format
This commit is contained in:
gowthaman
parent
82c66d4b3a
commit
387e203bc8
@ -6,7 +6,6 @@ import com.restapi.config.AppConfig.Companion.appConfig
|
||||
import com.restapi.config.Auth.validateAuthToken
|
||||
import com.restapi.controllers.*
|
||||
import com.restapi.domain.DataNotFoundException
|
||||
import com.restapi.domain.ReminderLog
|
||||
import com.restapi.domain.Session.currentTenant
|
||||
import com.restapi.domain.Session.currentUser
|
||||
import com.restapi.domain.Session.currentUserPlants
|
||||
@ -45,270 +44,272 @@ fun main(args: Array<String>) {
|
||||
//ratelimit based on IP Only
|
||||
RateLimitUtil.keyFunction = { ctx -> ctx.header("X-Forwarded-For")?.split(",")?.get(0) ?: ctx.ip() }
|
||||
Javalin.create { cfg ->
|
||||
cfg.http.generateEtags = true
|
||||
if (appConfig.corsEnabled()) {
|
||||
cfg.plugins.enableCors { container ->
|
||||
container.add {
|
||||
it.allowHost(
|
||||
"http://localhost:5173", *appConfig.corsHosts().toTypedArray()
|
||||
)
|
||||
}
|
||||
cfg.http.generateEtags = true
|
||||
if (appConfig.corsEnabled()) {
|
||||
cfg.plugins.enableCors { container ->
|
||||
container.add {
|
||||
it.allowHost(
|
||||
"http://localhost:5173", *appConfig.corsHosts().toTypedArray()
|
||||
)
|
||||
}
|
||||
}
|
||||
cfg.http.defaultContentType = ContentType.JSON
|
||||
cfg.compression.gzipOnly()
|
||||
cfg.jsonMapper(JavalinJackson(objectMapper))
|
||||
cfg.accessManager(AppAccessManager())
|
||||
}.routes {
|
||||
path("/auth") {
|
||||
}
|
||||
cfg.http.defaultContentType = ContentType.JSON
|
||||
cfg.compression.gzipOnly()
|
||||
cfg.jsonMapper(JavalinJackson(objectMapper))
|
||||
cfg.accessManager(AppAccessManager())
|
||||
}.routes {
|
||||
path("/auth") {
|
||||
|
||||
get("/endpoint", Auth::endPoint)
|
||||
get("/init", Auth::init)
|
||||
get("/code", Auth::code)
|
||||
get("/keys", Auth::keys)
|
||||
post("/refresh", Auth::refreshToken)
|
||||
get("/endpoint", Auth::endPoint)
|
||||
get("/init", Auth::init)
|
||||
get("/code", Auth::code)
|
||||
get("/keys", Auth::keys)
|
||||
post("/refresh", Auth::refreshToken)
|
||||
}
|
||||
before("/api/*") { ctx ->
|
||||
|
||||
NaiveRateLimit.requestPerTimeUnit(
|
||||
ctx, appConfig.rateLimit().getOrDefault(30), TimeUnit.MINUTES
|
||||
)
|
||||
|
||||
val authToken = ctx.getAuthHeader() ?: throw UnauthorizedResponse()
|
||||
|
||||
|
||||
//there are 2 scenarios, 1) auth user for admin 2) non user for flow, we need to handle both
|
||||
|
||||
setAuthorizedUser(validateAuthToken(authToken = authToken))
|
||||
|
||||
if (appConfig.enforcePayloadEncryption()) {
|
||||
//todo: decrypt the request from user
|
||||
}
|
||||
before("/api/*") { ctx ->
|
||||
}
|
||||
after("/api/*") {
|
||||
|
||||
NaiveRateLimit.requestPerTimeUnit(
|
||||
ctx, appConfig.rateLimit().getOrDefault(30), TimeUnit.MINUTES
|
||||
)
|
||||
val md = MessageDigest.getInstance("SHA-512")
|
||||
md.update((it.result() ?: "").toByteArray())
|
||||
val aMessageDigest = md.digest()
|
||||
|
||||
val authToken = ctx.getAuthHeader() ?: throw UnauthorizedResponse()
|
||||
val outEncoded: String = Base64.getEncoder().encodeToString(aMessageDigest)
|
||||
it.header("X-Checksum", outEncoded)
|
||||
it.header("X-Signature", signPayload(outEncoded))
|
||||
|
||||
if (appConfig.enforcePayloadEncryption()) {
|
||||
//todo: encrypt and send the response back to user
|
||||
}
|
||||
|
||||
//there are 2 scenarios, 1) auth user for admin 2) non user for flow, we need to handle both
|
||||
}
|
||||
path("/api") {
|
||||
|
||||
setAuthorizedUser(validateAuthToken(authToken = authToken))
|
||||
get("/plants") {
|
||||
it.json(currentUserPlants())
|
||||
}
|
||||
post("/audit/{action}") {
|
||||
logger.warn("User ${currentUser()} of tenant ${currentTenant()} has performed ${it.pathParam("action")} @ ${LocalDateTime.now()}")
|
||||
it.json(mapOf("status" to true))
|
||||
}
|
||||
|
||||
if (appConfig.enforcePayloadEncryption()) {
|
||||
//todo: decrypt the request from user
|
||||
path("/vendor") {
|
||||
path("/") {
|
||||
post("", VendorCtrl::create, Roles(Role.Explicit("ROLE_VENDOR_CREATE")))
|
||||
post("/batch", VendorCtrl::createBatch, Roles(Role.Explicit("ROLE_VENDOR_CREATE")))
|
||||
get("/{id}", VendorCtrl::get, Roles(Role.Explicit("ROLE_VENDOR_VIEW", "ROLE_VENDOR_CREATE")))
|
||||
post(
|
||||
"/getAll", VendorCtrl::getAll, Roles(Role.Explicit("ROLE_VENDOR_VIEW", "ROLE_VENDOR_CREATE"))
|
||||
)
|
||||
get(
|
||||
"quotes/{id}", VendorCtrl::getQuotes, Roles(Role.Explicit("ROLE_QUOTE_VIEW", "ROLE_QUOTE_CREATE", "ROLE_VENDOR_VIEW"))
|
||||
)
|
||||
get("pos/{id}", VendorCtrl::getPos, Roles(Role.Explicit("ROLE_PO_VIEW", "ROLE_PO_CREATE`")))
|
||||
put("/rate/{id}/{rating}", VendorCtrl::rate, Roles(Role.Explicit("ROLE_VENDOR_CREATE")))
|
||||
put("/{id}", VendorCtrl::update, Roles(Role.Explicit("ROLE_VENDOR_CREATE")))
|
||||
}
|
||||
path("/incoming") {
|
||||
post("", IncomingInventoryCtrl::create, Roles(Role.Explicit("ROLE_INVENTORY_CREATE")))
|
||||
get("/next", IncomingInventoryCtrl::getNextNum, Roles(Role.Explicit("ROLE_INVENTORY_CREATE")))
|
||||
get(
|
||||
"/{id}", IncomingInventoryCtrl::get, Roles(Role.Explicit("ROLE_INVENTORY_VIEW", "ROLE_INVENTORY_CREATE"))
|
||||
)
|
||||
put("/{id}", IncomingInventoryCtrl::update, Roles(Role.Explicit("ROLE_INVENTORY_CREATE")))
|
||||
post(
|
||||
"/getAll", IncomingInventoryCtrl::getAll, Roles(Role.Explicit("ROLE_INVENTORY_CREATE", "ROLE_INVENTORY_VIEW"))
|
||||
)
|
||||
}
|
||||
path("/outgoing") {
|
||||
post("", OutgoingInventoryCtrl::create, Roles(Role.Explicit("ROLE_INVENTORY_CREATE")))
|
||||
get("/next", OutgoingInventoryCtrl::getNextNum, Roles(Role.Explicit("ROLE_INVENTORY_CREATE")))
|
||||
get(
|
||||
"/{id}", OutgoingInventoryCtrl::get, Roles(Role.Explicit("ROLE_INVENTORY_VIEW", "ROLE_INVENTORY_CREATE"))
|
||||
)
|
||||
put("/{id}", OutgoingInventoryCtrl::update, Roles(Role.Explicit("ROLE_INVENTORY_CREATE")))
|
||||
post(
|
||||
"/getAll", OutgoingInventoryCtrl::getAll, Roles(Role.Explicit("ROLE_INVENTORY_CREATE", "ROLE_INVENTORY_VIEW"))
|
||||
)
|
||||
}
|
||||
path("/invoice") {
|
||||
post("", InvoiceCtrl::create, Roles(Role.Explicit("ROLE_INVOICE_CREATE")))
|
||||
get("/next", InvoiceCtrl::getNextNum, Roles(Role.Explicit("ROLE_INVOICE_CREATE")))
|
||||
get(
|
||||
"/{id}", InvoiceCtrl::get, Roles(Role.Explicit("ROLE_INVOICE_VIEW", "ROLE_INVOICE_CREATE"))
|
||||
)
|
||||
put("/{id}", InvoiceCtrl::update, Roles(Role.Explicit("ROLE_INVOICE_CREATE")))
|
||||
post(
|
||||
"/getAll", InvoiceCtrl::getAll, Roles(Role.Explicit("ROLE_INVOICE_CREATE", "ROLE_INVOICE_VIEW"))
|
||||
)
|
||||
}
|
||||
path("/payment") {
|
||||
post("", PaymentCtrl::create, Roles(Role.Explicit("ROLE_PAYMENT_CREATE")))
|
||||
get(
|
||||
"/{id}", PaymentCtrl::get, Roles(Role.Explicit("ROLE_PAYMENT_VIEW", "ROLE_PAYMENT_CREATE"))
|
||||
)
|
||||
put("/{id}", PaymentCtrl::update, Roles(Role.Explicit("ROLE_PAYMENT_CREATE")))
|
||||
post(
|
||||
"/getAll", PaymentCtrl::getAll, Roles(Role.Explicit("ROLE_PAYMENT_CREATE", "ROLE_PAYMENT_VIEW"))
|
||||
)
|
||||
delete("/{id}", PaymentCtrl::delete, Roles(Role.Explicit("ROLE_PAYMENT_CREATE")))
|
||||
}
|
||||
path("/fleet") {
|
||||
|
||||
post("", FleetCtrl::create, Roles(Role.Explicit("ROLE_FLEET_CREATE")))
|
||||
get(
|
||||
"/{id}", FleetCtrl::get, Roles(Role.Explicit("ROLE_FLEET_VIEW", "ROLE_FLEET_CREATE"))
|
||||
)
|
||||
put("/{id}", FleetCtrl::update, Roles(Role.Explicit("ROLE_FLEET_CREATE")))
|
||||
post(
|
||||
"/getAll", FleetCtrl::getAll, Roles(Role.Explicit("ROLE_FLEET_CREATE", "ROLE_FLEET_VIEW"))
|
||||
)
|
||||
delete("/{id}", FleetCtrl::delete, Roles(Role.Explicit("ROLE_FLEET_CREATE")))
|
||||
}
|
||||
path("/renewal") {
|
||||
post("", RenewalCtrl::create, Roles(Role.Explicit("ROLE_FLEET_CREATE")))
|
||||
get(
|
||||
"/{id}", RenewalCtrl::get, Roles(Role.Explicit("ROLE_FLEET_VIEW", "ROLE_FLEET_CREATE"))
|
||||
)
|
||||
put("/{id}", RenewalCtrl::update, Roles(Role.Explicit("ROLE_FLEET_CREATE")))
|
||||
post(
|
||||
"/getAll", RenewalCtrl::getAll, Roles(Role.Explicit("ROLE_FLEET_CREATE", "ROLE_FLEET_VIEW"))
|
||||
)
|
||||
delete("/{id}", RenewalCtrl::delete, Roles(Role.Explicit("ROLE_FLEET_CREATE")))
|
||||
}
|
||||
path("/reminder") {
|
||||
post("", ReminderCtrl::create, Roles(Role.Explicit("ROLE_REMINDER_CREATE")))
|
||||
get(
|
||||
"/{id}", ReminderCtrl::get, Roles(Role.Explicit("ROLE_REMINDER_VIEW", "ROLE_REMINDER_CREATE"))
|
||||
)
|
||||
put("/{id}", ReminderCtrl::update, Roles(Role.Explicit("ROLE_REMINDER_CREATE")))
|
||||
post(
|
||||
"/getAll", ReminderLogCtrl::getAll, Roles(Role.Explicit("ROLE_REMINDER_CREATE", "ROLE_REMINDER_VIEW"))
|
||||
)
|
||||
post(
|
||||
"/done", ReminderLogCtrl::done, Roles(Role.Explicit("ROLE_REMAINDER_CREATE"))
|
||||
)
|
||||
get(
|
||||
"/getAll/{id}", ReminderCtrl::getAllByFleetId, Roles(Role.Explicit("ROLE_REMINDER_CREATE", "ROLE_REMINDER_VIEW"))
|
||||
)
|
||||
delete(
|
||||
"/{id}", ReminderCtrl::delete, Roles(Role.Explicit("ROLE_REMINDER_CREATE"))
|
||||
)
|
||||
}
|
||||
path("/vehicle") {
|
||||
post("", VehicleCtrl::create, Roles(Role.Explicit("ROLE_FLEET_CREATE")))
|
||||
get(
|
||||
"/{id}", VehicleCtrl::get, Roles(Role.Explicit("ROLE_FLEET_VIEW", "ROLE_FLEET_CREATE"))
|
||||
)
|
||||
put("/{id}", VehicleCtrl::update, Roles(Role.Explicit("ROLE_FLEET_CREATE")))
|
||||
post(
|
||||
"/getAll", VehicleCtrl::getAll, Roles(Role.Explicit("ROLE_FLEET_CREATE", "ROLE_FLEET_VIEW"))
|
||||
)
|
||||
}
|
||||
path("/fleetType") {
|
||||
post("", FleetTypeCtrl::create, Roles(Role.Explicit("ROLE_FLEET_CREATE")))
|
||||
get(
|
||||
"/{id}", FleetTypeCtrl::get, Roles(Role.Explicit("ROLE_FLEET_VIEW", "ROLE_FLEET_CREATE"))
|
||||
)
|
||||
put("/{id}", FleetTypeCtrl::update, Roles(Role.Explicit("ROLE_FLEET_CREATE")))
|
||||
post(
|
||||
"/getAll", FleetTypeCtrl::getAll, Roles(Role.Explicit("ROLE_FLEET_CREATE", "ROLE_FLEET_VIEW"))
|
||||
)
|
||||
}
|
||||
path("/po") {
|
||||
get("/next", PurchaseOrderCtrl::getNextNum, Roles(Role.Explicit("ROLE_PO_CREATE")))
|
||||
post("", PurchaseOrderCtrl::create, Roles(Role.Explicit("ROLE_PO_CREATE")))
|
||||
post("/batch", PurchaseOrderCtrl::createBatch, Roles(Role.Explicit("ROLE_PO_CREATE")))
|
||||
post(
|
||||
"/getAll", PurchaseOrderCtrl::getAll, Roles(Role.Explicit("ROLE_PO_CREATE", "ROLE_PO_VIEW", "ROLE_VENDOR_CREATE"))
|
||||
)
|
||||
get(
|
||||
"/{id}", PurchaseOrderCtrl::get, Roles(Role.Explicit("ROLE_PO_CREATE", "ROLE_PO_VIEW", "ROLE_QUOTE_CREATE"))
|
||||
)
|
||||
put("/{id}", PurchaseOrderCtrl::update, Roles(Role.Explicit("ROLE_PO_CREATE")))
|
||||
put("/approve/{id}", PurchaseOrderCtrl::approve, Roles(Role.Explicit()))
|
||||
put("/reject/{id}", PurchaseOrderCtrl::reject, Roles(Role.Explicit()))
|
||||
get("/refQuote/{id}", PurchaseOrderCtrl::quoteReference, Roles(Role.Explicit("ROLE_PO_CREATE")))
|
||||
}
|
||||
path("/quote") {
|
||||
get("/next", QuotationCtrl::getNextNum, Roles(Role.Explicit("ROLE_QUOTE_CREATE")))
|
||||
post("", QuotationCtrl::create, Roles(Role.Explicit("ROLE_QUOTE_CREATE")))
|
||||
post("/batch", QuotationCtrl::createBatch, Roles(Role.Explicit("ROLE_QUOTE_CREATE")))
|
||||
post(
|
||||
"/getAll", QuotationCtrl::getAll, Roles(Role.Explicit("ROLE_QUOTE_CREATE", "ROLE_QUOTE_VIEW"))
|
||||
)
|
||||
get("/{id}", QuotationCtrl::get, Roles(Role.Explicit("ROLE_QUOTE_VIEW", "ROLE_QUOTE_CREATE")))
|
||||
put("/{id}", QuotationCtrl::update, Roles(Role.Explicit("ROLE_QUOTE_CREATE")))
|
||||
delete("/{id}", QuotationCtrl::delete, Roles(Role.Explicit("ROLE_QUOTE_CREATE")))
|
||||
}
|
||||
path("/product") {
|
||||
post("", ProductCtrl::create, Roles(Role.Explicit("ROLE_PRODUCT_CREATE")))
|
||||
put("/{id}", ProductCtrl::update, Roles(Role.Explicit("ROLE_PRODUCT_CREATE")))
|
||||
delete("/{id}", ProductCtrl::delete, Roles(Role.Explicit("ROLE_PRODUCT_CREATE")))
|
||||
patch("/{id}", ProductCtrl::patch, Roles(Role.Explicit("ROLE_PRODUCT_CREATE")))
|
||||
post("/getAll", ProductCtrl::getAll, Roles(Role.Explicit("ROLE_PRODUCT_VIEW")))
|
||||
get("/{id}", ProductCtrl::get, Roles(Role.Explicit("ROLE_PRODUCT_VIEW")))
|
||||
}
|
||||
path("/doc") {
|
||||
post("", DocumentCtrl::create, Roles(Role.Explicit("ROLE_DOC_CREATE")))
|
||||
//why type and refid are clubbed ??
|
||||
get(
|
||||
"/{type}/{refId}", DocumentCtrl::getWithRefId, Roles(Role.Explicit("ROLE_DOC_VIEW", "ROLE_PRODUCT_CREATE"))
|
||||
)
|
||||
get("/{id}", DocumentCtrl::get, Roles(Role.Explicit("ROLE_DOC_VIEW", "ROLE_PRODUCT_CREATE")))
|
||||
get(
|
||||
"/print/{id}", DocumentCtrl::print, Roles(Role.Explicit("ROLE_DOC_CREATE", "ROLE_DOC_VIEW"))
|
||||
)
|
||||
delete("/{id}", DocumentCtrl::delete, Roles(Role.Explicit("ROLE_DOC_CREATE")))
|
||||
}
|
||||
path("/reqForQuote") {
|
||||
post(
|
||||
"", RequestForQuote::create, Roles(Role.Explicit("ROLE_QUOTE_CREATE", "ROLE_PO_CREATE", "ROLE_RFQ_CREATE"))
|
||||
)
|
||||
get(
|
||||
"/{id}", RequestForQuote::get, Roles(Role.Explicit("ROLE_RFQ_CREATE", "ROLE_RFQ_VIEW", "ROLE_QUOTE_VIEW", "ROLE_PO_VIEW"))
|
||||
)
|
||||
put(
|
||||
"/{id}", RequestForQuote::update, Roles(Role.Explicit("ROLE_QUOTE_CREATE", "ROLE_PO_CREATE", "ROLE_RFQ_CREATE"))
|
||||
)
|
||||
}
|
||||
}
|
||||
after("/api/*") {
|
||||
post("/script/database/{name}", Entities::executeStoredProcedure, Roles(adminRole, Role.DbOps))
|
||||
post("/script/{file}/{name}", Entities::executeScript, Roles(adminRole, Role.DbOps))
|
||||
|
||||
val md = MessageDigest.getInstance("SHA-512")
|
||||
md.update((it.result() ?: "").toByteArray())
|
||||
val aMessageDigest = md.digest()
|
||||
get("/{entity}/{id}", Entities::view, Roles(adminRole, viewRole))
|
||||
post("/{entity}/query/{id}", Entities::sqlQueryById, Roles(adminRole, viewRole))
|
||||
post("/{entity}/query", Entities::sqlQueryRaw, Roles(adminRole, viewRole))
|
||||
post("/{entity}", Entities::create, Roles(adminRole, createRole))
|
||||
|
||||
val outEncoded: String = Base64.getEncoder().encodeToString(aMessageDigest)
|
||||
it.header("X-Checksum", outEncoded)
|
||||
it.header("X-Signature", signPayload(outEncoded))
|
||||
put("/{entity}/approve/{id}", Entities::approve, Roles(adminRole, approveOrRejectRole))
|
||||
put("/{entity}/reject/{id}", Entities::reject, Roles(adminRole, approveOrRejectRole))
|
||||
put("/{entity}/{action}/{id}", Entities::action, Roles(adminRole, Role.Entity))
|
||||
|
||||
if (appConfig.enforcePayloadEncryption()) {
|
||||
//todo: encrypt and send the response back to user
|
||||
}
|
||||
|
||||
}
|
||||
path("/api") {
|
||||
|
||||
get("/plants") {
|
||||
it.json(currentUserPlants())
|
||||
}
|
||||
post("/audit/{action}") {
|
||||
logger.warn("User ${currentUser()} of tenant ${currentTenant()} has performed ${it.pathParam("action")} @ ${LocalDateTime.now()}")
|
||||
it.json(mapOf("status" to true))
|
||||
}
|
||||
|
||||
path("/vendor") {
|
||||
path("/") {
|
||||
post("", VendorCtrl::create, Roles(Role.Explicit("ROLE_VENDOR_CREATE")))
|
||||
post("/batch", VendorCtrl::createBatch, Roles(Role.Explicit("ROLE_VENDOR_CREATE")))
|
||||
get("/{id}", VendorCtrl::get, Roles(Role.Explicit("ROLE_VENDOR_VIEW", "ROLE_VENDOR_CREATE")))
|
||||
post(
|
||||
"/getAll", VendorCtrl::getAll, Roles(Role.Explicit("ROLE_VENDOR_VIEW", "ROLE_VENDOR_CREATE"))
|
||||
)
|
||||
get(
|
||||
"quotes/{id}", VendorCtrl::getQuotes, Roles(Role.Explicit("ROLE_QUOTE_VIEW", "ROLE_QUOTE_CREATE", "ROLE_VENDOR_VIEW"))
|
||||
)
|
||||
get("pos/{id}", VendorCtrl::getPos, Roles(Role.Explicit("ROLE_PO_VIEW", "ROLE_PO_CREATE`")))
|
||||
put("/rate/{id}/{rating}", VendorCtrl::rate, Roles(Role.Explicit("ROLE_VENDOR_CREATE")))
|
||||
put("/{id}", VendorCtrl::update, Roles(Role.Explicit("ROLE_VENDOR_CREATE")))
|
||||
}
|
||||
path("/incoming") {
|
||||
post("", IncomingInventoryCtrl::create, Roles(Role.Explicit("ROLE_INVENTORY_CREATE")))
|
||||
get("/next", IncomingInventoryCtrl::getNextNum, Roles(Role.Explicit("ROLE_INVENTORY_CREATE")))
|
||||
get(
|
||||
"/{id}", IncomingInventoryCtrl::get, Roles(Role.Explicit("ROLE_INVENTORY_VIEW", "ROLE_INVENTORY_CREATE"))
|
||||
)
|
||||
put("/{id}", IncomingInventoryCtrl::update, Roles(Role.Explicit("ROLE_INVENTORY_CREATE")))
|
||||
post(
|
||||
"/getAll", IncomingInventoryCtrl::getAll, Roles(Role.Explicit("ROLE_INVENTORY_CREATE", "ROLE_INVENTORY_VIEW"))
|
||||
)
|
||||
}
|
||||
path("/outgoing") {
|
||||
post("", OutgoingInventoryCtrl::create, Roles(Role.Explicit("ROLE_INVENTORY_CREATE")))
|
||||
get("/next", OutgoingInventoryCtrl::getNextNum, Roles(Role.Explicit("ROLE_INVENTORY_CREATE")))
|
||||
get(
|
||||
"/{id}", OutgoingInventoryCtrl::get, Roles(Role.Explicit("ROLE_INVENTORY_VIEW", "ROLE_INVENTORY_CREATE"))
|
||||
)
|
||||
put("/{id}", OutgoingInventoryCtrl::update, Roles(Role.Explicit("ROLE_INVENTORY_CREATE")))
|
||||
post(
|
||||
"/getAll", OutgoingInventoryCtrl::getAll, Roles(Role.Explicit("ROLE_INVENTORY_CREATE", "ROLE_INVENTORY_VIEW"))
|
||||
)
|
||||
}
|
||||
path("/invoice") {
|
||||
post("", InvoiceCtrl::create, Roles(Role.Explicit("ROLE_INVOICE_CREATE")))
|
||||
get("/next", InvoiceCtrl::getNextNum, Roles(Role.Explicit("ROLE_INVOICE_CREATE")))
|
||||
get(
|
||||
"/{id}", InvoiceCtrl::get, Roles(Role.Explicit("ROLE_INVOICE_VIEW", "ROLE_INVOICE_CREATE"))
|
||||
)
|
||||
put("/{id}", InvoiceCtrl::update, Roles(Role.Explicit("ROLE_INVOICE_CREATE")))
|
||||
post(
|
||||
"/getAll", InvoiceCtrl::getAll, Roles(Role.Explicit("ROLE_INVOICE_CREATE", "ROLE_INVOICE_VIEW"))
|
||||
)
|
||||
}
|
||||
path("/payment") {
|
||||
post("", PaymentCtrl::create, Roles(Role.Explicit("ROLE_PAYMENT_CREATE")))
|
||||
get(
|
||||
"/{id}", PaymentCtrl::get, Roles(Role.Explicit("ROLE_PAYMENT_VIEW", "ROLE_PAYMENT_CREATE"))
|
||||
)
|
||||
put("/{id}", PaymentCtrl::update, Roles(Role.Explicit("ROLE_PAYMENT_CREATE")))
|
||||
post(
|
||||
"/getAll", PaymentCtrl::getAll, Roles(Role.Explicit("ROLE_PAYMENT_CREATE", "ROLE_PAYMENT_VIEW"))
|
||||
)
|
||||
delete("/{id}", PaymentCtrl::delete, Roles(Role.Explicit("ROLE_PAYMENT_CREATE")))
|
||||
}
|
||||
path("/fleet") {
|
||||
|
||||
post("", FleetCtrl::create, Roles(Role.Explicit("ROLE_FLEET_CREATE")))
|
||||
get(
|
||||
"/{id}", FleetCtrl::get, Roles(Role.Explicit("ROLE_FLEET_VIEW", "ROLE_FLEET_CREATE"))
|
||||
)
|
||||
put("/{id}", FleetCtrl::update, Roles(Role.Explicit("ROLE_FLEET_CREATE")))
|
||||
post(
|
||||
"/getAll", FleetCtrl::getAll, Roles(Role.Explicit("ROLE_FLEET_CREATE", "ROLE_FLEET_VIEW"))
|
||||
)
|
||||
delete("/{id}", FleetCtrl::delete, Roles(Role.Explicit("ROLE_FLEET_CREATE")))
|
||||
}
|
||||
path("/renewal") {
|
||||
post("", RenewalCtrl::create, Roles(Role.Explicit("ROLE_FLEET_CREATE")))
|
||||
get(
|
||||
"/{id}", RenewalCtrl::get, Roles(Role.Explicit("ROLE_FLEET_VIEW", "ROLE_FLEET_CREATE"))
|
||||
)
|
||||
put("/{id}", RenewalCtrl::update, Roles(Role.Explicit("ROLE_FLEET_CREATE")))
|
||||
post(
|
||||
"/getAll", RenewalCtrl::getAll, Roles(Role.Explicit("ROLE_FLEET_CREATE", "ROLE_FLEET_VIEW"))
|
||||
)
|
||||
delete("/{id}", RenewalCtrl::delete, Roles(Role.Explicit("ROLE_FLEET_CREATE")))
|
||||
}
|
||||
path("/reminder") {
|
||||
post("", ReminderCtrl::create, Roles(Role.Explicit("ROLE_REMINDER_CREATE")))
|
||||
get(
|
||||
"/{id}", ReminderCtrl::get, Roles(Role.Explicit("ROLE_REMINDER_VIEW", "ROLE_REMINDER_CREATE"))
|
||||
)
|
||||
put("/{id}", ReminderCtrl::update, Roles(Role.Explicit("ROLE_REMINDER_CREATE")))
|
||||
post(
|
||||
"/getAll", ReminderLogCtrl::getAll, Roles(Role.Explicit("ROLE_REMINDER_CREATE", "ROLE_REMINDER_VIEW"))
|
||||
)
|
||||
post(
|
||||
"/done", ReminderLogCtrl::done, Roles(Role.Explicit("ROLE_REMAINDER_CREATE"))
|
||||
)
|
||||
get(
|
||||
"/getAll/{id}", ReminderCtrl::getAllByFleetId, Roles(Role.Explicit("ROLE_REMINDER_CREATE", "ROLE_REMINDER_VIEW"))
|
||||
)
|
||||
delete(
|
||||
"/{id}", ReminderCtrl::delete, Roles(Role.Explicit("ROLE_REMINDER_CREATE"))
|
||||
)
|
||||
}
|
||||
path("/vehicle") {
|
||||
post("", VehicleCtrl::create, Roles(Role.Explicit("ROLE_FLEET_CREATE")))
|
||||
get(
|
||||
"/{id}", VehicleCtrl::get, Roles(Role.Explicit("ROLE_FLEET_VIEW", "ROLE_FLEET_CREATE"))
|
||||
)
|
||||
put("/{id}", VehicleCtrl::update, Roles(Role.Explicit("ROLE_FLEET_CREATE")))
|
||||
post(
|
||||
"/getAll", VehicleCtrl::getAll, Roles(Role.Explicit("ROLE_FLEET_CREATE", "ROLE_FLEET_VIEW"))
|
||||
)
|
||||
}
|
||||
path("/fleetType") {
|
||||
post("", FleetTypeCtrl::create, Roles(Role.Explicit("ROLE_FLEET_CREATE")))
|
||||
get(
|
||||
"/{id}", FleetTypeCtrl::get, Roles(Role.Explicit("ROLE_FLEET_VIEW", "ROLE_FLEET_CREATE"))
|
||||
)
|
||||
put("/{id}", FleetTypeCtrl::update, Roles(Role.Explicit("ROLE_FLEET_CREATE")))
|
||||
post(
|
||||
"/getAll", FleetTypeCtrl::getAll, Roles(Role.Explicit("ROLE_FLEET_CREATE", "ROLE_FLEET_VIEW"))
|
||||
)
|
||||
}
|
||||
path("/po") {
|
||||
get("/next", PurchaseOrderCtrl::getNextNum, Roles(Role.Explicit("ROLE_PO_CREATE")))
|
||||
post("", PurchaseOrderCtrl::create, Roles(Role.Explicit("ROLE_PO_CREATE")))
|
||||
post("/batch", PurchaseOrderCtrl::createBatch, Roles(Role.Explicit("ROLE_PO_CREATE")))
|
||||
post(
|
||||
"/getAll", PurchaseOrderCtrl::getAll, Roles(Role.Explicit("ROLE_PO_CREATE", "ROLE_PO_VIEW", "ROLE_VENDOR_CREATE"))
|
||||
)
|
||||
get(
|
||||
"/{id}", PurchaseOrderCtrl::get, Roles(Role.Explicit("ROLE_PO_CREATE", "ROLE_PO_VIEW", "ROLE_QUOTE_CREATE"))
|
||||
)
|
||||
put("/{id}", PurchaseOrderCtrl::update, Roles(Role.Explicit("ROLE_PO_CREATE")))
|
||||
put("/approve/{id}", PurchaseOrderCtrl::approve, Roles(Role.Explicit()))
|
||||
put("/reject/{id}", PurchaseOrderCtrl::reject, Roles(Role.Explicit()))
|
||||
get("/refQuote/{id}", PurchaseOrderCtrl::quoteReference, Roles(Role.Explicit("ROLE_PO_CREATE")))
|
||||
}
|
||||
path("/quote") {
|
||||
get("/next", QuotationCtrl::getNextNum, Roles(Role.Explicit("ROLE_QUOTE_CREATE")))
|
||||
post("", QuotationCtrl::create, Roles(Role.Explicit("ROLE_QUOTE_CREATE")))
|
||||
post("/batch", QuotationCtrl::createBatch, Roles(Role.Explicit("ROLE_QUOTE_CREATE")))
|
||||
post(
|
||||
"/getAll", QuotationCtrl::getAll, Roles(Role.Explicit("ROLE_QUOTE_CREATE", "ROLE_QUOTE_VIEW"))
|
||||
)
|
||||
get("/{id}", QuotationCtrl::get, Roles(Role.Explicit("ROLE_QUOTE_VIEW", "ROLE_QUOTE_CREATE")))
|
||||
put("/{id}", QuotationCtrl::update, Roles(Role.Explicit("ROLE_QUOTE_CREATE")))
|
||||
delete("/{id}", QuotationCtrl::delete, Roles(Role.Explicit("ROLE_QUOTE_CREATE")))
|
||||
}
|
||||
path("/product") {
|
||||
post("", ProductCtrl::create, Roles(Role.Explicit("ROLE_PRODUCT_CREATE")))
|
||||
put("/{id}", ProductCtrl::update, Roles(Role.Explicit("ROLE_PRODUCT_CREATE")))
|
||||
delete("/{id}", ProductCtrl::delete, Roles(Role.Explicit("ROLE_PRODUCT_CREATE")))
|
||||
patch("/{id}", ProductCtrl::patch, Roles(Role.Explicit("ROLE_PRODUCT_CREATE")))
|
||||
post("/getAll", ProductCtrl::getAll, Roles(Role.Explicit("ROLE_PRODUCT_VIEW")))
|
||||
get("/{id}", ProductCtrl::get, Roles(Role.Explicit("ROLE_PRODUCT_VIEW")))
|
||||
}
|
||||
path("/doc") {
|
||||
post("", DocumentCtrl::create, Roles(Role.Explicit("ROLE_DOC_CREATE")))
|
||||
//why type and refid are clubbed ??
|
||||
get(
|
||||
"/{type}/{refId}", DocumentCtrl::getWithRefId, Roles(Role.Explicit("ROLE_DOC_VIEW", "ROLE_PRODUCT_CREATE"))
|
||||
)
|
||||
get("/{id}", DocumentCtrl::get, Roles(Role.Explicit("ROLE_DOC_VIEW", "ROLE_PRODUCT_CREATE")))
|
||||
get(
|
||||
"/print/{id}", DocumentCtrl::print, Roles(Role.Explicit("ROLE_DOC_CREATE", "ROLE_DOC_VIEW"))
|
||||
)
|
||||
delete("/{id}", DocumentCtrl::delete, Roles(Role.Explicit("ROLE_DOC_CREATE")))
|
||||
}
|
||||
path("/reqForQuote") {
|
||||
post(
|
||||
"", RequestForQuote::create, Roles(Role.Explicit("ROLE_QUOTE_CREATE", "ROLE_PO_CREATE", "ROLE_RFQ_CREATE"))
|
||||
)
|
||||
get(
|
||||
"/{id}", RequestForQuote::get, Roles(Role.Explicit("ROLE_RFQ_CREATE", "ROLE_RFQ_VIEW", "ROLE_QUOTE_VIEW", "ROLE_PO_VIEW"))
|
||||
)
|
||||
put(
|
||||
"/{id}", RequestForQuote::update, Roles(Role.Explicit("ROLE_QUOTE_CREATE", "ROLE_PO_CREATE", "ROLE_RFQ_CREATE"))
|
||||
)
|
||||
}
|
||||
}
|
||||
post("/script/database/{name}", Entities::executeStoredProcedure, Roles(adminRole, Role.DbOps))
|
||||
post("/script/{file}/{name}", Entities::executeScript, Roles(adminRole, Role.DbOps))
|
||||
|
||||
get("/{entity}/{id}", Entities::view, Roles(adminRole, viewRole))
|
||||
post("/{entity}/query/{id}", Entities::sqlQueryById, Roles(adminRole, viewRole))
|
||||
post("/{entity}/query", Entities::sqlQueryRaw, Roles(adminRole, viewRole))
|
||||
post("/{entity}", Entities::create, Roles(adminRole, createRole))
|
||||
|
||||
put("/{entity}/approve/{id}", Entities::approve, Roles(adminRole, approveOrRejectRole))
|
||||
put("/{entity}/reject/{id}", Entities::reject, Roles(adminRole, approveOrRejectRole))
|
||||
put("/{entity}/{action}/{id}", Entities::action, Roles(adminRole, Role.Entity))
|
||||
|
||||
put("/{entity}/{id}", Entities::update, Roles(adminRole, updateRole))
|
||||
patch("/{entity}/{id}", Entities::patch, Roles(adminRole, updateRole))
|
||||
delete("/{entity}/{id}", Entities::delete, Roles(adminRole, Role.Standard(Action.DELETE)))
|
||||
}
|
||||
}.exception(DuplicateKeyException::class.java, Exceptions.dupKeyExceptionHandler).exception(DataIntegrityException::class.java, Exceptions.dataIntegrityException)
|
||||
.exception(DataNotFoundException::class.java, Exceptions.dataNotFoundException).exception(IllegalArgumentException::class.java, Exceptions.illegalArgumentException)
|
||||
.exception(JsonMappingException::class.java, Exceptions.jsonMappingException).exception(InvalidJwtException::class.java, Exceptions.invalidJwtException)
|
||||
.start(appConfig.portNumber())
|
||||
put("/{entity}/{id}", Entities::update, Roles(adminRole, updateRole))
|
||||
patch("/{entity}/{id}", Entities::patch, Roles(adminRole, updateRole))
|
||||
delete("/{entity}/{id}", Entities::delete, Roles(adminRole, Role.Standard(Action.DELETE)))
|
||||
}
|
||||
}.exception(DuplicateKeyException::class.java, Exceptions.dupKeyExceptionHandler)
|
||||
.exception(DataIntegrityException::class.java, Exceptions.dataIntegrityException)
|
||||
.exception(DataNotFoundException::class.java, Exceptions.dataNotFoundException)
|
||||
.exception(IllegalArgumentException::class.java, Exceptions.illegalArgumentException)
|
||||
.exception(JsonMappingException::class.java, Exceptions.jsonMappingException)
|
||||
.exception(InvalidJwtException::class.java, Exceptions.invalidJwtException).start(appConfig.portNumber())
|
||||
}
|
||||
|
||||
private fun Context.getAuthHeader() = header("Authorization")?.replace("Bearer ", "")?.replace("Bearer: ", "")?.trim()
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user