0.1 #1
3 changed files with 259 additions and 229 deletions
|
|
@ -77,14 +77,14 @@ public class FlingWebSecurityConfigurer extends WebSecurityConfigurerAdapter {
|
||||||
/***********************************/
|
/***********************************/
|
||||||
/** Authorization for: /api/fling **/
|
/** Authorization for: /api/fling **/
|
||||||
/***********************************/
|
/***********************************/
|
||||||
.authorizeRequests()
|
|
||||||
.antMatchers(HttpMethod.GET, "/api/fling/{flingId}/**")
|
|
||||||
.access("@authorizationService.allowFlingAccess(#flingId, authentication)")
|
|
||||||
.and()
|
|
||||||
.authorizeRequests()
|
.authorizeRequests()
|
||||||
.antMatchers(HttpMethod.GET, "/api/fling/share/{shareId}")
|
.antMatchers(HttpMethod.GET, "/api/fling/share/{shareId}")
|
||||||
.access("@authorizationService.allowFlingAccessByShareId(#shareId, authentication)")
|
.access("@authorizationService.allowFlingAccessByShareId(#shareId, authentication)")
|
||||||
.and()
|
.and()
|
||||||
|
.authorizeRequests()
|
||||||
|
.antMatchers(HttpMethod.GET, "/api/fling/{flingId}/**")
|
||||||
|
.access("@authorizationService.allowFlingAccess(#flingId, authentication)")
|
||||||
|
.and()
|
||||||
.authorizeRequests()
|
.authorizeRequests()
|
||||||
.antMatchers(HttpMethod.POST, "/api/fling/{flingId}/artifact")
|
.antMatchers(HttpMethod.POST, "/api/fling/{flingId}/artifact")
|
||||||
.access("@authorizationService.allowUpload(#flingId, authentication)")
|
.access("@authorizationService.allowUpload(#flingId, authentication)")
|
||||||
|
|
|
||||||
|
|
@ -69,6 +69,11 @@ public class AuthorizationService {
|
||||||
}
|
}
|
||||||
|
|
||||||
public boolean allowFlingAccessByShareId(String shareId, AbstractAuthenticationToken token) {
|
public boolean allowFlingAccessByShareId(String shareId, AbstractAuthenticationToken token) {
|
||||||
|
if (FlingAuthorities.FLING_ADMIN.verify(token)) {
|
||||||
|
log.debug("Owner authorized for fling access [shareId = {}]", shareId);
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
FlingEntity flingEntity = flingRepository.findByShareId(shareId);
|
FlingEntity flingEntity = flingRepository.findByShareId(shareId);
|
||||||
if(flingEntity == null) { throw new EntityNotFoundException("No entity for shareId="+shareId); }
|
if(flingEntity == null) { throw new EntityNotFoundException("No entity for shareId="+shareId); }
|
||||||
return allowFlingAccess(flingEntity.getId(), token);
|
return allowFlingAccess(flingEntity.getId(), token);
|
||||||
|
|
|
||||||
|
|
@ -1,12 +1,14 @@
|
||||||
import log from 'loglevel';
|
import log from 'loglevel';
|
||||||
import React, { useState } from 'react';
|
import React, { useState } from 'react';
|
||||||
|
|
||||||
import {flingClient} from '../../util/flingclient';
|
import { FlingClient, fc } from '../../util/fc';
|
||||||
|
|
||||||
export default function New(props) {
|
export default function New(props) {
|
||||||
let defaultState = () => ({name: "", authCode: "",
|
let defaultState = () => ({
|
||||||
|
name: "", authCode: "",
|
||||||
sharing: { directDownload: true, allowUpload: false, shared: true, shareUrl: "" },
|
sharing: { directDownload: true, allowUpload: false, shared: true, shareUrl: "" },
|
||||||
expiration: {}});
|
expiration: {}
|
||||||
|
});
|
||||||
|
|
||||||
let [fling, setFling] = useState(defaultState());
|
let [fling, setFling] = useState(defaultState());
|
||||||
let [shareUrlUnique, setShareUrlUnique] = useState(true);
|
let [shareUrlUnique, setShareUrlUnique] = useState(true);
|
||||||
|
|
@ -62,14 +64,15 @@ export default function New(props) {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
const flingClient = new FlingClient();
|
||||||
flingClient.getFlingByShareId(ev.currentTarget.value)
|
flingClient.getFlingByShareId(ev.currentTarget.value)
|
||||||
.then(result => {
|
.then(result => {
|
||||||
if(!result) {
|
|
||||||
setShareUrlUnique(true);
|
|
||||||
} else {
|
|
||||||
setShareUrlUnique(false);
|
setShareUrlUnique(false);
|
||||||
|
}).catch(error => {
|
||||||
|
if(error.status === 404) {
|
||||||
|
setShareUrlUnique(true);
|
||||||
}
|
}
|
||||||
|
}).finally(() => {
|
||||||
s.shareUrl = value;
|
s.shareUrl = value;
|
||||||
f.sharing = s;
|
f.sharing = s;
|
||||||
setFling(f);
|
setFling(f);
|
||||||
|
|
@ -132,9 +135,31 @@ export default function New(props) {
|
||||||
function handleSubmit(ev) {
|
function handleSubmit(ev) {
|
||||||
ev.preventDefault();
|
ev.preventDefault();
|
||||||
log.info("Creating new filing");
|
log.info("Creating new filing");
|
||||||
log.info(fling);
|
const flingClient = new FlingClient();
|
||||||
flingClient.postFling(fling);
|
|
||||||
handleClose();
|
let flingEntity = new fc.Fling(fling.name);
|
||||||
|
flingEntity.directDownload = fling.sharing.directDownload;
|
||||||
|
flingEntity.allowUpload = fling.sharing.allowUpload;
|
||||||
|
flingEntity.shared = fling.sharing.shared;
|
||||||
|
flingEntity.shareId = fling.sharing.shareUrl;
|
||||||
|
flingEntity.authCode = fling.authCode;
|
||||||
|
if (fling.expiration.type) {
|
||||||
|
switch (fling.expiration.type) {
|
||||||
|
case "time":
|
||||||
|
flingEntity.expirationTime = fling.expiration.value;
|
||||||
|
break;
|
||||||
|
case "clicks":
|
||||||
|
flingEntity.expirationClicks = fling.expiration.value;
|
||||||
|
break;
|
||||||
|
default:
|
||||||
|
log.warn("Unknown expiration type");
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
flingClient.postFling({fling: flingEntity})
|
||||||
|
.then(() => handleClose())
|
||||||
|
.catch(error => log.error(error))
|
||||||
}
|
}
|
||||||
|
|
||||||
return (
|
return (
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue