Revision 60483
Added by Katerina Iatropoulou about 3 years ago
| modules/dnet-openaire-users/branches/beta/src/main/java/eu/dnetlib/openaire/usermanagement/utils/AuthorizationService.java | ||
|---|---|---|
| 6 | 6 |
public class AuthorizationService {
|
| 7 | 7 |
|
| 8 | 8 |
public final String PORTAL_ADMIN = "PORTAL_ADMINISTRATOR"; |
| 9 |
public final String ANONYMOUS_USER = "ROLE_ANONYMOUS"; |
|
| 10 |
public final String REGISTERED_USER = "REGISTERED_USER"; |
|
| 9 | 11 |
|
| 10 |
private String mapType(String type) {
|
|
| 12 |
private String mapType(String type, boolean communityMap) {
|
|
| 11 | 13 |
if(type.equals("organization")) {
|
| 12 | 14 |
type = "institution"; |
| 13 |
} |
|
| 14 |
if(type.equals("ri")) {
|
|
| 15 |
} else if(type.equals("ri") && communityMap) {
|
|
| 15 | 16 |
type = "community"; |
| 16 | 17 |
} |
| 17 | 18 |
return type; |
| ... | ... | |
| 22 | 23 |
* |
| 23 | 24 |
* */ |
| 24 | 25 |
public String curator(String type) {
|
| 25 |
return "CURATOR_" + mapType(type).toUpperCase(); |
|
| 26 |
return "CURATOR_" + mapType(type, true).toUpperCase();
|
|
| 26 | 27 |
} |
| 27 | 28 |
|
| 28 | 29 |
/** |
| ... | ... | |
| 31 | 32 |
* Id = EE, EGI, etc |
| 32 | 33 |
* */ |
| 33 | 34 |
public String manager(String type, String id) {
|
| 34 |
return mapType(type).toUpperCase() + "_" + id.toUpperCase() + "_MANAGER"; |
|
| 35 |
return mapType(type, true).toUpperCase() + "_" + id.toUpperCase() + "_MANAGER";
|
|
| 35 | 36 |
} |
| 36 | 37 |
|
| 37 | 38 |
/** |
| 38 |
* Type = FUNDER | COMMUNITY | INSTITUTION | PROJECT |
|
| 39 |
* Type = FUNDER | COMMUNITY | RI | INSTITUTION | PROJECT
|
|
| 39 | 40 |
* |
| 40 | 41 |
* Id = EE, EGI, etc |
| 41 | 42 |
* */ |
| 42 | 43 |
public String member(String type, String id) {
|
| 43 |
return mapType(type).toUpperCase() + "_" + id.toUpperCase(); |
|
| 44 |
return mapType(type, false).toUpperCase() + "_" + id.toUpperCase();
|
|
| 44 | 45 |
} |
| 45 | 46 |
|
| 46 | 47 |
public boolean isCommunity(String type) {
|
| 47 |
return mapType(type).equals("community");
|
|
| 48 |
return mapType(type, false).equals("community");
|
|
| 48 | 49 |
} |
| 49 | 50 |
} |
| modules/dnet-openaire-users/branches/beta/src/main/java/eu/dnetlib/openaire/usermanagement/utils/RegistryCalls.java | ||
|---|---|---|
| 29 | 29 |
public JsonUtils jsonUtils; |
| 30 | 30 |
|
| 31 | 31 |
|
| 32 |
private String mapType(String type) {
|
|
| 32 |
private String mapType(String type, boolean communityMap) {
|
|
| 33 | 33 |
if(type.equals("organization")) {
|
| 34 | 34 |
type = "institution"; |
| 35 |
} |
|
| 36 |
if(type.equals("ri")) {
|
|
| 35 |
} else if(type.equals("ri") && communityMap) {
|
|
| 37 | 36 |
type = "community"; |
| 38 | 37 |
} |
| 39 | 38 |
return type; |
| ... | ... | |
| 108 | 107 |
} |
| 109 | 108 |
|
| 110 | 109 |
/** |
| 110 |
* 4. Get a couId by name |
|
| 111 |
* |
|
| 112 |
* @param name |
|
| 113 |
* @return |
|
| 114 |
*/ |
|
| 115 |
public Integer getCouId(String name) {
|
|
| 116 |
JsonArray cous = getCous(); |
|
| 117 |
Integer couId = null; |
|
| 118 |
for (JsonElement cou : cous) {
|
|
| 119 |
if (cou.getAsJsonObject().get("Name").getAsString().equals(name)) {
|
|
| 120 |
couId = cou.getAsJsonObject().get("Id").getAsInt();
|
|
| 121 |
} |
|
| 122 |
} |
|
| 123 |
return couId; |
|
| 124 |
} |
|
| 125 |
|
|
| 126 |
/** |
|
| 111 | 127 |
* 4. Get a couId by type.id |
| 112 | 128 |
* |
| 113 | 129 |
* @param type |
| ... | ... | |
| 115 | 131 |
* @return |
| 116 | 132 |
*/ |
| 117 | 133 |
public Integer getCouId(String type, String id) {
|
| 134 |
return getCouId(type, id, true); |
|
| 135 |
} |
|
| 136 |
|
|
| 137 |
|
|
| 138 |
/** |
|
| 139 |
* 4. Get a couId by type.id without mapping type |
|
| 140 |
* |
|
| 141 |
* @param type |
|
| 142 |
* @param id |
|
| 143 |
* @return |
|
| 144 |
*/ |
|
| 145 |
public Integer getCouId(String type, String id, boolean communityMap) {
|
|
| 118 | 146 |
JsonArray cous = getCous(); |
| 119 | 147 |
Integer couId = null; |
| 120 | 148 |
for (JsonElement cou : cous) {
|
| 121 |
if (cou.getAsJsonObject().get("Name").getAsString().equals(mapType(type) + "." + id)) {
|
|
| 149 |
if (cou.getAsJsonObject().get("Name").getAsString().equals(mapType(type, communityMap) + "." + id)) {
|
|
| 122 | 150 |
couId = cou.getAsJsonObject().get("Id").getAsInt();
|
| 123 | 151 |
} |
| 124 | 152 |
} |
| modules/dnet-openaire-users/branches/beta/src/main/java/eu/dnetlib/openaire/usermanagement/api/RegistryService.java | ||
|---|---|---|
| 120 | 120 |
@Consumes(MediaType.APPLICATION_JSON) |
| 121 | 121 |
@PreAuthorize("hasAnyAuthority(@AuthorizationService.PORTAL_ADMIN)")
|
| 122 | 122 |
public Response createRole(@RequestBody Role role) {
|
| 123 |
if(calls.getCouId(role.getName()) == null) {
|
|
| 123 | 124 |
calls.createRole(role); |
| 124 | 125 |
return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse("Role has been created").toString()).type(MediaType.APPLICATION_JSON).build();
|
| 126 |
} else {
|
|
| 127 |
return Response.status(HttpStatus.CONFLICT.value()).entity(jsonUtils.createResponse("Role has already existed").toString()).type(MediaType.APPLICATION_JSON).build();
|
|
| 128 |
} |
|
| 125 | 129 |
} |
| 126 | 130 |
|
| 127 | 131 |
/** |
| ... | ... | |
| 162 | 166 |
@PreAuthorize("hasAnyAuthority(@AuthorizationService.PORTAL_ADMIN, " +
|
| 163 | 167 |
"@AuthorizationService.curator(#type), @AuthorizationService.manager(#type, #id))") |
| 164 | 168 |
public Response inviteMember(@PathParam("type") String type, @PathParam("id") String id, @RequestBody String body) {
|
| 165 |
Integer couId = calls.getCouId(type, id); |
|
| 169 |
Integer couId = calls.getCouId(type, id, false);
|
|
| 166 | 170 |
if (couId != null) {
|
| 167 | 171 |
JsonObject details = new JsonParser().parse(body).getAsJsonObject(); |
| 168 | 172 |
JsonObject email = details.get("email").getAsJsonObject();
|
| ... | ... | |
| 224 | 228 |
@PreAuthorize("hasAnyAuthority(@AuthorizationService.PORTAL_ADMIN, " +
|
| 225 | 229 |
"@AuthorizationService.curator(#type), @AuthorizationService.manager(#type, #id))") |
| 226 | 230 |
public Response cancelMemberInvitations(@PathParam("type") String type, @PathParam("id") String id, @PathParam("email") String email) {
|
| 227 |
Integer couId = calls.getCouId(type, id); |
|
| 231 |
Integer couId = calls.getCouId(type, id, false);
|
|
| 228 | 232 |
if (couId != null) {
|
| 229 | 233 |
verificationUtils.deleteMemberVerifications(email, type, id); |
| 230 | 234 |
return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse("Invitations have been deleted").toString()).type(MediaType.APPLICATION_JSON).build();
|
| ... | ... | |
| 360 | 364 |
if (coPersonId != null) {
|
| 361 | 365 |
if (coPersonId.equals(calls.getCoPersonIdByIdentifier())) {
|
| 362 | 366 |
if (verification.getVerificationCode().equals(code)) {
|
| 363 |
Integer couId = calls.getCouId(verification.getType(), verification.getEntity()); |
|
| 367 |
Integer couId = calls.getCouId(verification.getType(), verification.getEntity(), false);
|
|
| 364 | 368 |
if (couId != null) {
|
| 365 | 369 |
Integer role = calls.getRoleId(coPersonId, couId); |
| 366 | 370 |
calls.assignMemberRole(coPersonId, couId, role); |
| ... | ... | |
| 429 | 433 |
id, @PathParam("email") String email) {
|
| 430 | 434 |
Integer coPersonId = calls.getCoPersonIdByEmail(email); |
| 431 | 435 |
if (coPersonId != null) {
|
| 432 |
Integer couId = calls.getCouId(type, id); |
|
| 436 |
Integer couId = calls.getCouId(type, id, false);
|
|
| 433 | 437 |
Integer role = null; |
| 434 | 438 |
if(couId != null) {
|
| 435 | 439 |
role = calls.getRoleId(coPersonId, couId); |
| ... | ... | |
| 461 | 465 |
@PreAuthorize("hasAnyAuthority(@AuthorizationService.PORTAL_ADMIN," +
|
| 462 | 466 |
"@AuthorizationService.curator(#type), @AuthorizationService.manager(#type, #id))") |
| 463 | 467 |
public Response getMembers(@PathParam("type") String type, @PathParam("id") String id) {
|
| 464 |
Integer couId = calls.getCouId(type, id); |
|
| 468 |
Integer couId = calls.getCouId(type, id,false);
|
|
| 465 | 469 |
if(couId != null) {
|
| 466 | 470 |
JsonArray members = calls.getUserNamesByCouId(couId, false); |
| 467 | 471 |
return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse(members).toString()).type(MediaType.APPLICATION_JSON).build(); |
| ... | ... | |
| 479 | 483 |
@PreAuthorize("hasAnyAuthority(@AuthorizationService.PORTAL_ADMIN," +
|
| 480 | 484 |
"@AuthorizationService.curator(#type), @AuthorizationService.manager(#type, #id))") |
| 481 | 485 |
public Response getMembersEmail(@PathParam("type") String type, @PathParam("id") String id) {
|
| 482 |
Integer couId = calls.getCouId(type, id); |
|
| 486 |
Integer couId = calls.getCouId(type, id, false);
|
|
| 483 | 487 |
if(couId != null) {
|
| 484 | 488 |
JsonArray members = calls.getUserEmailByCouId(couId, false); |
| 485 | 489 |
return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse(members).toString()).type(MediaType.APPLICATION_JSON).build(); |
| ... | ... | |
| 495 | 499 |
@GET |
| 496 | 500 |
@Produces(MediaType.APPLICATION_JSON) |
| 497 | 501 |
public Response getMembersCount(@PathParam("type") String type, @PathParam("id") String id) {
|
| 498 |
Integer couId = calls.getCouId(type, id); |
|
| 502 |
Integer couId = calls.getCouId(type, id, false);
|
|
| 499 | 503 |
int count = 0; |
| 500 | 504 |
if(couId != null) {
|
| 501 | 505 |
count = calls.getUserNamesByCouId(couId, false).size(); |
| modules/dnet-openaire-users/branches/beta/src/main/webapp/registerService.jsp | ||
|---|---|---|
| 88 | 88 |
</div> |
| 89 | 89 |
<div class="uk-margin-medium-top"> |
| 90 | 90 |
<label class="uk-form-label uk-text-bold">Security level</label> |
| 91 |
<div class="uk-margin">Security level hint</div>
|
|
| 91 |
<div id="security-hint" class="uk-margin"></div>
|
|
| 92 | 92 |
<div class="uk-margin-small-top"> |
| 93 | 93 |
<span class="uk-margin-small-right"> |
| 94 | 94 |
<input id="basic" class="uk-radio uk-margin-small-right" type="radio" |
| ... | ... | |
| 220 | 220 |
function checkRadio() {
|
| 221 | 221 |
var securityLevel = $('input[type=radio][name=security_level]:checked').val();
|
| 222 | 222 |
if(securityLevel === 'basic') {
|
| 223 |
$("#security-hint").html('Register your service to get a client id and a client secret. Use the client id and secret to make your requests. <a href="https://beta.develop.openaire.eu/basic.html" target="_blank">Read more...</a>');
|
|
| 223 | 224 |
$("#public-key").hide();
|
| 224 | 225 |
} else {
|
| 226 |
$("#security-hint").html('Register your service to get a client id. Declare your public key and instead of using the client secret to make a request, send a client assertion (JWT) signed with your private key. <a href="https://beta.develop.openaire.eu/advanced.html" target="_blank">Read more...</a>');
|
|
| 225 | 227 |
var keyType = $('input[type=radio][name=key_type]:checked').val();
|
| 226 | 228 |
$("#public-key").show();
|
| 227 | 229 |
if (keyType === 'uri') {
|
| ... | ... | |
| 309 | 311 |
} |
| 310 | 312 |
return false; |
| 311 | 313 |
} |
| 312 |
</script> |
|
| 314 |
</script> |
|
| modules/dnet-openaire-users/branches/beta/src/main/webapp/registeredServices.jsp | ||
|---|---|---|
| 45 | 45 |
<div class="uk-text-danger uk-margin-small-bottom">${message}</div>
|
| 46 | 46 |
<c:remove var="message" scope="session"/> |
| 47 | 47 |
</c:if> |
| 48 |
<div class="uk-alert-primary uk-flex uk-flex-middle"> |
|
| 48 |
|
|
| 49 |
<div class="uk-alert-primary uk-alert uk-margin-top-remove uk-flex uk-flex-middle"> |
|
| 49 | 50 |
<span uk-icon="info"></span> |
| 50 |
<span class="uk-margin-small-left">You can register up to 5 services.</span> |
|
| 51 |
<span class="uk-margin-small-left">You can register up to 5 services. |
|
| 52 |
For more information please read the <a href="https://beta.develop.openaire.eu/authentication.html" target="_blank">OpenAIRE API Authentication documentation</a>.</span> |
|
| 51 | 53 |
</div> |
| 52 | 54 |
<c:if test="${reachedLimit}">
|
| 53 | 55 |
<div class="uk-alert-warning uk-flex uk-flex-middle uk-margin-small-top"> |
| ... | ... | |
| 83 | 85 |
<li> |
| 84 | 86 |
<div class="uk-grid uk-child-width-1-4 uk-text-muted" uk-grid> |
| 85 | 87 |
<div>Name</div> |
| 86 |
<div>Service Id</div>
|
|
| 88 |
<div>Client Id</div>
|
|
| 87 | 89 |
<div>Creation Date</div> |
| 88 | 90 |
<div>Actions</div> |
| 89 | 91 |
</div> |
| ... | ... | |
| 140 | 142 |
<li id="details${registeredService.id}" hidden="hidden">
|
| 141 | 143 |
<div class="uk-alert"> |
| 142 | 144 |
<p><span class="uk-text-primary">Name:</span> ${services[key].clientName}</p>
|
| 143 |
<p><span class="uk-text-primary">Service Id:</span> ${services[key].clientId}</p>
|
|
| 145 |
<p><span class="uk-text-primary">Client Id:</span> ${services[key].clientId}</p>
|
|
| 144 | 146 |
<p><span class="uk-text-primary">Scope:</span> openid</p> |
| 145 | 147 |
<p><span class="uk-text-primary">Grant type:</span> client credentials</p> |
| 146 | 148 |
<c:choose> |
| modules/dnet-openaire-users/branches/beta/src/main/webapp/overview.jsp | ||
|---|---|---|
| 44 | 44 |
<div class="uk-margin-top"> |
| 45 | 45 |
The OpenAIRE APIs can be accessed over HTTPS both by authenticated and unauthenticated requests. |
| 46 | 46 |
To achieve <b>better rate limits</b> you need to make <b>authenticated requests</b>. |
| 47 |
<p><span uk-icon="icon:info"></span> For more information please read the <a href="">documentation</a>.</p>
|
|
| 47 |
</div>
|
|
| 48 | 48 |
|
| 49 |
<div class="uk-container uk-container-small uk-margin-top"> |
|
| 50 |
|
|
| 51 |
<div class="uk-alert-primary uk-alert uk-margin-top-remove"> |
|
| 52 |
<span uk-icon="info"></span> |
|
| 53 |
<span class="uk-margin-small-left">For more information please read the <a href="https://beta.develop.openaire.eu/authentication.html" target="_blank">OpenAIRE API Authentication documentation</a>.</span> |
|
| 49 | 54 |
</div> |
| 50 |
<div class="uk-container uk-container-small uk-margin-top"> |
|
| 55 |
|
|
| 51 | 56 |
<div class="uk-grid uk-child-width-1-2@m uk-child-width-1-1" uk-grid> |
| 52 | 57 |
<div> |
| 53 | 58 |
<div class="uk-card uk-card-default uk-card-body"> |
| ... | ... | |
| 62 | 67 |
</div> |
| 63 | 68 |
</div> |
| 64 | 69 |
</div> |
| 70 |
|
|
| 65 | 71 |
</div> |
| 66 | 72 |
<!-- END OF CENTER SIDE --> |
| 67 | 73 |
</div> |
| modules/dnet-openaire-users/branches/beta/src/main/webapp/personal.jsp | ||
|---|---|---|
| 87 | 87 |
<span uk-icon="info"></span> |
| 88 | 88 |
<span class="uk-margin-small-left"> |
| 89 | 89 |
For further information on how to use the tokens please visit the |
| 90 |
<a href="">OpenAIRE API Authentication documentation</a>. |
|
| 90 |
<a href="https://beta.develop.openaire.eu/personalToken.html" target="_blank">OpenAIRE API Authentication documentation</a>.
|
|
| 91 | 91 |
</span> |
| 92 | 92 |
</div> |
| 93 | 93 |
<form id="revoke" name="revoke" action="./personalToken" method="post"> |
Also available in: Unified diff
merging trunk changes