Revision 60924
Added by Konstantinos Triantafyllou almost 3 years ago
| RegistryService.java | ||
|---|---|---|
| 15 | 15 |
import org.mitre.openid.connect.model.OIDCAuthenticationToken; |
| 16 | 16 |
import org.springframework.beans.factory.annotation.Autowired; |
| 17 | 17 |
import org.springframework.http.HttpStatus; |
| 18 |
import org.springframework.security.access.method.P; |
|
| 18 | 19 |
import org.springframework.security.access.prepost.PreAuthorize; |
| 19 | 20 |
import org.springframework.security.core.authority.SimpleGrantedAuthority; |
| 20 | 21 |
import org.springframework.security.core.context.SecurityContextHolder; |
| ... | ... | |
| 27 | 28 |
import javax.ws.rs.core.Response; |
| 28 | 29 |
import java.util.Collection; |
| 29 | 30 |
import java.util.HashSet; |
| 31 |
import java.util.List; |
|
| 30 | 32 |
|
| 31 | 33 |
@Component(value = "RegistryService") |
| 32 | 34 |
@Path("/registry")
|
| ... | ... | |
| 52 | 54 |
@Autowired |
| 53 | 55 |
private AuthorizationService authorizationService; |
| 54 | 56 |
|
| 55 |
private String sendEmail() {
|
|
| 56 |
OIDCAuthenticationToken authenticationToken = (OIDCAuthenticationToken) SecurityContextHolder.getContext().getAuthentication(); |
|
| 57 |
return authenticationToken.getUserInfo().getEmail(); |
|
| 58 |
} |
|
| 59 |
|
|
| 60 | 57 |
/** |
| 61 | 58 |
* Subscribe to a type(Community, etc.) with id(ee, egi, etc.) |
| 62 | 59 |
*/ |
| ... | ... | |
| 70 | 67 |
if (couId != null) {
|
| 71 | 68 |
Integer role = calls.getRoleId(coPersonId, couId); |
| 72 | 69 |
calls.assignMemberRole(coPersonId, couId, role); |
| 73 |
authoritiesUpdater.update(sendEmail(), old -> {
|
|
| 70 |
authoritiesUpdater.update(authorizationService.getEmail(), old -> {
|
|
| 74 | 71 |
HashSet<SimpleGrantedAuthority> authorities = new HashSet<>((Collection<? extends SimpleGrantedAuthority>) old); |
| 75 | 72 |
authorities.add(new SimpleGrantedAuthority(authorizationService.member(type, id))); |
| 76 | 73 |
return authorities; |
| ... | ... | |
| 97 | 94 |
if (role != null) {
|
| 98 | 95 |
calls.removeAdminRole(coPersonId, couId); |
| 99 | 96 |
calls.removeMemberRole(coPersonId, couId, role); |
| 100 |
authoritiesUpdater.update(sendEmail(), old -> {
|
|
| 97 |
authoritiesUpdater.update(authorizationService.getEmail(), old -> {
|
|
| 101 | 98 |
HashSet<SimpleGrantedAuthority> authorities = new HashSet<>((Collection<? extends SimpleGrantedAuthority>) old); |
| 102 | 99 |
authorities.remove(new SimpleGrantedAuthority(authorizationService.manager(type, id))); |
| 103 | 100 |
authorities.remove(new SimpleGrantedAuthority(authorizationService.member(type, id))); |
| ... | ... | |
| 120 | 117 |
@Consumes(MediaType.APPLICATION_JSON) |
| 121 | 118 |
@PreAuthorize("hasAnyAuthority(@AuthorizationService.PORTAL_ADMIN)")
|
| 122 | 119 |
public Response createRole(@RequestBody Role role) {
|
| 123 |
if(calls.getCouId(role.getName()) == null) {
|
|
| 124 |
calls.createRole(role); |
|
| 125 |
return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse("Role has been created").toString()).type(MediaType.APPLICATION_JSON).build();
|
|
| 120 |
if (calls.getCouId(role.getName()) == null) {
|
|
| 121 |
calls.createRole(role);
|
|
| 122 |
return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse("Role has been created").toString()).type(MediaType.APPLICATION_JSON).build();
|
|
| 126 | 123 |
} else {
|
| 127 | 124 |
return Response.status(HttpStatus.CONFLICT.value()).entity(jsonUtils.createResponse("Role has already existed").toString()).type(MediaType.APPLICATION_JSON).build();
|
| 128 | 125 |
} |
| 129 | 126 |
} |
| 130 | 127 |
|
| 131 | 128 |
/** |
| 132 |
* |
|
| 133 | 129 |
* Invite user with email to manage a type(Community, etc.) with id(ee, egi, etc.) |
| 134 | 130 |
* Auto generated link and code will be sent as response. |
| 135 | 131 |
*/ |
| ... | ... | |
| 184 | 180 |
} |
| 185 | 181 |
|
| 186 | 182 |
private Response sendEmail(JsonObject details, JsonObject email, Integer coPersonId, JsonObject invitation) {
|
| 187 |
String name = (coPersonId != null)?calls.getUserNames(coPersonId):"User";
|
|
| 183 |
String name = (coPersonId != null) ? calls.getUserNames(coPersonId) : "User";
|
|
| 188 | 184 |
String link = details.get("link").getAsString() + invitation.get("link").getAsString();
|
| 189 | 185 |
String subject = email.get("subject").getAsString();
|
| 190 | 186 |
String message = email.get("body").getAsString().
|
| ... | ... | |
| 273 | 269 |
public Response getVerification(@PathParam("id") String id) {
|
| 274 | 270 |
RoleVerification verification = verificationUtils.getVerification(id); |
| 275 | 271 |
if (verification != null) {
|
| 276 |
if (calls.getCoPersonIdByEmail(verification.getEmail()).equals(calls.getCoPersonIdByIdentifier())) {
|
|
| 272 |
if (verification.getEmail().equalsIgnoreCase(authorizationService.getEmail())) {
|
|
| 277 | 273 |
return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse(jsonUtils.createVerification(verification)).toString()).type(MediaType.APPLICATION_JSON).build(); |
| 278 | 274 |
} else {
|
| 279 | 275 |
return Response.status(HttpStatus.FORBIDDEN.value()).entity(jsonUtils.createResponse("Forbidden verification").toString()).type(MediaType.APPLICATION_JSON).build();
|
| ... | ... | |
| 310 | 306 |
public Response verifyManager(@PathParam("id") String id, @RequestBody String code) {
|
| 311 | 307 |
RoleVerification verification = verificationUtils.getVerification(id); |
| 312 | 308 |
if (verification != null && verification.getVerificationType().equals("manager")) {
|
| 313 |
Integer coPersonId = calls.getCoPersonIdByEmail(verification.getEmail());
|
|
| 309 |
Integer coPersonId = calls.getCoPersonIdByIdentifier();
|
|
| 314 | 310 |
if (coPersonId != null) {
|
| 315 |
if (coPersonId.equals(calls.getCoPersonIdByIdentifier())) {
|
|
| 311 |
if (verification.getEmail().equalsIgnoreCase(authorizationService.getEmail())) {
|
|
| 316 | 312 |
if (verification.getVerificationCode().equals(code)) {
|
| 317 | 313 |
Integer couId = calls.getCouId(verification.getType(), verification.getEntity()); |
| 318 | 314 |
if (couId != null) {
|
| 319 | 315 |
Integer role = calls.getRoleId(coPersonId, couId); |
| 320 | 316 |
calls.assignMemberRole(coPersonId, couId, role); |
| 321 |
verificationUtils.deleteMemberVerifications(verification.getEmail(), verification.getType(), verification.getEntity()); |
|
| 317 |
if (verification.getType().equals("community") || verification.getType().equals("ri")) {
|
|
| 318 |
Integer riCouId = calls.getCouId("ri", verification.getEntity(), false);
|
|
| 319 |
if (riCouId != null) {
|
|
| 320 |
calls.assignMemberRole(coPersonId, riCouId, calls.getRoleId(coPersonId, riCouId)); |
|
| 321 |
verificationUtils.deleteMemberVerifications(verification.getEmail(), "community", verification.getEntity()); |
|
| 322 |
verificationUtils.deleteMemberVerifications(verification.getEmail(), "ri", verification.getEntity()); |
|
| 323 |
} else {
|
|
| 324 |
verificationUtils.deleteMemberVerifications(verification.getEmail(), "community", verification.getEntity()); |
|
| 325 |
} |
|
| 326 |
} else {
|
|
| 327 |
verificationUtils.deleteMemberVerifications(verification.getEmail(), verification.getType(), verification.getEntity()); |
|
| 328 |
} |
|
| 322 | 329 |
if (calls.getUserAdminGroup(coPersonId, couId) == null) {
|
| 323 |
verificationUtils.deleteManagerVerifications(verification.getEmail(), verification.getType(), verification.getEntity()); |
|
| 330 |
if (verification.getType().equals("community") || verification.getType().equals("ri")) {
|
|
| 331 |
verificationUtils.deleteManagerVerifications(verification.getEmail(), "community", verification.getEntity()); |
|
| 332 |
verificationUtils.deleteManagerVerifications(verification.getEmail(), "ri", verification.getEntity()); |
|
| 333 |
} else {
|
|
| 334 |
verificationUtils.deleteManagerVerifications(verification.getEmail(), verification.getType(), verification.getEntity()); |
|
| 335 |
} |
|
| 324 | 336 |
calls.assignAdminRole(coPersonId, couId); |
| 325 | 337 |
authoritiesUpdater.update(verification.getEmail(), old -> {
|
| 326 | 338 |
HashSet<SimpleGrantedAuthority> authorities = new HashSet<>((Collection<? extends SimpleGrantedAuthority>) old); |
| ... | ... | |
| 336 | 348 |
return Response.status(HttpStatus.NOT_FOUND.value()).entity(jsonUtils.createResponse("Role has not been found").toString()).type(MediaType.APPLICATION_JSON).build();
|
| 337 | 349 |
} |
| 338 | 350 |
} else {
|
| 339 |
return Response.status(HttpStatus.FORBIDDEN.value()).entity(jsonUtils.createResponse("Verification code is wrong").toString()).type(MediaType.APPLICATION_JSON).build();
|
|
| 351 |
return Response.status(HttpStatus.BAD_REQUEST.value()).entity(jsonUtils.createResponse("Verification code is wrong").toString()).type(MediaType.APPLICATION_JSON).build();
|
|
| 340 | 352 |
} |
| 341 | 353 |
} else {
|
| 342 | 354 |
return Response.status(HttpStatus.FORBIDDEN.value()).entity(jsonUtils.createResponse("Forbidden verification").toString()).type(MediaType.APPLICATION_JSON).build();
|
| ... | ... | |
| 360 | 372 |
public Response verifyMember(@PathParam("id") String id, @RequestBody String code) {
|
| 361 | 373 |
RoleVerification verification = verificationUtils.getVerification(id); |
| 362 | 374 |
if (verification != null && verification.getVerificationType().equals("member")) {
|
| 363 |
Integer coPersonId = calls.getCoPersonIdByEmail(verification.getEmail());
|
|
| 375 |
Integer coPersonId = calls.getCoPersonIdByIdentifier();
|
|
| 364 | 376 |
if (coPersonId != null) {
|
| 365 |
if (coPersonId.equals(calls.getCoPersonIdByIdentifier())) {
|
|
| 377 |
if (verification.getEmail().equalsIgnoreCase(authorizationService.getEmail())) {
|
|
| 366 | 378 |
if (verification.getVerificationCode().equals(code)) {
|
| 367 | 379 |
Integer couId = calls.getCouId(verification.getType(), verification.getEntity(), false); |
| 368 | 380 |
if (couId != null) {
|
| ... | ... | |
| 402 | 414 |
@PreAuthorize("hasAnyAuthority(@AuthorizationService.PORTAL_ADMIN, @AuthorizationService.curator(#type), @AuthorizationService.manager(#type, #id))")
|
| 403 | 415 |
public Response removeManagerRole(@PathParam("type") String type, @PathParam("id") String
|
| 404 | 416 |
id, @PathParam("email") String email) {
|
| 405 |
Integer coPersonId = calls.getCoPersonIdByEmail(email);
|
|
| 406 |
if (coPersonId != null) {
|
|
| 417 |
List<Integer> coPersonIds = calls.getCoPersonIdsByEmail(email);
|
|
| 418 |
if (coPersonIds.size() > 0) {
|
|
| 407 | 419 |
Integer couId = calls.getCouId(type, id); |
| 408 | 420 |
if (couId != null) {
|
| 409 |
calls.removeAdminRole(coPersonId, couId); |
|
| 421 |
coPersonIds.forEach(coPersonId -> {
|
|
| 422 |
calls.removeAdminRole(coPersonId, couId); |
|
| 423 |
}); |
|
| 410 | 424 |
authoritiesUpdater.update(email, old -> {
|
| 411 | 425 |
HashSet<SimpleGrantedAuthority> authorities = new HashSet<>((Collection<? extends SimpleGrantedAuthority>) old); |
| 412 | 426 |
authorities.remove(new SimpleGrantedAuthority(authorizationService.manager(type, id))); |
| ... | ... | |
| 431 | 445 |
@PreAuthorize("hasAnyAuthority(@AuthorizationService.PORTAL_ADMIN, @AuthorizationService.curator(#type), @AuthorizationService.manager(#type, #id))")
|
| 432 | 446 |
public Response removeMemberRole(@PathParam("type") String type, @PathParam("id") String
|
| 433 | 447 |
id, @PathParam("email") String email) {
|
| 434 |
Integer coPersonId = calls.getCoPersonIdByEmail(email);
|
|
| 435 |
if (coPersonId != null) {
|
|
| 448 |
List<Integer> coPersonIds = calls.getCoPersonIdsByEmail(email);
|
|
| 449 |
if (coPersonIds.size() > 0) {
|
|
| 436 | 450 |
Integer couId = calls.getCouId(type, id, false); |
| 437 |
Integer role = null; |
|
| 438 |
if(couId != null) {
|
|
| 439 |
role = calls.getRoleId(coPersonId, couId); |
|
| 440 |
} |
|
| 441 |
if (couId != null && role != null) {
|
|
| 442 |
calls.removeAdminRole(coPersonId, couId); |
|
| 443 |
calls.removeMemberRole(coPersonId, couId, role); |
|
| 451 |
if (couId != null) {
|
|
| 452 |
coPersonIds.forEach(coPersonId -> {
|
|
| 453 |
Integer role = calls.getRoleId(coPersonId, couId); |
|
| 454 |
calls.removeAdminRole(coPersonId, couId); |
|
| 455 |
calls.removeMemberRole(coPersonId, couId, role); |
|
| 456 |
}); |
|
| 444 | 457 |
authoritiesUpdater.update(email, old -> {
|
| 445 | 458 |
HashSet<SimpleGrantedAuthority> authorities = new HashSet<>((Collection<? extends SimpleGrantedAuthority>) old); |
| 446 | 459 |
authorities.remove(new SimpleGrantedAuthority(authorizationService.manager(type, id))); |
| ... | ... | |
| 465 | 478 |
@PreAuthorize("hasAnyAuthority(@AuthorizationService.PORTAL_ADMIN," +
|
| 466 | 479 |
"@AuthorizationService.curator(#type), @AuthorizationService.manager(#type, #id))") |
| 467 | 480 |
public Response getMembers(@PathParam("type") String type, @PathParam("id") String id) {
|
| 468 |
Integer couId = calls.getCouId(type, id,false); |
|
| 469 |
if(couId != null) {
|
|
| 481 |
Integer couId = calls.getCouId(type, id, false);
|
|
| 482 |
if (couId != null) {
|
|
| 470 | 483 |
JsonArray members = calls.getUserNamesByCouId(couId, false); |
| 471 | 484 |
return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse(members).toString()).type(MediaType.APPLICATION_JSON).build(); |
| 472 | 485 |
} else {
|
| ... | ... | |
| 484 | 497 |
"@AuthorizationService.curator(#type), @AuthorizationService.manager(#type, #id))") |
| 485 | 498 |
public Response getMembersEmail(@PathParam("type") String type, @PathParam("id") String id) {
|
| 486 | 499 |
Integer couId = calls.getCouId(type, id, false); |
| 487 |
if(couId != null) {
|
|
| 500 |
if (couId != null) {
|
|
| 488 | 501 |
JsonArray members = calls.getUserEmailByCouId(couId, false); |
| 489 | 502 |
return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse(members).toString()).type(MediaType.APPLICATION_JSON).build(); |
| 490 | 503 |
} else {
|
| ... | ... | |
| 493 | 506 |
} |
| 494 | 507 |
|
| 495 | 508 |
/** |
| 509 |
* Get the Identifiers of the members of a type(Community, etc.) with id(ee, egi, etc.) |
|
| 510 |
*/ |
|
| 511 |
@Path("/{type}/{id}/members/id")
|
|
| 512 |
@GET |
|
| 513 |
@Produces(MediaType.APPLICATION_JSON) |
|
| 514 |
@PreAuthorize("hasAnyAuthority(@AuthorizationService.PORTAL_ADMIN," +
|
|
| 515 |
"@AuthorizationService.curator(#type), @AuthorizationService.manager(#type, #id))") |
|
| 516 |
public Response getMembersId(@PathParam("type") String type, @PathParam("id") String id) {
|
|
| 517 |
Integer couId = calls.getCouId(type, id, false); |
|
| 518 |
if (couId != null) {
|
|
| 519 |
JsonArray members = calls.getUserIdByCouId(couId, false); |
|
| 520 |
return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse(members).toString()).type(MediaType.APPLICATION_JSON).build(); |
|
| 521 |
} else {
|
|
| 522 |
return Response.status(HttpStatus.NOT_FOUND.value()).entity(jsonUtils.createResponse("Role has not been found").toString()).type(MediaType.APPLICATION_JSON).build();
|
|
| 523 |
} |
|
| 524 |
} |
|
| 525 |
|
|
| 526 |
/** |
|
| 496 | 527 |
* Get the number of the members of a type(Community, etc.) with id(ee, egi, etc.) |
| 497 | 528 |
*/ |
| 498 | 529 |
@Path("/{type}/{id}/members/count")
|
| ... | ... | |
| 501 | 532 |
public Response getMembersCount(@PathParam("type") String type, @PathParam("id") String id) {
|
| 502 | 533 |
Integer couId = calls.getCouId(type, id, false); |
| 503 | 534 |
int count = 0; |
| 504 |
if(couId != null) {
|
|
| 535 |
if (couId != null) {
|
|
| 505 | 536 |
count = calls.getUserNamesByCouId(couId, false).size(); |
| 506 | 537 |
} |
| 507 | 538 |
return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse(count).toString()).type(MediaType.APPLICATION_JSON).build(); |
| ... | ... | |
| 515 | 546 |
@Produces(MediaType.APPLICATION_JSON) |
| 516 | 547 |
public Response getManagers(@PathParam("type") String type, @PathParam("id") String id) {
|
| 517 | 548 |
Integer couId = calls.getCouId(type, id); |
| 518 |
if(couId != null) {
|
|
| 549 |
if (couId != null) {
|
|
| 519 | 550 |
JsonArray managers = calls.getUserNamesByCouId(couId, true); |
| 520 | 551 |
return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse(managers).toString()).type(MediaType.APPLICATION_JSON).build(); |
| 521 | 552 |
} else {
|
| ... | ... | |
| 531 | 562 |
@Produces(MediaType.APPLICATION_JSON) |
| 532 | 563 |
public Response getManagersEmail(@PathParam("type") String type, @PathParam("id") String id) {
|
| 533 | 564 |
Integer couId = calls.getCouId(type, id); |
| 534 |
if(couId != null) {
|
|
| 565 |
if (couId != null) {
|
|
| 535 | 566 |
JsonArray managers = calls.getUserEmailByCouId(couId, true); |
| 536 | 567 |
return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse(managers).toString()).type(MediaType.APPLICATION_JSON).build(); |
| 537 | 568 |
} else {
|
| 538 | 569 |
return Response.status(HttpStatus.NOT_FOUND.value()).entity(jsonUtils.createResponse("Role has not been found").toString()).type(MediaType.APPLICATION_JSON).build();
|
| 539 | 570 |
} |
| 540 | 571 |
} |
| 572 |
|
|
| 573 |
/** |
|
| 574 |
* Get the Identifiers of the managers of a type(Community, etc.) with id(ee, egi, etc.) |
|
| 575 |
*/ |
|
| 576 |
@Path("/{type}/{id}/managers/id")
|
|
| 577 |
@GET |
|
| 578 |
@Produces(MediaType.APPLICATION_JSON) |
|
| 579 |
public Response getManagersId(@PathParam("type") String type, @PathParam("id") String id) {
|
|
| 580 |
Integer couId = calls.getCouId(type, id); |
|
| 581 |
if (couId != null) {
|
|
| 582 |
JsonArray managers = calls.getUserIdByCouId(couId, true); |
|
| 583 |
return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse(managers).toString()).type(MediaType.APPLICATION_JSON).build(); |
|
| 584 |
} else {
|
|
| 585 |
return Response.status(HttpStatus.NOT_FOUND.value()).entity(jsonUtils.createResponse("Role has not been found").toString()).type(MediaType.APPLICATION_JSON).build();
|
|
| 586 |
} |
|
| 587 |
} |
|
| 541 | 588 |
} |
Also available in: Unified diff
Merge last changes from trunk