Revision 1d6bc341
Added by Katja Luther almost 13 years ago
cdmlib-services/src/main/java/eu/etaxonomy/cdm/api/service/UserService.java | ||
---|---|---|
20 | 20 |
import org.springframework.dao.IncorrectResultSizeDataAccessException; |
21 | 21 |
|
22 | 22 |
import org.springframework.security.access.AccessDeniedException; |
23 |
import org.springframework.security.access.prepost.PreAuthorize; |
|
23 | 24 |
import org.springframework.security.authentication.AuthenticationManager; |
24 | 25 |
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; |
25 | 26 |
import org.springframework.security.authentication.dao.ReflectionSaltSource; |
... | ... | |
161 | 162 |
} |
162 | 163 |
|
163 | 164 |
@Transactional(readOnly=false) |
165 |
@PreAuthorize("hasPermission(#user, 'CREATE')") |
|
164 | 166 |
public void createUser(UserDetails user) { |
165 | 167 |
Assert.isInstanceOf(User.class, user); |
166 | 168 |
|
... | ... | |
174 | 176 |
} |
175 | 177 |
|
176 | 178 |
@Transactional(readOnly=false) |
179 |
@PreAuthorize("hasPermission(#username, 'DELETE')") |
|
177 | 180 |
public void deleteUser(String username) { |
178 | 181 |
Assert.hasLength(username); |
179 | 182 |
|
... | ... | |
186 | 189 |
} |
187 | 190 |
|
188 | 191 |
@Transactional(readOnly=false) |
192 |
@PreAuthorize("hasPermission(#user, 'EDIT')") |
|
189 | 193 |
public void updateUser(UserDetails user) { |
190 | 194 |
Assert.isInstanceOf(User.class, user); |
191 | 195 |
|
Also available in: Unified diff
adding permission handling and writing a test for usermanagement