Revision 61329
Added by Konstantinos Spyrou almost 3 years ago
| RepositoryServiceImpl.java | ||
|---|---|---|
| 13 | 13 |
import eu.dnetlib.repo.manager.domain.dto.Role; |
| 14 | 14 |
import eu.dnetlib.repo.manager.exception.ResourceNotFoundException; |
| 15 | 15 |
import eu.dnetlib.repo.manager.service.aai.registry.AaiRegistryService; |
| 16 |
import eu.dnetlib.repo.manager.service.security.AuthorizationService; |
|
| 16 |
import eu.dnetlib.repo.manager.service.security.AaiUserRoleService; |
|
| 17 |
import eu.dnetlib.repo.manager.service.security.AuthoritiesUpdater; |
|
| 17 | 18 |
import eu.dnetlib.repo.manager.utils.Converter; |
| 18 | 19 |
import gr.uoa.di.driver.enabling.vocabulary.VocabularyLoader; |
| 19 | 20 |
import org.apache.commons.codec.digest.DigestUtils; |
| ... | ... | |
| 24 | 25 |
import org.mitre.openid.connect.model.OIDCAuthenticationToken; |
| 25 | 26 |
import org.springframework.beans.factory.annotation.Autowired; |
| 26 | 27 |
import org.springframework.beans.factory.annotation.Value; |
| 28 |
import org.springframework.context.annotation.Lazy; |
|
| 27 | 29 |
import org.springframework.core.ParameterizedTypeReference; |
| 28 | 30 |
import org.springframework.http.*; |
| 29 | 31 |
import org.springframework.http.converter.json.MappingJackson2HttpMessageConverter; |
| 30 | 32 |
import org.springframework.security.core.Authentication; |
| 33 |
import org.springframework.security.core.authority.SimpleGrantedAuthority; |
|
| 31 | 34 |
import org.springframework.security.core.context.SecurityContextHolder; |
| 32 | 35 |
import org.springframework.stereotype.Service; |
| 36 |
import org.springframework.web.client.HttpClientErrorException; |
|
| 33 | 37 |
import org.springframework.web.client.RestClientException; |
| 34 | 38 |
import org.springframework.web.client.RestTemplate; |
| 35 | 39 |
import org.springframework.web.util.UriComponents; |
| ... | ... | |
| 45 | 49 |
@Service("repositoryService")
|
| 46 | 50 |
public class RepositoryServiceImpl implements RepositoryService {
|
| 47 | 51 |
|
| 52 |
private static final Logger LOGGER = Logger.getLogger(RepositoryServiceImpl.class); |
|
| 53 |
|
|
| 54 |
private final AaiUserRoleService aaiUserRoleService; |
|
| 55 |
private final AaiRegistryService registryCalls; |
|
| 56 |
private final AuthoritiesUpdater authoritiesUpdater; |
|
| 57 |
private final RestTemplate restTemplate; |
|
| 58 |
private final VocabularyLoader vocabularyLoader; |
|
| 59 |
private final PiWikService piWikService; |
|
| 60 |
private final EmailUtils emailUtils; |
|
| 61 |
private final ValidatorService validatorService; |
|
| 62 |
|
|
| 48 | 63 |
@Value("${api.baseAddress}")
|
| 49 | 64 |
private String baseAddress; |
| 50 | 65 |
|
| 51 | 66 |
@Value("${services.repo-manager.adminEmail}")
|
| 52 | 67 |
private String adminEmail; |
| 53 | 68 |
|
| 54 |
@Autowired |
|
| 55 |
RestTemplate restTemplate; |
|
| 56 |
|
|
| 57 |
private HttpHeaders httpHeaders; |
|
| 58 |
|
|
| 59 |
private final String[] vocabularyNames = {"dnet:countries", "dnet:datasource_typologies", "dnet:compatibilityLevel"};
|
|
| 60 |
|
|
| 61 |
private static final Logger LOGGER = Logger.getLogger(RepositoryServiceImpl.class); |
|
| 62 |
|
|
| 63 | 69 |
@Value("${services.repomanager.usageStatisticsDiagramsBaseURL}")
|
| 64 | 70 |
private String usageStatisticsDiagramsBaseURL; |
| 65 | 71 |
|
| 66 | 72 |
@Value("${services.repomanager.usageStatisticsNumbersBaseURL}")
|
| 67 | 73 |
private String usageStatisticsNumbersBaseURL; |
| 68 | 74 |
|
| 69 |
@Autowired |
|
| 70 |
private VocabularyLoader vocabularyLoader; |
|
| 71 | 75 |
|
| 72 |
@Autowired
|
|
| 73 |
private PiWikService piWikService;
|
|
| 76 |
private static final Map<String, List<String>> dataSourceClass = new HashMap<>();
|
|
| 77 |
private static final Map<String, String> invertedDataSourceClass = new HashMap<>();
|
|
| 74 | 78 |
|
| 75 |
@Autowired |
|
| 76 |
private EmailUtils emailUtils; |
|
| 77 | 79 |
|
| 78 |
@Autowired |
|
| 79 |
ValidatorService validatorService; |
|
| 80 |
private final String[] vocabularyNames = {"dnet:countries", "dnet:datasource_typologies", "dnet:compatibilityLevel"};
|
|
| 81 |
private final Map<String, Vocabulary> vocabularyMap = new ConcurrentHashMap<>(); |
|
| 82 |
private final Map<String, String> countriesMap = new HashMap<>(); |
|
| 83 |
private final Map<String, String> inverseCountriesMap = new HashMap<>(); |
|
| 80 | 84 |
|
| 81 |
@Autowired |
|
| 82 |
private AaiRegistryService registryCalls; |
|
| 85 |
private HttpHeaders httpHeaders; |
|
| 83 | 86 |
|
| 84 |
// TODO: Antonis K. This should be uncommented |
|
| 85 |
// @Autowired |
|
| 86 |
// private AuthoritiesUpdater authoritiesUpdater; |
|
| 87 |
|
|
| 88 | 87 |
@Autowired |
| 89 |
private AuthorizationService authorizationService; |
|
| 88 |
public RepositoryServiceImpl(AaiUserRoleService aaiUserRoleService, |
|
| 89 |
AaiRegistryService registryCalls, |
|
| 90 |
AuthoritiesUpdater authoritiesUpdater, |
|
| 91 |
VocabularyLoader vocabularyLoader, EmailUtils emailUtils, |
|
| 92 |
RestTemplate restTemplate, |
|
| 93 |
@Lazy ValidatorService validatorService, |
|
| 94 |
@Lazy PiWikService piWikService) {
|
|
| 95 |
this.aaiUserRoleService = aaiUserRoleService; |
|
| 96 |
this.registryCalls = registryCalls; |
|
| 97 |
this.authoritiesUpdater = authoritiesUpdater; |
|
| 98 |
this.vocabularyLoader = vocabularyLoader; |
|
| 99 |
this.piWikService = piWikService; |
|
| 100 |
this.emailUtils = emailUtils; |
|
| 101 |
this.validatorService = validatorService; |
|
| 102 |
this.restTemplate = restTemplate; |
|
| 103 |
} |
|
| 90 | 104 |
|
| 91 |
|
|
| 92 |
private Map<String, Vocabulary> vocabularyMap = new ConcurrentHashMap<>(); |
|
| 93 |
|
|
| 94 |
private Map<String, String> countriesMap = new HashMap<>(); |
|
| 95 |
private Map<String, String> inverseCountriesMap = new HashMap<>(); |
|
| 96 |
|
|
| 97 |
private static Map<String, List<String>> dataSourceClass = new HashMap<>(); |
|
| 98 |
|
|
| 99 |
private static Map<String, String> invertedDataSourceClass = new HashMap<>(); |
|
| 100 |
|
|
| 101 | 105 |
private String sendEmail() {
|
| 102 | 106 |
OIDCAuthenticationToken authenticationToken = (OIDCAuthenticationToken) SecurityContextHolder.getContext().getAuthentication(); |
| 103 | 107 |
return authenticationToken.getUserInfo().getEmail(); |
| ... | ... | |
| 508 | 512 |
this.latentUpdate(repository, SecurityContextHolder.getContext().getAuthentication()); |
| 509 | 513 |
} |
| 510 | 514 |
|
| 511 |
// TODO: Antonis K. - Create new role ROLE_(datasource.datasourceId) and assign it to the user that created the folder (+ replace :: with $$)
|
|
| 512 |
// Create new role ( careful ... replace :: with $$ )
|
|
| 513 |
String newRoleName = repository.getId().replaceAll(":", "\\$");
|
|
| 514 |
String newRoleDescr = repository.getId().replaceAll(":", "\\$");
|
|
| 515 |
Role newRole = new Role(newRoleName, newRoleDescr);
|
|
| 515 |
// TODO: move the following code elsewhere (creation and assignment of role to user) ??
|
|
| 516 |
// Create new role |
|
| 517 |
String newRoleName = aaiUserRoleService.getRoleIdByRepoId(repository.getId());
|
|
| 518 |
Role newRole = new Role(newRoleName, repository.getOfficialName());
|
|
| 519 |
Integer couId = null;
|
|
| 516 | 520 |
try {
|
| 517 |
registryCalls.createRole(newRole); |
|
| 521 |
couId = registryCalls.createRole(newRole); |
|
| 522 |
} catch (HttpClientErrorException e) {
|
|
| 523 |
couId = registryCalls.getCouId(newRoleName); |
|
| 524 |
if (couId == null) {
|
|
| 525 |
LOGGER.error(String.format("Could not create role '%s'", newRoleName), e);
|
|
| 526 |
} |
|
| 518 | 527 |
} catch (Exception e) {
|
| 519 |
LOGGER.debug("Exception on create role during add repository", e);
|
|
| 528 |
LOGGER.error(String.format("Could not create role '%s'", newRoleName), e);
|
|
| 520 | 529 |
throw e; |
| 521 | 530 |
} |
| 522 | 531 |
|
| 523 | 532 |
// Assign new role to the user that created it |
| 524 | 533 |
Integer coPersonId = registryCalls.getCoPersonIdByIdentifier(); |
| 525 |
Integer couId = registryCalls.getCouId("datasource", newRoleName);
|
|
| 526 | 534 |
if (couId != null) {
|
| 527 | 535 |
Integer role = registryCalls.getRoleId(coPersonId, couId); |
| 528 | 536 |
try {
|
| 529 | 537 |
registryCalls.assignMemberRole(coPersonId, couId, role); |
| 530 |
// TODO: Antonis K. This should be uncommented to make a role DATASOURCE.OP... for every new repo |
|
| 531 |
// authoritiesUpdater.update(sendEmail(), old -> {
|
|
| 532 |
// HashSet<SimpleGrantedAuthority> authorities = new HashSet<>((Collection<? extends SimpleGrantedAuthority>) old); |
|
| 533 |
// authorities.add(new SimpleGrantedAuthority(authorizationService.member("datasource", newRoleName)));
|
|
| 534 |
// return authorities; |
|
| 535 |
// }); |
|
| 538 |
|
|
| 539 |
// Add role to current user authorities |
|
| 540 |
authoritiesUpdater.addRole(aaiUserRoleService.convertRepoIdToAuthority(repository.getId())); |
|
| 536 | 541 |
} catch (Exception e) {
|
| 537 | 542 |
LOGGER.debug("Exception on assign role to user during add repository", e);
|
| 538 | 543 |
throw e; |
Also available in: Unified diff
1. update user authorities when adding/removing repositories
2. fixed some authorization expressions
3. refactoring