dalbodeule/snap-admin
1
0
Fork 0
mirror of https://github.com/dalbodeule/snap-admin.git synced 2025-08-07 04:31:12 +00:00
Code Issues Packages Projects Releases Wiki Activity

Principal injection

Browse Source
This commit is contained in:
Francesco
2023-11-07 22:26:05 +01:00
parent 1fbd337c22
commit 81d02d4172
2 changed files with 30 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
src/main/java/tech/ailef/snapadmin/external/controller/SnapAdminController.java vendored
View File

@@ -19,6 +19,7 @@
package tech.ailef.snapadmin.external.controller; package tech.ailef.snapadmin.external.controller;
import java.security.Principal;
import java.text.DecimalFormat; import java.text.DecimalFormat;
import java.time.LocalDateTime; import java.time.LocalDateTime;
import java.util.ArrayList; import java.util.ArrayList;
@@ -340,8 +341,10 @@ public class SnapAdminController {
* @param attr * @param attr
* @return * @return
*/ */
public String delete(@PathVariable String className, @PathVariable String id, RedirectAttributes attr) { public String delete(@PathVariable String className, @PathVariable String id, RedirectAttributes attr,
Principal principal) {
DbObjectSchema schema = snapAdmin.findSchemaByClassName(className); DbObjectSchema schema = snapAdmin.findSchemaByClassName(className);
String authUser = principal != null ? principal.getName() : null;
if (!schema.isDeleteEnabled()) { if (!schema.isDeleteEnabled()) {
attr.addFlashAttribute("errorTitle", "Unable to DELETE row"); attr.addFlashAttribute("errorTitle", "Unable to DELETE row");
@@ -357,7 +360,7 @@ public class SnapAdminController {
return "redirect:/" + properties.getBaseUrl() + "/model/" + className; return "redirect:/" + properties.getBaseUrl() + "/model/" + className;
} }
saveAction(new UserAction(schema.getTableName(), id, "DELETE", schema.getClassName())); saveAction(new UserAction(schema.getTableName(), id, "DELETE", schema.getClassName(), authUser));
attr.addFlashAttribute("message", "Deleted " + schema.getJavaClass().getSimpleName() + " with " attr.addFlashAttribute("message", "Deleted " + schema.getJavaClass().getSimpleName() + " with "
+ schema.getPrimaryKey().getName() + "=" + id); + schema.getPrimaryKey().getName() + "=" + id);
@@ -372,8 +375,10 @@ public class SnapAdminController {
* @param attr * @param attr
* @return * @return
*/ */
public String delete(@PathVariable String className, @RequestParam String[] ids, RedirectAttributes attr) { public String delete(@PathVariable String className, @RequestParam String[] ids, RedirectAttributes attr,
Principal principal) {
DbObjectSchema schema = snapAdmin.findSchemaByClassName(className); DbObjectSchema schema = snapAdmin.findSchemaByClassName(className);
String authUser = principal != null ? principal.getName() : null;
if (!schema.isDeleteEnabled()) { if (!schema.isDeleteEnabled()) {
attr.addFlashAttribute("errorTitle", "Unable to DELETE rows"); attr.addFlashAttribute("errorTitle", "Unable to DELETE rows");
@@ -395,7 +400,7 @@ public class SnapAdminController {
attr.addFlashAttribute("message", "Deleted " + countDeleted + " of " + ids.length + " items"); attr.addFlashAttribute("message", "Deleted " + countDeleted + " of " + ids.length + " items");
for (String id : ids) { for (String id : ids) {
saveAction(new UserAction(schema.getTableName(), id, "DELETE", schema.getClassName())); saveAction(new UserAction(schema.getTableName(), id, "DELETE", schema.getClassName(), authUser));
} }
return "redirect:/" + properties.getBaseUrl() + "/model/" + className; return "redirect:/" + properties.getBaseUrl() + "/model/" + className;
@@ -405,7 +410,10 @@ public class SnapAdminController {
public String store(@PathVariable String className, public String store(@PathVariable String className,
@RequestParam MultiValueMap<String, String> formParams, @RequestParam MultiValueMap<String, String> formParams,
@RequestParam Map<String, MultipartFile> files, @RequestParam Map<String, MultipartFile> files,
RedirectAttributes attr) { RedirectAttributes attr,
Principal principal) {
String authUser = principal != null ? principal.getName() : null;
// Extract all parameters that have exactly 1 value, // Extract all parameters that have exactly 1 value,
// as these will be the raw values for the object that is being // as these will be the raw values for the object that is being
// created. // created.
@@ -466,7 +474,7 @@ public class SnapAdminController {
repository.attachManyToMany(schema, newPrimaryKey, multiValuedParams); repository.attachManyToMany(schema, newPrimaryKey, multiValuedParams);
pkValue = newPrimaryKey.toString(); pkValue = newPrimaryKey.toString();
attr.addFlashAttribute("message", "Item created successfully."); attr.addFlashAttribute("message", "Item created successfully.");
saveAction(new UserAction(schema.getTableName(), pkValue, "CREATE", schema.getClassName())); saveAction(new UserAction(schema.getTableName(), pkValue, "CREATE", schema.getClassName(), authUser));
} else { } else {
Object parsedPkValue = schema.getPrimaryKey().getType().parseValue(pkValue); Object parsedPkValue = schema.getPrimaryKey().getType().parseValue(pkValue);
@@ -481,13 +489,13 @@ public class SnapAdminController {
repository.update(schema, params, files); repository.update(schema, params, files);
repository.attachManyToMany(schema, parsedPkValue, multiValuedParams); repository.attachManyToMany(schema, parsedPkValue, multiValuedParams);
attr.addFlashAttribute("message", "Item saved successfully."); attr.addFlashAttribute("message", "Item saved successfully.");
saveAction(new UserAction(schema.getTableName(), parsedPkValue.toString(), "EDIT", schema.getClassName())); saveAction(new UserAction(schema.getTableName(), parsedPkValue.toString(), "EDIT", schema.getClassName(), authUser));
} }
} else { } else {
Object newPrimaryKey = repository.create(schema, params, files, pkValue); Object newPrimaryKey = repository.create(schema, params, files, pkValue);
repository.attachManyToMany(schema, newPrimaryKey, multiValuedParams); repository.attachManyToMany(schema, newPrimaryKey, multiValuedParams);
attr.addFlashAttribute("message", "Item created successfully"); attr.addFlashAttribute("message", "Item created successfully");
saveAction(new UserAction(schema.getTableName(), pkValue, "CREATE", schema.getClassName())); saveAction(new UserAction(schema.getTableName(), pkValue, "CREATE", schema.getClassName(), authUser));
} }
} }
} catch (DataIntegrityViolationException | UncategorizedSQLException | IdentifierGenerationException e) { } catch (DataIntegrityViolationException | UncategorizedSQLException | IdentifierGenerationException e) {

15
src/main/java/tech/ailef/snapadmin/internal/model/UserAction.java
View File

@@ -77,16 +77,20 @@ public class UserAction {
@Column(nullable = false) @Column(nullable = false)
private String actionType; private String actionType;
@Column(nullable = true)
private String username;
public UserAction() { public UserAction() {
} }
public UserAction(String onTable, String primaryKey, String actionType, String javaClass) { public UserAction(String onTable, String primaryKey, String actionType, String javaClass, String username) {
this.createdAt = LocalDateTime.now(); this.createdAt = LocalDateTime.now();
this.sql = "SQL TODO"; this.sql = "SQL TODO";
this.javaClass = javaClass; this.javaClass = javaClass;
this.onTable = onTable; this.onTable = onTable;
this.actionType = actionType; this.actionType = actionType;
this.primaryKey = primaryKey; this.primaryKey = primaryKey;
this.username = username;
} }
public Integer getId() { public Integer getId() {
@@ -148,4 +152,13 @@ public class UserAction {
public void setJavaClass(String javaClass) { public void setJavaClass(String javaClass) {
this.javaClass = javaClass; this.javaClass = javaClass;
} }
public String getUsername() {
return username;
}
public void setUsername(String username) {
this.username = username;
}
} }