Commit 92517ec6 authored by Peter Harrison's avatar Peter Harrison

Moving Lists and Resources under Boards in order to apply a consistent

security context / rights over these objects rather than having their
own.
parent 04f7afd9
......@@ -42,7 +42,7 @@ public class FreemarkerPlugin implements Plugin {
@Override
public Map<String,Object> process( Action action, Map<String,Object> context ) throws Exception{
String resource = getResourceController().getResource(action.getResource());
String resource = getResourceController().getResource((String)context.get("boardid"),action.getResource());
Configuration configuration = new Configuration();
......
......@@ -74,7 +74,7 @@ public class ScriptPlugin implements Plugin{
String script = null;
if(StringUtils.isNotBlank(action.getResource()) ){
script = resourceController.getResource(action.getResource());
script = resourceController.getResource((String)context.get("boardid"),action.getResource());
} else {
script = action.getMethod();
}
......
......@@ -44,7 +44,7 @@ public class TemplatePlugin implements Plugin {
@Override
public Map<String,Object> process( Action action, Map<String,Object> context ) throws Exception{
String resource = getResourceController().getResource(action.getResource());
String resource = getResourceController().getResource((String)context.get("boardid"),action.getResource());
StringBuilder builder = new StringBuilder(resource);
......
......@@ -42,7 +42,7 @@ public class VelocityPlugin implements Plugin {
@Override
public Map<String,Object> process( Action action, Map<String,Object> context ) throws Exception{
String resource = getResourceController().getResource(action.getResource());
String resource = getResourceController().getResource((String)context.get("boardid"),action.getResource());
VelocityContext velocityContext = new VelocityContext(context);
StringWriter resultWriter = new StringWriter();
getVelocityEngine().evaluate(velocityContext, resultWriter, action.getResource(), resource);
......
......@@ -105,6 +105,7 @@ public class BoardController {
@Autowired
SecurityTool securityTool;
@PreAuthorize("hasPermission(#boardId, 'BOARD', 'READ,WRITE,ADMIN')")
@RequestMapping(value = "/{boardId}", method=RequestMethod.GET)
public @ResponseBody Board getBoard(@PathVariable String boardId) throws Exception {
Board board = boardsCache.getItem(boardId);
......
......@@ -94,11 +94,11 @@ public class BoardsCache extends CacheImpl<Board> implements MessageListener {
}
@Override
protected Board getFromStore(String itemId) throws Exception {
protected Board getFromStore(String... itemIds) throws Exception {
ObjectContentManager ocm = ocmFactory.getOcm();
Board board;
try{
board = (Board) ocm.getObject(Board.class,String.format(URI.BOARD_URI, itemId));
board = (Board) ocm.getObject(Board.class,String.format(URI.BOARD_URI, itemIds));
} finally {
ocm.logout();
}
......@@ -106,7 +106,7 @@ public class BoardsCache extends CacheImpl<Board> implements MessageListener {
}
@Override
protected Map<String, String> getListFromStore() throws Exception {
protected Map<String, String> getListFromStore(String... prefixes) throws Exception {
logger.info("Getting Board List");
......
......@@ -27,10 +27,10 @@ public interface Cache<T> {
public void invalidate( String itemId );
public T getItem(String itemId) throws Exception;
public T getItem(String... itemIds) throws Exception;
public Map<String,String> list() throws Exception;
public Map<String,String> list(String... prefixs) throws Exception;
public void storeItem( String itemId, T item) throws Exception;
public void storeItem(T item, String... itemIds ) throws Exception;
}
......@@ -40,13 +40,15 @@ abstract public class CacheImpl<T> implements Cache<T> {
}
@Override
public T getItem(String itemId) throws Exception {
public T getItem(String... itemIds) throws Exception {
String itemId = getCacheId( itemIds);
T item = cacheMap.get(itemId);
if( item!=null){
return item;
}
item = getFromStore(itemId);
item = getFromStore(itemIds);
if(item==null){
throw new ResourceNotFoundException();
......@@ -56,15 +58,20 @@ abstract public class CacheImpl<T> implements Cache<T> {
return item;
}
public Map<String,String> list() throws Exception{
public Map<String,String> list(String... prefixs) throws Exception{
if( this.cacheList == null){
this.cacheList = this.getListFromStore();
if( prefixs.length>0){
this.cacheList = this.getListFromStore(prefixs);
} else {
this.cacheList = this.getListFromStore("");
}
}
return new HashMap<String,String>(this.cacheList);
}
@Override
public void storeItem(String itemId, T item) throws Exception {
public void storeItem(T item, String... itemIds ) throws Exception {
String itemId = getCacheId(itemIds);
this.cacheMap.put(itemId, item);
}
......@@ -74,7 +81,17 @@ abstract public class CacheImpl<T> implements Cache<T> {
this.cacheList = null;
}
abstract protected T getFromStore( String itemId ) throws Exception;
public String getCacheId( String... ids ){
StringBuilder id = new StringBuilder();
for (int i = 0; i < ids.length; ++i) {
id.append(ids[i]);
id.append("-");
}
String returnValue = id.toString();
return returnValue.substring(0, returnValue.length()-1);
}
abstract protected T getFromStore(String... itemIds) throws Exception;
abstract protected Map<String,String> getListFromStore() throws Exception;
abstract protected Map<String,String> getListFromStore(String... prefixs) throws Exception;
}
......@@ -1025,6 +1025,7 @@ public class CardController {
}
return cardNotifications;
}
@PreAuthorize("hasPermission(#boardId, 'BOARD', 'WRITE,ADMIN')")
@RequestMapping(value = "/{cardId}/tasks/{taskId}", method=RequestMethod.DELETE)
public void deleteTask(@PathVariable String boardId,
......@@ -1077,8 +1078,6 @@ public class CardController {
ocm.logout();
}
}
@PreAuthorize("hasPermission(#boardId, 'BOARD', 'WRITE,ADMIN')")
@RequestMapping(value = "/{cardId}/notifications/{type}/reprocess/{notificationId}", method=RequestMethod.GET)
......
......@@ -41,6 +41,7 @@ import org.apache.jackrabbit.ocm.manager.ObjectContentManager;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestBody;
......@@ -66,6 +67,7 @@ public class FilterController {
@Autowired
private ListTools listTools;
@PreAuthorize("hasPermission(#boardId, 'BOARD', 'ADMIN')")
@RequestMapping(value = "", method=RequestMethod.POST)
public @ResponseBody Filter createFilter(@PathVariable String boardId,
@RequestBody Filter filter) throws Exception {
......@@ -85,6 +87,7 @@ public class FilterController {
return filter;
}
@PreAuthorize("hasPermission(#boardId, 'BOARD', 'ADMIN')")
@RequestMapping(value = "/{filterId}", method=RequestMethod.PUT)
public @ResponseBody Filter updateFilter(@PathVariable String boardId,
@PathVariable String filterId,
......@@ -102,6 +105,7 @@ public class FilterController {
return filter;
}
@PreAuthorize("hasPermission(#boardId, 'BOARD', 'READ,WRITE,ADMIN')")
@RequestMapping(value = "/{filterId}", method=RequestMethod.GET)
public @ResponseBody Filter getFilter(@PathVariable String boardId,
@PathVariable String filterId) throws Exception {
......@@ -115,6 +119,7 @@ public class FilterController {
return filter;
}
@PreAuthorize("hasPermission(#boardId, 'BOARD', 'ADMIN')")
@RequestMapping(value = "/{filterId}/conditions", method=RequestMethod.POST)
public @ResponseBody Condition saveFilterField(@PathVariable String boardId,
@PathVariable String filterId,
......@@ -130,6 +135,7 @@ public class FilterController {
return filterField;
}
@PreAuthorize("hasPermission(#boardId, 'BOARD', 'ADMIN')")
@RequestMapping(value = "/{filterId}/conditions/{fieldId}", method=RequestMethod.DELETE)
public @ResponseBody void deleteFilterField(@PathVariable String boardId,
@PathVariable String filterId,
......@@ -143,6 +149,7 @@ public class FilterController {
this.cacheInvalidationManager.invalidate(BoardController.BOARD, boardId);
}
@PreAuthorize("hasPermission(#boardId, 'BOARD', 'READ,WRITE,ADMIN')")
@RequestMapping(value = "", method=RequestMethod.GET)
public @ResponseBody Map<String,String> listFilters(@PathVariable String boardId) throws Exception {
......@@ -152,6 +159,7 @@ public class FilterController {
return result;
}
@PreAuthorize("hasPermission(#boardId, 'BOARD', 'READ,WRITE,ADMIN')")
@RequestMapping(value = "/{filterId}/execute", method=RequestMethod.GET)
public @ResponseBody Collection<Card> executeFilter(@PathVariable String boardId,
@PathVariable String filterId)
......@@ -164,6 +172,7 @@ public class FilterController {
return cards;
}
@PreAuthorize("hasPermission(#boardId, 'BOARD', 'ADMIN')")
@RequestMapping(value = "/{filterId}", method=RequestMethod.DELETE)
public @ResponseBody void deleteFilter(@PathVariable String boardId,
@PathVariable String filterId) throws Exception {
......@@ -185,5 +194,4 @@ public class FilterController {
ocm.logout();
this.cacheInvalidationManager.invalidate(BoardController.BOARD, boardId);
}
}
......@@ -43,11 +43,11 @@ public class FormCache extends CacheImpl<Form> {
ListTools listTools;
@Override
protected Form getFromStore(String itemId) throws Exception {
protected Form getFromStore(String... itemIds) throws Exception {
ObjectContentManager ocm = ocmFactory.getOcm();
Form form;
try{
form = (Form) ocm.getObject(Form.class,String.format(URI.FORM_URI, itemId));
form = (Form) ocm.getObject(Form.class,String.format(URI.FORM_URI, (Object[])itemIds));
} finally {
ocm.logout();
}
......@@ -55,11 +55,11 @@ public class FormCache extends CacheImpl<Form> {
}
@Override
protected Map<String, String> getListFromStore() throws Exception {
protected Map<String, String> getListFromStore(String... prefixes) throws Exception {
ObjectContentManager ocm = ocmFactory.getOcm();
Map<String,String> result = null;
try{
result = listTools.list(String.format(URI.FORM_URI, ""), "name", ocm.getSession());
result = listTools.list(String.format(URI.FORM_URI, (Object[])prefixes), "name", ocm.getSession());
} finally {
ocm.logout();
}
......
......@@ -104,6 +104,7 @@ public class FormController {
return formCache.getItem(formId);
}
@PreAuthorize("hasPermission(#formId, 'FORM', 'READ,WRITE,ADMIN')")
@RequestMapping(value = "/{formId}/roles", method=RequestMethod.GET)
public @ResponseBody Map<String,String> getFormRoles(@PathVariable String formId) throws Exception {
return formCache.getItem(formId).getRoles();
......@@ -152,6 +153,7 @@ public class FormController {
}
}
@PreAuthorize("hasPermission(#formId, 'FORM', 'ADMIN')")
@RequestMapping(value = "/{formId}/roles", method=RequestMethod.POST)
public @ResponseBody void addRoles(@PathVariable String formId, @RequestBody Map<String,String> roles) throws Exception {
......@@ -174,5 +176,4 @@ public class FormController {
ocm.logout();
}
}
}
......@@ -50,19 +50,20 @@ public class ListCache extends CacheImpl<ListResource>{
ListTools listTools;
@Override
protected ListResource getFromStore(String itemId) throws Exception {
ObjectContentManager ocm = ocmFactory.getOcm();
ListResource list = (ListResource) ocm.getObject(ListResource.class,"/list/" + itemId);
protected ListResource getFromStore(String... itemIds) throws Exception {
ObjectContentManager ocm = ocmFactory.getOcm();
ListResource list = (ListResource) ocm.getObject(ListResource.class,String.format(URI.LIST_URI, (Object[])itemIds));
ocm.logout();
return list;
}
@Override
protected Map<String, String> getListFromStore() throws Exception {
protected Map<String, String> getListFromStore(String... prefixes) throws Exception {
ObjectContentManager ocm = ocmFactory.getOcm();
Map<String,String> result = null;
try{
result = listTools.list(String.format(URI.LIST_URI,""), "name", ocm.getSession());
String path = String.format(URI.LIST_URI, (Object[])prefixes);
result = listTools.list(path, "name", ocm.getSession());
} finally {
ocm.logout();
}
......
......@@ -32,6 +32,7 @@ import nz.net.orcon.kanban.automation.CacheInvalidationInterface;
import nz.net.orcon.kanban.model.ListResource;
import nz.net.orcon.kanban.model.Option;
import nz.net.orcon.kanban.tools.IdentifierTools;
import nz.net.orcon.kanban.tools.ListTools;
import nz.net.orcon.kanban.tools.OcmMapperFactory;
import org.apache.commons.lang.StringUtils;
......@@ -39,6 +40,7 @@ import org.apache.jackrabbit.ocm.manager.ObjectContentManager;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestBody;
......@@ -47,7 +49,7 @@ import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseBody;
@Controller
@RequestMapping("/list")
@RequestMapping("/board/{boardId}/lists")
public class ListController {
private static final Logger logger = LoggerFactory.getLogger(ListController.class);
......@@ -62,37 +64,58 @@ public class ListController {
@Autowired
CacheInvalidationInterface cacheInvalidationManager;
@Autowired
ListTools listTools;
@PreAuthorize("hasPermission(#boardId, 'BOARD', 'ADMIN')")
@RequestMapping(value = "", method=RequestMethod.POST)
public @ResponseBody ListResource createList(@RequestBody ListResource list ) throws Exception {
public @ResponseBody ListResource createList(
@PathVariable String boardId,
@RequestBody ListResource list ) throws Exception {
ObjectContentManager ocm = ocmFactory.getOcm();
listTools.ensurePresence(String.format( URI.BOARD_URI, boardId), "lists", ocm.getSession());
String newId = IdentifierTools.getIdFromNamedModelClass(list);
list.setPath(String.format(URI.LIST_URI, newId.toString()));
list.setPath(String.format(URI.LIST_URI, boardId, newId.toString()));
ocm.insert(list);
ocm.save();
ocm.logout();
return list;
}
@PreAuthorize("hasPermission(#boardId, 'BOARD', 'READ,WRITE,ADMIN')")
@RequestMapping(value = "/{listId}", method=RequestMethod.GET)
public @ResponseBody ListResource getList(@PathVariable String listId) throws Exception {
return listCache.getItem(IdentifierTools.getIdFromName(listId));
public @ResponseBody ListResource getList(
@PathVariable String boardId,
@PathVariable String listId) throws Exception {
return listCache.getItem(boardId, IdentifierTools.getIdFromName(listId));
}
public String getValue(String listId, String id) throws Exception{
ListResource resource = listCache.getItem(IdentifierTools.getIdFromName(listId));
public String getValue(
String boardId,
String listId,
String id) throws Exception{
ListResource resource = listCache.getItem(boardId, IdentifierTools.getIdFromName(listId));
Option option = resource.getItems().get(id);
return option.getValue();
}
public String getIdFromName( String name){
public String getIdFromName(String name){
return IdentifierTools.getIdFromName(name);
}
public String getAttribute(String listId, String id, String attribute) throws Exception{
ListResource resource = listCache.getItem(IdentifierTools.getIdFromName(listId));
public String getAttribute(
String boardId,
String listId,
String id,
String attribute) throws Exception{
ListResource resource = listCache.getItem(boardId, IdentifierTools.getIdFromName(listId));
Option option = resource.getItems().get(id);
if(option==null){
option = resource.getItems().get(IdentifierTools.getIdFromName(id));
......@@ -107,30 +130,40 @@ public class ListController {
return null;
}
@PreAuthorize("hasPermission(#boardId, 'BOARD', 'READ,WRITE,ADMIN')")
@RequestMapping(value = "/{listId}/basic", method=RequestMethod.GET)
public @ResponseBody Map<String,String> getBasicList(@PathVariable String listId) throws Exception {
public @ResponseBody Map<String,String> getBasicList(
@PathVariable String boardId,
@PathVariable String listId) throws Exception {
Map<String,String> returnList = new HashMap<String,String>();
ListResource resource = listCache.getItem(listId);
ListResource resource = listCache.getItem(boardId,listId);
for( Entry<String, Option> entry : resource.getItems().entrySet()){
returnList.put(entry.getKey(), entry.getValue().getName());
}
return returnList;
}
@PreAuthorize("hasPermission(#boardId, 'BOARD', 'READ,WRITE,ADMIN')")
@RequestMapping(value = "", method=RequestMethod.GET)
public @ResponseBody Map<String,String> listLists() throws Exception {
return this.listCache.list();
public @ResponseBody Map<String,String> listLists(
@PathVariable String boardId) throws Exception {
return this.listCache.list(boardId,"");
}
@PreAuthorize("hasPermission(#boardId, 'BOARD', 'ADMIN')")
@RequestMapping(value = "/{listId}", method=RequestMethod.DELETE)
public @ResponseBody void deleteList( @PathVariable String listId) throws Exception {
public @ResponseBody void deleteList(
@PathVariable String boardId,
@PathVariable String listId) throws Exception {
if( StringUtils.isBlank(listId)){
return;
}
ObjectContentManager ocm = ocmFactory.getOcm();
Node node = ocm.getSession().getNode(String.format(URI.LIST_URI,listId));
Node node = ocm.getSession().getNode(String.format(URI.LIST_URI, boardId, listId));
if(node==null){
ocm.logout();
......
......@@ -87,6 +87,7 @@ public class PhaseController {
@Autowired
CardLockInterface cardsLockCache;
@PreAuthorize("hasPermission(#boardId, 'BOARD', 'READ,WRITE,ADMIN')")
@RequestMapping(value = "/{phaseId}", method=RequestMethod.GET)
public @ResponseBody Phase getPhase(
@PathVariable String boardId, @PathVariable String phaseId) throws Exception {
......@@ -102,6 +103,7 @@ public class PhaseController {
return phase;
}
@PreAuthorize("hasPermission(#boardId, 'BOARD', 'ADMIN')")
@RequestMapping(value = "", method=RequestMethod.POST)
public @ResponseBody Phase createPhase(@PathVariable String boardId, @RequestBody Phase phase) throws Exception {
......@@ -124,6 +126,7 @@ public class PhaseController {
return phase;
}
@PreAuthorize("hasPermission(#boardId, 'BOARD', 'ADMIN')")
@RequestMapping(value = "/{phaseId}", method=RequestMethod.PUT)
public @ResponseBody Phase updatePhase(@PathVariable String boardId,
@PathVariable String phaseId,
......@@ -140,6 +143,7 @@ public class PhaseController {
return phase;
}
@PreAuthorize("hasPermission(#boardId, 'BOARD', 'READ,WRITE,ADMIN')")
@RequestMapping(value = "", method=RequestMethod.GET)
public @ResponseBody Collection<Phase> getPhaseList(@PathVariable String boardId) throws Exception {
ObjectContentManager ocm = ocmFactory.getOcm();
......@@ -148,6 +152,7 @@ public class PhaseController {
return objects;
}
@PreAuthorize("hasPermission(#boardId, 'BOARD', 'ADMIN')")
@RequestMapping(value = "/{phaseId}", method=RequestMethod.DELETE)
public @ResponseBody void deletePhase(
@PathVariable String boardId, @PathVariable String phaseId) throws Exception {
......@@ -170,6 +175,7 @@ public class PhaseController {
*/
}
@PreAuthorize("hasPermission(#boardId, 'BOARD', 'WRITE,ADMIN')")
@RequestMapping(value = "/{phaseId}/examine", method=RequestMethod.GET)
public @ResponseBody Boolean examinePhase(@PathVariable String boardId,
@PathVariable String phaseId) throws Exception {
......@@ -196,6 +202,7 @@ public class PhaseController {
* @return
* @throws Exception
*/
@PreAuthorize("hasPermission(#boardId, 'BOARD', 'ADMIN')")
@RequestMapping(value = "/{phaseId}/cure", method=RequestMethod.GET)
public @ResponseBody Boolean curePhase(@PathVariable String boardId,
@PathVariable String phaseId) throws Exception {
......
......@@ -51,9 +51,9 @@ public class ResourceCache extends CacheImpl<String> {
ListTools listTools;
@Override
protected String getFromStore(String itemId) throws Exception {
protected String getFromStore(String... itemIds) throws Exception {
ObjectContentManager ocm = this.ocmFactory.getOcm();
Node node = ocm.getSession().getNode(String.format(URI.RESOURCE_URI, itemId));
Node node = ocm.getSession().getNode(String.format(URI.RESOURCE_URI, (Object[])itemIds));
Property property = node.getProperty("resource");
String resource = property.getString();
ocm.logout();
......@@ -61,11 +61,11 @@ public class ResourceCache extends CacheImpl<String> {
}
@Override
protected Map<String, String> getListFromStore() throws Exception {
protected Map<String, String> getListFromStore(String... prefixs) throws Exception {
ObjectContentManager ocm = ocmFactory.getOcm();
Map<String,String> result = null;
try{
result = listTools.list(String.format(URI.RESOURCE_URI,""), "name", ocm.getSession());
result = listTools.list(String.format(URI.RESOURCE_URI, (Object[])prefixs), "name", ocm.getSession());
} finally {
ocm.logout();
}
......
......@@ -21,12 +21,15 @@
package nz.net.orcon.kanban.controllers;
import java.io.BufferedReader;
import java.io.Reader;
import java.util.Map;
import javax.annotation.Resource;
import javax.jcr.Node;
import javax.jcr.Property;
import javax.jcr.Session;
import javax.servlet.http.HttpServletRequest;
import nz.net.orcon.kanban.automation.CacheInvalidationInterface;
import nz.net.orcon.kanban.tools.ListTools;
......@@ -36,6 +39,7 @@ import org.apache.jackrabbit.ocm.manager.ObjectContentManager;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestBody;
......@@ -43,8 +47,10 @@ import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseBody;
import com.ibm.wsdl.util.IOUtils;
@Controller
@RequestMapping("/resource")
@RequestMapping("/board/{boardId}/resources")
public class ResourceController {
private static final Logger logger = LoggerFactory.getLogger(ResourceController.class);
......@@ -60,14 +66,16 @@ public class ResourceController {
@Autowired
CacheInvalidationInterface cacheInvalidationManager;
@PreAuthorize("hasPermission(#boardId, 'BOARD', 'READ,WRITE,ADMIN')")
@RequestMapping(value = "/{resourceId}", method=RequestMethod.GET)
public @ResponseBody String getResource(@PathVariable String resourceId) throws Exception {
public @ResponseBody String getResource(@PathVariable String boardId,
@PathVariable String resourceId) throws Exception {
//TODO USE CACHE
ObjectContentManager ocm = ocmFactory.getOcm();
Node node = ocm.getSession().getNode(String.format(URI.RESOURCE_URI, resourceId));
Node node = ocm.getSession().getNode(String.format(URI.RESOURCE_URI, boardId, resourceId));
Property property = node.getProperty("resource");
String value = property.getString();
ocm.logout();
......@@ -78,15 +86,37 @@ public class ResourceController {
return value;
}
@PreAuthorize("hasPermission(#boardId, 'BOARD', 'ADMIN')")
@RequestMapping(value = "/{resourceId}", method=RequestMethod.POST)
public @ResponseBody void createResource(@PathVariable String resourceId,
@RequestBody String value) throws Exception {
public @ResponseBody void createResource(@PathVariable String boardId,
@PathVariable String resourceId,
HttpServletRequest request) throws Exception {
logger.info("Saving Resource " + boardId + "/" + resourceId);
//String value = IOUtils.getStringFromReader(request.getReader());
BufferedReader reader = request.getReader();
StringBuilder valueBuilder = new StringBuilder();
while(true){
String newValue = reader.readLine();
if( newValue!=null){
valueBuilder.append(newValue);
logger.info("Line: " + newValue);
} else {
break;
}
}
String value = valueBuilder.toString();
logger.info("Saving Resource " + resourceId);
logger.info("Resource Text: " + value);
ObjectContentManager ocm = ocmFactory.getOcm();
Node node = ocm.getSession().getNode(String.format(URI.RESOURCE_URI, ""));
listTools.ensurePresence(String.format( URI.BOARD_URI, boardId), "resources", ocm.getSession());
Node node = ocm.getSession().getNode(String.format(URI.RESOURCE_URI, boardId, ""));
Node addNode = node.addNode(resourceId);
addNode.setProperty("resource",value);
......@@ -97,13 +127,15 @@ public class ResourceController {
logger.info("Resource Saved " + resourceId);
}
@PreAuthorize("hasPermission(#boardId, 'BOARD', 'ADMIN')")
@RequestMapping(value = "/{resourceId}", method=RequestMethod.DELETE)
public @ResponseBody void deleteResource(@PathVariable String resourceId) throws Exception {
public @ResponseBody void deleteResource(@PathVariable String boardId,
@PathVariable String resourceId) throws Exception {
logger.info("Deleting Resource " + resourceId);
ObjectContentManager ocm = ocmFactory.getOcm();
Node node = ocm.getSession().getNode(String.format(URI.RESOURCE_URI, resourceId));
Node node = ocm.getSession().getNode(String.format(URI.RESOURCE_URI, boardId, resourceId));
if(node==null){
ocm.logout();
throw new ResourceNotFoundException();
......@@ -115,15 +147,16 @@ public class ResourceController {
this.cacheInvalidationManager.invalidate(RESOURCE, resourceId);
}
@PreAuthorize("hasPermission(#boardId, 'BOARD', 'READ,WRITE,ADMIN')")
@RequestMapping(value = "", method=RequestMethod.GET)
public @ResponseBody Map<String,String> listResources() throws Exception {
public @ResponseBody Map<String,String> listResources(@PathVariable String boardId) throws Exception {
logger.info("Getting Resource List");
Session session = ocmFactory.getOcm().getSession();
Map<String,String> result = listTools.list("/resource", "name", session);
Map<String,String> result = listTools.list(String.format(URI.RESOURCE_URI, boardId, ""), "name", session);
session.logout();
return result;
return result;
}
}
......@@ -28,7 +28,6 @@ import javax.jcr.Node;
import javax.jcr.Session;
import nz.net.orcon.kanban.automation.CacheInvalidationInterface;
import nz.net.orcon.kanban.model.Board;