1
|
package eu.dnetlib.openaire.usermanagement.api;
|
2
|
|
3
|
import com.google.gson.JsonArray;
|
4
|
import com.google.gson.JsonObject;
|
5
|
import com.google.gson.JsonParser;
|
6
|
import eu.dnetlib.openaire.user.login.utils.AuthoritiesUpdater;
|
7
|
import eu.dnetlib.openaire.user.pojos.RoleVerification;
|
8
|
import eu.dnetlib.openaire.user.utils.EmailSender;
|
9
|
import eu.dnetlib.openaire.usermanagement.dto.Role;
|
10
|
import eu.dnetlib.openaire.usermanagement.utils.AuthorizationService;
|
11
|
import eu.dnetlib.openaire.usermanagement.utils.JsonUtils;
|
12
|
import eu.dnetlib.openaire.usermanagement.utils.RegistryCalls;
|
13
|
import eu.dnetlib.openaire.usermanagement.utils.VerificationUtils;
|
14
|
import org.apache.log4j.Logger;
|
15
|
import org.mitre.openid.connect.model.OIDCAuthenticationToken;
|
16
|
import org.springframework.beans.factory.annotation.Autowired;
|
17
|
import org.springframework.http.HttpStatus;
|
18
|
import org.springframework.security.access.method.P;
|
19
|
import org.springframework.security.access.prepost.PreAuthorize;
|
20
|
import org.springframework.security.core.authority.SimpleGrantedAuthority;
|
21
|
import org.springframework.security.core.context.SecurityContextHolder;
|
22
|
import org.springframework.stereotype.Component;
|
23
|
import org.springframework.web.bind.annotation.RequestBody;
|
24
|
|
25
|
import javax.mail.MessagingException;
|
26
|
import javax.ws.rs.*;
|
27
|
import javax.ws.rs.core.MediaType;
|
28
|
import javax.ws.rs.core.Response;
|
29
|
import java.util.Collection;
|
30
|
import java.util.HashSet;
|
31
|
|
32
|
@Component(value = "RegistryService")
|
33
|
@Path("/registry")
|
34
|
public class RegistryService {
|
35
|
|
36
|
private static final Logger logger = Logger.getLogger(RegistryService.class);
|
37
|
|
38
|
@Autowired
|
39
|
private RegistryCalls calls;
|
40
|
|
41
|
@Autowired
|
42
|
private JsonUtils jsonUtils;
|
43
|
|
44
|
@Autowired
|
45
|
private EmailSender emailSender;
|
46
|
|
47
|
@Autowired
|
48
|
private VerificationUtils verificationUtils;
|
49
|
|
50
|
@Autowired
|
51
|
private AuthoritiesUpdater authoritiesUpdater;
|
52
|
|
53
|
@Autowired
|
54
|
private AuthorizationService authorizationService;
|
55
|
|
56
|
private String sendEmail() {
|
57
|
OIDCAuthenticationToken authenticationToken = (OIDCAuthenticationToken) SecurityContextHolder.getContext().getAuthentication();
|
58
|
return authenticationToken.getUserInfo().getEmail();
|
59
|
}
|
60
|
|
61
|
/**
|
62
|
* Subscribe to a type(Community, etc.) with id(ee, egi, etc.)
|
63
|
*/
|
64
|
@Path("/subscribe/{type}/{id}")
|
65
|
@POST
|
66
|
@Produces(MediaType.APPLICATION_JSON)
|
67
|
@PreAuthorize("isAuthenticated() and @AuthorizationService.isCommunity(#type)")
|
68
|
public Response subscribe(@PathParam("type") String type, @PathParam("id") String id) {
|
69
|
Integer coPersonId = calls.getCoPersonIdByIdentifier();
|
70
|
Integer couId = calls.getCouId(type, id);
|
71
|
if (couId != null) {
|
72
|
Integer role = calls.getRoleId(coPersonId, couId);
|
73
|
calls.assignMemberRole(coPersonId, couId, role);
|
74
|
authoritiesUpdater.update(sendEmail(), old -> {
|
75
|
HashSet<SimpleGrantedAuthority> authorities = new HashSet<>((Collection<? extends SimpleGrantedAuthority>) old);
|
76
|
authorities.add(new SimpleGrantedAuthority(authorizationService.member(type, id)));
|
77
|
return authorities;
|
78
|
});
|
79
|
return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse("Role has been assigned").toString()).type(MediaType.APPLICATION_JSON).build();
|
80
|
} else {
|
81
|
return Response.status(HttpStatus.NOT_FOUND.value()).entity(jsonUtils.createResponse("Role has not been found").toString()).type(MediaType.APPLICATION_JSON).build();
|
82
|
}
|
83
|
}
|
84
|
|
85
|
/**
|
86
|
* Unsubscribe from type(Community, etc.) with id(ee, egi, etc.).
|
87
|
* If user has manager role for this entity, it will be removed too.
|
88
|
*/
|
89
|
@Path("/unsubscribe/{type}/{id}")
|
90
|
@POST
|
91
|
@Produces(MediaType.APPLICATION_JSON)
|
92
|
@PreAuthorize("isAuthenticated() and @AuthorizationService.isCommunity(#type)")
|
93
|
public Response unsubscribe(@PathParam("type") String type, @PathParam("id") String id) {
|
94
|
Integer coPersonId = calls.getCoPersonIdByIdentifier();
|
95
|
Integer couId = calls.getCouId(type, id);
|
96
|
if (couId != null) {
|
97
|
Integer role = calls.getRoleId(coPersonId, couId);
|
98
|
if (role != null) {
|
99
|
calls.removeAdminRole(coPersonId, couId);
|
100
|
calls.removeMemberRole(coPersonId, couId, role);
|
101
|
authoritiesUpdater.update(sendEmail(), old -> {
|
102
|
HashSet<SimpleGrantedAuthority> authorities = new HashSet<>((Collection<? extends SimpleGrantedAuthority>) old);
|
103
|
authorities.remove(new SimpleGrantedAuthority(authorizationService.manager(type, id)));
|
104
|
authorities.remove(new SimpleGrantedAuthority(authorizationService.member(type, id)));
|
105
|
return authorities;
|
106
|
});
|
107
|
return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse("Role has been removed").toString()).type(MediaType.APPLICATION_JSON).build();
|
108
|
} else
|
109
|
return Response.status(HttpStatus.NOT_FOUND.value()).entity(jsonUtils.createResponse("User does not have this role").toString()).type(MediaType.APPLICATION_JSON).build();
|
110
|
} else {
|
111
|
return Response.status(HttpStatus.NOT_FOUND.value()).entity(jsonUtils.createResponse("Role has not been found").toString()).type(MediaType.APPLICATION_JSON).build();
|
112
|
}
|
113
|
}
|
114
|
|
115
|
/**
|
116
|
* Create a new role with the given name and description.
|
117
|
**/
|
118
|
@Path("/createRole")
|
119
|
@POST
|
120
|
@Produces(MediaType.APPLICATION_JSON)
|
121
|
@Consumes(MediaType.APPLICATION_JSON)
|
122
|
@PreAuthorize("hasAnyAuthority(@AuthorizationService.PORTAL_ADMIN)")
|
123
|
public Response createRole(@RequestBody Role role) {
|
124
|
if(calls.getCouId(role.getName()) == null) {
|
125
|
calls.createRole(role);
|
126
|
return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse("Role has been created").toString()).type(MediaType.APPLICATION_JSON).build();
|
127
|
} else {
|
128
|
return Response.status(HttpStatus.CONFLICT.value()).entity(jsonUtils.createResponse("Role has already existed").toString()).type(MediaType.APPLICATION_JSON).build();
|
129
|
}
|
130
|
}
|
131
|
|
132
|
/**
|
133
|
*
|
134
|
* Invite user with email to manage a type(Community, etc.) with id(ee, egi, etc.)
|
135
|
* Auto generated link and code will be sent as response.
|
136
|
*/
|
137
|
@Path("/invite/{type}/{id}/manager")
|
138
|
@POST
|
139
|
@Produces(MediaType.APPLICATION_JSON)
|
140
|
@PreAuthorize("hasAnyAuthority(@AuthorizationService.PORTAL_ADMIN, " +
|
141
|
"@AuthorizationService.curator(#type), @AuthorizationService.manager(#type, #id))")
|
142
|
public Response inviteManager(@PathParam("type") String type, @PathParam("id") String id, @RequestBody String body) {
|
143
|
Integer couId = calls.getCouId(type, id);
|
144
|
if (couId != null) {
|
145
|
JsonObject details = new JsonParser().parse(body).getAsJsonObject();
|
146
|
JsonObject email = details.get("email").getAsJsonObject();
|
147
|
String recipient = email.get("recipient").getAsString();
|
148
|
Integer coPersonId = calls.getCoPersonIdByEmail(recipient);
|
149
|
if (coPersonId == null || calls.getUserAdminGroup(coPersonId, couId) == null) {
|
150
|
JsonObject invitation = verificationUtils.createManagerInvitation(recipient, type, id);
|
151
|
return sendEmail(details, email, coPersonId, invitation);
|
152
|
} else {
|
153
|
return Response.status(HttpStatus.CONFLICT.value()).entity(jsonUtils.createResponse("User has been already manager of this " + type).toString()).type(MediaType.APPLICATION_JSON).build();
|
154
|
}
|
155
|
} else {
|
156
|
return Response.status(HttpStatus.NOT_FOUND.value()).entity(jsonUtils.createResponse("Role has not been found").toString()).type(MediaType.APPLICATION_JSON).build();
|
157
|
}
|
158
|
}
|
159
|
|
160
|
/**
|
161
|
* Invite user with email to be a member of a type(Community, etc.) with id(ee, egi, etc.)
|
162
|
* Auto generated link and code will be sent as response.
|
163
|
*/
|
164
|
@Path("/invite/{type}/{id}/member")
|
165
|
@POST
|
166
|
@Produces(MediaType.APPLICATION_JSON)
|
167
|
@PreAuthorize("hasAnyAuthority(@AuthorizationService.PORTAL_ADMIN, " +
|
168
|
"@AuthorizationService.curator(#type), @AuthorizationService.manager(#type, #id))")
|
169
|
public Response inviteMember(@PathParam("type") String type, @PathParam("id") String id, @RequestBody String body) {
|
170
|
Integer couId = calls.getCouId(type, id, false);
|
171
|
if (couId != null) {
|
172
|
JsonObject details = new JsonParser().parse(body).getAsJsonObject();
|
173
|
JsonObject email = details.get("email").getAsJsonObject();
|
174
|
String recipient = email.get("recipient").getAsString();
|
175
|
Integer coPersonId = calls.getCoPersonIdByEmail(recipient);
|
176
|
if (coPersonId == null || calls.getRoleId(coPersonId, couId) == null) {
|
177
|
JsonObject invitation = verificationUtils.createMemberInvitation(recipient, type, id);
|
178
|
return sendEmail(details, email, coPersonId, invitation);
|
179
|
} else {
|
180
|
return Response.status(HttpStatus.CONFLICT.value()).entity(jsonUtils.createResponse("User has been already member of this " + type).toString()).type(MediaType.APPLICATION_JSON).build();
|
181
|
}
|
182
|
} else {
|
183
|
return Response.status(HttpStatus.NOT_FOUND.value()).entity(jsonUtils.createResponse("Role has not been found").toString()).type(MediaType.APPLICATION_JSON).build();
|
184
|
}
|
185
|
}
|
186
|
|
187
|
private Response sendEmail(JsonObject details, JsonObject email, Integer coPersonId, JsonObject invitation) {
|
188
|
String name = (coPersonId != null)?calls.getUserNames(coPersonId):"User";
|
189
|
String link = details.get("link").getAsString() + invitation.get("link").getAsString();
|
190
|
String subject = email.get("subject").getAsString();
|
191
|
String message = email.get("body").getAsString().
|
192
|
replace("((__user__))", name).
|
193
|
replace("((__link__))", link).
|
194
|
replace("((__code__))", invitation.get("code").getAsString());
|
195
|
try {
|
196
|
emailSender.sendEmail(email.get("recipient").getAsString(), subject, message);
|
197
|
return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse(invitation).toString()).type(MediaType.APPLICATION_JSON).build();
|
198
|
} catch (MessagingException e) {
|
199
|
logger.error(e.getMessage());
|
200
|
verificationUtils.deleteVerification(invitation.get("link").getAsString());
|
201
|
return Response.status(HttpStatus.BAD_REQUEST.value()).entity(jsonUtils.createResponse("Email sent failed").toString()).type(MediaType.APPLICATION_JSON).build();
|
202
|
}
|
203
|
}
|
204
|
|
205
|
/**
|
206
|
* Cancel invitation to user with email for managing a type(Community, etc.) with id(ee, egi, etc.)
|
207
|
*/
|
208
|
@Path("/invite/{type}/{id}/manager/{email}")
|
209
|
@DELETE
|
210
|
@Produces(MediaType.APPLICATION_JSON)
|
211
|
@PreAuthorize("hasAnyAuthority(@AuthorizationService.PORTAL_ADMIN, " +
|
212
|
"@AuthorizationService.curator(#type), @AuthorizationService.manager(#type, #id))")
|
213
|
public Response cancelManagerInvitations(@PathParam("type") String type, @PathParam("id") String id, @PathParam("email") String email) {
|
214
|
Integer couId = calls.getCouId(type, id);
|
215
|
if (couId != null) {
|
216
|
verificationUtils.deleteManagerVerifications(email, type, id);
|
217
|
return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse("Invitations have been deleted").toString()).type(MediaType.APPLICATION_JSON).build();
|
218
|
} else {
|
219
|
return Response.status(HttpStatus.NOT_FOUND.value()).entity(jsonUtils.createResponse("Role has not been found").toString()).type(MediaType.APPLICATION_JSON).build();
|
220
|
}
|
221
|
}
|
222
|
|
223
|
/**
|
224
|
* Cancel invitation to user with email for being member of a type(Community, etc.) with id(ee, egi, etc.)
|
225
|
*/
|
226
|
@Path("/invite/{type}/{id}/member/{email}")
|
227
|
@DELETE
|
228
|
@Produces(MediaType.APPLICATION_JSON)
|
229
|
@PreAuthorize("hasAnyAuthority(@AuthorizationService.PORTAL_ADMIN, " +
|
230
|
"@AuthorizationService.curator(#type), @AuthorizationService.manager(#type, #id))")
|
231
|
public Response cancelMemberInvitations(@PathParam("type") String type, @PathParam("id") String id, @PathParam("email") String email) {
|
232
|
Integer couId = calls.getCouId(type, id, false);
|
233
|
if (couId != null) {
|
234
|
verificationUtils.deleteMemberVerifications(email, type, id);
|
235
|
return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse("Invitations have been deleted").toString()).type(MediaType.APPLICATION_JSON).build();
|
236
|
} else {
|
237
|
return Response.status(HttpStatus.NOT_FOUND.value()).entity(jsonUtils.createResponse("Role has not been found").toString()).type(MediaType.APPLICATION_JSON).build();
|
238
|
}
|
239
|
}
|
240
|
|
241
|
/**
|
242
|
* Get the invited managers for a type(Community, etc.) with id(ee, egi, etc.)
|
243
|
*/
|
244
|
@Path("/invite/{type}/{id}/managers/")
|
245
|
@GET
|
246
|
@Produces(MediaType.APPLICATION_JSON)
|
247
|
@PreAuthorize("hasAnyAuthority(@AuthorizationService.PORTAL_ADMIN, " +
|
248
|
"@AuthorizationService.curator(#type), @AuthorizationService.manager(#type, #id))")
|
249
|
public Response getInvitedManagers(@PathParam("type") String type, @PathParam("id") String id) {
|
250
|
JsonArray invited = verificationUtils.getInvitedManagers(type, id);
|
251
|
return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse(invited).toString()).type(MediaType.APPLICATION_JSON).build();
|
252
|
}
|
253
|
|
254
|
/**
|
255
|
* Get the invited members for a type(Community, etc.) with id(ee, egi, etc.)
|
256
|
*/
|
257
|
@Path("/invite/{type}/{id}/members/")
|
258
|
@GET
|
259
|
@Produces(MediaType.APPLICATION_JSON)
|
260
|
@PreAuthorize("hasAnyAuthority(@AuthorizationService.PORTAL_ADMIN, " +
|
261
|
"@AuthorizationService.curator(#type), @AuthorizationService.manager(#type, #id))")
|
262
|
public Response getInviteMembers(@PathParam("type") String type, @PathParam("id") String id) {
|
263
|
JsonArray invited = verificationUtils.getInvitedMembers(type, id);
|
264
|
return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse(invited).toString()).type(MediaType.APPLICATION_JSON).build();
|
265
|
}
|
266
|
|
267
|
/**
|
268
|
* Get the verification with a specific id only if it refers to the logged in user
|
269
|
*/
|
270
|
@Path("verification/{id}")
|
271
|
@GET
|
272
|
@Produces(MediaType.APPLICATION_JSON)
|
273
|
@PreAuthorize("isAuthenticated()")
|
274
|
public Response getVerification(@PathParam("id") String id) {
|
275
|
RoleVerification verification = verificationUtils.getVerification(id);
|
276
|
if (verification != null) {
|
277
|
if (calls.getCoPersonIdByEmail(verification.getEmail()).equals(calls.getCoPersonIdByIdentifier())) {
|
278
|
return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse(jsonUtils.createVerification(verification)).toString()).type(MediaType.APPLICATION_JSON).build();
|
279
|
} else {
|
280
|
return Response.status(HttpStatus.FORBIDDEN.value()).entity(jsonUtils.createResponse("Forbidden verification").toString()).type(MediaType.APPLICATION_JSON).build();
|
281
|
}
|
282
|
} else {
|
283
|
return Response.status(HttpStatus.NOT_FOUND.value()).entity(jsonUtils.createResponse("Verification has not been found").toString()).type(MediaType.APPLICATION_JSON).build();
|
284
|
}
|
285
|
}
|
286
|
|
287
|
/**
|
288
|
* Delete the verification with a specific id.
|
289
|
*/
|
290
|
@Path("verification/{id}")
|
291
|
@DELETE
|
292
|
@Produces(MediaType.APPLICATION_JSON)
|
293
|
@PreAuthorize("isAuthenticated() && @VerificationUtils.ownedVerification(#id)")
|
294
|
public Response deleteVerification(@PathParam("id") String id) {
|
295
|
if (verificationUtils.getVerification(id) != null) {
|
296
|
verificationUtils.deleteVerification(id);
|
297
|
return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse(jsonUtils.createResponse("Verification deleted")).toString()).type(MediaType.APPLICATION_JSON).build();
|
298
|
} else {
|
299
|
return Response.status(HttpStatus.NOT_FOUND.value()).entity(jsonUtils.createResponse(jsonUtils.createResponse("Verification has not been found")).toString()).type(MediaType.APPLICATION_JSON).build();
|
300
|
}
|
301
|
}
|
302
|
|
303
|
/**
|
304
|
* Verify the verification with the specific id, if the code is correct and it refers to the logged in user.
|
305
|
* Manager role is assigned to this user, along with the member role.
|
306
|
*/
|
307
|
@Path("verification/manager/{id}")
|
308
|
@POST
|
309
|
@Produces(MediaType.APPLICATION_JSON)
|
310
|
@PreAuthorize("isAuthenticated()")
|
311
|
public Response verifyManager(@PathParam("id") String id, @RequestBody String code) {
|
312
|
RoleVerification verification = verificationUtils.getVerification(id);
|
313
|
if (verification != null && verification.getVerificationType().equals("manager")) {
|
314
|
Integer coPersonId = calls.getCoPersonIdByEmail(verification.getEmail());
|
315
|
if (coPersonId != null) {
|
316
|
if (verification.getEmail().equalsIgnoreCase(authorizationService.getEmail())) {
|
317
|
if (verification.getVerificationCode().equals(code)) {
|
318
|
Integer couId = calls.getCouId(verification.getType(), verification.getEntity());
|
319
|
if (couId != null) {
|
320
|
Integer role = calls.getRoleId(coPersonId, couId);
|
321
|
calls.assignMemberRole(coPersonId, couId, role);
|
322
|
if(verification.getType().equals("community") || verification.getType().equals("ri")) {
|
323
|
Integer riCouId = calls.getCouId("ri", verification.getEntity(), false);
|
324
|
if(riCouId != null) {
|
325
|
calls.assignMemberRole(coPersonId, riCouId, calls.getRoleId(coPersonId, riCouId));
|
326
|
verificationUtils.deleteMemberVerifications(verification.getEmail(), "community", verification.getEntity());
|
327
|
verificationUtils.deleteMemberVerifications(verification.getEmail(), "ri", verification.getEntity());
|
328
|
} else {
|
329
|
verificationUtils.deleteMemberVerifications(verification.getEmail(), "community", verification.getEntity());
|
330
|
}
|
331
|
} else {
|
332
|
verificationUtils.deleteMemberVerifications(verification.getEmail(), verification.getType(), verification.getEntity());
|
333
|
}
|
334
|
if (calls.getUserAdminGroup(coPersonId, couId) == null) {
|
335
|
if(verification.getType().equals("community") || verification.getType().equals("ri")) {
|
336
|
verificationUtils.deleteManagerVerifications(verification.getEmail(), "community", verification.getEntity());
|
337
|
verificationUtils.deleteManagerVerifications(verification.getEmail(), "ri", verification.getEntity());
|
338
|
} else {
|
339
|
verificationUtils.deleteManagerVerifications(verification.getEmail(), verification.getType(), verification.getEntity());
|
340
|
}
|
341
|
calls.assignAdminRole(coPersonId, couId);
|
342
|
authoritiesUpdater.update(verification.getEmail(), old -> {
|
343
|
HashSet<SimpleGrantedAuthority> authorities = new HashSet<>((Collection<? extends SimpleGrantedAuthority>) old);
|
344
|
authorities.add(new SimpleGrantedAuthority(authorizationService.member(verification.getType(), verification.getEntity())));
|
345
|
authorities.add(new SimpleGrantedAuthority(authorizationService.manager(verification.getType(), verification.getEntity())));
|
346
|
return authorities;
|
347
|
});
|
348
|
return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse("Admin role has been assigned").toString()).type(MediaType.APPLICATION_JSON).build();
|
349
|
} else {
|
350
|
return Response.status(HttpStatus.CONFLICT.value()).entity(jsonUtils.createResponse("User is already admin of this cou").toString()).type(MediaType.APPLICATION_JSON).build();
|
351
|
}
|
352
|
} else {
|
353
|
return Response.status(HttpStatus.NOT_FOUND.value()).entity(jsonUtils.createResponse("Role has not been found").toString()).type(MediaType.APPLICATION_JSON).build();
|
354
|
}
|
355
|
} else {
|
356
|
return Response.status(HttpStatus.BAD_REQUEST.value()).entity(jsonUtils.createResponse("Verification code is wrong").toString()).type(MediaType.APPLICATION_JSON).build();
|
357
|
}
|
358
|
} else {
|
359
|
return Response.status(HttpStatus.FORBIDDEN.value()).entity(jsonUtils.createResponse("Forbidden verification").toString()).type(MediaType.APPLICATION_JSON).build();
|
360
|
}
|
361
|
} else {
|
362
|
return Response.status(HttpStatus.NOT_FOUND.value()).entity(jsonUtils.createResponse("User has not been found").toString()).type(MediaType.APPLICATION_JSON).build();
|
363
|
}
|
364
|
} else {
|
365
|
return Response.status(HttpStatus.NOT_FOUND.value()).entity(jsonUtils.createResponse("Verification has not been found").toString()).type(MediaType.APPLICATION_JSON).build();
|
366
|
}
|
367
|
}
|
368
|
|
369
|
/**
|
370
|
* Verify the verification with the specific id, if the code is correct and it refers to the logged in user.
|
371
|
* Member role is assigned to this user, along with the member role.
|
372
|
*/
|
373
|
@Path("verification/member/{id}")
|
374
|
@POST
|
375
|
@Produces(MediaType.APPLICATION_JSON)
|
376
|
@PreAuthorize("isAuthenticated()")
|
377
|
public Response verifyMember(@PathParam("id") String id, @RequestBody String code) {
|
378
|
RoleVerification verification = verificationUtils.getVerification(id);
|
379
|
if (verification != null && verification.getVerificationType().equals("member")) {
|
380
|
Integer coPersonId = calls.getCoPersonIdByEmail(verification.getEmail());
|
381
|
if (coPersonId != null) {
|
382
|
if (verification.getEmail().equalsIgnoreCase(authorizationService.getEmail())) {
|
383
|
if (verification.getVerificationCode().equals(code)) {
|
384
|
Integer couId = calls.getCouId(verification.getType(), verification.getEntity(), false);
|
385
|
if (couId != null) {
|
386
|
Integer role = calls.getRoleId(coPersonId, couId);
|
387
|
calls.assignMemberRole(coPersonId, couId, role);
|
388
|
authoritiesUpdater.update(verification.getEmail(), old -> {
|
389
|
HashSet<SimpleGrantedAuthority> authorities = new HashSet<>((Collection<? extends SimpleGrantedAuthority>) old);
|
390
|
authorities.add(new SimpleGrantedAuthority(authorizationService.member(verification.getType(), verification.getEntity())));
|
391
|
return authorities;
|
392
|
});
|
393
|
verificationUtils.deleteMemberVerifications(verification.getEmail(), verification.getType(), verification.getEntity());
|
394
|
return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse("Member role has been assigned").toString()).type(MediaType.APPLICATION_JSON).build();
|
395
|
} else {
|
396
|
return Response.status(HttpStatus.NOT_FOUND.value()).entity(jsonUtils.createResponse("Role has not been found").toString()).type(MediaType.APPLICATION_JSON).build();
|
397
|
}
|
398
|
} else {
|
399
|
return Response.status(HttpStatus.FORBIDDEN.value()).entity(jsonUtils.createResponse("Verification code is wrong").toString()).type(MediaType.APPLICATION_JSON).build();
|
400
|
}
|
401
|
} else {
|
402
|
return Response.status(HttpStatus.FORBIDDEN.value()).entity(jsonUtils.createResponse("Forbidden verification").toString()).type(MediaType.APPLICATION_JSON).build();
|
403
|
}
|
404
|
} else {
|
405
|
return Response.status(HttpStatus.NOT_FOUND.value()).entity(jsonUtils.createResponse("User has not been found").toString()).type(MediaType.APPLICATION_JSON).build();
|
406
|
}
|
407
|
} else {
|
408
|
return Response.status(HttpStatus.NOT_FOUND.value()).entity(jsonUtils.createResponse("Verification has not been found").toString()).type(MediaType.APPLICATION_JSON).build();
|
409
|
}
|
410
|
}
|
411
|
|
412
|
/**
|
413
|
* Remove the manager role from user with email for a type(Community, etc.) with id(ee, egi, etc.)
|
414
|
*/
|
415
|
@Path("/{type}/{id}/manager/{email}")
|
416
|
@DELETE
|
417
|
@Produces(MediaType.APPLICATION_JSON)
|
418
|
@Consumes(MediaType.APPLICATION_JSON)
|
419
|
@PreAuthorize("hasAnyAuthority(@AuthorizationService.PORTAL_ADMIN, @AuthorizationService.curator(#type), @AuthorizationService.manager(#type, #id))")
|
420
|
public Response removeManagerRole(@PathParam("type") String type, @PathParam("id") String
|
421
|
id, @PathParam("email") String email) {
|
422
|
Integer coPersonId = calls.getCoPersonIdByEmail(email);
|
423
|
if (coPersonId != null) {
|
424
|
Integer couId = calls.getCouId(type, id);
|
425
|
if (couId != null) {
|
426
|
calls.removeAdminRole(coPersonId, couId);
|
427
|
authoritiesUpdater.update(email, old -> {
|
428
|
HashSet<SimpleGrantedAuthority> authorities = new HashSet<>((Collection<? extends SimpleGrantedAuthority>) old);
|
429
|
authorities.remove(new SimpleGrantedAuthority(authorizationService.manager(type, id)));
|
430
|
return authorities;
|
431
|
});
|
432
|
return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse("Role has been removed").toString()).type(MediaType.APPLICATION_JSON).build();
|
433
|
} else {
|
434
|
return Response.status(HttpStatus.NOT_FOUND.value()).entity(jsonUtils.createResponse("Role has not been found").toString()).type(MediaType.APPLICATION_JSON).build();
|
435
|
}
|
436
|
} else {
|
437
|
return Response.status(HttpStatus.NOT_FOUND.value()).entity(jsonUtils.createResponse("User has not been found").toString()).type(MediaType.APPLICATION_JSON).build();
|
438
|
}
|
439
|
}
|
440
|
|
441
|
/**
|
442
|
* Remove the member role from user with email for a type(Community, etc.) with id(ee, egi, etc.)
|
443
|
*/
|
444
|
@Path("/{type}/{id}/member/{email}")
|
445
|
@DELETE
|
446
|
@Produces(MediaType.APPLICATION_JSON)
|
447
|
@Consumes(MediaType.APPLICATION_JSON)
|
448
|
@PreAuthorize("hasAnyAuthority(@AuthorizationService.PORTAL_ADMIN, @AuthorizationService.curator(#type), @AuthorizationService.manager(#type, #id))")
|
449
|
public Response removeMemberRole(@PathParam("type") String type, @PathParam("id") String
|
450
|
id, @PathParam("email") String email) {
|
451
|
Integer coPersonId = calls.getCoPersonIdByEmail(email);
|
452
|
if (coPersonId != null) {
|
453
|
Integer couId = calls.getCouId(type, id, false);
|
454
|
Integer role = null;
|
455
|
if(couId != null) {
|
456
|
role = calls.getRoleId(coPersonId, couId);
|
457
|
}
|
458
|
if (couId != null && role != null) {
|
459
|
calls.removeAdminRole(coPersonId, couId);
|
460
|
calls.removeMemberRole(coPersonId, couId, role);
|
461
|
authoritiesUpdater.update(email, old -> {
|
462
|
HashSet<SimpleGrantedAuthority> authorities = new HashSet<>((Collection<? extends SimpleGrantedAuthority>) old);
|
463
|
authorities.remove(new SimpleGrantedAuthority(authorizationService.manager(type, id)));
|
464
|
authorities.remove(new SimpleGrantedAuthority(authorizationService.member(type, id)));
|
465
|
return authorities;
|
466
|
});
|
467
|
return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse("Role has been removed").toString()).type(MediaType.APPLICATION_JSON).build();
|
468
|
} else {
|
469
|
return Response.status(HttpStatus.NOT_FOUND.value()).entity(jsonUtils.createResponse("Role has not been found").toString()).type(MediaType.APPLICATION_JSON).build();
|
470
|
}
|
471
|
} else {
|
472
|
return Response.status(HttpStatus.NOT_FOUND.value()).entity(jsonUtils.createResponse("User has not been found").toString()).type(MediaType.APPLICATION_JSON).build();
|
473
|
}
|
474
|
}
|
475
|
|
476
|
/**
|
477
|
* Get the names of the members of a type(Community, etc.) with id(ee, egi, etc.)
|
478
|
*/
|
479
|
@Path("/{type}/{id}/members")
|
480
|
@GET
|
481
|
@Produces(MediaType.APPLICATION_JSON)
|
482
|
@PreAuthorize("hasAnyAuthority(@AuthorizationService.PORTAL_ADMIN," +
|
483
|
"@AuthorizationService.curator(#type), @AuthorizationService.manager(#type, #id))")
|
484
|
public Response getMembers(@PathParam("type") String type, @PathParam("id") String id) {
|
485
|
Integer couId = calls.getCouId(type, id,false);
|
486
|
if(couId != null) {
|
487
|
JsonArray members = calls.getUserNamesByCouId(couId, false);
|
488
|
return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse(members).toString()).type(MediaType.APPLICATION_JSON).build();
|
489
|
} else {
|
490
|
return Response.status(HttpStatus.NOT_FOUND.value()).entity(jsonUtils.createResponse("Role has not been found").toString()).type(MediaType.APPLICATION_JSON).build();
|
491
|
}
|
492
|
}
|
493
|
|
494
|
/**
|
495
|
* Get the emails of the members of a type(Community, etc.) with id(ee, egi, etc.)
|
496
|
*/
|
497
|
@Path("/{type}/{id}/members/email")
|
498
|
@GET
|
499
|
@Produces(MediaType.APPLICATION_JSON)
|
500
|
@PreAuthorize("hasAnyAuthority(@AuthorizationService.PORTAL_ADMIN," +
|
501
|
"@AuthorizationService.curator(#type), @AuthorizationService.manager(#type, #id))")
|
502
|
public Response getMembersEmail(@PathParam("type") String type, @PathParam("id") String id) {
|
503
|
Integer couId = calls.getCouId(type, id, false);
|
504
|
if(couId != null) {
|
505
|
JsonArray members = calls.getUserEmailByCouId(couId, false);
|
506
|
return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse(members).toString()).type(MediaType.APPLICATION_JSON).build();
|
507
|
} else {
|
508
|
return Response.status(HttpStatus.NOT_FOUND.value()).entity(jsonUtils.createResponse("Role has not been found").toString()).type(MediaType.APPLICATION_JSON).build();
|
509
|
}
|
510
|
}
|
511
|
|
512
|
/**
|
513
|
* Get the Identifiers of the members of a type(Community, etc.) with id(ee, egi, etc.)
|
514
|
*/
|
515
|
@Path("/{type}/{id}/members/id")
|
516
|
@GET
|
517
|
@Produces(MediaType.APPLICATION_JSON)
|
518
|
@PreAuthorize("hasAnyAuthority(@AuthorizationService.PORTAL_ADMIN," +
|
519
|
"@AuthorizationService.curator(#type), @AuthorizationService.manager(#type, #id))")
|
520
|
public Response getMembersId(@PathParam("type") String type, @PathParam("id") String id) {
|
521
|
Integer couId = calls.getCouId(type, id, false);
|
522
|
if(couId != null) {
|
523
|
JsonArray members = calls.getUserIdByCouId(couId, false);
|
524
|
return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse(members).toString()).type(MediaType.APPLICATION_JSON).build();
|
525
|
} else {
|
526
|
return Response.status(HttpStatus.NOT_FOUND.value()).entity(jsonUtils.createResponse("Role has not been found").toString()).type(MediaType.APPLICATION_JSON).build();
|
527
|
}
|
528
|
}
|
529
|
|
530
|
/**
|
531
|
* Get the number of the members of a type(Community, etc.) with id(ee, egi, etc.)
|
532
|
*/
|
533
|
@Path("/{type}/{id}/members/count")
|
534
|
@GET
|
535
|
@Produces(MediaType.APPLICATION_JSON)
|
536
|
public Response getMembersCount(@PathParam("type") String type, @PathParam("id") String id) {
|
537
|
Integer couId = calls.getCouId(type, id, false);
|
538
|
int count = 0;
|
539
|
if(couId != null) {
|
540
|
count = calls.getUserNamesByCouId(couId, false).size();
|
541
|
}
|
542
|
return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse(count).toString()).type(MediaType.APPLICATION_JSON).build();
|
543
|
}
|
544
|
|
545
|
/**
|
546
|
* Get the names of the managers of a type(Community, etc.) with id(ee, egi, etc.)
|
547
|
*/
|
548
|
@Path("/{type}/{id}/managers")
|
549
|
@GET
|
550
|
@Produces(MediaType.APPLICATION_JSON)
|
551
|
public Response getManagers(@PathParam("type") String type, @PathParam("id") String id) {
|
552
|
Integer couId = calls.getCouId(type, id);
|
553
|
if(couId != null) {
|
554
|
JsonArray managers = calls.getUserNamesByCouId(couId, true);
|
555
|
return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse(managers).toString()).type(MediaType.APPLICATION_JSON).build();
|
556
|
} else {
|
557
|
return Response.status(HttpStatus.NOT_FOUND.value()).entity(jsonUtils.createResponse("Role has not been found").toString()).type(MediaType.APPLICATION_JSON).build();
|
558
|
}
|
559
|
}
|
560
|
|
561
|
/**
|
562
|
* Get the emails of the managers of a type(Community, etc.) with id(ee, egi, etc.)
|
563
|
*/
|
564
|
@Path("/{type}/{id}/managers/email")
|
565
|
@GET
|
566
|
@Produces(MediaType.APPLICATION_JSON)
|
567
|
public Response getManagersEmail(@PathParam("type") String type, @PathParam("id") String id) {
|
568
|
Integer couId = calls.getCouId(type, id);
|
569
|
if(couId != null) {
|
570
|
JsonArray managers = calls.getUserEmailByCouId(couId, true);
|
571
|
return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse(managers).toString()).type(MediaType.APPLICATION_JSON).build();
|
572
|
} else {
|
573
|
return Response.status(HttpStatus.NOT_FOUND.value()).entity(jsonUtils.createResponse("Role has not been found").toString()).type(MediaType.APPLICATION_JSON).build();
|
574
|
}
|
575
|
}
|
576
|
|
577
|
/**
|
578
|
* Get the Identifiers of the managers of a type(Community, etc.) with id(ee, egi, etc.)
|
579
|
*/
|
580
|
@Path("/{type}/{id}/managers/id")
|
581
|
@GET
|
582
|
@Produces(MediaType.APPLICATION_JSON)
|
583
|
public Response getManagersId(@PathParam("type") String type, @PathParam("id") String id) {
|
584
|
Integer couId = calls.getCouId(type, id);
|
585
|
if(couId != null) {
|
586
|
JsonArray managers = calls.getUserIdByCouId(couId, true);
|
587
|
return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse(managers).toString()).type(MediaType.APPLICATION_JSON).build();
|
588
|
} else {
|
589
|
return Response.status(HttpStatus.NOT_FOUND.value()).entity(jsonUtils.createResponse("Role has not been found").toString()).type(MediaType.APPLICATION_JSON).build();
|
590
|
}
|
591
|
}
|
592
|
}
|