Revision 61372
Added by Konstantinos Spyrou almost 3 years ago
| modules/uoa-repository-manager-service/branches/aai_roles_new/src/main/java/eu/dnetlib/repo/manager/service/RepositoryService.java | ||
|---|---|---|
| 16 | 16 |
|
| 17 | 17 |
Country[] getCountries() ; |
| 18 | 18 |
|
| 19 |
List<Repository> getRepositories(List<String> ids) throws JSONException; |
|
| 20 |
|
|
| 21 |
List<Repository> getRepositories(List<String> ids, int page, int size) throws JSONException; |
|
| 22 |
|
|
| 23 |
List<RepositorySnippet> getRepositoriesSnippets(List<String> ids) throws Exception; |
|
| 24 |
|
|
| 25 |
List<RepositorySnippet> getRepositoriesSnippets(List<String> ids, int page, int size) throws Exception; |
|
| 26 |
|
|
| 19 | 27 |
List<RepositorySnippet> getRepositoriesByCountry(String country, String mode, Boolean managed) throws JSONException, IOException; |
| 20 | 28 |
|
| 29 |
List<Repository> getRepositoriesOfUser(String page, String size) throws JSONException, IOException; |
|
| 30 |
|
|
| 21 | 31 |
List<Repository> getRepositoriesOfUser(String userEmail, |
| 22 | 32 |
String page, |
| 23 | 33 |
String size) throws JSONException, IOException; |
| 24 | 34 |
|
| 25 |
List<RepositorySnippet> getRepositoriesSnippetOfUser(String userEmail, String page, String size) throws IOException, JSONException;
|
|
| 35 |
List<RepositorySnippet> getRepositoriesSnippetOfUser(String page, String size) throws Exception;
|
|
| 26 | 36 |
|
| 37 |
List<RepositorySnippet> getRepositoriesSnippetOfUser(String userEmail, String page, String size) throws Exception; |
|
| 38 |
|
|
| 27 | 39 |
RepositorySnippet getRepositorySnippetById(String id) throws JSONException, ResourceNotFoundException; |
| 28 | 40 |
Repository getRepositoryById(String id) throws JSONException, ResourceNotFoundException; |
| 29 | 41 |
|
| modules/uoa-repository-manager-service/branches/aai_roles_new/src/main/java/eu/dnetlib/repo/manager/service/RepositoryServiceImpl.java | ||
|---|---|---|
| 13 | 13 |
import eu.dnetlib.repo.manager.domain.dto.Role; |
| 14 | 14 |
import eu.dnetlib.repo.manager.exception.ResourceNotFoundException; |
| 15 | 15 |
import eu.dnetlib.repo.manager.service.aai.registry.AaiRegistryService; |
| 16 |
import eu.dnetlib.repo.manager.service.security.AuthoritiesUpdater; |
|
| 17 |
import eu.dnetlib.repo.manager.service.security.AuthorizationService; |
|
| 16 | 18 |
import eu.dnetlib.repo.manager.service.security.RoleMappingService; |
| 17 |
import eu.dnetlib.repo.manager.service.security.AuthoritiesUpdater; |
|
| 18 | 19 |
import eu.dnetlib.repo.manager.utils.Converter; |
| 19 | 20 |
import gr.uoa.di.driver.enabling.vocabulary.VocabularyLoader; |
| 20 | 21 |
import org.apache.commons.codec.digest.DigestUtils; |
| ... | ... | |
| 50 | 51 |
|
| 51 | 52 |
private static final Logger LOGGER = Logger.getLogger(RepositoryServiceImpl.class); |
| 52 | 53 |
|
| 54 |
private final AuthorizationService authorizationService; |
|
| 53 | 55 |
private final RoleMappingService roleMappingService; |
| 54 | 56 |
private final AaiRegistryService registryCalls; |
| 55 | 57 |
private final AuthoritiesUpdater authoritiesUpdater; |
| ... | ... | |
| 84 | 86 |
private HttpHeaders httpHeaders; |
| 85 | 87 |
|
| 86 | 88 |
@Autowired |
| 87 |
public RepositoryServiceImpl(RoleMappingService roleMappingService, |
|
| 89 |
public RepositoryServiceImpl(AuthorizationService authorizationService, |
|
| 90 |
RoleMappingService roleMappingService, |
|
| 88 | 91 |
AaiRegistryService registryCalls, |
| 89 | 92 |
AuthoritiesUpdater authoritiesUpdater, |
| 90 | 93 |
VocabularyLoader vocabularyLoader, |
| ... | ... | |
| 92 | 95 |
@Lazy EmailUtils emailUtils, |
| 93 | 96 |
@Lazy ValidatorService validatorService, |
| 94 | 97 |
@Lazy PiWikService piWikService) {
|
| 98 |
this.authorizationService = authorizationService; |
|
| 95 | 99 |
this.roleMappingService = roleMappingService; |
| 96 | 100 |
this.registryCalls = registryCalls; |
| 97 | 101 |
this.authoritiesUpdater = authoritiesUpdater; |
| ... | ... | |
| 102 | 106 |
this.restTemplate = restTemplate; |
| 103 | 107 |
} |
| 104 | 108 |
|
| 105 |
private String sendEmail() {
|
|
| 109 |
private String getAuthenticatedUserEmail() {
|
|
| 106 | 110 |
OIDCAuthenticationToken authenticationToken = (OIDCAuthenticationToken) SecurityContextHolder.getContext().getAuthentication(); |
| 107 | 111 |
return authenticationToken.getUserInfo().getEmail(); |
| 108 | 112 |
} |
| ... | ... | |
| 153 | 157 |
.build().encode(); |
| 154 | 158 |
return restTemplate.getForObject(uriComponents.toUri(), Country[].class); |
| 155 | 159 |
} |
| 160 |
|
|
| 161 |
// FIXME: with the new roles of the users the "requestFilter.setRegisteredby(userEmail)" can no longer be used |
|
| 162 |
// and the "requestFilter.setId(repoId)" should return only one result at a time, thus, |
|
| 163 |
// another way for paging must be implemented. |
|
| 164 |
@Override |
|
| 165 |
public List<Repository> getRepositories(List<String> ids) throws JSONException {
|
|
| 166 |
return getRepositories(ids, 0, 10); |
|
| 167 |
} |
|
| 156 | 168 |
|
| 169 |
// FIXME: with the new roles of the users the "requestFilter.setRegisteredby(userEmail)" can no longer be used |
|
| 170 |
// and the "requestFilter.setId(repoId)" should return only one result at a time, thus, |
|
| 171 |
// another way for paging must be implemented. |
|
| 172 |
@Override |
|
| 173 |
public List<Repository> getRepositories(List<String> ids, int page, int size) throws JSONException {
|
|
| 174 |
List<Repository> repos = new ArrayList<>(); |
|
| 175 |
LOGGER.debug("Retreiving repositories with ids : " + String.join(", ", ids));
|
|
| 176 |
UriComponents uriComponents = searchDatasource(Integer.toString(Math.abs(page)), Integer.toString(Math.abs(size))); |
|
| 177 |
RequestFilter requestFilter = new RequestFilter(); |
|
| 157 | 178 |
|
| 179 |
try {
|
|
| 180 |
for (String repoId : ids) {
|
|
| 181 |
requestFilter.setId(repoId); |
|
| 182 |
String rs = restTemplate.postForObject(uriComponents.toUri(), requestFilter, String.class); |
|
| 183 |
|
|
| 184 |
repos.addAll(Converter.jsonToRepositoryList(new JSONObject(rs))); |
|
| 185 |
} |
|
| 186 |
} catch (JSONException e) {
|
|
| 187 |
LOGGER.debug("Exception on getRepositoriesOfUser", e);
|
|
| 188 |
emailUtils.reportException(e); |
|
| 189 |
throw e; |
|
| 190 |
} |
|
| 191 |
|
|
| 192 |
for (Repository r : repos) |
|
| 193 |
r.setPiwikInfo(piWikService.getPiwikSiteForRepo(r.getId())); |
|
| 194 |
return repos; |
|
| 195 |
} |
|
| 196 |
|
|
| 197 |
// FIXME: with the new roles of the users the "requestFilter.setRegisteredby(userEmail)" can no longer be used |
|
| 198 |
// and the "requestFilter.setId(repoId)" should return only one result at a time, thus, |
|
| 199 |
// another way for paging must be implemented. |
|
| 158 | 200 |
@Override |
| 201 |
public List<RepositorySnippet> getRepositoriesSnippets(List<String> ids) throws Exception {
|
|
| 202 |
return getRepositoriesSnippets(ids, 0, 10); |
|
| 203 |
} |
|
| 204 |
|
|
| 205 |
// FIXME: with the new roles of the users the "requestFilter.setRegisteredby(userEmail)" can no longer be used |
|
| 206 |
// and the "requestFilter.setId(repoId)" should return only one result at a time, thus, |
|
| 207 |
// another way for paging must be implemented. |
|
| 208 |
@Override |
|
| 209 |
public List<RepositorySnippet> getRepositoriesSnippets(List<String> ids, int page, int size) throws Exception {
|
|
| 210 |
List<RepositorySnippet> resultSet = new ArrayList<>(); |
|
| 211 |
ObjectMapper mapper = new ObjectMapper(); |
|
| 212 |
|
|
| 213 |
// here page should be 0 |
|
| 214 |
UriComponents uriComponents = searchSnipperDatasource(Integer.toString(Math.abs(page)), Integer.toString(Math.abs(size))); |
|
| 215 |
RequestFilter requestFilter = new RequestFilter(); |
|
| 216 |
|
|
| 217 |
try {
|
|
| 218 |
for (String repoId : ids) {
|
|
| 219 |
requestFilter.setId(repoId); |
|
| 220 |
|
|
| 221 |
String rs = restTemplate.postForObject(uriComponents.toUri(), requestFilter, String.class); |
|
| 222 |
JSONArray jsonArray = (JSONArray) new JSONObject(rs).get("datasourceInfo");
|
|
| 223 |
resultSet.addAll(mapper.readValue(String.valueOf(jsonArray), |
|
| 224 |
mapper.getTypeFactory().constructCollectionType(List.class, RepositorySnippet.class))); |
|
| 225 |
} |
|
| 226 |
} catch (Exception e) {
|
|
| 227 |
LOGGER.debug("Exception on getRepositoriesSnippetOfUser", e);
|
|
| 228 |
throw e; |
|
| 229 |
} |
|
| 230 |
|
|
| 231 |
LOGGER.debug("resultSet:" + resultSet);
|
|
| 232 |
resultSet.parallelStream().forEach(repositorySnippet -> {
|
|
| 233 |
repositorySnippet.setPiwikInfo(piWikService.getPiwikSiteForRepo(repositorySnippet.getId())); |
|
| 234 |
}); |
|
| 235 |
return resultSet; |
|
| 236 |
} |
|
| 237 |
|
|
| 238 |
|
|
| 239 |
@Override |
|
| 159 | 240 |
public List<RepositorySnippet> getRepositoriesByCountry(String country, |
| 160 | 241 |
String mode, |
| 161 | 242 |
Boolean managed) throws JSONException, IOException {
|
| ... | ... | |
| 255 | 336 |
} |
| 256 | 337 |
|
| 257 | 338 |
@Override |
| 258 |
public List<Repository> getRepositoriesOfUser(String userEmail, |
|
| 259 |
String page, |
|
| 260 |
String size) throws JSONException {
|
|
| 339 |
public List<Repository> getRepositoriesOfUser(String page, String size) throws JSONException {
|
|
| 340 |
String userEmail = ((OIDCAuthenticationToken) SecurityContextHolder.getContext().getAuthentication()).getUserInfo().getEmail(); |
|
| 341 |
LOGGER.debug("Retreiving repositories of authenticated user : " + userEmail);
|
|
| 342 |
Collection<String> repoIds = roleMappingService.getRepoIdsByRoleIds(authorizationService.getUserRoles()); |
|
| 343 |
return getRepositories(new ArrayList<>(repoIds)); |
|
| 344 |
} |
|
| 261 | 345 |
|
| 262 |
LOGGER.debug("Retreiving repositories of user : " + userEmail);
|
|
| 263 |
UriComponents uriComponents = searchDatasource(page, size); |
|
| 264 |
RequestFilter requestFilter = new RequestFilter(); |
|
| 265 |
// requestFilter.setRegisteredby(userEmail); |
|
| 346 |
@Override |
|
| 347 |
public List<Repository> getRepositoriesOfUser(String userEmail, String page, String size) throws JSONException {
|
|
| 348 |
LOGGER.debug("Retreiving repositories of authenticated user : " + userEmail);
|
|
| 349 |
Collection<String> repoIds = roleMappingService.getRepoIdsByRoleIds(authorizationService.getUserRoles(userEmail)); |
|
| 350 |
return getRepositories(new ArrayList<>(repoIds)); |
|
| 351 |
} |
|
| 266 | 352 |
|
| 267 |
List<String> repoIds = getRepoIdsFromUserRoles(userEmail); |
|
| 268 |
List<Repository> repos = new ArrayList<>(); |
|
| 269 |
|
|
| 270 |
try {
|
|
| 271 |
for (String repoId : repoIds) {
|
|
| 272 |
requestFilter.setId(repoId); |
|
| 273 |
String rs = restTemplate.postForObject(uriComponents.toUri(), requestFilter, String.class); |
|
| 274 |
|
|
| 275 |
repos.addAll(Converter.jsonToRepositoryList(new JSONObject(rs))); |
|
| 276 |
} |
|
| 277 |
} catch (Exception e) {
|
|
| 278 |
LOGGER.debug("Exception on getRepositoriesOfUser", e);
|
|
| 279 |
emailUtils.reportException(e); |
|
| 280 |
throw e; |
|
| 281 |
} |
|
| 282 |
|
|
| 283 |
for (Repository r : repos) |
|
| 284 |
r.setPiwikInfo(piWikService.getPiwikSiteForRepo(r.getId())); |
|
| 285 |
return repos; |
|
| 353 |
@Override |
|
| 354 |
public List<RepositorySnippet> getRepositoriesSnippetOfUser(String page, String size) throws Exception {
|
|
| 355 |
Collection<String> repoIds = roleMappingService.getRepoIdsByRoleIds(authorizationService.getUserRoles()); |
|
| 356 |
return getRepositoriesSnippets(new ArrayList<>(repoIds)); |
|
| 286 | 357 |
} |
| 287 | 358 |
|
| 288 | 359 |
@Override |
| 289 |
public List<RepositorySnippet> getRepositoriesSnippetOfUser(String userEmail, String page, String size) throws IOException, JSONException {
|
|
| 290 |
|
|
| 291 |
// TODO: Step 3 - For each repo from the previous step call findByRepositoryId piwik_site to get the full info of repo |
|
| 292 |
List<String> repoIds = getRepoIdsFromUserRoles(userEmail); |
|
| 293 |
|
|
| 294 |
List<RepositorySnippet> resultSet = new ArrayList<>(); |
|
| 295 |
ObjectMapper mapper = new ObjectMapper(); |
|
| 296 |
|
|
| 297 |
// here page should be 0 |
|
| 298 |
UriComponents uriComponents = searchSnipperDatasource(page, size); |
|
| 299 |
RequestFilter requestFilter = new RequestFilter(); |
|
| 300 |
|
|
| 301 |
try {
|
|
| 302 |
for (String repoId : repoIds) {
|
|
| 303 |
requestFilter.setId(repoId); |
|
| 304 |
|
|
| 305 |
String rs = restTemplate.postForObject(uriComponents.toUri(), requestFilter, String.class); |
|
| 306 |
JSONArray jsonArray = (JSONArray) new JSONObject(rs).get("datasourceInfo");
|
|
| 307 |
resultSet.addAll(mapper.readValue(String.valueOf(jsonArray), |
|
| 308 |
mapper.getTypeFactory().constructCollectionType(List.class, RepositorySnippet.class))); |
|
| 309 |
} |
|
| 310 |
} catch (Exception e) {
|
|
| 311 |
LOGGER.debug("Exception on getRepositoriesSnippetOfUser", e);
|
|
| 312 |
throw e; |
|
| 313 |
} |
|
| 314 |
|
|
| 315 |
LOGGER.debug("resultSet:" + resultSet);
|
|
| 316 |
resultSet.parallelStream().forEach(repositorySnippet -> {
|
|
| 317 |
repositorySnippet.setPiwikInfo(piWikService.getPiwikSiteForRepo(repositorySnippet.getId())); |
|
| 318 |
}); |
|
| 319 |
return resultSet; |
|
| 360 |
public List<RepositorySnippet> getRepositoriesSnippetOfUser(String userEmail, String page, String size) throws Exception {
|
|
| 361 |
Collection<String> repoIds = roleMappingService.getRepoIdsByRoleIds(authorizationService.getUserRoles(userEmail)); |
|
| 362 |
return getRepositoriesSnippets(new ArrayList<>(repoIds)); |
|
| 320 | 363 |
} |
| 321 | 364 |
|
| 322 | 365 |
@Override |
| modules/uoa-repository-manager-service/branches/aai_roles_new/src/main/java/eu/dnetlib/repo/manager/service/BrokerServiceImpl.java | ||
|---|---|---|
| 92 | 92 |
// if (Boolean.parseBoolean(includeByOthers)) {
|
| 93 | 93 |
// ret.setDatasourcesOfOthers(getDatasourcesOfUserType(getRepositoriesOfUser(user))); |
| 94 | 94 |
// } |
| 95 |
} catch (BrokerException | IOException e) {
|
|
| 95 |
} catch (Exception e) {
|
|
| 96 | 96 |
LOGGER.debug("Exception on getDatasourcesOfUser" , e);
|
| 97 | 97 |
emailUtils.reportException(e); |
| 98 | 98 |
} |
| modules/uoa-repository-manager-service/branches/aai_roles_new/src/main/java/eu/dnetlib/repo/manager/service/security/AuthorizationService.java | ||
|---|---|---|
| 3 | 3 |
import eu.dnetlib.repo.manager.domain.dto.User; |
| 4 | 4 |
import eu.dnetlib.repo.manager.exception.ResourceNotFoundException; |
| 5 | 5 |
|
| 6 |
import java.util.Collection; |
|
| 6 | 7 |
import java.util.List; |
| 7 | 8 |
|
| 8 | 9 |
public interface AuthorizationService {
|
| ... | ... | |
| 48 | 49 |
* @throws ResourceNotFoundException |
| 49 | 50 |
*/ |
| 50 | 51 |
boolean removeAdmin(String id, String email) throws ResourceNotFoundException; |
| 52 |
|
|
| 53 |
|
|
| 54 |
Collection<String> getUserRoles(); |
|
| 55 |
|
|
| 56 |
|
|
| 57 |
Collection<String> getUserRoles(String email); |
|
| 58 |
|
|
| 51 | 59 |
} |
| modules/uoa-repository-manager-service/branches/aai_roles_new/src/main/java/eu/dnetlib/repo/manager/service/security/AuthorizationServiceImpl.java | ||
|---|---|---|
| 5 | 5 |
import eu.dnetlib.repo.manager.domain.dto.User; |
| 6 | 6 |
import eu.dnetlib.repo.manager.exception.ResourceNotFoundException; |
| 7 | 7 |
import eu.dnetlib.repo.manager.service.aai.registry.AaiRegistryService; |
| 8 |
import org.mitre.openid.connect.model.OIDCAuthenticationToken; |
|
| 9 |
import org.mitre.openid.connect.model.UserInfo; |
|
| 8 | 10 |
import org.springframework.beans.factory.annotation.Autowired; |
| 9 | 11 |
import org.springframework.security.core.context.SecurityContextHolder; |
| 10 | 12 |
import org.springframework.stereotype.Service; |
| 11 | 13 |
|
| 12 | 14 |
import java.util.ArrayList; |
| 15 |
import java.util.Collection; |
|
| 13 | 16 |
import java.util.List; |
| 14 | 17 |
|
| 15 | 18 |
@Service("authorizationService")
|
| ... | ... | |
| 117 | 120 |
} |
| 118 | 121 |
} |
| 119 | 122 |
|
| 123 |
@Override |
|
| 124 |
public Collection<String> getUserRoles() {
|
|
| 125 |
List<String> roles; |
|
| 126 |
JsonArray entitlements; |
|
| 127 |
UserInfo userInfo = ((OIDCAuthenticationToken) SecurityContextHolder.getContext().getAuthentication()).getUserInfo(); |
|
| 128 |
if (userInfo.getSource().getAsJsonArray("edu_person_entitlements") != null) {
|
|
| 129 |
entitlements = userInfo.getSource().getAsJsonArray("edu_person_entitlements");
|
|
| 130 |
} else if (userInfo.getSource().getAsJsonArray("eduperson_entitlement") != null) {
|
|
| 131 |
entitlements = userInfo.getSource().getAsJsonArray("eduperson_entitlement");
|
|
| 132 |
} else {
|
|
| 133 |
entitlements = new JsonArray(); |
|
| 134 |
} |
|
| 135 |
roles = AuthoritiesMapper.entitlementRoles(entitlements); |
|
| 136 |
return roles; |
|
| 137 |
} |
|
| 138 |
|
|
| 139 |
@Override |
|
| 140 |
public Collection<String> getUserRoles(String email) {
|
|
| 141 |
int coPersonId = aaiRegistryService.getCoPersonIdByEmail(email); |
|
| 142 |
List<Integer> list = new ArrayList<>(); |
|
| 143 |
for (JsonElement element : aaiRegistryService.getRolesWithStatus(coPersonId, AaiRegistryService.RoleStatus.ACTIVE)) {
|
|
| 144 |
list.add(element.getAsJsonObject().get("CouId").getAsInt());
|
|
| 145 |
} |
|
| 146 |
return aaiRegistryService.getCouNames(list).values(); |
|
| 147 |
} |
|
| 148 |
|
|
| 120 | 149 |
} |
| modules/uoa-repository-manager-service/branches/aai_roles_new/src/main/java/eu/dnetlib/repo/manager/service/security/AaiRoleMappingService.java | ||
|---|---|---|
| 7 | 7 |
import org.springframework.stereotype.Service; |
| 8 | 8 |
|
| 9 | 9 |
import java.net.URLEncoder; |
| 10 |
import java.util.Collection; |
|
| 11 |
import java.util.stream.Collectors; |
|
| 10 | 12 |
|
| 11 | 13 |
@Service("roleMappingService")
|
| 12 | 14 |
public class AaiRoleMappingService implements RoleMappingService {
|
| ... | ... | |
| 35 | 37 |
} |
| 36 | 38 |
|
| 37 | 39 |
@Override |
| 40 |
public Collection<String> getRepoIdsByRoleIds(Collection<String> roleIds) {
|
|
| 41 |
return roleIds |
|
| 42 |
.stream() |
|
| 43 |
.map(this::getRepoIdByRoleId) |
|
| 44 |
.collect(Collectors.toList()); |
|
| 45 |
} |
|
| 46 |
|
|
| 47 |
@Override |
|
| 38 | 48 |
public String getRoleIdByRepoId(String repoId) {
|
| 39 | 49 |
String roleId = ""; |
| 40 | 50 |
String prefix = production ? null : "beta." + "datasource"; |
| ... | ... | |
| 48 | 58 |
} |
| 49 | 59 |
|
| 50 | 60 |
@Override |
| 61 |
public Collection<String> getRoleIdsByRepoIds(Collection<String> repoIds) {
|
|
| 62 |
return repoIds |
|
| 63 |
.stream() |
|
| 64 |
.map(this::getRoleIdByRepoId) |
|
| 65 |
.collect(Collectors.toList()); |
|
| 66 |
} |
|
| 67 |
|
|
| 68 |
@Override |
|
| 51 | 69 |
public String convertAuthorityIdToRepoId(String authorityId) {
|
| 52 | 70 |
String repo = ""; |
| 53 | 71 |
if (authorityId != null) {
|
| modules/uoa-repository-manager-service/branches/aai_roles_new/src/main/java/eu/dnetlib/repo/manager/service/security/RoleMappingService.java | ||
|---|---|---|
| 3 | 3 |
import org.springframework.security.core.GrantedAuthority; |
| 4 | 4 |
import org.springframework.security.core.authority.SimpleGrantedAuthority; |
| 5 | 5 |
|
| 6 |
import java.util.Collection; |
|
| 7 |
|
|
| 6 | 8 |
public interface RoleMappingService {
|
| 7 | 9 |
|
| 8 | 10 |
/** |
| ... | ... | |
| 19 | 21 |
String getRepoIdByRoleId(String roleId); |
| 20 | 22 |
|
| 21 | 23 |
/** |
| 24 |
* |
|
| 25 |
* @param roleIds Collection of roles |
|
| 26 |
* @return Converts {@param roleIds} to a repo Ids.
|
|
| 27 |
*/ |
|
| 28 |
Collection<String> getRepoIdsByRoleIds(Collection<String> roleIds); |
|
| 29 |
|
|
| 30 |
/** |
|
| 22 | 31 |
* @param repoId Repository Id |
| 23 | 32 |
* @return Converts {@param repoId} to a role Id.
|
| 24 | 33 |
*/ |
| 25 | 34 |
String getRoleIdByRepoId(String repoId); |
| 26 | 35 |
|
| 27 | 36 |
/** |
| 37 |
* @param repoIds Collection of Repository Ids |
|
| 38 |
* @return Converts {@param repoIds} to role Ids.
|
|
| 39 |
*/ |
|
| 40 |
Collection<String> getRoleIdsByRepoIds(Collection<String> repoIds); |
|
| 41 |
|
|
| 42 |
/** |
|
| 28 | 43 |
* @param authorityId Authority Id |
| 29 | 44 |
* @return Converts {@param authorityId} to repo Id.
|
| 30 | 45 |
*/ |
| modules/uoa-repository-manager-service/branches/aai_roles_new/src/main/java/eu/dnetlib/repo/manager/controllers/RepositoryController.java | ||
|---|---|---|
| 66 | 66 |
@PreAuthorize("hasAuthority('REGISTERED_USER')")
|
| 67 | 67 |
public List<RepositorySnippet> getRepositoriesSnippetOfUser( |
| 68 | 68 |
@PathVariable("page") String page,
|
| 69 |
@PathVariable("size") String size) throws JSONException, IOException {
|
|
| 70 |
return repositoryService.getRepositoriesSnippetOfUser(((OIDCAuthenticationToken) SecurityContextHolder.getContext().getAuthentication()).getUserInfo().getEmail(), page, size);
|
|
| 69 |
@PathVariable("size") String size) throws Exception {
|
|
| 70 |
return repositoryService.getRepositoriesSnippetOfUser(page, size); |
|
| 71 | 71 |
} |
| 72 | 72 |
|
| 73 | 73 |
@RequestMapping(value = "/user/repositories/{page}/{size}", method = RequestMethod.GET,
|
| ... | ... | |
| 77 | 77 |
public List<Repository> getRepositoriesOfUser( |
| 78 | 78 |
@PathVariable("page") String page,
|
| 79 | 79 |
@PathVariable("size") String size) throws JSONException, IOException {
|
| 80 |
return repositoryService.getRepositoriesOfUser(((OIDCAuthenticationToken) SecurityContextHolder.getContext().getAuthentication()).getUserInfo().getEmail(), page, size);
|
|
| 80 |
return repositoryService.getRepositoriesOfUser(page, size); |
|
| 81 | 81 |
} |
| 82 | 82 |
|
| 83 | 83 |
@RequestMapping(value = "/searchRegisteredRepositories/{page}/{size}", method = RequestMethod.GET,
|
| modules/uoa-repository-manager-service/branches/aai_roles_new/src/main/java/eu/dnetlib/repo/manager/controllers/UserRoleController.java | ||
|---|---|---|
| 1 | 1 |
package eu.dnetlib.repo.manager.controllers; |
| 2 | 2 |
|
| 3 |
import com.google.gson.JsonArray; |
|
| 4 |
import com.google.gson.JsonElement; |
|
| 5 | 3 |
import eu.dnetlib.repo.manager.domain.dto.Role; |
| 6 | 4 |
import eu.dnetlib.repo.manager.service.aai.registry.AaiRegistryService; |
| 5 |
import eu.dnetlib.repo.manager.service.security.AuthoritiesUpdater; |
|
| 6 |
import eu.dnetlib.repo.manager.service.security.AuthorizationService; |
|
| 7 | 7 |
import eu.dnetlib.repo.manager.service.security.RoleMappingService; |
| 8 |
import eu.dnetlib.repo.manager.service.security.AuthoritiesMapper; |
|
| 9 |
import eu.dnetlib.repo.manager.service.security.AuthoritiesUpdater; |
|
| 10 | 8 |
import eu.dnetlib.repo.manager.utils.JsonUtils; |
| 11 | 9 |
import io.swagger.annotations.Api; |
| 12 | 10 |
import io.swagger.annotations.ApiOperation; |
| 13 |
import org.mitre.openid.connect.model.OIDCAuthenticationToken; |
|
| 14 |
import org.mitre.openid.connect.model.UserInfo; |
|
| 15 | 11 |
import org.springframework.beans.factory.annotation.Autowired; |
| 16 | 12 |
import org.springframework.http.HttpStatus; |
| 17 | 13 |
import org.springframework.http.ResponseEntity; |
| 18 | 14 |
import org.springframework.security.access.prepost.PreAuthorize; |
| 19 |
import org.springframework.security.core.context.SecurityContextHolder; |
|
| 20 | 15 |
import org.springframework.web.bind.annotation.*; |
| 21 | 16 |
|
| 22 | 17 |
import javax.ws.rs.core.MediaType; |
| 23 | 18 |
import javax.ws.rs.core.Response; |
| 24 |
import java.util.ArrayList; |
|
| 25 | 19 |
import java.util.Collection; |
| 26 |
import java.util.List; |
|
| 27 | 20 |
|
| 28 | 21 |
@RestController |
| 29 | 22 |
@RequestMapping(value = "/role-management") |
| ... | ... | |
| 33 | 26 |
private final AaiRegistryService aaiRegistryService; |
| 34 | 27 |
private final AuthoritiesUpdater authoritiesUpdater; |
| 35 | 28 |
private final RoleMappingService roleMappingService; |
| 29 |
private final AuthorizationService authorizationService; |
|
| 36 | 30 |
|
| 37 | 31 |
@Autowired |
| 38 | 32 |
UserRoleController(AaiRegistryService aaiRegistryService, |
| 39 | 33 |
AuthoritiesUpdater authoritiesUpdater, |
| 40 |
RoleMappingService roleMappingService) {
|
|
| 34 |
RoleMappingService roleMappingService, |
|
| 35 |
AuthorizationService authorizationService) {
|
|
| 41 | 36 |
this.aaiRegistryService = aaiRegistryService; |
| 42 | 37 |
this.authoritiesUpdater = authoritiesUpdater; |
| 43 | 38 |
this.roleMappingService = roleMappingService; |
| 39 |
this.authorizationService = authorizationService; |
|
| 44 | 40 |
} |
| 45 | 41 |
|
| 46 | 42 |
/** |
| ... | ... | |
| 101 | 97 |
@RequestMapping(method = RequestMethod.GET, path = "/users/{email}/roles")
|
| 102 | 98 |
@PreAuthorize("hasAnyAuthority('SUPER_ADMINISTRATOR', 'CONTENT_PROVIDER_DASHBOARD_ADMINISTRATOR') or hasAuthority('REGISTERED_USER') and authentication.userInfo.email==#email")
|
| 103 | 99 |
public ResponseEntity<Collection<String>> getRolesByEmail(@PathVariable("email") String email) {
|
| 104 |
int coPersonId = aaiRegistryService.getCoPersonIdByEmail(email); |
|
| 105 |
List<Integer> list = new ArrayList<>(); |
|
| 106 |
for (JsonElement element : aaiRegistryService.getRolesWithStatus(coPersonId, AaiRegistryService.RoleStatus.ACTIVE)) {
|
|
| 107 |
list.add(element.getAsJsonObject().get("CouId").getAsInt());
|
|
| 108 |
} |
|
| 109 |
return ResponseEntity.ok(aaiRegistryService.getCouNames(list).values()); |
|
| 100 |
return ResponseEntity.ok(authorizationService.getUserRoles(email)); |
|
| 110 | 101 |
} |
| 111 | 102 |
|
| 112 | 103 |
|
| 113 | 104 |
@RequestMapping(method = RequestMethod.GET, path = "/user/roles/my") |
| 114 | 105 |
@PreAuthorize("hasAuthority('REGISTERED_USER')")
|
| 115 | 106 |
public ResponseEntity<Collection<String>> getRoleNames() {
|
| 116 |
List<String> roles; |
|
| 117 |
JsonArray entitlements = null; |
|
| 118 |
UserInfo userInfo = ((OIDCAuthenticationToken) SecurityContextHolder.getContext().getAuthentication()).getUserInfo(); |
|
| 119 |
if (userInfo.getSource().getAsJsonArray("edu_person_entitlements") != null) {
|
|
| 120 |
entitlements = userInfo.getSource().getAsJsonArray("edu_person_entitlements");
|
|
| 121 |
} else if (userInfo.getSource().getAsJsonArray("eduperson_entitlement") != null) {
|
|
| 122 |
entitlements = userInfo.getSource().getAsJsonArray("eduperson_entitlement");
|
|
| 123 |
} else {
|
|
| 124 |
return ResponseEntity.ok(null); |
|
| 125 |
} |
|
| 126 |
roles = AuthoritiesMapper.entitlementRoles(entitlements); |
|
| 127 |
return ResponseEntity.ok(roles); |
|
| 107 |
return ResponseEntity.ok(authorizationService.getUserRoles()); |
|
| 128 | 108 |
} |
| 129 | 109 |
|
| 130 | 110 |
} |
Also available in: Unified diff
1. optimization in retrieval time of repositories/snippets of authenticated user
2. Marked with FIXME methods that need attention