15 |
15 |
import org.mitre.openid.connect.model.OIDCAuthenticationToken;
|
16 |
16 |
import org.springframework.beans.factory.annotation.Autowired;
|
17 |
17 |
import org.springframework.http.HttpStatus;
|
|
18 |
import org.springframework.security.access.method.P;
|
18 |
19 |
import org.springframework.security.access.prepost.PreAuthorize;
|
19 |
20 |
import org.springframework.security.core.authority.SimpleGrantedAuthority;
|
20 |
21 |
import org.springframework.security.core.context.SecurityContextHolder;
|
... | ... | |
27 |
28 |
import javax.ws.rs.core.Response;
|
28 |
29 |
import java.util.Collection;
|
29 |
30 |
import java.util.HashSet;
|
|
31 |
import java.util.List;
|
30 |
32 |
|
31 |
33 |
@Component(value = "RegistryService")
|
32 |
34 |
@Path("/registry")
|
... | ... | |
52 |
54 |
@Autowired
|
53 |
55 |
private AuthorizationService authorizationService;
|
54 |
56 |
|
55 |
|
private String sendEmail() {
|
56 |
|
OIDCAuthenticationToken authenticationToken = (OIDCAuthenticationToken) SecurityContextHolder.getContext().getAuthentication();
|
57 |
|
return authenticationToken.getUserInfo().getEmail();
|
58 |
|
}
|
59 |
|
|
60 |
57 |
/**
|
61 |
58 |
* Subscribe to a type(Community, etc.) with id(ee, egi, etc.)
|
62 |
59 |
*/
|
... | ... | |
70 |
67 |
if (couId != null) {
|
71 |
68 |
Integer role = calls.getRoleId(coPersonId, couId);
|
72 |
69 |
calls.assignMemberRole(coPersonId, couId, role);
|
73 |
|
authoritiesUpdater.update(sendEmail(), old -> {
|
|
70 |
authoritiesUpdater.update(authorizationService.getEmail(), old -> {
|
74 |
71 |
HashSet<SimpleGrantedAuthority> authorities = new HashSet<>((Collection<? extends SimpleGrantedAuthority>) old);
|
75 |
72 |
authorities.add(new SimpleGrantedAuthority(authorizationService.member(type, id)));
|
76 |
73 |
return authorities;
|
... | ... | |
97 |
94 |
if (role != null) {
|
98 |
95 |
calls.removeAdminRole(coPersonId, couId);
|
99 |
96 |
calls.removeMemberRole(coPersonId, couId, role);
|
100 |
|
authoritiesUpdater.update(sendEmail(), old -> {
|
|
97 |
authoritiesUpdater.update(authorizationService.getEmail(), old -> {
|
101 |
98 |
HashSet<SimpleGrantedAuthority> authorities = new HashSet<>((Collection<? extends SimpleGrantedAuthority>) old);
|
102 |
99 |
authorities.remove(new SimpleGrantedAuthority(authorizationService.manager(type, id)));
|
103 |
100 |
authorities.remove(new SimpleGrantedAuthority(authorizationService.member(type, id)));
|
... | ... | |
120 |
117 |
@Consumes(MediaType.APPLICATION_JSON)
|
121 |
118 |
@PreAuthorize("hasAnyAuthority(@AuthorizationService.PORTAL_ADMIN)")
|
122 |
119 |
public Response createRole(@RequestBody Role role) {
|
123 |
|
if(calls.getCouId(role.getName()) == null) {
|
124 |
|
calls.createRole(role);
|
125 |
|
return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse("Role has been created").toString()).type(MediaType.APPLICATION_JSON).build();
|
|
120 |
if (calls.getCouId(role.getName()) == null) {
|
|
121 |
calls.createRole(role);
|
|
122 |
return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse("Role has been created").toString()).type(MediaType.APPLICATION_JSON).build();
|
126 |
123 |
} else {
|
127 |
124 |
return Response.status(HttpStatus.CONFLICT.value()).entity(jsonUtils.createResponse("Role has already existed").toString()).type(MediaType.APPLICATION_JSON).build();
|
128 |
125 |
}
|
129 |
126 |
}
|
130 |
127 |
|
131 |
128 |
/**
|
132 |
|
*
|
133 |
129 |
* Invite user with email to manage a type(Community, etc.) with id(ee, egi, etc.)
|
134 |
130 |
* Auto generated link and code will be sent as response.
|
135 |
131 |
*/
|
... | ... | |
184 |
180 |
}
|
185 |
181 |
|
186 |
182 |
private Response sendEmail(JsonObject details, JsonObject email, Integer coPersonId, JsonObject invitation) {
|
187 |
|
String name = (coPersonId != null)?calls.getUserNames(coPersonId):"User";
|
|
183 |
String name = (coPersonId != null) ? calls.getUserNames(coPersonId) : "User";
|
188 |
184 |
String link = details.get("link").getAsString() + invitation.get("link").getAsString();
|
189 |
185 |
String subject = email.get("subject").getAsString();
|
190 |
186 |
String message = email.get("body").getAsString().
|
... | ... | |
273 |
269 |
public Response getVerification(@PathParam("id") String id) {
|
274 |
270 |
RoleVerification verification = verificationUtils.getVerification(id);
|
275 |
271 |
if (verification != null) {
|
276 |
|
if (calls.getCoPersonIdByEmail(verification.getEmail()).equals(calls.getCoPersonIdByIdentifier())) {
|
|
272 |
if (verification.getEmail().equalsIgnoreCase(authorizationService.getEmail())) {
|
277 |
273 |
return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse(jsonUtils.createVerification(verification)).toString()).type(MediaType.APPLICATION_JSON).build();
|
278 |
274 |
} else {
|
279 |
275 |
return Response.status(HttpStatus.FORBIDDEN.value()).entity(jsonUtils.createResponse("Forbidden verification").toString()).type(MediaType.APPLICATION_JSON).build();
|
... | ... | |
310 |
306 |
public Response verifyManager(@PathParam("id") String id, @RequestBody String code) {
|
311 |
307 |
RoleVerification verification = verificationUtils.getVerification(id);
|
312 |
308 |
if (verification != null && verification.getVerificationType().equals("manager")) {
|
313 |
|
Integer coPersonId = calls.getCoPersonIdByEmail(verification.getEmail());
|
|
309 |
Integer coPersonId = calls.getCoPersonIdByIdentifier();
|
314 |
310 |
if (coPersonId != null) {
|
315 |
|
if (coPersonId.equals(calls.getCoPersonIdByIdentifier())) {
|
|
311 |
if (verification.getEmail().equalsIgnoreCase(authorizationService.getEmail())) {
|
316 |
312 |
if (verification.getVerificationCode().equals(code)) {
|
317 |
313 |
Integer couId = calls.getCouId(verification.getType(), verification.getEntity());
|
318 |
314 |
if (couId != null) {
|
319 |
315 |
Integer role = calls.getRoleId(coPersonId, couId);
|
320 |
316 |
calls.assignMemberRole(coPersonId, couId, role);
|
321 |
|
verificationUtils.deleteMemberVerifications(verification.getEmail(), verification.getType(), verification.getEntity());
|
|
317 |
if (verification.getType().equals("community") || verification.getType().equals("ri")) {
|
|
318 |
Integer riCouId = calls.getCouId("ri", verification.getEntity(), false);
|
|
319 |
if (riCouId != null) {
|
|
320 |
calls.assignMemberRole(coPersonId, riCouId, calls.getRoleId(coPersonId, riCouId));
|
|
321 |
verificationUtils.deleteMemberVerifications(verification.getEmail(), "community", verification.getEntity());
|
|
322 |
verificationUtils.deleteMemberVerifications(verification.getEmail(), "ri", verification.getEntity());
|
|
323 |
} else {
|
|
324 |
verificationUtils.deleteMemberVerifications(verification.getEmail(), "community", verification.getEntity());
|
|
325 |
}
|
|
326 |
} else {
|
|
327 |
verificationUtils.deleteMemberVerifications(verification.getEmail(), verification.getType(), verification.getEntity());
|
|
328 |
}
|
322 |
329 |
if (calls.getUserAdminGroup(coPersonId, couId) == null) {
|
323 |
|
verificationUtils.deleteManagerVerifications(verification.getEmail(), verification.getType(), verification.getEntity());
|
|
330 |
if (verification.getType().equals("community") || verification.getType().equals("ri")) {
|
|
331 |
verificationUtils.deleteManagerVerifications(verification.getEmail(), "community", verification.getEntity());
|
|
332 |
verificationUtils.deleteManagerVerifications(verification.getEmail(), "ri", verification.getEntity());
|
|
333 |
} else {
|
|
334 |
verificationUtils.deleteManagerVerifications(verification.getEmail(), verification.getType(), verification.getEntity());
|
|
335 |
}
|
324 |
336 |
calls.assignAdminRole(coPersonId, couId);
|
325 |
337 |
authoritiesUpdater.update(verification.getEmail(), old -> {
|
326 |
338 |
HashSet<SimpleGrantedAuthority> authorities = new HashSet<>((Collection<? extends SimpleGrantedAuthority>) old);
|
... | ... | |
336 |
348 |
return Response.status(HttpStatus.NOT_FOUND.value()).entity(jsonUtils.createResponse("Role has not been found").toString()).type(MediaType.APPLICATION_JSON).build();
|
337 |
349 |
}
|
338 |
350 |
} else {
|
339 |
|
return Response.status(HttpStatus.FORBIDDEN.value()).entity(jsonUtils.createResponse("Verification code is wrong").toString()).type(MediaType.APPLICATION_JSON).build();
|
|
351 |
return Response.status(HttpStatus.BAD_REQUEST.value()).entity(jsonUtils.createResponse("Verification code is wrong").toString()).type(MediaType.APPLICATION_JSON).build();
|
340 |
352 |
}
|
341 |
353 |
} else {
|
342 |
354 |
return Response.status(HttpStatus.FORBIDDEN.value()).entity(jsonUtils.createResponse("Forbidden verification").toString()).type(MediaType.APPLICATION_JSON).build();
|
... | ... | |
360 |
372 |
public Response verifyMember(@PathParam("id") String id, @RequestBody String code) {
|
361 |
373 |
RoleVerification verification = verificationUtils.getVerification(id);
|
362 |
374 |
if (verification != null && verification.getVerificationType().equals("member")) {
|
363 |
|
Integer coPersonId = calls.getCoPersonIdByEmail(verification.getEmail());
|
|
375 |
Integer coPersonId = calls.getCoPersonIdByIdentifier();
|
364 |
376 |
if (coPersonId != null) {
|
365 |
|
if (coPersonId.equals(calls.getCoPersonIdByIdentifier())) {
|
|
377 |
if (verification.getEmail().equalsIgnoreCase(authorizationService.getEmail())) {
|
366 |
378 |
if (verification.getVerificationCode().equals(code)) {
|
367 |
379 |
Integer couId = calls.getCouId(verification.getType(), verification.getEntity(), false);
|
368 |
380 |
if (couId != null) {
|
... | ... | |
402 |
414 |
@PreAuthorize("hasAnyAuthority(@AuthorizationService.PORTAL_ADMIN, @AuthorizationService.curator(#type), @AuthorizationService.manager(#type, #id))")
|
403 |
415 |
public Response removeManagerRole(@PathParam("type") String type, @PathParam("id") String
|
404 |
416 |
id, @PathParam("email") String email) {
|
405 |
|
Integer coPersonId = calls.getCoPersonIdByEmail(email);
|
406 |
|
if (coPersonId != null) {
|
|
417 |
List<Integer> coPersonIds = calls.getCoPersonIdsByEmail(email);
|
|
418 |
if (coPersonIds.size() > 0) {
|
407 |
419 |
Integer couId = calls.getCouId(type, id);
|
408 |
420 |
if (couId != null) {
|
409 |
|
calls.removeAdminRole(coPersonId, couId);
|
|
421 |
coPersonIds.forEach(coPersonId -> {
|
|
422 |
calls.removeAdminRole(coPersonId, couId);
|
|
423 |
});
|
410 |
424 |
authoritiesUpdater.update(email, old -> {
|
411 |
425 |
HashSet<SimpleGrantedAuthority> authorities = new HashSet<>((Collection<? extends SimpleGrantedAuthority>) old);
|
412 |
426 |
authorities.remove(new SimpleGrantedAuthority(authorizationService.manager(type, id)));
|
... | ... | |
431 |
445 |
@PreAuthorize("hasAnyAuthority(@AuthorizationService.PORTAL_ADMIN, @AuthorizationService.curator(#type), @AuthorizationService.manager(#type, #id))")
|
432 |
446 |
public Response removeMemberRole(@PathParam("type") String type, @PathParam("id") String
|
433 |
447 |
id, @PathParam("email") String email) {
|
434 |
|
Integer coPersonId = calls.getCoPersonIdByEmail(email);
|
435 |
|
if (coPersonId != null) {
|
|
448 |
List<Integer> coPersonIds = calls.getCoPersonIdsByEmail(email);
|
|
449 |
if (coPersonIds.size() > 0) {
|
436 |
450 |
Integer couId = calls.getCouId(type, id, false);
|
437 |
|
Integer role = null;
|
438 |
|
if(couId != null) {
|
439 |
|
role = calls.getRoleId(coPersonId, couId);
|
440 |
|
}
|
441 |
|
if (couId != null && role != null) {
|
442 |
|
calls.removeAdminRole(coPersonId, couId);
|
443 |
|
calls.removeMemberRole(coPersonId, couId, role);
|
|
451 |
if (couId != null) {
|
|
452 |
coPersonIds.forEach(coPersonId -> {
|
|
453 |
Integer role = calls.getRoleId(coPersonId, couId);
|
|
454 |
calls.removeAdminRole(coPersonId, couId);
|
|
455 |
calls.removeMemberRole(coPersonId, couId, role);
|
|
456 |
});
|
444 |
457 |
authoritiesUpdater.update(email, old -> {
|
445 |
458 |
HashSet<SimpleGrantedAuthority> authorities = new HashSet<>((Collection<? extends SimpleGrantedAuthority>) old);
|
446 |
459 |
authorities.remove(new SimpleGrantedAuthority(authorizationService.manager(type, id)));
|
... | ... | |
465 |
478 |
@PreAuthorize("hasAnyAuthority(@AuthorizationService.PORTAL_ADMIN," +
|
466 |
479 |
"@AuthorizationService.curator(#type), @AuthorizationService.manager(#type, #id))")
|
467 |
480 |
public Response getMembers(@PathParam("type") String type, @PathParam("id") String id) {
|
468 |
|
Integer couId = calls.getCouId(type, id,false);
|
469 |
|
if(couId != null) {
|
|
481 |
Integer couId = calls.getCouId(type, id, false);
|
|
482 |
if (couId != null) {
|
470 |
483 |
JsonArray members = calls.getUserNamesByCouId(couId, false);
|
471 |
484 |
return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse(members).toString()).type(MediaType.APPLICATION_JSON).build();
|
472 |
485 |
} else {
|
... | ... | |
484 |
497 |
"@AuthorizationService.curator(#type), @AuthorizationService.manager(#type, #id))")
|
485 |
498 |
public Response getMembersEmail(@PathParam("type") String type, @PathParam("id") String id) {
|
486 |
499 |
Integer couId = calls.getCouId(type, id, false);
|
487 |
|
if(couId != null) {
|
|
500 |
if (couId != null) {
|
488 |
501 |
JsonArray members = calls.getUserEmailByCouId(couId, false);
|
489 |
502 |
return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse(members).toString()).type(MediaType.APPLICATION_JSON).build();
|
490 |
503 |
} else {
|
... | ... | |
493 |
506 |
}
|
494 |
507 |
|
495 |
508 |
/**
|
|
509 |
* Get the Identifiers of the members of a type(Community, etc.) with id(ee, egi, etc.)
|
|
510 |
*/
|
|
511 |
@Path("/{type}/{id}/members/id")
|
|
512 |
@GET
|
|
513 |
@Produces(MediaType.APPLICATION_JSON)
|
|
514 |
@PreAuthorize("hasAnyAuthority(@AuthorizationService.PORTAL_ADMIN," +
|
|
515 |
"@AuthorizationService.curator(#type), @AuthorizationService.manager(#type, #id))")
|
|
516 |
public Response getMembersId(@PathParam("type") String type, @PathParam("id") String id) {
|
|
517 |
Integer couId = calls.getCouId(type, id, false);
|
|
518 |
if (couId != null) {
|
|
519 |
JsonArray members = calls.getUserIdByCouId(couId, false);
|
|
520 |
return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse(members).toString()).type(MediaType.APPLICATION_JSON).build();
|
|
521 |
} else {
|
|
522 |
return Response.status(HttpStatus.NOT_FOUND.value()).entity(jsonUtils.createResponse("Role has not been found").toString()).type(MediaType.APPLICATION_JSON).build();
|
|
523 |
}
|
|
524 |
}
|
|
525 |
|
|
526 |
/**
|
496 |
527 |
* Get the number of the members of a type(Community, etc.) with id(ee, egi, etc.)
|
497 |
528 |
*/
|
498 |
529 |
@Path("/{type}/{id}/members/count")
|
... | ... | |
501 |
532 |
public Response getMembersCount(@PathParam("type") String type, @PathParam("id") String id) {
|
502 |
533 |
Integer couId = calls.getCouId(type, id, false);
|
503 |
534 |
int count = 0;
|
504 |
|
if(couId != null) {
|
|
535 |
if (couId != null) {
|
505 |
536 |
count = calls.getUserNamesByCouId(couId, false).size();
|
506 |
537 |
}
|
507 |
538 |
return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse(count).toString()).type(MediaType.APPLICATION_JSON).build();
|
... | ... | |
515 |
546 |
@Produces(MediaType.APPLICATION_JSON)
|
516 |
547 |
public Response getManagers(@PathParam("type") String type, @PathParam("id") String id) {
|
517 |
548 |
Integer couId = calls.getCouId(type, id);
|
518 |
|
if(couId != null) {
|
|
549 |
if (couId != null) {
|
519 |
550 |
JsonArray managers = calls.getUserNamesByCouId(couId, true);
|
520 |
551 |
return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse(managers).toString()).type(MediaType.APPLICATION_JSON).build();
|
521 |
552 |
} else {
|
... | ... | |
531 |
562 |
@Produces(MediaType.APPLICATION_JSON)
|
532 |
563 |
public Response getManagersEmail(@PathParam("type") String type, @PathParam("id") String id) {
|
533 |
564 |
Integer couId = calls.getCouId(type, id);
|
534 |
|
if(couId != null) {
|
|
565 |
if (couId != null) {
|
535 |
566 |
JsonArray managers = calls.getUserEmailByCouId(couId, true);
|
536 |
567 |
return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse(managers).toString()).type(MediaType.APPLICATION_JSON).build();
|
537 |
568 |
} else {
|
538 |
569 |
return Response.status(HttpStatus.NOT_FOUND.value()).entity(jsonUtils.createResponse("Role has not been found").toString()).type(MediaType.APPLICATION_JSON).build();
|
539 |
570 |
}
|
540 |
571 |
}
|
|
572 |
|
|
573 |
/**
|
|
574 |
* Get the Identifiers of the managers of a type(Community, etc.) with id(ee, egi, etc.)
|
|
575 |
*/
|
|
576 |
@Path("/{type}/{id}/managers/id")
|
|
577 |
@GET
|
|
578 |
@Produces(MediaType.APPLICATION_JSON)
|
|
579 |
public Response getManagersId(@PathParam("type") String type, @PathParam("id") String id) {
|
|
580 |
Integer couId = calls.getCouId(type, id);
|
|
581 |
if (couId != null) {
|
|
582 |
JsonArray managers = calls.getUserIdByCouId(couId, true);
|
|
583 |
return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse(managers).toString()).type(MediaType.APPLICATION_JSON).build();
|
|
584 |
} else {
|
|
585 |
return Response.status(HttpStatus.NOT_FOUND.value()).entity(jsonUtils.createResponse("Role has not been found").toString()).type(MediaType.APPLICATION_JSON).build();
|
|
586 |
}
|
|
587 |
}
|
541 |
588 |
}
|
Merge last changes from trunk