Merge from role management integration branch.

This commit is contained in:
Konstantinos Triantafyllou 2021-10-08 14:45:31 +00:00
parent 3a1fb421c3
commit f48c8c284e
7 changed files with 336 additions and 843 deletions

View File

@ -1,55 +1,53 @@
package eu.dnetlib.openaire.usermanagement.api;
import com.google.gson.*;
import eu.dnetlib.openaire.user.login.utils.AuthoritiesUpdater;
import com.google.gson.JsonArray;
import com.google.gson.JsonElement;
import com.google.gson.JsonObject;
import com.google.gson.JsonParser;
import eu.dnetlib.openaire.user.pojos.RoleVerification;
import eu.dnetlib.openaire.user.utils.EmailSender;
import eu.dnetlib.openaire.usermanagement.dto.Role;
import eu.dnetlib.openaire.usermanagement.dto.User;
import eu.dnetlib.openaire.usermanagement.utils.AuthorizationService;
import eu.dnetlib.openaire.usermanagement.utils.JsonUtils;
import eu.dnetlib.openaire.usermanagement.utils.RegistryCalls;
import eu.dnetlib.openaire.usermanagement.utils.RoleManagement;
import eu.dnetlib.openaire.usermanagement.utils.VerificationUtils;
import org.apache.log4j.Logger;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpStatus;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.stereotype.Component;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.*;
import org.springframework.web.client.HttpClientErrorException;
import javax.mail.MessagingException;
import javax.servlet.http.HttpServletRequest;
import javax.ws.rs.*;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
import java.util.*;
@Component(value = "RegistryService")
@CrossOrigin("*")
@Path("/registry")
public class RegistryService {
private static final Logger logger = Logger.getLogger(RegistryService.class);
@Autowired
private RegistryCalls calls;
private RoleManagement calls;
@Autowired
private JsonUtils jsonUtils;
@Autowired
private EmailSender emailSender;
@Autowired
private VerificationUtils verificationUtils;
@Autowired
private AuthoritiesUpdater authoritiesUpdater;
private EmailSender emailSender;
@Autowired
private AuthorizationService authorizationService;
private final Gson gson = new Gson();
/**
* Subscribe to a type(Community, etc.) with id(ee, egi, etc.)
*/
@ -57,20 +55,13 @@ public class RegistryService {
@POST
@Produces(MediaType.APPLICATION_JSON)
@PreAuthorize("isAuthenticated() and @AuthorizationService.isCommunity(#type)")
public Response subscribe(@PathParam("type") String type, @PathParam("id") String id) {
Integer coPersonId = calls.getCoPersonIdByIdentifier();
Integer couId = calls.getCouId(type, id);
if (couId != null) {
Integer role = calls.getRoleId(coPersonId, couId);
calls.assignMemberRole(coPersonId, couId, role);
authoritiesUpdater.update(authorizationService.getEmail(), old -> {
HashSet<SimpleGrantedAuthority> authorities = new HashSet<>((Collection<? extends SimpleGrantedAuthority>) old);
authorities.add(new SimpleGrantedAuthority(authorizationService.member(type, id)));
return authorities;
});
return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse("Role has been assigned").toString()).type(MediaType.APPLICATION_JSON).build();
} else {
return Response.status(HttpStatus.NOT_FOUND.value()).entity(jsonUtils.createResponse("Role has not been found").toString()).type(MediaType.APPLICATION_JSON).build();
public Response subscribe(@PathParam("type") String type, @PathParam("id") String id, @Context final HttpServletRequest request) {
try {
JsonElement response = calls.assignMemberRole(type, id, request);
return Response.status(HttpStatus.OK.value()).entity(response.toString()).type(MediaType.APPLICATION_JSON).build();
} catch (HttpClientErrorException e) {
String message = new JsonParser().parse(e.getResponseBodyAsString()).getAsJsonObject().get("message").getAsString();
return Response.status(e.getStatusCode().value()).entity(jsonUtils.createResponse(message).toString()).type(MediaType.APPLICATION_JSON).build();
}
}
@ -82,25 +73,30 @@ public class RegistryService {
@POST
@Produces(MediaType.APPLICATION_JSON)
@PreAuthorize("isAuthenticated() and @AuthorizationService.isCommunity(#type)")
public Response unsubscribe(@PathParam("type") String type, @PathParam("id") String id) {
Integer coPersonId = calls.getCoPersonIdByIdentifier();
Integer couId = calls.getCouId(type, id);
if (couId != null) {
Integer role = calls.getRoleId(coPersonId, couId);
if (role != null) {
calls.removeAdminRole(coPersonId, couId);
calls.removeMemberRole(coPersonId, couId, role);
authoritiesUpdater.update(authorizationService.getEmail(), old -> {
HashSet<SimpleGrantedAuthority> authorities = new HashSet<>((Collection<? extends SimpleGrantedAuthority>) old);
authorities.remove(new SimpleGrantedAuthority(authorizationService.manager(type, id)));
authorities.remove(new SimpleGrantedAuthority(authorizationService.member(type, id)));
return authorities;
});
return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse("Role has been removed").toString()).type(MediaType.APPLICATION_JSON).build();
} else
return Response.status(HttpStatus.NOT_FOUND.value()).entity(jsonUtils.createResponse("User does not have this role").toString()).type(MediaType.APPLICATION_JSON).build();
} else {
return Response.status(HttpStatus.NOT_FOUND.value()).entity(jsonUtils.createResponse("Role has not been found").toString()).type(MediaType.APPLICATION_JSON).build();
public Response unsubscribe(@PathParam("type") String type, @PathParam("id") String id, @Context final HttpServletRequest request) {
try {
JsonElement response = calls.removeMemberRole(type, id, request);
return Response.status(HttpStatus.OK.value()).entity(response.toString()).type(MediaType.APPLICATION_JSON).build();
} catch (HttpClientErrorException e) {
String message = new JsonParser().parse(e.getResponseBodyAsString()).getAsJsonObject().get("message").getAsString();
return Response.status(e.getStatusCode().value()).entity(jsonUtils.createResponse(message).toString()).type(MediaType.APPLICATION_JSON).build();
}
}
/**
* Create a new curator role with the given type(Community, etc.).
**/
@Path("/create/{type}")
@POST
@Produces(MediaType.APPLICATION_JSON)
@PreAuthorize("hasAnyAuthority(@AuthorizationService.PORTAL_ADMIN)")
public Response createCuratorRole(@PathParam("type") String type) {
try {
JsonElement response = calls.createCuratorRole(type);
return Response.status(HttpStatus.CREATED.value()).entity(response.toString()).type(MediaType.APPLICATION_JSON).build();
} catch (HttpClientErrorException e) {
String message = new JsonParser().parse(e.getResponseBodyAsString()).getAsJsonObject().get("message").getAsString();
return Response.status(e.getStatusCode().value()).entity(jsonUtils.createResponse(message).toString()).type(MediaType.APPLICATION_JSON).build();
}
}
@ -112,18 +108,18 @@ public class RegistryService {
@Produces(MediaType.APPLICATION_JSON)
@PreAuthorize("hasAnyAuthority(@AuthorizationService.PORTAL_ADMIN)")
public Response createMemberRole(@PathParam("type") String type, @PathParam("id") String id) {
if (calls.getCouId(type, id) != null) {
if(calls.createRole(new Role(type + "." + id,calls.mapType(type, false) + " " + id)) != null) {
return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse("Role has been created").toString()).type(MediaType.APPLICATION_JSON).build();
} else {
return Response.status(HttpStatus.BAD_REQUEST.value()).entity(jsonUtils.createResponse("An error has occurred. Please try again later").toString()).type(MediaType.APPLICATION_JSON).build();
}
} else {
return Response.status(HttpStatus.CONFLICT.value()).entity(jsonUtils.createResponse("Role has already existed").toString()).type(MediaType.APPLICATION_JSON).build();
try {
JsonElement response = calls.createMemberRole(type, id);
return Response.status(HttpStatus.CREATED.value()).entity(response.toString()).type(MediaType.APPLICATION_JSON).build();
} catch (HttpClientErrorException e) {
String message = new JsonParser().parse(e.getResponseBodyAsString()).getAsJsonObject().get("message").getAsString();
return Response.status(e.getStatusCode().value()).entity(jsonUtils.createResponse(message).toString()).type(MediaType.APPLICATION_JSON).build();
}
}
/**
* @deprecated
*
* Create a new role with the given name and description.
**/
@Path("/createRole")
@ -132,14 +128,12 @@ public class RegistryService {
@Consumes(MediaType.APPLICATION_JSON)
@PreAuthorize("hasAnyAuthority(@AuthorizationService.PORTAL_ADMIN)")
public Response createRole(@RequestBody Role role) {
if (calls.getCouId(role.getName()) == null) {
if(calls.createRole(role) != null) {
return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse("Role has been created").toString()).type(MediaType.APPLICATION_JSON).build();
} else {
return Response.status(HttpStatus.BAD_REQUEST.value()).entity(jsonUtils.createResponse("An error has occurred. Please try again later").toString()).type(MediaType.APPLICATION_JSON).build();
}
} else {
return Response.status(HttpStatus.CONFLICT.value()).entity(jsonUtils.createResponse("Role has already existed").toString()).type(MediaType.APPLICATION_JSON).build();
try {
JsonElement response = calls.createRole(role.getName(), role.getDescription());
return Response.status(HttpStatus.CREATED.value()).entity(response.toString()).type(MediaType.APPLICATION_JSON).build();
} catch (HttpClientErrorException e) {
String message = new JsonParser().parse(e.getResponseBodyAsString()).getAsJsonObject().get("message").getAsString();
return Response.status(e.getStatusCode().value()).entity(jsonUtils.createResponse(message).toString()).type(MediaType.APPLICATION_JSON).build();
}
}
@ -153,20 +147,19 @@ public class RegistryService {
@PreAuthorize("hasAnyAuthority(@AuthorizationService.PORTAL_ADMIN, " +
"@AuthorizationService.curator(#type), @AuthorizationService.manager(#type, #id))")
public Response inviteManager(@PathParam("type") String type, @PathParam("id") String id, @RequestBody String body) {
Integer couId = calls.getCouId(type, id);
if (couId != null) {
try {
JsonObject details = new JsonParser().parse(body).getAsJsonObject();
JsonObject email = details.get("email").getAsJsonObject();
String recipient = email.get("recipient").getAsString();
Integer coPersonId = calls.getCoPersonIdByEmail(recipient);
if (coPersonId == null || calls.getUserAdminGroup(coPersonId, couId) == null) {
if (!calls.isManager(type, id, recipient)) {
JsonObject invitation = verificationUtils.createManagerInvitation(recipient, type, id);
return sendEmail(details, email, coPersonId, invitation);
return sendEmail(details, email, invitation);
} else {
return Response.status(HttpStatus.CONFLICT.value()).entity(jsonUtils.createResponse("User has been already manager of this " + type).toString()).type(MediaType.APPLICATION_JSON).build();
}
} else {
return Response.status(HttpStatus.NOT_FOUND.value()).entity(jsonUtils.createResponse("Role has not been found").toString()).type(MediaType.APPLICATION_JSON).build();
} catch (HttpClientErrorException e) {
String message = new JsonParser().parse(e.getResponseBodyAsString()).getAsJsonObject().get("message").getAsString();
return Response.status(e.getStatusCode().value()).entity(jsonUtils.createResponse(message).toString()).type(MediaType.APPLICATION_JSON).build();
}
}
@ -180,36 +173,33 @@ public class RegistryService {
@PreAuthorize("hasAnyAuthority(@AuthorizationService.PORTAL_ADMIN, " +
"@AuthorizationService.curator(#type), @AuthorizationService.manager(#type, #id))")
public Response inviteMember(@PathParam("type") String type, @PathParam("id") String id, @RequestBody String body) {
Integer couId = calls.getCouId(type, id, false);
if (couId != null) {
try {
JsonObject details = new JsonParser().parse(body).getAsJsonObject();
JsonObject email = details.get("email").getAsJsonObject();
String recipient = email.get("recipient").getAsString();
Integer coPersonId = calls.getCoPersonIdByEmail(recipient);
if (coPersonId == null || calls.getRoleId(coPersonId, couId) == null) {
if (!calls.isMember(type, id, recipient)) {
JsonObject invitation = verificationUtils.createMemberInvitation(recipient, type, id);
return sendEmail(details, email, coPersonId, invitation);
return sendEmail(details, email, invitation);
} else {
return Response.status(HttpStatus.CONFLICT.value()).entity(jsonUtils.createResponse("User has been already member of this " + type).toString()).type(MediaType.APPLICATION_JSON).build();
}
} else {
return Response.status(HttpStatus.NOT_FOUND.value()).entity(jsonUtils.createResponse("Role has not been found").toString()).type(MediaType.APPLICATION_JSON).build();
} catch (HttpClientErrorException e) {
String message = new JsonParser().parse(e.getResponseBodyAsString()).getAsJsonObject().get("message").getAsString();
return Response.status(e.getStatusCode().value()).entity(jsonUtils.createResponse(message).toString()).type(MediaType.APPLICATION_JSON).build();
}
}
private Response sendEmail(JsonObject details, JsonObject email, Integer coPersonId, JsonObject invitation) {
String name = (coPersonId != null) ? calls.getUserNames(coPersonId) : "User";
private Response sendEmail(JsonObject details, JsonObject email, JsonObject invitation) {
String link = details.get("link").getAsString() + invitation.get("link").getAsString();
String subject = email.get("subject").getAsString();
String message = email.get("body").getAsString().
replace("((__user__))", name).
replace("((__user__))", "User").
replace("((__link__))", link).
replace("((__code__))", invitation.get("code").getAsString());
try {
emailSender.sendEmail(email.get("recipient").getAsString(), subject, message);
return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse(invitation).toString()).type(MediaType.APPLICATION_JSON).build();
} catch (MessagingException e) {
logger.error(e.getMessage());
verificationUtils.deleteVerification(invitation.get("link").getAsString());
return Response.status(HttpStatus.BAD_REQUEST.value()).entity(jsonUtils.createResponse("Email sent failed").toString()).type(MediaType.APPLICATION_JSON).build();
}
@ -224,13 +214,8 @@ public class RegistryService {
@PreAuthorize("hasAnyAuthority(@AuthorizationService.PORTAL_ADMIN, " +
"@AuthorizationService.curator(#type), @AuthorizationService.manager(#type, #id))")
public Response cancelManagerInvitations(@PathParam("type") String type, @PathParam("id") String id, @PathParam("email") String email) {
Integer couId = calls.getCouId(type, id);
if (couId != null) {
verificationUtils.deleteManagerVerifications(email, type, id);
return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse("Invitations have been deleted").toString()).type(MediaType.APPLICATION_JSON).build();
} else {
return Response.status(HttpStatus.NOT_FOUND.value()).entity(jsonUtils.createResponse("Role has not been found").toString()).type(MediaType.APPLICATION_JSON).build();
}
verificationUtils.deleteManagerVerifications(email, type, id);
return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse("Invitations have been deleted").toString()).type(MediaType.APPLICATION_JSON).build();
}
/**
@ -242,13 +227,8 @@ public class RegistryService {
@PreAuthorize("hasAnyAuthority(@AuthorizationService.PORTAL_ADMIN, " +
"@AuthorizationService.curator(#type), @AuthorizationService.manager(#type, #id))")
public Response cancelMemberInvitations(@PathParam("type") String type, @PathParam("id") String id, @PathParam("email") String email) {
Integer couId = calls.getCouId(type, id, false);
if (couId != null) {
verificationUtils.deleteMemberVerifications(email, type, id);
return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse("Invitations have been deleted").toString()).type(MediaType.APPLICATION_JSON).build();
} else {
return Response.status(HttpStatus.NOT_FOUND.value()).entity(jsonUtils.createResponse("Role has not been found").toString()).type(MediaType.APPLICATION_JSON).build();
}
verificationUtils.deleteMemberVerifications(email, type, id);
return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse("Invitations have been deleted").toString()).type(MediaType.APPLICATION_JSON).build();
}
/**
@ -280,7 +260,7 @@ public class RegistryService {
/**
* Get the verification with a specific id only if it refers to the logged in user
*/
@Path("verification/{id}")
@Path("/verification/{id}")
@GET
@Produces(MediaType.APPLICATION_JSON)
@PreAuthorize("isAuthenticated()")
@ -300,7 +280,7 @@ public class RegistryService {
/**
* Delete the verification with a specific id.
*/
@Path("verification/{id}")
@Path("/verification/{id}")
@DELETE
@Produces(MediaType.APPLICATION_JSON)
@PreAuthorize("isAuthenticated() && @VerificationUtils.ownedVerification(#id)")
@ -317,62 +297,37 @@ public class RegistryService {
* Verify the verification with the specific id, if the code is correct and it refers to the logged in user.
* Manager role is assigned to this user, along with the member role.
*/
@Path("verification/manager/{id}")
@Path("/verification/manager/{id}")
@POST
@Produces(MediaType.APPLICATION_JSON)
@PreAuthorize("isAuthenticated()")
public Response verifyManager(@PathParam("id") String id, @RequestBody String code) {
public Response verifyManager(@PathParam("id") String id, @RequestBody String code, @Context final HttpServletRequest request) {
RoleVerification verification = verificationUtils.getVerification(id);
if (verification != null && verification.getVerificationType().equals("manager")) {
Integer coPersonId = calls.getCoPersonIdByIdentifier();
if (coPersonId != null) {
if (verification.getEmail().equalsIgnoreCase(authorizationService.getEmail())) {
if (verification.getVerificationCode().equals(code)) {
Integer couId = calls.getCouId(verification.getType(), verification.getEntity());
if (couId != null) {
Integer role = calls.getRoleId(coPersonId, couId);
calls.assignMemberRole(coPersonId, couId, role);
if (verification.getType().equals("community") || verification.getType().equals("ri")) {
Integer riCouId = calls.getCouId("ri", verification.getEntity(), false);
if (riCouId != null) {
calls.assignMemberRole(coPersonId, riCouId, calls.getRoleId(coPersonId, riCouId));
verificationUtils.deleteMemberVerifications(verification.getEmail(), "community", verification.getEntity());
verificationUtils.deleteMemberVerifications(verification.getEmail(), "ri", verification.getEntity());
} else {
verificationUtils.deleteMemberVerifications(verification.getEmail(), "community", verification.getEntity());
}
} else {
verificationUtils.deleteMemberVerifications(verification.getEmail(), verification.getType(), verification.getEntity());
}
if (calls.getUserAdminGroup(coPersonId, couId) == null) {
if (verification.getType().equals("community") || verification.getType().equals("ri")) {
verificationUtils.deleteManagerVerifications(verification.getEmail(), "community", verification.getEntity());
verificationUtils.deleteManagerVerifications(verification.getEmail(), "ri", verification.getEntity());
} else {
verificationUtils.deleteManagerVerifications(verification.getEmail(), verification.getType(), verification.getEntity());
}
calls.assignAdminRole(coPersonId, couId);
authoritiesUpdater.update(verification.getEmail(), old -> {
HashSet<SimpleGrantedAuthority> authorities = new HashSet<>((Collection<? extends SimpleGrantedAuthority>) old);
authorities.add(new SimpleGrantedAuthority(authorizationService.member(verification.getType(), verification.getEntity())));
authorities.add(new SimpleGrantedAuthority(authorizationService.manager(verification.getType(), verification.getEntity())));
return authorities;
});
return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse("Admin role has been assigned").toString()).type(MediaType.APPLICATION_JSON).build();
} else {
return Response.status(HttpStatus.CONFLICT.value()).entity(jsonUtils.createResponse("User is already admin of this cou").toString()).type(MediaType.APPLICATION_JSON).build();
}
if (verification.getEmail().equalsIgnoreCase(authorizationService.getEmail())) {
if (verification.getVerificationCode().equals(code)) {
try {
calls.assignManagerRole(verification.getType(), verification.getEntity(), request);
if (verification.getType().equals("community") || verification.getType().equals("ri")) {
calls.assignMemberRole("ri", verification.getEntity(), request);
verificationUtils.deleteMemberVerifications(verification.getEmail(), "community", verification.getEntity());
verificationUtils.deleteMemberVerifications(verification.getEmail(), "ri", verification.getEntity());
verificationUtils.deleteManagerVerifications(verification.getEmail(), "community", verification.getEntity());
verificationUtils.deleteManagerVerifications(verification.getEmail(), "ri", verification.getEntity());
} else {
return Response.status(HttpStatus.NOT_FOUND.value()).entity(jsonUtils.createResponse("Role has not been found").toString()).type(MediaType.APPLICATION_JSON).build();
verificationUtils.deleteMemberVerifications(verification.getEmail(), verification.getType(), verification.getEntity());
verificationUtils.deleteManagerVerifications(verification.getEmail(), verification.getType(), verification.getEntity());
}
} else {
return Response.status(HttpStatus.BAD_REQUEST.value()).entity(jsonUtils.createResponse("Verification code is wrong").toString()).type(MediaType.APPLICATION_JSON).build();
return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse("Admin role has been assigned").toString()).type(MediaType.APPLICATION_JSON).build();
} catch (HttpClientErrorException e) {
String message = new JsonParser().parse(e.getResponseBodyAsString()).getAsJsonObject().get("message").getAsString();
return Response.status(e.getStatusCode().value()).entity(jsonUtils.createResponse(message).toString()).type(MediaType.APPLICATION_JSON).build();
}
} else {
return Response.status(HttpStatus.FORBIDDEN.value()).entity(jsonUtils.createResponse("Forbidden verification").toString()).type(MediaType.APPLICATION_JSON).build();
return Response.status(HttpStatus.BAD_REQUEST.value()).entity(jsonUtils.createResponse("Verification code is wrong").toString()).type(MediaType.APPLICATION_JSON).build();
}
} else {
return Response.status(HttpStatus.NOT_FOUND.value()).entity(jsonUtils.createResponse("User has not been found").toString()).type(MediaType.APPLICATION_JSON).build();
return Response.status(HttpStatus.FORBIDDEN.value()).entity(jsonUtils.createResponse("Forbidden verification").toString()).type(MediaType.APPLICATION_JSON).build();
}
} else {
return Response.status(HttpStatus.NOT_FOUND.value()).entity(jsonUtils.createResponse("Verification has not been found").toString()).type(MediaType.APPLICATION_JSON).build();
@ -383,39 +338,28 @@ public class RegistryService {
* Verify the verification with the specific id, if the code is correct and it refers to the logged in user.
* Member role is assigned to this user, along with the member role.
*/
@Path("verification/member/{id}")
@Path("/verification/member/{id}")
@POST
@Produces(MediaType.APPLICATION_JSON)
@PreAuthorize("isAuthenticated()")
public Response verifyMember(@PathParam("id") String id, @RequestBody String code) {
public Response verifyMember(@PathParam("id") String id, @RequestBody String code, @Context final HttpServletRequest request) {
RoleVerification verification = verificationUtils.getVerification(id);
if (verification != null && verification.getVerificationType().equals("member")) {
Integer coPersonId = calls.getCoPersonIdByIdentifier();
if (coPersonId != null) {
if (verification.getEmail().equalsIgnoreCase(authorizationService.getEmail())) {
if (verification.getVerificationCode().equals(code)) {
Integer couId = calls.getCouId(verification.getType(), verification.getEntity(), false);
if (couId != null) {
Integer role = calls.getRoleId(coPersonId, couId);
calls.assignMemberRole(coPersonId, couId, role);
authoritiesUpdater.update(verification.getEmail(), old -> {
HashSet<SimpleGrantedAuthority> authorities = new HashSet<>((Collection<? extends SimpleGrantedAuthority>) old);
authorities.add(new SimpleGrantedAuthority(authorizationService.member(verification.getType(), verification.getEntity())));
return authorities;
});
verificationUtils.deleteMemberVerifications(verification.getEmail(), verification.getType(), verification.getEntity());
return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse("Member role has been assigned").toString()).type(MediaType.APPLICATION_JSON).build();
} else {
return Response.status(HttpStatus.NOT_FOUND.value()).entity(jsonUtils.createResponse("Role has not been found").toString()).type(MediaType.APPLICATION_JSON).build();
}
} else {
return Response.status(HttpStatus.FORBIDDEN.value()).entity(jsonUtils.createResponse("Verification code is wrong").toString()).type(MediaType.APPLICATION_JSON).build();
if (verification.getEmail().equalsIgnoreCase(authorizationService.getEmail())) {
if (verification.getVerificationCode().equals(code)) {
try {
calls.assignMemberRole(verification.getType(), verification.getEntity(), request);
verificationUtils.deleteMemberVerifications(verification.getEmail(), verification.getType(), verification.getEntity());
return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse("Member role has been assigned").toString()).type(MediaType.APPLICATION_JSON).build();
} catch (HttpClientErrorException e) {
String message = new JsonParser().parse(e.getResponseBodyAsString()).getAsJsonObject().get("message").getAsString();
return Response.status(e.getStatusCode().value()).entity(jsonUtils.createResponse(message).toString()).type(MediaType.APPLICATION_JSON).build();
}
} else {
return Response.status(HttpStatus.FORBIDDEN.value()).entity(jsonUtils.createResponse("Forbidden verification").toString()).type(MediaType.APPLICATION_JSON).build();
return Response.status(HttpStatus.BAD_REQUEST.value()).entity(jsonUtils.createResponse("Verification code is wrong").toString()).type(MediaType.APPLICATION_JSON).build();
}
} else {
return Response.status(HttpStatus.NOT_FOUND.value()).entity(jsonUtils.createResponse("User has not been found").toString()).type(MediaType.APPLICATION_JSON).build();
return Response.status(HttpStatus.FORBIDDEN.value()).entity(jsonUtils.createResponse("Forbidden verification").toString()).type(MediaType.APPLICATION_JSON).build();
}
} else {
return Response.status(HttpStatus.NOT_FOUND.value()).entity(jsonUtils.createResponse("Verification has not been found").toString()).type(MediaType.APPLICATION_JSON).build();
@ -432,24 +376,12 @@ public class RegistryService {
@PreAuthorize("hasAnyAuthority(@AuthorizationService.PORTAL_ADMIN, @AuthorizationService.curator(#type), @AuthorizationService.manager(#type, #id))")
public Response removeManagerRole(@PathParam("type") String type, @PathParam("id") String
id, @PathParam("email") String email) {
List<Integer> coPersonIds = calls.getCoPersonIdsByEmail(email);
if (coPersonIds.size() > 0) {
Integer couId = calls.getCouId(type, id);
if (couId != null) {
coPersonIds.forEach(coPersonId -> {
calls.removeAdminRole(coPersonId, couId);
});
authoritiesUpdater.update(email, old -> {
HashSet<SimpleGrantedAuthority> authorities = new HashSet<>((Collection<? extends SimpleGrantedAuthority>) old);
authorities.remove(new SimpleGrantedAuthority(authorizationService.manager(type, id)));
return authorities;
});
return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse("Role has been removed").toString()).type(MediaType.APPLICATION_JSON).build();
} else {
return Response.status(HttpStatus.NOT_FOUND.value()).entity(jsonUtils.createResponse("Role has not been found").toString()).type(MediaType.APPLICATION_JSON).build();
}
} else {
return Response.status(HttpStatus.NOT_FOUND.value()).entity(jsonUtils.createResponse("User has not been found").toString()).type(MediaType.APPLICATION_JSON).build();
try {
JsonElement response = calls.removeManagerRole(type, id, email);
return Response.status(HttpStatus.OK.value()).entity(response.toString()).type(MediaType.APPLICATION_JSON).build();
} catch (HttpClientErrorException e) {
String message = new JsonParser().parse(e.getResponseBodyAsString()).getAsJsonObject().get("message").getAsString();
return Response.status(e.getStatusCode().value()).entity(jsonUtils.createResponse(message).toString()).type(MediaType.APPLICATION_JSON).build();
}
}
@ -463,27 +395,12 @@ public class RegistryService {
@PreAuthorize("hasAnyAuthority(@AuthorizationService.PORTAL_ADMIN, @AuthorizationService.curator(#type), @AuthorizationService.manager(#type, #id))")
public Response removeMemberRole(@PathParam("type") String type, @PathParam("id") String
id, @PathParam("email") String email) {
List<Integer> coPersonIds = calls.getCoPersonIdsByEmail(email);
if (coPersonIds.size() > 0) {
Integer couId = calls.getCouId(type, id, false);
if (couId != null) {
coPersonIds.forEach(coPersonId -> {
Integer role = calls.getRoleId(coPersonId, couId);
calls.removeAdminRole(coPersonId, couId);
calls.removeMemberRole(coPersonId, couId, role);
});
authoritiesUpdater.update(email, old -> {
HashSet<SimpleGrantedAuthority> authorities = new HashSet<>((Collection<? extends SimpleGrantedAuthority>) old);
authorities.remove(new SimpleGrantedAuthority(authorizationService.manager(type, id)));
authorities.remove(new SimpleGrantedAuthority(authorizationService.member(type, id)));
return authorities;
});
return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse("Role has been removed").toString()).type(MediaType.APPLICATION_JSON).build();
} else {
return Response.status(HttpStatus.NOT_FOUND.value()).entity(jsonUtils.createResponse("Role has not been found").toString()).type(MediaType.APPLICATION_JSON).build();
}
} else {
return Response.status(HttpStatus.NOT_FOUND.value()).entity(jsonUtils.createResponse("User has not been found").toString()).type(MediaType.APPLICATION_JSON).build();
try {
JsonElement response = calls.removeMemberRole(type, id, email);
return Response.status(HttpStatus.OK.value()).entity(response.toString()).type(MediaType.APPLICATION_JSON).build();
} catch (HttpClientErrorException e) {
String message = new JsonParser().parse(e.getResponseBodyAsString()).getAsJsonObject().get("message").getAsString();
return Response.status(e.getStatusCode().value()).entity(jsonUtils.createResponse(message).toString()).type(MediaType.APPLICATION_JSON).build();
}
}
@ -494,16 +411,17 @@ public class RegistryService {
@GET
@Produces(MediaType.APPLICATION_JSON)
public Response getMembersCount(@PathParam("type") String type, @PathParam("id") String id) {
Integer couId = calls.getCouId(type, id, false);
int count = 0;
if (couId != null) {
count = calls.getUserIdByCouId(couId, false).size();
try {
int response = calls.getAllMembersCount(type, id);
return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse(response).toString()).type(MediaType.APPLICATION_JSON).build();
} catch (HttpClientErrorException e) {
String message = new JsonParser().parse(e.getResponseBodyAsString()).getAsJsonObject().get("message").getAsString();
return Response.status(e.getStatusCode().value()).entity(jsonUtils.createResponse(message).toString()).type(MediaType.APPLICATION_JSON).build();
}
return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse(count).toString()).type(MediaType.APPLICATION_JSON).build();
}
/**
* Get the names of the members of a type(Community, etc.) with id(ee, egi, etc.)
* Get infos of the members of a type(Community, etc.) with id(ee, egi, etc.)
*/
@Path("/{type}/{id}/members{var:.*}")
@GET
@ -511,19 +429,12 @@ public class RegistryService {
@PreAuthorize("hasAnyAuthority(@AuthorizationService.PORTAL_ADMIN," +
"@AuthorizationService.curator(#type), @AuthorizationService.manager(#type, #id))")
public Response getMembers(@PathParam("type") String type, @PathParam("id") String id) {
Integer couId = calls.getCouId(type, id, false);
if (couId != null) {
JsonArray members = calls.getUserIdByCouId(couId, false);
JsonArray emails = calls.getUserEmailByCouId(couId, false);
JsonArray names = calls.getUserNamesByCouId(couId, false);
JsonArray managers = calls.getUserIdByCouId(couId, true);
members.getAsJsonArray().forEach(element -> {
element.getAsJsonObject().addProperty("isManager", managers.contains(element));
});
JsonUtils.mergeUserInfo(members, emails, names, gson);
return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse(members).toString()).type(MediaType.APPLICATION_JSON).build();
} else {
return Response.status(HttpStatus.NOT_FOUND.value()).entity(jsonUtils.createResponse("Role has not been found").toString()).type(MediaType.APPLICATION_JSON).build();
try {
JsonElement response = calls.getAllMembers(type, id);
return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse(response).toString()).type(MediaType.APPLICATION_JSON).build();
} catch (HttpClientErrorException e) {
String message = new JsonParser().parse(e.getResponseBodyAsString()).getAsJsonObject().get("message").getAsString();
return Response.status(e.getStatusCode().value()).entity(jsonUtils.createResponse(message).toString()).type(MediaType.APPLICATION_JSON).build();
}
}
@ -534,21 +445,29 @@ public class RegistryService {
@GET
@Produces(MediaType.APPLICATION_JSON)
public Response getManagers(@PathParam("type") String type, @PathParam("id") String id) {
Integer couId = calls.getCouId(type, id);
if (couId != null) {
JsonArray managers = calls.getUserIdByCouId(couId, true);
if(authorizationService.isManager(type, id) || authorizationService.isPortalAdmin() || authorizationService.isCurator(type)) {
JsonArray emails = calls.getUserEmailByCouId(couId, true);
JsonArray names = calls.getUserNamesByCouId(couId, true);
JsonUtils.mergeUserInfo(managers, emails, names, gson);
} else {
managers.forEach(user -> {
user.getAsJsonObject().remove("coPersonId");
});
}
return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse(managers).toString()).type(MediaType.APPLICATION_JSON).build();
} else {
return Response.status(HttpStatus.NOT_FOUND.value()).entity(jsonUtils.createResponse("Role has not been found").toString()).type(MediaType.APPLICATION_JSON).build();
try {
JsonElement response = calls.getAllManagers(type, id);
return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse(response).toString()).type(MediaType.APPLICATION_JSON).build();
} catch (HttpClientErrorException e) {
String message = new JsonParser().parse(e.getResponseBodyAsString()).getAsJsonObject().get("message").getAsString();
return Response.status(e.getStatusCode().value()).entity(jsonUtils.createResponse(message).toString()).type(MediaType.APPLICATION_JSON).build();
}
}
}
/**
* Get infos of the curators of a type(Community, etc.)
*/
@Path("/{type}/curators{var:.*}")
@GET
@Produces(MediaType.APPLICATION_JSON)
@PreAuthorize("hasAnyAuthority(@AuthorizationService.PORTAL_ADMIN, @AuthorizationService.curator(#type))")
public Response getCurators(@PathParam("type") String type) {
try {
JsonElement response = calls.getAllCurators(type);
return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse(response.toString())).type(MediaType.APPLICATION_JSON).build();
} catch (HttpClientErrorException e) {
String message = new JsonParser().parse(e.getResponseBodyAsString()).getAsJsonObject().get("message").getAsString();
return Response.status(e.getStatusCode().value()).entity(jsonUtils.createResponse(message).toString()).type(MediaType.APPLICATION_JSON).build();
}
}
}

View File

@ -1,57 +0,0 @@
package eu.dnetlib.openaire.usermanagement.dto;
import com.fasterxml.jackson.annotation.JsonIgnore;
public class User {
@JsonIgnore
private String coPersonId;
private String id;
private String email;
private String name;
private String memberSince;
public User() {
}
@JsonIgnore
public String getCoPersonId() {
return coPersonId;
}
public void setCoPersonId(String coPersonId) {
this.coPersonId = coPersonId;
}
public String getId() {
return id;
}
public void setId(String id) {
this.id = id;
}
public String getEmail() {
return email;
}
public void setEmail(String email) {
this.email = email;
}
public String getName() {
return name;
}
public void setName(String name) {
this.name = name;
}
public String getMemberSince() {
return memberSince;
}
public void setMemberSince(String memberSince) {
this.memberSince = memberSince;
}
}

View File

@ -10,7 +10,10 @@ import org.springframework.http.*;
import org.springframework.stereotype.Component;
import org.springframework.web.client.RestTemplate;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import java.nio.charset.Charset;
import java.util.Arrays;
import java.util.Map;
@Component
@ -18,21 +21,26 @@ public class HttpUtils {
private static final Logger logger = Logger.getLogger(HttpUtils.class);
@Value("${registry.issuer}")
private String issuer;
@Value("${registry.user}")
private String user;
@Value("${registry.password}")
private String password;
public JsonElement post(String path, JsonObject body) {
public JsonElement post(String path, String session, JsonObject body, Map<String, String> params) {
RestTemplate restTemplate = new RestTemplate();
HttpHeaders headers = createHeaders(user, password);
String url = path + ((params != null) ? createParams(params) : "");
HttpHeaders headers = createHeaders(session);
headers.setContentType(MediaType.APPLICATION_JSON);
HttpEntity<String> request = new HttpEntity<>((body != null)?body.toString():"", headers);
ResponseEntity<String> responseEntity = restTemplate.exchange(url, HttpMethod.POST, request, String.class);
if (responseEntity.getBody() != null) {
return new JsonParser().parse(responseEntity.getBody());
} else {
return null;
}
}
public JsonElement put(String path, String session, JsonObject body) {
RestTemplate restTemplate = new RestTemplate();
HttpHeaders headers = createHeaders(session);
headers.setContentType(MediaType.APPLICATION_JSON);
HttpEntity<String> request = new HttpEntity<>(body.toString(), headers);
ResponseEntity<String> responseEntity = restTemplate.exchange(issuer + path, HttpMethod.POST, request, String.class);
ResponseEntity<String> responseEntity = restTemplate.exchange(path, HttpMethod.PUT, request, String.class);
if (responseEntity.getBody() != null) {
return new JsonParser().parse(responseEntity.getBody());
} else {
@ -40,24 +48,12 @@ public class HttpUtils {
}
}
public JsonElement put(String path, JsonObject body) {
public JsonElement get(String path, String session, Map<String, String> params) {
RestTemplate restTemplate = new RestTemplate();
HttpHeaders headers = createHeaders(user, password);
headers.setContentType(MediaType.APPLICATION_JSON);
HttpEntity<String> request = new HttpEntity<>(body.toString(), headers);
ResponseEntity<String> responseEntity = restTemplate.exchange(issuer + path, HttpMethod.PUT, request, String.class);
if (responseEntity.getBody() != null) {
return new JsonParser().parse(responseEntity.getBody());
} else {
return null;
}
}
public JsonElement get(String path, Map<String, String> params) {
RestTemplate restTemplate = new RestTemplate();
String url = issuer + path + ((params != null) ? createParams(params) : null);
String url = path + ((params != null) ? createParams(params) : "");
HttpHeaders headers = createHeaders(session);
ResponseEntity<String> responseEntity = restTemplate.exchange
(url, HttpMethod.GET, new HttpEntity<>(createHeaders(user, password)), String.class);
(url, HttpMethod.GET, new HttpEntity<>(headers), String.class);
if (responseEntity.getBody() != null) {
return new JsonParser().parse(responseEntity.getBody());
} else {
@ -65,11 +61,12 @@ public class HttpUtils {
}
}
public JsonElement delete(String path) {
public JsonElement delete(String path, String session, Map<String, String> params) {
RestTemplate restTemplate = new RestTemplate();
String url = issuer + path;
String url = path + ((params != null) ? createParams(params) : "");
HttpHeaders headers = createHeaders(session);
ResponseEntity<String> responseEntity = restTemplate.exchange
(url, HttpMethod.DELETE, new HttpEntity<>(createHeaders(user, password)), String.class);
(url, HttpMethod.DELETE, new HttpEntity<>(headers), String.class);
if (responseEntity.getBody() != null) {
return new JsonParser().parse(responseEntity.getBody());
} else {
@ -92,13 +89,21 @@ public class HttpUtils {
return ret.toString();
}
private HttpHeaders createHeaders(String username, String password) {
return new HttpHeaders() {{
String auth = username + ":" + password;
byte[] encodedAuth = Base64.encodeBase64(
auth.getBytes(Charset.forName("US-ASCII")));
String authHeader = "Basic " + new String(encodedAuth);
set("Authorization", authHeader);
}};
private HttpHeaders createHeaders(String token) {
if(token != null) {
return new HttpHeaders() {{
set("Session", token);
}};
} else {
return new HttpHeaders();
}
}
public String getCookie(HttpServletRequest req, String cookieName) {
return Arrays.stream(req.getCookies())
.filter(c -> c.getName().equals(cookieName))
.findFirst()
.map(Cookie::getValue)
.orElse(null);
}
}

View File

@ -1,86 +1,13 @@
package eu.dnetlib.openaire.usermanagement.utils;
import com.google.gson.Gson;
import com.google.gson.JsonArray;
import com.google.gson.JsonElement;
import com.google.gson.JsonObject;
import eu.dnetlib.openaire.user.pojos.RoleVerification;
import eu.dnetlib.openaire.usermanagement.dto.Role;
import eu.dnetlib.openaire.usermanagement.dto.User;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Component;
import java.util.Arrays;
import java.util.Optional;
@Component
public class JsonUtils {
@Value("${registry.version}")
private String version;
@Value("${registry.coid}")
private String coid;
public JsonObject coPersonRoles(Integer coPersonId, Integer couId, String status) {
JsonObject role = new JsonObject();
JsonArray coPersonRoles = new JsonArray();
JsonObject coPersonRole = new JsonObject();
JsonObject person = new JsonObject();
person.addProperty("Type", "CO");
person.addProperty("Id", coPersonId.toString());
coPersonRole.addProperty("Version", version);
coPersonRole.add("Person", person);
coPersonRole.addProperty("CouId", couId.toString());
coPersonRole.addProperty("Affiliation", "member");
coPersonRole.addProperty("Title", "");
coPersonRole.addProperty("O", "Openaire");
coPersonRole.addProperty("Status", status);
coPersonRole.addProperty("ValidFrom", "");
coPersonRole.addProperty("ValidThrough", "");
coPersonRoles.add(coPersonRole);
role.addProperty("RequestType", "CoPersonRoles");
role.addProperty("Version", version);
role.add("CoPersonRoles", coPersonRoles);
return role;
}
public JsonObject coGroupMembers(Integer coGroupId, Integer coPersonId, boolean member) {
JsonObject coGroup = new JsonObject();
JsonArray coGroupMembers = new JsonArray();
JsonObject coGroupMember = new JsonObject();
JsonObject person = new JsonObject();
person.addProperty("Type", "CO");
person.addProperty("Id", coPersonId.toString());
coGroupMember.addProperty("Version", version);
coGroupMember.add("Person", person);
coGroupMember.addProperty("CoGroupId", coGroupId.toString());
coGroupMember.addProperty("Member", member);
coGroupMember.addProperty("Owner", false);
coGroupMember.addProperty("ValidFrom", "");
coGroupMember.addProperty("ValidThrough", "");
coGroupMembers.add(coGroupMember);
coGroup.addProperty("RequestType", "CoGroupMembers");
coGroup.addProperty("Version", version);
coGroup.add("CoGroupMembers", coGroupMembers);
return coGroup;
}
public JsonObject createNewCou(Role role) {
JsonObject cou = new JsonObject();
JsonArray cous = new JsonArray();
JsonObject newCou = new JsonObject();
newCou.addProperty("Version", version);
newCou.addProperty("CoId", coid);
newCou.addProperty("Name", role.getName());
newCou.addProperty("Description", role.getDescription());
cous.add(newCou);
cou.addProperty("RequestType", "Cous");
cou.addProperty("Version", version);
cou.add("Cous", cous);
return cou;
}
public JsonObject createVerification(RoleVerification roleVerification) {
JsonObject verification = new JsonObject();
verification.addProperty("id", roleVerification.getId());
@ -92,19 +19,6 @@ public class JsonUtils {
return verification;
}
public static JsonArray mergeUserInfo(JsonArray users, JsonArray emails, JsonArray names, Gson gson) {
User[] emailsMapped = gson.fromJson(emails, User[].class);
User[] namesMapped = gson.fromJson(names, User[].class);
for(JsonElement user: users) {
Optional<User> emailUser = Arrays.stream(emailsMapped).filter(email -> user.getAsJsonObject().get("coPersonId").getAsString().equals(email.getCoPersonId())).findFirst();
Optional<User> nameUser = Arrays.stream(namesMapped).filter(name -> user.getAsJsonObject().get("coPersonId").getAsString().equals(name.getCoPersonId())).findFirst();
emailUser.ifPresent(value -> user.getAsJsonObject().addProperty("email", value.getEmail()));
nameUser.ifPresent(value -> user.getAsJsonObject().addProperty("name", value.getName()));
user.getAsJsonObject().remove("coPersonId");
}
return users;
}
public JsonObject createResponse(JsonElement response) {
JsonObject json = new JsonObject();
json.add("response", response);

View File

@ -1,416 +0,0 @@
package eu.dnetlib.openaire.usermanagement.utils;
import com.google.gson.JsonArray;
import com.google.gson.JsonElement;
import com.google.gson.JsonObject;
import eu.dnetlib.openaire.usermanagement.dto.Role;
import org.apache.log4j.Logger;
import org.mitre.openid.connect.model.OIDCAuthenticationToken;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.security.access.method.P;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Service;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
@Service
public class RegistryCalls {
private static final Logger logger = Logger.getLogger(RegistryCalls.class);
@Value("${registry.coid}")
private String coid;
@Autowired
public HttpUtils httpUtils;
@Autowired
public JsonUtils jsonUtils;
public String mapType(String type, boolean communityMap) {
if (type.equals("organization")) {
type = "institution";
} else if (type.equals("ri") && communityMap) {
type = "community";
}
return type;
}
/**
* 1. Get CoPersonId by Email
*/
public Integer getCoPersonIdByEmail() {
try {
OIDCAuthenticationToken authentication = (OIDCAuthenticationToken) SecurityContextHolder.getContext().getAuthentication();
String email = authentication.getUserInfo().getEmail();
Map<String, String> params = new HashMap<>();
params.put("coid", coid);
params.put("mail", email);
JsonElement response = httpUtils.get("co_people.json", params);
return (response != null) ? response.getAsJsonObject().get("CoPeople").getAsJsonArray().get(0).getAsJsonObject().get("Id").getAsInt() : null;
} catch (Exception e) {
logger.error("Get User info: An error occurred ", e);
return null;
}
}
public Integer getCoPersonIdByEmail(String email) {
Map<String, String> params = new HashMap<>();
params.put("coid", coid);
params.put("mail", email);
JsonElement response = httpUtils.get("co_people.json", params);
if (response != null) {
JsonArray coPeople = response.getAsJsonObject().get("CoPeople").getAsJsonArray();
if (coPeople.size() > 0) {
return coPeople.get(0).getAsJsonObject().get("Id").getAsInt();
}
}
return null;
}
public List<Integer> getCoPersonIdsByEmail(String email) {
List<Integer> coPersonIds = new ArrayList<>();
Map<String, String> params = new HashMap<>();
params.put("coid", coid);
params.put("mail", email);
JsonElement response = httpUtils.get("co_people.json", params);
if (response != null) {
JsonArray coPeople = response.getAsJsonObject().get("CoPeople").getAsJsonArray();
for (int i = 0; i < coPeople.size(); i++) {
coPersonIds.add(coPeople.get(i).getAsJsonObject().get("Id").getAsInt());
}
}
return coPersonIds;
}
/**
* 2. Get CoPersonId by AAI identifier
*/
public Integer getCoPersonIdByIdentifier() {
try {
OIDCAuthenticationToken authentication = (OIDCAuthenticationToken) SecurityContextHolder.getContext().getAuthentication();
String sub = authentication.getUserInfo().getSub();
Map<String, String> params = new HashMap<>();
params.put("coid", coid);
params.put("search.identifier", sub);
JsonElement response = httpUtils.get("co_people.json", params);
return (response != null) ? response.getAsJsonObject().get("CoPeople").getAsJsonArray().get(0).getAsJsonObject().get("Id").getAsInt() : null;
} catch (Exception e) {
logger.error("Get User info: An error occurred ", e);
return null;
}
}
public Integer getCoPersonIdByIdentifier(String sub) {
Map<String, String> params = new HashMap<>();
params.put("coid", coid);
params.put("search.identifier", sub);
JsonElement response = httpUtils.get("co_people.json", params);
return (response != null) ? response.getAsJsonObject().get("CoPeople").getAsJsonArray().get(0).getAsJsonObject().get("Id").getAsInt() : null;
}
/**
* 3.1 Get OpenAIRE cous with a specific name(or substring)
*/
public JsonArray getCous(String name) {
Map<String, String> params = new HashMap<>();
params.put("coid", coid);
if (name != null) {
params.put("name", name.toLowerCase());
}
JsonElement response = httpUtils.get("cous.json", params);
return (response != null) ? response.getAsJsonObject().get("Cous").getAsJsonArray() : new JsonArray();
}
/**
* 3.2 Get all OpenAIRE cous
*/
public JsonArray getCous() {
return getCous(null);
}
/**
* 4.1 Get a couId by name
*
* @param name
* @return
*/
public Integer getCouId(String name) {
JsonArray cous = getCous(name);
for (JsonElement cou : cous) {
if (cou.getAsJsonObject().get("Name").getAsString().toLowerCase().equals(name.toLowerCase())) {
return cou.getAsJsonObject().get("Id").getAsInt();
}
}
return null;
}
/**
* 4.2 Get a couId by type.id with/without mapping type
*
* @param type
* @param id
* @return
*/
public Integer getCouId(String type, String id, boolean communityMap) {
return getCouId(mapType(type, communityMap) + "." + id);
}
/**
* 4.3 Get a couId by type.id with mapping type
*
* @param type
* @param id
* @return
*/
public Integer getCouId(String type, String id) {
return getCouId(type, id, true);
}
/**
* 5. Get User non admin roles
*/
public JsonArray getRoles(Integer coPersonId) {
Map<String, String> params = new HashMap<>();
params.put("copersonid", coPersonId.toString());
JsonElement response = httpUtils.get("co_person_roles.json", params);
return (response != null) ? response.getAsJsonObject().get("CoPersonRoles").getAsJsonArray() : new JsonArray();
}
/**
* 6. Get Role id of User base on couId.
*/
public Integer getRoleId(Integer coPersonId, Integer couId) {
JsonArray roles = getRoles(coPersonId);
for (JsonElement role : roles) {
JsonObject object = role.getAsJsonObject();
if (object.get("CouId").getAsInt() == couId && !object.get("Status").getAsString().equals("Deleted")) {
return object.get("Id").getAsInt();
}
}
return null;
}
/**
* 7. Get User Groups
*/
public JsonArray getUserGroups(Integer coPersonId) {
Map<String, String> params = new HashMap<>();
params.put("copersonid", coPersonId.toString());
JsonElement response = httpUtils.get("co_groups.json", params);
return (response != null) ? response.getAsJsonObject().get("CoGroups").getAsJsonArray() : new JsonArray();
}
/**
* 8. Get User Admin Group of a Cou
*/
public JsonObject getUserAdminGroup(Integer coPersonId, Integer couId) {
Map<String, String> params = new HashMap<>();
params.put("copersonid", coPersonId.toString());
JsonElement response = httpUtils.get("co_groups.json", params);
JsonArray roles = (response != null) ? response.getAsJsonObject().get("CoGroups").getAsJsonArray() : new JsonArray();
for (JsonElement role : roles) {
JsonObject object = role.getAsJsonObject();
if (object.get("CouId") != null && object.get("CouId").getAsInt() == couId) {
if (object.get("Name").getAsString().contains("admins")) {
return object;
}
}
}
return null;
}
/**
* 9. Get Groups of a Cou
*/
public JsonArray getCouGroups(Integer couId) {
Map<String, String> params = new HashMap<>();
params.put("coid", coid);
params.put("couid", couId.toString());
JsonElement response = httpUtils.get("co_groups.json", params);
return (response != null) ? response.getAsJsonObject().get("CoGroups").getAsJsonArray() : new JsonArray();
}
/**
* 10. Get Admin Group of a Cou
*/
public JsonObject getCouAdminGroup(Integer couId) {
JsonArray groups = getCouGroups(couId);
for (JsonElement group : groups) {
if (group.getAsJsonObject().get("Name").getAsString().contains("admins")) {
return group.getAsJsonObject();
}
}
return null;
}
/**
* 11. Get users of a group
*/
public JsonArray getGroupMembers(Integer coGroupId) {
Map<String, String> params = new HashMap<>();
params.put("cogroupid", coGroupId.toString());
JsonElement response = httpUtils.get("co_group_members.json", params);
return (response != null) ? response.getAsJsonObject().get("CoGroupMembers").getAsJsonArray() : new JsonArray();
}
/**
* 12. Get Users' email of a Cou
*/
public JsonArray getUserEmailByCouId(Integer couId, boolean admin) {
Map<String, String> params = new HashMap<>();
params.put("couid", couId.toString());
if (admin) {
params.put("admin", "true");
}
JsonElement response = httpUtils.get("email_addresses.json", params);
JsonArray infos = (response != null) ? response.getAsJsonObject().get("EmailAddresses").getAsJsonArray() : new JsonArray();
JsonArray emails = new JsonArray();
infos.forEach(info -> {
JsonObject user = new JsonObject();
user.addProperty("coPersonId", info.getAsJsonObject().get("Person").getAsJsonObject().get("Id").getAsString());
user.addProperty("email", info.getAsJsonObject().get("Mail").getAsString());
user.addProperty("memberSince", info.getAsJsonObject().get("Created").getAsString());
emails.add(user);
});
return emails;
}
/**
* 13. Get Users' names of a Cou
*/
public JsonArray getUserNamesByCouId(Integer couId, boolean admin) {
Map<String, String> params = new HashMap<>();
params.put("couid", couId.toString());
if (admin) {
params.put("admin", "true");
}
JsonElement response = httpUtils.get("names.json", params);
JsonArray infos = (response != null) ? response.getAsJsonObject().get("Names").getAsJsonArray() : new JsonArray();
JsonArray names = new JsonArray();
infos.forEach(info -> {
JsonObject user = new JsonObject();
user.addProperty("coPersonId", info.getAsJsonObject().get("Person").getAsJsonObject().get("Id").getAsString());
user.addProperty("name", info.getAsJsonObject().get("Given").getAsString() + " " + info.getAsJsonObject().get("Family").getAsString());
user.addProperty("memberSince", info.getAsJsonObject().get("Created").getAsString());
names.add(user);
});
return names;
}
/**
* 14. Get Users' identifiers of a Cou
*/
public JsonArray getUserIdByCouId(Integer couId, boolean admin) {
Map<String, String> params = new HashMap<>();
params.put("couid", couId.toString());
if (admin) {
params.put("admin", "true");
}
JsonElement response = httpUtils.get("identifiers.json", params);
JsonArray infos = (response != null) ? response.getAsJsonObject().get("Identifiers").getAsJsonArray() : new JsonArray();
JsonArray ids = new JsonArray();
infos.forEach(info -> {
JsonObject user = new JsonObject();
user.addProperty("coPersonId", info.getAsJsonObject().get("Person").getAsJsonObject().get("Id").getAsString());
user.addProperty("id", info.getAsJsonObject().get("Identifier").getAsString());
user.addProperty("memberSince", info.getAsJsonObject().get("Created").getAsString());
ids.add(user);
});
return ids;
}
/**
* 15. Assign a member role to a User
*/
public void assignMemberRole(Integer coPersonId, Integer couId, Integer id) {
if (id != null) {
httpUtils.put("co_person_roles/" + id.toString() + ".json", jsonUtils.coPersonRoles(coPersonId, couId, "Active"));
} else {
httpUtils.post("co_person_roles.json", jsonUtils.coPersonRoles(coPersonId, couId, "Active"));
}
}
/**
* 16. Remove a member role from a User
*/
public void removeMemberRole(Integer coPersonId, Integer couId, Integer id) {
if (id != null) {
httpUtils.put("co_person_roles/" + id.toString() + ".json", jsonUtils.coPersonRoles(coPersonId, couId, "Deleted"));
}
}
/**
* 17. Create a new role
*/
public Integer createRole(Role role) {
JsonElement element = httpUtils.post("cous.json", jsonUtils.createNewCou(role));
return element.getAsJsonObject().get("Id").getAsInt();
}
/**
* 18. Get User's email
*/
public String getUserEmail(Integer coPersonId) {
Map<String, String> params = new HashMap<>();
params.put("copersonid", coPersonId.toString());
JsonElement response = httpUtils.get("email_addresses.json", params);
JsonObject info = (response != null) ? response.getAsJsonObject().get("EmailAddresses").getAsJsonArray().get(0).getAsJsonObject() : null;
return (info != null) ? info.getAsJsonObject().get("Mail").getAsString() : null;
}
/**
* 19. Get User's names
*/
public String getUserNames(Integer coPersonId) {
Map<String, String> params = new HashMap<>();
params.put("copersonid", coPersonId.toString());
JsonElement response = httpUtils.get("names.json", params);
JsonObject info = (response != null) ? response.getAsJsonObject().get("Names").getAsJsonArray().get(0).getAsJsonObject() : null;
return (info != null) ? info.getAsJsonObject().get("Given").getAsString() + " " + info.getAsJsonObject().get("Family").getAsString() : null;
}
/**
* 20. Get User's identifier
*/
public String getUserId(Integer coPersonId) {
Map<String, String> params = new HashMap<>();
params.put("copersonid", coPersonId.toString());
JsonElement response = httpUtils.get("identifiers.json", params);
JsonObject info = (response != null) ? response.getAsJsonObject().get("Identifiers").getAsJsonArray().get(0).getAsJsonObject() : null;
return (info != null) ? info.getAsJsonObject().get("Identifier").getAsString() : null;
}
/**
* 21. Assign an admin role to a User
*/
public void assignAdminRole(Integer coPersonId, Integer couId) {
JsonObject group = getCouAdminGroup(couId);
if (group != null) {
httpUtils.post("co_group_members.json", jsonUtils.coGroupMembers(group.get("Id").getAsInt(), coPersonId, true));
}
}
/**
* 22. Remove an admin role from a User
*/
public void removeAdminRole(Integer coPersonId, Integer couId) {
JsonObject adminGroup = this.getCouAdminGroup(couId);
JsonArray admins = this.getGroupMembers(adminGroup.get("Id").getAsInt());
Integer id = null;
for (JsonElement admin : admins) {
if (admin.getAsJsonObject().get("Person").getAsJsonObject().get("Id").getAsInt() == coPersonId) {
id = admin.getAsJsonObject().get("Id").getAsInt();
}
}
if (id != null) {
httpUtils.delete("co_group_members/" + id.toString() + ".json");
}
}
}

View File

@ -0,0 +1,132 @@
package eu.dnetlib.openaire.usermanagement.utils;
import com.google.gson.JsonElement;
import org.apache.log4j.Logger;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Service;
import org.springframework.web.client.HttpClientErrorException;
import javax.servlet.http.HttpServletRequest;
import java.util.HashMap;
import java.util.Map;
@Service
public class RoleManagement {
private static final Logger logger = Logger.getLogger(RoleManagement.class);
@Value("${role-management.url}")
private String url;
public HttpUtils httpUtils;
public AuthorizationService authorizationService;
@Autowired
public RoleManagement(HttpUtils httpUtils, AuthorizationService authorizationService) {
this.httpUtils = httpUtils;
this.authorizationService = authorizationService;
}
private String mapType(String type, boolean communityMap) {
if (type.equals("organization")) {
type = "institution";
} else if (type.equals("ri") && communityMap) {
type = "community";
}
return type;
}
public JsonElement assignMemberRole(String type, String id, HttpServletRequest request) throws HttpClientErrorException {
return this.httpUtils.post(url + "/member/" + mapType(type, false) + "/" + id, getSessionCookie(request), null, null);
}
public JsonElement assignManagerRole(String type, String id, HttpServletRequest request) throws HttpClientErrorException {
Map<String, String> params = new HashMap<>();
params.put("force", "true");
return this.httpUtils.post(url + "/admin/" + mapType(type, true) + "/" + id, getSessionCookie(request), null, params);
}
public JsonElement removeMemberRole(String type, String id, HttpServletRequest request) throws HttpClientErrorException {
Map<String, String> params = new HashMap<>();
params.put("force", "true");
return this.httpUtils.delete(url + "/member/" + mapType(type, false) + "/" + id, getSessionCookie(request), params);
}
public JsonElement removeMemberRole(String type, String id, String email) throws HttpClientErrorException {
Map<String, String> params = new HashMap<>();
params.put("email", email);
return this.httpUtils.delete(url + "/member/" + mapType(type, false) + "/" + id, null, params);
}
public JsonElement removeManagerRole(String type, String id, HttpServletRequest request) throws HttpClientErrorException {
return this.httpUtils.delete(url + "/admin/" + mapType(type, true) + "/" + id, getSessionCookie(request), null);
}
public JsonElement removeManagerRole(String type, String id, String email) throws HttpClientErrorException {
Map<String, String> params = new HashMap<>();
params.put("email", email);
return this.httpUtils.delete(url + "/admin/" + mapType(type, true) + "/" + id, null, params);
}
public JsonElement getAllMembers(String type, String id) throws HttpClientErrorException {
return this.httpUtils.get(url + "/member/" + mapType(type, false) + "/" + id, null, null);
}
public int getAllMembersCount(String type, String id) throws HttpClientErrorException {
return this.httpUtils.get(url + "/member/" + mapType(type, false) + "/" + id + "/count", null, null).getAsInt();
}
public JsonElement getAllManagers(String type, String id) throws HttpClientErrorException {
Map<String, String> params = new HashMap<>();
if(!authorizationService.isPortalAdmin() && !authorizationService.isCurator(type) && !authorizationService.isManager(type, id)) {
params.put("name", "false");
params.put("email", "false");
}
return this.httpUtils.get(url + "/admin/" + mapType(type, true) + "/" + id, null, params);
}
public JsonElement getAllCurators(String type) throws HttpClientErrorException {
return this.httpUtils.get(url + "/curator/" + mapType(type, false), null, null);
}
public boolean isMember(String type, String id, String email) throws HttpClientErrorException {
for (JsonElement element : this.httpUtils.get(url + "/member/" + mapType(type, false) + "/" + id, null, null).getAsJsonArray()) {
if (element.getAsJsonObject().get("email").getAsString().equalsIgnoreCase(email)) {
return true;
}
}
return false;
}
public boolean isManager(String type, String id, String email) throws HttpClientErrorException {
for (JsonElement element : this.httpUtils.get(url + "/admin/" + mapType(type, true) + "/" + id, null, null).getAsJsonArray()) {
if (element.getAsJsonObject().get("email").getAsString().equalsIgnoreCase(email)) {
return true;
}
}
return false;
}
public JsonElement createMemberRole(String type, String id) {
Map<String, String> params = new HashMap<>();
params.put("description", mapType(type, false) + " " + id);
return this.httpUtils.post(url + "/member/" + mapType(type, false) + "/" + id + "/create", null, null, params);
}
public JsonElement createCuratorRole(String type) {
Map<String, String> params = new HashMap<>();
params.put("description", mapType(type, false) + " Curator");
return this.httpUtils.post(url + "/curator/" + mapType(type, false) + "/create", null, null, params);
}
public JsonElement createRole(String name, String description) {
Map<String, String> params = new HashMap<>();
params.put("name", name);
params.put("description", description);
return this.httpUtils.post(url + "/super/create", null, null, params);
}
private String getSessionCookie(HttpServletRequest request) {
return httpUtils.getCookie(request, "openAIRESession");
}
}

View File

@ -1,8 +1,4 @@
google.recaptcha.secret = 6LfYrU8UAAAAADwrbImPvDo_XcxEZvrkkgMy9yU0
google.recaptcha.key = 6LfYrU8UAAAAAFsl3m2YhP1uavdmAdFEXBkoY_vd
registry.issuer = https://openaire-dev.aai-dev.grnet.gr/registry
registry.user = user
registry.password = pass
registry.version = 1.0
registry.coid = 2
role-management.url = http://mpagasas.di.uoa.gr:8080/dnet-role-management