Revision 1d6bc341
Added by Katja Luther almost 13 years ago
| cdmlib-services/src/main/java/eu/etaxonomy/cdm/api/service/UserService.java | ||
|---|---|---|
| 20 | 20 |
import org.springframework.dao.IncorrectResultSizeDataAccessException; |
| 21 | 21 |
|
| 22 | 22 |
import org.springframework.security.access.AccessDeniedException; |
| 23 |
import org.springframework.security.access.prepost.PreAuthorize; |
|
| 23 | 24 |
import org.springframework.security.authentication.AuthenticationManager; |
| 24 | 25 |
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; |
| 25 | 26 |
import org.springframework.security.authentication.dao.ReflectionSaltSource; |
| ... | ... | |
| 161 | 162 |
} |
| 162 | 163 |
|
| 163 | 164 |
@Transactional(readOnly=false) |
| 165 |
@PreAuthorize("hasPermission(#user, 'CREATE')")
|
|
| 164 | 166 |
public void createUser(UserDetails user) {
|
| 165 | 167 |
Assert.isInstanceOf(User.class, user); |
| 166 | 168 |
|
| ... | ... | |
| 174 | 176 |
} |
| 175 | 177 |
|
| 176 | 178 |
@Transactional(readOnly=false) |
| 179 |
@PreAuthorize("hasPermission(#username, 'DELETE')")
|
|
| 177 | 180 |
public void deleteUser(String username) {
|
| 178 | 181 |
Assert.hasLength(username); |
| 179 | 182 |
|
| ... | ... | |
| 186 | 189 |
} |
| 187 | 190 |
|
| 188 | 191 |
@Transactional(readOnly=false) |
| 192 |
@PreAuthorize("hasPermission(#user, 'EDIT')")
|
|
| 189 | 193 |
public void updateUser(UserDetails user) {
|
| 190 | 194 |
Assert.isInstanceOf(User.class, user); |
| 191 | 195 |
|
Also available in: Unified diff
adding permission handling and writing a test for usermanagement