github
/
OpenID-Connect-Java-Spring-Server
mirror of https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

dispatch to different views based on user role

pull/306/merge
Justin Richer 2013-03-05 17:34:24 -05:00
parent 70b2342864
commit 1daf5bd357
1 changed files with 42 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

57
openid-connect-server/src/main/java/org/mitre/openid/connect/web/ClientAPI.java
View File

@ -28,6 +28,8 @@ import org.mitre.oauth2.service.ClientDetailsEntityService;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpStatus; import org.springframework.http.HttpStatus;
import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.stereotype.Controller; import org.springframework.stereotype.Controller;
import org.springframework.ui.Model; import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.PathVariable; import org.springframework.web.bind.annotation.PathVariable;
@ -45,9 +47,6 @@ import com.google.gson.JsonElement;
import com.google.gson.JsonObject; import com.google.gson.JsonObject;
import com.google.gson.JsonParseException; import com.google.gson.JsonParseException;
import com.google.gson.JsonParser; import com.google.gson.JsonParser;
import com.google.gson.JsonPrimitive;
import com.google.gson.JsonSerializationContext;
import com.google.gson.JsonSerializer;
/** /**
* @author Michael Jett <mjett@mitre.org> * @author Michael Jett <mjett@mitre.org>
@ -102,13 +101,16 @@ public class ClientAPI {
* @return * @return
*/ */
@RequestMapping(method = RequestMethod.GET, produces = "application/json") @RequestMapping(method = RequestMethod.GET, produces = "application/json")
public ModelAndView apiGetAllClients(ModelAndView modelAndView) { public String apiGetAllClients(Model model, Authentication auth) {
Collection<ClientDetailsEntity> clients = clientService.getAllClients(); Collection<ClientDetailsEntity> clients = clientService.getAllClients();
modelAndView.addObject("entity", clients); model.addAttribute("entity", clients);
modelAndView.setViewName("clientEntityViewAdmins");
return modelAndView; if (isAdmin(auth)) {
return "clientEntityViewAdmins";
} else {
return "clientEntityViewUsers";
}
} }
/** /**
@ -119,7 +121,7 @@ public class ClientAPI {
* @return * @return
*/ */
@RequestMapping(method = RequestMethod.POST, consumes = "application/json", produces = "application/json") @RequestMapping(method = RequestMethod.POST, consumes = "application/json", produces = "application/json")
public String apiAddClient(@RequestBody String jsonString, Model m, Principal principal) { public String apiAddClient(@RequestBody String jsonString, Model m, Authentication auth) {
JsonObject json = parser.parse(jsonString).getAsJsonObject(); JsonObject json = parser.parse(jsonString).getAsJsonObject();
@ -143,7 +145,11 @@ public class ClientAPI {
ClientDetailsEntity newClient = clientService.saveNewClient(client); ClientDetailsEntity newClient = clientService.saveNewClient(client);
m.addAttribute("entity", newClient); m.addAttribute("entity", newClient);
return "clientEntityViewAdmins"; if (isAdmin(auth)) {
return "clientEntityViewAdmins";
} else {
return "clientEntityViewUsers";
}
} }
/** /**
@ -155,7 +161,7 @@ public class ClientAPI {
* @return * @return
*/ */
@RequestMapping(value="/{id}", method = RequestMethod.PUT, consumes = "application/json", produces = "application/json") @RequestMapping(value="/{id}", method = RequestMethod.PUT, consumes = "application/json", produces = "application/json")
public String apiUpdateClient(@PathVariable("id") Long id, @RequestBody String jsonString, Model m, Principal principal) { public String apiUpdateClient(@PathVariable("id") Long id, @RequestBody String jsonString, Model m, Authentication auth) {
// TODO: sanity check if the thing really is a JSON object // TODO: sanity check if the thing really is a JSON object
JsonObject json = parser.parse(jsonString).getAsJsonObject(); JsonObject json = parser.parse(jsonString).getAsJsonObject();
@ -185,7 +191,11 @@ public class ClientAPI {
ClientDetailsEntity newClient = clientService.updateClient(oldClient, client); ClientDetailsEntity newClient = clientService.updateClient(oldClient, client);
m.addAttribute("entity", newClient); m.addAttribute("entity", newClient);
return "clientEntityViewAdmins"; if (isAdmin(auth)) {
return "clientEntityViewAdmins";
} else {
return "clientEntityViewUsers";
}
} }
/** /**
@ -217,15 +227,32 @@ public class ClientAPI {
* @return * @return
*/ */
@RequestMapping(value="/{id}", method=RequestMethod.GET, produces = "application/json") @RequestMapping(value="/{id}", method=RequestMethod.GET, produces = "application/json")
public ModelAndView apiShowClient(@PathVariable("id") Long id, ModelAndView modelAndView) { public String apiShowClient(@PathVariable("id") Long id, Model model, Authentication auth) {
ClientDetailsEntity client = clientService.getClientById(id); ClientDetailsEntity client = clientService.getClientById(id);
if (client == null) { if (client == null) {
throw new ClientNotFoundException("Could not find client: " + id); throw new ClientNotFoundException("Could not find client: " + id);
} }
modelAndView.addObject("entity", client); model.addAttribute("entity", client);
modelAndView.setViewName("clientEntityViewAdmins");
return modelAndView; if (isAdmin(auth)) {
return "clientEntityViewAdmins";
} else {
return "clientEntityViewUsers";
}
}
/**
* Check to see if the given auth object has ROLE_ADMIN assigned to it or not
* @param auth
* @return
*/
private boolean isAdmin(Authentication auth) {
for (GrantedAuthority grantedAuthority : auth.getAuthorities()) {
if (grantedAuthority.getAuthority().equals("ROLE_ADMIN")) {
return true;
}
}
return false;
} }
} }