privilege management moved to controller

27a44382 · Piotr Gawron · 73d2ad5d · 27a44382 · 27a44382
Commit 27a44382 authored Jul 23, 2021 by Piotr Gawron
--- a/rest-api/src/main/java/lcsb/mapviewer/api/projects/ProjectController.java
+++ b/rest-api/src/main/java/lcsb/mapviewer/api/projects/ProjectController.java
@@ -168,16 +168,30 @@ public class ProjectController extends BaseController {
  public void grantPrivileges(
      @RequestBody List<PrivilegeDTO> privileges,
      @PathVariable(value = "projectId") String projectId) throws IOException, QueryException {
-    projectController.grantPrivilegesProject(projectId, privileges);
+    getProject(projectId);
+    for (PrivilegeDTO m : privileges) {
+      User user = userService.getUserByLogin(m.login);
+      if (user == null) {
+        throw new ObjectNotFoundException("User does not exist");
+      }
+      userService.grantUserPrivilege(user, m.privilegeType, projectId);
+    }
  }

  @PreAuthorize("hasAuthority('IS_ADMIN') "
      + "or (hasAuthority('IS_CURATOR') and hasAuthority('WRITE_PROJECT:' + #projectId))")
  @PatchMapping(value = "/{projectId:.+}:revokePrivileges")
-  public Map<String, Object> revokePrivileges(
+  public void revokePrivileges(
      @RequestBody List<PrivilegeDTO> privileges,
      @PathVariable(value = "projectId") String projectId) throws IOException, QueryException {
-    return projectController.revokePrivilegesProject(projectId, privileges);
+    getProject(projectId);
+    for (PrivilegeDTO m : privileges) {
+      User user = userService.getUserByLogin(m.login);
+      if (user == null) {
+        throw new ObjectNotFoundException("User does not exist");
+      }
+      userService.revokeUserPrivilege(user, m.privilegeType, projectId);
+    }
  }

  @PreAuthorize("hasAnyAuthority('IS_ADMIN', 'IS_CURATOR')")

--- a/rest-api/src/main/java/lcsb/mapviewer/api/projects/ProjectRestImpl.java
+++ b/rest-api/src/main/java/lcsb/mapviewer/api/projects/ProjectRestImpl.java
@@ -479,29 +479,6 @@ public class ProjectRestImpl extends BaseRestImpl {
    return result;
  }

-  public void grantPrivilegesProject(String projectId, List<PrivilegeDTO> privileges) throws QueryException {
-    getProjectByProjectId(projectId);
-    for (PrivilegeDTO m : privileges) {
-      User user = userService.getUserByLogin(m.login);
-      if (user == null) {
-        throw new ObjectNotFoundException("User does not exist");
-      }
-      userService.grantUserPrivilege(user, m.privilegeType, projectId);
-    }
-  }
-
-  public Map<String, Object> revokePrivilegesProject(String projectId, List<PrivilegeDTO> privileges) throws QueryException {
-    getProjectByProjectId(projectId);
-    for (PrivilegeDTO m : privileges) {
-      User user = userService.getUserByLogin(m.login);
-      if (user == null) {
-        throw new ObjectNotFoundException("User does not exist");
-      }
-      userService.revokeUserPrivilege(user, m.privilegeType, projectId);
-    }
-    return null;
-  }
-
  private enum LogSortColumn {
    ID("id"),
    LEVEL("level"),