| 1 |
57253
|
michele.ar
|
package eu.dnetlib.organizations.controller;
|
| 2 |
|
|
|
| 3 |
57661
|
michele.ar
|
import java.util.ArrayList;
|
| 4 |
|
|
import java.util.Arrays;
|
| 5 |
57537
|
michele.ar
|
import java.util.HashMap;
|
| 6 |
57650
|
michele.ar
|
import java.util.List;
|
| 7 |
57537
|
michele.ar
|
import java.util.Map;
|
| 8 |
|
|
|
| 9 |
|
|
import org.springframework.beans.factory.annotation.Autowired;
|
| 10 |
57596
|
michele.ar
|
import org.springframework.security.core.Authentication;
|
| 11 |
|
|
import org.springframework.web.bind.annotation.DeleteMapping;
|
| 12 |
57542
|
michele.ar
|
import org.springframework.web.bind.annotation.GetMapping;
|
| 13 |
|
|
import org.springframework.web.bind.annotation.PostMapping;
|
| 14 |
57596
|
michele.ar
|
import org.springframework.web.bind.annotation.RequestBody;
|
| 15 |
57537
|
michele.ar
|
import org.springframework.web.bind.annotation.RequestParam;
|
| 16 |
57253
|
michele.ar
|
import org.springframework.web.bind.annotation.RestController;
|
| 17 |
|
|
|
| 18 |
57542
|
michele.ar
|
import eu.dnetlib.organizations.model.view.UserView;
|
| 19 |
57537
|
michele.ar
|
import eu.dnetlib.organizations.repository.UserRepository;
|
| 20 |
57542
|
michele.ar
|
import eu.dnetlib.organizations.repository.readonly.UserViewRepository;
|
| 21 |
57596
|
michele.ar
|
import eu.dnetlib.organizations.utils.DatabaseUtils;
|
| 22 |
57537
|
michele.ar
|
|
| 23 |
57253
|
michele.ar
|
@RestController
|
| 24 |
|
|
public class UserController {
|
| 25 |
|
|
|
| 26 |
57537
|
michele.ar
|
@Autowired
|
| 27 |
|
|
private UserRepository userRepository;
|
| 28 |
57650
|
michele.ar
|
|
| 29 |
57542
|
michele.ar
|
@Autowired
|
| 30 |
|
|
private UserViewRepository userViewRepository;
|
| 31 |
57596
|
michele.ar
|
@Autowired
|
| 32 |
|
|
private DatabaseUtils dbUtils;
|
| 33 |
57537
|
michele.ar
|
|
| 34 |
57661
|
michele.ar
|
@PostMapping(value = "/registration_api/newUser")
|
| 35 |
57650
|
michele.ar
|
public Map<String, Integer> newUser(final @RequestBody List<String> countries, final Authentication authentication) {
|
| 36 |
|
|
|
| 37 |
|
|
final String email = authentication.getName();
|
| 38 |
|
|
|
| 39 |
57537
|
michele.ar
|
final Map<String, Integer> res = new HashMap<>();
|
| 40 |
57650
|
michele.ar
|
|
| 41 |
|
|
if (!UserInfo.isNotAuthorized(authentication) || userRepository.existsById(email)) {
|
| 42 |
57537
|
michele.ar
|
res.put("status", 2);
|
| 43 |
|
|
} else {
|
| 44 |
57650
|
michele.ar
|
dbUtils.newUser(email, countries);
|
| 45 |
57537
|
michele.ar
|
res.put("status", 1);
|
| 46 |
|
|
}
|
| 47 |
|
|
return res;
|
| 48 |
|
|
}
|
| 49 |
|
|
|
| 50 |
57542
|
michele.ar
|
@GetMapping("/api/users")
|
| 51 |
57661
|
michele.ar
|
public Iterable<UserView> users(final Authentication authentication) {
|
| 52 |
|
|
if (UserInfo.isSuperAdmin(authentication)) {
|
| 53 |
|
|
return userViewRepository.findAll();
|
| 54 |
|
|
} else if (UserInfo.isNationalAdmin(authentication)) {
|
| 55 |
|
|
|
| 56 |
|
|
// IMPORTANT: a national admin can manage ONLY the users where ALL the countries are under his control
|
| 57 |
|
|
final List<UserView> res = new ArrayList<>();
|
| 58 |
|
|
final List<String> myCountries = dbUtils.listCountriesForUser(authentication.getName());
|
| 59 |
|
|
|
| 60 |
|
|
for (final UserView uw : userViewRepository.findAll()) {
|
| 61 |
|
|
if (uw.getCountries() != null && uw.getCountries().length > 0 && myCountries.containsAll(Arrays.asList(uw.getCountries()))) {
|
| 62 |
|
|
res.add(uw);
|
| 63 |
|
|
}
|
| 64 |
|
|
}
|
| 65 |
|
|
return res;
|
| 66 |
|
|
} else {
|
| 67 |
|
|
return new ArrayList<>();
|
| 68 |
|
|
}
|
| 69 |
57542
|
michele.ar
|
}
|
| 70 |
|
|
|
| 71 |
57596
|
michele.ar
|
@PostMapping("/api/users")
|
| 72 |
|
|
public Iterable<UserView> save(@RequestBody final UserView userView, final Authentication authentication) {
|
| 73 |
|
|
if (authentication.getName().equals(userView.getEmail())) { throw new RuntimeException("You can't edit your own user"); }
|
| 74 |
|
|
dbUtils.saveUser(userView);
|
| 75 |
57661
|
michele.ar
|
return users(authentication);
|
| 76 |
57596
|
michele.ar
|
}
|
| 77 |
|
|
|
| 78 |
|
|
@DeleteMapping("/api/users")
|
| 79 |
|
|
public Iterable<UserView> delete(final @RequestParam String email, final Authentication authentication) {
|
| 80 |
|
|
if (authentication.getName().equals(email)) { throw new RuntimeException("You can't delete your own user"); }
|
| 81 |
|
|
dbUtils.deleteUser(email);
|
| 82 |
57661
|
michele.ar
|
return users(authentication);
|
| 83 |
57596
|
michele.ar
|
}
|
| 84 |
|
|
|
| 85 |
57253
|
michele.ar
|
}
|