List of usage examples for org.springframework.http HttpStatus FORBIDDEN
HttpStatus FORBIDDEN
To view the source code for org.springframework.http HttpStatus FORBIDDEN.
Click Source Link
From source file:org.fao.geonet.api.GlobalExceptionController.java
@ResponseBody @ResponseStatus(HttpStatus.FORBIDDEN) @ExceptionHandler({ NotAllowedException.class }) public ApiError notAllowedHandler(final Exception exception, final HttpServletRequest request) { ApiError response = null;//from www .java 2 s . c om if (contentTypeNeedsBody(request)) { response = new ApiError("forbidden", exception.getMessage()); } return response; }
From source file:org.fao.geonet.api.pages.PagesAPI.java
@ApiOperation(value = "Return the static html content identified by pageId", notes = "<a href='http://geonetwork-opensource.org/manuals/trunk/eng/users/user-guide/define-static-pages/define-pages.html'>More info</a>", nickname = "getPage") @RequestMapping(value = "/{language}/{pageId}/content", method = RequestMethod.GET, produces = "text/plain;charset=UTF-8") @ApiResponses(value = { @ApiResponse(code = 200, message = PAGE_OK), @ApiResponse(code = 404, message = PAGE_NOT_FOUND), @ApiResponse(code = 403, message = ApiParams.API_RESPONSE_NOT_ALLOWED_CAN_VIEW) }) @ResponseBody//from w ww.jav a2 s . c o m public ResponseEntity<String> getPageContent(@PathVariable(value = "language") final String language, @PathVariable(value = "pageId") final String pageId, @ApiIgnore final HttpServletResponse response, @ApiIgnore final HttpSession session) { final ApplicationContext appContext = ApplicationContextHolder.get(); final PageRepository pageRepository = appContext.getBean(PageRepository.class); final Page page = pageRepository.findOne(new PageIdentity(language, pageId)); if (page == null) { return new ResponseEntity<>(HttpStatus.NOT_FOUND); } else { final UserSession us = ApiUtils.getUserSession(session); if (page.getStatus().equals(Page.PageStatus.HIDDEN) && us.getProfile() != Profile.Administrator) { return new ResponseEntity<>(HttpStatus.FORBIDDEN); } else if (page.getStatus().equals(Page.PageStatus.PRIVATE) && (us.getProfile() == null || us.getProfile() == Profile.Guest)) { return new ResponseEntity<>(HttpStatus.FORBIDDEN); } else { String content = ""; if (page.getData() != null && page.getData().length > 0) { try { content = new String(page.getData(), "UTF-8"); } catch (final UnsupportedEncodingException e) { content = new String(page.getData()); } } else { content = page.getLink(); } return new ResponseEntity<>(content, HttpStatus.OK); } } }
From source file:org.fao.geonet.api.pages.PagesAPI.java
/** * Check permissions on single page and return. * * @param session the session/*w w w .ja v a 2 s . c o m*/ * @param page the page * @return the response entity */ private ResponseEntity<PageJSONWrapper> checkPermissionsOnSinglePageAndReturn(final HttpSession session, final Page page) { if (page == null) { return new ResponseEntity<>(HttpStatus.NOT_FOUND); } else { final UserSession us = ApiUtils.getUserSession(session); if (page.getStatus().equals(Page.PageStatus.HIDDEN) && us.getProfile() != Profile.Administrator) { return new ResponseEntity<>(HttpStatus.FORBIDDEN); } else if (page.getStatus().equals(Page.PageStatus.PRIVATE) && (us.getProfile() == null || us.getProfile() == Profile.Guest)) { return new ResponseEntity<>(HttpStatus.FORBIDDEN); } else { return new ResponseEntity<>(new PageJSONWrapper(page), HttpStatus.OK); } } }
From source file:org.fao.geonet.api.userfeedback.UserFeedbackAPI.java
/** * Gets rating criteria/*from w w w . j ava 2s .c o m*/ * * @param response the response * @return the list of rating criteria * @throws Exception the exception */ @ApiOperation(value = "Get list of rating criteria", nickname = "getRatingCriteria") @RequestMapping(value = "/userfeedback/ratingcriteria", produces = MediaType.APPLICATION_JSON_VALUE, method = RequestMethod.GET) @ResponseStatus(value = HttpStatus.OK) @ResponseBody public List<RatingCriteria> getRatingCriteria(@ApiIgnore final HttpServletResponse response) { final ApplicationContext appContext = ApplicationContextHolder.get(); final SettingManager settingManager = appContext.getBean(SettingManager.class); final String functionEnabled = settingManager.getValue(Settings.SYSTEM_LOCALRATING_ENABLE); if (!functionEnabled.equals(RatingsSetting.ADVANCED)) { response.setStatus(HttpStatus.FORBIDDEN.value()); return null; } else { RatingCriteriaRepository criteriaRepository = appContext.getBean(RatingCriteriaRepository.class); return criteriaRepository.findAll(); } }
From source file:org.fao.geonet.api.userfeedback.UserFeedbackAPI.java
/** * Delete user feedback./*from w w w. j a v a 2s . c o m*/ * * @param uuid the uuid * @return the response entity * @throws Exception the exception */ // DELETE @ApiOperation(value = "Removes a user feedback", notes = "Removes a user feedback", nickname = "deleteUserFeedback") @RequestMapping(value = "/userfeedback/{uuid}", produces = MediaType.APPLICATION_JSON_VALUE, method = RequestMethod.DELETE) @ResponseStatus(HttpStatus.NO_CONTENT) @PreAuthorize("hasRole('Reviewer')") @ApiResponses(value = { @ApiResponse(code = 204, message = "User feedback removed."), @ApiResponse(code = 403, message = ApiParams.API_RESPONSE_NOT_ALLOWED_ONLY_REVIEWER) }) @ResponseBody public ResponseEntity deleteUserFeedback( @ApiParam(value = "User feedback UUID.", required = true) @PathVariable(value = "uuid") final String uuid, final HttpServletRequest request) throws Exception { final ApplicationContext appContext = ApplicationContextHolder.get(); final SettingManager settingManager = appContext.getBean(SettingManager.class); final String functionEnabled = settingManager.getValue(Settings.SYSTEM_LOCALRATING_ENABLE); if (!functionEnabled.equals(RatingsSetting.ADVANCED)) { return new ResponseEntity(HttpStatus.FORBIDDEN); } Log.debug("org.fao.geonet.api.userfeedback.UserFeedback", "deleteUserFeedback"); final IUserFeedbackService userFeedbackService = getUserFeedbackService(); userFeedbackService.removeUserFeedback(uuid, request.getRemoteAddr()); return new ResponseEntity(HttpStatus.NO_CONTENT); }
From source file:org.fao.geonet.api.userfeedback.UserFeedbackAPI.java
/** * Gets the metadata rating.//from w w w .j a v a2 s . c o m * * @param metadataUuid the metadata uuid * @param request the request * @param response the response * @param httpSession the http session * @return the metadata rating * @throws Exception the exception */ @ApiOperation(value = "Provides an average rating for a metadata record", nickname = "getMetadataUserComments") @RequestMapping(value = "/records/{metadataUuid}/userfeedbackrating", produces = MediaType.APPLICATION_JSON_VALUE, method = RequestMethod.GET) @ResponseStatus(value = HttpStatus.OK) @ResponseBody public RatingAverage getMetadataRating( @ApiParam(value = "Metadata record UUID.", required = true) @PathVariable(value = "metadataUuid") final String metadataUuid, @ApiIgnore final HttpServletRequest request, @ApiIgnore final HttpServletResponse response, @ApiIgnore final HttpSession httpSession) { final ApplicationContext appContext = ApplicationContextHolder.get(); final SettingManager settingManager = appContext.getBean(SettingManager.class); final String functionEnabled = settingManager.getValue(Settings.SYSTEM_LOCALRATING_ENABLE); if (!functionEnabled.equals(RatingsSetting.ADVANCED)) { response.setStatus(HttpStatus.FORBIDDEN.value()); return null; } try { Log.debug("org.fao.geonet.api.userfeedback.UserFeedback", "getMetadataUserComments"); // Check permission for metadata final AbstractMetadata metadata = ApiUtils.canViewRecord(metadataUuid, request); if (metadata == null) { printOutputMessage(response, HttpStatus.FORBIDDEN, ApiParams.API_RESPONSE_NOT_ALLOWED_CAN_VIEW); return null; } final UserSession session = ApiUtils.getUserSession(httpSession); boolean published = true; // Takes only published comments // showing not published comments only to logged users (maybe better // restrict to Reviewers) if (session != null && session.isAuthenticated()) { published = false; } final IUserFeedbackService userFeedbackService = getUserFeedbackService(); final UserFeedbackUtils utils = new UserFeedbackUtils(); return utils .getAverage(userFeedbackService.retrieveUserFeedbackForMetadata(metadataUuid, -1, published)); } catch (final Exception e) { e.printStackTrace(); return null; } }
From source file:org.fao.geonet.api.userfeedback.UserFeedbackAPI.java
/** * Gets the user comment.//w w w .j a va2 s. c o m * * @param uuid the uuid * @param request the request * @param response the response * @param httpSession the http session * @return the user comment * @throws Exception the exception */ @ApiOperation(value = "Finds a specific user feedback", nickname = "getUserFeedback") @RequestMapping(value = "/userfeedback/{uuid}", produces = MediaType.APPLICATION_JSON_VALUE, method = RequestMethod.GET) @ResponseStatus(value = HttpStatus.OK) @ResponseBody public UserFeedbackDTO getUserComment( @ApiParam(value = "User feedback UUID.", required = true) @PathVariable(value = "uuid") final String uuid, @ApiIgnore final HttpServletRequest request, @ApiIgnore final HttpServletResponse response, @ApiIgnore final HttpSession httpSession) throws Exception { final ApplicationContext appContext = ApplicationContextHolder.get(); final SettingManager settingManager = appContext.getBean(SettingManager.class); final String functionEnabled = settingManager.getValue(Settings.SYSTEM_LOCALRATING_ENABLE); if (!functionEnabled.equals(RatingsSetting.ADVANCED)) { response.setStatus(HttpStatus.FORBIDDEN.value()); return null; } Log.debug("org.fao.geonet.api.userfeedback.UserFeedback", "getUserComment"); final IUserFeedbackService userFeedbackService = (IUserFeedbackService) ApplicationContextHolder.get() .getBean("userFeedbackService"); final UserSession session = ApiUtils.getUserSession(httpSession); boolean published = true; // Takes only published comments // showing not published comments only to logged users (maybe better // restrict to Reviewers) if (session != null && session.isAuthenticated()) { published = false; } final UserFeedback userfeedback = userFeedbackService.retrieveUserFeedback(uuid, published); UserFeedbackDTO dto = null; if (userfeedback != null) { dto = UserFeedbackUtils.convertToDto(userfeedback); } // Check permission for metadata final AbstractMetadata metadata = ApiUtils.canViewRecord(userfeedback.getMetadata().getUuid(), request); if (metadata == null) { printOutputMessage(response, HttpStatus.FORBIDDEN, ApiParams.API_RESPONSE_NOT_ALLOWED_CAN_VIEW); return null; } return dto; }
From source file:org.fao.geonet.api.userfeedback.UserFeedbackAPI.java
private List<UserFeedbackDTO> getUserFeedback(String metadataUuid, int size, HttpServletResponse response, HttpSession httpSession) {//from www . j a v a2s . c o m final ApplicationContext appContext = ApplicationContextHolder.get(); final SettingManager settingManager = appContext.getBean(SettingManager.class); final String functionEnabled = settingManager.getValue(Settings.SYSTEM_LOCALRATING_ENABLE); if (!functionEnabled.equals(RatingsSetting.ADVANCED)) { response.setStatus(HttpStatus.FORBIDDEN.value()); return null; } try { Log.debug("org.fao.geonet.api.userfeedback.UserFeedback", "getUserComments"); final IUserFeedbackService userFeedbackService = getUserFeedbackService(); final UserSession session = ApiUtils.getUserSession(httpSession); boolean published = true; // Takes only published comments // showing not published comments only to logged users (maybe better // restrict to Reviewers) if (session != null && session.isAuthenticated()) { published = false; } List<UserFeedback> listUserfeedback = null; if (metadataUuid == null || metadataUuid.equals("")) { listUserfeedback = userFeedbackService.retrieveUserFeedback(size, published); } else { listUserfeedback = userFeedbackService.retrieveUserFeedbackForMetadata(metadataUuid, size, published); } return listUserfeedback.stream().map(feedback -> UserFeedbackUtils.convertToDto(feedback)) .collect(Collectors.toList()); } catch (final Exception e) { e.printStackTrace(); response.setStatus(HttpStatus.INTERNAL_SERVER_ERROR.value()); return null; } }
From source file:org.fao.geonet.api.userfeedback.UserFeedbackAPI.java
/** * New user feedback./*from ww w .j ava2s . c o m*/ * * @param userFeedbackDto the user feedback dto * @param httpSession the http session * @return the response entity * @throws Exception the exception */ @ApiOperation(value = "Creates a user feedback", notes = "Creates a user feedback in draft status if the user is not logged in.", nickname = "newUserFeedback") @RequestMapping(value = "/userfeedback", produces = MediaType.APPLICATION_JSON_VALUE, method = RequestMethod.POST) @ResponseStatus(HttpStatus.CREATED) @ResponseBody public ResponseEntity newUserFeedback(@ApiParam(name = "uf") @RequestBody UserFeedbackDTO userFeedbackDto, @ApiIgnore final HttpSession httpSession, @ApiIgnore final HttpServletRequest request) throws Exception { final ApplicationContext appContext = ApplicationContextHolder.get(); final SettingManager settingManager = appContext.getBean(SettingManager.class); final String functionEnabled = settingManager.getValue(Settings.SYSTEM_LOCALRATING_ENABLE); if (!functionEnabled.equals(RatingsSetting.ADVANCED)) { return new ResponseEntity(HttpStatus.FORBIDDEN); } try { final UserSession session = ApiUtils.getUserSession(httpSession); Locale locale = languageUtils.parseAcceptLanguage(request.getLocales()); ResourceBundle messages = ResourceBundle.getBundle("org.fao.geonet.api.Messages", locale); Log.debug("org.fao.geonet.api.userfeedback.UserFeedback", "newUserFeedback"); final IUserFeedbackService userFeedbackService = getUserFeedbackService(); boolean recaptchaEnabled = settingManager .getValueAsBool(Settings.SYSTEM_USERSELFREGISTRATION_RECAPTCHA_ENABLE); if (recaptchaEnabled) { boolean validRecaptcha = RecaptchaChecker.verify(userFeedbackDto.getCaptcha(), settingManager.getValue(Settings.SYSTEM_USERSELFREGISTRATION_RECAPTCHA_SECRETKEY)); if (!validRecaptcha) { return new ResponseEntity<>(messages.getString("recaptcha_not_valid"), HttpStatus.PRECONDITION_FAILED); } } userFeedbackService.saveUserFeedback(UserFeedbackUtils.convertFromDto(userFeedbackDto, session != null ? session.getPrincipal() : null), request.getRemoteAddr()); return new ResponseEntity(HttpStatus.CREATED); } catch (final Exception e) { e.printStackTrace(); throw e; } }
From source file:org.fao.geonet.api.userfeedback.UserFeedbackAPI.java
/** * Publish.//from w w w . ja v a 2 s . c om * * @param uuid the uuid * @param httpSession the http session * @return the response entity * @throws Exception the exception */ @ApiOperation(value = "Publishes a feedback", notes = "For reviewers", nickname = "publishFeedback") @RequestMapping(value = "/userfeedback/{uuid}/publish", produces = MediaType.APPLICATION_JSON_VALUE, method = RequestMethod.GET) @ResponseStatus(value = HttpStatus.NO_CONTENT) @PreAuthorize("hasRole('Reviewer')") @ApiResponses(value = { @ApiResponse(code = 204, message = "User feedback published."), @ApiResponse(code = 403, message = ApiParams.API_RESPONSE_NOT_ALLOWED_ONLY_REVIEWER), @ApiResponse(code = 404, message = ApiParams.API_RESPONSE_RESOURCE_NOT_FOUND) }) @ResponseBody public ResponseEntity publish( @ApiParam(value = "User feedback UUID.", required = true) @PathVariable(value = "uuid") final String uuid, @ApiIgnore final HttpSession httpSession) throws Exception { final ApplicationContext appContext = ApplicationContextHolder.get(); final SettingManager settingManager = appContext.getBean(SettingManager.class); final String functionEnabled = settingManager.getValue(Settings.SYSTEM_LOCALRATING_ENABLE); if (!functionEnabled.equals(RatingsSetting.ADVANCED)) { return new ResponseEntity(HttpStatus.FORBIDDEN); } try { final UserSession session = ApiUtils.getUserSession(httpSession); final IUserFeedbackService userFeedbackService = getUserFeedbackService(); userFeedbackService.publishUserFeedback(uuid, session.getPrincipal()); } catch (final ObjectNotFoundException e) { return new ResponseEntity(HttpStatus.NOT_FOUND); } catch (final Exception e) { e.printStackTrace(); } return new ResponseEntity(HttpStatus.NO_CONTENT); }