Project

General

Profile

« Previous | Next » 

Revision 59851

Added by Konstantinos Triantafyllou over 3 years ago

[Users]: Update users' session when roles have been updated

View differences:

modules/dnet-openaire-users/trunk/src/main/java/eu/dnetlib/openaire/usermanagement/api/RegistryService.java
3 3 
import com.google.gson.JsonArray;
4 4 
import com.google.gson.JsonObject;
5 5 
import com.google.gson.JsonParser;
6 
import eu.dnetlib.openaire.user.login.utils.AuthoritiesUpdater;
6 7 
import eu.dnetlib.openaire.user.pojos.RoleVerification;
7 8 
import eu.dnetlib.openaire.user.utils.EmailSender;
8 9 
import eu.dnetlib.openaire.usermanagement.dto.Role;
10 
import eu.dnetlib.openaire.usermanagement.utils.AuthorizationService;
9 11 
import eu.dnetlib.openaire.usermanagement.utils.JsonUtils;
10 12 
import eu.dnetlib.openaire.usermanagement.utils.RegistryCalls;
11 13 
import eu.dnetlib.openaire.usermanagement.utils.VerificationUtils;
12 14 
import org.apache.log4j.Logger;
15 
import org.mitre.openid.connect.model.OIDCAuthenticationToken;
13 16 
import org.springframework.beans.factory.annotation.Autowired;
14 17 
import org.springframework.http.HttpStatus;
15 18 
import org.springframework.security.access.prepost.PreAuthorize;
19 
import org.springframework.security.core.GrantedAuthority;
20 
import org.springframework.security.core.authority.SimpleGrantedAuthority;
21 
import org.springframework.security.core.context.SecurityContextHolder;
16 22 
import org.springframework.stereotype.Component;
17 23 
import org.springframework.web.bind.annotation.RequestBody;
18 24 

  		




  ......




  20
  26
  
    
import javax.ws.rs.*;


  		




  21
  27
  
    
import javax.ws.rs.core.MediaType;


  		




  22
  28
  
    
import javax.ws.rs.core.Response;


  		




  
  29
  
    
import java.util.Collection;


  		




  
  30
  
    
import java.util.HashSet;


  		




  23
  31
  
    

  		




  24
  32
  
    
@Component(value = "RegistryService")


  		




  25
  33
  
    
@Path("/registry")


  		




  ......




  39
  47
  
    
    @Autowired


  		




  40
  48
  
    
    private VerificationUtils verificationUtils;


  		




  41
  49
  
    

  		




  
  50
  
    
    @Autowired


  		




  
  51
  
    
    private AuthoritiesUpdater authoritiesUpdater;


  		




  42
  52
  
    

  		




  
  53
  
    
    @Autowired


  		




  
  54
  
    
    private AuthorizationService authorizationService;


  		




  
  55
  
    

  		




  
  56
  
    
    private String getEmail() {


  		




  
  57
  
    
        OIDCAuthenticationToken authenticationToken = (OIDCAuthenticationToken) SecurityContextHolder.getContext().getAuthentication();


  		




  
  58
  
    
        return authenticationToken.getUserInfo().getEmail();


  		




  
  59
  
    
    }


  		




  
  60
  
    

  		




  43
  61
  
    
    /**


  		




  44
  62
  
    
     * Subscribe to a type(Community, etc.) with id(ee, egi, etc.)


  		




  45
  63
  
    
     */


  		




  ......




  53
  71
  
    
        if (couId != null) {


  		




  54
  72
  
    
            Integer role = calls.getRoleId(coPersonId, couId);


  		




  55
  73
  
    
            calls.assignMemberRole(coPersonId, couId, role);


  		




  
  74
  
    
            authoritiesUpdater.update(getEmail(), old -> {


  		




  
  75
  
    
                HashSet<SimpleGrantedAuthority> authorities = new HashSet<>((Collection<? extends SimpleGrantedAuthority>) old);


  		




  
  76
  
    
                authorities.add(new SimpleGrantedAuthority(authorizationService.member(type, id)));


  		




  
  77
  
    
                return authorities;


  		




  
  78
  
    
            });


  		




  56
  79
  
    
            return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse("Role has been assigned").toString()).type(MediaType.APPLICATION_JSON).build();


  		




  57
  80
  
    
        } else {


  		




  58
  81
  
    
            return Response.status(HttpStatus.NOT_FOUND.value()).entity(jsonUtils.createResponse("Role has not been found").toString()).type(MediaType.APPLICATION_JSON).build();


  		




  ......




  75
  98
  
    
            if (role != null) {


  		




  76
  99
  
    
                calls.removeAdminRole(coPersonId, couId);


  		




  77
  100
  
    
                calls.removeMemberRole(coPersonId, couId, role);


  		




  
  101
  
    
                authoritiesUpdater.update(getEmail(), old -> {


  		




  
  102
  
    
                    HashSet<SimpleGrantedAuthority> authorities = new HashSet<>((Collection<? extends SimpleGrantedAuthority>) old);


  		




  
  103
  
    
                    authorities.remove(new SimpleGrantedAuthority(authorizationService.manager(type, id)));


  		




  
  104
  
    
                    authorities.remove(new SimpleGrantedAuthority(authorizationService.member(type, id)));


  		




  
  105
  
    
                    return authorities;


  		




  
  106
  
    
                });


  		




  78
  107
  
    
                return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse("Role has been removed").toString()).type(MediaType.APPLICATION_JSON).build();


  		




  79
  108
  
    
            } else


  		




  80
  109
  
    
                return Response.status(HttpStatus.NOT_FOUND.value()).entity(jsonUtils.createResponse("User does not have this role").toString()).type(MediaType.APPLICATION_JSON).build();


  		




  ......




  309
  338
  
    
                            if (calls.getUserAdminGroup(coPersonId, couId) == null) {


  		




  310
  339
  
    
                                verificationUtils.deleteManagerVerifications(verification.getEmail(), verification.getType(), verification.getEntity());


  		




  311
  340
  
    
                                calls.assignAdminRole(coPersonId, couId);


  		




  
  341
  
    
                                authoritiesUpdater.update(verification.getEmail(), old -> {


  		




  
  342
  
    
                                    HashSet<SimpleGrantedAuthority> authorities = new HashSet<>((Collection<? extends SimpleGrantedAuthority>) old);


  		




  
  343
  
    
                                    authorities.add(new SimpleGrantedAuthority(authorizationService.member(verification.getType(), verification.getEntity())));


  		




  
  344
  
    
                                    authorities.add(new SimpleGrantedAuthority(authorizationService.manager(verification.getType(), verification.getEntity())));


  		




  
  345
  
    
                                    return authorities;


  		




  
  346
  
    
                                });


  		




  312
  347
  
    
                                return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse("Admin role has been assigned").toString()).type(MediaType.APPLICATION_JSON).build();


  		




  313
  348
  
    
                            } else {


  		




  314
  349
  
    
                                return Response.status(HttpStatus.CONFLICT.value()).entity(jsonUtils.createResponse("User is already admin of this cou").toString()).type(MediaType.APPLICATION_JSON).build();


  		




  ......




  349
  384
  
    
                        if (couId != null) {


  		




  350
  385
  
    
                            Integer role = calls.getRoleId(coPersonId, couId);


  		




  351
  386
  
    
                            calls.assignMemberRole(coPersonId, couId, role);


  		




  
  387
  
    
                            authoritiesUpdater.update(verification.getEmail(), old -> {


  		




  
  388
  
    
                                HashSet<SimpleGrantedAuthority> authorities = new HashSet<>((Collection<? extends SimpleGrantedAuthority>) old);


  		




  
  389
  
    
                                authorities.add(new SimpleGrantedAuthority(authorizationService.member(verification.getType(), verification.getEntity())));


  		




  
  390
  
    
                                return authorities;


  		




  
  391
  
    
                            });


  		




  352
  392
  
    
                            verificationUtils.deleteMemberVerifications(verification.getEmail(), verification.getType(), verification.getEntity());


  		




  353
  393
  
    
                            return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse("Member role has been assigned").toString()).type(MediaType.APPLICATION_JSON).build();


  		




  354
  394
  
    
                        } else {


  		




  ......




  384
  424
  
    
            Integer couId = calls.getCouId(type, id);


  		




  385
  425
  
    
            if (couId != null) {


  		




  386
  426
  
    
                calls.removeAdminRole(coPersonId, couId);


  		




  
  427
  
    
                authoritiesUpdater.update(email, old -> {


  		




  
  428
  
    
                    HashSet<SimpleGrantedAuthority> authorities = new HashSet<>((Collection<? extends SimpleGrantedAuthority>) old);


  		




  
  429
  
    
                    authorities.remove(new SimpleGrantedAuthority(authorizationService.manager(type, id)));


  		




  
  430
  
    
                    return authorities;


  		




  
  431
  
    
                });


  		




  387
  432
  
    
                return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse("Role has been removed").toString()).type(MediaType.APPLICATION_JSON).build();


  		




  388
  433
  
    
            } else {


  		




  389
  434
  
    
                return Response.status(HttpStatus.NOT_FOUND.value()).entity(jsonUtils.createResponse("Role has not been found").toString()).type(MediaType.APPLICATION_JSON).build();


  		




  ......




  414
  459
  
    
            if (couId != null && role != null) {


  		




  415
  460
  
    
                calls.removeAdminRole(coPersonId, couId);


  		




  416
  461
  
    
                calls.removeMemberRole(coPersonId, couId, role);


  		




  
  462
  
    
                authoritiesUpdater.update(email, old -> {


  		




  
  463
  
    
                    HashSet<SimpleGrantedAuthority> authorities = new HashSet<>((Collection<? extends SimpleGrantedAuthority>) old);


  		




  
  464
  
    
                    authorities.remove(new SimpleGrantedAuthority(authorizationService.manager(type, id)));


  		




  
  465
  
    
                    authorities.remove(new SimpleGrantedAuthority(authorizationService.member(type, id)));


  		




  
  466
  
    
                    return authorities;


  		




  
  467
  
    
                });


  		




  417
  468
  
    
                return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse("Role has been removed").toString()).type(MediaType.APPLICATION_JSON).build();


  		




  418
  469
  
    
            } else {


  		




  419
  470
  
    
                return Response.status(HttpStatus.NOT_FOUND.value()).entity(jsonUtils.createResponse("Role has not been found").toString()).type(MediaType.APPLICATION_JSON).build();


  		












Also available in:  Unified diff