mirror of
https://github.com/Stirling-Tools/Stirling-PDF.git
synced 2025-06-15 03:55:02 +00:00
added transactional annotation to changeRole api handler
This commit is contained in:
Connor Yoh
parent
6dd17a5561
commit
6fbdee1b81
@ -25,6 +25,7 @@ import io.swagger.v3.oas.annotations.tags.Tag;
|
|||||||
|
|
||||||
import jakarta.servlet.http.HttpServletRequest;
|
import jakarta.servlet.http.HttpServletRequest;
|
||||||
import jakarta.servlet.http.HttpServletResponse;
|
import jakarta.servlet.http.HttpServletResponse;
|
||||||
|
import jakarta.transaction.Transactional;
|
||||||
|
|
||||||
import lombok.RequiredArgsConstructor;
|
import lombok.RequiredArgsConstructor;
|
||||||
import lombok.extern.slf4j.Slf4j;
|
import lombok.extern.slf4j.Slf4j;
|
||||||
@ -256,7 +257,7 @@ public class UserController {
|
|||||||
} else {
|
} else {
|
||||||
// Check if the selected team is Internal - prevent assigning to it
|
// Check if the selected team is Internal - prevent assigning to it
|
||||||
Team selectedTeam = teamRepository.findById(effectiveTeamId).orElse(null);
|
Team selectedTeam = teamRepository.findById(effectiveTeamId).orElse(null);
|
||||||
if (selectedTeam != null && selectedTeam.getName().equals(TeamService.INTERNAL_TEAM_NAME)) {
|
if (selectedTeam != null && TeamService.INTERNAL_TEAM_NAME.equals(selectedTeam.getName())) {
|
||||||
return new RedirectView("/adminSettings?messageType=internalTeamNotAccessible", true);
|
return new RedirectView("/adminSettings?messageType=internalTeamNotAccessible", true);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -276,6 +277,7 @@ public class UserController {
|
|||||||
|
|
||||||
@PreAuthorize("hasRole('ROLE_ADMIN')")
|
@PreAuthorize("hasRole('ROLE_ADMIN')")
|
||||||
@PostMapping("/admin/changeRole")
|
@PostMapping("/admin/changeRole")
|
||||||
|
@Transactional
|
||||||
public RedirectView changeRole(
|
public RedirectView changeRole(
|
||||||
@RequestParam(name = "username") String username,
|
@RequestParam(name = "username") String username,
|
||||||
@RequestParam(name = "role") String role,
|
@RequestParam(name = "role") String role,
|
||||||
@ -313,12 +315,12 @@ public class UserController {
|
|||||||
Team team = teamRepository.findById(teamId).orElse(null);
|
Team team = teamRepository.findById(teamId).orElse(null);
|
||||||
if (team != null) {
|
if (team != null) {
|
||||||
// Prevent assigning to Internal team
|
// Prevent assigning to Internal team
|
||||||
if (team.getName().equals(TeamService.INTERNAL_TEAM_NAME)) {
|
if (TeamService.INTERNAL_TEAM_NAME.equals(team.getName())) {
|
||||||
return new RedirectView("/adminSettings?messageType=internalTeamNotAccessible", true);
|
return new RedirectView("/adminSettings?messageType=internalTeamNotAccessible", true);
|
||||||
}
|
}
|
||||||
|
|
||||||
// Prevent moving users from Internal team
|
// Prevent moving users from Internal team
|
||||||
if (user.getTeam() != null && user.getTeam().getName().equals(TeamService.INTERNAL_TEAM_NAME)) {
|
if (user.getTeam() != null && TeamService.INTERNAL_TEAM_NAME.equals(user.getTeam().getName())) {
|
||||||
return new RedirectView("/adminSettings?messageType=cannotMoveInternalUsers", true);
|
return new RedirectView("/adminSettings?messageType=cannotMoveInternalUsers", true);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user