@Override public ActionEntity getAction(final Integer actionId) { // get the action final Action action = auditService.getAction(actionId); // ensure the action was found if (action == null) { throw new ResourceNotFoundException(String.format("Unable to find action with id '%s'.", actionId)); } final AuthorizationResult result = authorizeAction(action); final boolean authorized = Result.Approved.equals(result.getResult()); if (!authorized) { throw new AccessDeniedException(result.getExplanation()); } // return the action return entityFactory.createActionEntity(dtoFactory.createActionDto(action), authorized); }
@Override public HistoryDTO getActions(final HistoryQueryDTO historyQueryDto) { // extract the query criteria final HistoryQuery historyQuery = new HistoryQuery(); historyQuery.setStartDate(historyQueryDto.getStartDate()); historyQuery.setEndDate(historyQueryDto.getEndDate()); historyQuery.setSourceId(historyQueryDto.getSourceId()); historyQuery.setUserIdentity(historyQueryDto.getUserIdentity()); historyQuery.setOffset(historyQueryDto.getOffset()); historyQuery.setCount(historyQueryDto.getCount()); historyQuery.setSortColumn(historyQueryDto.getSortColumn()); historyQuery.setSortOrder(historyQueryDto.getSortOrder()); // perform the query final History history = auditService.getActions(historyQuery); // only retain authorized actions final HistoryDTO historyDto = dtoFactory.createHistoryDto(history); if (history.getActions() != null) { final List<ActionEntity> actionEntities = new ArrayList<>(); for (final Action action : history.getActions()) { final AuthorizationResult result = authorizeAction(action); actionEntities.add(entityFactory.createActionEntity(dtoFactory.createActionDto(action), Result.Approved.equals(result.getResult()))); } historyDto.setActions(actionEntities); } // create the response return historyDto; }