538 lines
30 KiB
Java
538 lines
30 KiB
Java
package eu.dnetlib.openaire.usermanagement.api;
|
|
|
|
import com.google.gson.JsonArray;
|
|
import com.google.gson.JsonObject;
|
|
import com.google.gson.JsonParser;
|
|
import eu.dnetlib.openaire.user.login.utils.AuthoritiesUpdater;
|
|
import eu.dnetlib.openaire.user.pojos.RoleVerification;
|
|
import eu.dnetlib.openaire.user.utils.EmailSender;
|
|
import eu.dnetlib.openaire.usermanagement.dto.Role;
|
|
import eu.dnetlib.openaire.usermanagement.utils.AuthorizationService;
|
|
import eu.dnetlib.openaire.usermanagement.utils.JsonUtils;
|
|
import eu.dnetlib.openaire.usermanagement.utils.RegistryCalls;
|
|
import eu.dnetlib.openaire.usermanagement.utils.VerificationUtils;
|
|
import org.apache.log4j.Logger;
|
|
import org.mitre.openid.connect.model.OIDCAuthenticationToken;
|
|
import org.springframework.beans.factory.annotation.Autowired;
|
|
import org.springframework.http.HttpStatus;
|
|
import org.springframework.security.access.prepost.PreAuthorize;
|
|
import org.springframework.security.core.authority.SimpleGrantedAuthority;
|
|
import org.springframework.security.core.context.SecurityContextHolder;
|
|
import org.springframework.stereotype.Component;
|
|
import org.springframework.web.bind.annotation.RequestBody;
|
|
|
|
import javax.mail.MessagingException;
|
|
import javax.ws.rs.*;
|
|
import javax.ws.rs.core.MediaType;
|
|
import javax.ws.rs.core.Response;
|
|
import java.util.Collection;
|
|
import java.util.HashSet;
|
|
|
|
@Component(value = "RegistryService")
|
|
@Path("/registry")
|
|
public class RegistryService {
|
|
|
|
private static final Logger logger = Logger.getLogger(RegistryService.class);
|
|
|
|
@Autowired
|
|
private RegistryCalls calls;
|
|
|
|
@Autowired
|
|
private JsonUtils jsonUtils;
|
|
|
|
@Autowired
|
|
private EmailSender emailSender;
|
|
|
|
@Autowired
|
|
private VerificationUtils verificationUtils;
|
|
|
|
@Autowired
|
|
private AuthoritiesUpdater authoritiesUpdater;
|
|
|
|
@Autowired
|
|
private AuthorizationService authorizationService;
|
|
|
|
private String sendEmail() {
|
|
OIDCAuthenticationToken authenticationToken = (OIDCAuthenticationToken) SecurityContextHolder.getContext().getAuthentication();
|
|
return authenticationToken.getUserInfo().getEmail();
|
|
}
|
|
|
|
/**
|
|
* Subscribe to a type(Community, etc.) with id(ee, egi, etc.)
|
|
*/
|
|
@Path("/subscribe/{type}/{id}")
|
|
@POST
|
|
@Produces(MediaType.APPLICATION_JSON)
|
|
@PreAuthorize("isAuthenticated() and @AuthorizationService.isCommunity(#type)")
|
|
public Response subscribe(@PathParam("type") String type, @PathParam("id") String id) {
|
|
Integer coPersonId = calls.getCoPersonIdByIdentifier();
|
|
Integer couId = calls.getCouId(type, id);
|
|
if (couId != null) {
|
|
Integer role = calls.getRoleId(coPersonId, couId);
|
|
calls.assignMemberRole(coPersonId, couId, role);
|
|
authoritiesUpdater.update(sendEmail(), old -> {
|
|
HashSet<SimpleGrantedAuthority> authorities = new HashSet<>((Collection<? extends SimpleGrantedAuthority>) old);
|
|
authorities.add(new SimpleGrantedAuthority(authorizationService.member(type, id)));
|
|
return authorities;
|
|
});
|
|
return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse("Role has been assigned").toString()).type(MediaType.APPLICATION_JSON).build();
|
|
} else {
|
|
return Response.status(HttpStatus.NOT_FOUND.value()).entity(jsonUtils.createResponse("Role has not been found").toString()).type(MediaType.APPLICATION_JSON).build();
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Unsubscribe from type(Community, etc.) with id(ee, egi, etc.).
|
|
* If user has manager role for this entity, it will be removed too.
|
|
*/
|
|
@Path("/unsubscribe/{type}/{id}")
|
|
@POST
|
|
@Produces(MediaType.APPLICATION_JSON)
|
|
@PreAuthorize("isAuthenticated() and @AuthorizationService.isCommunity(#type)")
|
|
public Response unsubscribe(@PathParam("type") String type, @PathParam("id") String id) {
|
|
Integer coPersonId = calls.getCoPersonIdByIdentifier();
|
|
Integer couId = calls.getCouId(type, id);
|
|
if (couId != null) {
|
|
Integer role = calls.getRoleId(coPersonId, couId);
|
|
if (role != null) {
|
|
calls.removeAdminRole(coPersonId, couId);
|
|
calls.removeMemberRole(coPersonId, couId, role);
|
|
authoritiesUpdater.update(sendEmail(), old -> {
|
|
HashSet<SimpleGrantedAuthority> authorities = new HashSet<>((Collection<? extends SimpleGrantedAuthority>) old);
|
|
authorities.remove(new SimpleGrantedAuthority(authorizationService.manager(type, id)));
|
|
authorities.remove(new SimpleGrantedAuthority(authorizationService.member(type, id)));
|
|
return authorities;
|
|
});
|
|
return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse("Role has been removed").toString()).type(MediaType.APPLICATION_JSON).build();
|
|
} else
|
|
return Response.status(HttpStatus.NOT_FOUND.value()).entity(jsonUtils.createResponse("User does not have this role").toString()).type(MediaType.APPLICATION_JSON).build();
|
|
} else {
|
|
return Response.status(HttpStatus.NOT_FOUND.value()).entity(jsonUtils.createResponse("Role has not been found").toString()).type(MediaType.APPLICATION_JSON).build();
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Create a new role with the given name and description.
|
|
**/
|
|
@Path("/createRole")
|
|
@POST
|
|
@Produces(MediaType.APPLICATION_JSON)
|
|
@Consumes(MediaType.APPLICATION_JSON)
|
|
@PreAuthorize("hasAnyAuthority(@AuthorizationService.PORTAL_ADMIN)")
|
|
public Response createRole(@RequestBody Role role) {
|
|
calls.createRole(role);
|
|
return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse("Role has been created").toString()).type(MediaType.APPLICATION_JSON).build();
|
|
}
|
|
|
|
/**
|
|
*
|
|
* Invite user with email to manage a type(Community, etc.) with id(ee, egi, etc.)
|
|
* Auto generated link and code will be sent as response.
|
|
*/
|
|
@Path("/invite/{type}/{id}/manager")
|
|
@POST
|
|
@Produces(MediaType.APPLICATION_JSON)
|
|
@PreAuthorize("hasAnyAuthority(@AuthorizationService.PORTAL_ADMIN, " +
|
|
"@AuthorizationService.curator(#type), @AuthorizationService.manager(#type, #id))")
|
|
public Response inviteManager(@PathParam("type") String type, @PathParam("id") String id, @RequestBody String body) {
|
|
Integer couId = calls.getCouId(type, id);
|
|
if (couId != null) {
|
|
JsonObject details = new JsonParser().parse(body).getAsJsonObject();
|
|
JsonObject email = details.get("email").getAsJsonObject();
|
|
String recipient = email.get("recipient").getAsString();
|
|
Integer coPersonId = calls.getCoPersonIdByEmail(recipient);
|
|
if (coPersonId == null || calls.getUserAdminGroup(coPersonId, couId) == null) {
|
|
JsonObject invitation = verificationUtils.createManagerInvitation(recipient, type, id);
|
|
return sendEmail(details, email, coPersonId, invitation);
|
|
} else {
|
|
return Response.status(HttpStatus.CONFLICT.value()).entity(jsonUtils.createResponse("User has been already manager of this " + type).toString()).type(MediaType.APPLICATION_JSON).build();
|
|
}
|
|
} else {
|
|
return Response.status(HttpStatus.NOT_FOUND.value()).entity(jsonUtils.createResponse("Role has not been found").toString()).type(MediaType.APPLICATION_JSON).build();
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Invite user with email to be a member of a type(Community, etc.) with id(ee, egi, etc.)
|
|
* Auto generated link and code will be sent as response.
|
|
*/
|
|
@Path("/invite/{type}/{id}/member")
|
|
@POST
|
|
@Produces(MediaType.APPLICATION_JSON)
|
|
@PreAuthorize("hasAnyAuthority(@AuthorizationService.PORTAL_ADMIN, " +
|
|
"@AuthorizationService.curator(#type), @AuthorizationService.manager(#type, #id))")
|
|
public Response inviteMember(@PathParam("type") String type, @PathParam("id") String id, @RequestBody String body) {
|
|
Integer couId = calls.getCouId(type, id);
|
|
if (couId != null) {
|
|
JsonObject details = new JsonParser().parse(body).getAsJsonObject();
|
|
JsonObject email = details.get("email").getAsJsonObject();
|
|
String recipient = email.get("recipient").getAsString();
|
|
Integer coPersonId = calls.getCoPersonIdByEmail(recipient);
|
|
if (coPersonId == null || calls.getRoleId(coPersonId, couId) == null) {
|
|
JsonObject invitation = verificationUtils.createMemberInvitation(recipient, type, id);
|
|
return sendEmail(details, email, coPersonId, invitation);
|
|
} else {
|
|
return Response.status(HttpStatus.CONFLICT.value()).entity(jsonUtils.createResponse("User has been already member of this " + type).toString()).type(MediaType.APPLICATION_JSON).build();
|
|
}
|
|
} else {
|
|
return Response.status(HttpStatus.NOT_FOUND.value()).entity(jsonUtils.createResponse("Role has not been found").toString()).type(MediaType.APPLICATION_JSON).build();
|
|
}
|
|
}
|
|
|
|
private Response sendEmail(JsonObject details, JsonObject email, Integer coPersonId, JsonObject invitation) {
|
|
String name = (coPersonId != null)?calls.getUserNames(coPersonId):"User";
|
|
String link = details.get("link").getAsString() + invitation.get("link").getAsString();
|
|
String subject = email.get("subject").getAsString();
|
|
String message = email.get("body").getAsString().
|
|
replace("((__user__))", name).
|
|
replace("((__link__))", link).
|
|
replace("((__code__))", invitation.get("code").getAsString());
|
|
try {
|
|
emailSender.sendEmail(email.get("recipient").getAsString(), subject, message);
|
|
return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse(invitation).toString()).type(MediaType.APPLICATION_JSON).build();
|
|
} catch (MessagingException e) {
|
|
logger.error(e.getMessage());
|
|
verificationUtils.deleteVerification(invitation.get("link").getAsString());
|
|
return Response.status(HttpStatus.BAD_REQUEST.value()).entity(jsonUtils.createResponse("Email sent failed").toString()).type(MediaType.APPLICATION_JSON).build();
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Cancel invitation to user with email for managing a type(Community, etc.) with id(ee, egi, etc.)
|
|
*/
|
|
@Path("/invite/{type}/{id}/manager/{email}")
|
|
@DELETE
|
|
@Produces(MediaType.APPLICATION_JSON)
|
|
@PreAuthorize("hasAnyAuthority(@AuthorizationService.PORTAL_ADMIN, " +
|
|
"@AuthorizationService.curator(#type), @AuthorizationService.manager(#type, #id))")
|
|
public Response cancelManagerInvitations(@PathParam("type") String type, @PathParam("id") String id, @PathParam("email") String email) {
|
|
Integer couId = calls.getCouId(type, id);
|
|
if (couId != null) {
|
|
verificationUtils.deleteManagerVerifications(email, type, id);
|
|
return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse("Invitations have been deleted").toString()).type(MediaType.APPLICATION_JSON).build();
|
|
} else {
|
|
return Response.status(HttpStatus.NOT_FOUND.value()).entity(jsonUtils.createResponse("Role has not been found").toString()).type(MediaType.APPLICATION_JSON).build();
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Cancel invitation to user with email for being member of a type(Community, etc.) with id(ee, egi, etc.)
|
|
*/
|
|
@Path("/invite/{type}/{id}/member/{email}")
|
|
@DELETE
|
|
@Produces(MediaType.APPLICATION_JSON)
|
|
@PreAuthorize("hasAnyAuthority(@AuthorizationService.PORTAL_ADMIN, " +
|
|
"@AuthorizationService.curator(#type), @AuthorizationService.manager(#type, #id))")
|
|
public Response cancelMemberInvitations(@PathParam("type") String type, @PathParam("id") String id, @PathParam("email") String email) {
|
|
Integer couId = calls.getCouId(type, id);
|
|
if (couId != null) {
|
|
verificationUtils.deleteMemberVerifications(email, type, id);
|
|
return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse("Invitations have been deleted").toString()).type(MediaType.APPLICATION_JSON).build();
|
|
} else {
|
|
return Response.status(HttpStatus.NOT_FOUND.value()).entity(jsonUtils.createResponse("Role has not been found").toString()).type(MediaType.APPLICATION_JSON).build();
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Get the invited managers for a type(Community, etc.) with id(ee, egi, etc.)
|
|
*/
|
|
@Path("/invite/{type}/{id}/managers/")
|
|
@GET
|
|
@Produces(MediaType.APPLICATION_JSON)
|
|
@PreAuthorize("hasAnyAuthority(@AuthorizationService.PORTAL_ADMIN, " +
|
|
"@AuthorizationService.curator(#type), @AuthorizationService.manager(#type, #id))")
|
|
public Response getInvitedManagers(@PathParam("type") String type, @PathParam("id") String id) {
|
|
JsonArray invited = verificationUtils.getInvitedManagers(type, id);
|
|
return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse(invited).toString()).type(MediaType.APPLICATION_JSON).build();
|
|
}
|
|
|
|
/**
|
|
* Get the invited members for a type(Community, etc.) with id(ee, egi, etc.)
|
|
*/
|
|
@Path("/invite/{type}/{id}/members/")
|
|
@GET
|
|
@Produces(MediaType.APPLICATION_JSON)
|
|
@PreAuthorize("hasAnyAuthority(@AuthorizationService.PORTAL_ADMIN, " +
|
|
"@AuthorizationService.curator(#type), @AuthorizationService.manager(#type, #id))")
|
|
public Response getInviteMembers(@PathParam("type") String type, @PathParam("id") String id) {
|
|
JsonArray invited = verificationUtils.getInvitedMembers(type, id);
|
|
return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse(invited).toString()).type(MediaType.APPLICATION_JSON).build();
|
|
}
|
|
|
|
/**
|
|
* Get the verification with a specific id only if it refers to the logged in user
|
|
*/
|
|
@Path("verification/{id}")
|
|
@GET
|
|
@Produces(MediaType.APPLICATION_JSON)
|
|
@PreAuthorize("isAuthenticated()")
|
|
public Response getVerification(@PathParam("id") String id) {
|
|
RoleVerification verification = verificationUtils.getVerification(id);
|
|
if (verification != null) {
|
|
if (calls.getCoPersonIdByEmail(verification.getEmail()).equals(calls.getCoPersonIdByIdentifier())) {
|
|
return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse(jsonUtils.createVerification(verification)).toString()).type(MediaType.APPLICATION_JSON).build();
|
|
} else {
|
|
return Response.status(HttpStatus.FORBIDDEN.value()).entity(jsonUtils.createResponse("Forbidden verification").toString()).type(MediaType.APPLICATION_JSON).build();
|
|
}
|
|
} else {
|
|
return Response.status(HttpStatus.NOT_FOUND.value()).entity(jsonUtils.createResponse("Verification has not been found").toString()).type(MediaType.APPLICATION_JSON).build();
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Delete the verification with a specific id.
|
|
*/
|
|
@Path("verification/{id}")
|
|
@DELETE
|
|
@Produces(MediaType.APPLICATION_JSON)
|
|
@PreAuthorize("isAuthenticated() && @VerificationUtils.ownedVerification(#id)")
|
|
public Response deleteVerification(@PathParam("id") String id) {
|
|
if (verificationUtils.getVerification(id) != null) {
|
|
verificationUtils.deleteVerification(id);
|
|
return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse(jsonUtils.createResponse("Verification deleted")).toString()).type(MediaType.APPLICATION_JSON).build();
|
|
} else {
|
|
return Response.status(HttpStatus.NOT_FOUND.value()).entity(jsonUtils.createResponse(jsonUtils.createResponse("Verification has not been found")).toString()).type(MediaType.APPLICATION_JSON).build();
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Verify the verification with the specific id, if the code is correct and it refers to the logged in user.
|
|
* Manager role is assigned to this user, along with the member role.
|
|
*/
|
|
@Path("verification/manager/{id}")
|
|
@POST
|
|
@Produces(MediaType.APPLICATION_JSON)
|
|
@PreAuthorize("isAuthenticated()")
|
|
public Response verifyManager(@PathParam("id") String id, @RequestBody String code) {
|
|
RoleVerification verification = verificationUtils.getVerification(id);
|
|
if (verification != null && verification.getVerificationType().equals("manager")) {
|
|
Integer coPersonId = calls.getCoPersonIdByEmail(verification.getEmail());
|
|
if (coPersonId != null) {
|
|
if (coPersonId.equals(calls.getCoPersonIdByIdentifier())) {
|
|
if (verification.getVerificationCode().equals(code)) {
|
|
Integer couId = calls.getCouId(verification.getType(), verification.getEntity());
|
|
if (couId != null) {
|
|
Integer role = calls.getRoleId(coPersonId, couId);
|
|
calls.assignMemberRole(coPersonId, couId, role);
|
|
verificationUtils.deleteMemberVerifications(verification.getEmail(), verification.getType(), verification.getEntity());
|
|
if (calls.getUserAdminGroup(coPersonId, couId) == null) {
|
|
verificationUtils.deleteManagerVerifications(verification.getEmail(), verification.getType(), verification.getEntity());
|
|
calls.assignAdminRole(coPersonId, couId);
|
|
authoritiesUpdater.update(verification.getEmail(), old -> {
|
|
HashSet<SimpleGrantedAuthority> authorities = new HashSet<>((Collection<? extends SimpleGrantedAuthority>) old);
|
|
authorities.add(new SimpleGrantedAuthority(authorizationService.member(verification.getType(), verification.getEntity())));
|
|
authorities.add(new SimpleGrantedAuthority(authorizationService.manager(verification.getType(), verification.getEntity())));
|
|
return authorities;
|
|
});
|
|
return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse("Admin role has been assigned").toString()).type(MediaType.APPLICATION_JSON).build();
|
|
} else {
|
|
return Response.status(HttpStatus.CONFLICT.value()).entity(jsonUtils.createResponse("User is already admin of this cou").toString()).type(MediaType.APPLICATION_JSON).build();
|
|
}
|
|
} else {
|
|
return Response.status(HttpStatus.NOT_FOUND.value()).entity(jsonUtils.createResponse("Role has not been found").toString()).type(MediaType.APPLICATION_JSON).build();
|
|
}
|
|
} else {
|
|
return Response.status(HttpStatus.FORBIDDEN.value()).entity(jsonUtils.createResponse("Verification code is wrong").toString()).type(MediaType.APPLICATION_JSON).build();
|
|
}
|
|
} else {
|
|
return Response.status(HttpStatus.FORBIDDEN.value()).entity(jsonUtils.createResponse("Forbidden verification").toString()).type(MediaType.APPLICATION_JSON).build();
|
|
}
|
|
} else {
|
|
return Response.status(HttpStatus.NOT_FOUND.value()).entity(jsonUtils.createResponse("User has not been found").toString()).type(MediaType.APPLICATION_JSON).build();
|
|
}
|
|
} else {
|
|
return Response.status(HttpStatus.NOT_FOUND.value()).entity(jsonUtils.createResponse("Verification has not been found").toString()).type(MediaType.APPLICATION_JSON).build();
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Verify the verification with the specific id, if the code is correct and it refers to the logged in user.
|
|
* Member role is assigned to this user, along with the member role.
|
|
*/
|
|
@Path("verification/member/{id}")
|
|
@POST
|
|
@Produces(MediaType.APPLICATION_JSON)
|
|
@PreAuthorize("isAuthenticated()")
|
|
public Response verifyMember(@PathParam("id") String id, @RequestBody String code) {
|
|
RoleVerification verification = verificationUtils.getVerification(id);
|
|
if (verification != null && verification.getVerificationType().equals("member")) {
|
|
Integer coPersonId = calls.getCoPersonIdByEmail(verification.getEmail());
|
|
if (coPersonId != null) {
|
|
if (coPersonId.equals(calls.getCoPersonIdByIdentifier())) {
|
|
if (verification.getVerificationCode().equals(code)) {
|
|
Integer couId = calls.getCouId(verification.getType(), verification.getEntity());
|
|
if (couId != null) {
|
|
Integer role = calls.getRoleId(coPersonId, couId);
|
|
calls.assignMemberRole(coPersonId, couId, role);
|
|
authoritiesUpdater.update(verification.getEmail(), old -> {
|
|
HashSet<SimpleGrantedAuthority> authorities = new HashSet<>((Collection<? extends SimpleGrantedAuthority>) old);
|
|
authorities.add(new SimpleGrantedAuthority(authorizationService.member(verification.getType(), verification.getEntity())));
|
|
return authorities;
|
|
});
|
|
verificationUtils.deleteMemberVerifications(verification.getEmail(), verification.getType(), verification.getEntity());
|
|
return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse("Member role has been assigned").toString()).type(MediaType.APPLICATION_JSON).build();
|
|
} else {
|
|
return Response.status(HttpStatus.NOT_FOUND.value()).entity(jsonUtils.createResponse("Role has not been found").toString()).type(MediaType.APPLICATION_JSON).build();
|
|
}
|
|
} else {
|
|
return Response.status(HttpStatus.FORBIDDEN.value()).entity(jsonUtils.createResponse("Verification code is wrong").toString()).type(MediaType.APPLICATION_JSON).build();
|
|
}
|
|
} else {
|
|
return Response.status(HttpStatus.FORBIDDEN.value()).entity(jsonUtils.createResponse("Forbidden verification").toString()).type(MediaType.APPLICATION_JSON).build();
|
|
}
|
|
} else {
|
|
return Response.status(HttpStatus.NOT_FOUND.value()).entity(jsonUtils.createResponse("User has not been found").toString()).type(MediaType.APPLICATION_JSON).build();
|
|
}
|
|
} else {
|
|
return Response.status(HttpStatus.NOT_FOUND.value()).entity(jsonUtils.createResponse("Verification has not been found").toString()).type(MediaType.APPLICATION_JSON).build();
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Remove the manager role from user with email for a type(Community, etc.) with id(ee, egi, etc.)
|
|
*/
|
|
@Path("/{type}/{id}/manager/{email}")
|
|
@DELETE
|
|
@Produces(MediaType.APPLICATION_JSON)
|
|
@Consumes(MediaType.APPLICATION_JSON)
|
|
@PreAuthorize("hasAnyAuthority(@AuthorizationService.PORTAL_ADMIN, @AuthorizationService.curator(#type), @AuthorizationService.manager(#type, #id))")
|
|
public Response removeManagerRole(@PathParam("type") String type, @PathParam("id") String
|
|
id, @PathParam("email") String email) {
|
|
Integer coPersonId = calls.getCoPersonIdByEmail(email);
|
|
if (coPersonId != null) {
|
|
Integer couId = calls.getCouId(type, id);
|
|
if (couId != null) {
|
|
calls.removeAdminRole(coPersonId, couId);
|
|
authoritiesUpdater.update(email, old -> {
|
|
HashSet<SimpleGrantedAuthority> authorities = new HashSet<>((Collection<? extends SimpleGrantedAuthority>) old);
|
|
authorities.remove(new SimpleGrantedAuthority(authorizationService.manager(type, id)));
|
|
return authorities;
|
|
});
|
|
return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse("Role has been removed").toString()).type(MediaType.APPLICATION_JSON).build();
|
|
} else {
|
|
return Response.status(HttpStatus.NOT_FOUND.value()).entity(jsonUtils.createResponse("Role has not been found").toString()).type(MediaType.APPLICATION_JSON).build();
|
|
}
|
|
} else {
|
|
return Response.status(HttpStatus.NOT_FOUND.value()).entity(jsonUtils.createResponse("User has not been found").toString()).type(MediaType.APPLICATION_JSON).build();
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Remove the member role from user with email for a type(Community, etc.) with id(ee, egi, etc.)
|
|
*/
|
|
@Path("/{type}/{id}/member/{email}")
|
|
@DELETE
|
|
@Produces(MediaType.APPLICATION_JSON)
|
|
@Consumes(MediaType.APPLICATION_JSON)
|
|
@PreAuthorize("hasAnyAuthority(@AuthorizationService.PORTAL_ADMIN, @AuthorizationService.curator(#type), @AuthorizationService.manager(#type, #id))")
|
|
public Response removeMemberRole(@PathParam("type") String type, @PathParam("id") String
|
|
id, @PathParam("email") String email) {
|
|
Integer coPersonId = calls.getCoPersonIdByEmail(email);
|
|
if (coPersonId != null) {
|
|
Integer couId = calls.getCouId(type, id);
|
|
Integer role = null;
|
|
if(couId != null) {
|
|
role = calls.getRoleId(coPersonId, couId);
|
|
}
|
|
if (couId != null && role != null) {
|
|
calls.removeAdminRole(coPersonId, couId);
|
|
calls.removeMemberRole(coPersonId, couId, role);
|
|
authoritiesUpdater.update(email, old -> {
|
|
HashSet<SimpleGrantedAuthority> authorities = new HashSet<>((Collection<? extends SimpleGrantedAuthority>) old);
|
|
authorities.remove(new SimpleGrantedAuthority(authorizationService.manager(type, id)));
|
|
authorities.remove(new SimpleGrantedAuthority(authorizationService.member(type, id)));
|
|
return authorities;
|
|
});
|
|
return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse("Role has been removed").toString()).type(MediaType.APPLICATION_JSON).build();
|
|
} else {
|
|
return Response.status(HttpStatus.NOT_FOUND.value()).entity(jsonUtils.createResponse("Role has not been found").toString()).type(MediaType.APPLICATION_JSON).build();
|
|
}
|
|
} else {
|
|
return Response.status(HttpStatus.NOT_FOUND.value()).entity(jsonUtils.createResponse("User has not been found").toString()).type(MediaType.APPLICATION_JSON).build();
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Get the names of the members of a type(Community, etc.) with id(ee, egi, etc.)
|
|
*/
|
|
@Path("/{type}/{id}/members")
|
|
@GET
|
|
@Produces(MediaType.APPLICATION_JSON)
|
|
@PreAuthorize("hasAnyAuthority(@AuthorizationService.PORTAL_ADMIN," +
|
|
"@AuthorizationService.curator(#type), @AuthorizationService.manager(#type, #id))")
|
|
public Response getMembers(@PathParam("type") String type, @PathParam("id") String id) {
|
|
Integer couId = calls.getCouId(type, id);
|
|
if(couId != null) {
|
|
JsonArray members = calls.getUserNamesByCouId(couId, false);
|
|
return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse(members).toString()).type(MediaType.APPLICATION_JSON).build();
|
|
} else {
|
|
return Response.status(HttpStatus.NOT_FOUND.value()).entity(jsonUtils.createResponse("Role has not been found").toString()).type(MediaType.APPLICATION_JSON).build();
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Get the emails of the members of a type(Community, etc.) with id(ee, egi, etc.)
|
|
*/
|
|
@Path("/{type}/{id}/members/email")
|
|
@GET
|
|
@Produces(MediaType.APPLICATION_JSON)
|
|
@PreAuthorize("hasAnyAuthority(@AuthorizationService.PORTAL_ADMIN," +
|
|
"@AuthorizationService.curator(#type), @AuthorizationService.manager(#type, #id))")
|
|
public Response getMembersEmail(@PathParam("type") String type, @PathParam("id") String id) {
|
|
Integer couId = calls.getCouId(type, id);
|
|
if(couId != null) {
|
|
JsonArray members = calls.getUserEmailByCouId(couId, false);
|
|
return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse(members).toString()).type(MediaType.APPLICATION_JSON).build();
|
|
} else {
|
|
return Response.status(HttpStatus.NOT_FOUND.value()).entity(jsonUtils.createResponse("Role has not been found").toString()).type(MediaType.APPLICATION_JSON).build();
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Get the number of the members of a type(Community, etc.) with id(ee, egi, etc.)
|
|
*/
|
|
@Path("/{type}/{id}/members/count")
|
|
@GET
|
|
@Produces(MediaType.APPLICATION_JSON)
|
|
public Response getMembersCount(@PathParam("type") String type, @PathParam("id") String id) {
|
|
Integer couId = calls.getCouId(type, id);
|
|
int count = 0;
|
|
if(couId != null) {
|
|
count = calls.getUserNamesByCouId(couId, false).size();
|
|
}
|
|
return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse(count).toString()).type(MediaType.APPLICATION_JSON).build();
|
|
}
|
|
|
|
/**
|
|
* Get the names of the managers of a type(Community, etc.) with id(ee, egi, etc.)
|
|
*/
|
|
@Path("/{type}/{id}/managers")
|
|
@GET
|
|
@Produces(MediaType.APPLICATION_JSON)
|
|
public Response getManagers(@PathParam("type") String type, @PathParam("id") String id) {
|
|
Integer couId = calls.getCouId(type, id);
|
|
if(couId != null) {
|
|
JsonArray managers = calls.getUserNamesByCouId(couId, true);
|
|
return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse(managers).toString()).type(MediaType.APPLICATION_JSON).build();
|
|
} else {
|
|
return Response.status(HttpStatus.NOT_FOUND.value()).entity(jsonUtils.createResponse("Role has not been found").toString()).type(MediaType.APPLICATION_JSON).build();
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Get the emails of the managers of a type(Community, etc.) with id(ee, egi, etc.)
|
|
*/
|
|
@Path("/{type}/{id}/managers/email")
|
|
@GET
|
|
@Produces(MediaType.APPLICATION_JSON)
|
|
public Response getManagersEmail(@PathParam("type") String type, @PathParam("id") String id) {
|
|
Integer couId = calls.getCouId(type, id);
|
|
if(couId != null) {
|
|
JsonArray managers = calls.getUserEmailByCouId(couId, true);
|
|
return Response.status(HttpStatus.OK.value()).entity(jsonUtils.createResponse(managers).toString()).type(MediaType.APPLICATION_JSON).build();
|
|
} else {
|
|
return Response.status(HttpStatus.NOT_FOUND.value()).entity(jsonUtils.createResponse("Role has not been found").toString()).type(MediaType.APPLICATION_JSON).build();
|
|
}
|
|
}
|
|
}
|