diff --git a/persistence-service-v1/persistence-service-external-api-impl-v1/src/main/java/com/iqser/red/persistence/service/v1/external/api/impl/controller/VersionsController.java b/persistence-service-v1/persistence-service-external-api-impl-v1/src/main/java/com/iqser/red/persistence/service/v1/external/api/impl/controller/VersionsController.java index a0b33bf7e..b89411e5e 100644 --- a/persistence-service-v1/persistence-service-external-api-impl-v1/src/main/java/com/iqser/red/persistence/service/v1/external/api/impl/controller/VersionsController.java +++ b/persistence-service-v1/persistence-service-external-api-impl-v1/src/main/java/com/iqser/red/persistence/service/v1/external/api/impl/controller/VersionsController.java @@ -47,8 +47,10 @@ public class VersionsController implements VersionsResource { @PreAuthorize("hasAuthority('" + READ_VERSIONS + "')") public Long getDossierDictionaryVersion(@PathVariable(DOSSIER_TEMPLATE_PARAMETER_NAME) String dossierTemplateId, @PathVariable(DOSSIER_ID_PARAM) String dossierId) { - accessControlService.checkDossierExistenceAndViewPermissionsToDossier(dossierId); - return dictionaryPersistenceService.getVersionForDossier(dossierId); + if (accessControlService.hasUserViewPermissionsForDossier(dossierId)) { + return dictionaryPersistenceService.getVersionForDossier(dossierId); + } + return 0L; } } diff --git a/persistence-service-v1/persistence-service-processor-v1/src/main/java/com/iqser/red/service/persistence/management/v1/processor/service/DictionaryService.java b/persistence-service-v1/persistence-service-processor-v1/src/main/java/com/iqser/red/service/persistence/management/v1/processor/service/DictionaryService.java index 136d75368..84669d45e 100644 --- a/persistence-service-v1/persistence-service-processor-v1/src/main/java/com/iqser/red/service/persistence/management/v1/processor/service/DictionaryService.java +++ b/persistence-service-v1/persistence-service-processor-v1/src/main/java/com/iqser/red/service/persistence/management/v1/processor/service/DictionaryService.java @@ -224,7 +224,7 @@ public class DictionaryService { List types = MagicConverter.convert(dictionaryPersistenceService.getAllTypesForDossierTemplate(dossierTemplateId, includeDeleted), Type.class); if (dossierId != null) { try { - accessControlService.checkViewPermissionsToDossier(dossierId); + accessControlService.verifyUserHasViewPermissions(dossierId); dictionaryManagementService.checkDossierMatchesDossierTemplate(dossierId, dossierTemplateId); // for every dossier template type check if a dossier type exists types.forEach(t -> dictionaryManagementService.checkForDossierTypeExistenceAndCreate(toTypeId(t.getType(), t.getDossierTemplateId(), dossierId))); @@ -262,80 +262,72 @@ public class DictionaryService { @PreAuthorize("hasAuthority('" + READ_DICTIONARY_TYPES + "')") public Dictionary getDictionaryForType(String type, String dossierTemplateId, String dossierId) { - try { - if (dossierId != null) { - accessControlService.checkViewPermissionsToDossier(dossierId); - } - var typeId = toTypeId(type, dossierTemplateId, dossierId); - // create dossier level type if it does not exist - dictionaryManagementService.checkForDossierTypeExistenceAndCreate(typeId); - var entity = dictionaryPersistenceService.getType(typeId); - var dictionaryForType = MagicConverter.convert(entity, Type.class); - dictionaryForType.setEntries(MagicConverter.convert(entryPersistenceService.getEntries(typeId, DictionaryEntryType.ENTRY, null), DictionaryEntry.class)); - dictionaryForType.setFalsePositiveEntries(MagicConverter.convert(entryPersistenceService.getEntries(typeId, DictionaryEntryType.FALSE_POSITIVE, null), - DictionaryEntry.class)); - dictionaryForType.setFalseRecommendationEntries(MagicConverter.convert(entryPersistenceService.getEntries(typeId, DictionaryEntryType.FALSE_RECOMMENDATION, null), - DictionaryEntry.class)); - - return Dictionary.builder() - .entries(dictionaryForType.getEntries() - .stream() - .filter(e -> !e.isDeleted()) - .map(DictionaryEntry::getValue) - .sorted(entryComparator) - .collect(Collectors.toList())) - .falsePositiveEntries(dictionaryForType.getFalsePositiveEntries() - .stream() - .filter(e -> !e.isDeleted()) - .map(DictionaryEntry::getValue) - .sorted(entryComparator) - .collect(Collectors.toList())) - .falseRecommendationEntries(dictionaryForType.getFalseRecommendationEntries() - .stream() - .filter(e -> !e.isDeleted()) - .map(DictionaryEntry::getValue) - .sorted(entryComparator) - .collect(Collectors.toList())) - .hexColor(dictionaryForType.getHexColor()) - .recommendationHexColor(dictionaryForType.getRecommendationHexColor()) - .skippedHexColor(dictionaryForType.getSkippedHexColor()) - .dossierTemplateId(dossierTemplateId) - .rank(dictionaryForType.getRank()) - .hint(dictionaryForType.isHint()) - .caseInsensitive(dictionaryForType.isCaseInsensitive()) - .recommendation(dictionaryForType.isRecommendation()) - .description(dictionaryForType.getDescription()) - .addToDictionaryAction(dictionaryForType.isAddToDictionaryAction()) - .label(dictionaryForType.getLabel()) - .hasDictionary(dictionaryForType.isHasDictionary()) - .systemManaged(dictionaryForType.isSystemManaged()) - .autoHideSkipped(dictionaryForType.isAutoHideSkipped()) - .dossierDictionaryOnly(dictionaryForType.isDossierDictionaryOnly()) - .build(); - } catch (AccessDeniedException e) { - throw new NotFoundException("Object not found"); + if (dossierId != null) { + accessControlService.checkViewPermissionsToDossier(dossierId); } + var typeId = toTypeId(type, dossierTemplateId, dossierId); + // create dossier level type if it does not exist + dictionaryManagementService.checkForDossierTypeExistenceAndCreate(typeId); + var entity = dictionaryPersistenceService.getType(typeId); + var dictionaryForType = MagicConverter.convert(entity, Type.class); + dictionaryForType.setEntries(MagicConverter.convert(entryPersistenceService.getEntries(typeId, DictionaryEntryType.ENTRY, null), DictionaryEntry.class)); + dictionaryForType.setFalsePositiveEntries(MagicConverter.convert(entryPersistenceService.getEntries(typeId, DictionaryEntryType.FALSE_POSITIVE, null), + DictionaryEntry.class)); + dictionaryForType.setFalseRecommendationEntries(MagicConverter.convert(entryPersistenceService.getEntries(typeId, DictionaryEntryType.FALSE_RECOMMENDATION, null), + DictionaryEntry.class)); + + return Dictionary.builder() + .entries(dictionaryForType.getEntries() + .stream() + .filter(e -> !e.isDeleted()) + .map(DictionaryEntry::getValue) + .sorted(entryComparator) + .collect(Collectors.toList())) + .falsePositiveEntries(dictionaryForType.getFalsePositiveEntries() + .stream() + .filter(e -> !e.isDeleted()) + .map(DictionaryEntry::getValue) + .sorted(entryComparator) + .collect(Collectors.toList())) + .falseRecommendationEntries(dictionaryForType.getFalseRecommendationEntries() + .stream() + .filter(e -> !e.isDeleted()) + .map(DictionaryEntry::getValue) + .sorted(entryComparator) + .collect(Collectors.toList())) + .hexColor(dictionaryForType.getHexColor()) + .recommendationHexColor(dictionaryForType.getRecommendationHexColor()) + .skippedHexColor(dictionaryForType.getSkippedHexColor()) + .dossierTemplateId(dossierTemplateId) + .rank(dictionaryForType.getRank()) + .hint(dictionaryForType.isHint()) + .caseInsensitive(dictionaryForType.isCaseInsensitive()) + .recommendation(dictionaryForType.isRecommendation()) + .description(dictionaryForType.getDescription()) + .addToDictionaryAction(dictionaryForType.isAddToDictionaryAction()) + .label(dictionaryForType.getLabel()) + .hasDictionary(dictionaryForType.isHasDictionary()) + .systemManaged(dictionaryForType.isSystemManaged()) + .autoHideSkipped(dictionaryForType.isAutoHideSkipped()) + .dossierDictionaryOnly(dictionaryForType.isDossierDictionaryOnly()) + .build(); } @PreAuthorize("hasAuthority('" + READ_DICTIONARY_TYPES + "')") public Dictionary getMergedDictionaryForType(String type, String dossierTemplateId, String dossierId) { - try { - if (dossierId != null) { - accessControlService.checkViewPermissionsToDossier(dossierId); - } - var dossierTemplateDictionary = dictionaryPersistenceService.getType(toTypeId(type, dossierTemplateId)); - var typeId = toTypeId(type, dossierTemplateId, dossierId); - // create dossier level type if it does not exist - dictionaryManagementService.checkForDossierTypeExistenceAndCreate(typeId); - var dossierDictionary = dictionaryPersistenceService.getType(typeId); - - var mergedDictionaries = dictionaryMergeService.getMergedDictionary(convertType(dossierTemplateDictionary), convertType(dossierDictionary)); - return convertMergedDictionaries(mergedDictionaries, dossierTemplateId, dossierId); - } catch (AccessDeniedException e) { - throw new NotFoundException("Object not found"); + if (dossierId != null) { + accessControlService.checkViewPermissionsToDossier(dossierId); } + var dossierTemplateDictionary = dictionaryPersistenceService.getType(toTypeId(type, dossierTemplateId)); + var typeId = toTypeId(type, dossierTemplateId, dossierId); + // create dossier level type if it does not exist + dictionaryManagementService.checkForDossierTypeExistenceAndCreate(typeId); + var dossierDictionary = dictionaryPersistenceService.getType(typeId); + + var mergedDictionaries = dictionaryMergeService.getMergedDictionary(convertType(dossierTemplateDictionary), convertType(dossierDictionary)); + return convertMergedDictionaries(mergedDictionaries, dossierTemplateId, dossierId); }