mirror of
https://bitbucket.org/wisemapping/wisemapping-open-source.git
synced 2024-12-21 19:23:48 +01:00
Move couple of classes to services
Improve label security.
This commit is contained in:
parent
480fd49fd0
commit
8ec7c4edea
@ -12,7 +12,6 @@ import org.springframework.security.config.annotation.method.configuration.Enabl
|
||||
|
||||
@Configuration
|
||||
@EnableMethodSecurity(
|
||||
prePostEnabled = true,
|
||||
securedEnabled = true,
|
||||
jsr250Enabled = true)
|
||||
public class MethodSecurityConfig {
|
||||
|
@ -24,6 +24,7 @@ import com.wisemapping.model.User;
|
||||
import org.jetbrains.annotations.NotNull;
|
||||
import org.jetbrains.annotations.Nullable;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.security.access.prepost.PreAuthorize;
|
||||
import org.springframework.stereotype.Service;
|
||||
import org.springframework.transaction.annotation.Propagation;
|
||||
import org.springframework.transaction.annotation.Transactional;
|
||||
@ -38,7 +39,8 @@ public class LabelServiceImpl implements LabelService {
|
||||
private LabelManager labelManager;
|
||||
|
||||
@Override
|
||||
public void addLabel(@NotNull final Label label, @NotNull final User user) throws WiseMappingException {
|
||||
@PreAuthorize("hasAnyRole('USER', 'ADMIN') && hasPermission(#user, 'WRITE')")
|
||||
public void addLabel(@NotNull final Label label, @NotNull final User user) {
|
||||
|
||||
label.setCreator(user);
|
||||
labelManager.addLabel(label);
|
||||
@ -46,22 +48,26 @@ public class LabelServiceImpl implements LabelService {
|
||||
|
||||
@NotNull
|
||||
@Override
|
||||
@PreAuthorize("hasAnyRole('USER', 'ADMIN') && hasPermission(#user, 'READ')")
|
||||
public List<Label> getAll(@NotNull final User user) {
|
||||
return labelManager.getAllLabels(user);
|
||||
}
|
||||
|
||||
@Override @Nullable
|
||||
@Override
|
||||
@PreAuthorize("hasAnyRole('USER', 'ADMIN') && hasPermission(#user, 'READ')")
|
||||
public Label findLabelById(int id, @NotNull final User user) {
|
||||
return labelManager.getLabelById(id, user);
|
||||
}
|
||||
|
||||
@Nullable
|
||||
@Override
|
||||
@PreAuthorize("hasAnyRole('USER', 'ADMIN') && hasPermission(#user, 'READ')")
|
||||
public Label getLabelByTitle(@NotNull String title, @NotNull final User user) {
|
||||
return labelManager.getLabelByTitle(title, user);
|
||||
}
|
||||
|
||||
@Override
|
||||
@PreAuthorize("hasAnyRole('USER', 'ADMIN') && hasPermission(#user, 'WRITE')")
|
||||
public void removeLabel(@NotNull Label label, @NotNull User user) throws WiseMappingException {
|
||||
if (label.getCreator().equals(user)) {
|
||||
labelManager.removeLabel(label);
|
||||
|
@ -29,21 +29,27 @@ import org.apache.http.client.fluent.Request;
|
||||
import org.jetbrains.annotations.Nullable;
|
||||
|
||||
import jakarta.validation.constraints.NotNull;
|
||||
import org.springframework.beans.factory.annotation.Value;
|
||||
import org.springframework.stereotype.Service;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.util.HashMap;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
|
||||
|
||||
@Service
|
||||
public class RecaptchaService {
|
||||
|
||||
final private static Logger logger = LogManager.getLogger();
|
||||
|
||||
final private static String GOOGLE_RECAPTCHA_VERIFY_URL =
|
||||
"https://www.google.com/recaptcha/api/siteverify";
|
||||
|
||||
private final static ObjectMapper objectMapper = new ObjectMapper();
|
||||
public static final String CATCH_ERROR_CODE_TIMEOUT_OR_DUPLICATE = "timeout-or-duplicate";
|
||||
public static final String CATCHA_ERROR_CODE_INPUT_RESPONSE = "invalid-input-response";
|
||||
|
||||
@Value("${google.recaptcha2.secretKey}")
|
||||
private String recaptchaSecret;
|
||||
|
||||
@Nullable
|
||||
|
@ -21,7 +21,9 @@ import org.apache.commons.collections.ExtendedProperties;
|
||||
import org.apache.velocity.app.VelocityEngine;
|
||||
import org.apache.velocity.runtime.RuntimeConstants;
|
||||
import org.jetbrains.annotations.NotNull;
|
||||
import org.springframework.stereotype.Component;
|
||||
|
||||
@Component
|
||||
public class VelocityEngineWrapper {
|
||||
private final VelocityEngine velocityEngine;
|
||||
|
||||
|
@ -18,9 +18,6 @@
|
||||
<property name="velocityEngineWrapper" ref="velocityEngineWrapper"/>
|
||||
</bean>
|
||||
|
||||
<bean id="httpInvoker" class="com.wisemapping.service.google.http.HttpInvoker">
|
||||
</bean>
|
||||
|
||||
<bean id="googleService" class="com.wisemapping.service.google.GoogleService">
|
||||
<property name="httpInvoker" ref="httpInvoker"/>
|
||||
<property name="optinConfirmUrl" value="${security.oauth2.google.confirmUrl}"/>
|
||||
@ -30,10 +27,6 @@
|
||||
<property name="callbackUrl" value="${security.oauth2.google.callbackUrl}"/>
|
||||
</bean>
|
||||
|
||||
<bean id="recaptchaService" class="com.wisemapping.service.RecaptchaService">
|
||||
<property name="recaptchaSecret" value="${google.recaptcha2.secretKey}"/>
|
||||
</bean>
|
||||
|
||||
<bean id="mailSender" class="org.springframework.mail.javamail.JavaMailSenderImpl">
|
||||
<property name="host" value="${mail.smtp.host}"/>
|
||||
<property name="port" value="${mail.smtp.port}"/>
|
||||
@ -49,9 +42,6 @@
|
||||
</property>
|
||||
</bean>
|
||||
|
||||
<bean id="velocityEngineWrapper" class="com.wisemapping.util.VelocityEngineWrapper">
|
||||
</bean>
|
||||
|
||||
<bean id="notificationService" class="com.wisemapping.mail.NotificationService">
|
||||
<property name="baseUrl" value="${site.baseurl:http://localhost:8080/}"/>
|
||||
<property name="mailer" ref="mailer"/>
|
||||
|
Loading…
Reference in New Issue
Block a user