Revision 61372
Added by Konstantinos Spyrou almost 3 years ago
modules/uoa-repository-manager-service/branches/aai_roles_new/src/main/java/eu/dnetlib/repo/manager/service/RepositoryService.java | ||
---|---|---|
16 | 16 |
|
17 | 17 |
Country[] getCountries() ; |
18 | 18 |
|
19 |
List<Repository> getRepositories(List<String> ids) throws JSONException; |
|
20 |
|
|
21 |
List<Repository> getRepositories(List<String> ids, int page, int size) throws JSONException; |
|
22 |
|
|
23 |
List<RepositorySnippet> getRepositoriesSnippets(List<String> ids) throws Exception; |
|
24 |
|
|
25 |
List<RepositorySnippet> getRepositoriesSnippets(List<String> ids, int page, int size) throws Exception; |
|
26 |
|
|
19 | 27 |
List<RepositorySnippet> getRepositoriesByCountry(String country, String mode, Boolean managed) throws JSONException, IOException; |
20 | 28 |
|
29 |
List<Repository> getRepositoriesOfUser(String page, String size) throws JSONException, IOException; |
|
30 |
|
|
21 | 31 |
List<Repository> getRepositoriesOfUser(String userEmail, |
22 | 32 |
String page, |
23 | 33 |
String size) throws JSONException, IOException; |
24 | 34 |
|
25 |
List<RepositorySnippet> getRepositoriesSnippetOfUser(String userEmail, String page, String size) throws IOException, JSONException;
|
|
35 |
List<RepositorySnippet> getRepositoriesSnippetOfUser(String page, String size) throws Exception;
|
|
26 | 36 |
|
37 |
List<RepositorySnippet> getRepositoriesSnippetOfUser(String userEmail, String page, String size) throws Exception; |
|
38 |
|
|
27 | 39 |
RepositorySnippet getRepositorySnippetById(String id) throws JSONException, ResourceNotFoundException; |
28 | 40 |
Repository getRepositoryById(String id) throws JSONException, ResourceNotFoundException; |
29 | 41 |
|
modules/uoa-repository-manager-service/branches/aai_roles_new/src/main/java/eu/dnetlib/repo/manager/service/RepositoryServiceImpl.java | ||
---|---|---|
13 | 13 |
import eu.dnetlib.repo.manager.domain.dto.Role; |
14 | 14 |
import eu.dnetlib.repo.manager.exception.ResourceNotFoundException; |
15 | 15 |
import eu.dnetlib.repo.manager.service.aai.registry.AaiRegistryService; |
16 |
import eu.dnetlib.repo.manager.service.security.AuthoritiesUpdater; |
|
17 |
import eu.dnetlib.repo.manager.service.security.AuthorizationService; |
|
16 | 18 |
import eu.dnetlib.repo.manager.service.security.RoleMappingService; |
17 |
import eu.dnetlib.repo.manager.service.security.AuthoritiesUpdater; |
|
18 | 19 |
import eu.dnetlib.repo.manager.utils.Converter; |
19 | 20 |
import gr.uoa.di.driver.enabling.vocabulary.VocabularyLoader; |
20 | 21 |
import org.apache.commons.codec.digest.DigestUtils; |
... | ... | |
50 | 51 |
|
51 | 52 |
private static final Logger LOGGER = Logger.getLogger(RepositoryServiceImpl.class); |
52 | 53 |
|
54 |
private final AuthorizationService authorizationService; |
|
53 | 55 |
private final RoleMappingService roleMappingService; |
54 | 56 |
private final AaiRegistryService registryCalls; |
55 | 57 |
private final AuthoritiesUpdater authoritiesUpdater; |
... | ... | |
84 | 86 |
private HttpHeaders httpHeaders; |
85 | 87 |
|
86 | 88 |
@Autowired |
87 |
public RepositoryServiceImpl(RoleMappingService roleMappingService, |
|
89 |
public RepositoryServiceImpl(AuthorizationService authorizationService, |
|
90 |
RoleMappingService roleMappingService, |
|
88 | 91 |
AaiRegistryService registryCalls, |
89 | 92 |
AuthoritiesUpdater authoritiesUpdater, |
90 | 93 |
VocabularyLoader vocabularyLoader, |
... | ... | |
92 | 95 |
@Lazy EmailUtils emailUtils, |
93 | 96 |
@Lazy ValidatorService validatorService, |
94 | 97 |
@Lazy PiWikService piWikService) { |
98 |
this.authorizationService = authorizationService; |
|
95 | 99 |
this.roleMappingService = roleMappingService; |
96 | 100 |
this.registryCalls = registryCalls; |
97 | 101 |
this.authoritiesUpdater = authoritiesUpdater; |
... | ... | |
102 | 106 |
this.restTemplate = restTemplate; |
103 | 107 |
} |
104 | 108 |
|
105 |
private String sendEmail() {
|
|
109 |
private String getAuthenticatedUserEmail() {
|
|
106 | 110 |
OIDCAuthenticationToken authenticationToken = (OIDCAuthenticationToken) SecurityContextHolder.getContext().getAuthentication(); |
107 | 111 |
return authenticationToken.getUserInfo().getEmail(); |
108 | 112 |
} |
... | ... | |
153 | 157 |
.build().encode(); |
154 | 158 |
return restTemplate.getForObject(uriComponents.toUri(), Country[].class); |
155 | 159 |
} |
160 |
|
|
161 |
// FIXME: with the new roles of the users the "requestFilter.setRegisteredby(userEmail)" can no longer be used |
|
162 |
// and the "requestFilter.setId(repoId)" should return only one result at a time, thus, |
|
163 |
// another way for paging must be implemented. |
|
164 |
@Override |
|
165 |
public List<Repository> getRepositories(List<String> ids) throws JSONException { |
|
166 |
return getRepositories(ids, 0, 10); |
|
167 |
} |
|
156 | 168 |
|
169 |
// FIXME: with the new roles of the users the "requestFilter.setRegisteredby(userEmail)" can no longer be used |
|
170 |
// and the "requestFilter.setId(repoId)" should return only one result at a time, thus, |
|
171 |
// another way for paging must be implemented. |
|
172 |
@Override |
|
173 |
public List<Repository> getRepositories(List<String> ids, int page, int size) throws JSONException { |
|
174 |
List<Repository> repos = new ArrayList<>(); |
|
175 |
LOGGER.debug("Retreiving repositories with ids : " + String.join(", ", ids)); |
|
176 |
UriComponents uriComponents = searchDatasource(Integer.toString(Math.abs(page)), Integer.toString(Math.abs(size))); |
|
177 |
RequestFilter requestFilter = new RequestFilter(); |
|
157 | 178 |
|
179 |
try { |
|
180 |
for (String repoId : ids) { |
|
181 |
requestFilter.setId(repoId); |
|
182 |
String rs = restTemplate.postForObject(uriComponents.toUri(), requestFilter, String.class); |
|
183 |
|
|
184 |
repos.addAll(Converter.jsonToRepositoryList(new JSONObject(rs))); |
|
185 |
} |
|
186 |
} catch (JSONException e) { |
|
187 |
LOGGER.debug("Exception on getRepositoriesOfUser", e); |
|
188 |
emailUtils.reportException(e); |
|
189 |
throw e; |
|
190 |
} |
|
191 |
|
|
192 |
for (Repository r : repos) |
|
193 |
r.setPiwikInfo(piWikService.getPiwikSiteForRepo(r.getId())); |
|
194 |
return repos; |
|
195 |
} |
|
196 |
|
|
197 |
// FIXME: with the new roles of the users the "requestFilter.setRegisteredby(userEmail)" can no longer be used |
|
198 |
// and the "requestFilter.setId(repoId)" should return only one result at a time, thus, |
|
199 |
// another way for paging must be implemented. |
|
158 | 200 |
@Override |
201 |
public List<RepositorySnippet> getRepositoriesSnippets(List<String> ids) throws Exception { |
|
202 |
return getRepositoriesSnippets(ids, 0, 10); |
|
203 |
} |
|
204 |
|
|
205 |
// FIXME: with the new roles of the users the "requestFilter.setRegisteredby(userEmail)" can no longer be used |
|
206 |
// and the "requestFilter.setId(repoId)" should return only one result at a time, thus, |
|
207 |
// another way for paging must be implemented. |
|
208 |
@Override |
|
209 |
public List<RepositorySnippet> getRepositoriesSnippets(List<String> ids, int page, int size) throws Exception { |
|
210 |
List<RepositorySnippet> resultSet = new ArrayList<>(); |
|
211 |
ObjectMapper mapper = new ObjectMapper(); |
|
212 |
|
|
213 |
// here page should be 0 |
|
214 |
UriComponents uriComponents = searchSnipperDatasource(Integer.toString(Math.abs(page)), Integer.toString(Math.abs(size))); |
|
215 |
RequestFilter requestFilter = new RequestFilter(); |
|
216 |
|
|
217 |
try { |
|
218 |
for (String repoId : ids) { |
|
219 |
requestFilter.setId(repoId); |
|
220 |
|
|
221 |
String rs = restTemplate.postForObject(uriComponents.toUri(), requestFilter, String.class); |
|
222 |
JSONArray jsonArray = (JSONArray) new JSONObject(rs).get("datasourceInfo"); |
|
223 |
resultSet.addAll(mapper.readValue(String.valueOf(jsonArray), |
|
224 |
mapper.getTypeFactory().constructCollectionType(List.class, RepositorySnippet.class))); |
|
225 |
} |
|
226 |
} catch (Exception e) { |
|
227 |
LOGGER.debug("Exception on getRepositoriesSnippetOfUser", e); |
|
228 |
throw e; |
|
229 |
} |
|
230 |
|
|
231 |
LOGGER.debug("resultSet:" + resultSet); |
|
232 |
resultSet.parallelStream().forEach(repositorySnippet -> { |
|
233 |
repositorySnippet.setPiwikInfo(piWikService.getPiwikSiteForRepo(repositorySnippet.getId())); |
|
234 |
}); |
|
235 |
return resultSet; |
|
236 |
} |
|
237 |
|
|
238 |
|
|
239 |
@Override |
|
159 | 240 |
public List<RepositorySnippet> getRepositoriesByCountry(String country, |
160 | 241 |
String mode, |
161 | 242 |
Boolean managed) throws JSONException, IOException { |
... | ... | |
255 | 336 |
} |
256 | 337 |
|
257 | 338 |
@Override |
258 |
public List<Repository> getRepositoriesOfUser(String userEmail, |
|
259 |
String page, |
|
260 |
String size) throws JSONException { |
|
339 |
public List<Repository> getRepositoriesOfUser(String page, String size) throws JSONException { |
|
340 |
String userEmail = ((OIDCAuthenticationToken) SecurityContextHolder.getContext().getAuthentication()).getUserInfo().getEmail(); |
|
341 |
LOGGER.debug("Retreiving repositories of authenticated user : " + userEmail); |
|
342 |
Collection<String> repoIds = roleMappingService.getRepoIdsByRoleIds(authorizationService.getUserRoles()); |
|
343 |
return getRepositories(new ArrayList<>(repoIds)); |
|
344 |
} |
|
261 | 345 |
|
262 |
LOGGER.debug("Retreiving repositories of user : " + userEmail); |
|
263 |
UriComponents uriComponents = searchDatasource(page, size); |
|
264 |
RequestFilter requestFilter = new RequestFilter(); |
|
265 |
// requestFilter.setRegisteredby(userEmail); |
|
346 |
@Override |
|
347 |
public List<Repository> getRepositoriesOfUser(String userEmail, String page, String size) throws JSONException { |
|
348 |
LOGGER.debug("Retreiving repositories of authenticated user : " + userEmail); |
|
349 |
Collection<String> repoIds = roleMappingService.getRepoIdsByRoleIds(authorizationService.getUserRoles(userEmail)); |
|
350 |
return getRepositories(new ArrayList<>(repoIds)); |
|
351 |
} |
|
266 | 352 |
|
267 |
List<String> repoIds = getRepoIdsFromUserRoles(userEmail); |
|
268 |
List<Repository> repos = new ArrayList<>(); |
|
269 |
|
|
270 |
try { |
|
271 |
for (String repoId : repoIds) { |
|
272 |
requestFilter.setId(repoId); |
|
273 |
String rs = restTemplate.postForObject(uriComponents.toUri(), requestFilter, String.class); |
|
274 |
|
|
275 |
repos.addAll(Converter.jsonToRepositoryList(new JSONObject(rs))); |
|
276 |
} |
|
277 |
} catch (Exception e) { |
|
278 |
LOGGER.debug("Exception on getRepositoriesOfUser", e); |
|
279 |
emailUtils.reportException(e); |
|
280 |
throw e; |
|
281 |
} |
|
282 |
|
|
283 |
for (Repository r : repos) |
|
284 |
r.setPiwikInfo(piWikService.getPiwikSiteForRepo(r.getId())); |
|
285 |
return repos; |
|
353 |
@Override |
|
354 |
public List<RepositorySnippet> getRepositoriesSnippetOfUser(String page, String size) throws Exception { |
|
355 |
Collection<String> repoIds = roleMappingService.getRepoIdsByRoleIds(authorizationService.getUserRoles()); |
|
356 |
return getRepositoriesSnippets(new ArrayList<>(repoIds)); |
|
286 | 357 |
} |
287 | 358 |
|
288 | 359 |
@Override |
289 |
public List<RepositorySnippet> getRepositoriesSnippetOfUser(String userEmail, String page, String size) throws IOException, JSONException { |
|
290 |
|
|
291 |
// TODO: Step 3 - For each repo from the previous step call findByRepositoryId piwik_site to get the full info of repo |
|
292 |
List<String> repoIds = getRepoIdsFromUserRoles(userEmail); |
|
293 |
|
|
294 |
List<RepositorySnippet> resultSet = new ArrayList<>(); |
|
295 |
ObjectMapper mapper = new ObjectMapper(); |
|
296 |
|
|
297 |
// here page should be 0 |
|
298 |
UriComponents uriComponents = searchSnipperDatasource(page, size); |
|
299 |
RequestFilter requestFilter = new RequestFilter(); |
|
300 |
|
|
301 |
try { |
|
302 |
for (String repoId : repoIds) { |
|
303 |
requestFilter.setId(repoId); |
|
304 |
|
|
305 |
String rs = restTemplate.postForObject(uriComponents.toUri(), requestFilter, String.class); |
|
306 |
JSONArray jsonArray = (JSONArray) new JSONObject(rs).get("datasourceInfo"); |
|
307 |
resultSet.addAll(mapper.readValue(String.valueOf(jsonArray), |
|
308 |
mapper.getTypeFactory().constructCollectionType(List.class, RepositorySnippet.class))); |
|
309 |
} |
|
310 |
} catch (Exception e) { |
|
311 |
LOGGER.debug("Exception on getRepositoriesSnippetOfUser", e); |
|
312 |
throw e; |
|
313 |
} |
|
314 |
|
|
315 |
LOGGER.debug("resultSet:" + resultSet); |
|
316 |
resultSet.parallelStream().forEach(repositorySnippet -> { |
|
317 |
repositorySnippet.setPiwikInfo(piWikService.getPiwikSiteForRepo(repositorySnippet.getId())); |
|
318 |
}); |
|
319 |
return resultSet; |
|
360 |
public List<RepositorySnippet> getRepositoriesSnippetOfUser(String userEmail, String page, String size) throws Exception { |
|
361 |
Collection<String> repoIds = roleMappingService.getRepoIdsByRoleIds(authorizationService.getUserRoles(userEmail)); |
|
362 |
return getRepositoriesSnippets(new ArrayList<>(repoIds)); |
|
320 | 363 |
} |
321 | 364 |
|
322 | 365 |
@Override |
modules/uoa-repository-manager-service/branches/aai_roles_new/src/main/java/eu/dnetlib/repo/manager/service/BrokerServiceImpl.java | ||
---|---|---|
92 | 92 |
// if (Boolean.parseBoolean(includeByOthers)) { |
93 | 93 |
// ret.setDatasourcesOfOthers(getDatasourcesOfUserType(getRepositoriesOfUser(user))); |
94 | 94 |
// } |
95 |
} catch (BrokerException | IOException e) {
|
|
95 |
} catch (Exception e) { |
|
96 | 96 |
LOGGER.debug("Exception on getDatasourcesOfUser" , e); |
97 | 97 |
emailUtils.reportException(e); |
98 | 98 |
} |
modules/uoa-repository-manager-service/branches/aai_roles_new/src/main/java/eu/dnetlib/repo/manager/service/security/AuthorizationService.java | ||
---|---|---|
3 | 3 |
import eu.dnetlib.repo.manager.domain.dto.User; |
4 | 4 |
import eu.dnetlib.repo.manager.exception.ResourceNotFoundException; |
5 | 5 |
|
6 |
import java.util.Collection; |
|
6 | 7 |
import java.util.List; |
7 | 8 |
|
8 | 9 |
public interface AuthorizationService { |
... | ... | |
48 | 49 |
* @throws ResourceNotFoundException |
49 | 50 |
*/ |
50 | 51 |
boolean removeAdmin(String id, String email) throws ResourceNotFoundException; |
52 |
|
|
53 |
|
|
54 |
Collection<String> getUserRoles(); |
|
55 |
|
|
56 |
|
|
57 |
Collection<String> getUserRoles(String email); |
|
58 |
|
|
51 | 59 |
} |
modules/uoa-repository-manager-service/branches/aai_roles_new/src/main/java/eu/dnetlib/repo/manager/service/security/AuthorizationServiceImpl.java | ||
---|---|---|
5 | 5 |
import eu.dnetlib.repo.manager.domain.dto.User; |
6 | 6 |
import eu.dnetlib.repo.manager.exception.ResourceNotFoundException; |
7 | 7 |
import eu.dnetlib.repo.manager.service.aai.registry.AaiRegistryService; |
8 |
import org.mitre.openid.connect.model.OIDCAuthenticationToken; |
|
9 |
import org.mitre.openid.connect.model.UserInfo; |
|
8 | 10 |
import org.springframework.beans.factory.annotation.Autowired; |
9 | 11 |
import org.springframework.security.core.context.SecurityContextHolder; |
10 | 12 |
import org.springframework.stereotype.Service; |
11 | 13 |
|
12 | 14 |
import java.util.ArrayList; |
15 |
import java.util.Collection; |
|
13 | 16 |
import java.util.List; |
14 | 17 |
|
15 | 18 |
@Service("authorizationService") |
... | ... | |
117 | 120 |
} |
118 | 121 |
} |
119 | 122 |
|
123 |
@Override |
|
124 |
public Collection<String> getUserRoles() { |
|
125 |
List<String> roles; |
|
126 |
JsonArray entitlements; |
|
127 |
UserInfo userInfo = ((OIDCAuthenticationToken) SecurityContextHolder.getContext().getAuthentication()).getUserInfo(); |
|
128 |
if (userInfo.getSource().getAsJsonArray("edu_person_entitlements") != null) { |
|
129 |
entitlements = userInfo.getSource().getAsJsonArray("edu_person_entitlements"); |
|
130 |
} else if (userInfo.getSource().getAsJsonArray("eduperson_entitlement") != null) { |
|
131 |
entitlements = userInfo.getSource().getAsJsonArray("eduperson_entitlement"); |
|
132 |
} else { |
|
133 |
entitlements = new JsonArray(); |
|
134 |
} |
|
135 |
roles = AuthoritiesMapper.entitlementRoles(entitlements); |
|
136 |
return roles; |
|
137 |
} |
|
138 |
|
|
139 |
@Override |
|
140 |
public Collection<String> getUserRoles(String email) { |
|
141 |
int coPersonId = aaiRegistryService.getCoPersonIdByEmail(email); |
|
142 |
List<Integer> list = new ArrayList<>(); |
|
143 |
for (JsonElement element : aaiRegistryService.getRolesWithStatus(coPersonId, AaiRegistryService.RoleStatus.ACTIVE)) { |
|
144 |
list.add(element.getAsJsonObject().get("CouId").getAsInt()); |
|
145 |
} |
|
146 |
return aaiRegistryService.getCouNames(list).values(); |
|
147 |
} |
|
148 |
|
|
120 | 149 |
} |
modules/uoa-repository-manager-service/branches/aai_roles_new/src/main/java/eu/dnetlib/repo/manager/service/security/AaiRoleMappingService.java | ||
---|---|---|
7 | 7 |
import org.springframework.stereotype.Service; |
8 | 8 |
|
9 | 9 |
import java.net.URLEncoder; |
10 |
import java.util.Collection; |
|
11 |
import java.util.stream.Collectors; |
|
10 | 12 |
|
11 | 13 |
@Service("roleMappingService") |
12 | 14 |
public class AaiRoleMappingService implements RoleMappingService { |
... | ... | |
35 | 37 |
} |
36 | 38 |
|
37 | 39 |
@Override |
40 |
public Collection<String> getRepoIdsByRoleIds(Collection<String> roleIds) { |
|
41 |
return roleIds |
|
42 |
.stream() |
|
43 |
.map(this::getRepoIdByRoleId) |
|
44 |
.collect(Collectors.toList()); |
|
45 |
} |
|
46 |
|
|
47 |
@Override |
|
38 | 48 |
public String getRoleIdByRepoId(String repoId) { |
39 | 49 |
String roleId = ""; |
40 | 50 |
String prefix = production ? null : "beta." + "datasource"; |
... | ... | |
48 | 58 |
} |
49 | 59 |
|
50 | 60 |
@Override |
61 |
public Collection<String> getRoleIdsByRepoIds(Collection<String> repoIds) { |
|
62 |
return repoIds |
|
63 |
.stream() |
|
64 |
.map(this::getRoleIdByRepoId) |
|
65 |
.collect(Collectors.toList()); |
|
66 |
} |
|
67 |
|
|
68 |
@Override |
|
51 | 69 |
public String convertAuthorityIdToRepoId(String authorityId) { |
52 | 70 |
String repo = ""; |
53 | 71 |
if (authorityId != null) { |
modules/uoa-repository-manager-service/branches/aai_roles_new/src/main/java/eu/dnetlib/repo/manager/service/security/RoleMappingService.java | ||
---|---|---|
3 | 3 |
import org.springframework.security.core.GrantedAuthority; |
4 | 4 |
import org.springframework.security.core.authority.SimpleGrantedAuthority; |
5 | 5 |
|
6 |
import java.util.Collection; |
|
7 |
|
|
6 | 8 |
public interface RoleMappingService { |
7 | 9 |
|
8 | 10 |
/** |
... | ... | |
19 | 21 |
String getRepoIdByRoleId(String roleId); |
20 | 22 |
|
21 | 23 |
/** |
24 |
* |
|
25 |
* @param roleIds Collection of roles |
|
26 |
* @return Converts {@param roleIds} to a repo Ids. |
|
27 |
*/ |
|
28 |
Collection<String> getRepoIdsByRoleIds(Collection<String> roleIds); |
|
29 |
|
|
30 |
/** |
|
22 | 31 |
* @param repoId Repository Id |
23 | 32 |
* @return Converts {@param repoId} to a role Id. |
24 | 33 |
*/ |
25 | 34 |
String getRoleIdByRepoId(String repoId); |
26 | 35 |
|
27 | 36 |
/** |
37 |
* @param repoIds Collection of Repository Ids |
|
38 |
* @return Converts {@param repoIds} to role Ids. |
|
39 |
*/ |
|
40 |
Collection<String> getRoleIdsByRepoIds(Collection<String> repoIds); |
|
41 |
|
|
42 |
/** |
|
28 | 43 |
* @param authorityId Authority Id |
29 | 44 |
* @return Converts {@param authorityId} to repo Id. |
30 | 45 |
*/ |
modules/uoa-repository-manager-service/branches/aai_roles_new/src/main/java/eu/dnetlib/repo/manager/controllers/RepositoryController.java | ||
---|---|---|
66 | 66 |
@PreAuthorize("hasAuthority('REGISTERED_USER')") |
67 | 67 |
public List<RepositorySnippet> getRepositoriesSnippetOfUser( |
68 | 68 |
@PathVariable("page") String page, |
69 |
@PathVariable("size") String size) throws JSONException, IOException {
|
|
70 |
return repositoryService.getRepositoriesSnippetOfUser(((OIDCAuthenticationToken) SecurityContextHolder.getContext().getAuthentication()).getUserInfo().getEmail(), page, size);
|
|
69 |
@PathVariable("size") String size) throws Exception { |
|
70 |
return repositoryService.getRepositoriesSnippetOfUser(page, size); |
|
71 | 71 |
} |
72 | 72 |
|
73 | 73 |
@RequestMapping(value = "/user/repositories/{page}/{size}", method = RequestMethod.GET, |
... | ... | |
77 | 77 |
public List<Repository> getRepositoriesOfUser( |
78 | 78 |
@PathVariable("page") String page, |
79 | 79 |
@PathVariable("size") String size) throws JSONException, IOException { |
80 |
return repositoryService.getRepositoriesOfUser(((OIDCAuthenticationToken) SecurityContextHolder.getContext().getAuthentication()).getUserInfo().getEmail(), page, size);
|
|
80 |
return repositoryService.getRepositoriesOfUser(page, size); |
|
81 | 81 |
} |
82 | 82 |
|
83 | 83 |
@RequestMapping(value = "/searchRegisteredRepositories/{page}/{size}", method = RequestMethod.GET, |
modules/uoa-repository-manager-service/branches/aai_roles_new/src/main/java/eu/dnetlib/repo/manager/controllers/UserRoleController.java | ||
---|---|---|
1 | 1 |
package eu.dnetlib.repo.manager.controllers; |
2 | 2 |
|
3 |
import com.google.gson.JsonArray; |
|
4 |
import com.google.gson.JsonElement; |
|
5 | 3 |
import eu.dnetlib.repo.manager.domain.dto.Role; |
6 | 4 |
import eu.dnetlib.repo.manager.service.aai.registry.AaiRegistryService; |
5 |
import eu.dnetlib.repo.manager.service.security.AuthoritiesUpdater; |
|
6 |
import eu.dnetlib.repo.manager.service.security.AuthorizationService; |
|
7 | 7 |
import eu.dnetlib.repo.manager.service.security.RoleMappingService; |
8 |
import eu.dnetlib.repo.manager.service.security.AuthoritiesMapper; |
|
9 |
import eu.dnetlib.repo.manager.service.security.AuthoritiesUpdater; |
|
10 | 8 |
import eu.dnetlib.repo.manager.utils.JsonUtils; |
11 | 9 |
import io.swagger.annotations.Api; |
12 | 10 |
import io.swagger.annotations.ApiOperation; |
13 |
import org.mitre.openid.connect.model.OIDCAuthenticationToken; |
|
14 |
import org.mitre.openid.connect.model.UserInfo; |
|
15 | 11 |
import org.springframework.beans.factory.annotation.Autowired; |
16 | 12 |
import org.springframework.http.HttpStatus; |
17 | 13 |
import org.springframework.http.ResponseEntity; |
18 | 14 |
import org.springframework.security.access.prepost.PreAuthorize; |
19 |
import org.springframework.security.core.context.SecurityContextHolder; |
|
20 | 15 |
import org.springframework.web.bind.annotation.*; |
21 | 16 |
|
22 | 17 |
import javax.ws.rs.core.MediaType; |
23 | 18 |
import javax.ws.rs.core.Response; |
24 |
import java.util.ArrayList; |
|
25 | 19 |
import java.util.Collection; |
26 |
import java.util.List; |
|
27 | 20 |
|
28 | 21 |
@RestController |
29 | 22 |
@RequestMapping(value = "/role-management") |
... | ... | |
33 | 26 |
private final AaiRegistryService aaiRegistryService; |
34 | 27 |
private final AuthoritiesUpdater authoritiesUpdater; |
35 | 28 |
private final RoleMappingService roleMappingService; |
29 |
private final AuthorizationService authorizationService; |
|
36 | 30 |
|
37 | 31 |
@Autowired |
38 | 32 |
UserRoleController(AaiRegistryService aaiRegistryService, |
39 | 33 |
AuthoritiesUpdater authoritiesUpdater, |
40 |
RoleMappingService roleMappingService) { |
|
34 |
RoleMappingService roleMappingService, |
|
35 |
AuthorizationService authorizationService) { |
|
41 | 36 |
this.aaiRegistryService = aaiRegistryService; |
42 | 37 |
this.authoritiesUpdater = authoritiesUpdater; |
43 | 38 |
this.roleMappingService = roleMappingService; |
39 |
this.authorizationService = authorizationService; |
|
44 | 40 |
} |
45 | 41 |
|
46 | 42 |
/** |
... | ... | |
101 | 97 |
@RequestMapping(method = RequestMethod.GET, path = "/users/{email}/roles") |
102 | 98 |
@PreAuthorize("hasAnyAuthority('SUPER_ADMINISTRATOR', 'CONTENT_PROVIDER_DASHBOARD_ADMINISTRATOR') or hasAuthority('REGISTERED_USER') and authentication.userInfo.email==#email") |
103 | 99 |
public ResponseEntity<Collection<String>> getRolesByEmail(@PathVariable("email") String email) { |
104 |
int coPersonId = aaiRegistryService.getCoPersonIdByEmail(email); |
|
105 |
List<Integer> list = new ArrayList<>(); |
|
106 |
for (JsonElement element : aaiRegistryService.getRolesWithStatus(coPersonId, AaiRegistryService.RoleStatus.ACTIVE)) { |
|
107 |
list.add(element.getAsJsonObject().get("CouId").getAsInt()); |
|
108 |
} |
|
109 |
return ResponseEntity.ok(aaiRegistryService.getCouNames(list).values()); |
|
100 |
return ResponseEntity.ok(authorizationService.getUserRoles(email)); |
|
110 | 101 |
} |
111 | 102 |
|
112 | 103 |
|
113 | 104 |
@RequestMapping(method = RequestMethod.GET, path = "/user/roles/my") |
114 | 105 |
@PreAuthorize("hasAuthority('REGISTERED_USER')") |
115 | 106 |
public ResponseEntity<Collection<String>> getRoleNames() { |
116 |
List<String> roles; |
|
117 |
JsonArray entitlements = null; |
|
118 |
UserInfo userInfo = ((OIDCAuthenticationToken) SecurityContextHolder.getContext().getAuthentication()).getUserInfo(); |
|
119 |
if (userInfo.getSource().getAsJsonArray("edu_person_entitlements") != null) { |
|
120 |
entitlements = userInfo.getSource().getAsJsonArray("edu_person_entitlements"); |
|
121 |
} else if (userInfo.getSource().getAsJsonArray("eduperson_entitlement") != null) { |
|
122 |
entitlements = userInfo.getSource().getAsJsonArray("eduperson_entitlement"); |
|
123 |
} else { |
|
124 |
return ResponseEntity.ok(null); |
|
125 |
} |
|
126 |
roles = AuthoritiesMapper.entitlementRoles(entitlements); |
|
127 |
return ResponseEntity.ok(roles); |
|
107 |
return ResponseEntity.ok(authorizationService.getUserRoles()); |
|
128 | 108 |
} |
129 | 109 |
|
130 | 110 |
} |
Also available in: Unified diff
1. optimization in retrieval time of repositories/snippets of authenticated user
2. Marked with FIXME methods that need attention