public @ResponseBody
 	Object getCropDescriptors(@PathVariable("shortName") String shortName) throws AuthorizationException {
 		LOG.info("Getting crop descriptors " + shortName);
@@ -142,7 +142,7 @@ public class CropsController extends RestController {
 	 * @return
 	 * @throws AuthorizationException
 	 */
-	@RequestMapping(value = "/crops/{shortName}/rules", method = RequestMethod.GET, produces = { MediaType.APPLICATION_JSON_VALUE })
+	@RequestMapping(value = "/{shortName}/rules", method = RequestMethod.GET, produces = { MediaType.APPLICATION_JSON_VALUE })
 	public @ResponseBody
 	Object getCropRules(@PathVariable("shortName") String shortName) throws AuthorizationException {
 		LOG.info("Getting crop rules " + shortName);
@@ -157,7 +157,7 @@ public class CropsController extends RestController {
 	 * @return
 	 * @throws AuthorizationException
 	 */
-	@RequestMapping(value = "/crops/{shortName}/taxa", method = RequestMethod.GET, produces = { MediaType.APPLICATION_JSON_VALUE })
+	@RequestMapping(value = "/{shortName}/taxa", method = RequestMethod.GET, produces = { MediaType.APPLICATION_JSON_VALUE })
 	public @ResponseBody
 	Object getCropTaxa(@PathVariable("shortName") String shortName) throws AuthorizationException {
 		LOG.info("Getting crop taxa " + shortName);

--- a/src/main/webapp/WEB-INF/jsp/crop/index.jsp
+++ b/src/main/webapp/WEB-INF/jsp/crop/index.jsp
@@ -17,6 +17,10 @@
 		<c:out value="${crop.getName(pageContext.response.locale)}" />
 	</h1>

+	<security:authorize access="hasRole('ADMINISTRATOR') or hasPermission(#crop, 'ADMINISTRATION')">
+		<a href="<c:url value="/acl/${crop.class.name}/${crop.id}/permissions"><c:param name="back">/c/${crop.shortName}</c:param></c:url>" class="close"> <spring:message code="edit-acl" /></a>
+	</security:authorize>
+
 	<div class="free-text">
 		<c:out value="${crop.getDescription(pageContext.response.locale)}" />
 	</div>

--- a/src/main/webapp/client/index.html
+++ b/src/main/webapp/client/index.html
@@ -5,8 +5,6 @@
 <title>Demo</title>
 </head>
 <body>
-	<script src="../html/js/main.js"></script>
-	<script src="../html/js/client.js"></script>
 	<a href="index.html">Index</a> <a href="crop.html">Crop</a>

 	<div class="form-horizontal">
@@ -23,6 +21,12 @@
 	<button class="rest-api" x-url="/methods">List methods</button>
 	<button class="json-api" x-url="/crops">List crops JSON</button>
 	<button class="json-api" x-url="/methods">List methods JSON</button>
+
+
+	<content tag="javascript">
+	<script src="../html/js/main.js"></script>
+	<script src="../html/js/client.js"></script>
+	</content>
 </body>
 </html>