| 16 |
16 |
import org.springframework.beans.factory.annotation.Autowired;
|
| 17 |
17 |
import org.springframework.http.HttpStatus;
|
| 18 |
18 |
import org.springframework.security.access.prepost.PreAuthorize;
|
| 19 |
|
import org.springframework.security.core.GrantedAuthority;
|
| 20 |
19 |
import org.springframework.security.core.authority.SimpleGrantedAuthority;
|
| 21 |
20 |
import org.springframework.security.core.context.SecurityContextHolder;
|
| 22 |
21 |
import org.springframework.stereotype.Component;
|
| ... | ... | |
| 53 |
52 |
@Autowired
|
| 54 |
53 |
private AuthorizationService authorizationService;
|
| 55 |
54 |
|
| 56 |
|
private String getEmail() {
|
|
55 |
private String sendEmail() {
|
| 57 |
56 |
OIDCAuthenticationToken authenticationToken = (OIDCAuthenticationToken) SecurityContextHolder.getContext().getAuthentication();
|
| 58 |
57 |
return authenticationToken.getUserInfo().getEmail();
|
| 59 |
58 |
}
|
| ... | ... | |
| 71 |
70 |
if (couId != null) {
|
| 72 |
71 |
Integer role = calls.getRoleId(coPersonId, couId);
|
| 73 |
72 |
calls.assignMemberRole(coPersonId, couId, role);
|
| 74 |
|
authoritiesUpdater.update(getEmail(), old -> {
|
|
73 |
authoritiesUpdater.update(sendEmail(), old -> {
|
| 75 |
74 |
HashSet<SimpleGrantedAuthority> authorities = new HashSet<>((Collection<? extends SimpleGrantedAuthority>) old);
|
| 76 |
75 |
authorities.add(new SimpleGrantedAuthority(authorizationService.member(type, id)));
|
| 77 |
76 |
return authorities;
|
| ... | ... | |
| 98 |
97 |
if (role != null) {
|
| 99 |
98 |
calls.removeAdminRole(coPersonId, couId);
|
| 100 |
99 |
calls.removeMemberRole(coPersonId, couId, role);
|
| 101 |
|
authoritiesUpdater.update(getEmail(), old -> {
|
|
100 |
authoritiesUpdater.update(sendEmail(), old -> {
|
| 102 |
101 |
HashSet<SimpleGrantedAuthority> authorities = new HashSet<>((Collection<? extends SimpleGrantedAuthority>) old);
|
| 103 |
102 |
authorities.remove(new SimpleGrantedAuthority(authorizationService.manager(type, id)));
|
| 104 |
103 |
authorities.remove(new SimpleGrantedAuthority(authorizationService.member(type, id)));
|
| ... | ... | |
| 119 |
118 |
@POST
|
| 120 |
119 |
@Produces(MediaType.APPLICATION_JSON)
|
| 121 |
120 |
@Consumes(MediaType.APPLICATION_JSON)
|
| 122 |
|
@PreAuthorize("hasAnyAuthority(@AuthorizationService.SUPER_ADMIN, @AuthorizationService.USER_ADMIN, @AuthorizationService.PORTAL_ADMIN)")
|
|
121 |
@PreAuthorize("hasAnyAuthority(@AuthorizationService.PORTAL_ADMIN)")
|
| 123 |
122 |
public Response createRole(@RequestBody Role role) {
|
| 124 |
123 |
calls.createRole(role);
|
| 125 |
124 |
return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse("Role has been created").toString()).type(MediaType.APPLICATION_JSON).build();
|
| 126 |
125 |
}
|
| 127 |
126 |
|
| 128 |
127 |
/**
|
|
128 |
*
|
| 129 |
129 |
* Invite user with email to manage a type(Community, etc.) with id(ee, egi, etc.)
|
| 130 |
130 |
* Auto generated link and code will be sent as response.
|
| 131 |
131 |
*/
|
| 132 |
|
@Path("/invite/{type}/{id}/manager/{email}")
|
|
132 |
@Path("/invite/{type}/{id}/manager")
|
| 133 |
133 |
@POST
|
| 134 |
134 |
@Produces(MediaType.APPLICATION_JSON)
|
| 135 |
|
@PreAuthorize("hasAnyAuthority(@AuthorizationService.SUPER_ADMIN, @AuthorizationService.USER_ADMIN, @AuthorizationService.PORTAL_ADMIN, " +
|
|
135 |
@PreAuthorize("hasAnyAuthority(@AuthorizationService.PORTAL_ADMIN, " +
|
| 136 |
136 |
"@AuthorizationService.curator(#type), @AuthorizationService.manager(#type, #id))")
|
| 137 |
|
public Response inviteManager(@PathParam("type") String type, @PathParam("id") String id, @PathParam("email") String email, @RequestBody String body) {
|
|
137 |
public Response inviteManager(@PathParam("type") String type, @PathParam("id") String id, @RequestBody String body) {
|
| 138 |
138 |
Integer couId = calls.getCouId(type, id);
|
| 139 |
139 |
if (couId != null) {
|
| 140 |
|
Integer coPersonId = calls.getCoPersonIdByEmail(email);
|
|
140 |
JsonObject details = new JsonParser().parse(body).getAsJsonObject();
|
|
141 |
JsonObject email = details.get("email").getAsJsonObject();
|
|
142 |
String recipient = email.get("recipient").getAsString();
|
|
143 |
Integer coPersonId = calls.getCoPersonIdByEmail(recipient);
|
| 141 |
144 |
if (coPersonId == null || calls.getUserAdminGroup(coPersonId, couId) == null) {
|
| 142 |
|
JsonObject invitation = verificationUtils.createManagerInvitation(email, type, id);
|
| 143 |
|
String name = (coPersonId != null)?calls.getUserNames(coPersonId):null;
|
| 144 |
|
JsonObject details = new JsonParser().parse(body).getAsJsonObject();
|
| 145 |
|
String link = details.get("link").getAsString() + invitation.get("link").getAsString();
|
| 146 |
|
String subject = "Invite to manage " + details.get("name").getAsString();
|
| 147 |
|
String message = "<p>Hello" + ((name != null)?(" " + name):"") + ",</p>" +
|
| 148 |
|
"<p> You have been invited to manage " + details.get("name").getAsString() + ". " +
|
| 149 |
|
"Use the verification code below to accept the invitation." +
|
| 150 |
|
"</p>" +
|
| 151 |
|
"<p>" +
|
| 152 |
|
"The verification code is " + invitation.get("code").getAsString() +
|
| 153 |
|
"</p>" +
|
| 154 |
|
"Click the URL below and proceed with the process." +
|
| 155 |
|
"<p><a href=" + link + ">" + link + "</a></p>" +
|
| 156 |
|
"<p>Thank you,</p>" +
|
| 157 |
|
"<p>OpenAIRE technical team</p>";
|
| 158 |
|
try {
|
| 159 |
|
emailSender.sendEmail(email, subject, message);
|
| 160 |
|
return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse(invitation).toString()).type(MediaType.APPLICATION_JSON).build();
|
| 161 |
|
} catch (MessagingException e) {
|
| 162 |
|
logger.error(e.getMessage());
|
| 163 |
|
verificationUtils.deleteVerification(invitation.get("link").getAsString());
|
| 164 |
|
return Response.status(HttpStatus.BAD_REQUEST.value()).entity(jsonUtils.createResponse("Email sent failed").toString()).type(MediaType.APPLICATION_JSON).build();
|
| 165 |
|
}
|
|
145 |
JsonObject invitation = verificationUtils.createManagerInvitation(recipient, type, id);
|
|
146 |
return sendEmail(details, email, coPersonId, invitation);
|
| 166 |
147 |
} else {
|
| 167 |
148 |
return Response.status(HttpStatus.CONFLICT.value()).entity(jsonUtils.createResponse("User has been already manager of this " + type).toString()).type(MediaType.APPLICATION_JSON).build();
|
| 168 |
149 |
}
|
| ... | ... | |
| 175 |
156 |
* Invite user with email to be a member of a type(Community, etc.) with id(ee, egi, etc.)
|
| 176 |
157 |
* Auto generated link and code will be sent as response.
|
| 177 |
158 |
*/
|
| 178 |
|
@Path("/invite/{type}/{id}/member/{email}")
|
|
159 |
@Path("/invite/{type}/{id}/member")
|
| 179 |
160 |
@POST
|
| 180 |
161 |
@Produces(MediaType.APPLICATION_JSON)
|
| 181 |
|
@PreAuthorize("hasAnyAuthority(@AuthorizationService.SUPER_ADMIN, @AuthorizationService.USER_ADMIN, @AuthorizationService.PORTAL_ADMIN, " +
|
|
162 |
@PreAuthorize("hasAnyAuthority(@AuthorizationService.PORTAL_ADMIN, " +
|
| 182 |
163 |
"@AuthorizationService.curator(#type), @AuthorizationService.manager(#type, #id))")
|
| 183 |
|
public Response inviteMember(@PathParam("type") String type, @PathParam("id") String id, @PathParam("email") String email, @RequestBody String body) {
|
|
164 |
public Response inviteMember(@PathParam("type") String type, @PathParam("id") String id, @RequestBody String body) {
|
| 184 |
165 |
Integer couId = calls.getCouId(type, id);
|
| 185 |
166 |
if (couId != null) {
|
| 186 |
|
Integer coPersonId = calls.getCoPersonIdByEmail(email);
|
|
167 |
JsonObject details = new JsonParser().parse(body).getAsJsonObject();
|
|
168 |
JsonObject email = details.get("email").getAsJsonObject();
|
|
169 |
String recipient = email.get("recipient").getAsString();
|
|
170 |
Integer coPersonId = calls.getCoPersonIdByEmail(recipient);
|
| 187 |
171 |
if (coPersonId == null || calls.getRoleId(coPersonId, couId) == null) {
|
| 188 |
|
JsonObject invitation = verificationUtils.createMemberInvitation(email, type, id);
|
| 189 |
|
String name = (coPersonId != null)?calls.getUserNames(coPersonId):null;
|
| 190 |
|
JsonObject details = new JsonParser().parse(body).getAsJsonObject();
|
| 191 |
|
String link = details.get("link").getAsString() + invitation.get("link").getAsString();
|
| 192 |
|
String subject = "Invite to be a member of " + details.get("name").getAsString();
|
| 193 |
|
String message = "<p>Hello" + ((name != null)?(" " + name):"") + ",</p>" +
|
| 194 |
|
"<p> You have been invited to be a member of " + details.get("name").getAsString() + ". " +
|
| 195 |
|
"Use the verification code below to accept the invitation." +
|
| 196 |
|
"</p>" +
|
| 197 |
|
"<p>" +
|
| 198 |
|
"The verification code is " + invitation.get("code").getAsString() +
|
| 199 |
|
"</p>" +
|
| 200 |
|
"Click the URL below and proceed with the process." +
|
| 201 |
|
"<p><a href=" + link + ">" + link + "</a></p>" +
|
| 202 |
|
"<p>Thank you,</p>" +
|
| 203 |
|
"<p>OpenAIRE technical team</p>";
|
| 204 |
|
try {
|
| 205 |
|
emailSender.sendEmail(email, subject, message);
|
| 206 |
|
return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse(invitation).toString()).type(MediaType.APPLICATION_JSON).build();
|
| 207 |
|
} catch (MessagingException e) {
|
| 208 |
|
logger.error(e.getMessage());
|
| 209 |
|
verificationUtils.deleteVerification(invitation.get("link").getAsString());
|
| 210 |
|
return Response.status(HttpStatus.BAD_REQUEST.value()).entity(jsonUtils.createResponse("Email sent failed").toString()).type(MediaType.APPLICATION_JSON).build();
|
| 211 |
|
}
|
|
172 |
JsonObject invitation = verificationUtils.createMemberInvitation(recipient, type, id);
|
|
173 |
return sendEmail(details, email, coPersonId, invitation);
|
| 212 |
174 |
} else {
|
| 213 |
175 |
return Response.status(HttpStatus.CONFLICT.value()).entity(jsonUtils.createResponse("User has been already member of this " + type).toString()).type(MediaType.APPLICATION_JSON).build();
|
| 214 |
176 |
}
|
| ... | ... | |
| 217 |
179 |
}
|
| 218 |
180 |
}
|
| 219 |
181 |
|
|
182 |
private Response sendEmail(JsonObject details, JsonObject email, Integer coPersonId, JsonObject invitation) {
|
|
183 |
String name = (coPersonId != null)?calls.getUserNames(coPersonId):"User";
|
|
184 |
String link = details.get("link").getAsString() + invitation.get("link").getAsString();
|
|
185 |
String subject = email.get("subject").getAsString();
|
|
186 |
String message = email.get("body").getAsString().
|
|
187 |
replace("((__user__))", name).
|
|
188 |
replace("((__link__))", link).
|
|
189 |
replace("((__code__))", invitation.get("code").getAsString());
|
|
190 |
try {
|
|
191 |
emailSender.sendEmail(email.get("recipient").getAsString(), subject, message);
|
|
192 |
return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse(invitation).toString()).type(MediaType.APPLICATION_JSON).build();
|
|
193 |
} catch (MessagingException e) {
|
|
194 |
logger.error(e.getMessage());
|
|
195 |
verificationUtils.deleteVerification(invitation.get("link").getAsString());
|
|
196 |
return Response.status(HttpStatus.BAD_REQUEST.value()).entity(jsonUtils.createResponse("Email sent failed").toString()).type(MediaType.APPLICATION_JSON).build();
|
|
197 |
}
|
|
198 |
}
|
|
199 |
|
| 220 |
200 |
/**
|
| 221 |
201 |
* Cancel invitation to user with email for managing a type(Community, etc.) with id(ee, egi, etc.)
|
| 222 |
202 |
*/
|
| 223 |
203 |
@Path("/invite/{type}/{id}/manager/{email}")
|
| 224 |
204 |
@DELETE
|
| 225 |
205 |
@Produces(MediaType.APPLICATION_JSON)
|
| 226 |
|
@PreAuthorize("hasAnyAuthority(@AuthorizationService.SUPER_ADMIN, @AuthorizationService.USER_ADMIN, @AuthorizationService.PORTAL_ADMIN, " +
|
|
206 |
@PreAuthorize("hasAnyAuthority(@AuthorizationService.PORTAL_ADMIN, " +
|
| 227 |
207 |
"@AuthorizationService.curator(#type), @AuthorizationService.manager(#type, #id))")
|
| 228 |
208 |
public Response cancelManagerInvitations(@PathParam("type") String type, @PathParam("id") String id, @PathParam("email") String email) {
|
| 229 |
209 |
Integer couId = calls.getCouId(type, id);
|
| ... | ... | |
| 241 |
221 |
@Path("/invite/{type}/{id}/member/{email}")
|
| 242 |
222 |
@DELETE
|
| 243 |
223 |
@Produces(MediaType.APPLICATION_JSON)
|
| 244 |
|
@PreAuthorize("hasAnyAuthority(@AuthorizationService.SUPER_ADMIN, @AuthorizationService.USER_ADMIN, @AuthorizationService.PORTAL_ADMIN, " +
|
|
224 |
@PreAuthorize("hasAnyAuthority(@AuthorizationService.PORTAL_ADMIN, " +
|
| 245 |
225 |
"@AuthorizationService.curator(#type), @AuthorizationService.manager(#type, #id))")
|
| 246 |
226 |
public Response cancelMemberInvitations(@PathParam("type") String type, @PathParam("id") String id, @PathParam("email") String email) {
|
| 247 |
227 |
Integer couId = calls.getCouId(type, id);
|
| ... | ... | |
| 259 |
239 |
@Path("/invite/{type}/{id}/managers/")
|
| 260 |
240 |
@GET
|
| 261 |
241 |
@Produces(MediaType.APPLICATION_JSON)
|
| 262 |
|
@PreAuthorize("hasAnyAuthority(@AuthorizationService.SUPER_ADMIN, @AuthorizationService.USER_ADMIN, @AuthorizationService.PORTAL_ADMIN, " +
|
|
242 |
@PreAuthorize("hasAnyAuthority(@AuthorizationService.PORTAL_ADMIN, " +
|
| 263 |
243 |
"@AuthorizationService.curator(#type), @AuthorizationService.manager(#type, #id))")
|
| 264 |
244 |
public Response getInvitedManagers(@PathParam("type") String type, @PathParam("id") String id) {
|
| 265 |
245 |
JsonArray invited = verificationUtils.getInvitedManagers(type, id);
|
| ... | ... | |
| 272 |
252 |
@Path("/invite/{type}/{id}/members/")
|
| 273 |
253 |
@GET
|
| 274 |
254 |
@Produces(MediaType.APPLICATION_JSON)
|
| 275 |
|
@PreAuthorize("hasAnyAuthority(@AuthorizationService.SUPER_ADMIN, @AuthorizationService.USER_ADMIN, @AuthorizationService.PORTAL_ADMIN, " +
|
|
255 |
@PreAuthorize("hasAnyAuthority(@AuthorizationService.PORTAL_ADMIN, " +
|
| 276 |
256 |
"@AuthorizationService.curator(#type), @AuthorizationService.manager(#type, #id))")
|
| 277 |
257 |
public Response getInviteMembers(@PathParam("type") String type, @PathParam("id") String id) {
|
| 278 |
258 |
JsonArray invited = verificationUtils.getInvitedMembers(type, id);
|
| ... | ... | |
| 415 |
395 |
@DELETE
|
| 416 |
396 |
@Produces(MediaType.APPLICATION_JSON)
|
| 417 |
397 |
@Consumes(MediaType.APPLICATION_JSON)
|
| 418 |
|
@PreAuthorize("hasAnyAuthority(@AuthorizationService.SUPER_ADMIN, @AuthorizationService.USER_ADMIN," +
|
| 419 |
|
"@AuthorizationService.PORTAL_ADMIN, @AuthorizationService.curator(#type), @AuthorizationService.manager(#type, #id))")
|
|
398 |
@PreAuthorize("hasAnyAuthority(@AuthorizationService.PORTAL_ADMIN, @AuthorizationService.curator(#type), @AuthorizationService.manager(#type, #id))")
|
| 420 |
399 |
public Response removeManagerRole(@PathParam("type") String type, @PathParam("id") String
|
| 421 |
400 |
id, @PathParam("email") String email) {
|
| 422 |
401 |
Integer coPersonId = calls.getCoPersonIdByEmail(email);
|
| ... | ... | |
| 445 |
424 |
@DELETE
|
| 446 |
425 |
@Produces(MediaType.APPLICATION_JSON)
|
| 447 |
426 |
@Consumes(MediaType.APPLICATION_JSON)
|
| 448 |
|
@PreAuthorize("hasAnyAuthority(@AuthorizationService.SUPER_ADMIN, @AuthorizationService.USER_ADMIN," +
|
| 449 |
|
"@AuthorizationService.PORTAL_ADMIN, @AuthorizationService.curator(#type), @AuthorizationService.manager(#type, #id))")
|
|
427 |
@PreAuthorize("hasAnyAuthority(@AuthorizationService.PORTAL_ADMIN, @AuthorizationService.curator(#type), @AuthorizationService.manager(#type, #id))")
|
| 450 |
428 |
public Response removeMemberRole(@PathParam("type") String type, @PathParam("id") String
|
| 451 |
429 |
id, @PathParam("email") String email) {
|
| 452 |
430 |
Integer coPersonId = calls.getCoPersonIdByEmail(email);
|
| ... | ... | |
| 480 |
458 |
@Path("/{type}/{id}/members")
|
| 481 |
459 |
@GET
|
| 482 |
460 |
@Produces(MediaType.APPLICATION_JSON)
|
| 483 |
|
@PreAuthorize("hasAnyAuthority(@AuthorizationService.SUPER_ADMIN, @AuthorizationService.PORTAL_ADMIN," +
|
|
461 |
@PreAuthorize("hasAnyAuthority(@AuthorizationService.PORTAL_ADMIN," +
|
| 484 |
462 |
"@AuthorizationService.curator(#type), @AuthorizationService.manager(#type, #id))")
|
| 485 |
463 |
public Response getMembers(@PathParam("type") String type, @PathParam("id") String id) {
|
| 486 |
464 |
Integer couId = calls.getCouId(type, id);
|
| ... | ... | |
| 498 |
476 |
@Path("/{type}/{id}/members/email")
|
| 499 |
477 |
@GET
|
| 500 |
478 |
@Produces(MediaType.APPLICATION_JSON)
|
| 501 |
|
@PreAuthorize("hasAnyAuthority(@AuthorizationService.SUPER_ADMIN, @AuthorizationService.PORTAL_ADMIN," +
|
|
479 |
@PreAuthorize("hasAnyAuthority(@AuthorizationService.PORTAL_ADMIN," +
|
| 502 |
480 |
"@AuthorizationService.curator(#type), @AuthorizationService.manager(#type, #id))")
|
| 503 |
481 |
public Response getMembersEmail(@PathParam("type") String type, @PathParam("id") String id) {
|
| 504 |
482 |
Integer couId = calls.getCouId(type, id);
|
Added by Konstantinos Triantafyllou almost 4 years ago
[Users | Trunk]: Remove from authorization service user and super admin