Revision 60924
Added by Konstantinos Triantafyllou almost 3 years ago
RegistryService.java | ||
---|---|---|
15 | 15 |
import org.mitre.openid.connect.model.OIDCAuthenticationToken; |
16 | 16 |
import org.springframework.beans.factory.annotation.Autowired; |
17 | 17 |
import org.springframework.http.HttpStatus; |
18 |
import org.springframework.security.access.method.P; |
|
18 | 19 |
import org.springframework.security.access.prepost.PreAuthorize; |
19 | 20 |
import org.springframework.security.core.authority.SimpleGrantedAuthority; |
20 | 21 |
import org.springframework.security.core.context.SecurityContextHolder; |
... | ... | |
27 | 28 |
import javax.ws.rs.core.Response; |
28 | 29 |
import java.util.Collection; |
29 | 30 |
import java.util.HashSet; |
31 |
import java.util.List; |
|
30 | 32 |
|
31 | 33 |
@Component(value = "RegistryService") |
32 | 34 |
@Path("/registry") |
... | ... | |
52 | 54 |
@Autowired |
53 | 55 |
private AuthorizationService authorizationService; |
54 | 56 |
|
55 |
private String sendEmail() { |
|
56 |
OIDCAuthenticationToken authenticationToken = (OIDCAuthenticationToken) SecurityContextHolder.getContext().getAuthentication(); |
|
57 |
return authenticationToken.getUserInfo().getEmail(); |
|
58 |
} |
|
59 |
|
|
60 | 57 |
/** |
61 | 58 |
* Subscribe to a type(Community, etc.) with id(ee, egi, etc.) |
62 | 59 |
*/ |
... | ... | |
70 | 67 |
if (couId != null) { |
71 | 68 |
Integer role = calls.getRoleId(coPersonId, couId); |
72 | 69 |
calls.assignMemberRole(coPersonId, couId, role); |
73 |
authoritiesUpdater.update(sendEmail(), old -> {
|
|
70 |
authoritiesUpdater.update(authorizationService.getEmail(), old -> {
|
|
74 | 71 |
HashSet<SimpleGrantedAuthority> authorities = new HashSet<>((Collection<? extends SimpleGrantedAuthority>) old); |
75 | 72 |
authorities.add(new SimpleGrantedAuthority(authorizationService.member(type, id))); |
76 | 73 |
return authorities; |
... | ... | |
97 | 94 |
if (role != null) { |
98 | 95 |
calls.removeAdminRole(coPersonId, couId); |
99 | 96 |
calls.removeMemberRole(coPersonId, couId, role); |
100 |
authoritiesUpdater.update(sendEmail(), old -> {
|
|
97 |
authoritiesUpdater.update(authorizationService.getEmail(), old -> {
|
|
101 | 98 |
HashSet<SimpleGrantedAuthority> authorities = new HashSet<>((Collection<? extends SimpleGrantedAuthority>) old); |
102 | 99 |
authorities.remove(new SimpleGrantedAuthority(authorizationService.manager(type, id))); |
103 | 100 |
authorities.remove(new SimpleGrantedAuthority(authorizationService.member(type, id))); |
... | ... | |
120 | 117 |
@Consumes(MediaType.APPLICATION_JSON) |
121 | 118 |
@PreAuthorize("hasAnyAuthority(@AuthorizationService.PORTAL_ADMIN)") |
122 | 119 |
public Response createRole(@RequestBody Role role) { |
123 |
if(calls.getCouId(role.getName()) == null) { |
|
124 |
calls.createRole(role); |
|
125 |
return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse("Role has been created").toString()).type(MediaType.APPLICATION_JSON).build(); |
|
120 |
if (calls.getCouId(role.getName()) == null) {
|
|
121 |
calls.createRole(role);
|
|
122 |
return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse("Role has been created").toString()).type(MediaType.APPLICATION_JSON).build();
|
|
126 | 123 |
} else { |
127 | 124 |
return Response.status(HttpStatus.CONFLICT.value()).entity(jsonUtils.createResponse("Role has already existed").toString()).type(MediaType.APPLICATION_JSON).build(); |
128 | 125 |
} |
129 | 126 |
} |
130 | 127 |
|
131 | 128 |
/** |
132 |
* |
|
133 | 129 |
* Invite user with email to manage a type(Community, etc.) with id(ee, egi, etc.) |
134 | 130 |
* Auto generated link and code will be sent as response. |
135 | 131 |
*/ |
... | ... | |
184 | 180 |
} |
185 | 181 |
|
186 | 182 |
private Response sendEmail(JsonObject details, JsonObject email, Integer coPersonId, JsonObject invitation) { |
187 |
String name = (coPersonId != null)?calls.getUserNames(coPersonId):"User";
|
|
183 |
String name = (coPersonId != null) ? calls.getUserNames(coPersonId) : "User";
|
|
188 | 184 |
String link = details.get("link").getAsString() + invitation.get("link").getAsString(); |
189 | 185 |
String subject = email.get("subject").getAsString(); |
190 | 186 |
String message = email.get("body").getAsString(). |
... | ... | |
273 | 269 |
public Response getVerification(@PathParam("id") String id) { |
274 | 270 |
RoleVerification verification = verificationUtils.getVerification(id); |
275 | 271 |
if (verification != null) { |
276 |
if (calls.getCoPersonIdByEmail(verification.getEmail()).equals(calls.getCoPersonIdByIdentifier())) {
|
|
272 |
if (verification.getEmail().equalsIgnoreCase(authorizationService.getEmail())) {
|
|
277 | 273 |
return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse(jsonUtils.createVerification(verification)).toString()).type(MediaType.APPLICATION_JSON).build(); |
278 | 274 |
} else { |
279 | 275 |
return Response.status(HttpStatus.FORBIDDEN.value()).entity(jsonUtils.createResponse("Forbidden verification").toString()).type(MediaType.APPLICATION_JSON).build(); |
... | ... | |
310 | 306 |
public Response verifyManager(@PathParam("id") String id, @RequestBody String code) { |
311 | 307 |
RoleVerification verification = verificationUtils.getVerification(id); |
312 | 308 |
if (verification != null && verification.getVerificationType().equals("manager")) { |
313 |
Integer coPersonId = calls.getCoPersonIdByEmail(verification.getEmail());
|
|
309 |
Integer coPersonId = calls.getCoPersonIdByIdentifier();
|
|
314 | 310 |
if (coPersonId != null) { |
315 |
if (coPersonId.equals(calls.getCoPersonIdByIdentifier())) {
|
|
311 |
if (verification.getEmail().equalsIgnoreCase(authorizationService.getEmail())) {
|
|
316 | 312 |
if (verification.getVerificationCode().equals(code)) { |
317 | 313 |
Integer couId = calls.getCouId(verification.getType(), verification.getEntity()); |
318 | 314 |
if (couId != null) { |
319 | 315 |
Integer role = calls.getRoleId(coPersonId, couId); |
320 | 316 |
calls.assignMemberRole(coPersonId, couId, role); |
321 |
verificationUtils.deleteMemberVerifications(verification.getEmail(), verification.getType(), verification.getEntity()); |
|
317 |
if (verification.getType().equals("community") || verification.getType().equals("ri")) { |
|
318 |
Integer riCouId = calls.getCouId("ri", verification.getEntity(), false); |
|
319 |
if (riCouId != null) { |
|
320 |
calls.assignMemberRole(coPersonId, riCouId, calls.getRoleId(coPersonId, riCouId)); |
|
321 |
verificationUtils.deleteMemberVerifications(verification.getEmail(), "community", verification.getEntity()); |
|
322 |
verificationUtils.deleteMemberVerifications(verification.getEmail(), "ri", verification.getEntity()); |
|
323 |
} else { |
|
324 |
verificationUtils.deleteMemberVerifications(verification.getEmail(), "community", verification.getEntity()); |
|
325 |
} |
|
326 |
} else { |
|
327 |
verificationUtils.deleteMemberVerifications(verification.getEmail(), verification.getType(), verification.getEntity()); |
|
328 |
} |
|
322 | 329 |
if (calls.getUserAdminGroup(coPersonId, couId) == null) { |
323 |
verificationUtils.deleteManagerVerifications(verification.getEmail(), verification.getType(), verification.getEntity()); |
|
330 |
if (verification.getType().equals("community") || verification.getType().equals("ri")) { |
|
331 |
verificationUtils.deleteManagerVerifications(verification.getEmail(), "community", verification.getEntity()); |
|
332 |
verificationUtils.deleteManagerVerifications(verification.getEmail(), "ri", verification.getEntity()); |
|
333 |
} else { |
|
334 |
verificationUtils.deleteManagerVerifications(verification.getEmail(), verification.getType(), verification.getEntity()); |
|
335 |
} |
|
324 | 336 |
calls.assignAdminRole(coPersonId, couId); |
325 | 337 |
authoritiesUpdater.update(verification.getEmail(), old -> { |
326 | 338 |
HashSet<SimpleGrantedAuthority> authorities = new HashSet<>((Collection<? extends SimpleGrantedAuthority>) old); |
... | ... | |
336 | 348 |
return Response.status(HttpStatus.NOT_FOUND.value()).entity(jsonUtils.createResponse("Role has not been found").toString()).type(MediaType.APPLICATION_JSON).build(); |
337 | 349 |
} |
338 | 350 |
} else { |
339 |
return Response.status(HttpStatus.FORBIDDEN.value()).entity(jsonUtils.createResponse("Verification code is wrong").toString()).type(MediaType.APPLICATION_JSON).build();
|
|
351 |
return Response.status(HttpStatus.BAD_REQUEST.value()).entity(jsonUtils.createResponse("Verification code is wrong").toString()).type(MediaType.APPLICATION_JSON).build();
|
|
340 | 352 |
} |
341 | 353 |
} else { |
342 | 354 |
return Response.status(HttpStatus.FORBIDDEN.value()).entity(jsonUtils.createResponse("Forbidden verification").toString()).type(MediaType.APPLICATION_JSON).build(); |
... | ... | |
360 | 372 |
public Response verifyMember(@PathParam("id") String id, @RequestBody String code) { |
361 | 373 |
RoleVerification verification = verificationUtils.getVerification(id); |
362 | 374 |
if (verification != null && verification.getVerificationType().equals("member")) { |
363 |
Integer coPersonId = calls.getCoPersonIdByEmail(verification.getEmail());
|
|
375 |
Integer coPersonId = calls.getCoPersonIdByIdentifier();
|
|
364 | 376 |
if (coPersonId != null) { |
365 |
if (coPersonId.equals(calls.getCoPersonIdByIdentifier())) {
|
|
377 |
if (verification.getEmail().equalsIgnoreCase(authorizationService.getEmail())) {
|
|
366 | 378 |
if (verification.getVerificationCode().equals(code)) { |
367 | 379 |
Integer couId = calls.getCouId(verification.getType(), verification.getEntity(), false); |
368 | 380 |
if (couId != null) { |
... | ... | |
402 | 414 |
@PreAuthorize("hasAnyAuthority(@AuthorizationService.PORTAL_ADMIN, @AuthorizationService.curator(#type), @AuthorizationService.manager(#type, #id))") |
403 | 415 |
public Response removeManagerRole(@PathParam("type") String type, @PathParam("id") String |
404 | 416 |
id, @PathParam("email") String email) { |
405 |
Integer coPersonId = calls.getCoPersonIdByEmail(email);
|
|
406 |
if (coPersonId != null) {
|
|
417 |
List<Integer> coPersonIds = calls.getCoPersonIdsByEmail(email);
|
|
418 |
if (coPersonIds.size() > 0) {
|
|
407 | 419 |
Integer couId = calls.getCouId(type, id); |
408 | 420 |
if (couId != null) { |
409 |
calls.removeAdminRole(coPersonId, couId); |
|
421 |
coPersonIds.forEach(coPersonId -> { |
|
422 |
calls.removeAdminRole(coPersonId, couId); |
|
423 |
}); |
|
410 | 424 |
authoritiesUpdater.update(email, old -> { |
411 | 425 |
HashSet<SimpleGrantedAuthority> authorities = new HashSet<>((Collection<? extends SimpleGrantedAuthority>) old); |
412 | 426 |
authorities.remove(new SimpleGrantedAuthority(authorizationService.manager(type, id))); |
... | ... | |
431 | 445 |
@PreAuthorize("hasAnyAuthority(@AuthorizationService.PORTAL_ADMIN, @AuthorizationService.curator(#type), @AuthorizationService.manager(#type, #id))") |
432 | 446 |
public Response removeMemberRole(@PathParam("type") String type, @PathParam("id") String |
433 | 447 |
id, @PathParam("email") String email) { |
434 |
Integer coPersonId = calls.getCoPersonIdByEmail(email);
|
|
435 |
if (coPersonId != null) {
|
|
448 |
List<Integer> coPersonIds = calls.getCoPersonIdsByEmail(email);
|
|
449 |
if (coPersonIds.size() > 0) {
|
|
436 | 450 |
Integer couId = calls.getCouId(type, id, false); |
437 |
Integer role = null; |
|
438 |
if(couId != null) { |
|
439 |
role = calls.getRoleId(coPersonId, couId); |
|
440 |
} |
|
441 |
if (couId != null && role != null) { |
|
442 |
calls.removeAdminRole(coPersonId, couId); |
|
443 |
calls.removeMemberRole(coPersonId, couId, role); |
|
451 |
if (couId != null) { |
|
452 |
coPersonIds.forEach(coPersonId -> { |
|
453 |
Integer role = calls.getRoleId(coPersonId, couId); |
|
454 |
calls.removeAdminRole(coPersonId, couId); |
|
455 |
calls.removeMemberRole(coPersonId, couId, role); |
|
456 |
}); |
|
444 | 457 |
authoritiesUpdater.update(email, old -> { |
445 | 458 |
HashSet<SimpleGrantedAuthority> authorities = new HashSet<>((Collection<? extends SimpleGrantedAuthority>) old); |
446 | 459 |
authorities.remove(new SimpleGrantedAuthority(authorizationService.manager(type, id))); |
... | ... | |
465 | 478 |
@PreAuthorize("hasAnyAuthority(@AuthorizationService.PORTAL_ADMIN," + |
466 | 479 |
"@AuthorizationService.curator(#type), @AuthorizationService.manager(#type, #id))") |
467 | 480 |
public Response getMembers(@PathParam("type") String type, @PathParam("id") String id) { |
468 |
Integer couId = calls.getCouId(type, id,false); |
|
469 |
if(couId != null) { |
|
481 |
Integer couId = calls.getCouId(type, id, false);
|
|
482 |
if (couId != null) {
|
|
470 | 483 |
JsonArray members = calls.getUserNamesByCouId(couId, false); |
471 | 484 |
return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse(members).toString()).type(MediaType.APPLICATION_JSON).build(); |
472 | 485 |
} else { |
... | ... | |
484 | 497 |
"@AuthorizationService.curator(#type), @AuthorizationService.manager(#type, #id))") |
485 | 498 |
public Response getMembersEmail(@PathParam("type") String type, @PathParam("id") String id) { |
486 | 499 |
Integer couId = calls.getCouId(type, id, false); |
487 |
if(couId != null) { |
|
500 |
if (couId != null) {
|
|
488 | 501 |
JsonArray members = calls.getUserEmailByCouId(couId, false); |
489 | 502 |
return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse(members).toString()).type(MediaType.APPLICATION_JSON).build(); |
490 | 503 |
} else { |
... | ... | |
493 | 506 |
} |
494 | 507 |
|
495 | 508 |
/** |
509 |
* Get the Identifiers of the members of a type(Community, etc.) with id(ee, egi, etc.) |
|
510 |
*/ |
|
511 |
@Path("/{type}/{id}/members/id") |
|
512 |
@GET |
|
513 |
@Produces(MediaType.APPLICATION_JSON) |
|
514 |
@PreAuthorize("hasAnyAuthority(@AuthorizationService.PORTAL_ADMIN," + |
|
515 |
"@AuthorizationService.curator(#type), @AuthorizationService.manager(#type, #id))") |
|
516 |
public Response getMembersId(@PathParam("type") String type, @PathParam("id") String id) { |
|
517 |
Integer couId = calls.getCouId(type, id, false); |
|
518 |
if (couId != null) { |
|
519 |
JsonArray members = calls.getUserIdByCouId(couId, false); |
|
520 |
return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse(members).toString()).type(MediaType.APPLICATION_JSON).build(); |
|
521 |
} else { |
|
522 |
return Response.status(HttpStatus.NOT_FOUND.value()).entity(jsonUtils.createResponse("Role has not been found").toString()).type(MediaType.APPLICATION_JSON).build(); |
|
523 |
} |
|
524 |
} |
|
525 |
|
|
526 |
/** |
|
496 | 527 |
* Get the number of the members of a type(Community, etc.) with id(ee, egi, etc.) |
497 | 528 |
*/ |
498 | 529 |
@Path("/{type}/{id}/members/count") |
... | ... | |
501 | 532 |
public Response getMembersCount(@PathParam("type") String type, @PathParam("id") String id) { |
502 | 533 |
Integer couId = calls.getCouId(type, id, false); |
503 | 534 |
int count = 0; |
504 |
if(couId != null) { |
|
535 |
if (couId != null) {
|
|
505 | 536 |
count = calls.getUserNamesByCouId(couId, false).size(); |
506 | 537 |
} |
507 | 538 |
return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse(count).toString()).type(MediaType.APPLICATION_JSON).build(); |
... | ... | |
515 | 546 |
@Produces(MediaType.APPLICATION_JSON) |
516 | 547 |
public Response getManagers(@PathParam("type") String type, @PathParam("id") String id) { |
517 | 548 |
Integer couId = calls.getCouId(type, id); |
518 |
if(couId != null) { |
|
549 |
if (couId != null) {
|
|
519 | 550 |
JsonArray managers = calls.getUserNamesByCouId(couId, true); |
520 | 551 |
return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse(managers).toString()).type(MediaType.APPLICATION_JSON).build(); |
521 | 552 |
} else { |
... | ... | |
531 | 562 |
@Produces(MediaType.APPLICATION_JSON) |
532 | 563 |
public Response getManagersEmail(@PathParam("type") String type, @PathParam("id") String id) { |
533 | 564 |
Integer couId = calls.getCouId(type, id); |
534 |
if(couId != null) { |
|
565 |
if (couId != null) {
|
|
535 | 566 |
JsonArray managers = calls.getUserEmailByCouId(couId, true); |
536 | 567 |
return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse(managers).toString()).type(MediaType.APPLICATION_JSON).build(); |
537 | 568 |
} else { |
538 | 569 |
return Response.status(HttpStatus.NOT_FOUND.value()).entity(jsonUtils.createResponse("Role has not been found").toString()).type(MediaType.APPLICATION_JSON).build(); |
539 | 570 |
} |
540 | 571 |
} |
572 |
|
|
573 |
/** |
|
574 |
* Get the Identifiers of the managers of a type(Community, etc.) with id(ee, egi, etc.) |
|
575 |
*/ |
|
576 |
@Path("/{type}/{id}/managers/id") |
|
577 |
@GET |
|
578 |
@Produces(MediaType.APPLICATION_JSON) |
|
579 |
public Response getManagersId(@PathParam("type") String type, @PathParam("id") String id) { |
|
580 |
Integer couId = calls.getCouId(type, id); |
|
581 |
if (couId != null) { |
|
582 |
JsonArray managers = calls.getUserIdByCouId(couId, true); |
|
583 |
return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse(managers).toString()).type(MediaType.APPLICATION_JSON).build(); |
|
584 |
} else { |
|
585 |
return Response.status(HttpStatus.NOT_FOUND.value()).entity(jsonUtils.createResponse("Role has not been found").toString()).type(MediaType.APPLICATION_JSON).build(); |
|
586 |
} |
|
587 |
} |
|
541 | 588 |
} |
Also available in: Unified diff
Merge last changes from trunk