1. Add Health Controller. 2. Fix a bug in update roles in Session. 3. Add assign Portal Admin role to user with a specific email.
This commit is contained in:
parent
2dd81444d6
commit
4212384e42
2
pom.xml
2
pom.xml
|
@ -8,7 +8,7 @@
|
|||
<version>1.0.0</version>
|
||||
</parent>
|
||||
<artifactId>dnet-role-management</artifactId>
|
||||
<version>1.0.1-SNAPSHOT</version>
|
||||
<version>1.0.2-SNAPSHOT</version>
|
||||
<packaging>war</packaging>
|
||||
<name>dnet-role-management</name>
|
||||
<description>DNET Role Management API. Integrated with AAI Registry Service</description>
|
||||
|
|
|
@ -0,0 +1,17 @@
|
|||
package eu.dnetlib.dnetrolemanagement.controllers;
|
||||
|
||||
import org.apache.log4j.Logger;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
import org.springframework.web.bind.annotation.RequestMethod;
|
||||
import org.springframework.web.bind.annotation.RestController;
|
||||
|
||||
@RestController
|
||||
public class HealthController {
|
||||
private final Logger log = Logger.getLogger(this.getClass());
|
||||
|
||||
@RequestMapping(value = {"", "/health_check"}, method = RequestMethod.GET)
|
||||
public String hello() {
|
||||
log.debug("Hello from role management!");
|
||||
return "Hello from Role management!";
|
||||
}
|
||||
}
|
|
@ -2,24 +2,33 @@ package eu.dnetlib.dnetrolemanagement.controllers;
|
|||
|
||||
import eu.dnetlib.dnetrolemanagement.entities.Response;
|
||||
import eu.dnetlib.dnetrolemanagement.exception.ConflictException;
|
||||
import eu.dnetlib.dnetrolemanagement.exception.ResourceNotFoundException;
|
||||
import eu.dnetlib.dnetrolemanagement.services.RegistryService;
|
||||
import eu.dnetlib.dnetrolemanagement.utils.AuthoritiesUpdater;
|
||||
import eu.dnetlib.dnetrolemanagement.utils.AuthoritiesUtils;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.http.ResponseEntity;
|
||||
import org.springframework.security.access.prepost.PreAuthorize;
|
||||
import org.springframework.security.core.authority.SimpleGrantedAuthority;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
import org.springframework.web.bind.annotation.RequestMethod;
|
||||
import org.springframework.web.bind.annotation.RequestParam;
|
||||
import org.springframework.web.bind.annotation.RestController;
|
||||
import org.springframework.web.client.HttpClientErrorException;
|
||||
|
||||
import java.util.List;
|
||||
|
||||
@RestController
|
||||
@RequestMapping("/super")
|
||||
public class SuperAdminController {
|
||||
|
||||
private final RegistryService registryService;
|
||||
private final AuthoritiesUpdater authoritiesUpdater;
|
||||
|
||||
@Autowired
|
||||
public SuperAdminController(RegistryService registryService) {
|
||||
public SuperAdminController(RegistryService registryService, AuthoritiesUpdater authoritiesUpdater) {
|
||||
this.registryService = registryService;
|
||||
this.authoritiesUpdater = authoritiesUpdater;
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -38,4 +47,27 @@ public class SuperAdminController {
|
|||
throw new ConflictException("This role already exists");
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Assign portal admin role to user with @email
|
||||
*
|
||||
*/
|
||||
@RequestMapping(value = "/assign", method = RequestMethod.POST)
|
||||
public ResponseEntity<Response> assignRole(@RequestParam(required = false) String email) {
|
||||
List<Integer> coPersonIds = registryService.getCoPersonIdsByEmail(email);
|
||||
if (coPersonIds.size() > 0) {
|
||||
Integer couId = registryService.getCouId(AuthoritiesUtils.portalAdminRole());
|
||||
if (couId != null) {
|
||||
coPersonIds.forEach(coPersonId -> {
|
||||
String identifier = registryService.getIdentifierByCoPersonId(coPersonId);
|
||||
Integer role = registryService.getRoleId(coPersonId, couId);
|
||||
registryService.assignMemberRole(coPersonId, couId, role);
|
||||
authoritiesUpdater.addRole(identifier, new SimpleGrantedAuthority(AuthoritiesUtils.PORTAL_ADMIN));
|
||||
});
|
||||
return ResponseEntity.ok(new Response("Role has been assigned successfully"));
|
||||
}
|
||||
throw new ResourceNotFoundException("Role has not been found");
|
||||
}
|
||||
throw new ResourceNotFoundException("User has not been found");
|
||||
}
|
||||
}
|
||||
|
|
|
@ -287,7 +287,7 @@ public class RegistryService {
|
|||
*/
|
||||
public void assignMemberRole(Integer coPersonId, Integer couId, Integer id) {
|
||||
if (id != null) {
|
||||
httpUtils.put("co_person_roles/" + id.toString() + ".json", jsonUtils.coPersonRoles(coPersonId, couId, "Active"));
|
||||
httpUtils.put("co_person_roles/" + id + ".json", jsonUtils.coPersonRoles(coPersonId, couId, "Active"));
|
||||
} else {
|
||||
httpUtils.post("co_person_roles.json", jsonUtils.coPersonRoles(coPersonId, couId, "Active"));
|
||||
}
|
||||
|
@ -298,7 +298,7 @@ public class RegistryService {
|
|||
*/
|
||||
public void removeMemberRole(Integer coPersonId, Integer couId, Integer id) {
|
||||
if (id != null) {
|
||||
httpUtils.put("co_person_roles/" + id.toString() + ".json", jsonUtils.coPersonRoles(coPersonId, couId, "Deleted"));
|
||||
httpUtils.put("co_person_roles/" + id + ".json", jsonUtils.coPersonRoles(coPersonId, couId, "Deleted"));
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -366,7 +366,7 @@ public class RegistryService {
|
|||
}
|
||||
}
|
||||
if (id != null) {
|
||||
httpUtils.delete("co_group_members/" + id.toString() + ".json");
|
||||
httpUtils.delete("co_group_members/" + id + ".json");
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -26,7 +26,7 @@ public class AuthoritiesUpdater extends HttpSessionSecurityContextRepository {
|
|||
@Autowired
|
||||
FindByIndexNameSessionRepository sessions;
|
||||
|
||||
public void update(String id, Collection<? extends GrantedAuthority> authorities) {
|
||||
public void update(String id, Update update) {
|
||||
if (sessions != null) {
|
||||
Map<String, ExpiringSession> map = sessions.
|
||||
findByIndexNameAndIndexValue(FindByIndexNameSessionRepository.PRINCIPAL_NAME_INDEX_NAME, id);
|
||||
|
@ -38,7 +38,7 @@ public class AuthoritiesUpdater extends HttpSessionSecurityContextRepository {
|
|||
if (authentication instanceof OIDCAuthenticationToken) {
|
||||
OIDCAuthenticationToken authOIDC = (OIDCAuthenticationToken) authentication;
|
||||
securityContext.setAuthentication(new OIDCAuthenticationToken(authOIDC.getSub(), authOIDC.getIssuer(),
|
||||
authOIDC.getUserInfo(), authorities, authOIDC.getIdToken(),
|
||||
authOIDC.getUserInfo(), update.authorities(authOIDC.getAuthorities()), authOIDC.getIdToken(),
|
||||
authOIDC.getAccessTokenValue(), authOIDC.getRefreshTokenValue()));
|
||||
session.setAttribute(SPRING_SECURITY_CONTEXT_KEY, securityContext);
|
||||
sessions.save(session);
|
||||
|
@ -49,11 +49,6 @@ public class AuthoritiesUpdater extends HttpSessionSecurityContextRepository {
|
|||
}
|
||||
}
|
||||
|
||||
public void update(String id, Update update) {
|
||||
Collection<? extends GrantedAuthority> authorities = update.authorities(SecurityContextHolder.getContext().getAuthentication().getAuthorities());
|
||||
this.update(id, authorities);
|
||||
}
|
||||
|
||||
public void addRole(String id, GrantedAuthority role) {
|
||||
this.update(id, old -> {
|
||||
HashSet<GrantedAuthority> authorities = new HashSet<>(old);
|
||||
|
|
|
@ -6,6 +6,12 @@ import org.springframework.security.core.context.SecurityContextHolder;
|
|||
|
||||
public class AuthoritiesUtils {
|
||||
|
||||
public static String PORTAL_ADMIN = "PORTAL_ADMINISTRATOR";
|
||||
|
||||
public static String portalAdminRole() {
|
||||
return "Portal Administrator";
|
||||
}
|
||||
|
||||
/**
|
||||
* Type = FUNDER | COMMUNITY | INSTITUTION | PROJECT etc.
|
||||
*/
|
||||
|
|
Loading…
Reference in New Issue