Revision 61371
Added by Konstantinos Spyrou almost 3 years ago
OpenAIREAuthoritiesMapper.java | ||
---|---|---|
12 | 12 |
import org.springframework.security.core.authority.SimpleGrantedAuthority; |
13 | 13 |
import org.springframework.stereotype.Component; |
14 | 14 |
|
15 |
import java.util.ArrayList; |
|
16 |
import java.util.Collection; |
|
17 |
import java.util.List; |
|
15 |
import java.util.*; |
|
18 | 16 |
|
19 | 17 |
@ComponentScan |
20 | 18 |
@Component |
... | ... | |
28 | 26 |
@Override |
29 | 27 |
public Collection<? extends GrantedAuthority> mapAuthorities(JWT jwtToken, UserInfo userInfo) { |
30 | 28 |
JsonArray entitlements = null; |
31 |
List<GrantedAuthority> authorities = new ArrayList<>();
|
|
29 |
Set<GrantedAuthority> authorities = new HashSet<>();
|
|
32 | 30 |
if (userInfo != null && userInfo.getSource() != null) { |
33 | 31 |
if (userInfo.getSource().getAsJsonArray("edu_person_entitlements") != null) { |
34 | 32 |
entitlements = userInfo.getSource().getAsJsonArray("edu_person_entitlements"); |
35 | 33 |
} else if (userInfo.getSource().getAsJsonArray("eduperson_entitlement") != null) { |
36 | 34 |
entitlements = userInfo.getSource().getAsJsonArray("eduperson_entitlement"); |
37 |
} else { |
|
38 |
authorities.add(new SimpleGrantedAuthority("ROLE_USER")); |
|
39 |
logger.error("Could not read user 'edu_person_entitlements' && 'eduperson_entitlement'\nAdding default role 'ROLE_USER' to user: " + userInfo.toString()); |
|
40 | 35 |
} |
41 | 36 |
logger.debug("user info: " + userInfo + "\nentitlements: " + entitlements); |
42 | 37 |
|
43 |
// FIXME: delete this if statement |
|
38 |
// FIXME: delete this if statement when super administrators are set
|
|
44 | 39 |
if (userInfo.getEmail() != null && userInfo.getEmail().equals(adminEmail)) { |
45 |
authorities.add(new SimpleGrantedAuthority("ROLE_ADMIN"));
|
|
40 |
authorities.add(new SimpleGrantedAuthority("SUPER_ADMINISTRATOR"));
|
|
46 | 41 |
} |
47 | 42 |
|
48 | 43 |
authorities.addAll(AuthoritiesMapper.map(entitlements)); |
Also available in: Unified diff
1. changed user roles defined in the project to authorities given by the aai.
2. created method returning user roles with desired status (active, deleted).