Revision 51938
Added by Argiro Kokogiannaki almost 6 years ago
HelloWorldService.java | ||
---|---|---|
75 | 75 |
.build(); |
76 | 76 |
} |
77 | 77 |
|
78 |
if(authorization.isAdmin(token)) {
|
|
78 |
if(authorization.isClaimCurator(token)) {
|
|
79 | 79 |
|
80 | 80 |
int total = -1; |
81 | 81 |
|
... | ... | |
117 | 117 |
@HeaderParam("X-XSRF-TOKEN") String token, |
118 | 118 |
@CookieParam("AccessToken") String cookie, |
119 | 119 |
@Context HttpServletRequest request) { |
120 |
|
|
121 | 120 |
|
121 |
|
|
122 | 122 |
if(token == null || token.isEmpty() || cookie == null || cookie.isEmpty() || !cookie.equals(token)){ |
123 | 123 |
authorization.logStatus(token,cookie); |
124 | 124 |
return Response.status(Response.Status.FORBIDDEN).entity(compose403Message("Forbidden: You don't have permission to access. Maybe you are not registered.")) |
... | ... | |
127 | 127 |
} |
128 | 128 |
|
129 | 129 |
UserInfo userInfo = authorization.getUserHandler().getUserInfo(token); |
130 |
if(authorization.isProjectCurator(userInfo)) { |
|
130 |
if(authorization.isProjectCurator(userInfo)|| authorization.isClaimCurator(userInfo)) {
|
|
131 | 131 |
String userMail = userInfo.getEmail(); |
132 | 132 |
|
133 | 133 |
int total = -1; |
... | ... | |
190 | 190 |
} |
191 | 191 |
// logger.debug("Calling API for context with token " + token); |
192 | 192 |
|
193 |
if(authorization.isAdmin(token)) {
|
|
193 |
if(authorization.isCommunityCurator(token) || authorization.isClaimCurator(token)) {
|
|
194 | 194 |
|
195 | 195 |
int total = -1; |
196 | 196 |
if (contextId == null || contextId.isEmpty()) { |
... | ... | |
232 | 232 |
@HeaderParam("X-XSRF-TOKEN") String token, |
233 | 233 |
@CookieParam("AccessToken") String cookie, |
234 | 234 |
@Context HttpServletRequest request) { |
235 |
|
|
236 | 235 |
|
236 |
|
|
237 | 237 |
if(token == null || token.isEmpty() || cookie == null || cookie.isEmpty() || !cookie.equals(token)){ |
238 | 238 |
authorization.logStatus(token,cookie); |
239 | 239 |
return Response.status(Response.Status.FORBIDDEN).entity(compose403Message("Forbidden: You don't have permission to access. Maybe you are not registered.")) |
... | ... | |
241 | 241 |
.build(); |
242 | 242 |
} |
243 | 243 |
|
244 |
if(authorization.isAdmin(token)) {
|
|
244 |
if(authorization.isClaimCurator(token)) {
|
|
245 | 245 |
|
246 | 246 |
int total = -1; |
247 | 247 |
if (resultId == null || resultId.isEmpty()) { |
... | ... | |
281 | 281 |
@HeaderParam("X-XSRF-TOKEN") String token, |
282 | 282 |
@CookieParam("AccessToken") String cookie, |
283 | 283 |
@Context HttpServletRequest request) { |
284 |
|
|
285 | 284 |
|
285 |
|
|
286 | 286 |
if(token == null || token.isEmpty() || cookie == null || cookie.isEmpty() || !cookie.equals(token)){ |
287 | 287 |
return Response.status(Response.Status.FORBIDDEN).entity(compose403Message("Forbidden: You don't have permission to access. Maybe you are not registered.")) |
288 | 288 |
.type(MediaType.APPLICATION_JSON) |
... | ... | |
335 | 335 |
@HeaderParam("X-XSRF-TOKEN") String token, |
336 | 336 |
@CookieParam("AccessToken") String cookie, |
337 | 337 |
@Context HttpServletRequest request) { |
338 |
|
|
339 | 338 |
|
339 |
|
|
340 | 340 |
if(token == null || token.isEmpty() || cookie == null || cookie.isEmpty() || !cookie.equals(token)){ |
341 | 341 |
return Response.status(Response.Status.FORBIDDEN).entity(compose403Message("Forbidden: You don't have permission to access. Maybe you are not registered.")) |
342 | 342 |
.type(MediaType.APPLICATION_JSON) |
... | ... | |
395 | 395 |
@CookieParam("AccessToken") String cookie, |
396 | 396 |
@Context HttpServletRequest request) { |
397 | 397 |
|
398 |
|
|
398 |
|
|
399 | 399 |
logger.debug("Header \"Origin\" has value " + origin); |
400 |
|
|
401 | 400 |
|
402 | 401 |
|
402 |
|
|
403 | 403 |
if(token == null || token.isEmpty() || cookie == null || cookie.isEmpty() || !cookie.equals(token)){ |
404 | 404 |
logger.debug("User is not authorized - Eroor 403"); |
405 | 405 |
|
... | ... | |
408 | 408 |
.build(); |
409 | 409 |
} |
410 | 410 |
|
411 |
if(authorization.isAdmin(token)) {
|
|
411 |
if(authorization.isClaimCurator(token)) {
|
|
412 | 412 |
logger.debug("User is authorized ! !"); |
413 | 413 |
List<Claim> claims = null; |
414 |
|
|
414 |
|
|
415 | 415 |
int total = -1; |
416 | 416 |
try { |
417 | 417 |
claims = fetchClaimHandler.fetchAllClaims(limit, offset, keyword, orderby, descending, types,false); |
... | ... | |
517 | 517 |
@HeaderParam("Origin") String origin, |
518 | 518 |
@CookieParam("AccessToken") String cookie){ |
519 | 519 |
|
520 |
|
|
521 | 520 |
|
521 |
|
|
522 | 522 |
if(token == null || token.isEmpty() || cookie == null || cookie.isEmpty() || !cookie.equals(token)|| !authorization.hasValidOrigin(origin)){ |
523 | 523 |
return Response.status(Response.Status.FORBIDDEN).entity(compose403Message("Forbidden: You don't have permission to access. Maybe you are not registered.")) |
524 | 524 |
.type(MediaType.APPLICATION_JSON) |
... | ... | |
540 | 540 |
try { |
541 | 541 |
|
542 | 542 |
if (authorization.isRegistered(userInfo)) { |
543 |
if (authorization.isAdmin(userInfo) || userInfo.getEmail().equals(fetchClaimHandler.fetchClaimById(claimId,false).getUserMail())) {
|
|
543 |
if (authorization.isClaimCurator(userInfo) || authorization.isCommunityCurator(userInfo) || userInfo.getEmail().equals(fetchClaimHandler.fetchClaimById(claimId,false).getUserMail())) {
|
|
544 | 544 |
if (claimHandler.deleteClaim(claimId)) { |
545 | 545 |
deletedIds.add(claimId); |
546 | 546 |
} else { |
... | ... | |
580 | 580 |
@HeaderParam("X-XSRF-TOKEN") String token, |
581 | 581 |
@HeaderParam("Origin") String origin, |
582 | 582 |
@CookieParam("AccessToken") String cookie) { |
583 |
|
|
584 | 583 |
|
584 |
|
|
585 | 585 |
if(token == null || token.isEmpty() || cookie == null || cookie.isEmpty() || !cookie.equals(token) || !authorization.hasValidOrigin(origin)){ |
586 | 586 |
return Response.status(Response.Status.FORBIDDEN).entity(compose403Message("Forbidden: You don't have permission to access. Maybe you are not registered.")) |
587 | 587 |
.type(MediaType.APPLICATION_JSON) |
... | ... | |
653 | 653 |
@HeaderParam("X-XSRF-TOKEN") String token, |
654 | 654 |
@HeaderParam("Origin") String origin, |
655 | 655 |
@CookieParam("AccessToken") String cookie) { |
656 |
|
|
657 | 656 |
|
657 |
|
|
658 | 658 |
if(token == null || token.isEmpty() || cookie == null || cookie.isEmpty() || !cookie.equals(token)|| !authorization.hasValidOrigin(origin)){ |
659 | 659 |
return Response.status(Response.Status.FORBIDDEN).entity(compose403Message("Forbidden: You don't have permission to access. Maybe you are not registered.")) |
660 | 660 |
.type(MediaType.APPLICATION_JSON) |
... | ... | |
757 | 757 |
@HeaderParam("X-XSRF-TOKEN") String token, |
758 | 758 |
@HeaderParam("Origin") String origin, |
759 | 759 |
@CookieParam("AccessToken") String cookie) { |
760 |
|
|
761 | 760 |
|
761 |
|
|
762 | 762 |
if(token == null || token.isEmpty() || cookie == null || cookie.isEmpty() || !cookie.equals(token)|| !authorization.hasValidOrigin(origin)){ |
763 | 763 |
return Response.status(Response.Status.FORBIDDEN).entity(compose403Message("Forbidden: You don't have permission to access. Maybe you are not registered.")) |
764 | 764 |
.type(MediaType.APPLICATION_JSON) |
... | ... | |
828 | 828 |
|
829 | 829 |
|
830 | 830 |
if(token == null || token.isEmpty() || cookie == null || cookie.isEmpty() || !cookie.equals(token)|| !authorization.hasValidOrigin(origin)){ |
831 |
|
|
831 |
|
|
832 | 832 |
return Response.status(Response.Status.FORBIDDEN).entity(compose403Message("Forbidden: You don't have permission to access. Maybe you are not registered.")) |
833 | 833 |
.type(MediaType.APPLICATION_JSON) |
834 | 834 |
.build(); |
... | ... | |
875 | 875 |
@Produces(MediaType.APPLICATION_JSON) |
876 | 876 |
public Response fetchCommunities(@HeaderParam("X-XSRF-TOKEN") String token, |
877 | 877 |
@CookieParam("AccessToken") String cookie) throws ISLookUpServiceException { |
878 |
|
|
879 | 878 |
|
879 |
|
|
880 | 880 |
if(token == null || token.isEmpty() || cookie == null || cookie.isEmpty() || !cookie.equals(token)){ |
881 | 881 |
return Response.status(Response.Status.FORBIDDEN).entity(compose403Message("Forbidden: You don't have permission to access. Maybe you are not registered.")) |
882 | 882 |
.type(MediaType.APPLICATION_JSON) |
... | ... | |
903 | 903 |
public Response fetchCommunityCategories(@PathParam("communityid") String communityid, |
904 | 904 |
@HeaderParam("X-XSRF-TOKEN") String token, |
905 | 905 |
@CookieParam("AccessToken") String cookie) throws ISLookUpServiceException { |
906 |
|
|
907 | 906 |
|
907 |
|
|
908 | 908 |
if(token == null || token.isEmpty() || cookie == null || cookie.isEmpty() || !cookie.equals(token)){ |
909 | 909 |
return Response.status(Response.Status.FORBIDDEN).entity(compose403Message("Forbidden: You don't have permission to access. Maybe you are not registered.")) |
910 | 910 |
.type(MediaType.APPLICATION_JSON) |
... | ... | |
938 | 938 |
public Response fetchCategoryConcepts(@PathParam("categoryid") String categoryid, |
939 | 939 |
@HeaderParam("X-XSRF-TOKEN") String token, |
940 | 940 |
@CookieParam("AccessToken") String cookie) throws ISLookUpServiceException { |
941 |
|
|
942 | 941 |
|
942 |
|
|
943 | 943 |
if(token == null || token.isEmpty() || cookie == null || cookie.isEmpty() || !cookie.equals(token)){ |
944 | 944 |
return Response.status(Response.Status.FORBIDDEN).entity(compose403Message("Forbidden: You don't have permission to access. Maybe you are not registered.")) |
945 | 945 |
.type(MediaType.APPLICATION_JSON) |
... | ... | |
1131 | 1131 |
// Authorization authorization = context.getBean(Authorization.class); |
1132 | 1132 |
// UserHandler userHandler = context.getBean(UserHandler.class); |
1133 | 1133 |
// System.out.println(authorization.getAdminRoles()); |
1134 |
// authorization.isAdmin("eyJraWQiOiJvaWRjIiwiYWxnIjoiUlMyNTYifQ.eyJzdWIiOiIwOTMxNzMwMTMyODMzNjMyQG9wZW5taW50ZWQuZXUiLCJhenAiOiIyNGU4MzE3Ni0xMzEyLTRiYTMtYmMwYi1mZmVlYmVhMTYwM2UiLCJpc3MiOiJodHRwczpcL1wvYWFpLm9wZW5taW50ZWQuZXVcL29pZGNcLyIsImV4cCI6MTQ5ODQ4NTk3NiwiaWF0IjoxNDk4NDcxNTc2LCJqdGkiOiJkMWRlZjc1Yi00MTEyLTRiZDktYTIyNi0wZThhOWI2M2Y3MWQifQ.WVYOb_yO8OaxIIt2jRYEDQBhGGFRDTBw3DgtVV_smuN5yx1ScCj6aehLu3JKPSArme4m2SGF4TEGhpwNJkwhM2WapGtxmtuCmCzYIo_QlC1Yki9hr2OT2rXMcQsJCiKaBSf6pLue6Sn78GMB5yaUTvOQHRgidXGiZXH5lsuZUx15Q6Equ_wzond_rgP9mRheRkTyIFuvvg4PuzmudBc11Ty863vIIQtoWF7_p98zTbHxiNF9lLPwzPZKxDoQ8JeayQEC-jsWVLgxmp-h0jG_Ko5jFVVJeeosqMMucOrs2FT_NKHVYVqB6VVh0C6nOufeiLrNDeMUlDT4dAvKD2zE9w");
|
|
1134 |
// authorization.isClaimCurator("eyJraWQiOiJvaWRjIiwiYWxnIjoiUlMyNTYifQ.eyJzdWIiOiIwOTMxNzMwMTMyODMzNjMyQG9wZW5taW50ZWQuZXUiLCJhenAiOiIyNGU4MzE3Ni0xMzEyLTRiYTMtYmMwYi1mZmVlYmVhMTYwM2UiLCJpc3MiOiJodHRwczpcL1wvYWFpLm9wZW5taW50ZWQuZXVcL29pZGNcLyIsImV4cCI6MTQ5ODQ4NTk3NiwiaWF0IjoxNDk4NDcxNTc2LCJqdGkiOiJkMWRlZjc1Yi00MTEyLTRiZDktYTIyNi0wZThhOWI2M2Y3MWQifQ.WVYOb_yO8OaxIIt2jRYEDQBhGGFRDTBw3DgtVV_smuN5yx1ScCj6aehLu3JKPSArme4m2SGF4TEGhpwNJkwhM2WapGtxmtuCmCzYIo_QlC1Yki9hr2OT2rXMcQsJCiKaBSf6pLue6Sn78GMB5yaUTvOQHRgidXGiZXH5lsuZUx15Q6Equ_wzond_rgP9mRheRkTyIFuvvg4PuzmudBc11Ty863vIIQtoWF7_p98zTbHxiNF9lLPwzPZKxDoQ8JeayQEC-jsWVLgxmp-h0jG_Ko5jFVVJeeosqMMucOrs2FT_NKHVYVqB6VVh0C6nOufeiLrNDeMUlDT4dAvKD2zE9w");
|
|
1135 | 1135 |
|
1136 | 1136 |
} |
1137 | 1137 |
|
Also available in: Unified diff
add more roles for community curators | distinct admin and claim curators