1. Add Health Controller. 2. Fix a bug in update roles in Session. 3. Add assign Portal Admin role to user with a specific email.
This commit is contained in:
parent
2dd81444d6
commit
4212384e42
2
pom.xml
2
pom.xml
|
@ -8,7 +8,7 @@
|
||||||
<version>1.0.0</version>
|
<version>1.0.0</version>
|
||||||
</parent>
|
</parent>
|
||||||
<artifactId>dnet-role-management</artifactId>
|
<artifactId>dnet-role-management</artifactId>
|
||||||
<version>1.0.1-SNAPSHOT</version>
|
<version>1.0.2-SNAPSHOT</version>
|
||||||
<packaging>war</packaging>
|
<packaging>war</packaging>
|
||||||
<name>dnet-role-management</name>
|
<name>dnet-role-management</name>
|
||||||
<description>DNET Role Management API. Integrated with AAI Registry Service</description>
|
<description>DNET Role Management API. Integrated with AAI Registry Service</description>
|
||||||
|
|
|
@ -0,0 +1,17 @@
|
||||||
|
package eu.dnetlib.dnetrolemanagement.controllers;
|
||||||
|
|
||||||
|
import org.apache.log4j.Logger;
|
||||||
|
import org.springframework.web.bind.annotation.RequestMapping;
|
||||||
|
import org.springframework.web.bind.annotation.RequestMethod;
|
||||||
|
import org.springframework.web.bind.annotation.RestController;
|
||||||
|
|
||||||
|
@RestController
|
||||||
|
public class HealthController {
|
||||||
|
private final Logger log = Logger.getLogger(this.getClass());
|
||||||
|
|
||||||
|
@RequestMapping(value = {"", "/health_check"}, method = RequestMethod.GET)
|
||||||
|
public String hello() {
|
||||||
|
log.debug("Hello from role management!");
|
||||||
|
return "Hello from Role management!";
|
||||||
|
}
|
||||||
|
}
|
|
@ -2,24 +2,33 @@ package eu.dnetlib.dnetrolemanagement.controllers;
|
||||||
|
|
||||||
import eu.dnetlib.dnetrolemanagement.entities.Response;
|
import eu.dnetlib.dnetrolemanagement.entities.Response;
|
||||||
import eu.dnetlib.dnetrolemanagement.exception.ConflictException;
|
import eu.dnetlib.dnetrolemanagement.exception.ConflictException;
|
||||||
|
import eu.dnetlib.dnetrolemanagement.exception.ResourceNotFoundException;
|
||||||
import eu.dnetlib.dnetrolemanagement.services.RegistryService;
|
import eu.dnetlib.dnetrolemanagement.services.RegistryService;
|
||||||
|
import eu.dnetlib.dnetrolemanagement.utils.AuthoritiesUpdater;
|
||||||
|
import eu.dnetlib.dnetrolemanagement.utils.AuthoritiesUtils;
|
||||||
import org.springframework.beans.factory.annotation.Autowired;
|
import org.springframework.beans.factory.annotation.Autowired;
|
||||||
import org.springframework.http.ResponseEntity;
|
import org.springframework.http.ResponseEntity;
|
||||||
|
import org.springframework.security.access.prepost.PreAuthorize;
|
||||||
|
import org.springframework.security.core.authority.SimpleGrantedAuthority;
|
||||||
import org.springframework.web.bind.annotation.RequestMapping;
|
import org.springframework.web.bind.annotation.RequestMapping;
|
||||||
import org.springframework.web.bind.annotation.RequestMethod;
|
import org.springframework.web.bind.annotation.RequestMethod;
|
||||||
import org.springframework.web.bind.annotation.RequestParam;
|
import org.springframework.web.bind.annotation.RequestParam;
|
||||||
import org.springframework.web.bind.annotation.RestController;
|
import org.springframework.web.bind.annotation.RestController;
|
||||||
import org.springframework.web.client.HttpClientErrorException;
|
import org.springframework.web.client.HttpClientErrorException;
|
||||||
|
|
||||||
|
import java.util.List;
|
||||||
|
|
||||||
@RestController
|
@RestController
|
||||||
@RequestMapping("/super")
|
@RequestMapping("/super")
|
||||||
public class SuperAdminController {
|
public class SuperAdminController {
|
||||||
|
|
||||||
private final RegistryService registryService;
|
private final RegistryService registryService;
|
||||||
|
private final AuthoritiesUpdater authoritiesUpdater;
|
||||||
|
|
||||||
@Autowired
|
@Autowired
|
||||||
public SuperAdminController(RegistryService registryService) {
|
public SuperAdminController(RegistryService registryService, AuthoritiesUpdater authoritiesUpdater) {
|
||||||
this.registryService = registryService;
|
this.registryService = registryService;
|
||||||
|
this.authoritiesUpdater = authoritiesUpdater;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -38,4 +47,27 @@ public class SuperAdminController {
|
||||||
throw new ConflictException("This role already exists");
|
throw new ConflictException("This role already exists");
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Assign portal admin role to user with @email
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
@RequestMapping(value = "/assign", method = RequestMethod.POST)
|
||||||
|
public ResponseEntity<Response> assignRole(@RequestParam(required = false) String email) {
|
||||||
|
List<Integer> coPersonIds = registryService.getCoPersonIdsByEmail(email);
|
||||||
|
if (coPersonIds.size() > 0) {
|
||||||
|
Integer couId = registryService.getCouId(AuthoritiesUtils.portalAdminRole());
|
||||||
|
if (couId != null) {
|
||||||
|
coPersonIds.forEach(coPersonId -> {
|
||||||
|
String identifier = registryService.getIdentifierByCoPersonId(coPersonId);
|
||||||
|
Integer role = registryService.getRoleId(coPersonId, couId);
|
||||||
|
registryService.assignMemberRole(coPersonId, couId, role);
|
||||||
|
authoritiesUpdater.addRole(identifier, new SimpleGrantedAuthority(AuthoritiesUtils.PORTAL_ADMIN));
|
||||||
|
});
|
||||||
|
return ResponseEntity.ok(new Response("Role has been assigned successfully"));
|
||||||
|
}
|
||||||
|
throw new ResourceNotFoundException("Role has not been found");
|
||||||
|
}
|
||||||
|
throw new ResourceNotFoundException("User has not been found");
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -287,7 +287,7 @@ public class RegistryService {
|
||||||
*/
|
*/
|
||||||
public void assignMemberRole(Integer coPersonId, Integer couId, Integer id) {
|
public void assignMemberRole(Integer coPersonId, Integer couId, Integer id) {
|
||||||
if (id != null) {
|
if (id != null) {
|
||||||
httpUtils.put("co_person_roles/" + id.toString() + ".json", jsonUtils.coPersonRoles(coPersonId, couId, "Active"));
|
httpUtils.put("co_person_roles/" + id + ".json", jsonUtils.coPersonRoles(coPersonId, couId, "Active"));
|
||||||
} else {
|
} else {
|
||||||
httpUtils.post("co_person_roles.json", jsonUtils.coPersonRoles(coPersonId, couId, "Active"));
|
httpUtils.post("co_person_roles.json", jsonUtils.coPersonRoles(coPersonId, couId, "Active"));
|
||||||
}
|
}
|
||||||
|
@ -298,7 +298,7 @@ public class RegistryService {
|
||||||
*/
|
*/
|
||||||
public void removeMemberRole(Integer coPersonId, Integer couId, Integer id) {
|
public void removeMemberRole(Integer coPersonId, Integer couId, Integer id) {
|
||||||
if (id != null) {
|
if (id != null) {
|
||||||
httpUtils.put("co_person_roles/" + id.toString() + ".json", jsonUtils.coPersonRoles(coPersonId, couId, "Deleted"));
|
httpUtils.put("co_person_roles/" + id + ".json", jsonUtils.coPersonRoles(coPersonId, couId, "Deleted"));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -366,7 +366,7 @@ public class RegistryService {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if (id != null) {
|
if (id != null) {
|
||||||
httpUtils.delete("co_group_members/" + id.toString() + ".json");
|
httpUtils.delete("co_group_members/" + id + ".json");
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -26,7 +26,7 @@ public class AuthoritiesUpdater extends HttpSessionSecurityContextRepository {
|
||||||
@Autowired
|
@Autowired
|
||||||
FindByIndexNameSessionRepository sessions;
|
FindByIndexNameSessionRepository sessions;
|
||||||
|
|
||||||
public void update(String id, Collection<? extends GrantedAuthority> authorities) {
|
public void update(String id, Update update) {
|
||||||
if (sessions != null) {
|
if (sessions != null) {
|
||||||
Map<String, ExpiringSession> map = sessions.
|
Map<String, ExpiringSession> map = sessions.
|
||||||
findByIndexNameAndIndexValue(FindByIndexNameSessionRepository.PRINCIPAL_NAME_INDEX_NAME, id);
|
findByIndexNameAndIndexValue(FindByIndexNameSessionRepository.PRINCIPAL_NAME_INDEX_NAME, id);
|
||||||
|
@ -38,7 +38,7 @@ public class AuthoritiesUpdater extends HttpSessionSecurityContextRepository {
|
||||||
if (authentication instanceof OIDCAuthenticationToken) {
|
if (authentication instanceof OIDCAuthenticationToken) {
|
||||||
OIDCAuthenticationToken authOIDC = (OIDCAuthenticationToken) authentication;
|
OIDCAuthenticationToken authOIDC = (OIDCAuthenticationToken) authentication;
|
||||||
securityContext.setAuthentication(new OIDCAuthenticationToken(authOIDC.getSub(), authOIDC.getIssuer(),
|
securityContext.setAuthentication(new OIDCAuthenticationToken(authOIDC.getSub(), authOIDC.getIssuer(),
|
||||||
authOIDC.getUserInfo(), authorities, authOIDC.getIdToken(),
|
authOIDC.getUserInfo(), update.authorities(authOIDC.getAuthorities()), authOIDC.getIdToken(),
|
||||||
authOIDC.getAccessTokenValue(), authOIDC.getRefreshTokenValue()));
|
authOIDC.getAccessTokenValue(), authOIDC.getRefreshTokenValue()));
|
||||||
session.setAttribute(SPRING_SECURITY_CONTEXT_KEY, securityContext);
|
session.setAttribute(SPRING_SECURITY_CONTEXT_KEY, securityContext);
|
||||||
sessions.save(session);
|
sessions.save(session);
|
||||||
|
@ -49,11 +49,6 @@ public class AuthoritiesUpdater extends HttpSessionSecurityContextRepository {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
public void update(String id, Update update) {
|
|
||||||
Collection<? extends GrantedAuthority> authorities = update.authorities(SecurityContextHolder.getContext().getAuthentication().getAuthorities());
|
|
||||||
this.update(id, authorities);
|
|
||||||
}
|
|
||||||
|
|
||||||
public void addRole(String id, GrantedAuthority role) {
|
public void addRole(String id, GrantedAuthority role) {
|
||||||
this.update(id, old -> {
|
this.update(id, old -> {
|
||||||
HashSet<GrantedAuthority> authorities = new HashSet<>(old);
|
HashSet<GrantedAuthority> authorities = new HashSet<>(old);
|
||||||
|
|
|
@ -6,6 +6,12 @@ import org.springframework.security.core.context.SecurityContextHolder;
|
||||||
|
|
||||||
public class AuthoritiesUtils {
|
public class AuthoritiesUtils {
|
||||||
|
|
||||||
|
public static String PORTAL_ADMIN = "PORTAL_ADMINISTRATOR";
|
||||||
|
|
||||||
|
public static String portalAdminRole() {
|
||||||
|
return "Portal Administrator";
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Type = FUNDER | COMMUNITY | INSTITUTION | PROJECT etc.
|
* Type = FUNDER | COMMUNITY | INSTITUTION | PROJECT etc.
|
||||||
*/
|
*/
|
||||||
|
|
Loading…
Reference in New Issue