/ - Diff - D-Net - D-Net project tracking tool

« Previous | Next »

Revision 52620

Added by Konstantina Galouni about 5 years ago

HelloWorldService.java: in method for path 'project/claims' return claims:
either if user's email is included in 'contact_person' field of 'project' table of postgres databaase
or if user has 'Curator - Project' role.

+            }
             UserInfo userInfo = authorization.getUserHandler().getUserInfo(token);
             if(authorization.isProjectCurator(userInfo)|| authorization.isClaimCurator(userInfo)) {
     //        if(authorization.isProjectCurator(userInfo)) {
                 String userMail = userInfo.getEmail();
                 int total = -1;
-...
                 List<Claim> claims = null;
                 try {
                     String projectId = fetchProjectHandler.fetchProjectIdByToken(projectToken,userMail);
                     String projectId = null;
                     if(authorization.isProjectCurator(userInfo)) {
                         projectId = fetchProjectHandler.fetchProjectIdByToken(projectToken);
                     } else {
                         projectId = fetchProjectHandler.fetchProjectIdByTokenAndEmail(projectToken, userMail);
+                    }
                     //String projectId = fetchProjectHandler.fetchProjectIdByToken(projectToken,userMail);
                     if(projectId == null){
                         return Response.status(Response.Status.FORBIDDEN).entity(compose403Message("Forbidden: You don't have permission to access"))
                                 .type(MediaType.APPLICATION_JSON)
-...
                     return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(compose500Message("Fail to fetch claims" +
                             " for projects with token " + projectToken + ".", e)).type(MediaType.APPLICATION_JSON).build();
+                }
+            }
     //        }
             return Response.status(Response.Status.FORBIDDEN).entity(compose403Message("Forbidden: You don't have permission to access"))
                     .type(MediaType.APPLICATION_JSON)
                     .build();
     //        return Response.status(Response.Status.FORBIDDEN).entity(compose403Message("Forbidden: You don't have permission to access"))
     //                .type(MediaType.APPLICATION_JSON)
     //                .build();
+        }
         @GET
         @Path("/contexts/{contextId}/claims")

modules/uoa-claims-api/trunk/src/main/resources/eu/dnetlib/openaire/rest/springContext-claims-authorization.properties
1	1
2		services.claims.authorization.userInfoUrl = http://mpagasas.di.uoa.gr:8080/dnet-user-management-1.0.0-SNAPSHOT/api/users/getUserInfo?accessToken=
	2	services.claims.authorization.userInfoUrl = http://mpagasas.di.uoa.gr:8080/dnet-openaire-users-1.0.0-SNAPSHOT/api/users/getUserInfo?accessToken=
3	3	services.claims.authorization.originServer = .di.uoa.gr
4	4	services.claims.authorization.registeredRoles = Super Administrator,Portal Administrator,Expert - Community,Expert - Funder,Curator - Claim,Curator - Project,Curator - Community,Curator - Institution,Author,Registered User,User Manager
5	5	services.claims.authorization.claimCuratorRoles = Super Administrator,Curator - Claim,Portal Administrator

Also available in: Unified diff

Project

General

Profile

D-Net

Revision 52620

Added by Konstantina Galouni about 5 years ago