Alicia.DeDiosFuente · 76c3d855 · ac64af48 · 4bbe73fa · d31135d9 · bf52e37b
--- a/AoU-Admin/src/main/java/ch/unige/aou/controller/admin/PublicationCommentController.java

+ 13

− 4
+++ b/AoU-Admin/src/main/java/ch/unige/aou/controller/admin/PublicationCommentController.java

+ 13

− 4
 @@ -2,6 +2,7 @@ package ch.unige.aou.controller.admin;

 import javax.validation.Valid;

+import ch.unige.aou.rest.AouActionName;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnBean;
 import org.springframework.data.domain.Pageable;
 import org.springframework.http.HttpEntity;
 @@ -46,14 +47,22 @@ public class PublicationCommentController extends CompositionController<Publicat

  @GetMapping
  @Override
-  @PreAuthorize("@publicationPermissionService.isAllowed(#parentid, 'LIST_DEPOSIT_COMMENT')")
+  @PreAuthorize("@publicationPermissionService.isAllowed(#parentid, 'LIST_DEPOSIT_COMMENTS')")
  public HttpEntity<Collection<Comment>> list(@PathVariable String parentid, @ModelAttribute Comment comment, Pageable pageable) {
+    comment.setOnlyForValidators(false);
+    return super.list(parentid, comment, pageable);
+  }
+
+  @GetMapping(AouActionName.LIST_VALIDATOR_COMMENTS)
+  @PreAuthorize("@publicationPermissionService.isAllowed(#parentid, 'LIST_VALIDATOR_COMMENTS')")
+  public HttpEntity<Collection<Comment>> listValidatorComments(@PathVariable String parentid, @ModelAttribute Comment comment, Pageable pageable) {
+    comment.setOnlyForValidators(true);
    return super.list(parentid, comment, pageable);
  }

  @GetMapping(SolidifyConstants.URL_ID)
  @Override
-  @PreAuthorize("@publicationPermissionService.isAllowed(#parentid, 'GET_DEPOSIT_COMMENT')")
+  @PreAuthorize("@commentPermissionService.isAllowed(#id, 'GET_DEPOSIT_COMMENT')")
  public HttpEntity<Comment> get(@PathVariable String parentid, @PathVariable String id) {
    return super.get(parentid, id);
  }
 @@ -61,7 +70,7 @@ public class PublicationCommentController extends CompositionController<Publicat
  @PostMapping
  @Override
  @PreAuthorize("@publicationPermissionService.isAllowed(#parentid, 'ADD_DEPOSIT_COMMENT')")
-  public HttpEntity<Comment> create(@PathVariable final String parentid, @Valid @RequestBody final Comment comment) {
+  public HttpEntity<Comment> create(@PathVariable final String parentid, @RequestBody final Comment comment) {
    String authenticatedPersonId = this.personService.getLinkedPersonId(SecurityContextHolder.getContext().getAuthentication());
    Person person = this.personService.findOne(authenticatedPersonId);
    //set Person
 @@ -69,6 +78,7 @@ public class PublicationCommentController extends CompositionController<Publicat
    return super.create(parentid, comment);
  }

+
  @PatchMapping(SolidifyConstants.URL_ID)
  @Override
  @PreAuthorize("@publicationPermissionService.isAllowed(#parentid, 'UPDATE_DEPOSIT_COMMENT')")
 @@ -80,7 +90,6 @@ public class PublicationCommentController extends CompositionController<Publicat
    }else {
      return new ResponseEntity<>(comment, HttpStatus.FORBIDDEN);
    }
-
  }

  @DeleteMapping(SolidifyConstants.URL_ID)