added permission filter to workbaskets
This commit is contained in:
Eberhard Mayer
parent
ebe827e0f0
commit
287ea4a9ac
|
|
@ -92,7 +92,8 @@ public interface WorkbasketService {
|
|||
* if the workbasket do not exist
|
||||
* @throws NotAuthorizedException
|
||||
*/
|
||||
public void checkPermission(String workbasketId, WorkbasketAuthorization authorization) throws NotAuthorizedException;
|
||||
public void checkPermission(String workbasketId, WorkbasketAuthorization authorization)
|
||||
throws NotAuthorizedException;
|
||||
|
||||
/**
|
||||
* This method get one WorkbasketAuthorization with an id
|
||||
|
|
@ -103,7 +104,7 @@ public interface WorkbasketService {
|
|||
*/
|
||||
public WorkbasketAccessItem getWorkbasketAuthorization(String id);
|
||||
|
||||
/**
|
||||
/**
|
||||
* Get all authorizations for a Workbasket.
|
||||
*
|
||||
* @param workbasketId
|
||||
|
|
@ -111,4 +112,13 @@ public interface WorkbasketService {
|
|||
*/
|
||||
public List<WorkbasketAccessItem> getWorkbasketAuthorizations(String workbasketId);
|
||||
|
||||
/**
|
||||
* This method provides workbaskets via an permission
|
||||
*
|
||||
* @param permission
|
||||
* as String like in this enum: {@link WorkbasketAuthorization}
|
||||
* @return all filtered workbaskets
|
||||
*/
|
||||
List<Workbasket> getWorkbaskets(List<String> permission);
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -48,6 +48,12 @@ public class WorkbasketServiceImpl implements WorkbasketService {
|
|||
return workbasket;
|
||||
}
|
||||
|
||||
@Override
|
||||
public List<Workbasket> getWorkbaskets(List<String> permissions) {
|
||||
List<Workbasket> workbaskets = workbasketMapper.findByPermission(permissions, CurrentUserContext.getUserid());
|
||||
return workbaskets;
|
||||
}
|
||||
|
||||
@Override
|
||||
public List<Workbasket> getWorkbaskets() {
|
||||
List<Workbasket> workbaskets = workbasketMapper.findAll();
|
||||
|
|
|
|||
|
|
@ -40,7 +40,7 @@ public interface WorkbasketMapper {
|
|||
@Result(property = "distributionTargets", column = "ID", javaType = List.class, many = @Many(fetchType = FetchType.DEFAULT, select="findByDistributionTargets")) })
|
||||
public List<Workbasket> findByDistributionTargets(@Param("id") String id);
|
||||
|
||||
@Select("Select * FROM WORKBASKET ORDER BY id")
|
||||
@Select("SELECT * FROM WORKBASKET ORDER BY id")
|
||||
@Results(value = {
|
||||
@Result(property = "id", column = "ID"),
|
||||
@Result(property = "tenantId", column = "TENANT_ID"),
|
||||
|
|
@ -51,6 +51,27 @@ public interface WorkbasketMapper {
|
|||
@Result(property = "owner", column = "OWNER"),
|
||||
@Result(property = "distributionTargets", column = "ID", javaType = List.class, many = @Many(fetchType = FetchType.DEFAULT, select="findByDistributionTargets")) })
|
||||
public List<Workbasket> findAll();
|
||||
|
||||
@Select("<script>SELECT W.ID, W.TENANT_ID, W.CREATED, W.MODIFIED, W.NAME, W.DESCRIPTION, W.OWNER FROM WORKBASKET AS W "
|
||||
+ "INNER JOIN WORKBASKET_ACCESS_LIST AS ACL "
|
||||
+ "ON (W.ID = ACL.WORKBASKET_ID AND USER_ID = #{userId}) "
|
||||
+ "WHERE <foreach collection='permissions' item='permission' separator=' AND '>"
|
||||
+ "<if test=\"permission == 'OPEN'\">OPEN</if>"
|
||||
+ "<if test=\"permission == 'READ'\">READ</if>"
|
||||
+ "<if test=\"permission == 'APPEND'\">APPEND</if>"
|
||||
+ "<if test=\"permission == 'TRANSFER'\">TRANSFER</if>"
|
||||
+ "<if test=\"permission == 'DISTRIBUTE'\">DISTRIBUTE</if> = 1 </foreach> "
|
||||
+ "ORDER BY id</script>")
|
||||
@Results(value = {
|
||||
@Result(property = "id", column = "ID"),
|
||||
@Result(property = "tenantId", column = "TENANT_ID"),
|
||||
@Result(property = "created", column = "CREATED"),
|
||||
@Result(property = "modified", column = "MODIFIED"),
|
||||
@Result(property = "name", column = "NAME"),
|
||||
@Result(property = "description", column = "DESCRIPTION"),
|
||||
@Result(property = "owner", column = "OWNER"),
|
||||
@Result(property = "distributionTargets", column = "ID", javaType = List.class, many = @Many(fetchType = FetchType.DEFAULT, select="findByDistributionTargets")) })
|
||||
public List<Workbasket> findByPermission(@Param("permissions") List<String> permissions, @Param("userId") String userId);
|
||||
|
||||
@Insert("INSERT INTO WORKBASKET (ID, TENANT_ID, CREATED, MODIFIED, NAME, DESCRIPTION, OWNER) VALUES (#{workbasket.id}, #{workbasket.tenantId}, #{workbasket.created}, #{workbasket.modified}, #{workbasket.name}, #{workbasket.description}, #{workbasket.owner})")
|
||||
@Options(keyProperty = "id", keyColumn="ID")
|
||||
|
|
@ -62,4 +83,4 @@ public interface WorkbasketMapper {
|
|||
@Delete("DELETE FROM WORKBASKET where id = #{id}")
|
||||
public void delete(@Param("id") String id);
|
||||
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,16 +1,20 @@
|
|||
package org.taskana.rest;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.Arrays;
|
||||
import java.util.List;
|
||||
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.http.HttpStatus;
|
||||
import org.springframework.http.MediaType;
|
||||
import org.springframework.http.ResponseEntity;
|
||||
import org.springframework.util.MultiValueMap;
|
||||
import org.springframework.web.bind.annotation.GetMapping;
|
||||
import org.springframework.web.bind.annotation.PathVariable;
|
||||
import org.springframework.web.bind.annotation.RequestBody;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
import org.springframework.web.bind.annotation.RequestMethod;
|
||||
import org.springframework.web.bind.annotation.RequestParam;
|
||||
import org.springframework.web.bind.annotation.RestController;
|
||||
import org.taskana.WorkbasketService;
|
||||
import org.taskana.exceptions.NotAuthorizedException;
|
||||
|
|
@ -26,8 +30,17 @@ public class WorkbasketController {
|
|||
private WorkbasketService workbasketService;
|
||||
|
||||
@GetMapping
|
||||
public List<Workbasket> getWorkbaskets() {
|
||||
return workbasketService.getWorkbaskets();
|
||||
public List<Workbasket> getWorkbaskets(@RequestParam MultiValueMap<String, String> params) {
|
||||
if (params.containsKey("requiredPermission")) {
|
||||
List<String> permissions = new ArrayList<>();
|
||||
params.get("requiredPermission").stream().forEach(item -> {
|
||||
permissions.addAll(Arrays.asList(item.split(",")));
|
||||
});
|
||||
return workbasketService.getWorkbaskets(permissions);
|
||||
} else {
|
||||
return workbasketService.getWorkbaskets();
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@RequestMapping(value = "/{workbasketid}")
|
||||
|
|
|
|||
|
|
@ -12,12 +12,11 @@ export class RestConnectorService {
|
|||
constructor(private http: Http) { }
|
||||
|
||||
getAllWorkBaskets(): Observable<Workbasket[]> {
|
||||
return this.http.get(environment.taskanaRestUrl + "/v1/workbaskets", this.createAuthorizationHeader())
|
||||
return this.http.get(environment.taskanaRestUrl + "/v1/workbaskets?requiredPermission=OPEN", this.createAuthorizationHeader())
|
||||
.map(res => res.json());
|
||||
}
|
||||
|
||||
findTaskWithWorkbaskets(basketName: string): Observable<Task[]> {
|
||||
|
||||
return this.http.get(environment.taskanaRestUrl + "/v1/tasks?workbasketid=" + basketName + "&state=READY&state=CLAIMED", this.createAuthorizationHeader())
|
||||
.map(res => res.json());
|
||||
}
|
||||
|
|
@ -42,7 +41,7 @@ export class RestConnectorService {
|
|||
.map(res => res.json());
|
||||
}
|
||||
|
||||
private createAuthorizationHeader(){
|
||||
private createAuthorizationHeader() {
|
||||
let headers: Headers = new Headers();
|
||||
headers.append("Authorization", "Basic TWF4OnRlc3Q=");
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue