MaDgIK
/
dnet-role-management
13
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Fix a bug on assign role if both session and email are present

This commit is contained in:
kostis30fyllou 2021-07-13 16:51:42 +03:00
parent 959ba82d44
commit de9fa97e72
3 changed files with 64 additions and 51 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

51
src/main/java/eu/dnetlib/dnetrolemanagement/controllers/AdminController.java
View File

@ -13,14 +13,13 @@ import eu.dnetlib.dnetrolemanagement.utils.AuthoritiesUtils;
import eu.dnetlib.dnetrolemanagement.utils.JsonUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.ResponseEntity;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.web.bind.annotation.*;
import java.util.Collection;
import java.util.Collections;
import java.util.HashSet;
import java.util.List;
import java.util.concurrent.atomic.AtomicBoolean;
@RestController
@RequestMapping("/admin")
@ -56,40 +55,52 @@ public class AdminController {
* Assign admin role to logged in user or user with @email
*/
@RequestMapping(value = "/{type}/{id}", method = RequestMethod.POST)
@PreAuthorize("hasAuthority('REGISTERED_USER') || @registryService.getCoPersonIdsByEmail(#email).size() > 0")
public ResponseEntity<Response> assignRole(@PathVariable("type") String type, @PathVariable("id") String id, @RequestParam(required = false) String email) {
Integer coPersonId = (email != null) ? registryService.getCoPersonIdsByEmail(email).get(0) : registryService.getCoPersonIdByIdentifier();
if (coPersonId != null) {
String identifier = registryService.getIdentifierByCoPersonId(coPersonId);
List<Integer> coPersonIds = registryService.getCoPersonIdsByEmail(email);
if (coPersonIds.size() > 0) {
Integer couId = registryService.getCouId(type, id);
if (couId != null) {
Integer role = registryService.getRoleId(coPersonId, couId);
if (role != null) {
if (registryService.getUserAdminGroup(coPersonId, couId) == null) {
registryService.assignAdminRole(coPersonId, couId);
authoritiesUpdater.update(identifier, old -> {
HashSet<SimpleGrantedAuthority> authorities = new HashSet<>((Collection<? extends SimpleGrantedAuthority>) old);
authorities.add(new SimpleGrantedAuthority(AuthoritiesUtils.manager(type, id)));
return authorities;
});
return ResponseEntity.ok(new Response("Role has been assigned successfully"));
AtomicBoolean assigned = new AtomicBoolean(false);
coPersonIds.forEach(coPersonId -> {
if(assignRoleToAccount(coPersonId, couId, type, id)) {
assigned.set(true);
}
throw new ConflictException("User is already an admin of this group");
});
if(assigned.get()) {
return ResponseEntity.ok(new Response("Role has been assigned successfully"));
} else {
throw new UnprocessableException("User must be a member of this group and not already admin");
}
throw new UnprocessableException("User must be member of this group in order to become an admin.");
}
throw new ResourceNotFoundException("Role has not been found");
}
throw new ResourceNotFoundException("User has not been found");
}
private boolean assignRoleToAccount(Integer coPersonId, Integer couId, String type, String id) {
String identifier = registryService.getIdentifierByCoPersonId(coPersonId);
Integer role = registryService.getRoleId(coPersonId, couId);
if (role != null) {
if (registryService.getUserAdminGroup(coPersonId, couId) == null) {
registryService.assignAdminRole(coPersonId, couId);
authoritiesUpdater.update(identifier, old -> {
HashSet<SimpleGrantedAuthority> authorities = new HashSet<>((Collection<? extends SimpleGrantedAuthority>) old);
authorities.add(new SimpleGrantedAuthority(AuthoritiesUtils.manager(type, id)));
return authorities;
});
return true;
}
return false;
}
return false;
}
/**
* Remove admin role from logged in user or user with @email
*/
@RequestMapping(value = "/{type}/{id}", method = RequestMethod.DELETE)
@PreAuthorize("hasAuthority('REGISTERED_USER') || @registryService.getCoPersonIdsByEmail(#email).size() > 0")
public ResponseEntity<Response> removeRole(@PathVariable("type") String type, @PathVariable("id") String id, @RequestParam(required = false) String email) {
List<Integer> coPersonIds = (email != null) ? registryService.getCoPersonIdsByEmail(email) : Collections.singletonList(registryService.getCoPersonIdByIdentifier());
List<Integer> coPersonIds = registryService.getCoPersonIdsByEmail(email);
if (coPersonIds.size() > 0) {
Integer couId = registryService.getCouId(type, id);
if (couId != null) {

34
src/main/java/eu/dnetlib/dnetrolemanagement/controllers/MemberController.java
View File

@ -44,7 +44,7 @@ public class MemberController {
@RequestMapping(value = "/{type}/{id}", method = RequestMethod.GET)
public ResponseEntity<User[]> getInfos(@PathVariable("type") String type, @PathVariable("id") String id) {
Integer couId = registryService.getCouId(type, id);
if(couId != null) {
if (couId != null) {
JsonArray users = registryService.getUserIdByCouId(couId, false);
JsonArray emails = registryService.getUserEmailByCouId(couId, false);
JsonArray names = registryService.getUserNamesByCouId(couId, false);
@ -57,19 +57,20 @@ public class MemberController {
* Assign member role to logged in user or user with @email
*/
@RequestMapping(value = "/{type}/{id}", method = RequestMethod.POST)
@PreAuthorize("hasAuthority('REGISTERED_USER') || @registryService.getCoPersonIdsByEmail(#email).size() > 0")
public ResponseEntity<Response> assignRole(@PathVariable("type") String type, @PathVariable("id") String id, @RequestParam(required = false) String email) {
Integer coPersonId = (email != null)?registryService.getCoPersonIdsByEmail(email).get(0):registryService.getCoPersonIdByIdentifier();
if (coPersonId != null) {
String identifier = registryService.getIdentifierByCoPersonId(coPersonId);
List<Integer> coPersonIds = registryService.getCoPersonIdsByEmail(email);
if (coPersonIds.size() > 0) {
Integer couId = registryService.getCouId(type, id);
if (couId != null) {
Integer role = registryService.getRoleId(coPersonId, couId);
registryService.assignMemberRole(coPersonId, couId, role);
authoritiesUpdater.update(identifier, old -> {
HashSet<SimpleGrantedAuthority> authorities = new HashSet<>((Collection<? extends SimpleGrantedAuthority>) old);
authorities.add(new SimpleGrantedAuthority(AuthoritiesUtils.member(type, id)));
return authorities;
coPersonIds.forEach(coPersonId -> {
String identifier = registryService.getIdentifierByCoPersonId(coPersonId);
Integer role = registryService.getRoleId(coPersonId, couId);
registryService.assignMemberRole(coPersonId, couId, role);
authoritiesUpdater.update(identifier, old -> {
HashSet<SimpleGrantedAuthority> authorities = new HashSet<>((Collection<? extends SimpleGrantedAuthority>) old);
authorities.add(new SimpleGrantedAuthority(AuthoritiesUtils.member(type, id)));
return authorities;
});
});
return ResponseEntity.ok(new Response("Role has been assigned successfully"));
}
@ -82,14 +83,13 @@ public class MemberController {
* Remove member role from logged in user or user with @email
*/
@RequestMapping(value = "/{type}/{id}", method = RequestMethod.DELETE)
@PreAuthorize("hasAuthority('REGISTERED_USER') || @registryService.getCoPersonIdsByEmail(#email).size() > 0")
public ResponseEntity<Response> removeRole(@PathVariable("type") String type, @PathVariable("id") String id, @RequestParam(required = false) String email) {
List<Integer> coPersonIds = (email != null) ? registryService.getCoPersonIdsByEmail(email) : Collections.singletonList(registryService.getCoPersonIdByIdentifier());
List<Integer> coPersonIds = registryService.getCoPersonIdsByEmail(email);
if (coPersonIds.size() > 0) {
Integer couId = registryService.getCouId(type, id);
if (couId != null) {
// If none of the accounts has admin role for this group remove member role
if(coPersonIds.stream().filter(coPersonId -> registryService.getUserAdminGroup(coPersonId, couId) != null).collect(Collectors.toList()).size() == 0) {
if (coPersonIds.stream().filter(coPersonId -> registryService.getUserAdminGroup(coPersonId, couId) != null).collect(Collectors.toList()).size() == 0) {
coPersonIds.forEach(coPersonId -> {
String identifier = registryService.getIdentifierByCoPersonId(coPersonId);
Integer role = registryService.getRoleId(coPersonId, couId);
@ -116,7 +116,7 @@ public class MemberController {
@RequestMapping(value = "/{type}/{id}/name", method = RequestMethod.GET)
public ResponseEntity<User[]> getNames(@PathVariable("type") String type, @PathVariable("id") String id) {
Integer couId = registryService.getCouId(type, id);
if(couId != null) {
if (couId != null) {
JsonArray users = registryService.getUserNamesByCouId(couId, false);
return ResponseEntity.ok(gson.fromJson(users, User[].class));
}
@ -129,7 +129,7 @@ public class MemberController {
@RequestMapping(value = "/{type}/{id}/id", method = RequestMethod.GET)
public ResponseEntity<User[]> getIds(@PathVariable("type") String type, @PathVariable("id") String id) {
Integer couId = registryService.getCouId(type, id);
if(couId != null) {
if (couId != null) {
JsonArray users = registryService.getUserIdByCouId(couId, false);
return ResponseEntity.ok(gson.fromJson(users, User[].class));
}
@ -142,7 +142,7 @@ public class MemberController {
@RequestMapping(value = "/{type}/{id}/email", method = RequestMethod.GET)
public ResponseEntity<User[]> getEmails(@PathVariable("type") String type, @PathVariable("id") String id) {
Integer couId = registryService.getCouId(type, id);
if(couId != null) {
if (couId != null) {
JsonArray users = registryService.getUserEmailByCouId(couId, false);
return ResponseEntity.ok(gson.fromJson(users, User[].class));
}

30
src/main/java/eu/dnetlib/dnetrolemanagement/services/RegistryService.java
View File

@ -12,10 +12,7 @@ import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Service;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.*;
@Service
public class RegistryService {
@ -39,18 +36,23 @@ public class RegistryService {
* 1.1 Get CoPersonId by Email
*/
public List<Integer> getCoPersonIdsByEmail(String email) {
List<Integer> coPersonIds = new ArrayList<>();
Map<String, String> params = new HashMap<>();
params.put("coid", coid);
params.put("mail", email);
JsonElement response = httpUtils.get("co_people.json", params);
if (response != null) {
JsonArray coPeople = response.getAsJsonObject().get("CoPeople").getAsJsonArray();
for (int i = 0; i < coPeople.size(); i++) {
coPersonIds.add(coPeople.get(i).getAsJsonObject().get("Id").getAsInt());
if(email != null) {
List<Integer> coPersonIds = new ArrayList<>();
Map<String, String> params = new HashMap<>();
params.put("coid", coid);
params.put("mail", email);
JsonElement response = httpUtils.get("co_people.json", params);
if (response != null) {
JsonArray coPeople = response.getAsJsonObject().get("CoPeople").getAsJsonArray();
for (int i = 0; i < coPeople.size(); i++) {
coPersonIds.add(coPeople.get(i).getAsJsonObject().get("Id").getAsInt());
}
}
return coPersonIds;
} else {
Integer coPersonId = getCoPersonIdByIdentifier();
return (coPersonId != null)? Collections.singletonList(coPersonId):new ArrayList<>();
}
return coPersonIds;
}
/**