vaultWeb.security.aspects.AdminOnlyAspect

@Component public class AdminOnlyAspect extends Object

Aspect that enforces admin-only access for methods annotated with AdminOnly.

This aspect intercepts method calls and verifies that the currently authenticated user has an ADMIN role in the specified group. If the user is not authenticated or does not have admin privileges, an AdminAccessDeniedException is thrown.

Methods annotated with @AdminOnly must have the group ID as the first parameter (of type Long) to allow the aspect to verify the user's role within that group.

Constructor Summary

Constructors

Constructor

Description

AdminOnlyAspect()
Method Summary

Modifier and Type

Method

Description

void

checkAdmin(org.aspectj.lang.JoinPoint joinPoint)

Advice that runs before any method annotated with AdminOnly.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details
- AdminOnlyAspect
  
  public AdminOnlyAspect()
Method Details
- checkAdmin
  
  public void checkAdmin(org.aspectj.lang.JoinPoint joinPoint)
  
  Advice that runs before any method annotated with AdminOnly.
  Checks if the current user is authenticated and has an ADMIN role in the specified group. Throws AdminAccessDeniedException if the user is not authenticated or not an admin.
  
  Parameters:
  
  joinPoint - the join point providing access to the method being invoked and its arguments
  
  Throws:
  
  AdminAccessDeniedException - if the user is not authenticated or does not have admin privileges
  
  IllegalArgumentException - if the method does not have a group ID (Long) as its first argument

Class AdminOnlyAspect

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Constructor Details

AdminOnlyAspect

Method Details

checkAdmin