Beispiel #1
0
 /**
  * Method to create a role
  *
  * @param roleData : data of role in String(JSON String)
  * @param request : object of HttpServletRequest
  * @return ResponseEntity<Void> with http status code if user is not logged in then return
  *     HttpStatus.FORBIDDEN else if user is not Admin the return HttpStatus.UNAUTHORIZED else if
  *     role already exists then return HttpStatus.CONFLICT else return HttpStatus.OK
  * @throws JSONException
  */
 @RequestMapping(value = "/createRole", method = RequestMethod.POST)
 public ResponseEntity<Void> saveRole(@RequestBody String roleData, HttpServletRequest request)
     throws JSONException {
   HttpSession session = request.getSession(false);
   if (session == null || session.getAttribute("user") == null) {
     return new ResponseEntity<Void>(HttpStatus.FORBIDDEN);
   }
   if (roleData == null) {
     return new ResponseEntity<Void>(HttpStatus.UNAUTHORIZED);
   }
   JSONObject jsonObj = new JSONObject(roleData);
   User user = (User) session.getAttribute("user");
   if (user.isAdmin()) {
     String roleName = jsonObj.getString("name");
     Role role = roleService.getRoleByName(roleName);
     if (role == null) {
       role = new Role();
       role.setName(roleName);
       roleService.createRole(role);
       return new ResponseEntity<Void>(HttpStatus.OK);
     } else {
       return new ResponseEntity<Void>(HttpStatus.CONFLICT);
     }
   } else {
     return new ResponseEntity<Void>(HttpStatus.UNAUTHORIZED);
   }
 }
Beispiel #2
0
 /**
  * Method to get role by roleId
  *
  * @param id : id of role
  * @return ResponseEntity<Void> with status code if user is not logged in then return
  *     HttpStatus.FORBIDDEN else if user is not Admin then return HttpStatus.UNAUTHORIZED else
  *     return Role with HttpStatus.OK
  */
 @RequestMapping(value = "/role/{id}", method = RequestMethod.GET)
 public ResponseEntity<Role> getRoleById(@PathVariable("id") int id, HttpServletRequest request) {
   HttpSession session = request.getSession(false);
   if (session == null || session.getAttribute("user") == null) {
     return new ResponseEntity<Role>(HttpStatus.FORBIDDEN);
   }
   User user = (User) session.getAttribute("user");
   if (!user.isAdmin()) {
     return new ResponseEntity<Role>(HttpStatus.UNAUTHORIZED);
   }
   return new ResponseEntity<Role>(roleService.getRoleById(id), HttpStatus.OK);
 }